last executing test programs:

1m36.961272411s ago: executing program 2 (id=311):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r0)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000b40)=@newqdisc={0x58, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0xd, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x0, 0x0, 0xfffffffe}}}}]}, 0x58}}, 0x0)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r8=>0x0})
connect$can_bcm(r7, &(0x7f00000000c0)={0x1d, r8}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0x1, 0x58, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
r10 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_NON_HH_WEIGHT={0x8}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80884}, 0x20000000)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r12=>0x0}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000340)={'ip6_vti0\x00', &(0x7f00000002c0)={'ip6gre0\x00', <r13=>0x0, 0x2f, 0xc, 0x8, 0x41f1bf55, 0x20, @mcast2, @mcast1, 0x8000, 0x7800, 0x80000000, 0x4}})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000003c0)={'team0\x00', <r14=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'gre0\x00', <r15=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f0000000540)={0x178, r3, 0x10, 0x70bd25, 0x25dfdbff, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x84, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}]}]}, 0x178}, 0x1, 0x0, 0x0, 0x20000801}, 0x894)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x34, r1, 0x1, 0x70bd27, 0x0, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x2, 0x7}}}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_ROOTMODE={0x5}]}]}, 0x34}}, 0x20008000)

1m36.961008022s ago: executing program 2 (id=312):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000018c0)=[{{&(0x7f0000000100)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x240080e4)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x3c, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="2e000000010094368e6700d9"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x80)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r4, &(0x7f00000004c0)=[{&(0x7f0000000500)="aefdcd9d240200005a90f57f077029eff0f64ebbee07942c22595943bb05e374cbee8ad1b7244232b0772e11b44e65d76641cb011a52f436dd2a", 0x3a}], 0x1)
syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[], 0x0)
r5 = dup(r1)
r6 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
bind$ax25(r6, &(0x7f0000000000)={{0x3, @bcast, 0xfffffffd}, [@null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000005780)={'wpan1\x00', <r8=>0x0})
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000005bc0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r7, &(0x7f0000006180)={0x0, 0x0, &(0x7f0000006140)={&(0x7f00000060c0)={0x20, r9, 0xf063a4752619d935, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_SEC_LEVEL={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x6)
r10 = socket$kcm(0xa, 0x5, 0x0)
r11 = openat$nvram(0xffffff9c, &(0x7f00000001c0), 0x1, 0x0)
io_uring_register$IORING_REGISTER_NAPI(r11, 0x1b, &(0x7f0000000240)={0x0, 0x6}, 0x1)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x4e21, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfff}, 0x1c)
sendmsg$kcm(r10, 0x0, 0x40000c0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000d00), r5)
sendmsg$IPVS_CMD_NEW_SERVICE(r5, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={0x0}}, 0x40080)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x11, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\r'], 0x44}}, 0x0)

1m36.957794648s ago: executing program 2 (id=315):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000018c0)=[{{&(0x7f0000000100)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x240080e4)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x3c, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="2e000000010094368e6700d9"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x80)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
writev(r4, &(0x7f00000004c0)=[{&(0x7f0000000500)="aefdcd9d240200005a90f57f077029eff0f64ebbee07942c22595943bb05e374cbee8ad1b7244232b0772e11b44e65d76641cb011a52f436dd2a", 0x3a}], 0x1)
syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[], 0x0)
r5 = dup(r1)
r6 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
bind$ax25(r6, &(0x7f0000000000)={{0x3, @bcast, 0xfffffffd}, [@null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000005780)={'wpan1\x00', <r8=>0x0})
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000005bc0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r7, &(0x7f0000006180)={0x0, 0x0, &(0x7f0000006140)={&(0x7f00000060c0)={0x20, r9, 0xf063a4752619d935, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_SEC_LEVEL={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x6)
r10 = socket$kcm(0xa, 0x5, 0x0)
r11 = openat$nvram(0xffffff9c, &(0x7f00000001c0), 0x1, 0x0)
io_uring_register$IORING_REGISTER_NAPI(r11, 0x1b, &(0x7f0000000240)={0x0, 0x6}, 0x1)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x4e21, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfff}, 0x1c)
sendmsg$kcm(r10, &(0x7f0000000600)={&(0x7f0000000100)=@in={0x2, 0x0, @rand_addr=0x64010105}, 0x80, 0x0, 0x0, &(0x7f0000000340)=[{0x1c, 0x84, 0x8, "bf44145007e47d4eecaface90c"}, {0xc, 0x1, 0x401}], 0x28}, 0x40000c0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000d00), r5)
sendmsg$IPVS_CMD_NEW_SERVICE(r5, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={0x0}}, 0x40080)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x11, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\r'], 0x44}}, 0x0)

1m36.053362112s ago: executing program 2 (id=320):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2d8, 0x0, 0x2b8, 0x182, 0x110, 0x0, 0x210, 0x3a8, 0x3a8, 0x210, 0x3a8, 0x3, 0x0, {[{{@ipv6={@remote, @private2={0xfc, 0x2, '\x00', 0x1}, [0xffffff00, 0xffffffff, 0xff000000, 0xff000000], [0xffff00, 0xff000000, 0xffffffff, 0xff000000], 'pimreg1\x00', 'wlan1\x00', {0xff}, {0xff}, 0x2c, 0x81, 0x4}, 0x0, 0xc8, 0x110, 0x0, {0x0, 0xe0ffff00000000}, [@common=@unspec=@state={{0x24}, {0x2}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', {0x4}}}}, {{@ipv6={@private1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0x0, 0x0, 0xff, 0xff], [0xff, 0xff000000, 0xffffff00, 0xff000000], 'veth0_to_bridge\x00', 'veth1_to_bond\x00', {0xff}, {0xff}, 0x8, 0x9, 0x3, 0x4}, 0x0, 0xa4, 0x100}, @common=@inet=@HMARK={0x5c, 'HMARK\x00', 0x0, {@ipv6=@loopback, [0xffffff00, 0xffffff00, 0xffffffff], 0x4e22, 0x4e23, 0x4e23, 0x4e21, 0x101, 0x401, 0x9, 0x5197, 0x44a}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x334)
r1 = socket$inet_sctp(0x2, 0x4, 0x84)
socket(0x2, 0x0, 0x1)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000003800), 0x4)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000180)={0x217, @time={0x5e800002, 0x80000000}, 0xff, {0x20}, 0x67, 0x2})
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x83, &(0x7f00000004c0)=@assoc_value={<r6=>0x0}, &(0x7f0000000740)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000380)=ANY=[@ANYRES32=r6, @ANYBLOB="5c7fe1d41abe33ca1928e2dcd292164ab18ef6bd687fc36fcecf48cbb3c2cb73482ca1b7427ba205637880771172354e8424d7"], 0x9)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000100)={r6, 0x98, "31593b406babdf41bf026a3d7b4c58bf91939f5815019f0d82c7b81be21b0aea1f8d6819071f1e36f2b1610141a10d1cd7ca39115a7010bd590c93303b603df15669c4861a278de02a0aedf369cd9c1265bf533cc522cb608936ecfaf233f6a32cfff9d770ae1c3b81fee40d085faa272076cee7271e460993320415b296e85d44f2af7995684dd2600f872e79985eda0f5ea6383dac0c57"}, &(0x7f0000000040)=0xa0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'macvlan0\x00', <r8=>0x0})
r9 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(r9, 0x8918, &(0x7f0000000000)={@mcast1, 0x58, r8})
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x84000, 0x0)

1m35.934992497s ago: executing program 2 (id=323):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
mount$fuse(0x0, 0x0, 0x0, 0x5, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000802, &(0x7f00000001c0)=@nbd={'/dev/nbd', 0x0}, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', <r2=>0x0})
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={<r4=>0x0, @in6={{0xa, 0x4e24, 0x5, @loopback, 0xa}}, 0x54a3, 0x81}, &(0x7f00000000c0)=0x88)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000200)={r4, 0xff, 0x5, [0x800, 0x400, 0x0, 0x2, 0x0]}, &(0x7f0000000340)=0x12)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x4b, 0x4b, 0x6, [@datasec={0xf, 0x5, 0x0, 0xf, 0x3, [{0x2, 0x5, 0x8}, {0x2, 0x7, 0x6}, {0x4, 0x0, 0x7}, {0x3, 0x4, 0xf9}, {0x1, 0x7, 0xce7}], "1f420a"}]}, {0x0, [0x5f, 0x30, 0x30, 0x5f]}}, &(0x7f0000000400)=""/169, 0x6a, 0xa9, 0x1, 0xe7b, 0x0, @void, @value}, 0x28)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)={0x1b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xf, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000004000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000ff7f000000000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000c9020000000000008500060084000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000001440)={'\x00', 0x52d35ce30131f272})
ioctl$TUNSETOFFLOAD(r7, 0x400454c9, 0x9)
ioctl$TUNSETLINK(r7, 0x400454cd, 0x339)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000001c0)={r6}, 0xc)
sendto$packet(r1, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r2}, 0x14)
accept4(r0, &(0x7f0000000000)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private1}}, &(0x7f0000000080)=0x80, 0x0)
setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000240)=0x65, 0x2)

1m35.596497301s ago: executing program 2 (id=324):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f00000002c0)=0xa, 0x4)
read$FUSE(r1, &(0x7f00000041c0)={0x2020, 0x0, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f0000006280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda451852e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x5, 0x0, 0x0, {0x0, 0x0, 0x2000000020, 0xfffffffffffffffd, 0x80000000000, 0x0, 0x10, 0x4, 0x0, 0x8000, 0x2, r2}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'erspan0\x00'})
syz_emit_ethernet(0x1d4, &(0x7f0000000680)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd64acb4cb019e2f00fc014000000000000000000000000000fc0000000000000000000000000000010420880b006600030002527923e8729987137fda9747922cdceaba7e25cc770fb5da9432135498453503d890bb5af935b38c0b41378bc9a6344740fa73b8deae84bfa261a6432d1ac82e44e0b3112ba89cfbf915e435b68ff081886a63cf50975244b2cc2d7ad9d99a553caa606ce6d30400080000070006c5b90abcbcc691050086dd0ef1061beef640ea39edf6505a2f2e137844bc0f1435293f3bd9457e0cf880d5afe8910757b571b65605f161bf26ff21fafe66e541670e16d30ac0ae846889c7ad9e080088be000e000315084e060100000000000001080022eb0000000121018306020000000000000104013f0f0800655800000004e05557e2097622bfd1ee13745ae3cb0a8569f1285b0cb0f410e41ee102f6d98d0fad783b4e657498662f3f8ea78bf9d9d65ab994a9492a008f1e385fbf0f110bca6fa798a190c9ccb1675850f26fbf4a58931e766d570f3793fd56a4a4dd3382089a6d83abd78d7bd89d4ad6e099ca3eba43332493f186472aa11e55b84f5e521971e299f4e8d8da53aa5ece35073f5cfd6d5790890890bb3d91c140917d8c4dcd056aec8b86a45cf242441f9a33a8dd7850d6712125e977b4019d29f416db6e"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000680)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, 0x0, 0x0)
sendmmsg$unix(r5, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0xd, 0x0, 0x20040001, 0x0, 0x2}})
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x44)
r6 = socket$phonet(0x23, 0x2, 0x1)
sendto$phonet(r6, &(0x7f0000000040)="0bbab5943069427e115d649869c6dc499dfff39b58af73235d3daf66b4916a072f95455507dfdf30054fb84a85037599beed58978b3b85430e9d6ec6b05811b44ad9fc49ced50b230b6f78a9a8310d0324faf93659f545a45c8a755fd12c529a52f5ac0b8d015b414499767a826fd78d85a3a72f5c42902cc7ba1f1d8bfafaaa8f280a96c45295bb75d4880719c48ffa59434adf3716f93225b92e1dbc1ca5004499de14e9d16ac51b2c65d28568b4397b17", 0xb2, 0x4000, &(0x7f0000000100), 0x10)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
mount$overlay(0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000580)={[{@uuid_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}}], [{@smackfsdef={'smackfsdef', 0x3d, 'fuse\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, 'fuse\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x34, 0x62, 0xa4043b827ce90800, 0x65, 0x38, 0x61, 0x38, 0x62], 0x2d, [0x54, 0x38, 0x37, 0x32], 0x2d, [0x64, 0x36, 0x32, 0x30], 0x2d, [0x39, 0x36, 0x34, 0x36], 0x2d, [0x6f16a7ff7dc53f8d, 0x31, 0x34, 0x64, 0x39, 0x32, 0x65, 0x64]}}}, {@permit_directio}, {@smackfsdef}]})

1m35.537394108s ago: executing program 32 (id=324):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f00000002c0)=0xa, 0x4)
read$FUSE(r1, &(0x7f00000041c0)={0x2020, 0x0, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f0000006280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda451852e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x5, 0x0, 0x0, {0x0, 0x0, 0x2000000020, 0xfffffffffffffffd, 0x80000000000, 0x0, 0x10, 0x4, 0x0, 0x8000, 0x2, r2}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'erspan0\x00'})
syz_emit_ethernet(0x1d4, &(0x7f0000000680)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd64acb4cb019e2f00fc014000000000000000000000000000fc0000000000000000000000000000010420880b006600030002527923e8729987137fda9747922cdceaba7e25cc770fb5da9432135498453503d890bb5af935b38c0b41378bc9a6344740fa73b8deae84bfa261a6432d1ac82e44e0b3112ba89cfbf915e435b68ff081886a63cf50975244b2cc2d7ad9d99a553caa606ce6d30400080000070006c5b90abcbcc691050086dd0ef1061beef640ea39edf6505a2f2e137844bc0f1435293f3bd9457e0cf880d5afe8910757b571b65605f161bf26ff21fafe66e541670e16d30ac0ae846889c7ad9e080088be000e000315084e060100000000000001080022eb0000000121018306020000000000000104013f0f0800655800000004e05557e2097622bfd1ee13745ae3cb0a8569f1285b0cb0f410e41ee102f6d98d0fad783b4e657498662f3f8ea78bf9d9d65ab994a9492a008f1e385fbf0f110bca6fa798a190c9ccb1675850f26fbf4a58931e766d570f3793fd56a4a4dd3382089a6d83abd78d7bd89d4ad6e099ca3eba43332493f186472aa11e55b84f5e521971e299f4e8d8da53aa5ece35073f5cfd6d5790890890bb3d91c140917d8c4dcd056aec8b86a45cf242441f9a33a8dd7850d6712125e977b4019d29f416db6e"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000680)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, 0x0, 0x0)
sendmmsg$unix(r5, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0xd, 0x0, 0x20040001, 0x0, 0x2}})
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x44)
r6 = socket$phonet(0x23, 0x2, 0x1)
sendto$phonet(r6, &(0x7f0000000040)="0bbab5943069427e115d649869c6dc499dfff39b58af73235d3daf66b4916a072f95455507dfdf30054fb84a85037599beed58978b3b85430e9d6ec6b05811b44ad9fc49ced50b230b6f78a9a8310d0324faf93659f545a45c8a755fd12c529a52f5ac0b8d015b414499767a826fd78d85a3a72f5c42902cc7ba1f1d8bfafaaa8f280a96c45295bb75d4880719c48ffa59434adf3716f93225b92e1dbc1ca5004499de14e9d16ac51b2c65d28568b4397b17", 0xb2, 0x4000, &(0x7f0000000100), 0x10)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
mount$overlay(0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000580)={[{@uuid_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}}], [{@smackfsdef={'smackfsdef', 0x3d, 'fuse\x00'}}, {@smackfsdef={'smackfsdef', 0x3d, 'fuse\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x34, 0x62, 0xa4043b827ce90800, 0x65, 0x38, 0x61, 0x38, 0x62], 0x2d, [0x54, 0x38, 0x37, 0x32], 0x2d, [0x64, 0x36, 0x32, 0x30], 0x2d, [0x39, 0x36, 0x34, 0x36], 0x2d, [0x6f16a7ff7dc53f8d, 0x31, 0x34, 0x64, 0x39, 0x32, 0x65, 0x64]}}}, {@permit_directio}, {@smackfsdef}]})

3.977686315s ago: executing program 4 (id=843):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000e13d6a206419010015d4010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)

3.187409375s ago: executing program 0 (id=852):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r3, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0x12, 0x6, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000001000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413fcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d2e6807b84e8e5155def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a51bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff4175b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b46307001416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607f259b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62b1eb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f63520cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990548a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000800"})

2.681766823s ago: executing program 1 (id=855):
r0 = socket$inet6(0xa, 0x80002, 0x88)
setsockopt$sock_int(r0, 0x1, 0x27, &(0x7f0000000040)=0x8004, 0x4)

2.609363212s ago: executing program 4 (id=856):
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x4001, 0x3, 0x288, 0x160, 0x0, 0x148, 0x0, 0x148, 0x1f0, 0x240, 0x240, 0x1f0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00', {}, {}, 0x88, 0x1}, 0x0, 0xf8, 0x160, 0x0, {}, [@common=@unspec=@time={{0x38}, {0x3, 0x76, 0xb75e, 0x5a3e, 0x4, 0x20}}, @common=@inet=@multiport={{0x50}, {0x0, 0x0, [0x0, 0xffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2e8)

2.609213421s ago: executing program 1 (id=857):
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0)

2.609130529s ago: executing program 4 (id=858):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)
sendmmsg(r0, 0x0, 0x0, 0x0)

2.607413038s ago: executing program 4 (id=859):
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, 0x0, &(0x7f0000000200)=@keyring)
openat$pfkey(0xffffff9c, 0x0, 0x8101, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e29, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2.341747688s ago: executing program 0 (id=860):
gettid()
ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000083667d1040206402d14e0102030109021b000100000000090400000190f19c00090584"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0xc0802)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

1.707474563s ago: executing program 1 (id=862):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$inet(r2, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r3)

1.707264553s ago: executing program 3 (id=863):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000980), r0)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d00)={0x2c, r1, 0x309, 0x70bd22, 0x25dfdc01, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}]}, 0x2c}}, 0x24040804)

1.707059286s ago: executing program 4 (id=864):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
shmget$private(0x0, 0x3000, 0x10, &(0x7f0000ffa000/0x3000)=nil)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x8a000)
r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
mount$nfs(0x0, &(0x7f0000000640)='.\x00', &(0x7f0000000680), 0x0, 0x0)
dup3(r3, r4, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)=@o_path={&(0x7f00000003c0)='./file0\x00', 0x0, 0x8, r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x3, &(0x7f00000001c0)=[{0x15, 0x0, 0x2}, {0x54, 0xfc, 0x7f}, {0x2}]})
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000000040"])

1.637532022s ago: executing program 3 (id=865):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write(r0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = userfaultfd(0x800)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x10})
syz_open_dev$sndctrl(&(0x7f00000000c0), 0x81, 0x200800)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x15)
socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000280)={&(0x7f0000000180)=""/54, 0x338000, 0x1000, 0x4, 0x3}, 0x1c)
epoll_create1(0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
connect$x25(r4, &(0x7f0000000040), 0x12)

1.497690113s ago: executing program 1 (id=866):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x35}}, 0x10)
sendto$inet(r0, &(0x7f0000000100)="ab", 0x1, 0xe61e2840a154b0c0, &(0x7f0000000000)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10)

1.497587867s ago: executing program 1 (id=867):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
uname(0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587", @ANYRES16], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
symlink(0x0, &(0x7f00000017c0)='./file0\x00')
mkdirat(0xffffffffffffffff, 0x0, 0x100)
open_by_handle_at(0xffffffffffffff9c, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r0, &(0x7f0000000040)=""/4092, 0xffc)

1.426819929s ago: executing program 3 (id=868):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0xf)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$isdn_base(0x22, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$cont(0x20, r2, 0x0, 0x0)
ptrace$getregs(0xc, r2, 0x7, 0x0)
socket(0x10, 0x803, 0x0)
listen(0xffffffffffffffff, 0x8)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0xfffff000, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.391537771s ago: executing program 3 (id=869):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000860}, 0x8004)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$SIOCSIFHWADDR(r2, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})

1.237395119s ago: executing program 3 (id=870):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee3, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), 0xffffffffffffffff)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000001900), 0x802, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000005c0)={0xb, {'syz1\x00', 'syz1\x00', 'syz0\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "80"}}, 0x119)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x1c, "fee8a2ab78fcffffffffffffff2000b8785d960000000000000000000000000f00000000000100000000000000000000000000000200", "2809e897bdb2128bfc82525edd665240f45f819e01982861ac0000000000000000001100", "90be8b1c551265406c7f306003d8a0f4bd00", [0x20]}})

765.899981ms ago: executing program 4 (id=871):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
syz_open_dev$sg(&(0x7f0000000180), 0x62d, 0x12000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
io_submit(0x0, 0x0, &(0x7f0000000800))
ioctl$IOCTL_STATUS_ACCEL_DEV(r3, 0x40046103, &(0x7f0000000280)={0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, "b321153deda22fe5cd76299f41b5e6ce691f3eaccd5d11c1e5a97147dcb12d41"})

337.422264ms ago: executing program 3 (id=872):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ppoll(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x4801, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x6)
getdents64(r3, 0x0, 0x0)

147.49418ms ago: executing program 1 (id=873):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f000001f8c0)={'vcan0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r2, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = getpgrp(0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000100)={0x0, 0x3, 0x5, 0x9, r3})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
prctl$PR_GET_KEEPCAPS(0x7)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_PIT2(r5, 0x4070aea0, &(0x7f0000000300)={[{0x0, 0x8000, 0xe0, 0x3, 0x0, 0xb, 0x4, 0x1, 0x0, 0x2, 0x3, 0x5, 0x7c}, {0x0, 0x0, 0xff, 0xff, 0x4, 0xfe, 0x81, 0x0, 0x20, 0x2, 0x0, 0x4}, {0x7, 0x0, 0x0, 0x11, 0x5, 0x9, 0xf8, 0x2, 0xfd, 0xfd, 0x0, 0x0, 0xe0ee}], 0x7})
ioctl$KVM_SET_PIT(r5, 0x8048ae66, &(0x7f0000000140)={[{0x2, 0x8, 0xb7, 0x6, 0x8, 0x4, 0x0, 0x9, 0x9, 0x2, 0x1, 0x16, 0x2}, {0x400, 0xf712, 0x2, 0xfe, 0x10, 0x84, 0xc, 0x0, 0xff, 0x6, 0x3, 0x81, 0x3}, {0x9, 0xfffd, 0x83, 0x7, 0xff, 0x1, 0x40, 0x0, 0x6, 0x1, 0xff, 0x11, 0x800000000ed0}], 0x7})
syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r6 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_CONFIG(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x4000)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000140)=@ccm_128={{0x304}, "68c4502393926b50", "09f700", "1ab6c0e5"}, 0x28)

147.370857ms ago: executing program 0 (id=874):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mq_unlink(0x0)

147.19314ms ago: executing program 0 (id=875):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x1000)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x229, 0x0)

238.896µs ago: executing program 0 (id=876):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9, 0x84, 0x144, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x6c, r0, 0x500}, 0x38)

0s ago: executing program 0 (id=877):
socket$inet(0x2b, 0xa, 0xfffffffe)
r0 = creat(&(0x7f0000000200)='./file1\x00', 0x12e)
close(r0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2)
r1 = socket$unix(0x1, 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000001200), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
userfaultfd(0x801)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7}, 0x0, 0x0)

kernel console output (not intermixed with test programs):

11.787763][ T7027] netlink: 'syz.2.254': attribute type 23 has an invalid length.
[  112.091675][ T5980] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  112.375775][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.382947][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.387890][ T5980] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  112.397191][   T29] usbhid 6-1:0.0: can't add hid device: -71
[  112.399084][   T29] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  112.404417][ T5980] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  112.410314][   T29] usb 6-1: USB disconnect, device number 9
[  112.413165][ T5980] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.421947][ T5980] usb 5-1: config 0 descriptor??
[  112.521737][   T64] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  112.671727][   T64] usb 8-1: Using ep0 maxpacket: 8
[  112.680127][   T64] usb 8-1: unable to get BOS descriptor or descriptor too short
[  112.683650][   T64] usb 8-1: no configurations
[  112.685479][   T64] usb 8-1: can't read configurations, error -22
[  113.203915][ T7048] bridge0: port 3(syz_tun) entered blocking state
[  113.206449][ T7048] bridge0: port 3(syz_tun) entered disabled state
[  113.208464][ T7048] syz_tun: entered allmulticast mode
[  113.211725][ T7048] syz_tun: entered promiscuous mode
[  113.213865][ T7048] bridge0: port 3(syz_tun) entered blocking state
[  113.215720][ T7048] bridge0: port 3(syz_tun) entered forwarding state
[  113.771289][ T7055] fuse: Bad value for 'fd'
[  113.778684][ T7053] overlayfs: failed to resolve './file0': -2
[  113.812701][  T837] libceph: connect (1)[c::]:6789 error -101
[  113.814705][  T837] libceph: mon0 (1)[c::]:6789 connect error
[  113.997631][ T7065] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  113.997631][ T7065]    program syz.1.263 not setting count and/or reply_len properly
[  114.031620][   T64] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  114.073705][  T837] libceph: connect (1)[c::]:6789 error -101
[  114.075586][  T837] libceph: mon0 (1)[c::]:6789 connect error
[  114.144898][ T7052] ceph: No mds server is up or the cluster is laggy
[  114.201971][   T64] usb 7-1: Using ep0 maxpacket: 8
[  114.205444][   T64] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  114.208176][   T64] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  114.210782][   T64] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  114.214152][   T64] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  114.217265][   T64] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  114.221140][   T64] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  114.223816][   T64] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.233442][ T5980] usbhid 5-1:0.0: can't add hid device: -71
[  114.238963][ T5980] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  114.253804][ T5980] usb 5-1: USB disconnect, device number 9
[  114.635957][ T7079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.268'.
[  114.707226][ T7078] netlink: 28 bytes leftover after parsing attributes in process `syz.0.266'.
[  114.712712][ T7078] syz.0.266: attempt to access beyond end of device
[  114.712712][ T7078] loop0: rw=6144, sector=128, nr_sectors = 8 limit=0
[  114.716469][ T7078] gfs2: error -5 reading superblock
[  114.871810][ T7082] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  114.877021][ T7082] FAULT_INJECTION: forcing a failure.
[  114.877021][ T7082] name failslab, interval 1, probability 0, space 0, times 0
[  114.880684][ T7082] CPU: 2 UID: 0 PID: 7082 Comm: syz.1.269 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  114.880697][ T7082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.880703][ T7082] Call Trace:
[  114.880708][ T7082]  <TASK>
[  114.880712][ T7082]  dump_stack_lvl+0x16c/0x1f0
[  114.880736][ T7082]  should_fail_ex+0x512/0x640
[  114.880771][ T7082]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  114.880800][ T7082]  should_failslab+0xc2/0x120
[  114.880815][ T7082]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  114.880837][ T7082]  ? __alloc_skb+0x2b2/0x380
[  114.880861][ T7082]  __alloc_skb+0x2b2/0x380
[  114.880879][ T7082]  ? __pfx___alloc_skb+0x10/0x10
[  114.880899][ T7082]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  114.880927][ T7082]  netlink_alloc_large_skb+0x69/0x130
[  114.880951][ T7082]  netlink_sendmsg+0x6a1/0xdd0
[  114.880978][ T7082]  ? __pfx_netlink_sendmsg+0x10/0x10
[  114.881002][ T7082]  ? __import_iovec+0x1c8/0x660
[  114.881029][ T7082]  ____sys_sendmsg+0xa95/0xc70
[  114.881057][ T7082]  ? __pfx_____sys_sendmsg+0x10/0x10
[  114.881081][ T7082]  ? get_compat_msghdr+0x11a/0x170
[  114.881112][ T7082]  ___sys_sendmsg+0x134/0x1d0
[  114.881134][ T7082]  ? __pfx____sys_sendmsg+0x10/0x10
[  114.881186][ T7082]  __sys_sendmsg+0x16d/0x220
[  114.881207][ T7082]  ? __pfx___sys_sendmsg+0x10/0x10
[  114.881239][ T7082]  ? rcu_is_watching+0x12/0xc0
[  114.881263][ T7082]  __do_fast_syscall_32+0x73/0x120
[  114.881289][ T7082]  do_fast_syscall_32+0x32/0x80
[  114.881312][ T7082]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  114.881332][ T7082] RIP: 0023:0xf742e579
[  114.881345][ T7082] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  114.881359][ T7082] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  114.881374][ T7082] RAX: ffffffffffffffda RBX: 000000000000000e RCX: 0000000080000280
[  114.881384][ T7082] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  114.881392][ T7082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  114.881401][ T7082] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  114.881410][ T7082] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  114.881431][ T7082]  </TASK>
[  114.962321][  T837] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  115.113277][  T837] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.116348][  T837] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  115.119159][  T837] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  115.123803][  T837] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  115.127283][  T837] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.130420][ T7086] netlink: 8 bytes leftover after parsing attributes in process `syz.1.270'.
[  115.132943][ T7086] netlink: 16 bytes leftover after parsing attributes in process `syz.1.270'.
[  115.138761][  T837] usb 5-1: config 0 descriptor??
[  116.166494][ T7095] netlink: 8 bytes leftover after parsing attributes in process `syz.1.272'.
[  116.169038][ T7095] netlink: 16 bytes leftover after parsing attributes in process `syz.1.272'.
[  116.175023][ T7095] netlink: 8 bytes leftover after parsing attributes in process `syz.1.272'.
[  116.376117][   T64] usb 7-1: usb_control_msg returned -71
[  116.377736][   T64] usbtmc 7-1:16.0: can't read capabilities
[  116.389567][   T64] usb 7-1: USB disconnect, device number 8
[  116.482279][ T7098] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  116.482279][ T7098]    program syz.2.273 not setting count and/or reply_len properly
[  117.213052][ T7119] netlink: 8 bytes leftover after parsing attributes in process `syz.1.277'.
[  117.215529][ T7119] netlink: 16 bytes leftover after parsing attributes in process `syz.1.277'.
[  117.220654][ T7119] netlink: 8 bytes leftover after parsing attributes in process `syz.1.277'.
[  117.483770][  T837] usbhid 5-1:0.0: can't add hid device: -71
[  117.486037][  T837] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  117.489694][  T837] usb 5-1: USB disconnect, device number 10
[  117.671461][ T7132] xt_TCPMSS: Only works on TCP SYN packets
[  117.729413][ T7133] overlayfs: failed to resolve './file0': -2
[  117.981929][ T5980] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  118.072595][ T7139] hub 6-0:1.0: USB hub found
[  118.074285][ T7139] hub 6-0:1.0: 1 port detected
[  118.141670][ T5980] usb 7-1: Using ep0 maxpacket: 8
[  118.144919][ T5980] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  118.147343][ T5980] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  118.150127][ T5980] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  118.152944][ T5980] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  118.155744][ T5980] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  118.159423][ T5980] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  118.162033][ T5980] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.211476][ T7144] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  118.211476][ T7144]    program syz.1.286 not setting count and/or reply_len properly
[  119.196942][ T7162] hub 6-0:1.0: USB hub found
[  119.199837][ T7162] hub 6-0:1.0: 1 port detected
[  119.591730][  T837] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  119.761797][  T837] usb 5-1: Using ep0 maxpacket: 8
[  119.780716][  T837] usb 5-1: unable to get BOS descriptor or descriptor too short
[  119.784360][  T837] usb 5-1: no configurations
[  119.786159][  T837] usb 5-1: can't read configurations, error -22
[  120.234177][ T7173] lo speed is unknown, defaulting to 1000
[  120.253909][ T7174] ALSA: mixer_oss: invalid index 40000
[  120.287715][ T7175] lo speed is unknown, defaulting to 1000
[  120.289425][ T7175] lo speed is unknown, defaulting to 1000
[  120.291914][ T7175] lo speed is unknown, defaulting to 1000
[  120.295540][ T7175] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  120.302921][ T7175] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  120.319012][ T7175] lo speed is unknown, defaulting to 1000
[  120.322148][ T7175] lo speed is unknown, defaulting to 1000
[  120.325538][ T7175] lo speed is unknown, defaulting to 1000
[  120.329077][ T7175] lo speed is unknown, defaulting to 1000
[  120.524969][ T7173] lo speed is unknown, defaulting to 1000
[  120.532633][ T7173] lo speed is unknown, defaulting to 1000
[  120.554544][ T5980] usb 7-1: usb_control_msg returned -71
[  120.581681][ T6015] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  120.591706][ T5980] usbtmc 7-1:16.0: can't read capabilities
[  120.619765][ T5980] usb 7-1: USB disconnect, device number 9
[  120.697270][ T7178] geneve2: entered promiscuous mode
[  120.698862][ T7178] geneve2: entered allmulticast mode
[  120.715511][ T7183] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  120.715511][ T7183]    program syz.2.295 not setting count and/or reply_len properly
[  120.727509][ T6015] usb 6-1: device descriptor read/64, error -71
[  120.850726][ T7173] infiniband s
z1: set active
[  120.852956][ T7173] infiniband s
z1: added lo
[  120.856356][   T29] lo speed is unknown, defaulting to 1000
[  120.930697][ T7173] RDS/IB: s
z1: added
[  120.932185][ T7173] smc: adding ib device s
z1 with port count 1
[  120.939510][ T7173] smc:    ib device s
z1 port 1 has pnetid 
[  120.941297][   T29] lo speed is unknown, defaulting to 1000
[  120.943890][ T7173] lo speed is unknown, defaulting to 1000
[  120.961594][ T6015] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  121.086836][ T7173] lo speed is unknown, defaulting to 1000
[  121.091700][ T6015] usb 6-1: device descriptor read/64, error -71
[  121.110419][ T7192] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  121.110419][ T7192]    program syz.3.298 not setting count and/or reply_len properly
[  121.211948][ T6015] usb usb6-port1: attempt power cycle
[  121.264570][ T7173] lo speed is unknown, defaulting to 1000
[  121.405883][ T7173] lo speed is unknown, defaulting to 1000
[  121.551663][ T6015] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  121.563294][ T7198] overlayfs: failed to resolve './file0': -2
[  121.572564][ T6015] usb 6-1: device descriptor read/8, error -71
[  121.811657][ T6015] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  121.832248][ T6015] usb 6-1: device descriptor read/8, error -71
[  121.885815][ T7205] FAULT_INJECTION: forcing a failure.
[  121.885815][ T7205] name failslab, interval 1, probability 0, space 0, times 0
[  121.889488][ T7205] CPU: 3 UID: 0 PID: 7205 Comm: syz.2.301 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  121.889502][ T7205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  121.889508][ T7205] Call Trace:
[  121.889512][ T7205]  <TASK>
[  121.889515][ T7205]  dump_stack_lvl+0x16c/0x1f0
[  121.889539][ T7205]  should_fail_ex+0x512/0x640
[  121.889550][ T7205]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  121.889566][ T7205]  should_failslab+0xc2/0x120
[  121.889576][ T7205]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  121.889590][ T7205]  ? __alloc_skb+0x2b2/0x380
[  121.889605][ T7205]  __alloc_skb+0x2b2/0x380
[  121.889617][ T7205]  ? __pfx___alloc_skb+0x10/0x10
[  121.889630][ T7205]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  121.889646][ T7205]  netlink_alloc_large_skb+0x69/0x130
[  121.889661][ T7205]  netlink_sendmsg+0x6a1/0xdd0
[  121.889677][ T7205]  ? __pfx_netlink_sendmsg+0x10/0x10
[  121.889692][ T7205]  ? __import_iovec+0x1c8/0x660
[  121.889708][ T7205]  ____sys_sendmsg+0xa95/0xc70
[  121.889725][ T7205]  ? __pfx_____sys_sendmsg+0x10/0x10
[  121.889739][ T7205]  ? get_compat_msghdr+0x11a/0x170
[  121.889757][ T7205]  ___sys_sendmsg+0x134/0x1d0
[  121.889770][ T7205]  ? __pfx____sys_sendmsg+0x10/0x10
[  121.889798][ T7205]  __sys_sendmsg+0x16d/0x220
[  121.889810][ T7205]  ? __pfx___sys_sendmsg+0x10/0x10
[  121.889828][ T7205]  ? rcu_is_watching+0x12/0xc0
[  121.889843][ T7205]  __do_fast_syscall_32+0x73/0x120
[  121.889858][ T7205]  do_fast_syscall_32+0x32/0x80
[  121.889872][ T7205]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  121.889885][ T7205] RIP: 0023:0xf73de579
[  121.889892][ T7205] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  121.889902][ T7205] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  121.889911][ T7205] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001240
[  121.889917][ T7205] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  121.889922][ T7205] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  121.889927][ T7205] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  121.889932][ T7205] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  121.889944][ T7205]  </TASK>
[  121.955716][ T6015] usb usb6-port1: unable to enumerate USB device
[  122.188243][ T7216] overlayfs: failed to resolve './file0': -2
[  122.332611][ T7217] gre0: Master is either lo or non-ether device
[  122.342288][ T6015] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  122.431612][ T5980] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  122.451586][   T29] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  122.601984][   T29] usb 8-1: Using ep0 maxpacket: 8
[  122.603481][ T5980] usb 5-1: Using ep0 maxpacket: 8
[  122.606530][   T29] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  122.608766][   T29] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  122.611416][   T29] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  122.618416][   T29] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  122.622582][ T5980] usb 5-1: unable to get BOS descriptor or descriptor too short
[  122.624917][ T5980] usb 5-1: no configurations
[  122.626268][   T29] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  122.629764][ T5980] usb 5-1: can't read configurations, error -22
[  122.632750][   T29] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  122.635147][   T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.737908][ T7236] geneve2: entered promiscuous mode
[  122.739423][ T7236] geneve2: entered allmulticast mode
[  123.109946][ T7240] geneve2: entered promiscuous mode
[  123.114617][ T7240] geneve2: entered allmulticast mode
[  123.358133][ T7259] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  123.358133][ T7259]    program syz.2.312 not setting count and/or reply_len properly
[  125.026000][   T29] usb 8-1: usb_control_msg returned -71
[  125.028109][   T29] usbtmc 8-1:16.0: can't read capabilities
[  125.078654][   T29] usb 8-1: USB disconnect, device number 9
[  130.246886][ T7284] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  130.246886][ T7284]    program syz.2.315 not setting count and/or reply_len properly
[  130.264309][ T7282] hub 6-0:1.0: USB hub found
[  130.265886][ T7282] hub 6-0:1.0: 1 port detected
[  130.285018][ T7286] geneve2: entered promiscuous mode
[  130.286583][ T7286] geneve2: entered allmulticast mode
[  131.043036][ T7299] xt_CT: No such helper "snmp_trap"
[  131.088302][ T7304] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  131.088302][ T7304]    program syz.1.321 not setting count and/or reply_len properly
[  131.361719][ T7313] overlayfs: failed to resolve './file0': -2
[  131.402944][ T6180] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  131.458863][   T84] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.549443][   T84] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.552979][ T6180] usb 8-1: Using ep0 maxpacket: 8
[  131.559134][ T6180] usb 8-1: unable to get BOS descriptor or descriptor too short
[  131.561303][ T6180] usb 8-1: no configurations
[  131.562773][ T6180] usb 8-1: can't read configurations, error -22
[  131.611624][   T29] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  131.630411][   T84] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.706877][ T5948] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  131.715597][ T5948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  131.715860][   T84] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.718993][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  131.724246][ T5948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  131.726702][ T5948] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  131.781663][   T29] usb 5-1: Using ep0 maxpacket: 8
[  131.784481][   T29] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  131.786926][   T29] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  131.789655][   T29] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  131.792662][   T29] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  131.795536][   T29] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  131.799054][   T29] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  131.801618][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.837552][   T84] bridge_slave_1: left allmulticast mode
[  131.839225][   T84] bridge_slave_1: left promiscuous mode
[  131.841586][   T84] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.846878][   T84] bridge_slave_0: left allmulticast mode
[  131.848464][   T84] bridge_slave_0: left promiscuous mode
[  131.850088][   T84] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.212437][   T84] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  132.218278][   T84] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  132.224955][   T84] bond0 (unregistering): Released all slaves
[  132.240684][ T7315] lo speed is unknown, defaulting to 1000
[  132.256603][ T7319] geneve2: entered promiscuous mode
[  132.258148][ T7319] geneve2: entered allmulticast mode
[  132.286915][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  132.289368][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  132.370478][ T7315] lo speed is unknown, defaulting to 1000
[  132.609667][ T7315] chnl_net:caif_netlink_parms(): no params data found
[  132.804488][ T7315] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.806629][ T7315] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.808712][ T7315] bridge_slave_0: entered allmulticast mode
[  132.811378][ T7315] bridge_slave_0: entered promiscuous mode
[  132.820996][   T84] hsr_slave_0: left promiscuous mode
[  132.823316][   T84] hsr_slave_1: left promiscuous mode
[  132.825270][   T84] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.827364][   T84] batman_adv: batadv0: Removing interface: batadv_slave_0
[  132.830165][   T84] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.832711][   T84] batman_adv: batadv0: Removing interface: batadv_slave_1
[  132.850819][   T84] veth1_macvtap: left promiscuous mode
[  132.854523][   T84] veth0_macvtap: left promiscuous mode
[  132.856688][   T84] veth1_vlan: left promiscuous mode
[  132.858725][   T84] veth0_vlan: left promiscuous mode
[  132.991633][  T837] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  133.151645][  T837] usb 6-1: Using ep0 maxpacket: 8
[  133.154720][  T837] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  133.157810][  T837] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  133.161377][  T837] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  133.164974][  T837] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  133.168754][  T837] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  133.172447][  T837] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.344678][   T84] team0 (unregistering): Port device team_slave_1 removed
[  133.399137][  T837] usb 6-1: GET_CAPABILITIES returned 0
[  133.400785][  T837] usbtmc 6-1:16.0: can't read capabilities
[  133.403994][   T84] team0 (unregistering): Port device team_slave_0 removed
[  133.623119][ T5323] usb 6-1: USB disconnect, device number 14
[  133.789405][ T7315] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.791711][ T7315] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.794394][ T7315] bridge_slave_1: entered allmulticast mode
[  133.797777][ T7315] bridge_slave_1: entered promiscuous mode
[  133.811882][ T5948] Bluetooth: hci3: command tx timeout
[  133.839159][ T7315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  133.845541][ T7315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  133.880715][ T7315] team0: Port device team_slave_0 added
[  133.884484][ T7315] team0: Port device team_slave_1 added
[  133.917071][ T7315] batman_adv: batadv0: Adding interface: batadv_slave_0
[  133.919620][ T7315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  133.928689][ T7315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  133.932869][ T7315] batman_adv: batadv0: Adding interface: batadv_slave_1
[  133.934790][ T7315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  133.942226][ T7315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  133.985466][ T7315] hsr_slave_0: entered promiscuous mode
[  133.987394][ T7315] hsr_slave_1: entered promiscuous mode
[  133.989226][ T7315] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  133.991315][ T7315] Cannot create hsr debugfs directory
[  134.160417][ T7315] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  134.167589][ T7315] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  134.174266][ T7315] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  134.180473][ T7315] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  134.200098][   T29] usb 5-1: usb_control_msg returned -71
[  134.203239][   T29] usbtmc 5-1:16.0: can't read capabilities
[  134.219236][   T29] usb 5-1: USB disconnect, device number 15
[  134.256152][ T7315] 8021q: adding VLAN 0 to HW filter on device bond0
[  134.270949][ T7315] 8021q: adding VLAN 0 to HW filter on device team0
[  134.322989][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.325039][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.330809][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.332836][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  134.507000][ T7315] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.551262][ T7374] netlink: 'syz.0.331': attribute type 3 has an invalid length.
[  134.553753][ T7374] netlink: 'syz.0.331': attribute type 3 has an invalid length.
[  134.557188][ T7374] netlink: 'syz.0.331': attribute type 3 has an invalid length.
[  134.559456][ T7374] netlink: 'syz.0.331': attribute type 3 has an invalid length.
[  134.561864][ T7374] netlink: 'syz.0.331': attribute type 3 has an invalid length.
[  134.565205][ T7374] netlink: 'syz.0.331': attribute type 3 has an invalid length.
[  134.567550][ T7374] netlink: 'syz.0.331': attribute type 3 has an invalid length.
[  134.569880][ T7374] netlink: 'syz.0.331': attribute type 3 has an invalid length.
[  134.572151][ T7374] netlink: 'syz.0.331': attribute type 3 has an invalid length.
[  134.576454][ T7374] netlink: 'syz.0.331': attribute type 3 has an invalid length.
[  134.781402][ T7315] veth0_vlan: entered promiscuous mode
[  134.792854][ T7315] veth1_vlan: entered promiscuous mode
[  134.809528][ T7315] veth0_macvtap: entered promiscuous mode
[  134.813187][ T7315] veth1_macvtap: entered promiscuous mode
[  134.820596][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.823704][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.826501][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.829394][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.832360][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  134.835219][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.838955][ T7315] batman_adv: batadv0: Interface activated: batadv_slave_0
[  134.842703][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.845574][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.848437][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.851290][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.855291][ T7315] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  134.858185][ T7315] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  134.862345][ T7315] batman_adv: batadv0: Interface activated: batadv_slave_1
[  134.912258][ T7315] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  134.915745][ T7315] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  134.918895][ T7315] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  134.922738][ T7315] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  134.998997][ T7402] __nla_validate_parse: 2 callbacks suppressed
[  134.999007][ T7402] netlink: 36 bytes leftover after parsing attributes in process `syz.0.335'.
[  135.077402][  T163] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  135.079959][  T163] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  135.127390][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  135.130317][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  135.422415][  T836] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  135.571647][  T836] usb 8-1: Using ep0 maxpacket: 8
[  135.586832][  T836] usb 8-1: unable to get BOS descriptor or descriptor too short
[  135.588995][  T836] usb 8-1: no configurations
[  135.590287][  T836] usb 8-1: can't read configurations, error -22
[  135.881967][ T5948] Bluetooth: hci3: command tx timeout
[  135.906378][ T7436] 9pnet_fd: Insufficient options for proto=fd
[  136.139408][ T7445] hub 6-0:1.0: USB hub found
[  136.142476][ T7445] hub 6-0:1.0: 1 port detected
[  136.233128][ T7450] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  136.233128][ T7450]    program syz.3.341 not setting count and/or reply_len properly
[  137.027588][ T7459] netlink: 8 bytes leftover after parsing attributes in process `syz.1.344'.
[  137.030075][ T7459] netlink: 16 bytes leftover after parsing attributes in process `syz.1.344'.
[  137.055375][ T7464] netlink: 24 bytes leftover after parsing attributes in process `syz.3.345'.
[  137.227856][ T7473] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  137.227856][ T7473]    program syz.3.348 not setting count and/or reply_len properly
[  137.911634][   T29] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  137.962400][ T5948] Bluetooth: hci3: command tx timeout
[  138.025090][ T5948] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  138.027659][ T5948] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  138.191607][   T29] usb 6-1: Using ep0 maxpacket: 8
[  138.195721][   T29] usb 6-1: unable to get BOS descriptor or descriptor too short
[  138.198431][   T29] usb 6-1: no configurations
[  138.199781][   T29] usb 6-1: can't read configurations, error -22
[  138.212934][ T7498] overlayfs: failed to resolve './file1': -2
[  138.216972][ T7498] overlayfs: failed to resolve './file1': -2
[  139.051612][   T29] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  139.170724][ T7515] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  139.170724][ T7515]    program syz.3.363 not setting count and/or reply_len properly
[  139.213218][   T29] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  139.215699][   T29] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  139.218634][   T29] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  139.221856][   T29] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  139.225451][   T29] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  139.231178][   T29] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  139.234662][   T29] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  139.237781][   T29] usb 6-1: Product: syz
[  139.239396][   T29] usb 6-1: Manufacturer: syz
[  139.264313][   T29] cdc_wdm 6-1:1.0: skipping garbage
[  139.265826][   T29] cdc_wdm 6-1:1.0: skipping garbage
[  139.269217][   T29] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  139.270822][   T29] cdc_wdm 6-1:1.0: Unknown control protocol
[  139.901640][ T7520] validate_nla: 47 callbacks suppressed
[  139.901650][ T7520] netlink: 'syz.4.365': attribute type 23 has an invalid length.
[  140.041761][ T5948] Bluetooth: hci3: command tx timeout
[  140.307766][ T7535] netlink: 28 bytes leftover after parsing attributes in process `syz.0.366'.
[  140.529032][ T7537] netlink: 28 bytes leftover after parsing attributes in process `syz.3.369'.
[  140.532610][ T7537] syz.3.369: attempt to access beyond end of device
[  140.532610][ T7537] loop3: rw=6144, sector=128, nr_sectors = 8 limit=0
[  140.536432][ T7537] gfs2: error -5 reading superblock
[  140.641597][   T29] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  140.781700][ T7085] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  140.793594][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.796923][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.800012][   T29] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  140.803962][   T29] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  140.811664][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.907501][   T29] usb 5-1: config 0 descriptor??
[  140.934928][ T7085] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.938116][ T7085] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.941100][ T7085] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  140.946525][ T7085] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  140.949066][ T7085] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.958112][ T7085] usb 8-1: config 0 descriptor??
[  141.537530][ T5323] usb 6-1: USB disconnect, device number 16
[  141.810542][ T7553] hub 6-0:1.0: USB hub found
[  141.812327][ T7553] hub 6-0:1.0: 1 port detected
[  142.517030][ T7563] hub 6-0:1.0: USB hub found
[  142.518819][ T7563] hub 6-0:1.0: 1 port detected
[  142.570454][ T7564] netlink: 32 bytes leftover after parsing attributes in process `syz.1.376'.
[  143.136963][   T29] usbhid 5-1:0.0: can't add hid device: -71
[  143.138961][   T29] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  143.140233][ T7085] usbhid 8-1:0.0: can't add hid device: -71
[  143.148205][ T7085] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  143.156358][ T7085] usb 8-1: USB disconnect, device number 14
[  143.162556][   T29] usb 5-1: USB disconnect, device number 16
[  143.253417][ T7568] netlink: 28 bytes leftover after parsing attributes in process `syz.3.378'.
[  143.751781][  T836] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  143.906614][  T836] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  143.909111][  T836] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  143.912009][  T836] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  143.914552][  T836] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  143.917607][  T836] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  143.922291][  T836] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  143.924980][  T836] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  143.927305][  T836] usb 6-1: Product: syz
[  143.928630][  T836] usb 6-1: Manufacturer: syz
[  143.936157][  T836] cdc_wdm 6-1:1.0: skipping garbage
[  143.937688][  T836] cdc_wdm 6-1:1.0: skipping garbage
[  143.943197][  T836] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  143.945133][  T836] cdc_wdm 6-1:1.0: Unknown control protocol
[  144.141010][ T7570] ALSA: mixer_oss: invalid index 40000
[  144.347337][ T7587] usb 6-1: USB disconnect, device number 17
[  144.367725][ T7587] hub 6-0:1.0: USB hub found
[  144.370527][ T7588] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  144.370527][ T7588]    program syz.3.383 not setting count and/or reply_len properly
[  144.375156][ T7587] hub 6-0:1.0: 1 port detected
[  144.501685][ T7085] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  144.941928][ T7595] netlink: 8 bytes leftover after parsing attributes in process `syz.0.385'.
[  144.946962][ T7595] netlink: 8 bytes leftover after parsing attributes in process `syz.0.385'.
[  145.262050][ T7598] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  145.262050][ T7598]    program syz.3.386 not setting count and/or reply_len properly
[  145.850201][ T7609] netlink: 28 bytes leftover after parsing attributes in process `syz.0.387'.
[  146.103087][ T7617] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  146.111635][ T5980] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  146.120668][ T7617] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  146.124350][ T7617] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  146.127368][ T7617] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  146.130433][ T7617] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  146.133823][ T7617] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  146.136782][ T7617] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  146.139696][ T7617] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  146.143048][ T7617] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  146.146058][ T7617] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  146.292989][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.295989][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.299392][ T5980] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  146.303416][ T5980] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  146.306624][ T5980] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.313837][ T5980] usb 5-1: config 0 descriptor??
[  146.341014][ T7625] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.389'.
[  146.343970][ T7625] netlink: zone id is out of range
[  146.345521][ T7625] netlink: zone id is out of range
[  146.346986][ T7625] netlink: get zone limit has 8 unknown bytes
[  146.743836][ T7640] netlink: 28 bytes leftover after parsing attributes in process `syz.1.390'.
[  146.749084][ T7640] syz.1.390: attempt to access beyond end of device
[  146.749084][ T7640] loop1: rw=6144, sector=128, nr_sectors = 8 limit=0
[  146.753037][ T7640] gfs2: error -5 reading superblock
[  147.041668][ T7085] usb 6-1: device descriptor read/64, error -71
[  147.243178][   T40] audit: type=1400 audit(1744173683.865:14): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=7654 comm="syz.3.391"
[  147.286846][ T7657] netlink: 24 bytes leftover after parsing attributes in process `syz.3.392'.
[  147.291662][ T7085] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  147.448164][ T7085] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.451233][ T7085] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.453988][ T7085] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  147.457621][ T7085] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  147.460085][ T7085] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.463961][ T7085] usb 6-1: config 0 descriptor??
[  148.670878][ T5980] usbhid 5-1:0.0: can't add hid device: -71
[  148.672650][ T5980] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  148.681843][ T5980] usb 5-1: USB disconnect, device number 17
[  149.499762][ T7085] usbhid 6-1:0.0: can't add hid device: -71
[  149.504077][ T7085] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  149.531959][ T7085] usb 6-1: USB disconnect, device number 19
[  149.558510][ T7684] netlink: 36 bytes leftover after parsing attributes in process `syz.4.396'.
[  149.951712][ T7085] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  149.972395][ T7699] ALSA: mixer_oss: invalid index 40000
[  150.081627][ T7085] usb 6-1: device descriptor read/64, error -71
[  150.321615][ T7085] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  150.451614][ T7085] usb 6-1: device descriptor read/64, error -71
[  150.514046][ T7705] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  150.514046][ T7705]    program syz.4.403 not setting count and/or reply_len properly
[  150.585085][ T7706] netlink: 8 bytes leftover after parsing attributes in process `syz.3.402'.
[  150.591268][ T7706] netlink: 8 bytes leftover after parsing attributes in process `syz.3.402'.
[  150.727233][ T7085] usb usb6-port1: attempt power cycle
[  150.774308][ T7707] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  150.778692][ T7707] gretap1: entered promiscuous mode
[  150.780394][ T7707] gretap1: entered allmulticast mode
[  151.071676][ T7085] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  151.093477][ T7085] usb 6-1: device descriptor read/8, error -71
[  151.331798][ T7085] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  151.367530][ T7085] usb 6-1: device descriptor read/8, error -71
[  151.488434][ T7085] usb usb6-port1: unable to enumerate USB device
[  151.507495][ T7719] FAULT_INJECTION: forcing a failure.
[  151.507495][ T7719] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  151.511163][ T7719] CPU: 2 UID: 0 PID: 7719 Comm: syz.3.407 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  151.511177][ T7719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.511184][ T7719] Call Trace:
[  151.511188][ T7719]  <TASK>
[  151.511191][ T7719]  dump_stack_lvl+0x16c/0x1f0
[  151.511209][ T7719]  should_fail_ex+0x512/0x640
[  151.511223][ T7719]  _copy_to_user+0x32/0xd0
[  151.511237][ T7719]  simple_read_from_buffer+0xcb/0x170
[  151.511253][ T7719]  proc_fail_nth_read+0x197/0x270
[  151.511267][ T7719]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  151.511281][ T7719]  ? rw_verify_area+0xcf/0x680
[  151.511293][ T7719]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  151.511306][ T7719]  vfs_read+0x1de/0xc70
[  151.511321][ T7719]  ? __pfx___mutex_lock+0x10/0x10
[  151.511335][ T7719]  ? __pfx_vfs_read+0x10/0x10
[  151.511351][ T7719]  ? __fget_files+0x20e/0x3c0
[  151.511369][ T7719]  ksys_read+0x12a/0x240
[  151.511382][ T7719]  ? __pfx_ksys_read+0x10/0x10
[  151.511396][ T7719]  ? rcu_is_watching+0x12/0xc0
[  151.511411][ T7719]  __do_fast_syscall_32+0x73/0x120
[  151.511427][ T7719]  do_fast_syscall_32+0x32/0x80
[  151.511445][ T7719]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  151.511457][ T7719] RIP: 0023:0xf73ae579
[  151.511465][ T7719] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  151.511475][ T7719] RSP: 002b:00000000f5036590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  151.511484][ T7719] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5036620
[  151.511490][ T7719] RDX: 000000000000000f RSI: 00000000f739cff4 RDI: 0000000000000000
[  151.511496][ T7719] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  151.511501][ T7719] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  151.511506][ T7719] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  151.511529][ T7719]  </TASK>
[  151.632827][   T10] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  151.791620][   T10] usb 6-1: device descriptor read/64, error -71
[  151.869795][ T7729] netlink: 8 bytes leftover after parsing attributes in process `syz.3.410'.
[  152.041666][   T10] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  152.191657][   T10] usb 6-1: device descriptor read/64, error -71
[  152.302009][   T10] usb usb6-port1: attempt power cycle
[  152.697345][   T10] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  152.911599][   T10] usb 6-1: device not accepting address 26, error -71
[  153.158062][ T7737] netlink: 28 bytes leftover after parsing attributes in process `syz.3.412'.
[  153.164723][ T7737] syz.3.412: attempt to access beyond end of device
[  153.164723][ T7737] loop3: rw=6144, sector=128, nr_sectors = 8 limit=0
[  153.168380][ T7737] gfs2: error -5 reading superblock
[  153.411706][  T837] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  153.578254][  T837] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.585372][  T837] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  153.589179][  T837] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  153.613095][  T837] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  153.619594][  T837] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.638182][  T837] usb 8-1: config 0 descriptor??
[  153.677947][ T7747] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  153.836835][ T7754] vlan2: entered allmulticast mode
[  153.838922][ T7754] bond0: entered allmulticast mode
[  153.840915][ T7754] bond_slave_0: entered allmulticast mode
[  153.843721][ T7754] bond_slave_1: entered allmulticast mode
[  154.931815][   T10] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  155.111620][   T10] usb 6-1: Using ep0 maxpacket: 8
[  155.116624][   T10] usb 6-1: unable to get BOS descriptor or descriptor too short
[  155.118883][   T10] usb 6-1: no configurations
[  155.120238][   T10] usb 6-1: can't read configurations, error -22
[  155.653803][ T7783] FAULT_INJECTION: forcing a failure.
[  155.653803][ T7783] name failslab, interval 1, probability 0, space 0, times 0
[  155.657316][ T7783] CPU: 0 UID: 0 PID: 7783 Comm: syz.0.426 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  155.657329][ T7783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.657336][ T7783] Call Trace:
[  155.657340][ T7783]  <TASK>
[  155.657344][ T7783]  dump_stack_lvl+0x16c/0x1f0
[  155.657361][ T7783]  should_fail_ex+0x512/0x640
[  155.657373][ T7783]  ? __kvmalloc_node_noprof+0x122/0x600
[  155.657389][ T7783]  should_failslab+0xc2/0x120
[  155.657411][ T7783]  __kvmalloc_node_noprof+0x135/0x600
[  155.657425][ T7783]  ? rcu_is_watching+0x12/0xc0
[  155.657437][ T7783]  ? alloc_netdev_mqs+0xd2/0x1570
[  155.657453][ T7783]  ? __pfx_vlan_setup+0x10/0x10
[  155.657466][ T7783]  ? alloc_netdev_mqs+0xd2/0x1570
[  155.657479][ T7783]  alloc_netdev_mqs+0xd2/0x1570
[  155.657495][ T7783]  rtnl_create_link+0xc10/0xfa0
[  155.657511][ T7783]  rtnl_newlink+0xb69/0x2000
[  155.657529][ T7783]  ? __pfx_rtnl_newlink+0x10/0x10
[  155.657548][ T7783]  ? kfree_skbmem+0x1a4/0x1f0
[  155.657562][ T7783]  ? rcu_is_watching+0x12/0xc0
[  155.657574][ T7783]  ? trace_cap_capable+0x18d/0x200
[  155.657587][ T7783]  ? find_held_lock+0x2b/0x80
[  155.657599][ T7783]  ? __pfx_rtnl_newlink+0x10/0x10
[  155.657612][ T7783]  ? __pfx_rtnl_newlink+0x10/0x10
[  155.657624][ T7783]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  155.657637][ T7783]  ? __pfx_rtnl_newlink+0x10/0x10
[  155.657650][ T7783]  rtnetlink_rcv_msg+0x95b/0xe90
[  155.657665][ T7783]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  155.657685][ T7783]  netlink_rcv_skb+0x16a/0x440
[  155.657700][ T7783]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  155.657714][ T7783]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  155.657736][ T7783]  ? netlink_deliver_tap+0x1ae/0xd30
[  155.657752][ T7783]  netlink_unicast+0x53a/0x7f0
[  155.657767][ T7783]  ? __pfx_netlink_unicast+0x10/0x10
[  155.657785][ T7783]  netlink_sendmsg+0x8d1/0xdd0
[  155.657802][ T7783]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.657817][ T7783]  ? __import_iovec+0x1c8/0x660
[  155.657833][ T7783]  ____sys_sendmsg+0xa95/0xc70
[  155.657851][ T7783]  ? __pfx_____sys_sendmsg+0x10/0x10
[  155.657866][ T7783]  ? get_compat_msghdr+0x11a/0x170
[  155.657884][ T7783]  ___sys_sendmsg+0x134/0x1d0
[  155.657897][ T7783]  ? __pfx____sys_sendmsg+0x10/0x10
[  155.657927][ T7783]  __sys_sendmsg+0x16d/0x220
[  155.657939][ T7783]  ? __pfx___sys_sendmsg+0x10/0x10
[  155.657958][ T7783]  ? rcu_is_watching+0x12/0xc0
[  155.657972][ T7783]  __do_fast_syscall_32+0x73/0x120
[  155.657987][ T7783]  do_fast_syscall_32+0x32/0x80
[  155.658001][ T7783]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.658014][ T7783] RIP: 0023:0xf741e579
[  155.658023][ T7783] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  155.658032][ T7783] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  155.658042][ T7783] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  155.658048][ T7783] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  155.658053][ T7783] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.658058][ T7783] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  155.658064][ T7783] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.658076][ T7783]  </TASK>
[  155.783860][  T837] usbhid 8-1:0.0: can't add hid device: -71
[  155.790610][  T837] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  155.800800][  T837] usb 8-1: USB disconnect, device number 15
[  156.089699][ T7786] ALSA: mixer_oss: invalid index 40000
[  156.438622][ T7801] 9pnet_virtio: no channels available for device syz
[  156.987816][ T7822] ALSA: mixer_oss: invalid index 40000
[  157.711301][ T7826] fuse: Unknown parameter '017777777777777777777770x0000000000000003'
[  157.781043][ T7831] netlink: 36 bytes leftover after parsing attributes in process `syz.3.440'.
[  157.820283][ T7833] FAULT_INJECTION: forcing a failure.
[  157.820283][ T7833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  157.825555][ T7833] CPU: 3 UID: 0 PID: 7833 Comm: syz.0.442 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  157.825571][ T7833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.825577][ T7833] Call Trace:
[  157.825581][ T7833]  <TASK>
[  157.825585][ T7833]  dump_stack_lvl+0x16c/0x1f0
[  157.825603][ T7833]  should_fail_ex+0x512/0x640
[  157.825617][ T7833]  copy_fpstate_to_sigframe+0x878/0xb10
[  157.825631][ T7833]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  157.825640][ T7833]  ? posixtimer_deliver_signal+0xed/0x6a0
[  157.825653][ T7833]  ? posixtimer_deliver_signal+0x1af/0x6a0
[  157.825665][ T7833]  get_sigframe+0x4a8/0x9c0
[  157.825682][ T7833]  ? __pfx_get_sigframe+0x10/0x10
[  157.825697][ T7833]  ? _raw_spin_unlock_irq+0x23/0x50
[  157.825709][ T7833]  ? siginfo_layout+0x177/0x290
[  157.825730][ T7833]  ia32_setup_rt_frame+0xe3/0xb30
[  157.825750][ T7833]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  157.825772][ T7833]  arch_do_signal_or_restart+0x477/0x7d0
[  157.825794][ T7833]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  157.825829][ T7833]  syscall_exit_to_user_mode+0x150/0x2a0
[  157.825845][ T7833]  do_int80_emulation+0x111/0x200
[  157.825861][ T7833]  asm_int80_emulation+0x1a/0x20
[  157.825870][ T7833] RIP: 0023:0xf741e577
[  157.825878][ T7833] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  157.825888][ T7833] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 000000000000013b
[  157.825897][ T7833] RAX: 000000000000013b RBX: 0000000000000003 RCX: 0000000000000006
[  157.825903][ T7833] RDX: 00000000fffffc01 RSI: 0000000000000000 RDI: 0000000000000000
[  157.825908][ T7833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  157.825914][ T7833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  157.825919][ T7833] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  157.825930][ T7833]  </TASK>
[  157.976907][ T7845] hub 6-0:1.0: USB hub found
[  157.978385][ T7845] hub 6-0:1.0: 1 port detected
[  158.052504][ T7848] netlink: 28 bytes leftover after parsing attributes in process `syz.4.439'.
[  158.411088][ T7847] netlink: 8 bytes leftover after parsing attributes in process `syz.0.446'.
[  158.413816][ T7847] netlink: 16 bytes leftover after parsing attributes in process `syz.0.446'.
[  158.461622][ T5980] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  158.622925][ T5980] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.626021][ T5980] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.628727][ T5980] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  158.632455][ T5980] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  158.634985][ T5980] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.645819][ T5980] usb 9-1: config 0 descriptor??
[  158.725157][ T7860] netlink: 24 bytes leftover after parsing attributes in process `syz.3.451'.
[  158.755139][ T7862] 8021q: VLANs not supported on gre0
[  159.541385][ T7873] hub 6-0:1.0: USB hub found
[  159.545912][ T7873] hub 6-0:1.0: 1 port detected
[  159.847211][ T7881] netlink: 36 bytes leftover after parsing attributes in process `syz.3.458'.
[  160.419721][ T7874] ALSA: mixer_oss: invalid index 40000
[  160.423295][ T7886] netlink: 24 bytes leftover after parsing attributes in process `syz.0.460'.
[  160.580317][ T7899] netlink: 'syz.0.464': attribute type 23 has an invalid length.
[  160.868470][ T5980] usbhid 9-1:0.0: can't add hid device: -71
[  160.870102][ T5980] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  160.877355][ T5980] usb 9-1: USB disconnect, device number 2
[  160.959106][ T7916] netlink: 8 bytes leftover after parsing attributes in process `syz.0.467'.
[  160.962442][ T7916] netlink: 16 bytes leftover after parsing attributes in process `syz.0.467'.
[  160.967312][ T7916] netlink: 8 bytes leftover after parsing attributes in process `syz.0.467'.
[  161.171885][   T63] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  161.321614][   T63] usb 8-1: Using ep0 maxpacket: 8
[  161.324260][   T63] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  161.326476][   T63] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  161.329373][   T63] usb 8-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  161.333384][   T63] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  161.335423][   T63] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  161.338695][   T63] usb 8-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  161.536146][   T63] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  161.538191][   T63] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  161.541193][   T63] usb 8-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  161.546700][   T63] usb 8-1: string descriptor 0 read error: -22
[  161.548424][   T63] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  161.550779][   T63] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.555795][   T63] adutux 8-1:168.0: interrupt endpoints not found
[  161.760222][   T63] usb 8-1: USB disconnect, device number 16
[  162.042332][ T7919] ALSA: mixer_oss: invalid index 40000
[  162.346953][ T7940] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  162.346953][ T7940]    program syz.3.478 not setting count and/or reply_len properly
[  162.838700][ T7947] __nla_validate_parse: 1 callbacks suppressed
[  162.838728][ T7947] netlink: 28 bytes leftover after parsing attributes in process `syz.0.479'.
[  163.166623][ T7952] netlink: 28 bytes leftover after parsing attributes in process `syz.4.480'.
[  163.176959][ T7952] syz.4.480: attempt to access beyond end of device
[  163.176959][ T7952] loop4: rw=6144, sector=128, nr_sectors = 8 limit=0
[  163.180892][ T7952] gfs2: error -5 reading superblock
[  163.291109][ T5980] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  163.348112][ T7957] netlink: 8 bytes leftover after parsing attributes in process `syz.3.483'.
[  163.350612][ T7957] netlink: 16 bytes leftover after parsing attributes in process `syz.3.483'.
[  163.353952][ T7957] netlink: 8 bytes leftover after parsing attributes in process `syz.3.483'.
[  163.375011][ T7951] overlayfs: failed to resolve './file0': -2
[  163.481788][   T29] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  163.512861][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.516026][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.518612][ T5980] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  163.522054][ T5980] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  163.524437][ T5980] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.528371][ T5980] usb 5-1: config 0 descriptor??
[  163.631651][  T835] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  163.634354][   T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.638430][   T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.642474][   T29] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  163.646925][   T29] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  163.650137][   T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.656214][   T29] usb 9-1: config 0 descriptor??
[  163.801592][  T835] usb 6-1: Using ep0 maxpacket: 8
[  163.804605][  T835] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  163.806970][  T835] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  163.810078][  T835] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  163.812876][  T835] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  163.815625][  T835] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  163.819334][  T835] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  163.822487][  T835] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.151272][ T7959] rtc_cmos 00:05: Alarms can be up to one day in the future
[  164.276597][ T7960] lo speed is unknown, defaulting to 1000
[  164.354431][ T7960] lo speed is unknown, defaulting to 1000
[  165.076893][ T7969] geneve2: entered promiscuous mode
[  165.078367][ T7969] geneve2: entered allmulticast mode
[  165.212538][ T7973] netlink: 28 bytes leftover after parsing attributes in process `syz.3.487'.
[  165.654198][ T5980] usbhid 5-1:0.0: can't add hid device: -71
[  165.657597][ T5980] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  165.667261][ T5980] usb 5-1: USB disconnect, device number 18
[  165.681813][ T7085] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  165.834312][ T7085] usb 8-1: Using ep0 maxpacket: 8
[  165.845393][   T29] usbhid 9-1:0.0: can't add hid device: -71
[  165.848264][   T29] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  165.862631][   T29] usb 9-1: USB disconnect, device number 3
[  165.870779][ T7085] usb 8-1: unable to get BOS descriptor or descriptor too short
[  165.872982][ T7085] usb 8-1: no configurations
[  165.874273][ T7085] usb 8-1: can't read configurations, error -22
[  166.403030][ T7985] netlink: 36 bytes leftover after parsing attributes in process `syz.3.490'.
[  166.571027][  T835] usb 6-1: usb_control_msg returned -71
[  166.572780][  T835] usbtmc 6-1:16.0: can't read capabilities
[  166.585041][  T835] usb 6-1: USB disconnect, device number 30
[  166.776916][ T7993] netlink: 24 bytes leftover after parsing attributes in process `syz.1.494'.
[  166.813486][ T7996] netlink: 8 bytes leftover after parsing attributes in process `syz.4.491'.
[  166.816147][ T7996] netlink: 16 bytes leftover after parsing attributes in process `syz.4.491'.
[  166.863424][ T7997] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  166.863424][ T7997]    program syz.1.495 not setting count and/or reply_len properly
[  167.398327][ T8008] hub 6-0:1.0: USB hub found
[  167.401852][ T8008] hub 6-0:1.0: 1 port detected
[  167.701655][ T5980] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  167.734714][ T8012] hub 6-0:1.0: USB hub found
[  167.736398][ T8012] hub 6-0:1.0: 1 port detected
[  167.754343][ T8017] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  167.754343][ T8017]    program syz.1.501 not setting count and/or reply_len properly
[  167.886935][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.890414][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.893174][ T5980] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  167.896763][ T5980] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  167.899353][ T5980] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.912704][ T5980] usb 5-1: config 0 descriptor??
[  168.405384][ T8025] __nla_validate_parse: 1 callbacks suppressed
[  168.405393][ T8025] netlink: 20 bytes leftover after parsing attributes in process `syz.4.504'.
[  168.513440][ T8020] geneve2: entered promiscuous mode
[  168.514917][ T8020] geneve2: entered allmulticast mode
[  168.566321][ T8028] netlink: 24 bytes leftover after parsing attributes in process `syz.1.505'.
[  168.871633][  T837] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  168.905650][ T8037] netlink: 8 bytes leftover after parsing attributes in process `syz.1.507'.
[  168.908427][ T8037] netlink: 16 bytes leftover after parsing attributes in process `syz.1.507'.
[  168.943604][ T8034] geneve2: entered promiscuous mode
[  168.945063][ T8034] geneve2: entered allmulticast mode
[  169.021671][  T837] usb 9-1: Using ep0 maxpacket: 8
[  169.026474][  T837] usb 9-1: unable to get BOS descriptor or descriptor too short
[  169.028602][  T837] usb 9-1: no configurations
[  169.030534][  T837] usb 9-1: can't read configurations, error -22
[  169.247134][ T8040] netlink: 8 bytes leftover after parsing attributes in process `syz.3.509'.
[  169.249648][ T8040] netlink: 16 bytes leftover after parsing attributes in process `syz.3.509'.
[  169.252822][ T8040] netlink: 8 bytes leftover after parsing attributes in process `syz.3.509'.
[  169.668313][ T8045] hub 6-0:1.0: USB hub found
[  169.669742][ T8045] hub 6-0:1.0: 1 port detected
[  170.252975][ T5980] usbhid 5-1:0.0: can't add hid device: -71
[  170.255663][ T5980] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  170.275876][ T5980] usb 5-1: USB disconnect, device number 19
[  170.388262][ T8060] netlink: 24 bytes leftover after parsing attributes in process `syz.0.516'.
[  170.419271][ T8061] 9pnet_virtio: no channels available for device syz
[  170.429726][ T8063] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1946
[  170.436961][ T8063] FAULT_INJECTION: forcing a failure.
[  170.436961][ T8063] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.443331][ T8063] CPU: 3 UID: 0 PID: 8063 Comm: syz.0.517 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  170.443351][ T8063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.443360][ T8063] Call Trace:
[  170.443365][ T8063]  <TASK>
[  170.443371][ T8063]  dump_stack_lvl+0x16c/0x1f0
[  170.443395][ T8063]  should_fail_ex+0x512/0x640
[  170.443415][ T8063]  _copy_from_user+0x2e/0xd0
[  170.443433][ T8063]  input_event_from_user+0x22b/0x3b0
[  170.443448][ T8063]  ? __pfx_input_event_from_user+0x10/0x10
[  170.443464][ T8063]  ? input_inject_event+0x1a5/0x390
[  170.443488][ T8063]  evdev_write+0x37b/0x750
[  170.443512][ T8063]  ? __pfx_evdev_write+0x10/0x10
[  170.443533][ T8063]  ? bpf_lsm_file_permission+0x9/0x10
[  170.443551][ T8063]  ? security_file_permission+0x71/0x210
[  170.443570][ T8063]  ? rw_verify_area+0xcf/0x680
[  170.443589][ T8063]  vfs_write+0x25c/0x1180
[  170.443606][ T8063]  ? __pfx_evdev_write+0x10/0x10
[  170.443630][ T8063]  ? __pfx_vfs_write+0x10/0x10
[  170.443647][ T8063]  ? find_held_lock+0x2b/0x80
[  170.443665][ T8063]  ? __fget_files+0x204/0x3c0
[  170.443688][ T8063]  ? __fget_files+0x20e/0x3c0
[  170.443712][ T8063]  ksys_write+0x205/0x240
[  170.443730][ T8063]  ? __pfx_ksys_write+0x10/0x10
[  170.443750][ T8063]  ? rcu_is_watching+0x12/0xc0
[  170.443771][ T8063]  __do_fast_syscall_32+0x73/0x120
[  170.443793][ T8063]  do_fast_syscall_32+0x32/0x80
[  170.443812][ T8063]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  170.443829][ T8063] RIP: 0023:0xf741e579
[  170.443840][ T8063] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  170.443853][ T8063] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  170.443868][ T8063] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  170.443876][ T8063] RDX: 00000000000012d8 RSI: 0000000000000000 RDI: 0000000000000000
[  170.443885][ T8063] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  170.443893][ T8063] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  170.443901][ T8063] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  170.443920][ T8063]  </TASK>
[  170.509449][    C3] vkms_vblank_simulate: vblank timer overrun
[  171.233807][ T8082] netlink: 8 bytes leftover after parsing attributes in process `syz.1.522'.
[  171.236213][ T8082] netlink: 16 bytes leftover after parsing attributes in process `syz.1.522'.
[  171.560795][ T8092] syz.4.523: attempt to access beyond end of device
[  171.560795][ T8092] loop4: rw=6144, sector=128, nr_sectors = 8 limit=0
[  171.564467][ T8092] gfs2: error -5 reading superblock
[  171.584860][ T6015] IPVS: starting estimator thread 0...
[  171.672088][ T8099] IPVS: using max 46 ests per chain, 110400 per kthread
[  171.821658][   T29] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  171.863521][    C2] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  172.110737][   T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.113998][   T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.116702][   T29] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  172.121129][   T29] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  172.128250][   T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.161682][ T5980] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  172.166992][   T29] usb 9-1: config 0 descriptor??
[  172.393949][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.397060][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.399724][ T5980] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  172.403673][ T5980] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  172.406182][ T5980] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.410366][ T5980] usb 5-1: config 0 descriptor??
[  172.719883][ T8117] geneve2: entered promiscuous mode
[  172.722126][ T8117] geneve2: entered allmulticast mode
[  173.243840][   T10] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  173.789217][ T8129] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  174.035723][   T29] usbhid 9-1:0.0: can't add hid device: -71
[  174.037618][   T29] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  174.050253][   T29] usb 9-1: USB disconnect, device number 6
[  174.205811][ T8142] hub 6-0:1.0: USB hub found
[  174.207396][ T8142] hub 6-0:1.0: 1 port detected
[  174.342340][ T8144] __nla_validate_parse: 3 callbacks suppressed
[  174.342357][ T8144] netlink: 36 bytes leftover after parsing attributes in process `syz.1.543'.
[  174.832240][ T8147] netlink: 20 bytes leftover after parsing attributes in process `syz.4.544'.
[  174.852524][ T5980] usbhid 5-1:0.0: can't add hid device: -71
[  174.854352][ T5980] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  174.862325][ T5980] usb 5-1: USB disconnect, device number 20
[  174.933792][ T8150] netlink: 'syz.0.545': attribute type 23 has an invalid length.
[  175.164172][ T8162] ALSA: mixer_oss: invalid index 40000
[  175.342333][ T8165] block device autoloading is deprecated and will be removed.
[  175.345636][ T8165] syz.1.551: attempt to access beyond end of device
[  175.345636][ T8165] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  175.381595][ T7085] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  175.426463][ T8168] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  175.426463][ T8168]    program syz.1.552 not setting count and/or reply_len properly
[  175.531580][ T7085] usb 9-1: Using ep0 maxpacket: 8
[  175.538083][ T7085] usb 9-1: unable to get BOS descriptor or descriptor too short
[  175.540931][ T7085] usb 9-1: no configurations
[  175.542369][ T7085] usb 9-1: can't read configurations, error -22
[  175.546701][ T8171] netlink: 28 bytes leftover after parsing attributes in process `syz.3.550'.
[  175.549641][ T8171] syz.3.550: attempt to access beyond end of device
[  175.549641][ T8171] loop3: rw=6144, sector=128, nr_sectors = 8 limit=0
[  175.553222][ T8171] gfs2: error -5 reading superblock
[  175.801582][ T5980] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  176.015640][ T5980] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.018733][ T5980] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.021452][ T5980] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  176.025197][ T5980] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  176.031878][ T5980] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.046124][ T5980] usb 8-1: config 0 descriptor??
[  176.307825][ T8181] netlink: 'syz.1.556': attribute type 23 has an invalid length.
[  176.361814][   T29] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  176.466507][ T8190] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  176.466507][ T8190]    program syz.1.559 not setting count and/or reply_len properly
[  176.564039][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.567626][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.571621][   T29] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  176.576281][   T29] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  176.579034][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.583011][   T29] usb 5-1: config 0 descriptor??
[  177.147885][ T8194] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  177.147885][ T8194]    program syz.4.560 not setting count and/or reply_len properly
[  177.484851][ T8198] geneve2: entered promiscuous mode
[  177.486413][ T8198] geneve2: entered allmulticast mode
[  177.675920][ T8205] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  177.675920][ T8205]    program syz.1.564 not setting count and/or reply_len properly
[  178.023389][ T8209] netlink: 'syz.4.565': attribute type 23 has an invalid length.
[  178.181879][ T5980] usbhid 8-1:0.0: can't add hid device: -71
[  178.186257][ T5980] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  178.193051][ T5980] usb 8-1: USB disconnect, device number 19
[  178.268608][ T8213] netlink: 8 bytes leftover after parsing attributes in process `syz.4.566'.
[  178.271132][ T8213] netlink: 16 bytes leftover after parsing attributes in process `syz.4.566'.
[  178.539311][ T8221] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  178.539311][ T8221]    program syz.1.569 not setting count and/or reply_len properly
[  178.909514][   T29] usbhid 5-1:0.0: can't add hid device: -71
[  178.911602][   T29] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  178.932382][   T29] usb 5-1: USB disconnect, device number 21
[  179.154111][ T8231] netlink: 24 bytes leftover after parsing attributes in process `syz.4.572'.
[  179.232778][ T8229] geneve2: entered promiscuous mode
[  179.234397][ T8229] geneve2: entered allmulticast mode
[  179.307915][   T40] audit: type=1326 audit(1744173715.925:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8232 comm="syz.4.573" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x0
[  179.417664][ T8242] netlink: 'syz.3.574': attribute type 23 has an invalid length.
[  179.506792][ T8245] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  179.506792][ T8245]    program syz.0.577 not setting count and/or reply_len properly
[  179.716746][ T8251] netlink: 28 bytes leftover after parsing attributes in process `syz.1.575'.
[  179.720782][ T8251] syz.1.575: attempt to access beyond end of device
[  179.720782][ T8251] loop1: rw=6144, sector=128, nr_sectors = 8 limit=0
[  179.724693][ T8251] gfs2: error -5 reading superblock
[  179.805715][ T8252] syz.3.578: attempt to access beyond end of device
[  179.805715][ T8252] loop3: rw=6144, sector=128, nr_sectors = 8 limit=0
[  179.811065][ T8252] gfs2: error -5 reading superblock
[  179.971703][   T29] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  180.081658][ T6008] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  180.132864][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  180.135847][   T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.138526][   T29] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  180.142385][   T29] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  180.144900][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.148131][   T29] usb 6-1: config 0 descriptor??
[  180.282112][ T6015] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  180.303401][ T6008] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  180.306542][ T6008] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.309219][ T6008] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  180.313141][ T6008] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  180.315671][ T6008] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.319524][ T6008] usb 8-1: config 0 descriptor??
[  180.427866][ T8260] netlink: 8 bytes leftover after parsing attributes in process `syz.4.580'.
[  180.430297][ T8260] netlink: 16 bytes leftover after parsing attributes in process `syz.4.580'.
[  180.561600][ T5323] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  180.713037][ T5323] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  180.720771][ T5323] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  180.729887][ T5323] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  180.737944][ T5323] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  180.748295][ T5323] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  180.759602][ T5323] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  180.767891][ T5323] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  180.775294][ T5323] usb 5-1: Product: syz
[  180.779286][ T5323] usb 5-1: Manufacturer: syz
[  180.790209][ T5323] cdc_wdm 5-1:1.0: skipping garbage
[  180.796195][ T5323] cdc_wdm 5-1:1.0: skipping garbage
[  180.806653][ T5323] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  180.812413][ T5323] cdc_wdm 5-1:1.0: Unknown control protocol
[  181.154868][ T8262] netlink: 24 bytes leftover after parsing attributes in process `syz.4.582'.
[  181.268187][ T8265] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  181.268187][ T8265]    program syz.4.583 not setting count and/or reply_len properly
[  182.392576][   T29] usbhid 6-1:0.0: can't add hid device: -71
[  182.408171][   T29] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  182.477647][   T29] usb 6-1: USB disconnect, device number 31
[  182.585828][ T8274] netlink: 'syz.1.586': attribute type 23 has an invalid length.
[  182.603846][ T6008] usbhid 8-1:0.0: can't add hid device: -71
[  182.609095][ T6008] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  182.616947][ T6008] usb 8-1: USB disconnect, device number 20
[  182.744280][ T8279] Bluetooth: MGMT ver 1.23
[  182.831358][ T8282] ALSA: mixer_oss: invalid index 40000
[  182.854760][ T8283] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  182.854760][ T8283]    program syz.3.589 not setting count and/or reply_len properly
[  183.091942][   T10] usb 5-1: USB disconnect, device number 22
[  183.551707][ T8296] netlink: 8 bytes leftover after parsing attributes in process `syz.0.591'.
[  183.554165][ T8296] netlink: 16 bytes leftover after parsing attributes in process `syz.0.591'.
[  183.594727][ T8297] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  183.594727][ T8297]    program syz.1.592 not setting count and/or reply_len properly
[  183.681617][  T835] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  183.831620][  T835] usb 9-1: Using ep0 maxpacket: 8
[  183.843926][  T835] usb 9-1: unable to get BOS descriptor or descriptor too short
[  183.845960][  T835] usb 9-1: no configurations
[  183.851596][  T835] usb 9-1: can't read configurations, error -22
[  183.869536][ T8302] netlink: 28 bytes leftover after parsing attributes in process `syz.3.593'.
[  183.873342][ T8302] syz.3.593: attempt to access beyond end of device
[  183.873342][ T8302] loop3: rw=6144, sector=128, nr_sectors = 8 limit=0
[  183.877171][ T8302] gfs2: error -5 reading superblock
[  184.121919][ T6008] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  184.293150][ T6008] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  184.297980][ T6008] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  184.301186][ T6008] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  184.304890][ T6008] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  184.307448][ T6008] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.311216][ T6008] usb 8-1: config 0 descriptor??
[  184.361995][ T8306] netlink: 'syz.0.595': attribute type 23 has an invalid length.
[  184.743412][ T8320] ALSA: mixer_oss: invalid index 40000
[  185.454408][ T8328] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  185.454408][ T8328]    program syz.4.601 not setting count and/or reply_len properly
[  185.588611][ T8332] hub 6-0:1.0: USB hub found
[  185.590452][ T8332] hub 6-0:1.0: 1 port detected
[  186.328672][ T8340] netlink: 'syz.4.606': attribute type 23 has an invalid length.
[  186.350533][ T8342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.602'.
[  186.353064][ T8342] netlink: 16 bytes leftover after parsing attributes in process `syz.0.602'.
[  186.424382][ T8345] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  186.424382][ T8345]    program syz.4.607 not setting count and/or reply_len properly
[  186.628226][ T8350] netlink: 'syz.0.609': attribute type 2 has an invalid length.
[  186.630491][ T8350] netlink: 'syz.0.609': attribute type 8 has an invalid length.
[  186.632838][ T8350] netlink: 132 bytes leftover after parsing attributes in process `syz.0.609'.
[  186.637052][ T8350] netlink: 36 bytes leftover after parsing attributes in process `syz.0.609'.
[  186.666670][ T6008] usbhid 8-1:0.0: can't add hid device: -71
[  186.670169][ T6008] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  186.676103][ T6008] usb 8-1: USB disconnect, device number 21
[  186.811634][  T835] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  186.981611][  T835] usb 6-1: Using ep0 maxpacket: 8
[  186.985904][  T835] usb 6-1: unable to get BOS descriptor or descriptor too short
[  186.988070][  T835] usb 6-1: no configurations
[  186.989380][  T835] usb 6-1: can't read configurations, error -22
[  187.238523][ T8357] ALSA: mixer_oss: invalid index 40000
[  187.283255][ T8360] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  187.283255][ T8360]    program syz.4.612 not setting count and/or reply_len properly
[  187.710207][ T8365] overlayfs: failed to resolve './file0': -2
[  188.021637][  T835] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  188.173690][  T835] usb 6-1: Using ep0 maxpacket: 8
[  188.181966][  T835] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  188.184239][  T835] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  188.186886][  T835] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  188.189534][  T835] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  188.193032][  T835] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  188.196569][  T835] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  188.199090][  T835] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.405783][  T835] usb 6-1: usb_control_msg returned -71
[  188.408146][  T835] usbtmc 6-1:16.0: can't read capabilities
[  188.415425][  T835] usb 6-1: USB disconnect, device number 33
[  188.591388][ T8380] netlink: 8 bytes leftover after parsing attributes in process `syz.3.616'.
[  188.593901][ T8380] netlink: 16 bytes leftover after parsing attributes in process `syz.3.616'.
[  188.602759][   T63] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  188.613843][  T163] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  189.084366][ T8389] netlink: 28 bytes leftover after parsing attributes in process `syz.0.618'.
[  189.178330][ T8392] netlink: 28 bytes leftover after parsing attributes in process `syz.4.619'.
[  189.186161][ T8392] syz.4.619: attempt to access beyond end of device
[  189.186161][ T8392] loop4: rw=6144, sector=128, nr_sectors = 8 limit=0
[  189.189781][ T8392] gfs2: error -5 reading superblock
[  189.204880][ T8391] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  189.204880][ T8391]    program syz.1.620 not setting count and/or reply_len properly
[  189.322194][   T29] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  189.441665][ T6008] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  189.473438][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.476442][   T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.479078][   T29] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  189.482653][   T29] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  189.485028][   T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.497278][   T29] usb 5-1: config 0 descriptor??
[  189.593160][ T6008] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.596213][ T6008] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.598786][ T6008] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  189.602205][ T6008] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  189.604636][ T6008] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.608312][ T6008] usb 9-1: config 0 descriptor??
[  189.751657][ T6015] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  189.911631][ T6015] usb 8-1: Using ep0 maxpacket: 8
[  189.915404][ T6015] usb 8-1: unable to get BOS descriptor or descriptor too short
[  189.917558][ T6015] usb 8-1: no configurations
[  189.918865][ T6015] usb 8-1: can't read configurations, error -22
[  190.218584][ T8403] ALSA: mixer_oss: invalid index 40000
[  190.508703][ T8408] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  190.508703][ T8408]    program syz.3.625 not setting count and/or reply_len properly
[  191.639593][ T8415] overlayfs: failed to resolve './file0': -2
[  191.790937][ T8418] netlink: 24 bytes leftover after parsing attributes in process `syz.1.629'.
[  191.814546][   T29] usbhid 5-1:0.0: can't add hid device: -71
[  191.816366][   T29] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  191.831043][   T29] usb 5-1: USB disconnect, device number 23
[  191.891629][ T5323] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  191.929447][ T6008] usbhid 9-1:0.0: can't add hid device: -71
[  191.941322][ T8423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'.
[  191.943865][ T8423] netlink: 16 bytes leftover after parsing attributes in process `syz.0.631'.
[  191.946772][ T8423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'.
[  191.949466][ T6008] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  191.952825][ T6008] usb 9-1: USB disconnect, device number 11
[  192.021572][ T8427] netlink: 'syz.4.633': attribute type 2 has an invalid length.
[  192.023915][ T8427] netlink: 'syz.4.633': attribute type 8 has an invalid length.
[  192.026054][ T8427] netlink: 132 bytes leftover after parsing attributes in process `syz.4.633'.
[  192.030660][ T8427] netlink: 36 bytes leftover after parsing attributes in process `syz.4.633'.
[  192.041670][ T5323] usb 8-1: Using ep0 maxpacket: 8
[  192.044446][ T5323] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  192.046766][ T5323] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  192.049442][ T5323] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  192.052470][ T5323] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  192.055277][ T5323] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  192.058952][ T5323] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  192.061483][ T5323] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.091631][  T835] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  192.243145][  T835] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  192.245618][  T835] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  192.248507][  T835] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  192.250993][  T835] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  192.254129][  T835] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  192.258334][  T835] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  192.260918][  T835] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  192.263202][  T835] usb 6-1: Product: syz
[  192.264395][  T835] usb 6-1: Manufacturer: syz
[  192.268787][ T5323] usb 8-1: usb_control_msg returned -71
[  192.269591][  T835] cdc_wdm 6-1:1.0: skipping garbage
[  192.270491][ T5323] usbtmc 8-1:16.0: can't read capabilities
[  192.272280][  T835] cdc_wdm 6-1:1.0: skipping garbage
[  192.277389][  T835] cdc_wdm 6-1:1.0: cdc-wdm1: USB WDM device
[  192.278651][ T5323] usb 8-1: USB disconnect, device number 24
[  192.279091][  T835] cdc_wdm 6-1:1.0: Unknown control protocol
[  192.973201][ T8430] ALSA: mixer_oss: invalid index 40000
[  193.204873][ T8442] usb 6-1: USB disconnect, device number 34
[  193.227323][ T8440] hub 6-0:1.0: USB hub found
[  193.228783][ T8440] hub 6-0:1.0: 1 port detected
[  193.260893][ T8437] netlink: 28 bytes leftover after parsing attributes in process `syz.3.637'.
[  193.264100][ T8437] syz.3.637: attempt to access beyond end of device
[  193.264100][ T8437] loop3: rw=6144, sector=128, nr_sectors = 8 limit=0
[  193.267643][ T8437] gfs2: error -5 reading superblock
[  193.281938][ T8444] 9pnet_fd: Insufficient options for proto=fd
[  193.288575][ T8444] netlink: 'syz.0.639': attribute type 23 has an invalid length.
[  193.361614][   T10] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  193.501594][ T6008] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  193.615785][ T8452] netlink: 8 bytes leftover after parsing attributes in process `syz.0.642'.
[  193.619105][ T8452] netlink: 16 bytes leftover after parsing attributes in process `syz.0.642'.
[  193.673223][ T6008] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.676239][ T6008] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.678869][ T6008] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  193.683009][ T6008] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  193.685642][ T6008] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.691506][ T6008] usb 8-1: config 0 descriptor??
[  193.725282][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  193.727014][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  193.898483][ T6008] usbhid 8-1:0.0: can't add hid device: -71
[  193.900333][ T6008] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  193.905064][ T6008] usb 8-1: USB disconnect, device number 25
[  194.362005][   T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  195.354243][  T835] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  195.371128][ T8471] geneve2: entered promiscuous mode
[  195.373146][ T8471] geneve2: entered allmulticast mode
[  195.504709][  T835] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.507927][  T835] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.510697][  T835] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  195.514883][  T835] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  195.517650][  T835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.522350][  T835] usb 5-1: config 0 descriptor??
[  195.557833][ T8476] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  195.557833][ T8476]    program syz.1.648 not setting count and/or reply_len properly
[  196.271774][   T63] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  196.421768][   T63] usb 9-1: Using ep0 maxpacket: 8
[  196.427705][   T63] usb 9-1: unable to get BOS descriptor or descriptor too short
[  196.430572][   T63] usb 9-1: no configurations
[  196.433273][   T63] usb 9-1: can't read configurations, error -22
[  196.434529][ T8487] sg_write: data in/out 512/10 bytes for SCSI command 0xb7-- guessing data in;
[  196.434529][ T8487]    program syz.1.651 not setting count and/or reply_len properly
[  196.508811][ T8489] futex_wake_op: syz.3.652 tries to shift op by 36; fix this program
[  197.080741][ T8496] FAULT_INJECTION: forcing a failure.
[  197.080741][ T8496] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.084839][ T8496] CPU: 1 UID: 0 PID: 8496 Comm: syz.4.653 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  197.084853][ T8496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  197.084860][ T8496] Call Trace:
[  197.084864][ T8496]  <TASK>
[  197.084868][ T8496]  dump_stack_lvl+0x16c/0x1f0
[  197.084887][ T8496]  should_fail_ex+0x512/0x640
[  197.084901][ T8496]  _copy_from_user+0x2e/0xd0
[  197.084915][ T8496]  get_compat_msghdr+0xa7/0x170
[  197.084928][ T8496]  ? __pfx_get_compat_msghdr+0x10/0x10
[  197.084941][ T8496]  ? __lock_acquire+0x5ca/0x1ba0
[  197.084953][ T8496]  ___sys_recvmsg+0x191/0x1a0
[  197.084966][ T8496]  ? __pfx____sys_recvmsg+0x10/0x10
[  197.084985][ T8496]  ? get_pid_task+0x40/0x250
[  197.084996][ T8496]  ? __pfx___might_resched+0x10/0x10
[  197.085014][ T8496]  do_recvmmsg+0x568/0x740
[  197.085028][ T8496]  ? __pfx_do_recvmmsg+0x10/0x10
[  197.085049][ T8496]  ? __fget_files+0x20e/0x3c0
[  197.085066][ T8496]  __sys_recvmmsg+0x21c/0x280
[  197.085079][ T8496]  ? __pfx___sys_recvmmsg+0x10/0x10
[  197.085092][ T8496]  ? __pfx_ksys_write+0x10/0x10
[  197.085108][ T8496]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  197.085121][ T8496]  ? lockdep_hardirqs_on+0x7c/0x110
[  197.085134][ T8496]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  197.085149][ T8496]  __do_fast_syscall_32+0x73/0x120
[  197.085164][ T8496]  do_fast_syscall_32+0x32/0x80
[  197.085181][ T8496]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  197.085194][ T8496] RIP: 0023:0xf73ee579
[  197.085202][ T8496] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  197.085212][ T8496] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  197.085221][ T8496] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080002440
[  197.085227][ T8496] RDX: 00000000ffffff67 RSI: 0000000000000000 RDI: 0000000000000000
[  197.085233][ T8496] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  197.085241][ T8496] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  197.085250][ T8496] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  197.085270][ T8496]  </TASK>
[  197.429521][  T835] usbhid 5-1:0.0: can't add hid device: -71
[  197.431323][  T835] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  197.444458][  T835] usb 5-1: USB disconnect, device number 24
[  198.211746][   T63] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  198.868221][   T40] audit: type=1326 audit(1744173964.486:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.0.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  198.874667][   T40] audit: type=1326 audit(1744173964.496:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.0.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  198.884358][   T40] audit: type=1326 audit(1744173964.496:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.0.667" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf741e579 code=0x7ffc0000
[  198.890370][   T40] audit: type=1326 audit(1744173964.496:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.0.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  198.896504][   T40] audit: type=1326 audit(1744173964.496:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.0.667" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf741e579 code=0x7ffc0000
[  198.902721][   T40] audit: type=1326 audit(1744173964.506:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.0.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  198.908666][   T40] audit: type=1326 audit(1744173964.506:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.0.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  198.914580][   T40] audit: type=1326 audit(1744173964.506:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.0.667" exe="/syz-executor" sig=0 arch=40000003 syscall=146 compat=1 ip=0xf741e579 code=0x7ffc0000
[  198.920577][   T40] audit: type=1326 audit(1744173964.506:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.0.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  198.926514][   T40] audit: type=1326 audit(1744173964.506:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.0.667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  199.484385][ T8557] lo speed is unknown, defaulting to 1000
[  199.589441][ T8557] lo speed is unknown, defaulting to 1000
[  199.653992][ T8563] KVM: debugfs: duplicate directory 8563-5
[  199.921613][ T8572] kernel profiling enabled (shift: 7)
[  200.121870][ T1138] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  200.127883][ T8576] netlink: 'syz.1.677': attribute type 27 has an invalid length.
[  200.207610][ T8576] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.210950][ T8576] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.315719][ T8576] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  200.321300][ T8576] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  200.411808][ T8576] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.414737][ T8576] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.418137][ T8576] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.421062][ T8576] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  200.443123][ T8576] gretap1: left promiscuous mode
[  200.444669][ T8576] gretap1: left allmulticast mode
[  200.448611][ T5323] lo speed is unknown, defaulting to 1000
[  200.451025][ T5980] syz1: Port: 1 Link DOWN
[  200.453962][ T5323] syz2: Port: 1 Link DOWN
[  201.950722][   T63] IPVS: starting estimator thread 0...
[  202.061688][ T8602] IPVS: using max 46 ests per chain, 110400 per kthread
[  202.495843][ T8615] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.686'.
[  202.498126][ T8615] netlink: zone id is out of range
[  202.499389][ T8615] netlink: zone id is out of range
[  202.500680][ T8615] netlink: zone id is out of range
[  202.502318][ T8615] netlink: get zone limit has 8 unknown bytes
[  202.541564][ T8617] bridge0: port 3(syz_tun) entered disabled state
[  202.549200][ T8617] syz_tun (unregistering): left allmulticast mode
[  202.551111][ T8617] syz_tun (unregistering): left promiscuous mode
[  202.553238][ T8617] bridge0: port 3(syz_tun) entered disabled state
[  202.862937][ T8625] netlink: 64 bytes leftover after parsing attributes in process `syz.3.690'.
[  202.865568][ T8625] netlink: 60 bytes leftover after parsing attributes in process `syz.3.690'.
[  202.868055][ T8625] unsupported nlmsg_type 40
[  202.872465][ T8625] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  202.875848][ T8625] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.879419][ T8625] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.931291][ T5948] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  203.505350][ T8646] netlink: 8 bytes leftover after parsing attributes in process `syz.0.697'.
[  203.572257][ T8645] netlink: 4 bytes leftover after parsing attributes in process `syz.4.698'.
[  204.140841][ T8663] netlink: 96 bytes leftover after parsing attributes in process `syz.3.702'.
[  204.653143][ T6006] usb 8-1: new full-speed USB device number 26 using dummy_hcd
[  204.656022][ T8673] geneve1: entered promiscuous mode
[  204.827806][ T6006] usb 8-1: config 6 has an invalid interface number: 218 but max is 0
[  204.856253][ T6006] usb 8-1: config 6 has no interface number 0
[  204.865353][ T6006] usb 8-1: config 6 interface 218 altsetting 5 endpoint 0x9 has invalid maxpacket 1024, setting to 64
[  204.869719][ T6006] usb 8-1: config 6 interface 218 altsetting 5 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[  204.894969][ T6006] usb 8-1: config 6 interface 218 has no altsetting 0
[  204.960060][ T6006] usb 8-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice= 8.8f
[  204.963461][ T6006] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.971677][ T6006] usb 8-1: Product: syz
[  204.973856][ T6006] usb 8-1: Manufacturer: syz
[  204.981809][ T6006] usb 8-1: SerialNumber: syz
[  205.451121][ T6006] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  205.543460][ T6006] usb 8-1: USB disconnect, device number 26
[  205.752299][ T7406] udevd[7406]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:6.218/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  205.768089][ T8684] fuse: Bad value for 'fd'
[  206.432348][ T8697] policy can only be matched on NF_INET_PRE_ROUTING
[  206.432455][ T8697] unable to load match
[  207.669953][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  207.670113][   T40] audit: type=1326 audit(1744173973.286:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.3.724" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  207.680058][   T40] audit: type=1326 audit(1744173973.286:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.3.724" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  207.709382][   T40] audit: type=1326 audit(1744173973.296:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.3.724" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  207.721679][   T40] audit: type=1326 audit(1744173973.296:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.3.724" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  207.728572][   T40] audit: type=1326 audit(1744173973.296:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.3.724" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  207.751672][   T40] audit: type=1326 audit(1744173973.296:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.3.724" exe="/syz-executor" sig=0 arch=40000003 syscall=38 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  207.757726][   T40] audit: type=1326 audit(1744173973.296:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.3.724" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  207.766111][   T40] audit: type=1326 audit(1744173973.296:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8732 comm="syz.3.724" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x7ffc0000
[  208.371246][ T8757] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  208.510056][ T5948] Bluetooth: hci0: unexpected event for opcode 0x2003
[  208.863335][ T8765] netlink: 12 bytes leftover after parsing attributes in process `syz.1.734'.
[  208.875320][ T8765] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  208.878722][ T8765] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  208.882372][ T8765] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  208.885502][ T8765] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  208.897635][ T8765] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  208.900923][ T8765] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  208.904285][ T8765] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  208.906701][ T8765] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  210.170433][ T8812] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  210.362397][ T8821] netlink: 20 bytes leftover after parsing attributes in process `syz.0.753'.
[  211.570294][ T8838] tipc: Started in network mode
[  211.571831][ T8838] tipc: Node identity ac14140f, cluster identity 4711
[  211.573909][ T8838] tipc: New replicast peer: 255.255.255.255
[  211.575827][ T8838] tipc: Enabled bearer <udp:syz2>, priority 10
[  212.551690][ T6015] usb 8-1: new full-speed USB device number 27 using dummy_hcd
[  212.703320][   T64] tipc: Node number set to 2886997007
[  212.726857][ T6015] usb 8-1: config 6 has an invalid interface number: 218 but max is 0
[  212.729134][ T6015] usb 8-1: config 6 has no interface number 0
[  212.730853][ T6015] usb 8-1: config 6 interface 218 altsetting 5 endpoint 0x9 has invalid maxpacket 1024, setting to 64
[  212.738150][ T6015] usb 8-1: config 6 interface 218 altsetting 5 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[  212.741472][ T6015] usb 8-1: config 6 interface 218 has no altsetting 0
[  212.745483][ T6015] usb 8-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice= 8.8f
[  212.748042][ T6015] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.750270][ T6015] usb 8-1: Product: syz
[  212.751477][ T6015] usb 8-1: Manufacturer: syz
[  212.754430][ T6015] usb 8-1: SerialNumber: syz
[  213.289854][ T6015] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  213.340477][ T6015] usb 8-1: USB disconnect, device number 27
[  213.534735][ T7406] udevd[7406]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:6.218/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  213.756315][ T8866] mmap: syz.4.767 (8866) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  214.042141][ T5980] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  214.191664][ T5980] usb 9-1: Using ep0 maxpacket: 8
[  214.194496][ T5980] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  214.196776][ T5980] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  214.199533][ T5980] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  214.202284][ T5980] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  214.205051][ T5980] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  214.208555][ T5980] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  214.211096][ T5980] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.420470][ T5980] usb 9-1: GET_CAPABILITIES returned 0
[  214.425570][ T5980] usbtmc 9-1:16.0: can't read capabilities
[  214.635001][ T6006] usb 9-1: USB disconnect, device number 14
[  215.062738][ T8889] netlink: 168 bytes leftover after parsing attributes in process `syz.3.775'.
[  215.065747][ T8889] netlink: 168 bytes leftover after parsing attributes in process `syz.3.775'.
[  215.069349][ T8888] overlayfs: failed to resolve './file1': -2
[  216.508532][ T8914] netlink: 4 bytes leftover after parsing attributes in process `syz.1.780'.
[  217.841178][ T8951] lo: entered promiscuous mode
[  217.853773][ T8951] tunl0: entered promiscuous mode
[  217.856376][ T8951] gre0: entered promiscuous mode
[  217.861995][ T8951] gretap0: entered promiscuous mode
[  217.866559][ T8953] usb usb9: usbfs: process 8953 (syz.4.797) did not claim interface 0 before use
[  217.866709][ T8951] erspan0: entered promiscuous mode
[  217.878243][ T8951] ip_vti0: entered promiscuous mode
[  217.882597][ T8951] ip6_vti0: entered promiscuous mode
[  217.888676][ T8951] sit0: entered promiscuous mode
[  217.894214][ T8951] ip6tnl0: entered promiscuous mode
[  217.898491][ T8951] ip6gre0: entered promiscuous mode
[  217.913371][ T8951] syz_tun: entered promiscuous mode
[  217.925773][ T8951] ip6gretap0: entered promiscuous mode
[  217.932243][ T8951] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.934747][ T8951] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.937192][ T8951] bridge0: entered promiscuous mode
[  217.940200][ T8951] vcan0: entered promiscuous mode
[  217.943918][ T8951] bond0: entered promiscuous mode
[  217.945423][ T8951] bond_slave_0: entered promiscuous mode
[  217.947124][ T8951] bond_slave_1: entered promiscuous mode
[  217.951362][ T8951] team0: entered promiscuous mode
[  217.952963][ T8951] team_slave_0: entered promiscuous mode
[  217.954826][ T8951] team_slave_1: entered promiscuous mode
[  217.958108][ T8951] dummy0: entered promiscuous mode
[  217.969692][ T8951] nlmon0: entered promiscuous mode
[  217.973875][ T8951] caif0: entered promiscuous mode
[  217.976002][ T8951] batadv0: entered promiscuous mode
[  217.979085][ T8951] vxcan0: entered promiscuous mode
[  217.981044][ T8951] vxcan1: entered promiscuous mode
[  217.984390][ T8951] veth0: entered promiscuous mode
[  217.988740][ T8951] veth1: entered promiscuous mode
[  217.993191][ T8951] wg0: entered promiscuous mode
[  217.996366][ T8951] wg1: entered promiscuous mode
[  218.000036][ T8951] wg2: entered promiscuous mode
[  218.005036][ T8951] veth0_to_bridge: entered promiscuous mode
[  218.010135][ T8951] veth1_to_bridge: entered promiscuous mode
[  218.015410][ T8951] veth0_to_bond: entered promiscuous mode
[  218.019297][ T8951] veth1_to_bond: entered promiscuous mode
[  218.023190][ T8951] veth0_to_team: entered promiscuous mode
[  218.028112][ T8951] veth1_to_team: entered promiscuous mode
[  218.032813][ T8951] veth0_to_batadv: entered promiscuous mode
[  218.035883][ T8951] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  218.038510][ T8951] batadv_slave_0: entered promiscuous mode
[  218.042288][ T8951] veth1_to_batadv: entered promiscuous mode
[  218.045213][ T8951] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.048054][ T8951] batadv_slave_1: entered promiscuous mode
[  218.051063][ T8951] xfrm0: entered promiscuous mode
[  218.054322][ T8951] veth0_to_hsr: entered promiscuous mode
[  218.058544][ T8951] veth1_to_hsr: entered promiscuous mode
[  218.063143][ T8951] hsr0: entered promiscuous mode
[  218.066309][ T8951] veth1_virt_wifi: entered promiscuous mode
[  218.069681][ T8951] veth0_virt_wifi: entered promiscuous mode
[  218.072967][ T8951] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  218.081948][ T8951] vlan0: entered promiscuous mode
[  218.083536][ T8951] vlan1: entered promiscuous mode
[  218.086246][ T8951] macvlan0: entered promiscuous mode
[  218.093364][ T8951] macvlan1: entered promiscuous mode
[  218.097002][ T8951] ipvlan0: entered promiscuous mode
[  218.099141][ T8951] ipvlan1: entered promiscuous mode
[  218.107424][ T8951] macvtap0: entered promiscuous mode
[  218.110194][ T8951] macsec0: entered promiscuous mode
[  218.122627][ T8951] geneve0: entered promiscuous mode
[  218.126419][ T8951] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.128945][ T8951] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.131465][ T8951] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.134363][ T8951] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.137248][ T8951] geneve1: entered promiscuous mode
[  218.140559][ T8951] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  218.148177][ T8951] netdevsim netdevsim0 netdevsim1: entered promiscuous mode
[  218.156403][ T8951] netdevsim netdevsim0 netdevsim2: entered promiscuous mode
[  218.161372][ T8951] netdevsim netdevsim0 netdevsim3: entered promiscuous mode
[  218.166323][ T8951] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode
[  218.169038][ T8951] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode
[  218.173390][ T8951] gretap1: left allmulticast mode
[  218.176127][ T8951] bridge1: entered promiscuous mode
[  218.178031][ T8951] bond0.0004: entered promiscuous mode
[  218.391686][ T6008] usb 9-1: new full-speed USB device number 15 using dummy_hcd
[  218.543248][ T6008] usb 9-1: config 0 has an invalid interface number: 6 but max is 0
[  218.545701][ T6008] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  218.548727][ T6008] usb 9-1: config 0 has no interface number 0
[  218.552654][ T6008] usb 9-1: New USB device found, idVendor=10cf, idProduct=8061, bcdDevice=b7.12
[  218.555294][ T6008] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.557703][ T6008] usb 9-1: Product: syz
[  218.558902][ T6008] usb 9-1: Manufacturer: syz
[  218.560323][ T6008] usb 9-1: SerialNumber: syz
[  218.565954][ T6008] usb 9-1: config 0 descriptor??
[  218.575833][ T6008] vmk80xx 9-1:0.6: driver 'vmk80xx' failed to auto-configure device.
[  218.770579][  T835] usb 9-1: USB disconnect, device number 15
[  219.443674][ T9011] lo speed is unknown, defaulting to 1000
[  219.456991][ T9016] netlink: 36 bytes leftover after parsing attributes in process `syz.3.817'.
[  219.459868][ T9016] netlink: 16 bytes leftover after parsing attributes in process `syz.3.817'.
[  219.464265][ T9016] netlink: 36 bytes leftover after parsing attributes in process `syz.3.817'.
[  219.466905][ T9016] netlink: 36 bytes leftover after parsing attributes in process `syz.3.817'.
[  219.513782][ T9011] lo speed is unknown, defaulting to 1000
[  220.921810][ T6015] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  221.081684][ T6015] usb 5-1: Using ep0 maxpacket: 32
[  221.099720][ T6015] usb 5-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  221.111157][ T6015] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.121352][ T6015] usb 5-1: Product: syz
[  221.122715][ T6015] usb 5-1: Manufacturer: syz
[  221.124481][ T6015] usb 5-1: SerialNumber: syz
[  221.138821][ T6015] usb 5-1: config 0 descriptor??
[  221.142373][ T6015] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  222.082562][ T9073] vlan2: entered allmulticast mode
[  222.215313][ T9084] netlink: 68 bytes leftover after parsing attributes in process `syz.3.839'.
[  222.222191][ T9084] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  222.351666][ T6008] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  222.501635][ T6008] usb 6-1: Using ep0 maxpacket: 32
[  222.505945][ T6008] usb 6-1: New USB device found, idVendor=0681, idProduct=0010, bcdDevice=7f.92
[  222.508817][ T6008] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.511177][ T6008] usb 6-1: Product: syz
[  222.512533][ T6008] usb 6-1: Manufacturer: syz
[  222.513874][ T6008] usb 6-1: SerialNumber: syz
[  222.516492][ T6008] usb 6-1: config 0 descriptor??
[  222.684383][ T9088] lo: entered promiscuous mode
[  222.688493][ T9088] tunl0: entered promiscuous mode
[  222.692155][ T9088] gre0: entered promiscuous mode
[  222.698190][ T9088] gretap0: entered promiscuous mode
[  222.702646][ T9088] erspan0: entered promiscuous mode
[  222.706788][ T9088] ip_vti0: entered promiscuous mode
[  222.710070][ T9088] ip6_vti0: entered promiscuous mode
[  222.713954][ T9088] sit0: entered promiscuous mode
[  222.718586][ T9088] ip6tnl0: entered promiscuous mode
[  222.722752][ T9088] ip6gre0: entered promiscuous mode
[  222.724474][ T6008] usb 6-1: USB disconnect, device number 36
[  222.730542][ T9088] ip6gretap0: entered promiscuous mode
[  222.734453][ T9088] bridge0: entered promiscuous mode
[  222.736690][ T9088] vcan0: entered promiscuous mode
[  222.741184][ T9088] bond0: entered promiscuous mode
[  222.743576][ T9088] bond_slave_0: entered promiscuous mode
[  222.745934][ T9088] bond_slave_1: entered promiscuous mode
[  222.752810][ T9088] team0: entered promiscuous mode
[  222.754740][ T9088] team_slave_0: entered promiscuous mode
[  222.757031][ T9088] team_slave_1: entered promiscuous mode
[  222.761039][ T9088] dummy0: entered promiscuous mode
[  222.766359][ T9088] nlmon0: entered promiscuous mode
[  222.769499][ T9088] caif0: entered promiscuous mode
[  222.771893][ T9088] batadv0: entered promiscuous mode
[  222.776460][ T9088] vxcan0: entered promiscuous mode
[  222.779176][ T9088] vxcan1: entered promiscuous mode
[  222.783514][ T9088] veth0: entered promiscuous mode
[  222.789104][ T9088] veth1: entered promiscuous mode
[  222.794288][ T9088] wg0: entered promiscuous mode
[  222.797837][ T9088] wg1: entered promiscuous mode
[  222.800782][ T9088] wg2: entered promiscuous mode
[  222.803741][ T9088] veth0_to_bridge: entered promiscuous mode
[  222.808196][ T9088] veth1_to_bridge: entered promiscuous mode
[  222.812636][ T9088] veth0_to_bond: entered promiscuous mode
[  222.816467][ T9088] veth1_to_bond: entered promiscuous mode
[  222.820332][ T9088] veth0_to_team: entered promiscuous mode
[  222.825260][ T9088] veth1_to_team: entered promiscuous mode
[  222.830503][ T9088] veth0_to_batadv: entered promiscuous mode
[  222.833381][ T9088] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  222.836145][ T9088] batadv_slave_0: entered promiscuous mode
[  222.839600][ T9088] veth1_to_batadv: entered promiscuous mode
[  222.842479][ T9088] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  222.845249][ T9088] batadv_slave_1: entered promiscuous mode
[  222.848328][ T9088] xfrm0: entered promiscuous mode
[  222.851386][ T9088] veth0_to_hsr: entered promiscuous mode
[  222.857546][ T9088] veth1_to_hsr: entered promiscuous mode
[  222.862581][ T9088] hsr0: entered promiscuous mode
[  222.865753][ T9088] veth1_virt_wifi: entered promiscuous mode
[  222.869216][ T9088] veth0_virt_wifi: entered promiscuous mode
[  222.872216][ T9088] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  222.881737][ T9088] vlan0: entered promiscuous mode
[  222.883708][ T9088] vlan1: entered promiscuous mode
[  222.885986][ T9088] macvlan0: entered promiscuous mode
[  222.889490][ T9088] macvlan1: entered promiscuous mode
[  222.892567][ T9088] ipvlan0: entered promiscuous mode
[  222.894573][ T9088] ipvlan1: entered promiscuous mode
[  222.900768][ T9088] macvtap0: entered promiscuous mode
[  222.904174][ T9088] macsec0: entered promiscuous mode
[  222.907182][ T9088] geneve0: entered promiscuous mode
[  222.910856][ T9088] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  222.914288][ T9088] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  222.916714][ T9088] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  222.919109][ T9088] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  222.921930][ T9088] geneve1: entered promiscuous mode
[  222.925674][ T9088] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  222.928886][ T9088] netdevsim netdevsim3 netdevsim1: entered promiscuous mode
[  222.932604][ T9088] netdevsim netdevsim3 netdevsim2: entered promiscuous mode
[  222.935797][ T9088] netdevsim netdevsim3 netdevsim3: entered promiscuous mode
[  222.939366][ T9088] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  222.941492][ T9088] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  222.943927][ T9088] gretap1: left allmulticast mode
[  222.946249][ T9088] veth2: entered promiscuous mode
[  222.947815][ T9088] veth3: entered promiscuous mode
[  222.949277][ T9088] bond1: entered promiscuous mode
[  222.950731][ T9088] veth4: entered promiscuous mode
[  222.952325][ T9088] veth5: entered promiscuous mode
[  222.986409][ T6015] gspca_ov534_9: reg_r err -71
[  223.271652][ T6015] gspca_ov534_9: Unknown sensor 0000
[  223.271704][ T6015] ov534_9 5-1:0.0: probe with driver ov534_9 failed with error -22
[  223.278885][ T6015] usb 5-1: USB disconnect, device number 25
[  223.291887][ T6006] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  223.441786][ T6006] usb 9-1: Using ep0 maxpacket: 32
[  223.447392][ T6006] usb 9-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  223.450739][ T6006] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.454393][ T6006] usb 9-1: Product: syz
[  223.456006][ T6006] usb 9-1: Manufacturer: syz
[  223.457761][ T6006] usb 9-1: SerialNumber: syz
[  223.461479][ T6006] usb 9-1: config 0 descriptor??
[  223.680726][ T6006] RobotFuzz Open Source InterFace, OSIF 9-1:0.0: version d4.15 found at bus 009 address 016
[  223.877813][ T6006] usb 9-1: USB disconnect, device number 16
[  224.982873][ T6008] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  225.131654][ T6008] usb 5-1: Using ep0 maxpacket: 16
[  225.134729][ T6008] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  225.139708][ T6008] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  225.142451][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.145295][ T6008] usb 5-1: Product: syz
[  225.146463][ T6008] usb 5-1: Manufacturer: syz
[  225.148134][ T6008] usb 5-1: SerialNumber: syz
[  225.151034][ T6008] usb 5-1: config 0 descriptor??
[  225.154340][ T6008] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  225.156997][ T6008] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  225.756052][ T6008] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  225.801618][ T6006] usb 6-1: new full-speed USB device number 37 using dummy_hcd
[  225.952812][ T6006] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  225.955093][ T6006] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  225.958071][ T6006] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  225.961046][ T6006] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  225.965399][ T6006] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  225.968959][ T6006] usb 6-1: config 0 interface 0 has no altsetting 0
[  225.972585][ T6006] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  225.975047][ T6006] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  225.977336][ T6006] usb 6-1: Product: syz
[  225.978487][ T6006] usb 6-1: Manufacturer: syz
[  225.979854][ T6006] usb 6-1: SerialNumber: syz
[  225.983372][ T6006] usb 6-1: config 0 descriptor??
[  225.985318][ T9160] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  225.988331][ T6006] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  225.992119][ T6006] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  226.018784][ T6015] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  226.166148][ T6008] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  226.168520][ T6008] em28xx 5-1:0.0: board has no eeprom
[  226.360426][ T6015] usb 6-1: USB disconnect, device number 37
[  226.363581][ T6015] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  226.471679][ T6008] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  226.473882][ T6008] em28xx 5-1:0.0: dvb set to bulk mode.
[  226.476035][ T5980] em28xx 5-1:0.0: Binding DVB extension
[  226.493061][ T6008] usb 5-1: USB disconnect, device number 26
[  226.499931][ T6008] em28xx 5-1:0.0: Disconnecting em28xx
[  226.511206][ T5980] em28xx 5-1:0.0: Registering input extension
[  226.513780][ T6008] em28xx 5-1:0.0: Closing input extension
[  226.562932][ T6008] em28xx 5-1:0.0: Freeing device
[  226.942504][ T9188] overlayfs: conflicting lowerdir path
[  227.088069][ T9194] ==================================================================
[  227.090343][ T9194] BUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_buffer+0x2cb6/0x43c0
[  227.092729][ T9194] Write of size 1440 at addr ffffc90003f5fda0 by task vivid-000-vid-c/9194
[  227.096115][ T9194] 
[  227.097052][ T9194] CPU: 3 UID: 0 PID: 9194 Comm: vivid-000-vid-c Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  227.097066][ T9194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  227.097072][ T9194] Call Trace:
[  227.097076][ T9194]  <TASK>
[  227.097080][ T9194]  dump_stack_lvl+0x116/0x1f0
[  227.097096][ T9194]  print_report+0xc3/0x670
[  227.097106][ T9194]  ? __virt_addr_valid+0x5e/0x590
[  227.097122][ T9194]  ? tpg_fill_plane_buffer+0x2cb6/0x43c0
[  227.097131][ T9194]  kasan_report+0xe0/0x110
[  227.097140][ T9194]  ? tpg_fill_plane_buffer+0x2cb6/0x43c0
[  227.097151][ T9194]  kasan_check_range+0xef/0x1a0
[  227.097163][ T9194]  __asan_memcpy+0x3c/0x60
[  227.097175][ T9194]  tpg_fill_plane_buffer+0x2cb6/0x43c0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  227.097192][ T9194]  ? __pfx_tpg_fill_plane_buffer+0x10/0x10
[  227.097204][ T9194]  vivid_fillbuff+0x8d2/0x4250
[  227.097215][ T9194]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  227.097230][ T9194]  ? perf_trace_contention_end+0x360/0x3d0
[  227.097250][ T9194]  ? __pfx_vivid_fillbuff+0x10/0x10
[  227.097262][ T9194]  ? v4l2_ctrl_request_setup+0x45e/0xa60
[  227.097275][ T9194]  ? lockdep_hardirqs_on+0x7c/0x110
[  227.097289][ T9194]  ? vivid_thread_vid_cap_tick+0x814/0x15d0
[  227.097298][ T9194]  vivid_thread_vid_cap_tick+0x814/0x15d0
[  227.097309][ T9194]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[  227.097318][ T9194]  vivid_thread_vid_cap+0x454/0xda0
[  227.097330][ T9194]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[  227.097340][ T9194]  ? do_raw_spin_lock+0x12c/0x2b0
[  227.097351][ T9194]  ? find_held_lock+0x2b/0x80
[  227.097363][ T9194]  ? rcu_is_watching+0x12/0xc0
[  227.097375][ T9194]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  227.097387][ T9194]  ? lockdep_hardirqs_on+0x7c/0x110
[  227.097400][ T9194]  ? __kthread_parkme+0x19e/0x250
[  227.097415][ T9194]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[  227.097424][ T9194]  kthread+0x3c2/0x780
[  227.097434][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.097443][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.097451][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.097460][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.097469][ T9194]  ? rcu_is_watching+0x12/0xc0
[  227.097480][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.097490][ T9194]  ret_from_fork+0x45/0x80
[  227.097500][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.097513][ T9194]  ret_from_fork_asm+0x1a/0x30
[  227.097531][ T9194]  </TASK>
[  227.097534][ T9194] 
[  227.160993][ T9194] The buggy address belongs to the virtual mapping at
[  227.160993][ T9194]  [ffffc90003f49000, ffffc90003f61000) created by:
[  227.160993][ T9194]  vb2_vmalloc_alloc+0x135/0x3f0
[  227.165833][ T9194] 
[  227.166513][ T9194] The buggy address belongs to the physical page:
[  227.168276][ T9194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xf98 pfn:0x5518d
[  227.170726][ T9194] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  227.172747][ T9194] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  227.175083][ T9194] raw: 0000000000000f98 0000000000000000 00000001ffffffff 0000000000000000
[  227.177426][ T9194] page dumped because: kasan: bad access detected
[  227.179190][ T9194] page_owner tracks the page as allocated
[  227.180795][ T9194] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 9192, tgid 9191 (syz.0.877), ts 227050199965, free_ts 209134640878
[  227.185894][ T9194]  post_alloc_hook+0x181/0x1b0
[  227.187232][ T9194]  get_page_from_freelist+0x1193/0x39b0
[  227.188776][ T9194]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  227.190433][ T9194]  alloc_pages_mpol+0x1fb/0x550
[  227.191792][ T9194]  alloc_pages_noprof+0x131/0x390
[  227.193171][ T9194]  __vmalloc_node_range_noprof+0x732/0x1540
[  227.194752][ T9194]  vmalloc_user_noprof+0x6b/0x90
[  227.195965][ T9194]  vb2_vmalloc_alloc+0x135/0x3f0
[  227.197199][ T9194]  __vb2_queue_alloc+0x8c6/0x1280
[  227.198598][ T9194]  vb2_core_reqbufs+0xa90/0xfe0
[  227.199961][ T9194]  __vb2_init_fileio+0x3f1/0x1100
[  227.201350][ T9194]  vb2_core_poll+0x5ec/0x700
[  227.202638][ T9194]  vb2_poll+0x33/0x150
[  227.203778][ T9194]  vb2_fop_poll+0x10f/0x2c0
[  227.205055][ T9194]  v4l2_poll+0x160/0x320
[  227.206237][ T9194]  p9_fd_poll+0x10e/0x2c0
[  227.207447][ T9194] page last free pid 1138 tgid 1138 stack trace:
[  227.209187][ T9194]  free_unref_folios+0x999/0x1630
[  227.210582][ T9194]  folios_put_refs+0x56f/0x740
[  227.211919][ T9194]  release_pages+0x2a2/0x4b0
[  227.213204][ T9194]  io_free_region+0x102/0x2e0
[  227.214515][ T9194]  io_ring_exit_work+0x992/0xf60
[  227.215891][ T9194]  process_one_work+0x9cc/0x1b70
[  227.217262][ T9194]  worker_thread+0x6c8/0xf10
[  227.218545][ T9194]  kthread+0x3c2/0x780
[  227.219679][ T9194]  ret_from_fork+0x45/0x80
[  227.220923][ T9194]  ret_from_fork_asm+0x1a/0x30
[  227.222252][ T9194] 
[  227.222925][ T9194] Memory state around the buggy address:
[  227.224474][ T9194]  ffffc90003f5ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  227.226663][ T9194]  ffffc90003f5ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  227.228855][ T9194] >ffffc90003f60000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  227.231017][ T9194]                    ^
[  227.232129][ T9194]  ffffc90003f60080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  227.234304][ T9194]  ffffc90003f60100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  227.236489][ T9194] ==================================================================
[  227.241112][ T9194] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  227.243127][ T9194] CPU: 3 UID: 0 PID: 9194 Comm: vivid-000-vid-c Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full) 
[  227.246489][ T9194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  227.249394][ T9194] Call Trace:
[  227.250325][ T9194]  <TASK>
[  227.251153][ T9194]  dump_stack_lvl+0x3d/0x1f0
[  227.252446][ T9194]  panic+0x71c/0x800
[  227.253794][ T9194]  ? __pfx_panic+0x10/0x10
[  227.255050][ T9194]  ? irqentry_exit+0x3b/0x90
[  227.256337][ T9194]  ? lockdep_hardirqs_on+0x7c/0x110
[  227.257771][ T9194]  ? preempt_schedule_thunk+0x16/0x30
[  227.259243][ T9194]  ? tpg_fill_plane_buffer+0x2cb6/0x43c0
[  227.260791][ T9194]  ? preempt_schedule_common+0x44/0xc0
[  227.262288][ T9194]  ? check_panic_on_warn+0x1f/0xb0
[  227.263696][ T9194]  ? tpg_fill_plane_buffer+0x2cb6/0x43c0
[  227.265256][ T9194]  check_panic_on_warn+0xab/0xb0
[  227.266623][ T9194]  end_report+0x107/0x170
[  227.267829][ T9194]  kasan_report+0xee/0x110
[  227.269066][ T9194]  ? tpg_fill_plane_buffer+0x2cb6/0x43c0
[  227.270616][ T9194]  kasan_check_range+0xef/0x1a0
[  227.271965][ T9194]  __asan_memcpy+0x3c/0x60
[  227.273199][ T9194]  tpg_fill_plane_buffer+0x2cb6/0x43c0
[  227.274700][ T9194]  ? __pfx_tpg_fill_plane_buffer+0x10/0x10
[  227.276303][ T9194]  vivid_fillbuff+0x8d2/0x4250
[  227.277620][ T9194]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  227.279414][ T9194]  ? perf_trace_contention_end+0x360/0x3d0
[  227.281032][ T9194]  ? __pfx_vivid_fillbuff+0x10/0x10
[  227.282463][ T9194]  ? v4l2_ctrl_request_setup+0x45e/0xa60
[  227.284008][ T9194]  ? lockdep_hardirqs_on+0x7c/0x110
[  227.285444][ T9194]  ? vivid_thread_vid_cap_tick+0x814/0x15d0
[  227.287059][ T9194]  vivid_thread_vid_cap_tick+0x814/0x15d0
[  227.288627][ T9194]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[  227.290196][ T9194]  vivid_thread_vid_cap+0x454/0xda0
[  227.291648][ T9194]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[  227.293282][ T9194]  ? do_raw_spin_lock+0x12c/0x2b0
[  227.294668][ T9194]  ? find_held_lock+0x2b/0x80
[  227.295993][ T9194]  ? rcu_is_watching+0x12/0xc0
[  227.297321][ T9194]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  227.298924][ T9194]  ? lockdep_hardirqs_on+0x7c/0x110
[  227.300375][ T9194]  ? __kthread_parkme+0x19e/0x250
[  227.301774][ T9194]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[  227.303346][ T9194]  kthread+0x3c2/0x780
[  227.304491][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.305771][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.307040][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.308318][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.309595][ T9194]  ? rcu_is_watching+0x12/0xc0
[  227.310922][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.312202][ T9194]  ret_from_fork+0x45/0x80
[  227.313433][ T9194]  ? __pfx_kthread+0x10/0x10
[  227.314719][ T9194]  ret_from_fork_asm+0x1a/0x30
[  227.316049][ T9194]  </TASK>
[  227.317313][ T9194] Kernel Offset: disabled
[  227.318498][ T9194] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:42:43  Registers:
info registers vcpu 0

CPU#0
RAX=000000000079647b RBX=0000000000000000 RCX=ffffffff8b6ff439 RDX=0000000000000000
RSI=ffffffff8dbeaf36 RDI=ffffffff8bf451c0 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10
R8 =0000000000000001 R9 =ffffed10056465bd R10=ffff88802b232deb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90867310 R15=0000000000000000
RIP=ffffffff8b6fdccf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f731e8c4 CR3=00000000553b8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000003 RBX=0000000000000000 RCX=1ffffffff210ce94 RDX=0000000000000000
RSI=ffffffff8dbc59c7 RDI=ffffffff8bf451c0 RBP=ffffc9000ce17d88 RSP=ffffc9000ce17bd8
R8 =0000000000000000 R9 =fffffbfff210ce62 R10=ffffffff90867317 R11=0000000000000000
R12=ffffffff8b7115f7 R13=ffffffff8b7115f7 R14=ffffed10054a8888 R15=ffff88802b339f00
RIP=ffffffff8b70b9c9 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008000c000 CR3=000000006f0c8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000000000ba RBX=ffff888023852fd0 RCX=00000000ed50cfb3 RDX=0000000000000000
RSI=ffff888023852fd0 RDI=ffff888023852fd0 RBP=ffff888023852f30 RSP=ffffc90002f77898
R8 =0000000000080000 R9 =0000000000000001 R10=0000000000000004 R11=0000000000000000
R12=00000000000000ba R13=0000000000000002 R14=ffff888023852440 R15=0000000000000000
RIP=ffffffff8197ace3 RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000080007000 CR3=000000004d6c4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854bd005 RDI=ffffffff9ae12bc0 RBP=ffffffff9ae12b80 RSP=ffffc90003f87168
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000039313954
R12=0000000000000000 R13=0000000000000032 R14=ffffffff9ae12b80 R15=ffffffff854bcfa0
RIP=ffffffff854bd02f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097ab9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f71b37f0 CR3=000000006750e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000