last executing test programs:

1m30.958954899s ago: executing program 0 (id=845):
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(r0, 0x0, 0x1)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='percpu_alloc_percpu\x00', r1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
close(0x3)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0x24008803)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="4400000010000d04fffffffe0000000000000000", @ANYRES32=r4, @ANYBLOB="60c000000800000024001280110001006272696467655f736c617665000000000c0005800800", @ANYRES8=r2], 0x44}, 0x1, 0x0, 0x0, 0x95}, 0x0)

1m30.893424895s ago: executing program 0 (id=846):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.numa_stat\x00', 0x275a, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002280)={0x11, 0x3, &(0x7f0000000b40)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000002140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)="a0", 0x0, 0x3, 0x1000000}, 0x50)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000003d80)={0x0, 0x0, &(0x7f0000002cc0)=[{&(0x7f00000019c0)="9257ef7814f0894f2b296cfd717fdb15b985ad41b78d6f84016e7f0d72ce3e5cca0ac618532d2f36345c8028e6045e736d834605386dd44d8d42b9f1683043a504fc72ceea3c88812f0df2aacb6c85f323584dc65af3959b10e904746449a87d517805de5d147a5bbf991f939c73047c2d85cf0f324903ee6a6291e705e8bced91760b6be097ed260f556538da30373c472dee51fdcaf89589034c26f29d9ee05584b8dfa2dec4369ca751d1c11b96ba56b0e3cee4f874fbd216e8dba45cf10298be39671e9c01", 0xc7}], 0x1}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020030000b02d25a806f8c2d94f90224fc602f1a04000a740100073582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000002240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0x8000f28, 0x0)
splice(r4, 0x0, r2, 0x0, 0x7f, 0xe)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r7 = dup(r6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r7, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000008100400086dd607a9d07001021c65767ae00000000000000000000000000fe8000000000000000000000000000aa00004e200401907804e8ff020006a600"], 0x0)
ioctl$BLKRRPART(r7, 0x125f, 0x0)

1m30.022980318s ago: executing program 0 (id=852):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000900000000060000000500000000100000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000004c0)={0x401, <r2=>0x0}, 0x8)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000480)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1e, 0x26, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@call={0x85, 0x0, 0x0, 0x44}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xb}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x7, 0xe, &(0x7f0000000180)=""/14, 0x41100, 0x50, '\x00', r1, @sk_lookup=0x24, r0, 0x8, &(0x7f00000003c0)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000400)={0x5, 0xe, 0xda9, 0x3}, 0x10, r2, r3, 0x5, 0x0, &(0x7f0000000500)=[{0x3, 0x1, 0xd, 0x2}, {0x5, 0x5, 0x7}, {0x5, 0x5, 0x8, 0x1}, {0x3, 0x3, 0x6}, {0x1, 0x2, 0x4, 0x5}], 0x10, 0x37, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000080000e20000000000"], 0x48)

1m29.948951486s ago: executing program 0 (id=853):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[], 0xfe3c)

1m29.948500193s ago: executing program 0 (id=854):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = socket(0x1e, 0x1, 0x0)
setsockopt$TIPC_IMPORTANCE(r2, 0x10f, 0x8a, &(0x7f0000000040)=0x7e, 0x4)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r3, &(0x7f0000000000)={0x1f, @none}, 0x8)
connect$bt_sco(r3, &(0x7f0000000040)={0x1f, @fixed}, 0x8)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, 0x0, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05604, &(0x7f0000000cc0)={0x1})
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000040)='./file0/../file0\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x250)
sendmsg$alg(r1, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)=[{0x0}], 0x1, &(0x7f0000000780)=ANY=[], 0x134, 0x40449d5}, 0x20000091)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r5, 0x107, 0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_emit_ethernet(0x32, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000000000000000000080045000024000002ac1414bb00000000fc54907802ffffffed000000"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socket(0x40000000015, 0x5, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r7, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

1m29.271743285s ago: executing program 0 (id=860):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0x0, "4fcb813dd28b42bee2b094a3de6dbfd30a74457bcd1cfd5feffe5c019f45d57f"}) (async)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0x0, "4fcb813dd28b42bee2b094a3de6dbfd30a74457bcd1cfd5feffe5c019f45d57f", <r1=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000180)={"000000149c0286e08ffad43c40fc0a000000ab65a29e23546aad0281b3aff5eb", r1}) (async)
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000180)={"000000149c0286e08ffad43c40fc0a000000ab65a29e23546aad0281b3aff5eb", r1, <r2=>0xffffffffffffffff})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000dc0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x401, @void, @value}, 0x94)
r4 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r5, 0x0, 0x0) (async)
write$char_usb(r5, 0x0, 0x0)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r6, 0x0, 0x0)
write$char_usb(r5, 0x0, 0x0)
syz_usb_disconnect(r4)
syz_usb_connect$cdc_ncm(0x0, 0x6e, 0x0, 0x0) (async)
syz_usb_connect$cdc_ncm(0x0, 0x6e, 0x0, 0x0)
syz_open_dev$evdev(0x0, 0x0, 0x0) (async)
syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
ioctl$SYNC_IOC_FILE_INFO(r2, 0xc0383e04, &(0x7f0000000100)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})

1m14.344509617s ago: executing program 32 (id=860):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0x0, "4fcb813dd28b42bee2b094a3de6dbfd30a74457bcd1cfd5feffe5c019f45d57f"}) (async)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0x0, "4fcb813dd28b42bee2b094a3de6dbfd30a74457bcd1cfd5feffe5c019f45d57f", <r1=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000180)={"000000149c0286e08ffad43c40fc0a000000ab65a29e23546aad0281b3aff5eb", r1}) (async)
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000180)={"000000149c0286e08ffad43c40fc0a000000ab65a29e23546aad0281b3aff5eb", r1, <r2=>0xffffffffffffffff})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000dc0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x401, @void, @value}, 0x94)
r4 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r5, 0x0, 0x0) (async)
write$char_usb(r5, 0x0, 0x0)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r6, 0x0, 0x0)
write$char_usb(r5, 0x0, 0x0)
syz_usb_disconnect(r4)
syz_usb_connect$cdc_ncm(0x0, 0x6e, 0x0, 0x0) (async)
syz_usb_connect$cdc_ncm(0x0, 0x6e, 0x0, 0x0)
syz_open_dev$evdev(0x0, 0x0, 0x0) (async)
syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
ioctl$SYNC_IOC_FILE_INFO(r2, 0xc0383e04, &(0x7f0000000100)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})

51.86101354s ago: executing program 4 (id=1064):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000016fe00abab748d7861fa5bacf98f7d9cabcca32b6247c07090000000b7537271625", @ANYRES16=r3, @ANYBLOB="0100000000000000000003000000180001801400020073797a5f74756e0000000000000000000500050000000000"], 0x34}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), r2)
sendmsg$IPVS_CMD_ZERO(r2, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x68, r4, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7fff}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0x39}}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x3}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast1}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xb}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x6}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}]}, 0x68}}, 0x4010)
r5 = eventfd(0x0)
r6 = eventfd(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r8, 0xaf01, 0x0)
r9 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r8, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r8, 0x4004af07, &(0x7f0000000240)=r9)
ioctl$VHOST_SET_VRING_KICK(r8, 0x4008af20, &(0x7f0000000040)={0x1, r9})
ioctl$VHOST_SET_VRING_ADDR(r8, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r8, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r8, 0x4008af03, &(0x7f0000000600))
ioctl$VHOST_VSOCK_SET_RUNNING(r8, 0x4004af61, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r5, 0xe, 0x2, r5})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000300)={r5, 0x17, 0x2, r6})
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r10 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl(r10, 0x8b2c, &(0x7f0000000040))

50.893337372s ago: executing program 4 (id=1067):
r0 = syz_clone(0xc200800, &(0x7f0000000380)="9a678b11cb2a963c425e8d0dd9460375f4dcb88835f52d25e6b58a1ca794b020d86f68a537083d4de6778d557648b6c420bcce394e0a9c889c41a0ec1da36025aa96f26fd879ea9253de0e193fe6423d4e03a5e61efe21201195b651427267c0360ff18dae5b0bfad5ac980a00fc4b93f20e6472e470a0d385f31640966bd80c2a50a9f13674d87d4e2ae6513630182dc8ff6a69a0064929357b14842bf89742640921d95b0190f21b19b86ade78407d646c355272cf5123648f8fc1ed83d0b4aa7f949dcc1096ea0455816e161f249e5863d14b1f80195000c988d5a61f101d20e9bb8392966abda475f097304de9862bc33da5b4d590e01089777c5e4c933edb63f7aeab0041af19ea6ceef49ad9f78f656184e3e7eb0264d10c31282f6d8d58851138f898df626c092596e6892a68bfe43e89e17099576a725296ce07ded67861f6a4f9507fbdf0b57619c6576b8b431de4ac6706a7a92e857523392fce85b6049b2ea5d2bc8a3d90129f488ffda48d9acdced641fc03e7193768985892f6d512423bc156de93f45e807ce88b1536f496a37edd7a4b7a460f1c30cdc180e01fb0a5e6d61ebd7309fbd02354dbafb733a24f35b5691b59df9e9bedfb68b2592ebcfce0cab02aa84cc711db24ef825ff604e5239a1707abd433c647576746ce7554483c630fdf20499e851250d1491f25bd33b85ff79ea15a0f775e5398efd2f4018e02bb9c7c05c1e5333d5f6eba1f52408e79aab658a9d5e17c06ad86090faaa382f67a18808c52285d192f582971c126c09694bb59d99c2628525499a4166756ba2b4e435300108be543141ace0a2c3c2552274e223e071860779dc44a06f3ce2fafd6fe43ea08bc934e6a3da4c3616f8dd124d2f8a340c7acba34f8b0d514f63f05d7138ee37b746faeb04f1db2b3a34c91465edf7bd5944a9d1f49b1c0cde6057cf7c70c9e5855295c1610ffcee4c596c4e4f83ece09c04d1396bc9ce5c7242ffe91c064f10677a99cea47fca567922fe0506b83af9c6207a747fdfbacb0a0f51b98739456d6bb85fc7870950ecee0bee943ad39149b5d22b10be813ad2847968fbaf0eababa137955d79316533f2a5300d20cc0e09451a721c02f22649fe7de5b8940a05cff57509326d22562727ceea17693698056dbfd033840764a5b7caa522cff79fd4e8cbe58a03d20cfdaa5fc6e00de2464898807438fa859aa6e24ead05268fd3b287406541276bbd96c54531396c200a8bc14eebb7ed8cafc4873a88569043464ac655d92435e616fb9537f2176706bf956cd0b3eb58f259514aa4746e2c51bcf314bae11f58bd4f4ddb1926c829f713b24ce79638be595b5d37ff43b96a1827b5e1b5f95a29361298094f3063f8ec34b0b3ee042f47c3ed1b7aacef0372fff780d1cdef0335d33ef42531ed396e3eddb66f2eb53bef851b4be73c694070020430f6c81778cba9f4650777c4bf9d649ca59560075bd8aed44103c0a1eb1fcb50ca8a52dcc10428f1969840a787291ec7590c59fa8fa6ca19bb6bbb852b155b3b21fdbed4ed5815f9b078e35094acba0d40cc5eb11f08f1014d168a7b70b7de4e64abdc567b249c8abebfc9e9587ab11d31da47bb4db1b85667cee4bce2c164e53d01a2d1d14a8498b23080a3d41c2ddd18bd4b8b22ce875c9c6747ecd65c9717b853b102058849952d239fc6e94050323e891c24bd53f91c7c30d60696bc58a79f7b71ce4a02fa9f7256050180e8e44c2430bd6938e5268761fc09aca19ce723ec07aec9191122ff275043c144e16aad40c58bafe3ae41d00d648cf159ba38246308f4f0263bec7357a5537ab8c46ce29035d80173428a0666a80750d0c5dc7504202f2ebbcba2f55d63f1c5b8a34ab516faf4d74c90bef3fb95fa0a2eb06e7c23016c217198f7b6f7b74a4fc00eb6a4f0f418df837e82f87e29e1deffa35865be7861bc3a507e3503e25687ac3cb5e7938f1de8697d5ae6892c95727d62707102a6d38a287017df8e26b90c1629596a42ece1d665e8af2a408cd5b373cbbc02c5d492d58ef4cb84f6ec2e27fac8a2efa048d7f9fc8b12e0776bc0a4ed791402b98efe6d4c19118fe1c1620f72b6b6d478de5739abc6b2cf16bcde6ba1d42f3f128a19d1af1f0c222c99fe2103a85c8c80ccbb8a220b7a8439cbc4a1ed96ae5db20ba69af8a0ed8fbb269b552b50cdea714aaf2dbe8f9739ab56e90ce4c0fc22d4562f222ab965221fb5e86b59bd0a8d28e2345e668fb8be700a52f548b89adb96e4da080d2fdfb3193d8323685d9e14db51c6981106a443ae24209abfc212e7abc91b919b3d62f80ff5ee916c543ffe0b1e8fbd94d924bf38c49441a7678d7061e65bdeec826ee18ed9c41c9b8c29c98d6c915320f289d34b39bbe42171647b6801b1df3e8be26fa333dd7a503dc8fcdf1495b1ee8006089b81679eefc907078b7c9f431e9915d1904145191f9e9655ed014a4c2f047f795ec67e54c0e7abe3e61bb03884206f74ffa750a287dfa147ec6e153c90267b98896476d47d9ac004d041ceb1126ba097a7d982bdf24dd8dce6de3053fef1cd69b0913d320183f85d65f318e930a91f199fb06869f5d91d205381cf68175130c72e195289f830d0f684d7ab4d7f997ed00ec3cb97e6a365eb911284cda65effed27963eecdda082012dc041fcd3fd7a0be8f1aed96f2cb4b32d73ca8ee42533c9a00756cf6738d9442e3a3d3b8937de82232a9a5ce4f22ca47b66cda87fab766a8778d3e2dd0a084cdae98e12fc28a9718a95797be2d816657f70e1454db18450898512cd1da893776530c0c0025cb509faf21903db95a09a86a954f8b0698f9efe25b3c28b901fa8fcc08b62bc36e3fda007d2948e2a51fed0d7f22611235abff1d55ac46e33d2671c8f3394216bab6284b79c619d208a604db83bcb4c355c2803787e70371640925bd53b8c7d0071af3b2290aff8b858613bbd2cc4aff37835c66e2c1a4e25182faa6d636e8713836d612c4a563254bd61b34051dd58ea1db89bd365b93e850117e747bd8d6e93eebb03b2eb5a3d9b9af35bccfdf07c7b372562c20e93aa5b4f89195ca5f5385957437f8862a07c61c602265288a3cb31e64e8c762fd3058fcdb389457edac85f5e9f980a9c4c406b2ed39e91719f19907c47a5bb20293e05cfb22e8b127c72a0b9845678168f215da69e95f4fe65a9370bfdce8f33b07b69160280d288418b2f4b0e68c2425f5ea5699d059e23bc55460a2f275bebf405e295ba0082a720a1f382fde3cf4faaf23730a18bb2311224377446e3fc468c3aa42805ececfb5a545206fc6948919e1ecd6c3d9396115a80ec89d065b987619794ac4e7cfbe5a0f51f6877dd1700a3e9ef6cf48dbfaa0384f2bc0cd1d7f0c7f0f2599da3720164490971b5822e9167f71761e7f617abac7f2c0d9f4c40e4ecde35f8f0e664b63ea99b84c6e5db3bf46cb77ba31ad8b4bd567920756cd2026ae15d684ad9d1aff83d3a01f502581e16766b6b5ed60e132529c83c7625c6e779ecd27c4ca3d09e558c93ac553944848f45f2b8ed25f90a06a1b67a598bad378dc7fa91c4c8c320779d77b92f1858ec18a2980d81794e8af7ed0189c2774cb51f6956e2348693a11fe4fec794c490d7dedc2c48053ae1d7f4e226541c83069c5d4395bea5d25c72337ed9316f390d002211db3ebeaf41e5bbb3e3f0f5222d1b1d2e3e6668fe2f08dd9174ea39d8485e058be9938d166f1206d44fcf6a4d27eb7ee7bc568973b153db6f306530c46e499de87b62a745ef3d4d99a521752e00aec87e47a9cdbd219428bcf0db48c1ecf0eda5369724be1329562211c14b2501e57a1974d716107e373bd0d9d68191a73844bfaecf1b9b2baf08d24af2add878015c9b778352a6839b81c9087340391121151587c5c81991d10ac0b3b90f2747d83eea957bc239dbee426ff909f9d1fe5db3ef8dfcb8275166fbb983c645a5482be1a8605b86d6e82943573b9111dd1388f58a883a80d60822caa051466d4ff4ca15d49bde76805d6e4aa59bbaba84a985bdbafa34449ad0b21b6a8ad70ffe6cbd7b8b37edcf81278360eb0ef259b7748c79b287db7bf711eb5e13aba40185c43c53e82193a41fcd9fc40a674db3399cc2edb6185dd23bb4d37802d377593d0aea843200814f94413991afa0918acdbf9ebd85da754d63de8c250546c14102595e887251851420a3b41e758a999e6235a5cf69767964d5ba71cc3e9ce6b869926f2937193c629d9c9fe802440074dc69dff8640d6f796a42200aadc6a7cf912e0e0f5b0e78bc2ccfc07a96458a9eda633c44e65638969afe9944cb807e66cbd4594f0147d8c689c749a425bb88d89dc35ea24d03cf2194fa0d430b93b1b6e8b48d75d7f6d4de61645dbf5e5cb68fb1d48410088d79046f9a5400011fe53657bc275da84cbf0d17cb485f9323a9ff58da85501388c9671e0c2f706264d179966c93e5c094cc520fa821c05cdb4068a26d9308803026ce85e7b271fa5e73c0b9c5fa167364be302ebde852514442a0563d3d0c6f70bf30917a0cfd859095c3b7e8dcccebfc33636c6cac2d99ff70a989505eea7215de9b8342aa986e34e4d6b65db48d7bbffffd263985e0fc93ddab16b32047a499c08251daea398d23c93e857b225e400dcb1cab0e6add0b891f79ac820ba335f23326cf5625e29c5790af90cfed45c9cd7c5904d23a6a1ea212101df41918edc06373f238d01bff286951509f1ffa29d05665a5207bc65b8ed3ead809d9a30dadcefe70327f1e73175bddc79a136ea5845fb2d05decb4090b19b724b57016dba504e65e7eb6f1d359695f3784cc2dc06f1fa04f375f76bbf386ae8d2f621e7e0b25a25a3262d2119348805d6c7367945ea6b72be432580da508f86a4f73a510b7b94900e0d952dd3844411d03a8b8444d30405824eae7fc77fa5d4834528f54c7783a8557cacfc93df0f66db5b4470c05b9fe691306a4ffbbe81e63893b6aa5d9923ba1f9b188c463ed0ab60137525825e954d38b7c89da2ebe86fe1438b828b54b2eeb37237023ccca11c2fb1a8e04bb0663ca83749b7d35f602e5468f46cc33224203869e6906f55a8ba27d2d50222a32f1009210d26fff9d35bb209773f78959c0b7d53b299cf34e7508d60924a17659fbbe30bd1553fda63640f3df09b4ee1aeaa16992b8447771e59b8df4815eb46b8ead9812ecbd5c21f712863719319f80a4aa4c8a6b1a6dba6f531aa54a1552d98716a7f1c12ed812fa64d17c7be51d6316517ff43377f2eb60b4819d2be1cfb4c11459306c768727ad2b9263cc311da44e5c87954d5cdde190c9dc2a2324111987e2a71817ab09a6a353f0ce347732d43fd61b94f103737ca1e45dafbedf6419c0e98a5c12cd07144337e31d96c307568adee088f22a7ff2766fcad124b46c28b79b9754cd6f9466437211d58c93e35699a6752be2d0620cbc50a9d40b06cc20587b89678b0cd4a0713ec2c4d1f9f2bc84dbfacbae06393e12a0ed7ed781b2a5f4df22b236a2ac7cfaf704894f16e4ad2941e423597cf4ad46f62e49a8c721472fbcdbd3a15a56878fe9b496e241c2286dc78db4020516bd7296228050e9880535d51612d5f9ee5882692cbda2e7d44149b995b664d88aa5da847840220044c033643e33fd3e91aa0026249878c0f6b6034fcb4b03c5dfd65f21f7c0342b50cdf375bc0e5140d37c7eb03bfaa82e49c363ca557939aae39a040fd75852932df9f024087392a61c6be6e16802c06698ad2aa1b2dd294b1158214", 0x1000, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000140)="b51e3f357beafb9c88")
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000340)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
write$nci(r2, &(0x7f00000001c0)=@NCI_OP_CORE_RESET_RSP={0x0, 0x0, 0x2, 0x0, 0x5, {0x1, 0x0, 0x2}}, 0x6)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$sock_int(r6, 0x1, 0x2e, &(0x7f00000000c0)=0x101, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r6, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @dev, 0x8}], 0x1c)
setsockopt(r6, 0x84, 0x7f, 0x0, 0x0)
recvmsg(r6, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)

49.702579021s ago: executing program 4 (id=1071):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, 0x0, 0x169802, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000008100400086dd607a9d07001021c65767ae00000000000000000000000000fe8000000000000000000000000000aa00004e200401907804e8ff020006a600"], 0x0)
ioctl$BLKRRPART(r2, 0x125f, 0x0)

49.517870935s ago: executing program 4 (id=1074):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
close(r0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000000)={0xd, 0xb, 0x40000000, 0x10001, 0xb, "4e2e10e3e9dd34180b687c006f6edcb399ce81"})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000000)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
getpid()
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f0000004300)="69c0b1af1fc191cf8a89bd1bc6bee9d0dd45f4fe6c15a6b0faa5fbd74dd228ab66508e5914d532739ce0bd48a366f61db86ffad902f42c9a33bfb1f78b8e568f0003c6b38aa54c358424d338e2de24c5ef2e5ca4f80c29fc33358a0a7dcc5697e10e636a032f6934e13d6fe5bef0f16d324e2a73eb76d95f68b3f6f771adcee8f245dd24cf1c3c1a448f280faeeb2e962cf5276acf5131002d3541b8751b68be1d20262c055277d1610835a941472e93db6f525a5184576bbf035362defc6d3a2a3041d72c0b20ad890fe59ac858a815e1f8fcbea0000908ad7d26dec63f067b0a11119131198604a72187c3579928259044dc49860613e46919fa1dc14cfbd53c950eb9b3fb6cc1e7ce82db1b1a534cb2fb0df49797a9161308107d7efa0226604be0a6519e1f37c3b1fc7b216147c1894f6de6e5d47d170d1f641ff39967e3a2dd2d043f77eccac9a4f66ff0452ca927fa2415434df44bab99d5b67afe6a62a9baf69a2fb85fa6a36d2423bdfc6661ff43fdfef86d5aef3e9a721a45d440ae5cfe9d09957e7c6eaa4373d1eb2f8e1ea84e853805486f5b3f002d5b8a5a5c6fc95474b545eff536ef1eb91beaa9bf2e0b843cad4ecd61c00d1e3a01617f98dc37961dc58c87c87c46bb9cd97d2ee7302b34cbeae9e922afdf8e3cdada43ca06828768067a824faee656e7edcb01337d6321a246fb47f99ac2e44f37850734b1807f93188f21fb2c778c764ba17e527c768e55ac97ad8e7633815f20b8cc19c76381a06b99c8a50af83d4953580eb033d26270c5a5fe7233d9f701e5763133f533a2e4d43be447d4293f0eb8acf25b41f78f7ce6f51b8699ab4cb133109e08966ad8aa44d7d51c7ed469b49c7464ce47a89eb962afd568594b9f4471f5e5a8ccb18e9c11d42be1f6d0fbe216813cf2f91e56d7a0fdc219af2d5c3aff5f42bf8f226e0210de527df47f13390f39af1f4b9e26f86cc26eeb296c7a2937e74140a13d6fee3fddb80142fd7d03f8f252eccb2b6109083c66e730303cb20d874c17d97508589b062503673e089debc509d9f6fcaaf13758ab827de3270f5c0934c0509d8a4ea79872195aa3f78e907eb39a1020d3dae59de68cbb30cbef54480fb87dacb76681b8b75a1885181c277960e1fbbf5f3f406ba2d053871e1c10925e89ba45e4f3a2df2c021a5560ba597e9f56c43a0fec6ada4ec8b1ed235dcf05a7c797d705492fe261dd6e682d28cd4d63ebba9178cd41dc81eb2f87e5e63296768b2f9389450a01cf0d2c0b481a66d33ca6311c1f7482e65242ee16341bd6afe81f95d64b5a1617ea8ce25423cb2b458cece6894684455dd29d298d55c9b30ea311c90694c0282421158f96919de6344ea240e43a6de6ad37a83fdd709848cd320049c9c96a9f87b8d49173a30e9e3c156abf28fb415ee3768143676c6328452278a34a705f37264de1729c9d42fa05c862cbd5d9379c74f9322779def9ef0f1790d1a63d98666d6663d376cca46d832f3fe3b178a24f6bda673aa6c1f2f76b436764822766b9c2bb51b6aa6f0ce712c6dbecdce72aeeead8c6c4ffa4984060b350d744ce287c8cd57b403e636fff4e58243d262cb2e0dd71d710f0c74ee199672a4e3b32e46609818be36dd1393f4046aa5e91044eea087402e6230c2d91980732dad401f3af662d266b2e25ecc7c80a2a1624523250329e84382f0657dcc94d2357be348a5c1b7a51729241f13e18dcebba67bff770fe8d7a612edb0393cbdc1a54cf814c42118e2e783bbf861985c02b1ea0a1696861a06801eeaea36ee1fba58c2d2a0c1fb0616a0157a17b9dd7646d16c943dc22a512774eecc5d42a3b4669a03ac3191554763c2fa57cd6ec41fce3bc33af46d4cc5496931028da2bb99a09b5ec0913a9756e42a54343acb800443a630e745fbe65453934deb9cc151bd21779772a8fc36103336abc8d3417f4fbc371ab1eb3c6621990ab0b2db8b80e06d5d0f58cae6a9837895d290defc8417b63eaae7b734f09dad5130289e1cb9dc900ef4284a62d170b8f5747de66ac31efcb6ceac06ccdfe2fdf138f8bf4f26f90a2011b6e8214b10f0dec6658d3a540b407b5cf8c7567dd06aad858787387b5a30c7f43accaf8400bba85a94941d6cf720d377343033294537d45ac56953501a455026afab88152ee83bc25bad9e8fbcde22fd3b27069f14e8af75620558941e82d73ab8a6b0144baa10edf8aab0879de874edba8aac74dfcb5199f3dc5a41e4246ad859d4fcd8ca0e60a371ec71741245932b12d67f71ff6b2aa11a76bf1da79e885d36eab860c47b7d5d220b3d2de7e9eec52afc704bd932bac48b67d442f84cd69af4385202cc6ed0678b09b3be74dea864998dc1a45ff72301e1c045a0ba9e0e5121534360b5a917f830e71f49279b6ddd76d739106ded08efbdf1ec65f81c70f3a133cf8a279701d77fe8a424a93cec82ecd4f5f868920fdb4b5396c0d6b0342e7b3f27ee869e918a991b7b3ce60019d849297d36c42f2dd92d6dbd9dd024de13866f36a60babfac6a991e5e402cba7a549c4aea1fd627b2c27d96a3351e24a0635e0e8be442c11c38485f6d662da29533a2fb698fbf1cd0e9e21d76e5943256d027eabb567b75f1d926564a654a61e64eef06b16ef4a2d4b8db8ca813e7b1875dbd4d175889f8094b8d4543564890b2c8b09151998395a49aa74bef18481ed8b06cc41b7afac3d0291fa2be4012400019f5185275c35afd2f52db54d6f102d7905c41528887a5b573cbd5059f460cef5a72d39a7b448f6f394f248cc6a9f22e076631d59539488d1c30f713c223f2722eeeda9f1233247c4b30b698491f64c454dd37e7960fe64a0ba47d7be87055b2bd5b03fb58be7ceca18b5c557dcf4f44222bbfafdefc9a39bcf9820cc8a96f38a2a534f19940ce4e375f8c8defe22dd5e8d7b1fcfa2cc38e0a9522d7583dd3f42cd9c5eb928e1b1995accf151172ade642fd9a3b754945c5192bb9ede9f2cba59ad35a7f0fd3c021476f5c58efba4ccbe00670599ff1b1c88f92c48775f517843acd273e66e3814e2aa017862b84bc3b3c34b2d50c3b92752e45afc4cda096fa815a3311183014630eefc3c10186bfc69e68c3a4f35bcd921cf66a1d793024b404f75460483b31b65cdfbdb07e87cbe05e06f9e0e1331a6190ed21020b649645ddce6aee69c0e59043997426978f8da1b5b30f076500399d2ce66c9ee634a6ad5c30f77ce6093f05670fff8924c85667c7f2910f56e93dfffa137fefcf34ac27b196bcc58dae8a9618dbbfe18d90b9a94bdf9ed76a095d454dc2a2d621bdaa5ca3373637861b2a7843440230425b80bba81f57ae547ba6c5aa4c609d7513103178dad0077e6727d89bf40597f036d4040c8d3dbb39cf7f2bbb66ce9c85a934a1672bf19030c7a473452635faa69a967ae248590b8127ffba96890d7db4ce19f0dd389e4195280b7b574cbc945800f767216c15898d8d21ed89653a280b626d0eb6a41931999530866da99e7d042ab78171520fadea41447c44a12213f90e3a9491ef57926376d7b408dcdc3a4a293d46b2a1eae5e92c910fafe557b538d88fa797ce0584cabffd69ef083b4290e90b360a9d8280038bbeb3d03d149ecf31b8b0da9a8c0c54e559764e1ea04699c262b38de26b51ffd53ca6c710ee81058002e898267eb00a8e86a875035bebf58681ff39da1ecd476c66351cc1bfeaa0970e3e17ac1bb06cd167485007a1de6cc557325c3889af0319a0e3d11d00ce405f6e77a9417ed7fb071db78a47f4bd7fb27f1d791928ecbcf355ae0968fd8d377a8ec253a734eb999c409566669f1ff061b55bed7873138adaed24a7103aa68724a5913a7ceb255d4eaf695ce5be29e3582d4d1426feb9234b5dbf18313014721baef14e999075906c8f6e1c5b284e97b54a76c843c563cdf6eb06fab8a0aadbe124bea0e5b30215fd909ffe73a6593cf89f2e105a72f8e09852195f5a26b472b49d102d5ffecbbb35421b938ded93269b1216b7d37a6d406e47e9637021abaa30074082f8d1d411e5667f3f3c3686119222b89ca72de4b0442bb28fe1a242209c34dd2f305705d68771cd451b4be4b3f7ffd531a8bb719aaad1625bd0f6711218ec08c819fd165e8eafb9be91ff8e5efa09ba564718e8e1584d6a7a2c1e167a2a0f2254af50ae07e76c99f30c983fe9b83637e2ab5689674062eae1c604143200932d35be80f17bb2b28818aca82adc5c29b21f783725f4dc796bcf2a8243d218fa957905b72e81c7bfa3e64e2bd7ae0896903aa8a4129d902626f82ad9dd1db1a528af66845a8cd8714353b74df9aad248452bb66f409036eb1a05389cb2bba90655d3298c0c8e101fbfc3fdd72ade2a350f623d0ce90cffb187bdb6a1e6a2602fa3060e65dee4182350c540ab6cd5e876bae26cddba01a3f4166497f16f5ea03ab986a22cf7a4aead1bbbca24322b2bd23f7bb2b05b91953b420a5aba1a166ca8d96fbeb51057f3202081fc168f3375cc7aeb346afdec9a3577c9ad12050e60e2a1e0d5f822776701c26ed618149cfc2948fd737d981a6e1c885bb2f639d7f7f64de3fd5cc25bcf88b2f183a471d98a33f065bf6e840a1b9583a6197be88a4bd3d2f39d50322c129403b3c4e802f6523573aea1f17322d676c80be3dc63513dcbea386f933eafdd258c8d974aca3fd30c93a1227a0f3579fd19548e5dd51e506483c216dccc8e3fa04700c3627f0ae9f71b7cd1e3b058ecd037f0f3114a468c1c84a8f3b29c559c6dcee3e504399cecd7f7e6cc7232d4cf1f1e0966ea864ef9a7179f956ef3b89243f2890bf02e67fdcf4a14f99a0c90f6c80c76e17e97e6c93cff9e797e6b90d4b0ced0f8ede0b528825fadea2cf57f9fdd8490a2a7c1bf3bb64e73bc097ce2521974b30033249831197e490eb9a967a31a90a4101838b0d0d959785578541f8c3c62a3a697aa30d6cd27f59f6ff66d2c31e483e8f4b78ac693fb0963d5cc13bad55414a6a7d9e39306291a0b86318b797c0f2fd1da622c05758923ff50f95a8e7069d4a322c61b8774ae968ff8fb7f11c8065391ab7ccad20042522114f5c1e70216c5fcb93a31470283fcfa3bd0a907aa707283073597057e712133ff6477178fb6861ccbc053dd1d562c4d05502c7bc366f9bdc322ea4115865e6b27fe0b461372d556609559963fd2ce0ed5fe2aa3ac482b26bdacd86e53a274a106291dafb58b0a4e0c5dc11bd89e3caa628b6a425b6d8471de8f40e5cb896d12c9100ea2efa2c43b0f7ca936f598ba50770a1fd6697e0ca56f92c5d2ea9f2076055e5714bfd55bc9424463820f550c29b10ae95acf47bc5dc0ad16d8b03de5aaafc6ea8d0d00e09978282d56417e307460c26648319f0127abb63ac635e7ff122efd998d3ceae547e5765e554d73fca1976b677716cb1ccbdcf9be11d457abf25253ca08c4b98af8028507fdc36601c0a61e11576ba92f40e54385041af6214c2d68e23d0b5d345a85fd87cd792d1312a6223beedf9a9a627f1cfd1fc756c6c08bb42d510850fd438702f5f7d5b6a9d87b5c77085f6701322b7ee5bd1a01e9aada643ecaebac0c8da6c895d089cf7357515e16eee6a67f1c9853e9dd9f8192ef46b828d8113e5389ab7b7c18dcb256df459de02dc0f808afc15d76504e952d29442f9c62c9f389fdd4d78f941cff98bb829554202135b7da60280da082adce8a9441de99299f3faa3e76d599385d2712a02e65c712dc56885b3763e3a4b43b39f0431580bde49f354b43e753457ef5b8bb95a1b31de1fbfe80964738afc6c875f5b7f7a3daba71b4750dd08b39caf71ae8bf80fcec47a17faf8c4c9af9cccad78db9d9e7ab804fd71ac8d78c2e3402a77eb8e25f4d3b2f0ebdb103fc569c2c630c01b0ab58b43ebd289ba371cd5de5bfbb0bc6f5585ce2a9c052d5f63927d8bdce3c447a1e2563ba6c5cc5e74117fb247b836ce83b5e2f13c33ece1441aa0273bcc975a5a56dc34adcec300734ccce973f7333eb3e0bfb16ac95bd919f3a1d7dde50e4f39f964f69441af4b5231da303286ed249abf51947a9ac45e23690a09ee5a0440aab2b83c3372144e63ebf583116ff843907ae111e3a7f5ba023a56ff122aed15569d7186505056e587b5f05b24410197effc98a0ec71015d2f266f4fb1713aa608879aa3d42e418568dbbef797fde11c6ea971832618ce680c81f75a6e1d24dccafcde119a7dce38d182a402b99f3010b86ada8fa8d548f0c732d4731a517451f4a328314851c07516f533dc4ce7479c77674801bb7e6ac78c9784f371285138aafe254e52fc74f995d3ae87edcdf93b0244d6648fef261e0de6264288d5ec177466fb9b5114a0b474155bda995f7b7554040cf4366d90bf85dfb8c5a4c6dc43c3c3c4e8319a28c9247481398da5659445ba1c87ae729d80eb70cc87e676639bef5b783c0103f7dcfb2aae8f1fdfb8f2bb12b481c1721ffe467d0ae9ee93ed796785a37bc99b69738537985b58f03db924e7286dac27b55bdeea98949e2e173e37188c75ee557a531d18b2277906c33cb9640530a6650849a045c4684bb5d783b662a4157a836251edeef3116d5479a5fa805563c510ac088415463316eae74bef025e3f43e75a7d48a69e603c746ca6300453103aacc55b71738c8337bc6175382e728f5288771e642c09338f6928100d2516203727b61496527127538b5c73f3173258011d57f9014e00ae2e170bd0fb2757e7667144762e46eb9c9ab46a210097efdf7de0a4bd95543ba476513631d981ee50fd5ef98c5ba2005e1d51fd07769be5b35d7ad111a25b3314302d34f741c25cb46fede53bf7ab41ea4bb72a1359875752408472834b13568ee121d2916a17470e4515648367370f7630673f77b289ddccbf5b63179da91acb1b7b52a1ed88bd0700a2b3adbc2722a0718d576dff719048a2cab36c3595d8d5c833f977fe977487bd604d748c44ee154c4a69c0336c16a5b42c0633be84706a841882c73887a34aa0553489a3a7f64fe1671a753ddaa8374e7c323e37207b148128d8d02ea9b198a820f083a05b867740b435f31ceb46b09e055097a73a653ab693ac04dedd96eb3d5a0e2f3be5b11b0fa278f0842368a03936e65b7b52133873d240d1985899ab4de8b831451a57acccd799d1200ed0314d72588f600a29ee1c169d0f4c5d0075a28398df07d8adcbea1c44b96e3d5dbdc910a259514375db49b73c7e17568b8dcfe143f862f3d90b45cd7596552f0f88a86dde8907f8609d2b95fb7521cf118c3f5cdc4e885a2101418f17320d65c4be0af88fbec86aa632703a701280a3f351bab2b909e9308fb769a5bd610d92134e1326e3c2ac24a037057a038ea76bd9b2cd6987d51e57190e989b46b9efc4fd81902aa851a255cf7f56a4a3d3d9330b4e9c46b5e283fb98b6da68ac8f42c2cf2c2c1a72de62937ce3cbba5a3083624f1bd14a0de4bced7d7c259ddf8b072d0ceac287d746d5ca55ed8f7c58b8f4d733935cfe9267def7e55ae4e55789000ae7fc23c5072c6d5e5de715f4f79706462f17590396eed1e1218d79788a90168ea51182fa7caa2d0876dbd2e5fd3fe0c614b42f1d86c0903cd0108fa3e83d160726097e74aed95c9e985f6c7bff4f28438ffcd791fa3a3b08468def18ad621107826ef7107e7ea9bb6e513e868658f45a2a24abf034775a0a44e1f99a4dc9a9e80643e62d46041d4fcf70e93c47277854a0585387aa5af9bb9ad09e34f1c6088528991e3071157e39123489eb3d34429ccc0e3453c86478c4f640fcae12a345797bae195fb2eb785cd150fad3e0ab16b75a7c9c799f0f1350a8c93e258a9dac9a17f337d78dcc692d57f194a8651812ba67bd3007117afecc0a3754a9f19683ad1e721f8f3cc9884a1c7673bdb58622b1a3801d1458a787e3c59e9b5bf804724d06bd1cb99b3e29471be811158d596dbd69d27b8119a88fee23867e5be6815349665dfb1568f212b37553f2d0857085bfa273e236b5f3f3b44b6536f65d2f4df874dd7f20115a4464f662947c27f9bf218d24f29fff76475777487d733ff4864207e3354e4985badfe58ea9261855202575d6352a25a8f7f64b153e5ed2ac5677dd48c63210a2436a48b67689ba13952a0167e5ea8f096faf4a63c3912d3aaa075ad706b40280cf1f07767b7cc0935748db2660c2599c2c08144b06a834fe4d2a057da3703c4b23b387be4331b43209765ce56cbfbcac13722be08cdb6254dd103c07d7e858b3d0be3b60dc087dcad99efbaab8d561b0c51100e6df203cf858e1dddfaa9ff2cb4af4d78158e58c7b76b158d8072a9e482b96c33185f0a094867a983c6a42d7ef72e5dbb2f2d704db5896ecc35c8d7d37ea080e5a395a59858b6dabd638f9531342419b616a2e8d63657d0fdde1060ef33b75e26fdb2f0c3e786443002f7f3a1c8ece235a3e7ab320baab063700bc0ee9c29ae0753291532e6c462ee44ae3f372479045a7912d9dfaefd674b4dab07c4bba99e837df23fbdb2b1788f888646938b4ce0078ea49ea1194c43bf6c73b2b6c9b1400f100b9466a7b5d9cb153a6c666dbeb78fd774dcfad42ed8258f55ddb35f6be9425e33507ccb7321f6b15ddc53ad535a6a5dbca1fb4e1a91e706ba05cd178d6ff381efeabc334554d050a7bc0ea1da671fbbabfcb53bfa36e6a4939af161bf3be05b6e38329059eb480bf84e6f775739857e9fb08b34efe37d8337bbdc6bb7d1d205ce46d988867090c4289570582067e8207fed08c373efdc8fa8190db0717e036bd52330fa07c3a2c878c44383a575df375688879fbe246be914917c9faa25491a614fc067a1109014c69be11ad37eee345c801d8de0eba112af0d7f72682f57c9dee5cebf364b3e3d4ec1ac0a0a0fc7ca3f71dbafca84c8b9877dab0803c167dfc2a3e7063acb7713510c0e63c70a2ba17191e669ff123d1eb795fce5d1700b74c59fa16152036489b16002e904f751aafad489ce6b89a055594d734da2f997a46f8f4b9cc4c8025346e212be0804d6aa4df81f31c0f8badd75407fcf221e17893efae087db51111ea8574c2d993a1f1377b158caf627411306c210a69916415335c4fe5d38b061fc08c3f8e84f6ddf938dabf37277411c1d1b44a1c1682ed5da244f7297e150e9868ed4cebdfde99492c49cda9b0f944314725d47fcefd98e3e425fd1ef4941ea0f179389aafc6654778baf054ad56d4558eb9a1a829bb92283daf4d9d4689e4f31a7e142a38c1e46fab2b51c259034294f9e3df46369300d7abb035961f3fb87bfac284698ea38654f8af4ae92b79d3b83d340a93711cf5e54b7a477abcced57eb5eeeba75ea2ce91e4ea54d9fc89d510f91751bab88877443eab7873b47fb11269becd9bf2da9873b4311a997df83347605fdacc3ff1715e23fb4a0d50b8c0df549dcad3e87b2f58c6638cf0f5f01e166fc5bb7b817db995363f37ccbececd99ef0597063010474fef4301318ef20b61b01d5db865842efcf7e4adf39c64792c3da2ae57b2987e980d6d98a6dcdc8f47c2080358df9dd4502caf72d3486589f3b63e1d49f3675582defce94c0d2c7c522cbf3fe407ccf6b23bd64378cba66326ded5bf23ae983daa171e2b84dc3442df84ab592b3228f8a1b1de2af23e832fca114e1c19ad94868630243a217855fe59b5128c8f0bd3452c79f4b5b50a247b1011eb55a7cb60004bad5d43158976eff07f9dd6123a542f5c8031c6484ea07daa0d03d8025bb5052b4b5c56752bf0fb498a447f5dc8195884adf2a18e46357968683146074ce2ab98774251da0e748aac58b46c27fae9227bb2b079a2213c38b92c6fe45bcb068869328edc2e8558c4133ec63a7125c98a8e48e3fcdd7e0f173fdfe1394e38a2eed3cc89d7ba0318124080459fa08994111287bb76166bedee79cd46dadcfc719f1bcb322c2235bc86ca6fd73886db577c88df1ed2bcc7034c3cde5c4dc4dae5c63f9cfb1d7afced7844eb28f1d5b68be5dfef1e3799a9daccbbccc18728f9db6224eb8f87ebfb72b476efe5bdeb1736787abc3d332eb59706efc2edad2c45712abdd76a59531bee79f9c9c3837f635d883deafaea999f7e69fa7e83c81ee41eb3ca87d1f42f5b8135679dec5a0e956c8ca0eb70f265b4d46cf61c1eadfdf14e6e5123e8ebdcf819eda6ac72c4c71432c7e702bebd1ea8d3e3408b445bcadab97b0756079a763bf64d31c08e1a9cd4424ac704aaf2809e467b2dd20c523d4bbe4d4ebf637d7ad5a156879faaad794fb9f112cf06873862c3f776ee4b19781bb8fcd77614bc7c168a045e3f88b26c4ab606c55b030eeae0f34675d006dd68a712a76bdbe04061aed274fc5a3c04a34909d2be143aeeb9ef7609a5e79980a46e3523f34d87c5147639229eb3d02a66b6de2b8ec46e52c04185766ab50d2fa1426cb947779579405b31e9339f02d1b4f94c3366942ae314f98f1558df88f732179107af4c068fb6cde24dfe95c7befa37ecc075a8a2c432b28b5b56a5a9f5f7a32bf2ccc515927acba32e2208989db9d1467ad845e9adf5f1633a0f82022a9027247e754455d4468588d462ee5156861efa15fb392c4fe916a9a04a3598907651d96d86235b101e81998ff562415a2a469442eb4160e1c3a04f19ceb8d5a1ea5bfb42685520e085acfd70402b4a7314613e24af97ffb6dda85f3320be13e48d62d32f394427219433a516753c0a77f33231a0e04fd8bdbe70c60244dd838a4d4637edaf37fbe4f1c201c689eb873a0a487f47abbec3ae20f264a2ffd58ead26e845e9e6c0f080988cd84fe641ed840b08cef588664a524053976ec78fdcc7bcaabf7bc051b1a5d00271c40071c15eadbe0d70e6bd83a029919a9e1ac02cf0a8c5aa01bc05208ecfb566f24b3c63850d3e1ba6aefa08445801c282e10fa5c4e32afbf452429f3cc9d47b6d03c315818dfdbf5269603eef73b4ff7352e6a6604aa4d2b4adcd3d4bab6a5c113e268fa735e2de8a590715c0d4f2fe8f9c14004f4b68b4e576d42d3dd9ed9de5b6317d9cc62d23d25527123f8969904dfb8487154ddddc357aa72265f2d3e58103bed8b0b8cfbdaa23e446a7cfdaaec2e8719e37c3b17f706043cd43836fd75d91ff8b0cc9f7474aacb5cf2457b5c978a4d5050f45c34556cdc07b3fb4ab06b2d27897faf7dcff1b34f9dfdb619bd34e1fed2f562b2da02ac178a6bc0112c883c8f3948000b68d6d8ffb406b95560c17ab9a0275cce2d200ce7e72982652b43951eafa93b786f138c61a67f0d0452bd1b7486c04d779e7631e4473489f99fb0621e3d15abe3f5e52988d25b43648f9d43c8cca47991ef55eae7feff5bd5602ee092a95a0a82765586d40916ffe26b5a2c6e82c874a61d5ab4f6e99809c7811109834b1ba1081e39d3b5082233f4d179d77c85c0db3ea9b9926bafb68b5024df32c5ceb0d2447f3c77ea6f70b8c9c742fc69c4f4f02922d43cd8f046529695aa43539dbc88e57f45ac1d12580f3c279a60677a16558b549afafdda654d155260993ff58296083e7f4eebd7748d803ee2760f65d155dcb0c3", 0x2000, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x78, 0x0, 0x9, {0x3, 0xffff, 0x0, {0x6, 0x8000000000000000, 0x7fffffffffffffff, 0x6, 0x1, 0x4, 0x3, 0x3, 0x61, 0xc000, 0x2, r3, r4, 0x6, 0xc}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x21, 0x0, 0x128200}}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r2], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000940), &(0x7f0000000900), 0xa7c, r5}, 0x38)
chown(&(0x7f0000000000)='./file0\x00', 0xee01, 0xee00)
llistxattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000c80)=""/4096, 0x1000)
pipe2$9p(&(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f00000000c0)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15)
r8 = dup(r7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
iopl(0x3)
msgrcv(0x0, 0x0, 0x2, 0x0, 0x5c00)
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENT(r8, &(0x7f0000000000)=ANY=[@ANYBLOB='X'], 0x58)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])

49.308110703s ago: executing program 4 (id=1077):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r4 = socket(0x1e, 0x1, 0x0)
setsockopt$TIPC_IMPORTANCE(r4, 0x10f, 0x8a, &(0x7f0000000040)=0x7e, 0x4)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r5, &(0x7f0000000000)={0x1f, @none}, 0x8)
connect$bt_sco(r5, &(0x7f0000000040)={0x1f, @fixed}, 0x8)
io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000100)=[r3, r3, r3, r5, r0, r2], 0x6)
r6 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05604, &(0x7f0000000cc0)={0x1})
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000040)='./file0/../file0\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x250) (fail_nth: 3)
sendmsg$alg(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)=[{0x0}], 0x1, &(0x7f0000000780)=ANY=[], 0x134, 0x40449d5}, 0x20000091)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_emit_ethernet(0x32, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000000000000000000080045000024000002ac1414bb00000000fc54907802ffffffed000000"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socket(0x40000000015, 0x5, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r9, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

49.077461038s ago: executing program 4 (id=1079):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="310300000000000000000900000008000300", @ANYRES32], 0x24}}, 0x0)
connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
recvmmsg(r0, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f00000001c0), 0x2000000000000112}, 0x3268455f}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)=""/171, 0xab}], 0x1}, 0xfffffff9}], 0x2, 0x2, 0x0)
r1 = fsopen(&(0x7f0000000100)='binfmt_misc\x00', 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xd)
r3 = dup(r2)
write$RDMA_USER_CM_CMD_DESTROY_ID(r3, 0x0, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000988e58c74a50d8440000000200000000000000000700"], 0x50)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000440)="89b2058265a0985861723939c7fbd9bf5420cc05f9c92c483d4f3e5c59919245bbfdaaea0bb48175bdbde03fecf98ea2b61446ef18653259ac1d0a41f39521a92ccc171f6d7376d999f9b04298aecbdaf24c8b928e0222c1df6fad828430540f71204fd7f35f23093fb21ac28b3f626f13f70edd8a0243d2680c6d2970a9cc4f9230a964599a817cf4a8b27866e46c325b273fd92081bb51ab", 0x99)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0xfffffffffffffffc, 0x300, 0x0, 0x0, 0x0, 0x37a0}, 0x0, &(0x7f00000002c0)={0x2}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8)
r7 = fsmount(r1, 0x0, 0x0)
syz_genetlink_get_family_id$smc(0x0, r7)
open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xa00)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000040)={'syztnl1\x00', &(0x7f00000001c0)={'syztnl2\x00', 0x0, 0x2f, 0x4, 0x4, 0x7, 0x1, @dev={0xfe, 0x80, '\x00', 0x2f}, @mcast1, 0x20, 0x7800, 0x7, 0x2}})
r8 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r8, &(0x7f0000000400)={'#! ', './file0'}, 0xb)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r9, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)

49.010192579s ago: executing program 33 (id=1079):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="310300000000000000000900000008000300", @ANYRES32], 0x24}}, 0x0)
connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
recvmmsg(r0, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f00000001c0), 0x2000000000000112}, 0x3268455f}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)=""/171, 0xab}], 0x1}, 0xfffffff9}], 0x2, 0x2, 0x0)
r1 = fsopen(&(0x7f0000000100)='binfmt_misc\x00', 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xd)
r3 = dup(r2)
write$RDMA_USER_CM_CMD_DESTROY_ID(r3, 0x0, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000988e58c74a50d8440000000200000000000000000700"], 0x50)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000440)="89b2058265a0985861723939c7fbd9bf5420cc05f9c92c483d4f3e5c59919245bbfdaaea0bb48175bdbde03fecf98ea2b61446ef18653259ac1d0a41f39521a92ccc171f6d7376d999f9b04298aecbdaf24c8b928e0222c1df6fad828430540f71204fd7f35f23093fb21ac28b3f626f13f70edd8a0243d2680c6d2970a9cc4f9230a964599a817cf4a8b27866e46c325b273fd92081bb51ab", 0x99)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0xfffffffffffffffc, 0x300, 0x0, 0x0, 0x0, 0x37a0}, 0x0, &(0x7f00000002c0)={0x2}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8)
r7 = fsmount(r1, 0x0, 0x0)
syz_genetlink_get_family_id$smc(0x0, r7)
open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xa00)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000040)={'syztnl1\x00', &(0x7f00000001c0)={'syztnl2\x00', 0x0, 0x2f, 0x4, 0x4, 0x7, 0x1, @dev={0xfe, 0x80, '\x00', 0x2f}, @mcast1, 0x20, 0x7800, 0x7, 0x2}})
r8 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r8, &(0x7f0000000400)={'#! ', './file0'}, 0xb)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r9, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)

4.899409542s ago: executing program 1 (id=1359):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010f5010000000000000000000000000a58000000090a010400000000000000000000000008000a40000000000900020073797a31000000000900010073797a310000000008000540000000210800034000000040"], 0x80}}, 0x0)

4.608855275s ago: executing program 1 (id=1363):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x8241, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f00000001c0)={0x1f, 0x0, @any, 0x0, 0x1}, 0xf)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1001, @none}, 0xe)
syz_usb_control_io(r0, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x3274, 0x0, 0x8000}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280))
syz_io_uring_submit(r4, r5, 0x0)
io_uring_enter(r3, 0x8aa, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
r6 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8000}, &(0x7f0000000240)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x38, 0x3, r6, 0x0, 0x0, 0x0, 0x1, 0x1, {0x3}})
mkdir(&(0x7f00000002c0)='./file0\x00', 0x20)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x1000000, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000280)='./file0\x00')
acct(&(0x7f00000001c0)='./file0\x00')
acct(0x0)
mremap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000006000/0x4000)=nil)
r9 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r9, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/89, 0x128000, 0x800}, 0x20)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r10 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r10, 0x0)

3.503985224s ago: executing program 2 (id=1378):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x4, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
dup(0xffffffffffffffff)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x6, 0x0, 0x0)
userfaultfd(0x80800)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0cc5640, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$video4linux(&(0x7f0000000480), 0x5, 0x0)
add_key(&(0x7f0000000080)='asymmetric\x00', 0x0, &(0x7f0000000500)="e306644c2f0b801228a9253e", 0xc, 0xfffffffffffffffd)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="611570000090000061136c0000000000bf3000000000000007000000ee0016055e03010000000000160500000000000069163e0000000000bf07000000000000260507000fff07206706000020000000140600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000210400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0)

2.955871454s ago: executing program 1 (id=1381):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x8241, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f00000001c0)={0x1f, 0x0, @any, 0x0, 0x1}, 0xf)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1001, @none}, 0xe)
syz_usb_control_io(r1, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x3274, 0x0, 0x8000}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000200)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
syz_io_uring_submit(r5, r6, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r4, 0x8aa, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000006000/0x4000)=nil)
r8 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/89, 0x128000, 0x800, 0x3e000000}, 0x20)
syz_usb_control_io(r1, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2.567957603s ago: executing program 2 (id=1385):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
write$binfmt_elf64(r0, 0x0, 0xfe3c)

2.567342539s ago: executing program 2 (id=1386):
mkdir(&(0x7f0000000300)='./file0\x00', 0x9) (async)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) (async)
syz_open_dev$evdev(&(0x7f0000000000), 0xc0, 0x0) (async)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280), 0x6) (async)
write(r0, &(0x7f0000000340), 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
mount$9p_virtio(&(0x7f0000000240), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) (async)
socket$inet(0x2b, 0x80000, 0x6)
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0xf0cb2f4a0c2cfc5d, 0x0) (async)
socket$igmp(0x2, 0x3, 0x2) (async)
r2 = timerfd_create(0x0, 0x0)
timerfd_settime(r2, 0x3, &(0x7f0000000440)={{}, {0x0, 0x3938700}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
ioprio_get$pid(0x2, r3)

2.35683663s ago: executing program 2 (id=1387):
r0 = socket$netlink(0x10, 0x3, 0x2)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00000000000000000012000000004e9ca94968bc3c8f9855a1febbc80a89f15a0f112e65ccca8bf8afb91ae33ed5c39e1e4040dc2c7c23610cc277912a575c4d64331c333963a69555f66a51cce8b4290898b55bbe1643889ddb1107d5a41fc4651d49f4f7e5817860f63d99147c862b4bf0d6cd1696ea114432c1da474e8569dda8e7b1631aead3cdd841e2c158656935dd2c7509cb570505a06d677a7b708657bbfaf499c68286682160cddcbc29aa295daa7da3faa8874bc69e314d499504e8f36805be6e96aa"], 0x14}, 0x1, 0x0, 0x0, 0x4c0cc}, 0xc0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'syztnl0\x00', &(0x7f0000000140)={'syztnl0\x00', 0x0, 0x10, 0x8000, 0x80000000, 0x3, {{0x38, 0x4, 0x3, 0x7, 0xe0, 0x66, 0x0, 0x54, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, {[@cipso={0x86, 0x33, 0x2, [{0x0, 0x2}, {0x2, 0x2}, {0x2, 0xe, "d4bef64157f2d93e96c44494"}, {0x5, 0xf, "f1cfa42d2ecb41f7c09fa80d08"}, {0x5, 0xc, "b254155c909cd2d40d86"}]}, @cipso={0x86, 0x4d, 0xfffffffffffffffc, [{0x0, 0x9, "2ae7424578a8bf"}, {0x7, 0xe, "074be8fd33652649efb56efd"}, {0x5, 0x11, "ad909087c7a93c31b35a9018cc8f84"}, {0x1, 0xd, "ba9ad4550cb390a74adb38"}, {0x5, 0x12, "42d0c1334fb259cee288d657647d80ec"}]}, @rr={0x7, 0x7, 0xbb, [@rand_addr=0x64010101]}, @cipso={0x86, 0x31, 0x1, [{0x1, 0xc, "3160012b1ca9725b190f"}, {0x5, 0xe, "9520fa674a80b3669bc88ee3"}, {0x1, 0x11, "ae3b4175d117e6332decaa06037062"}]}, @ra={0x94, 0x4}, @ssrr={0x89, 0xf, 0x1f, [@rand_addr=0x64010101, @broadcast, @local]}]}}}}})
syz_usb_connect$printer(0x6, 0x36, &(0x7f00000006c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x1, 0x40, 0x8, [{{0x9, 0x4, 0x0, 0x8, 0x1, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0xe, 0x3}}, [{{0x9, 0x5, 0x82, 0x2, 0x610, 0x5, 0x5, 0x3}}]}}}]}}]}}, &(0x7f0000000940)={0xa, &(0x7f0000000700)={0xa, 0x6, 0x250, 0x46, 0x5, 0x4, 0x20, 0x3}, 0xbc, &(0x7f0000000740)={0x5, 0xf, 0xbc, 0x1, [@generic={0xb7, 0x10, 0xa, "7fab7077afc35d7cafcf41a1568657a6f7b4355093194bd6e5f5d26baa4b00fbfec3206103c1f868de2f32f3ab8070794a5b8811524b1f1d68cf6ce228ae426a452be6ae0946a4efe4f812c82b3b69a854b732f8851fd1b3533db0bccf23d76b4e7f0826c795b6168a04d14671c6721ba96abf1d30203ca9417102d8ecda16e31e48b5e91494300d84bc62f1123c43a3f025d87c1328d8e47b7ebdbca5612c41906a4fded4898d992c7867a447ee3bc79b04ef11"}]}, 0x4, [{0x0, 0x0}, {0x95, &(0x7f0000000800)=@string={0x95, 0x3, "3705bd703c96c3115601bcc96d6fc6f34acc0b275321c0ce5a5c2eb6487ea853392f4838bd9654a3d454330c20031f43e5767a56014216aefbbb5e8e6c891eacff6efe254fea93a72689f4f7d4670142a3766afbfe05d151fb8b0deeec44b0b9158e3adc994c23b0fd6b9bc0e30ee6cf3173c16bab45d16308d6765f8a112bb94f978aa3920dc3b67ca43c0b502941aacee04e"}}, {0x4, &(0x7f00000008c0)=@lang_id={0x4, 0x3, 0x140c}}, {0x4, &(0x7f0000000900)=@lang_id={0x4, 0x3, 0x447}}]})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r1)
openat$apparmor_task_current(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r4, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r4, 0x7b1, &(0x7f0000000080)={&(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x1, 0x400})
ioctl$VHOST_VDPA_GET_STATUS(r3, 0x8001af71, &(0x7f0000000240))
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, &(0x7f0000000200)={0x0, @aes128, 0x0, @desc1})
r5 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x2, 0x3c2, 0x0, r3}, &(0x7f0000000180), &(0x7f0000000340))
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x8, 0x3, 0x210, 0xa4, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x17c, 0xffffffff, 0xffffffff, 0x17c, 0xffffffff, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0xff000000, 0xffffffff, 'veth1_macvtap\x00', 'batadv_slave_1\x00', {}, {0xff}, 0x67, 0x1, 0x11}, 0x6, 0x70, 0xa4}, @common=@inet=@SET3={0x34, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffff}, {0xffffffffffffffff, 0x0, 0x2}}}}, {{@ip={@empty, @remote, 0x0, 0x0, 'netpci0\x00', 'netdevsim0\x00'}, 0x0, 0xa8, 0xd8, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xffffffffffffffff, 0x4, 0x2}, {0x4, 0x0, 0x2}, 0x80, 0x2}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x26c)
io_uring_enter(r5, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000020000000c2000000700000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000001800000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lirc_mode2=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94)
bpf$PROG_LOAD(0x15, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916360000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe0000000000000000000000000044585397feaadda3fcc64e7b0c08f7ac5c64cb190f1712a3b10fc34eb758705f1751d8c8b712eb39d2b8ad44f129c2c9aedb15"], &(0x7f0000000100)='GPL\x00', 0x0, 0x15, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, r3, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001000000000000000000000000d7e600b56a2c66b5c6bc9b7bb00a38000000120a0102000000000000000002000000090008000440000000000800084000000001080003400000000a520000001100010000000000000000000300000a87ef9da6bf3899d910c9034d6fe6a1b29ee5375377a881d6a724138815ba6674be3febd9b7c0a2bc369132d3ca242b40daf35658"], 0x60}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.801048943s ago: executing program 5 (id=1390):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @remote, @remote, 0x0, 0x4, 0x1, 0x0, 0x80, 0x82680167, r1})
r2 = socket(0x10, 0x80003, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000080)={'sit0\x00', 0x1800})

1.800764488s ago: executing program 5 (id=1391):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x1e0)
syz_open_dev$ndb(0x0, 0x0, 0x0) (async)
syz_open_dev$ndb(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="090000000600000004000000fc07"], 0x48)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
io_uring_setup(0x1155, &(0x7f0000004740)) (async)
r1 = io_uring_setup(0x1155, &(0x7f0000004740))
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSACTIVE(r3, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
io_uring_register$IORING_REGISTER_RING_FDS(r1, 0x14, &(0x7f0000003780)=[{0x0, 0x0, 0x0, 0x0, 0x0}, {0x3, 0x1, 0x0, &(0x7f00000013c0)=[{&(0x7f0000001040)=""/86, 0x56}, {0x0}, {&(0x7f00000012c0)=""/198, 0xc6}], &(0x7f0000001400)=[0x5, 0x0, 0x6, 0x8, 0x4, 0x7, 0x2, 0x5]}], 0x2) (async)
io_uring_register$IORING_REGISTER_RING_FDS(r1, 0x14, &(0x7f0000003780)=[{0x0, 0x0, 0x0, 0x0, 0x0}, {0x3, 0x1, 0x0, &(0x7f00000013c0)=[{&(0x7f0000001040)=""/86, 0x56}, {0x0}, {&(0x7f00000012c0)=""/198, 0xc6}], &(0x7f0000001400)=[0x5, 0x0, 0x6, 0x8, 0x4, 0x7, 0x2, 0x5]}], 0x2)
read(r3, 0x0, 0x2)
pwrite64(r3, &(0x7f0000000340)="5da1", 0x4, 0x0) (async)
pwrite64(r3, &(0x7f0000000340)="5da1", 0x4, 0x0)
readv(r3, &(0x7f00000002c0)=[{&(0x7f00000000c0)=""/157, 0x9d}, {&(0x7f0000000000)=""/22, 0x16}, {&(0x7f00000001c0)=""/219, 0xdb}], 0x3)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000a00)=@newsa={0x108, 0x10, 0x633, 0x0, 0x0, {{@in=@broadcast, @in=@multicast2}, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x32}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {}, {}, {}, 0x0, 0x0, 0xa}, [@encap={0x1c, 0x4, {0x0, 0x0, 0x0, @in6=@remote}}]}, 0x108}}, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r1, 0x2, 0x0, 0x0) (async)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r1, 0x2, 0x0, 0x0)
ioctl$int_out(r1, 0x5460, 0x0)

1.541665799s ago: executing program 2 (id=1392):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000440), 0x301000, 0x0)
io_uring_setup(0x1009, &(0x7f0000000040)={0x0, 0x9f3, 0x400, 0x0, 0x4})
close_range(r1, 0xffffffffffffffff, 0x0)
write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400", 0x22)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x20000000, 0x4000000000003, 0x2, @thr={0x0, 0x0}})

1.54115243s ago: executing program 2 (id=1393):
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100), 0x1)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x28}}, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r2, 0xc0145b0e, &(0x7f0000000040))
r3 = syz_usb_connect(0x3, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109024b0001100000000904000003fe03010009cd8d1f01020000000905050200de7e001009058b1e20"], 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_connect$cdc_ecm(0x5, 0x59, &(0x7f00000003c0)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x47, 0x1, 0x1, 0x1, 0x80, 0x6, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x2, 0x6, 0x0, 0x7, {{0x8, 0x24, 0x6, 0x0, 0x0, "d42911"}, {0x5, 0x24, 0x0, 0x5}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x8000, 0x5, 0x2}}, {[{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xf9, 0x3, 0x60}}], {{0x9, 0x5, 0x82, 0x2, 0x400, 0x7, 0x5, 0x6}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x9, 0x5, 0x10}}}}}]}}]}}, &(0x7f00000001c0)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x201, 0xfe, 0x9, 0x1, 0x20, 0x9a}, 0x16, &(0x7f0000000000)={0x5, 0xf, 0x16, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0x1a, 0xf, 0x5}, @ext_cap={0x7, 0x10, 0x2, 0x10, 0x8, 0x9, 0xb54e}, @ptm_cap={0x3}]}, 0x1, [{0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x44e}}]})
ioctl$int_in(r4, 0x5452, &(0x7f0000000280)=0x6)
r5 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
io_setup(0x3, &(0x7f0000000180)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
r8 = syz_io_uring_setup(0xd3, &(0x7f0000000480)={0x0, 0x0, 0x800, 0x0, 0x20}, &(0x7f0000000040)=<r9=>0x0, &(0x7f0000000080)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r8, 0x47ba, 0x0, 0x0, 0x0, 0x0)

1.243084916s ago: executing program 1 (id=1394):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000200))
dup(r0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0x1)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000003780)=[{&(0x7f0000001300)=""/170, 0xaa}], 0x1, 0xffff, 0x0)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x280000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000890434000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$l2tp(0x2, 0x2, 0x73)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000580), 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc2c45512, &(0x7f0000000640)={{0xa, 0x2, 0x81, 0x5, 'syz1\x00', 0x9}, 0x0, [0x380, 0xe8af, 0x1, 0xcc0, 0xe, 0x6, 0x80, 0xa6da, 0x2, 0x1, 0x9, 0x5, 0xb, 0xfffffff7, 0x8, 0x10, 0x5, 0x4, 0x40f, 0x80, 0xfffffff8, 0x2, 0x1, 0x400, 0x7fffffff, 0x9c, 0x80000001, 0x3, 0x60e3, 0xa12, 0x8, 0x10000, 0x7, 0x9, 0x7430, 0x2, 0x2, 0x609, 0x1, 0x3, 0x8, 0x5, 0x8001, 0x8, 0x9, 0x1, 0x1, 0x0, 0xffff1688, 0x2, 0x0, 0x4, 0x1000, 0x41b6, 0x4, 0x7ff, 0x7, 0x6, 0x50a, 0x0, 0x6, 0x7ff, 0x1000, 0xffffffff, 0x4, 0x5, 0x7a, 0x2, 0x9, 0xffffffff, 0x3, 0x7, 0xac, 0x7, 0x7, 0x4, 0x8000, 0x9, 0x4, 0x7, 0xd, 0x7, 0x7, 0x0, 0x0, 0x40, 0x2, 0x8000, 0xfff, 0x3, 0x3b9, 0x6, 0x4, 0x4660917f, 0x487d, 0x8000, 0x1, 0x5, 0x3, 0x0, 0x5, 0x4, 0xe, 0x1, 0x7, 0x9, 0xc, 0x4b2, 0x1, 0x1, 0x3ce, 0xa, 0xb, 0x9, 0x0, 0x6, 0xfffffff7, 0xffffbf90, 0x0, 0x7, 0x2, 0x0, 0x7, 0xa, 0x809, 0xc960, 0x73938332, 0x7763]})
fchdir(0xffffffffffffffff)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r3, &(0x7f00000001c0)=""/49, 0x31)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @private=0xa010100}, 0x10)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x107900, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r6, &(0x7f0000000100)={&(0x7f0000000000)={0x24, @none={0x0, 0x2}}, 0x14, &(0x7f00000000c0)={0x0}, 0x1, 0x2000000}, 0x8000)
ioctl$sock_SIOCINQ(r6, 0x541b, 0x0)
mkdir(&(0x7f00000022c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='/'], 0x2)
mount$fuse(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x8afa89, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x24000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0x4, 0x8}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

1.053517279s ago: executing program 1 (id=1395):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b40)={0x34, 0x3b, 0x107, 0xff000000, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x72}]}, @typed={0x8, 0x9, 0x0, 0x0, @ipv4=@multicast1}]}, 0x34}}, 0xc000)

1.053340102s ago: executing program 5 (id=1396):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback, 0x8}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "fffffffffffffff7", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', "006e34e400"}, 0x28)
sendto$inet6(r0, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)

943.673566ms ago: executing program 5 (id=1397):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="580000000206010100000000140000000000000005000100070000000900020073797a30000000000c0007"], 0x58}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c000000040605000000000000000000030004000900020073797a3200000000090002000100000000000000050001000700000005000100070000000900020073797a310000000005000100070000000900020073797a"], 0x5c}}, 0x0)
write$binfmt_register(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
io_setup(0x6, &(0x7f0000001380))
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)=[{0x0}, {&(0x7f0000000480)="14788f740090ea306e52da33591292d40b47ed70e50b676994eeb12a176e0a619d020530ebe7973b14fb4905343bc4ef32b0b73092ec90726f7c756a6ef83ca99c45196bad8560ab1f4708ee60885e4914701ca8643c", 0x56}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x3)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x20, 0x0, 0x309, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6}]}]}, 0x20}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x70, 0x30, 0x871a15abc695fb3d, 0x4c, 0x0, {}, [{0x5c, 0x1, [@m_tunnel_key={0x58, 0x1, 0x0, 0x0, {{0xf}, {0x28, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e23}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="000000f2730088819aba394f56bfce776476a24f808f308dd7c413cbfbb363357647526de39ef322817f33694be041e74ae003aaeea89b25b8c35132795be121c2cb09ce91f5fdfefba8ffa052660855d6e1aee37afe320a65604da6cef52ee492952eed1769ed228a9f8fc993176c82100dd309cd8e9a514a0e", @ANYRES32=0x0], 0x3c}}, 0x4000000)
shutdown(r3, 0x2)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r7, 0xffffffffffffffff, 0x0)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r9 = fanotify_init(0x200, 0x0)
fanotify_mark(r9, 0x80, 0x4800003e, r8, 0x0)
getresgid(0x0, &(0x7f00000000c0), &(0x7f0000000100))

615.501755ms ago: executing program 3 (id=1398):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000100))
r0 = syz_io_uring_setup(0x10d, &(0x7f00000003c0)={0x0, 0xfffffffe}, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITE_FIXED={0x5, 0xa, 0x2007, @fd=r0, 0x8, 0x2, 0x7, 0x21, 0x0, {0x1}})
io_uring_enter(r0, 0x3f70, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)

525.823383ms ago: executing program 5 (id=1399):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
sendto(r0, 0x0, 0x0, 0x5, 0x0, 0x0) (async)
syz_emit_ethernet(0x9e, &(0x7f00000009c0)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x68, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x1a, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x5, "03c0ab"}, @window={0x3, 0xfeed}, @mss={0x1e, 0x4, 0x87}, @sack_perm={0x4, 0x2}, @generic={0x0, 0x12, "1657eac7ba5d9fc54a53000000000000"}, @exp_fastopen={0xfe, 0x0, 0xf989, "b5581a78dc331b34cb3f4c87368b3c35"}, @sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, "7232407c80067615774fdbb46eb86cc8"}, @generic={0x0, 0xa, "111fad2ea7434823"}, @exp_fastopen={0xfe, 0x9, 0xf989, "b43eb61a1a"}]}}}}}}}}, 0x0)

525.567416ms ago: executing program 5 (id=1400):
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prctl$PR_SET_MM_MAP(0x35, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000700)={@ifindex, 0x32, 0x4bb11a8cf0efaf80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_newrule={0x30, 0x20, 0x301, 0x0, 0x2000000, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801c}, [@FRA_GENERIC_POLICY=@FRA_OIFNAME={0x14, 0x11, 'bond0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000850)

525.402838ms ago: executing program 3 (id=1401):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000440), 0x301000, 0x0)
io_uring_setup(0x1009, &(0x7f0000000040)={0x0, 0x9f3, 0x400, 0x0, 0x4})
close_range(r1, 0xffffffffffffffff, 0x0)
write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400", 0x22)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x20000000, 0x4000000000003, 0x2, @thr={0x0, 0x0}})

464.885694ms ago: executing program 3 (id=1402):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
write$binfmt_elf64(r0, 0x0, 0xfe3c)

404.850717ms ago: executing program 3 (id=1403):
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYRESOCT=r1], 0x2c}}, 0x0)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000040)={0x0, 0x4, 0x2, 0x7ff}, 0x10)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='400:\x00\x8e\xf7\xd4\t\xe1\xae\x19\xe5\xf7c\x84\x9c\x06\x00\x00\x00\x11\x01\xf2 \xec\xbe#\'S\xc4\xbd\xb5\x1e\x98MM\x06\x1a\x7f5U\x18\x90\x99\xb2\xfa\')Z\x9ew\xae\xe8\xdd\b\t\xf0\xc4\xbfj\xb6\x88/)~\x93E\x1d4\xa7\xcb\xeb\x0f\xd4(\xb6>\x87\xc3\t\xb0\x80\xf7\xe6\x8b?\xa4\xb3\b\x00\x81\xbe\xea\x1f\xfe\xed\x9d\x1a\x8aQ\xafQ\x06\x0fJ\xc0\xc0=}\x7f\xaeB\xb1\xed\xa4\xf3c#\xbe\b\x1f\xa4L[\xfa\x01Uu\xe0\x8b\x94E\xda\xd9j\x93\xc8~\xd9\x82\x8f\xcam\x17\xa2\xed\xf3\xc3_h\xfc6\t\x96@\xaf\xe6\xd0!)\xc3\xcfe\xe1g\xe7\xe5F\xbdC\xd9$\x9b@\xaf\xc2j1p\xa9\xb2d\x92\x8fo\xcbg\x9fZ\xd7\xef\xb2z\xf5\x0fq\x7f\b\xc2\xa7\x90\xc5\xf5Y\xbc\xf1s\x93X\xb6\xeb\x86&\xa7\x14%B', 0x0)

404.727155ms ago: executing program 1 (id=1404):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='4,0:\x00\x8e\xf7\xd4\t\xe1\xae\x19\xe5\xf7c\x84\x9c\x06\x00\x00\x00\x11\x01\xf2 \xec\xbe#\'S\xc4\xbd\xb5\x1e\x98MM\x06\x1a\x7f5U\x18\x90\x99\xb2\xfa\')Z\x9ew\xae\xe8\xdd\b\t\xf0\xc4\xbfj\xb6\x88/)~\x93E\x1d4\xa7\xcb\xeb\x0f\xd4(\xb6>\x87\xc3\t\xb0\x80\xf7\xe6\x8b?\xa4\xb3\b\x00\x81\xbe\xea\x1f\xfe\xed\x9d\x1a\x8aQ\xafQ\x06\x0fJ\xc0\xc0=}\x7f\xaeB\xb1\xed\xa4\xf3c#\xbe\b\x1f\xa4L[\xfa\x01Uu\xe0\x8b\x94E\xda\xd9j\x93\xc8~\xd9\x82\x8f\xcam\x17\xa2\xed\xf3\xc3_h\xfc6\t\x96@\xaf\xe6\xd0!)\xc3\xcfe\xe1g\xe7\xe5F\xbdC\xd9$\x9b@\xaf\xc2j1p\xa9\xb2d\x92\x8fo\xcbg\x9fZ\xd7\xef\xb2z\xf5\x0fq\x7f\b\xc2\xa7\x90\xc5\xf5Y\xbc\xf1s\x93X\xb6\xeb\x86&\xa7\x14%B', 0x0)

354.009267ms ago: executing program 34 (id=1404):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='4,0:\x00\x8e\xf7\xd4\t\xe1\xae\x19\xe5\xf7c\x84\x9c\x06\x00\x00\x00\x11\x01\xf2 \xec\xbe#\'S\xc4\xbd\xb5\x1e\x98MM\x06\x1a\x7f5U\x18\x90\x99\xb2\xfa\')Z\x9ew\xae\xe8\xdd\b\t\xf0\xc4\xbfj\xb6\x88/)~\x93E\x1d4\xa7\xcb\xeb\x0f\xd4(\xb6>\x87\xc3\t\xb0\x80\xf7\xe6\x8b?\xa4\xb3\b\x00\x81\xbe\xea\x1f\xfe\xed\x9d\x1a\x8aQ\xafQ\x06\x0fJ\xc0\xc0=}\x7f\xaeB\xb1\xed\xa4\xf3c#\xbe\b\x1f\xa4L[\xfa\x01Uu\xe0\x8b\x94E\xda\xd9j\x93\xc8~\xd9\x82\x8f\xcam\x17\xa2\xed\xf3\xc3_h\xfc6\t\x96@\xaf\xe6\xd0!)\xc3\xcfe\xe1g\xe7\xe5F\xbdC\xd9$\x9b@\xaf\xc2j1p\xa9\xb2d\x92\x8fo\xcbg\x9fZ\xd7\xef\xb2z\xf5\x0fq\x7f\b\xc2\xa7\x90\xc5\xf5Y\xbc\xf1s\x93X\xb6\xeb\x86&\xa7\x14%B', 0x0)

181.111182ms ago: executing program 3 (id=1406):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000020000000900010073797a310000000060000000160a03000000000000000000020000000900010073797a31000000000900020073797a31000000002c000380080002400000000008000140000000001800038014000100776c616e3100000000000000000000000800074000000001"], 0xa8}}, 0x0) (fail_nth: 8)

166.827106ms ago: executing program 6 (id=1405):
socket$packet(0x11, 0x3, 0x300) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
timer_settime(0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) (async)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
r1 = epoll_create1(0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xe000001a}) (async)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
write$vga_arbiter(r3, &(0x7f0000000000)=@other={'lock', ' ', 'io'}, 0x8)
r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r6)
sendmsg$IEEE802154_SCAN_REQ(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x14, r7, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wpan0\x00', <r8=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r7, 0x4, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r8}, @IEEE802154_ATTR_SHORT_ADDR={0x6}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x880}, 0x24000011) (async)
sendfile(r4, r2, 0x0, 0x7) (async)
dup2(r2, r1)

47.336289ms ago: executing program 3 (id=1407):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='freezer.parent_freezing\x00', 0x275a, 0x0)
ioctl$sock_ifreq(0xffffffffffffffff, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'})
write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x200000b, 0x12, r0, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_netdev_private(r1, 0x89f4, &(0x7f0000000000))
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000100))
r2 = syz_io_uring_setup(0x10d, &(0x7f00000003c0)={0x0, 0xfffffffe}, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_dev$dmmidi(&(0x7f00000000c0), 0x2, 0x0)
readv(r5, &(0x7f0000000280)=[{&(0x7f0000000100)=""/116, 0x74}], 0x1)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITE_FIXED={0x5, 0xa, 0x2007, @fd=r2, 0x8, 0x2, 0x7, 0x21, 0x0, {0x1}})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
io_uring_enter(r2, 0x3f70, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 6 (id=1405):
socket$packet(0x11, 0x3, 0x300) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
timer_settime(0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) (async)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
r1 = epoll_create1(0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xe000001a}) (async)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
write$vga_arbiter(r3, &(0x7f0000000000)=@other={'lock', ' ', 'io'}, 0x8)
r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r6)
sendmsg$IEEE802154_SCAN_REQ(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x14, r7, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wpan0\x00', <r8=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r5, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r7, 0x4, 0x70bd29, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r8}, @IEEE802154_ATTR_SHORT_ADDR={0x6}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x880}, 0x24000011) (async)
sendfile(r4, r2, 0x0, 0x7) (async)
dup2(r2, r1)

kernel console output (not intermixed with test programs):

09e579
[  189.638227][ T8832] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  189.643137][ T8832] RSP: 002b:00000000f509055c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  189.645254][ T8832] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000080
[  189.647287][ T8832] RDX: 0000000020000480 RSI: 0000000000000000 RDI: 0000000020000300
[  189.649320][ T8832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  189.651410][ T8832] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  189.653445][ T8832] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  189.655467][ T8832]  </TASK>
[  189.766657][ T8843] netlink: 36 bytes leftover after parsing attributes in process `syz.0.810'.
[  189.919183][ T8851] Cannot find del_set index 4 as target
[  190.122001][ T8853] FAULT_INJECTION: forcing a failure.
[  190.122001][ T8853] name failslab, interval 1, probability 0, space 0, times 0
[  190.122057][ T8853] CPU: 0 UID: 0 PID: 8853 Comm: syz.1.813 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  190.122070][ T8853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.122077][ T8853] Call Trace:
[  190.122080][ T8853]  <TASK>
[  190.122085][ T8853]  dump_stack_lvl+0x16c/0x1f0
[  190.122101][ T8853]  should_fail_ex+0x497/0x5b0
[  190.122114][ T8853]  ? fs_reclaim_acquire+0xae/0x150
[  190.122144][ T8853]  should_failslab+0xc2/0x120
[  190.122161][ T8853]  __kmalloc_cache_noprof+0x68/0x420
[  190.122174][ T8853]  ? drm_modeset_acquire_init+0x237/0x410
[  190.122188][ T8853]  drm_atomic_state_alloc+0xb8/0x120
[  190.122203][ T8853]  drm_client_modeset_commit_atomic+0xd1/0x7f0
[  190.122216][ T8853]  ? drm_client_modeset_dpms+0x66/0x210
[  190.122230][ T8853]  ? trace_contention_end+0xee/0x140
[  190.122242][ T8853]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  190.122254][ T8853]  ? trace_contention_end+0xee/0x140
[  190.122264][ T8853]  ? drm_master_internal_acquire+0x21/0x80
[  190.122292][ T8853]  drm_client_modeset_dpms+0x17e/0x210
[  190.122305][ T8853]  drm_fb_helper_blank+0x200/0x260
[  190.122316][ T8853]  ? __pfx_drm_fb_helper_blank+0x10/0x10
[  190.122325][ T8853]  fb_blank+0x105/0x190
[  190.122340][ T8853]  ? __pfx_fb_blank+0x10/0x10
[  190.122353][ T8853]  ? do_fb_ioctl+0x41d/0x7d0
[  190.122365][ T8853]  ? lock_acquire+0x2f/0xb0
[  190.122378][ T8853]  do_fb_ioctl+0x432/0x7d0
[  190.122389][ T8853]  ? __pfx_do_fb_ioctl+0x10/0x10
[  190.122400][ T8853]  ? tomoyo_path_number_perm+0x298/0x5b0
[  190.122426][ T8853]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  190.122451][ T8853]  fb_compat_ioctl+0x55f/0x670
[  190.122463][ T8853]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  190.122478][ T8853]  ? __fget_files+0x206/0x3a0
[  190.122493][ T8853]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  190.122505][ T8853]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  190.122522][ T8853]  __do_fast_syscall_32+0x73/0x120
[  190.122536][ T8853]  do_fast_syscall_32+0x32/0x80
[  190.122552][ T8853]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  190.122567][ T8853] RIP: 0023:0xf7f24579
[  190.122575][ T8853] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  190.122585][ T8853] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  190.122597][ T8853] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000004611
[  190.122604][ T8853] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  190.122610][ T8853] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  190.122616][ T8853] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  190.122623][ T8853] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  190.122636][ T8853]  </TASK>
[  190.406388][ T8857] erofs (device nbd1): cannot find valid erofs superblock
[  190.570931][ T8861] tmpfs: Unknown parameter 'mpo…'
[  190.733667][ T8867] netlink: 'syz.3.818': attribute type 1 has an invalid length.
[  190.735856][ T8867] netlink: 228 bytes leftover after parsing attributes in process `syz.3.818'.
[  191.114813][ T8893] netlink: 36 bytes leftover after parsing attributes in process `syz.2.823'.
[  191.867155][ T8906] can0: slcan on ptm0.
[  191.960783][ T8908] Cannot find del_set index 4 as target
[  192.188356][ T8905] can0 (unregistered): slcan off ptm0.
[  192.619916][ T8927] lo speed is unknown, defaulting to 1000
[  192.696253][ T5941] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  192.700467][ T8931] syz.1.831 (8931): /proc/8930/oom_adj is deprecated, please use /proc/8930/oom_score_adj instead.
[  192.705627][ T8931] netlink: 'syz.1.831': attribute type 1 has an invalid length.
[  192.710415][ T8931] netlink: 228 bytes leftover after parsing attributes in process `syz.1.831'.
[  192.712817][ T8931] netlink: 8 bytes leftover after parsing attributes in process `syz.1.831'.
[  192.784050][ T8939] netlink: 'syz.0.830': attribute type 10 has an invalid length.
[  192.849306][ T8942] erofs (device nbd2): cannot find valid erofs superblock
[  192.901339][ T8939] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  193.120600][ T8954] netlink: 'syz.1.834': attribute type 10 has an invalid length.
[  193.493767][ T8954] team0: Device ipvlan1 failed to register rx_handler
[  193.588197][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[  193.589892][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[  193.905433][ T8988] siw: device registration error -23
[  194.082047][ T8992] netlink: 'syz.0.839': attribute type 10 has an invalid length.
[  194.379806][   T39] audit: type=1326 audit(1734626108.011:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8995 comm="syz.3.840" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x0
[  194.700366][ T8992] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.702569][ T8992] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.709737][ T8992] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.712173][ T8992] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.714140][ T8992] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.716034][ T8992] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.723173][ T8992] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  194.867379][ T9009] netlink: 'syz.0.845': attribute type 8 has an invalid length.
[  194.908470][ T9013] netlink: 'syz.0.846': attribute type 4 has an invalid length.
[  194.910499][ T9013] netlink: 'syz.0.846': attribute type 1 has an invalid length.
[  194.912587][ T9013] netlink: 88156 bytes leftover after parsing attributes in process `syz.0.846'.
[  195.008265][ T9011] erofs (device nbd1): cannot find valid erofs superblock
[  195.083985][ T9016] dccp_v6_rcv: dropped packet with invalid checksum
[  195.605354][ T9025] Cannot find del_set index 4 as target
[  195.683890][   T30] IPVS: starting estimator thread 0...
[  195.786662][ T9028] IPVS: using max 40 ests per chain, 96000 per kthread
[  196.229923][ T9049] netlink: 'syz.1.857': attribute type 4 has an invalid length.
[  196.232040][ T9049] netlink: 'syz.1.857': attribute type 1 has an invalid length.
[  196.234133][ T9049] netlink: 88156 bytes leftover after parsing attributes in process `syz.1.857'.
[  196.347573][ T9055] dccp_v6_rcv: dropped packet with invalid checksum
[  196.686648][ T5980] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  196.712444][ T9062] FAULT_INJECTION: forcing a failure.
[  196.712444][ T9062] name failslab, interval 1, probability 0, space 0, times 0
[  196.715729][ T9062] CPU: 3 UID: 0 PID: 9062 Comm: syz.2.861 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  196.718494][ T9062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  196.721271][ T9062] Call Trace:
[  196.722163][ T9062]  <TASK>
[  196.722953][ T9062]  dump_stack_lvl+0x16c/0x1f0
[  196.724195][ T9062]  should_fail_ex+0x497/0x5b0
[  196.725440][ T9062]  ? fs_reclaim_acquire+0xae/0x150
[  196.726803][ T9062]  should_failslab+0xc2/0x120
[  196.728061][ T9062]  __kmalloc_noprof+0xce/0x4f0
[  196.729326][ T9062]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  196.730809][ T9062]  ? tomoyo_realpath_from_path+0xbf/0x710
[  196.732303][ T9062]  tomoyo_realpath_from_path+0xbf/0x710
[  196.733765][ T9062]  ? tomoyo_path_perm+0x262/0x480
[  196.735101][ T9062]  tomoyo_path_perm+0x276/0x480
[  196.736388][ T9062]  ? tomoyo_path_perm+0x262/0x480
[  196.737722][ T9062]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  196.739143][ T9062]  ? path_lookupat+0x212/0x770
[  196.740408][ T9062]  ? __pfx_filename_lookup+0x10/0x10
[  196.741809][ T9062]  security_inode_getattr+0x116/0x290
[  196.743224][ T9062]  vfs_statx_path+0x2b/0x310
[  196.744446][ T9062]  vfs_statx+0x11f/0x1c0
[  196.745571][ T9062]  ? __pfx_vfs_statx+0x10/0x10
[  196.746844][ T9062]  ? getname_flags.part.0+0x1c5/0x550
[  196.748263][ T9062]  vfs_fstatat+0x7b/0xf0
[  196.749389][ T9062]  __do_compat_sys_ia32_stat64+0x99/0x110
[  196.750892][ T9062]  ? __pfx___do_compat_sys_ia32_stat64+0x10/0x10
[  196.752565][ T9062]  ? __pfx_ksys_write+0x10/0x10
[  196.753853][ T9062]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  196.755583][ T9062]  __do_fast_syscall_32+0x73/0x120
[  196.756930][ T9062]  do_fast_syscall_32+0x32/0x80
[  196.758239][ T9062]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  196.759897][ T9062] RIP: 0023:0xf7f01579
[  196.760978][ T9062] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  196.765976][ T9062] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 00000000000000c3
[  196.768270][ T9062] RAX: ffffffffffffffda RBX: 0000000020000140 RCX: 0000000000000000
[  196.770338][ T9062] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  196.772399][ T9062] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  196.774472][ T9062] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  196.776530][ T9062] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  196.778617][ T9062]  </TASK>
[  196.779822][ T9062] ERROR: Out of memory at tomoyo_realpath_from_path.
[  196.868181][ T5980] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  196.870534][ T5980] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  196.873283][ T5980] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  196.875657][ T5980] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  196.878733][ T5980] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  196.882822][ T5980] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  196.885267][ T5980] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  196.887663][ T5980] usb 5-1: Product: syz
[  196.888849][ T5980] usb 5-1: Manufacturer: syz
[  196.892523][ T5980] cdc_wdm 5-1:1.0: skipping garbage
[  196.894149][ T5980] cdc_wdm 5-1:1.0: skipping garbage
[  196.898146][ T5980] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  196.899792][ T5980] cdc_wdm 5-1:1.0: Unknown control protocol
[  197.046645][ T5979] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  197.167431][ T9069] netlink: 36 bytes leftover after parsing attributes in process `syz.1.864'.
[  197.199744][ T5979] usb 7-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  197.202154][ T5979] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.204230][ T5979] usb 7-1: Product: syz
[  197.205351][ T5979] usb 7-1: Manufacturer: syz
[  197.207112][ T5979] usb 7-1: SerialNumber: syz
[  197.210132][ T5979] usb 7-1: config 0 descriptor??
[  197.248154][ T9073] Cannot find del_set index 4 as target
[  197.614940][ T5979] usb 7-1: Firmware: major: 0, minor: 0, hardware type: RZUSB (3)
[  197.617048][ T5979] usb 7-1: Firmware version (0.0) predates our first public release.
[  197.619153][ T5979] usb 7-1: Please update to version 0.2 or newer
[  197.696582][   T30] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  197.840085][ T5979] usb 7-1: USB disconnect, device number 9
[  197.856636][   T30] usb 6-1: Using ep0 maxpacket: 16
[  197.859802][   T30] usb 6-1: config 0 has no interfaces?
[  197.862934][   T30] usb 6-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=ec.89
[  197.865373][   T30] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.867608][   T30] usb 6-1: Product: syz
[  197.868739][   T30] usb 6-1: Manufacturer: syz
[  197.869988][   T30] usb 6-1: SerialNumber: syz
[  197.872720][   T30] usb 6-1: config 0 descriptor??
[  198.314685][ T9085] Process accounting resumed
[  198.399387][ T9090] kvm: user requested TSC rate below hardware speed
[  198.402406][ T9090] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2248643489 (17989147912 ns) > initial count (11631199424 ns). Using initial count to start timer.
[  198.673270][ T5980] usb 6-1: USB disconnect, device number 13
[  198.915060][ T9095] lo speed is unknown, defaulting to 1000
[  199.014560][ T9099] netlink: 'syz.3.871': attribute type 4 has an invalid length.
[  199.016701][ T9099] netlink: 'syz.3.871': attribute type 1 has an invalid length.
[  199.018722][ T9099] netlink: 88156 bytes leftover after parsing attributes in process `syz.3.871'.
[  199.130143][ T9101] dccp_v6_rcv: dropped packet with invalid checksum
[  199.410891][ T9109] netlink: 36 bytes leftover after parsing attributes in process `syz.2.874'.
[  199.433332][ T9108] netlink: 'syz.1.873': attribute type 10 has an invalid length.
[  199.435793][ T9108] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.438220][ T9108] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.444292][ T9108] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.446229][ T9108] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.448244][ T9108] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.450568][ T9108] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.454898][ T9108] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  199.808777][ T9117] Cannot find del_set index 4 as target
[  199.888711][ T9120] syz.3.877: attempt to access beyond end of device
[  199.888711][ T9120] nbd3: rw=0, sector=0, nr_sectors = 2 limit=0
[  199.892240][ T9120] (syz.3.877,9120,0):ocfs2_get_sector:1769 ERROR: status = -5
[  199.894331][ T9120] (syz.3.877,9120,0):ocfs2_sb_probe:749 ERROR: status = -5
[  199.896474][ T9120] (syz.3.877,9120,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  199.899937][ T9120] (syz.3.877,9120,0):ocfs2_fill_super:1178 ERROR: status = -5
[  200.169929][ T9125] lo speed is unknown, defaulting to 1000
[  200.214577][ T9126] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  200.281563][ T9126] 8021q: adding VLAN 0 to HW filter on device bond1
[  200.284073][ T9126] bond0: (slave bond1): Enslaving as an active interface with an up link
[  200.936611][ T6901] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  200.992001][ T9141] FAULT_INJECTION: forcing a failure.
[  200.992001][ T9141] name failslab, interval 1, probability 0, space 0, times 0
[  200.995273][ T9141] CPU: 0 UID: 0 PID: 9141 Comm: syz.2.882 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  200.998054][ T9141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  201.001438][ T9141] Call Trace:
[  201.002671][ T9141]  <TASK>
[  201.003746][ T9141]  dump_stack_lvl+0x16c/0x1f0
[  201.005456][ T9141]  should_fail_ex+0x497/0x5b0
[  201.007175][ T9141]  ? fs_reclaim_acquire+0xae/0x150
[  201.009013][ T9141]  should_failslab+0xc2/0x120
[  201.010755][ T9141]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  201.012866][ T9141]  ? __alloc_skb+0x2b3/0x380
[  201.014555][ T9141]  __alloc_skb+0x2b3/0x380
[  201.016183][ T9141]  ? __pfx___alloc_skb+0x10/0x10
[  201.017968][ T9141]  ? aa_sk_perm+0x2f5/0xb20
[  201.019671][ T9141]  ? __pfx_aa_sk_perm+0x10/0x10
[  201.021266][ T9141]  pfkey_sendmsg+0x16e/0x840
[  201.022494][ T9141]  ____sys_sendmsg+0x9ae/0xb40
[  201.023742][ T9141]  ? __pfx_____sys_sendmsg+0x10/0x10
[  201.025106][ T9141]  ? get_compat_msghdr+0x11b/0x170
[  201.026479][ T9141]  ___sys_sendmsg+0x135/0x1e0
[  201.027706][ T9141]  ? __pfx____sys_sendmsg+0x10/0x10
[  201.029173][ T9141]  ? __pfx_lock_release+0x10/0x10
[  201.030638][ T9141]  ? trace_lock_acquire+0x14e/0x1f0
[  201.031995][ T9141]  ? __fget_files+0x206/0x3a0
[  201.033241][ T9141]  __sys_sendmsg+0x16e/0x220
[  201.034458][ T9141]  ? __pfx___sys_sendmsg+0x10/0x10
[  201.036131][ T9141]  __do_fast_syscall_32+0x73/0x120
[  201.037993][ T9141]  do_fast_syscall_32+0x32/0x80
[  201.039771][ T9141]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  201.042060][ T9141] RIP: 0023:0xf7f01579
[  201.043538][ T9141] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  201.050414][ T9141] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  201.053435][ T9141] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  201.055589][ T9141] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  201.057800][ T9141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  201.060014][ T9141] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  201.062049][ T9141] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  201.064081][ T9141]  </TASK>
[  201.089435][ T6901] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  201.091875][ T6901] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.093986][ T6901] usb 6-1: Product: syz
[  201.095117][ T6901] usb 6-1: Manufacturer: syz
[  201.096362][ T6901] usb 6-1: SerialNumber: syz
[  201.099992][ T6901] usb 6-1: config 0 descriptor??
[  201.159784][ T9144] netlink: 36 bytes leftover after parsing attributes in process `syz.2.883'.
[  201.505841][ T6901] usb 6-1: Firmware: major: 0, minor: 0, hardware type: RZUSB (3)
[  201.508864][ T6901] usb 6-1: Firmware version (0.0) predates our first public release.
[  201.510991][ T6901] usb 6-1: Please update to version 0.2 or newer
[  201.602567][ T9151] netlink: 'syz.2.885': attribute type 1 has an invalid length.
[  201.604716][ T9151] netlink: 224 bytes leftover after parsing attributes in process `syz.2.885'.
[  201.722441][ T9159] autofs: Unknown parameter '000000000000000000000030x0000000000000000'
[  201.774036][ T6901] usb 6-1: USB disconnect, device number 14
[  203.430477][ T9213] Cannot find del_set index 4 as target
[  203.876620][   T56] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  204.026598][   T56] usb 8-1: Using ep0 maxpacket: 16
[  204.029724][   T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.033110][   T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  204.036166][   T56] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  204.039305][   T56] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.042139][   T56] usb 8-1: config 0 descriptor??
[  204.167374][ T9223] erofs (device nbd1): cannot find valid erofs superblock
[  204.615496][ T9219] Process accounting resumed
[  204.656416][   T56] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:05AC:8241.0017/input/input30
[  204.723668][   T56] appleir 0003:05AC:8241.0017: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0
[  204.870353][ T5980] usb 8-1: USB disconnect, device number 11
[  205.281487][ T9235] 9pnet: p9_errstr2errno: server reported unknown error �@:®dº.Åo^½æ$h9ç4ÔY½�J
S§jp
[  205.331095][ T9235] Bluetooth: MGMT ver 1.23
[  205.769315][ T9249] Cannot find del_set index 4 as target
[  206.262929][ T9257] rdma_rxe: rxe_newlink: failed to add bond0
[  206.265505][ T9257] netlink: 8 bytes leftover after parsing attributes in process `syz.2.906'.
[  206.742091][ T9261] erofs (device nbd3): cannot find valid erofs superblock
[  206.776608][ T9262] nbd3: detected capacity change from 0 to 67108884
[  206.782188][ T6287] block nbd3: Send control failed (result -89)
[  206.784274][ T6287] block nbd3: Request send failed, requeueing
[  206.787282][ T5941] block nbd3: Receive control failed (result -32)
[  206.788332][ T1159] block nbd3: Dead connection, failed to find a fallback
[  206.792620][ T1159] block nbd3: shutting down sockets
[  206.794119][ T1159] blk_print_req_error: 25 callbacks suppressed
[  206.794127][ T1159] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  206.798199][ T1159] buffer_io_error: 25 callbacks suppressed
[  206.798207][ T1159] Buffer I/O error on dev nbd3, logical block 0, async page read
[  206.801942][ T6287] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  206.804297][ T6287] Buffer I/O error on dev nbd3, logical block 0, async page read
[  206.807056][ T6287] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  206.810133][ T6287] Buffer I/O error on dev nbd3, logical block 0, async page read
[  206.812815][ T6287] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  206.815832][ T6287] Buffer I/O error on dev nbd3, logical block 0, async page read
[  206.818581][ T6287] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  206.821767][ T6287] Buffer I/O error on dev nbd3, logical block 0, async page read
[  206.823909][ T6287] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  206.826241][ T6287] Buffer I/O error on dev nbd3, logical block 0, async page read
[  206.828462][ T6287] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  206.830927][ T6287] Buffer I/O error on dev nbd3, logical block 0, async page read
[  206.833027][ T6287] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  206.835372][ T6287] Buffer I/O error on dev nbd3, logical block 0, async page read
[  206.837458][ T6287] ldm_validate_partition_table(): Disk read failed.
[  206.839212][ T6287] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  206.842017][ T6287] Buffer I/O error on dev nbd3, logical block 0, async page read
[  206.844062][ T6287] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  206.846389][ T6287] Buffer I/O error on dev nbd3, logical block 0, async page read
[  206.848539][ T6287] Dev nbd3: unable to read RDB block 0
[  206.850227][ T6287]  nbd3: unable to read partition table
[  206.919235][ T6287] ldm_validate_partition_table(): Disk read failed.
[  206.921460][ T6287] Dev nbd3: unable to read RDB block 0
[  206.923402][ T6287]  nbd3: unable to read partition table
[  207.226586][ T9271] nbd3: detected capacity change from 0 to 67108884
[  207.229113][ T6287] block nbd3: Send control failed (result -89)
[  207.230780][ T6287] block nbd3: Request send failed, requeueing
[  207.233197][ T5941] block nbd3: Receive control failed (result -32)
[  207.233249][ T6050] block nbd3: Dead connection, failed to find a fallback
[  207.237753][ T6050] block nbd3: shutting down sockets
[  207.241708][ T6287] ldm_validate_partition_table(): Disk read failed.
[  207.244196][ T6287] Dev nbd3: unable to read RDB block 0
[  207.245895][ T6287]  nbd3: unable to read partition table
[  207.249587][ T6287] ldm_validate_partition_table(): Disk read failed.
[  207.252296][ T6287] Dev nbd3: unable to read RDB block 0
[  207.254620][ T6287]  nbd3: unable to read partition table
[  207.447233][   T56] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  207.796572][   T56] usb 6-1: Using ep0 maxpacket: 16
[  207.799102][   T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.801905][   T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.804401][   T56] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  207.806877][   T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.809888][   T56] usb 6-1: config 0 descriptor??
[  208.052333][ T9287] Cannot find del_set index 4 as target
[  208.242372][ T9275] Process accounting resumed
[  208.252178][   T56] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.0018/input/input31
[  208.309529][   T56] appleir 0003:05AC:8241.0018: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  208.458450][ T5307] usb 6-1: USB disconnect, device number 15
[  209.286685][ T5979] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  209.417740][ T9300] erofs (device nbd1): cannot find valid erofs superblock
[  209.436684][ T5979] usb 8-1: Using ep0 maxpacket: 8
[  209.440046][ T5979] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  209.443766][ T5979] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  209.447747][ T5979] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  209.451304][ T5979] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  209.456036][ T5979] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  209.460893][ T5979] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.672351][ T5979] usb 8-1: GET_CAPABILITIES returned 0
[  209.673857][ T5979] usbtmc 8-1:16.0: can't read capabilities
[  209.877394][ T9307] netlink: 36 bytes leftover after parsing attributes in process `syz.2.920'.
[  209.883985][ T9297] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.888487][ T9297] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.894077][ T9297] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.898599][ T9297] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.561254][ T5944] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  211.568510][ T5944] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  211.572646][ T5944] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  211.577409][ T5944] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  211.580301][ T5944] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  211.582241][ T5944] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  211.600657][ T9326] lo speed is unknown, defaulting to 1000
[  211.696697][   T30] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  211.703289][ T9326] chnl_net:caif_netlink_parms(): no params data found
[  211.743912][ T9326] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.745812][ T9326] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.747844][ T9326] bridge_slave_0: entered allmulticast mode
[  211.749799][ T9326] bridge_slave_0: entered promiscuous mode
[  211.752265][ T9326] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.754199][ T9326] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.755923][ T9326] bridge_slave_1: entered allmulticast mode
[  211.758376][ T9326] bridge_slave_1: entered promiscuous mode
[  211.782793][ T9326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.786202][ T9326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.807121][ T9326] team0: Port device team_slave_0 added
[  211.809656][ T9326] team0: Port device team_slave_1 added
[  211.826283][ T9326] batman_adv: batadv0: Adding interface: batadv_slave_0
[  211.828677][ T9326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.834967][ T9326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.838982][ T9326] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.840651][ T9326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.846856][ T9326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.857032][   T30] usb 7-1: Using ep0 maxpacket: 16
[  211.859777][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  211.866251][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  211.868989][   T30] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  211.871253][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.874803][   T30] usb 7-1: config 0 descriptor??
[  211.879135][ T9326] hsr_slave_0: entered promiscuous mode
[  211.884052][ T9326] hsr_slave_1: entered promiscuous mode
[  211.886903][ T9326] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  211.889782][ T9326] Cannot create hsr debugfs directory
[  212.006070][ T9326] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  212.010895][ T9326] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  212.015103][ T9326] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  212.020220][ T9326] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  212.030316][ T9326] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.032126][ T9326] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.034046][ T9326] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.035842][ T9326] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.053392][ T6901] usb 8-1: USB disconnect, device number 12
[  212.059992][ T9326] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.069059][ T1133] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.072103][ T1133] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.088203][ T9326] 8021q: adding VLAN 0 to HW filter on device team0
[  212.095980][ T1133] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.097858][ T1133] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.102958][ T1133] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.104827][ T1133] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.208857][ T9326] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.365399][ T9325] Process accounting resumed
[  212.385905][   T30] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:05AC:8241.0019/input/input32
[  212.509267][   T30] appleir 0003:05AC:8241.0019: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  212.577455][ T9326] veth0_vlan: entered promiscuous mode
[  212.582832][ T5940] usb 7-1: USB disconnect, device number 10
[  212.604869][ T9326] veth1_vlan: entered promiscuous mode
[  212.627459][ T9359] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  212.636593][ T9359] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  212.663363][ T9326] veth0_macvtap: entered promiscuous mode
[  212.678010][ T9326] veth1_macvtap: entered promiscuous mode
[  212.684332][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.687761][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.690643][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.694075][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.706554][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.709125][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.711542][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  212.714110][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.727549][ T9326] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.739555][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.742152][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.744562][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.756539][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.758992][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.761883][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.764296][ T9326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  212.776536][ T9326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  212.779397][ T9326] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.788090][ T9326] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.790311][ T9326] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.792440][ T9326] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.794630][ T9326] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.856059][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.859390][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.894972][ T1133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.898238][ T1133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.053955][ T9367] Cannot find del_set index 4 as target
[  213.107192][   T65] Bluetooth: hci3: command 0x0405 tx timeout
[  213.213338][ T9375] netlink: 36 bytes leftover after parsing attributes in process `syz.3.934'.
[  213.331751][ T9381] FAULT_INJECTION: forcing a failure.
[  213.331751][ T9381] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.335125][ T9381] CPU: 1 UID: 0 PID: 9381 Comm: syz.2.936 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  213.337784][ T9381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  213.340509][ T9381] Call Trace:
[  213.341391][ T9381]  <TASK>
[  213.342158][ T9381]  dump_stack_lvl+0x16c/0x1f0
[  213.343358][ T9381]  should_fail_ex+0x497/0x5b0
[  213.344552][ T9381]  save_fsave_header+0x17c/0x2e0
[  213.345830][ T9381]  ? __pfx_save_fsave_header+0x10/0x10
[  213.347271][ T9381]  ? __local_bh_enable_ip+0xa4/0x120
[  213.348672][ T9381]  copy_fpstate_to_sigframe+0x7b6/0xb20
[  213.350090][ T9381]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  213.351620][ T9381]  ? lock_acquire+0x2f/0xb0
[  213.352813][ T9381]  ? posixtimer_deliver_signal+0x1ad/0x650
[  213.354277][ T9381]  ? posixtimer_deliver_signal+0x1ad/0x650
[  213.355733][ T9381]  ? find_held_lock+0x2d/0x110
[  213.356961][ T9381]  get_sigframe+0x4aa/0x9c0
[  213.358146][ T9381]  ? __pfx_get_sigframe+0x10/0x10
[  213.359422][ T9381]  ? _raw_spin_unlock_irq+0x23/0x50
[  213.360748][ T9381]  ? siginfo_layout+0x177/0x290
[  213.361993][ T9381]  ia32_setup_rt_frame+0xe4/0xb30
[  213.363248][ T9381]  ? __pfx_ia32_setup_rt_frame+0x10/0x10
[  213.364657][ T9381]  ? __pfx_do_splice+0x10/0x10
[  213.365797][ T9381]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  213.367166][ T9381]  arch_do_signal_or_restart+0x47b/0x7e0
[  213.368586][ T9381]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  213.370137][ T9381]  ? __do_splice+0x1dd/0x360
[  213.371317][ T9381]  syscall_exit_to_user_mode+0x150/0x2a0
[  213.372738][ T9381]  __do_fast_syscall_32+0x80/0x120
[  213.374033][ T9381]  do_fast_syscall_32+0x32/0x80
[  213.375262][ T9381]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  213.376883][ T9381] RIP: 0023:0xf7f01577
[  213.377941][ T9381] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  213.382755][ T9381] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000139
[  213.384897][ T9381] RAX: 0000000000000139 RBX: 0000000000000007 RCX: 0000000000000000
[  213.386948][ T9381] RDX: 000000000000000a RSI: 0000000000000000 RDI: 0000000000000af4
[  213.388963][ T9381] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  213.390940][ T9381] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  213.392970][ T9381] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  213.395022][ T9381]  </TASK>
[  213.610566][ T9390] infiniband syz0: set active
[  213.640738][ T9392] netlink: 4 bytes leftover after parsing attributes in process `syz.4.940'.
[  213.695853][ T5941] Bluetooth: hci4: command tx timeout
[  214.618078][ T9406] lo speed is unknown, defaulting to 1000
[  214.825877][ T9416] netlink: 36 bytes leftover after parsing attributes in process `syz.4.947'.
[  215.065588][ T9421] Cannot find del_set index 4 as target
[  215.756651][ T5941] Bluetooth: hci4: command tx timeout
[  215.892530][ T9433] infiniband syz1: set active
[  215.895554][ T9433] infiniband syz1: added bond_slave_1
[  215.906920][ T9433] RDS/IB: syz1: added
[  215.907999][ T9433] smc: adding ib device syz1 with port count 1
[  215.909503][ T9433] smc:    ib device syz1 port 1 has pnetid 
[  215.996231][ T9437] FAULT_INJECTION: forcing a failure.
[  215.996231][ T9437] name failslab, interval 1, probability 0, space 0, times 0
[  216.000839][ T9437] CPU: 2 UID: 0 PID: 9437 Comm: syz.3.953 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  216.004594][ T9437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.008556][ T9437] Call Trace:
[  216.009780][ T9437]  <TASK>
[  216.010874][ T9437]  dump_stack_lvl+0x16c/0x1f0
[  216.012618][ T9437]  should_fail_ex+0x497/0x5b0
[  216.014376][ T9437]  ? fs_reclaim_acquire+0xae/0x150
[  216.016251][ T9437]  should_failslab+0xc2/0x120
[  216.018014][ T9437]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  216.020155][ T9437]  ? __alloc_skb+0x2b3/0x380
[  216.021869][ T9437]  __alloc_skb+0x2b3/0x380
[  216.023548][ T9437]  ? __pfx___alloc_skb+0x10/0x10
[  216.025334][ T9437]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  216.027187][ T9437]  netlink_ack+0x164/0xb20
[  216.028849][ T9437]  netlink_rcv_skb+0x327/0x410
[  216.030544][ T9437]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  216.031977][ T9437]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  216.033336][ T9437]  ? netlink_deliver_tap+0x1ae/0xca0
[  216.034749][ T9437]  netlink_unicast+0x53c/0x7f0
[  216.035981][ T9437]  ? __pfx_netlink_unicast+0x10/0x10
[  216.037357][ T9437]  ? __phys_addr_symbol+0x30/0x80
[  216.038916][ T9437]  ? __check_object_size+0x488/0x710
[  216.040234][ T9437]  netlink_sendmsg+0x8b8/0xd70
[  216.041473][ T9437]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.042913][ T9437]  ____sys_sendmsg+0x9ae/0xb40
[  216.044158][ T9437]  ? __pfx_____sys_sendmsg+0x10/0x10
[  216.045655][ T9437]  ? get_compat_msghdr+0x11b/0x170
[  216.047014][ T9437]  ___sys_sendmsg+0x135/0x1e0
[  216.048265][ T9437]  ? __pfx____sys_sendmsg+0x10/0x10
[  216.049708][ T9437]  ? __pfx_lock_release+0x10/0x10
[  216.051044][ T9437]  ? trace_lock_acquire+0x14e/0x1f0
[  216.052449][ T9437]  ? __fget_files+0x206/0x3a0
[  216.053621][ T9437]  __sys_sendmsg+0x16e/0x220
[  216.054902][ T9437]  ? __pfx___sys_sendmsg+0x10/0x10
[  216.056230][ T9437]  __do_fast_syscall_32+0x73/0x120
[  216.057572][ T9437]  do_fast_syscall_32+0x32/0x80
[  216.058836][ T9437]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  216.060440][ T9437] RIP: 0023:0xf7f62579
[  216.061492][ T9437] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  216.066381][ T9437] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  216.068504][ T9437] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[  216.070578][ T9437] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  216.072596][ T9437] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  216.074619][ T9437] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  216.076672][ T9437] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  216.078987][ T9437]  </TASK>
[  217.005837][   T39] audit: type=1326 audit(1734626130.641:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9443 comm="syz.3.956" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7fc00000
[  217.227650][   T39] audit: type=1326 audit(1734626130.871:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.4.961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  217.235958][   T39] audit: type=1326 audit(1734626130.871:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.4.961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  217.244607][   T39] audit: type=1326 audit(1734626130.871:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.4.961" exe="/syz-executor" sig=0 arch=40000003 syscall=181 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  217.251594][   T39] audit: type=1326 audit(1734626130.871:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.4.961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  217.257508][   T39] audit: type=1326 audit(1734626130.871:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.4.961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  217.263063][   T39] audit: type=1326 audit(1734626130.871:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.4.961" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  217.269505][   T39] audit: type=1326 audit(1734626130.871:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.4.961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  217.275532][   T39] audit: type=1326 audit(1734626130.871:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.4.961" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  217.281496][   T39] audit: type=1326 audit(1734626130.871:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9466 comm="syz.4.961" exe="/syz-executor" sig=0 arch=40000003 syscall=301 compat=1 ip=0xf7f40579 code=0x7ffc0000
[  217.326163][ T9471] FAULT_INJECTION: forcing a failure.
[  217.326163][ T9471] name failslab, interval 1, probability 0, space 0, times 0
[  217.335627][ T9471] CPU: 1 UID: 0 PID: 9471 Comm: syz.3.959 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  217.338280][ T9471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  217.340943][ T9471] Call Trace:
[  217.341801][ T9471]  <TASK>
[  217.342566][ T9471]  dump_stack_lvl+0x16c/0x1f0
[  217.343752][ T9471]  should_fail_ex+0x497/0x5b0
[  217.344937][ T9471]  ? fs_reclaim_acquire+0xae/0x150
[  217.346238][ T9471]  should_failslab+0xc2/0x120
[  217.347470][ T9471]  __kmalloc_noprof+0xce/0x4f0
[  217.348727][ T9471]  ? ethnl_default_doit+0x1c8/0xbd0
[  217.350100][ T9471]  ethnl_default_doit+0x1c8/0xbd0
[  217.351404][ T9471]  ? __nla_parse+0x40/0x60
[  217.352582][ T9471]  ? __pfx_ethnl_default_doit+0x10/0x10
[  217.354029][ T9471]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  217.355927][ T9471]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  217.358185][ T9471]  genl_family_rcv_msg_doit+0x202/0x2f0
[  217.359599][ T9471]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  217.361127][ T9471]  ? genl_get_cmd+0x195/0x580
[  217.362361][ T9471]  ? __radix_tree_lookup+0x21f/0x2c0
[  217.363719][ T9471]  genl_rcv_msg+0x565/0x800
[  217.364911][ T9471]  ? __pfx_genl_rcv_msg+0x10/0x10
[  217.366229][ T9471]  ? __pfx_ethnl_default_doit+0x10/0x10
[  217.367698][ T9471]  netlink_rcv_skb+0x165/0x410
[  217.368955][ T9471]  ? __pfx_genl_rcv_msg+0x10/0x10
[  217.370284][ T9471]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  217.371676][ T9471]  ? down_read+0xc9/0x330
[  217.372827][ T9471]  ? __pfx_down_read+0x10/0x10
[  217.374091][ T9471]  ? netlink_deliver_tap+0x1ae/0xca0
[  217.375500][ T9471]  genl_rcv+0x28/0x40
[  217.376549][ T9471]  netlink_unicast+0x53c/0x7f0
[  217.377809][ T9471]  ? __pfx_netlink_unicast+0x10/0x10
[  217.379171][ T9471]  ? __phys_addr_symbol+0x30/0x80
[  217.380501][ T9471]  ? __check_object_size+0x488/0x710
[  217.381877][ T9471]  netlink_sendmsg+0x8b8/0xd70
[  217.383144][ T9471]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.384521][ T9471]  ____sys_sendmsg+0x9ae/0xb40
[  217.385768][ T9471]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.387148][ T9471]  ? get_compat_msghdr+0x11b/0x170
[  217.388509][ T9471]  ___sys_sendmsg+0x135/0x1e0
[  217.389739][ T9471]  ? __pfx____sys_sendmsg+0x10/0x10
[  217.391105][ T9471]  ? __pfx_lock_release+0x10/0x10
[  217.392425][ T9471]  ? trace_lock_acquire+0x14e/0x1f0
[  217.393790][ T9471]  ? __fget_files+0x206/0x3a0
[  217.395046][ T9471]  __sys_sendmsg+0x16e/0x220
[  217.396255][ T9471]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.397602][ T9471]  __do_fast_syscall_32+0x73/0x120
[  217.398941][ T9471]  do_fast_syscall_32+0x32/0x80
[  217.400315][ T9471]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  217.402229][ T9471] RIP: 0023:0xf7f62579
[  217.403408][ T9471] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  217.409001][ T9471] RSP: 002b:00000000f507455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  217.411266][ T9471] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000020000680
[  217.413423][ T9471] RDX: 0000000002000006 RSI: 0000000000000000 RDI: 0000000000000000
[  217.415390][ T9471] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  217.417546][ T9471] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  217.419523][ T9471] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  217.421414][ T9471]  </TASK>
[  217.716616][   T56] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  217.838107][ T5941] Bluetooth: hci4: command tx timeout
[  217.866643][   T56] usb 7-1: Using ep0 maxpacket: 16
[  217.869231][   T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.872050][   T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  217.874558][   T56] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  217.876952][   T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.879903][   T56] usb 7-1: config 0 descriptor??
[  218.312926][ T9488] netlink: 36 bytes leftover after parsing attributes in process `syz.4.967'.
[  218.328076][ T9473] Process accounting resumed
[  218.336161][   T56] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:05AC:8241.001A/input/input33
[  218.400315][   T56] appleir 0003:05AC:8241.001A: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  218.481383][ T9490] tipc: Enabling of bearer <
dp:s> rejected, media not registered
[  218.497061][ T9489] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  218.545244][   T56] usb 7-1: USB disconnect, device number 11
[  219.167355][ T9499] netlink: 4 bytes leftover after parsing attributes in process `syz.3.972'.
[  220.056344][ T5941] Bluetooth: hci4: command tx timeout
[  220.104223][ T9519] Cannot find del_set index 4 as target
[  220.517339][ T9532] erofs (device nbd2): cannot find valid erofs superblock
[  220.617141][ T9534] netlink: 4 bytes leftover after parsing attributes in process `syz.1.981'.
[  221.515327][ T9556] trusted_key: syz.4.988 sent an empty control message without MSG_MORE.
[  221.690390][ T9560] Cannot find del_set index 4 as target
[  222.243416][ T9564] overlayfs: missing 'workdir'
[  222.272964][ T9565] netlink: 36 bytes leftover after parsing attributes in process `syz.1.990'.
[  222.320255][ T9567] FAULT_INJECTION: forcing a failure.
[  222.320255][ T9567] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  222.326762][ T9567] CPU: 1 UID: 0 PID: 9567 Comm: syz.2.992 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  222.329503][ T9567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  222.332283][ T9567] Call Trace:
[  222.333156][ T9567]  <TASK>
[  222.333937][ T9567]  dump_stack_lvl+0x16c/0x1f0
[  222.335175][ T9567]  should_fail_ex+0x497/0x5b0
[  222.336416][ T9567]  _copy_from_user+0x2e/0xd0
[  222.337648][ T9567]  do_fb_ioctl+0x46e/0x7d0
[  222.338830][ T9567]  ? __pfx_do_fb_ioctl+0x10/0x10
[  222.340122][ T9567]  ? tomoyo_path_number_perm+0x298/0x5b0
[  222.341596][ T9567]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  222.343133][ T9567]  fb_compat_ioctl+0x55f/0x670
[  222.344469][ T9567]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  222.346256][ T9567]  ? __fget_files+0x206/0x3a0
[  222.347802][ T9567]  ? __pfx_fb_compat_ioctl+0x10/0x10
[  222.349220][ T9567]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  222.350619][ T9567]  __do_fast_syscall_32+0x73/0x120
[  222.352353][ T9567]  do_fast_syscall_32+0x32/0x80
[  222.354009][ T9567]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  222.356141][ T9567] RIP: 0023:0xf7f01579
[  222.357522][ T9567] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  222.363197][ T9567] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  222.365507][ T9567] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004606
[  222.367503][ T9567] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  222.369542][ T9567] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  222.371603][ T9567] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  222.373785][ T9567] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  222.375859][ T9567]  </TASK>
[  222.390528][ T9569] tc_dump_action: action bad kind
[  222.657349][ T9583] Cannot find del_set index 4 as target
[  224.293901][ T9620] dccp_v6_rcv: dropped packet with invalid checksum
[  224.293936][   T39] kauditd_printk_skb: 32 callbacks suppressed
[  224.293946][   T39] audit: type=1326 audit(1734626137.931:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9621 comm="syz.3.1010" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x0
[  224.405786][ T9625] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  224.409527][ T9625] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  224.412147][ T9627] overlayfs: failed to resolve './file1': -2
[  224.418479][ T9625] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  224.420166][ T9625] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  224.422640][ T9625] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  224.434902][ T9625] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  224.436704][ T9625] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  224.440620][ T9625] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  224.449575][ T9627] kvm: user requested TSC rate below hardware speed
[  224.577988][ T9634] overlayfs: missing 'workdir'
[  224.642171][ T9632] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1011'.
[  225.845364][ T9675] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1021'.
[  226.199011][ T9687] erofs (device nbd4): cannot find valid erofs superblock
[  226.467017][   T65] Bluetooth: hci4: command 0x0c1a tx timeout
[  226.467114][ T5941] Bluetooth: hci0: command 0x0406 tx timeout
[  226.476741][ T5941] Bluetooth: hci3: command 0x0405 tx timeout
[  226.476766][   T65] Bluetooth: hci2: command 0x0406 tx timeout
[  228.430698][ T9722] erofs (device nbd4): cannot find valid erofs superblock
[  228.546652][ T5941] Bluetooth: hci0: command 0x0406 tx timeout
[  228.546926][ T5944] Bluetooth: hci2: command 0x0406 tx timeout
[  228.546957][ T5954] Bluetooth: hci4: command 0x0c1a tx timeout
[  228.757310][ T9731] erofs (device nbd3): cannot find valid erofs superblock
[  230.120543][ T9755] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1043'.
[  230.125567][ T9755] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1043'.
[  230.445303][ T9759] 8021q: adding VLAN 0 to HW filter on device bond1
[  230.626639][   T65] Bluetooth: hci4: command 0x0c1a tx timeout
[  231.203460][ T9755] Set syz1 is full, maxelem 65536 reached
[  231.465641][ T9767] erofs (device nbd1): cannot find valid erofs superblock
[  231.832584][ T9779] sp0: Synchronizing with TNC
[  231.949671][ T9781] erofs (device nbd4): cannot find valid erofs superblock
[  232.040801][ T9778] nbd4: detected capacity change from 0 to 67108884
[  232.046827][ T6287] block nbd4: Send control failed (result -89)
[  232.049071][ T6287] block nbd4: Request send failed, requeueing
[  232.051447][ T5944] block nbd4: Receive control failed (result -32)
[  232.051532][ T6050] block nbd4: Dead connection, failed to find a fallback
[  232.055779][ T6050] block nbd4: shutting down sockets
[  232.058215][ T6050] blk_print_req_error: 58 callbacks suppressed
[  232.058223][ T6050] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  232.062160][ T6050] buffer_io_error: 56 callbacks suppressed
[  232.062167][ T6050] Buffer I/O error on dev nbd4, logical block 0, async page read
[  232.069658][ T6287] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  232.072001][ T6287] Buffer I/O error on dev nbd4, logical block 0, async page read
[  232.074026][ T6287] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  232.076254][ T6287] Buffer I/O error on dev nbd4, logical block 0, async page read
[  232.078348][ T6287] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  232.080558][ T6287] Buffer I/O error on dev nbd4, logical block 0, async page read
[  232.082529][ T6287] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  232.084900][ T6287] Buffer I/O error on dev nbd4, logical block 0, async page read
[  232.086975][ T6287] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  232.089236][ T6287] Buffer I/O error on dev nbd4, logical block 0, async page read
[  232.091230][ T6287] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  232.093528][ T6287] Buffer I/O error on dev nbd4, logical block 0, async page read
[  232.095512][ T6287] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  232.097849][ T6287] Buffer I/O error on dev nbd4, logical block 0, async page read
[  232.099851][ T6287] ldm_validate_partition_table(): Disk read failed.
[  232.101584][ T6287] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  232.103830][ T6287] Buffer I/O error on dev nbd4, logical block 0, async page read
[  232.105826][ T6287] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  232.108451][ T6287] Buffer I/O error on dev nbd4, logical block 0, async page read
[  232.110461][ T6287] Dev nbd4: unable to read RDB block 0
[  232.112344][ T6287]  nbd4: unable to read partition table
[  232.115545][ T6287] ldm_validate_partition_table(): Disk read failed.
[  232.117408][ T6287] Dev nbd4: unable to read RDB block 0
[  232.118912][ T6287]  nbd4: unable to read partition table
[  232.193174][ T9789] netlink: 300 bytes leftover after parsing attributes in process `syz.2.1055'.
[  232.196401][ T9789] netlink: 300 bytes leftover after parsing attributes in process `syz.2.1055'.
[  232.386589][   T25] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  232.536720][   T25] usb 6-1: Using ep0 maxpacket: 16
[  232.542884][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.547445][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.551041][   T25] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  232.554296][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.563571][   T25] usb 6-1: config 0 descriptor??
[  232.716610][ T5944] Bluetooth: hci4: command 0x0c1a tx timeout
[  232.979771][ T9785] Process accounting resumed
[  232.990356][   T25] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.001B/input/input34
[  233.006816][ T9789] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  233.010762][ T9789] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  233.049889][   T25] appleir 0003:05AC:8241.001B: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  233.137130][ T9801] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  233.199207][ T6901] usb 6-1: USB disconnect, device number 16
[  233.697461][ T9799] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  233.699245][ T9789] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  233.699419][ T9799] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  233.700855][ T9789] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  233.702494][ T9799] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  233.705306][ T9789] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  233.708037][ T9789] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  233.717396][ T9789] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  233.720761][ T9789] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  233.771646][ T9837] dccp_v6_rcv: dropped packet with invalid checksum
[  233.954525][ T9850] lo speed is unknown, defaulting to 1000
[  233.956675][ T9852] lo speed is unknown, defaulting to 1000
[  234.422265][ T9867] Cannot find del_set index 4 as target
[  235.127300][ T9872] Cannot find del_set index 4 as target
[  235.402191][ T9886] xt_HMARK: spi-set and port-set can't be combined
[  236.137216][ T9890] dccp_v6_rcv: dropped packet with invalid checksum
[  236.176803][ T5940] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  236.226727][ T9895] xt_CT: You must specify a L4 protocol and not use inversions on it
[  236.327124][ T5940] usb 6-1: Using ep0 maxpacket: 16
[  236.331191][ T5940] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.334998][ T5940] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  236.338504][ T5940] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  236.341665][ T5940] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.345884][ T5940] usb 6-1: config 0 descriptor??
[  236.698758][ T1175] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.766706][ T9888] Process accounting resumed
[  236.771997][ T5940] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.001C/input/input35
[  236.776589][ T1175] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.827513][ T1175] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.828568][ T5940] appleir 0003:05AC:8241.001C: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  236.848330][ T9912] dccp_v6_rcv: dropped packet with invalid checksum
[  236.894221][   T65] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  236.899565][   T65] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  236.902760][   T65] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  236.909137][   T65] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  236.911877][   T65] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  236.913922][   T65] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  236.924399][ T5944] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  236.926623][ T5944] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  236.930321][ T5944] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  236.933907][ T5944] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  236.938821][ T5944] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  236.941342][ T5944] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  236.951474][ T1175] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.969214][ T9914] lo speed is unknown, defaulting to 1000
[  236.975723][ T5940] usb 6-1: USB disconnect, device number 17
[  237.091905][ T1175] bridge_slave_1: left allmulticast mode
[  237.093608][ T1175] bridge_slave_1: left promiscuous mode
[  237.096572][ T1175] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.101103][ T1175] bridge_slave_0: left allmulticast mode
[  237.102647][ T1175] bridge_slave_0: left promiscuous mode
[  237.104217][ T1175] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.348886][ T1175] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  237.353173][ T1175] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  237.358060][ T1175] bond0 (unregistering): Released all slaves
[  237.437774][ T1175] bond1 (unregistering): Released all slaves
[  237.514219][ T9914] chnl_net:caif_netlink_parms(): no params data found
[  237.655634][ T9914] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.658710][ T9914] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.661895][ T9914] bridge_slave_0: entered allmulticast mode
[  237.664823][ T9914] bridge_slave_0: entered promiscuous mode
[  237.669560][ T9914] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.672136][ T9914] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.674417][ T9914] bridge_slave_1: entered allmulticast mode
[  237.677587][ T9914] bridge_slave_1: entered promiscuous mode
[  237.752045][ T9914] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.755917][ T9914] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.797507][ T9914] team0: Port device team_slave_0 added
[  237.802543][ T9914] team0: Port device team_slave_1 added
[  237.882025][ T9914] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.884317][ T9914] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.898011][ T9914] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.904908][ T9914] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.907488][ T9914] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.914367][ T9914] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  237.927919][ T1175] hsr_slave_0: left promiscuous mode
[  237.936069][ T1175] hsr_slave_1: left promiscuous mode
[  237.965901][ T1175] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  237.969416][ T1175] batman_adv: batadv0: Removing interface: batadv_slave_0
[  237.972625][ T1175] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  237.975027][ T1175] batman_adv: batadv0: Removing interface: batadv_slave_1
[  238.001221][ T1175] veth1_macvtap: left promiscuous mode
[  238.003454][ T1175] veth0_macvtap: left promiscuous mode
[  238.005323][ T1175] veth1_vlan: left promiscuous mode
[  238.007367][ T1175] veth0_vlan: left promiscuous mode
[  239.028272][   T65] Bluetooth: hci4: command tx timeout
[  239.282515][ T1175] team0 (unregistering): Port device team_slave_1 removed
[  239.358304][ T1175] team0 (unregistering): Port device team_slave_0 removed
[  239.466624][  T832] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  239.626686][  T832] usb 6-1: Using ep0 maxpacket: 16
[  239.631562][  T832] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  239.634463][  T832] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  239.637059][  T832] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  239.639400][  T832] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.643347][  T832] usb 6-1: config 0 descriptor??
[  239.900741][ T9914] hsr_slave_0: entered promiscuous mode
[  239.902900][ T9914] hsr_slave_1: entered promiscuous mode
[  239.904757][ T9914] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  239.907557][ T9914] Cannot create hsr debugfs directory
[  239.909214][ T9970] lo speed is unknown, defaulting to 1000
[  240.018226][ T9914] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  240.057956][ T9914] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  240.069453][ T9973] Process accounting resumed
[  240.074861][  T832] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.001D/input/input37
[  240.080921][ T9914] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  240.084573][ T9914] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  240.142440][ T9914] 8021q: adding VLAN 0 to HW filter on device bond0
[  240.142673][  T832] appleir 0003:05AC:8241.001D: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  240.162929][ T9914] 8021q: adding VLAN 0 to HW filter on device team0
[  240.177191][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.179300][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  240.182689][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.184871][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  240.285473][ T5307] usb 6-1: USB disconnect, device number 18
[  240.304735][ T9914] 8021q: adding VLAN 0 to HW filter on device batadv0
[  240.413885][ T9914] veth0_vlan: entered promiscuous mode
[  240.417464][ T9914] veth1_vlan: entered promiscuous mode
[  240.434708][ T9914] veth0_macvtap: entered promiscuous mode
[  240.439468][ T9914] veth1_macvtap: entered promiscuous mode
[  240.448289][ T9914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.451196][ T9914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.453848][ T9914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.457309][ T9914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.459974][ T9914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.462832][ T9914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.465336][ T9914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.468463][ T9914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.471783][ T9914] batman_adv: batadv0: Interface activated: batadv_slave_0
[  240.488593][ T9914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.491408][ T9914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.494065][ T9914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.497341][ T9914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.500556][ T9914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.503324][ T9914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.505964][ T9914] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.509282][ T9914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.512619][ T9914] batman_adv: batadv0: Interface activated: batadv_slave_1
[  240.518026][ T9914] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.520323][ T9914] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.522598][ T9914] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.524864][ T9914] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.566083][ T1175] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.576806][ T1175] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.585463][ T1175] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.588050][ T1175] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.107627][   T65] Bluetooth: hci4: command tx timeout
[  241.594154][T10066] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  241.656178][T10076] openvswitch: netlink: Multiple metadata blocks provided
[  241.681821][T10080] loop9: detected capacity change from 0 to 6
[  241.691970][T10080] Dev loop9: unable to read RDB block 6
[  241.693497][T10080]  loop9: unable to read partition table
[  241.695532][T10080] loop9: partition table beyond EOD, truncated
[  241.697396][T10080] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  241.697396][T10080] 
) failed (rc=-5)
[  241.987579][T10084] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  241.989305][T10084] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  241.992894][T10084] vhci_hcd vhci_hcd.0: Device attached
[  242.468666][ T5980] vhci_hcd: vhci_device speed not set
[  242.536703][ T5980] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  243.079190][T10109] erofs (device nbd5): cannot find valid erofs superblock
[  243.196674][   T65] Bluetooth: hci4: command tx timeout
[  243.260898][T10087] vhci_hcd: connection reset by peer
[  243.263878][   T77] vhci_hcd: stop threads
[  243.265042][   T77] vhci_hcd: release socket
[  243.272467][   T77] vhci_hcd: disconnect device
[  243.517182][T10119] FAULT_INJECTION: forcing a failure.
[  243.517182][T10119] name failslab, interval 1, probability 0, space 0, times 0
[  243.526567][T10119] CPU: 3 UID: 0 PID: 10119 Comm: syz.1.1113 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  243.529852][T10119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  243.533504][T10119] Call Trace:
[  243.534624][T10119]  <TASK>
[  243.535614][T10119]  dump_stack_lvl+0x16c/0x1f0
[  243.537225][T10119]  should_fail_ex+0x497/0x5b0
[  243.538802][T10119]  ? fs_reclaim_acquire+0xae/0x150
[  243.540471][T10119]  should_failslab+0xc2/0x120
[  243.541741][T10119]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[  243.543290][T10119]  ? __lock_acquire+0x15a9/0x3c40
[  243.544620][T10119]  ? __alloc_skb+0x2b3/0x380
[  243.545847][T10119]  __alloc_skb+0x2b3/0x380
[  243.547043][T10119]  ? __pfx___alloc_skb+0x10/0x10
[  243.548379][T10119]  netlink_alloc_large_skb+0x69/0x130
[  243.549796][T10119]  netlink_sendmsg+0x689/0xd70
[  243.551043][T10119]  ? __pfx_netlink_sendmsg+0x10/0x10
[  243.552459][T10119]  ____sys_sendmsg+0x9ae/0xb40
[  243.554063][T10119]  ? __pfx_____sys_sendmsg+0x10/0x10
[  243.555603][T10119]  ? get_compat_msghdr+0x11b/0x170
[  243.556932][T10119]  ___sys_sendmsg+0x135/0x1e0
[  243.558190][T10119]  ? __pfx____sys_sendmsg+0x10/0x10
[  243.559540][T10119]  ? __pfx_lock_release+0x10/0x10
[  243.560842][T10119]  ? trace_lock_acquire+0x14e/0x1f0
[  243.562215][T10119]  ? __fget_files+0x206/0x3a0
[  243.563451][T10119]  __sys_sendmsg+0x16e/0x220
[  243.564667][T10119]  ? __pfx___sys_sendmsg+0x10/0x10
[  243.566026][T10119]  __do_fast_syscall_32+0x73/0x120
[  243.567378][T10119]  do_fast_syscall_32+0x32/0x80
[  243.568657][T10119]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  243.570321][T10119] RIP: 0023:0xf7f24579
[  243.571394][T10119] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  243.576395][T10119] RSP: 002b:00000000f505555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  243.578532][T10119] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000200
[  243.580580][T10119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  243.582638][T10119] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  243.584684][T10119] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  243.586758][T10119] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  243.588837][T10119]  </TASK>
[  243.966776][    T9] usb 7-1: new low-speed USB device number 12 using dummy_hcd
[  244.154978][    T9] usb 7-1: unable to get BOS descriptor or descriptor too short
[  244.159767][    T9] usb 7-1: config 1 interface 0 altsetting 3 endpoint 0x82 is Bulk; changing to Interrupt
[  244.162612][    T9] usb 7-1: config 1 interface 0 altsetting 3 endpoint 0x3 is Bulk; changing to Interrupt
[  244.165456][    T9] usb 7-1: config 1 interface 0 altsetting 3 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  244.169319][    T9] usb 7-1: config 1 interface 0 has no altsetting 0
[  244.174666][    T9] usb 7-1: string descriptor 0 read error: -22
[  244.176681][    T9] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.b7
[  244.179096][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.190826][T10121] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  244.193037][T10121] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  244.198805][    T9] hub 7-1:1.0: bad descriptor, ignoring hub
[  244.200632][    T9] hub 7-1:1.0: probe with driver hub failed with error -5
[  244.202876][    T9] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[  244.506806][   T30] usb 7-1: USB disconnect, device number 12
[  244.986640][   T30] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  245.166620][   T30] usb 6-1: Using ep0 maxpacket: 16
[  245.171065][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  245.173957][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  245.176572][   T30] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  245.178998][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.183940][   T30] usb 6-1: config 0 descriptor??
[  245.266978][   T65] Bluetooth: hci4: command tx timeout
[  245.507436][T10161] Cannot find del_set index 4 as target
[  245.549551][T10163] overlayfs: missing 'lowerdir'
[  245.599718][T10148] Process accounting resumed
[  245.608288][   T30] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.001E/input/input38
[  245.682282][   T30] appleir 0003:05AC:8241.001E: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  245.812136][ T5997] usb 6-1: USB disconnect, device number 19
[  246.528825][T10184] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.626558][T10184] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.704444][T10184] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.779186][T10184] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.855814][T10184] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  246.862661][T10184] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  246.868096][T10184] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  246.872947][T10184] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  247.656875][ T5980] vhci_hcd: vhci_device speed not set
[  248.250804][T10212] Cannot find del_set index 4 as target
[  249.121744][T10234] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  249.467029][T10243] openvswitch: netlink: IP tunnel dst address not specified
[  250.005235][   T39] audit: type=1326 audit(1734626163.641:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10249 comm="syz.3.1149" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x0
[  250.956726][T10267] Process accounting resumed
[  251.446728][T10287] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1158'.
[  251.463601][   T30] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  251.621252][   T30] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  251.632989][   T30] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  251.641072][   T30] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  251.643619][   T30] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  251.646587][   T30] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  251.652584][   T30] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  251.655127][   T30] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  251.657377][   T30] usb 8-1: Product: syz
[  251.658592][   T30] usb 8-1: Manufacturer: syz
[  251.665649][   T30] cdc_wdm 8-1:1.0: skipping garbage
[  251.667094][   T30] cdc_wdm 8-1:1.0: skipping garbage
[  251.670600][   T30] cdc_wdm 8-1:1.0: cdc-wdm1: USB WDM device
[  251.672228][   T30] cdc_wdm 8-1:1.0: Unknown control protocol
[  251.866653][T10270] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  251.870549][T10270] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  251.943250][T10271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  251.947448][T10271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  252.058485][T10302] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1160'.
[  252.214085][T10309] erofs (device nbd2): cannot find valid erofs superblock
[  252.489695][T10328] Cannot find del_set index 4 as target
[  253.414481][T10357] Cannot find del_set index 4 as target
[  253.675336][T10363] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1166'.
[  253.938582][ T5979] usb 8-1: USB disconnect, device number 13
[  254.021002][T10371] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1168'.
[  254.076297][T10370] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1169'.
[  254.567904][T10378] erofs (device nbd3): cannot find valid erofs superblock
[  254.766905][T10395] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1176'.
[  254.771145][T10395] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1176'.
[  254.773621][T10395] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1176'.
[  254.861421][T10401] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1179'.
[  254.926292][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[  255.089163][T10403] Cannot find del_set index 4 as target
[  255.792852][T10425] netlink: 'syz.5.1184': attribute type 10 has an invalid length.
[  255.801291][T10425] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.804111][T10425] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.833833][T10425] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.835701][T10425] bridge0: port 2(bridge_slave_1) entered forwarding state
[  255.837647][T10425] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.839879][T10425] bridge0: port 1(bridge_slave_0) entered forwarding state
[  255.843980][T10425] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  256.373428][T10436] macvtap1: entered promiscuous mode
[  256.374945][T10436] macvtap1: entered allmulticast mode
[  256.377453][T10436] vlan0: entered allmulticast mode
[  256.378977][T10436] veth0_vlan: entered allmulticast mode
[  256.380606][T10436] vlan0: entered promiscuous mode
[  256.388429][T10436] team0: Device macvtap1 failed to register rx_handler
[  256.397329][T10436] vlan0: left allmulticast mode
[  256.399663][T10436] veth0_vlan: left allmulticast mode
[  256.401051][T10436] vlan0: left promiscuous mode
[  256.419964][T10440] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1188'.
[  256.812729][   T39] audit: type=1326 audit(1734626170.601:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10443 comm="syz.1.1193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  256.818601][   T39] audit: type=1326 audit(1734626170.601:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10443 comm="syz.1.1193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  256.824202][   T39] audit: type=1326 audit(1734626170.601:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10443 comm="syz.1.1193" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  256.833225][   T39] audit: type=1326 audit(1734626170.601:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10443 comm="syz.1.1193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  256.846803][   T39] audit: type=1326 audit(1734626170.601:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10443 comm="syz.1.1193" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  256.960950][T10450] Cannot find del_set index 4 as target
[  257.215929][T10456] syz.2.1197 (10456): drop_caches: 2
[  257.732305][ T5979] usb 5-1: USB disconnect, device number 9
[  257.819851][ T1175] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.969451][ T1175] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.109202][ T1175] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.184661][T10481] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1202'.
[  258.198871][ T1175] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.334589][ T1175] bridge_slave_1: left allmulticast mode
[  258.336472][ T1175] bridge_slave_1: left promiscuous mode
[  258.342353][ T1175] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.360129][ T1175] bridge_slave_0: left allmulticast mode
[  258.361631][ T1175] bridge_slave_0: left promiscuous mode
[  258.363186][ T1175] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.710428][ T1175] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  259.046335][ T1175] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  259.052723][ T1175] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  259.060512][ T1175] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  259.071152][ T1175] bond0 (unregistering): Released all slaves
[  259.090839][ T1175] bond1 (unregistering): Released all slaves
[  259.460185][T10516] Cannot find del_set index 4 as target
[  259.560747][ T1175] hsr_slave_0: left promiscuous mode
[  259.562683][ T1175] hsr_slave_1: left promiscuous mode
[  259.570229][ T1175] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  259.575633][ T1175] batman_adv: batadv0: Removing interface: batadv_slave_0
[  259.583391][ T1175] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  259.585384][ T1175] batman_adv: batadv0: Removing interface: batadv_slave_1
[  259.617288][ T1175] veth1_macvtap: left promiscuous mode
[  259.619573][ T1175] veth0_macvtap: left promiscuous mode
[  259.624180][ T1175] veth1_vlan: left promiscuous mode
[  259.626298][ T1175] veth0_vlan: left promiscuous mode
[  260.771288][T10553] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  261.137515][T10560] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1221'.
[  262.081633][   T63] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  262.236259][T10582] Cannot find del_set index 4 as target
[  262.532152][   T63] usb 7-1: Using ep0 maxpacket: 16
[  262.536569][   T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.539387][   T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  262.550045][   T63] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  262.553599][   T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.556825][   T63] usb 7-1: config 0 descriptor??
[  262.991356][T10566] Process accounting resumed
[  262.999666][   T63] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:05AC:8241.001F/input/input39
[  263.065696][   T63] appleir 0003:05AC:8241.001F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  263.200970][ T5980] usb 7-1: USB disconnect, device number 13
[  263.370555][T10626] netlink: 'syz.3.1228': attribute type 11 has an invalid length.
[  264.178015][ T6181] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  264.316529][ T6181] usb 7-1: device descriptor read/64, error -71
[  264.339160][T10675] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1237'.
[  264.342328][T10675] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1237'.
[  264.802141][ T6181] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  264.827266][T10680] Cannot find del_set index 4 as target
[  264.955369][   T39] audit: type=1326 audit(1734626178.883:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10686 comm="syz.1.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  264.965219][   T39] audit: type=1326 audit(1734626178.893:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10686 comm="syz.1.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  264.983934][   T39] audit: type=1326 audit(1734626178.893:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10686 comm="syz.1.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  264.995824][   T39] audit: type=1326 audit(1734626178.893:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10686 comm="syz.1.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  265.002370][   T39] audit: type=1326 audit(1734626178.893:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10686 comm="syz.1.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  265.006768][ T6181] usb 7-1: device descriptor read/64, error -71
[  265.007939][   T39] audit: type=1326 audit(1734626178.893:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10686 comm="syz.1.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  265.016040][   T39] audit: type=1326 audit(1734626178.893:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10686 comm="syz.1.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  265.023328][   T39] audit: type=1326 audit(1734626178.893:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10686 comm="syz.1.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  265.030393][   T39] audit: type=1326 audit(1734626178.903:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10686 comm="syz.1.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  265.038169][   T39] audit: type=1326 audit(1734626178.903:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10686 comm="syz.1.1239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  265.130951][ T6181] usb usb7-port1: attempt power cycle
[  265.461078][ T6181] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  265.481343][ T6181] usb 7-1: device descriptor read/8, error -71
[  265.717744][ T6181] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  265.747887][ T6181] usb 7-1: device descriptor read/8, error -71
[  265.869133][ T6181] usb usb7-port1: unable to enumerate USB device
[  265.905979][T10712] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1246'.
[  265.909037][T10712] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1246'.
[  265.912142][T10712] netlink: 'syz.1.1246': attribute type 12 has an invalid length.
[  266.922691][T10730] Cannot find del_set index 4 as target
[  268.307928][ T5979] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  268.456365][ T5979] usb 10-1: Using ep0 maxpacket: 8
[  268.463107][ T5979] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  268.469055][ T5979] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  268.474518][ T5979] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  268.479898][ T5979] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  268.484738][ T5979] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  268.498491][ T5979] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.655565][T10772] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1262'.
[  268.657913][T10772] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1262'.
[  268.660319][T10772] netlink: 'syz.2.1262': attribute type 12 has an invalid length.
[  268.705276][ T5979] usb 10-1: GET_CAPABILITIES returned 0
[  268.707832][ T5979] usbtmc 10-1:16.0: can't read capabilities
[  268.911385][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.914153][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.916735][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.919243][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.921714][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.924130][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.926681][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.929212][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.940855][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.943294][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.945789][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.948263][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.950581][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.952946][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.955373][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.957896][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  268.963056][T10758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  268.966125][T10758] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.970057][T10758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  268.972845][T10758] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.979325][ T5979] usb 10-1: USB disconnect, device number 2
[  269.672477][T10796] xt_CT: No such helper "netbios-ns"
[  269.675201][T10796] CIFS: iocharset name too long
[  269.703596][ T5979] kernel read not supported for file /vcs (pid: 5979 comm: kworker/3:3)
[  269.879434][T10802] team0 (unregistering): Port device team_slave_0 removed
[  269.886441][T10802] team0 (unregistering): Port device team_slave_1 removed
[  270.117336][T10820] hugetlbfs: Bad value 'm' for mount option 'size'
[  270.117336][T10820] 
[  270.625256][   T56] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  270.823260][   T56] usb 7-1: Using ep0 maxpacket: 8
[  270.825907][   T56] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  270.828575][   T56] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  270.831338][   T56] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  270.834105][   T56] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  270.837722][   T56] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  270.840160][   T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.045435][   T56] usb 7-1: GET_CAPABILITIES returned 0
[  271.046903][   T56] usbtmc 7-1:16.0: can't read capabilities
[  271.244479][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.247423][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.250685][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.254056][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.257347][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.260631][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.263926][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.267228][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.270528][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.273834][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.277106][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.280369][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.289517][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.292878][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.296478][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.308135][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  271.308492][T10836] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  271.330863][T10836] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  271.335459][T10826] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  271.337754][T10826] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  271.344282][   T56] usb 7-1: USB disconnect, device number 18
[  271.351552][T10840] overlayfs: empty lowerdir
[  272.163725][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  272.163740][   T39] audit: type=1326 audit(1734626186.168:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10851 comm="syz.2.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  272.175137][   T39] audit: type=1326 audit(1734626186.168:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10851 comm="syz.2.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  272.176399][T10852] netlink: 'syz.2.1284': attribute type 1 has an invalid length.
[  272.182705][   T39] audit: type=1326 audit(1734626186.168:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10851 comm="syz.2.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  272.190837][   T39] audit: type=1326 audit(1734626186.168:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10851 comm="syz.2.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  272.197100][   T39] audit: type=1326 audit(1734626186.168:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10851 comm="syz.2.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  272.202888][   T39] audit: type=1326 audit(1734626186.168:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10851 comm="syz.2.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  272.209331][   T39] audit: type=1326 audit(1734626186.168:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10851 comm="syz.2.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  272.216146][   T39] audit: type=1326 audit(1734626186.168:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10851 comm="syz.2.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  272.229706][   T39] audit: type=1326 audit(1734626186.168:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10851 comm="syz.2.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  272.236629][   T39] audit: type=1326 audit(1734626186.168:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10851 comm="syz.2.1284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  272.469441][   T56] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  272.594028][T10867] vivid-007: disconnect
[  272.618624][   T56] usb 8-1: Using ep0 maxpacket: 16
[  272.621933][   T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  272.625636][   T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  272.629406][   T56] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  272.632596][   T56] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.644069][   T56] usb 8-1: config 0 descriptor??
[  272.994569][T10878] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1289'.
[  273.085678][T10857] Process accounting resumed
[  273.094688][   T56] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:05AC:8241.0020/input/input40
[  273.155886][   T56] appleir 0003:05AC:8241.0020: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0
[  273.315243][ T5980] usb 8-1: USB disconnect, device number 14
[  273.335035][T10883] Cannot find del_set index 4 as target
[  273.372772][ T5944] Bluetooth: hci4: command 0x0405 tx timeout
[  273.533445][T10894] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1293'.
[  273.590649][   T56] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  273.690938][T10898] mmap: syz.1.1294 (10898) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  273.749663][   T56] usb 10-1: Using ep0 maxpacket: 8
[  273.753566][   T56] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  273.756689][   T56] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  273.759489][   T56] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  273.762183][   T56] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  273.765649][   T56] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  273.768088][   T56] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.985886][   T56] usb 10-1: GET_CAPABILITIES returned 0
[  273.988101][   T56] usbtmc 10-1:16.0: can't read capabilities
[  274.191686][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.195067][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.198432][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.201735][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.205039][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.208334][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.212338][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.214731][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.217099][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.219460][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.221839][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.227504][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.229894][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.232286][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.234662][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.238140][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  274.242352][T10885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.245575][T10885] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.250168][T10885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.253357][T10885] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.262880][ T5980] usb 10-1: USB disconnect, device number 3
[  274.361667][T10933] 9pnet_fd: Insufficient options for proto=fd
[  274.703132][T10942] afs: Unknown parameter '00000000000000000007'
[  274.851890][T10946] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  274.858182][T10945] hugetlbfs: syz.1.1299 (10945): Using mlock ulimits for SHM_HUGETLB is obsolete
[  275.017963][T10955] overlayfs: failed to resolve './file0': -2
[  275.133909][T10971] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1306'.
[  275.288487][ T5979] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  275.290586][   T63] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  275.437656][ T5979] usb 6-1: Using ep0 maxpacket: 16
[  275.439138][   T63] usb 10-1: Using ep0 maxpacket: 16
[  275.442449][   T63] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.445327][ T5979] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.448184][   T63] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.450751][ T5979] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.453439][   T63] usb 10-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  275.455839][ T5979] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  275.458261][   T63] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.460664][ T5979] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.464494][   T63] usb 10-1: config 0 descriptor??
[  275.466333][ T5979] usb 6-1: config 0 descriptor??
[  275.751097][T10995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1310'.
[  275.753894][T10995] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1310'.
[  275.758138][T10995] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1310'.
[  275.852676][T10997] overlayfs: failed to resolve './file0': -2
[  275.907514][T10963] 9pnet_virtio: no channels available for device syz
[  275.911215][T10961] Process accounting resumed
[  275.918132][   T63] input: HID 05ac:8241 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:05AC:8241.0021/input/input42
[  275.922681][ T5979] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.0022/input/input43
[  275.978002][   T63] appleir 0003:05AC:8241.0021: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0
[  276.045435][ T5979] appleir 0003:05AC:8241.0022: input,hiddev1,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  276.123851][   T56] usb 6-1: USB disconnect, device number 20
[  276.139925][ T2288] usb 10-1: USB disconnect, device number 4
[  276.722401][T11020] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  276.772781][T11022] netlink: 1284 bytes leftover after parsing attributes in process `syz.5.1320'.
[  276.839692][T11027] tty tty1: ldisc open failed (-12), clearing slot 0
[  276.875524][T11031] overlayfs: failed to resolve './file0': -2
[  276.932835][T11037] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1323'.
[  276.936125][T11037] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1323'.
[  276.938773][T11037] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1323'.
[  277.306916][ T2288] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  277.454977][ T2288] usb 7-1: Using ep0 maxpacket: 16
[  277.458257][ T2288] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  277.461870][ T2288] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  277.464924][ T2288] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  277.467293][ T2288] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.470225][ T2288] usb 7-1: config 0 descriptor??
[  277.558574][T11061] overlayfs: failed to resolve './file0': -2
[  277.910048][T11045] Process accounting resumed
[  277.915608][ T2288] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:05AC:8241.0023/input/input44
[  277.973987][ T2288] appleir 0003:05AC:8241.0023: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  278.118762][ T2288] usb 7-1: USB disconnect, device number 19
[  278.121828][T11054] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  278.123468][T11054] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  278.130267][T11054] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  278.197967][   T39] kauditd_printk_skb: 26 callbacks suppressed
[  278.197977][   T39] audit: type=1326 audit(1734626192.240:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11055 comm="syz.5.1331" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7fc00000
[  278.399612][    T9] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  278.827246][    T9] usb 6-1: Using ep0 maxpacket: 8
[  278.830306][    T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  278.833541][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  278.836776][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  278.840282][    T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  278.844529][    T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  278.847673][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.054016][    T9] usb 6-1: GET_CAPABILITIES returned 0
[  279.055962][    T9] usbtmc 6-1:16.0: can't read capabilities
[  279.114516][T11094] Cannot find del_set index 4 as target
[  279.265852][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.269067][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.272330][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.273644][T11100] __nla_validate_parse: 64 callbacks suppressed
[  279.273654][T11100] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1345'.
[  279.275465][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.275498][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.275529][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.275914][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.292549][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.295524][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.298643][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.301746][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.304903][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.309073][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.311332][T11070] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  279.311486][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.314849][T11070] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  279.316068][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.319458][T11070] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  279.320320][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  279.325670][T11070] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  279.367718][ T3219] usb 6-1: USB disconnect, device number 21
[  279.414509][ T5944] Bluetooth: hci4: command 0x0405 tx timeout
[  279.822235][  T693] wlan1: Trigger new scan to find an IBSS to join
[  280.065687][T11121] netlink: 'syz.2.1349': attribute type 10 has an invalid length.
[  280.412848][T11127] FAULT_INJECTION: forcing a failure.
[  280.412848][T11127] name failslab, interval 1, probability 0, space 0, times 0
[  280.416596][T11127] CPU: 0 UID: 0 PID: 11127 Comm: syz.5.1352 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  280.419446][T11127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  280.422241][T11127] Call Trace:
[  280.423126][T11127]  <TASK>
[  280.423927][T11127]  dump_stack_lvl+0x16c/0x1f0
[  280.425173][T11127]  should_fail_ex+0x497/0x5b0
[  280.426432][T11127]  ? fs_reclaim_acquire+0xae/0x150
[  280.427804][T11127]  should_failslab+0xc2/0x120
[  280.429053][T11127]  __kmalloc_node_noprof+0xd1/0x520
[  280.430430][T11127]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  280.431881][T11127]  ? __pfx_lock_release+0x10/0x10
[  280.433220][T11127]  __kvmalloc_node_noprof+0xad/0x1a0
[  280.434615][T11127]  seq_read_iter+0x82a/0x12b0
[  280.435865][T11127]  seq_read+0x39f/0x4e0
[  280.436954][T11127]  ? __pfx_seq_read+0x10/0x10
[  280.438212][T11127]  ? __pfx_seq_read+0x10/0x10
[  280.439450][T11127]  proc_reg_read+0x23d/0x330
[  280.440667][T11127]  ? __pfx_proc_reg_read+0x10/0x10
[  280.442029][T11127]  vfs_read+0x1df/0xbe0
[  280.443132][T11127]  ? __fget_files+0x1fc/0x3a0
[  280.444381][T11127]  ? __pfx___mutex_lock+0x10/0x10
[  280.445709][T11127]  ? __pfx_vfs_read+0x10/0x10
[  280.446972][T11127]  ? __fget_files+0x206/0x3a0
[  280.448226][T11127]  ksys_read+0x12b/0x250
[  280.449382][T11127]  ? __pfx_ksys_read+0x10/0x10
[  280.450648][T11127]  __do_fast_syscall_32+0x73/0x120
[  280.452017][T11127]  do_fast_syscall_32+0x32/0x80
[  280.453305][T11127]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  280.454977][T11127] RIP: 0023:0xf7f71579
[  280.456055][T11127] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  280.462711][T11127] RSP: 002b:00000000f50a555c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  280.462740][T11127] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020001b80
[  280.462747][T11127] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000
[  280.462753][T11127] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  280.462760][T11127] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  280.462766][T11127] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  280.462779][T11127]  </TASK>
[  281.144652][T11145] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1359'.
[  281.206533][T11152] syz.2.1360 (11152) used greatest stack depth: 20960 bytes left
[  281.292563][T11175] FAULT_INJECTION: forcing a failure.
[  281.292563][T11175] name failslab, interval 1, probability 0, space 0, times 0
[  281.298118][T11175] CPU: 3 UID: 0 PID: 11175 Comm: syz.2.1370 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  281.301389][T11175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  281.304253][T11175] Call Trace:
[  281.305122][T11175]  <TASK>
[  281.305910][T11175]  dump_stack_lvl+0x16c/0x1f0
[  281.307137][T11175]  should_fail_ex+0x497/0x5b0
[  281.308362][T11175]  ? fs_reclaim_acquire+0xae/0x150
[  281.309712][T11175]  should_failslab+0xc2/0x120
[  281.310933][T11175]  kmem_cache_alloc_lru_noprof+0x73/0x3b0
[  281.312455][T11175]  ? __d_alloc+0x35/0x8c0
[  281.313584][T11175]  __d_alloc+0x35/0x8c0
[  281.314667][T11175]  d_alloc+0x4a/0x1e0
[  281.315701][T11175]  lookup_one_qstr_excl+0xcb/0x190
[  281.317087][T11175]  ? mnt_want_write+0x161/0x450
[  281.318355][T11175]  do_renameat2+0x532/0xdd0
[  281.319593][T11175]  ? __pfx_do_renameat2+0x10/0x10
[  281.320891][T11175]  ? lock_acquire+0x2f/0xb0
[  281.322108][T11175]  ? __virt_addr_valid+0x5e/0x590
[  281.323416][T11175]  ? __phys_addr_symbol+0x30/0x80
[  281.324724][T11175]  ? getname_flags.part.0+0x1c5/0x550
[  281.326130][T11175]  __ia32_sys_rename+0x7c/0xa0
[  281.327404][T11175]  __do_fast_syscall_32+0x73/0x120
[  281.328739][T11175]  do_fast_syscall_32+0x32/0x80
[  281.330013][T11175]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  281.331763][T11175] RIP: 0023:0xf7f01579
[  281.332831][T11175] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  281.337761][T11175] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000026
[  281.339907][T11175] RAX: ffffffffffffffda RBX: 00000000200001c0 RCX: 0000000020000800
[  281.341980][T11175] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  281.344013][T11175] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  281.346058][T11175] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  281.348117][T11175] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  281.350167][T11175]  </TASK>
[  281.424462][ T3219] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  281.485260][ T5944] Bluetooth: hci4: command 0x0405 tx timeout
[  281.584330][ T3219] usb 6-1: Using ep0 maxpacket: 16
[  281.588625][ T3219] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  281.591698][ T3219] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  281.597860][ T3219] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  281.601172][ T3219] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.604889][ T3219] usb 6-1: config 0 descriptor??
[  282.037425][T11154] Process accounting resumed
[  282.043127][ T3219] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.0024/input/input46
[  282.115045][ T3219] appleir 0003:05AC:8241.0024: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  282.257637][ T5980] usb 6-1: USB disconnect, device number 22
[  282.470520][T11204] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  283.097316][   T56] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  283.266609][   T56] usb 6-1: Using ep0 maxpacket: 16
[  283.270946][   T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  283.274052][   T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  283.276683][   T56] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  283.279151][   T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.282169][   T56] usb 6-1: config 0 descriptor??
[  283.555543][ T5944] Bluetooth: hci4: command 0x0405 tx timeout
[  283.562247][T11229] Cannot find del_set index 4 as target
[  283.709759][   T56] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:05AC:8241.0025/input/input47
[  283.734775][   T25] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  283.767044][   T56] appleir 0003:05AC:8241.0025: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  283.884195][   T25] usb 8-1: Using ep0 maxpacket: 16
[  283.887111][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  283.889895][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  283.892389][   T25] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  283.894797][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.900393][   T25] usb 8-1: config 0 descriptor??
[  283.909114][   T63] usb 6-1: USB disconnect, device number 23
[  284.369362][T11226] Process accounting resumed
[  284.380159][   T25] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:05AC:8241.0026/input/input48
[  284.444629][   T25] appleir 0003:05AC:8241.0026: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0
[  284.481939][   T63] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  284.586450][   T25] usb 8-1: USB disconnect, device number 15
[  284.641434][   T63] usb 7-1: Using ep0 maxpacket: 8
[  284.646065][   T63] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  284.651387][   T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  284.654434][   T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  284.661351][   T63] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  284.664898][   T63] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  284.668088][   T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.671275][   T77] wlan1: Trigger new scan to find an IBSS to join
[  284.877532][   T63] usb 7-1: GET_CAPABILITIES returned 0
[  284.879386][   T63] usbtmc 7-1:16.0: can't read capabilities
[  284.880803][T11247] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1397'.
[  285.077645][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.080030][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.082389][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.085177][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.088435][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.091639][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.094898][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.098167][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.101416][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.104645][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.107896][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.111069][    C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.114483][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.117547][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.120593][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.123657][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  285.180306][ T5980] usb 7-1: USB disconnect, device number 20
[  285.225955][ T1175] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.349647][ T1175] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.452746][ T1175] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.489511][T11268] FAULT_INJECTION: forcing a failure.
[  285.489511][T11268] name failslab, interval 1, probability 0, space 0, times 0
[  285.493357][T11268] CPU: 3 UID: 0 PID: 11268 Comm: syz.3.1406 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  285.496941][T11268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.500742][T11268] Call Trace:
[  285.501957][T11268]  <TASK>
[  285.502741][T11268]  dump_stack_lvl+0x16c/0x1f0
[  285.503987][T11268]  should_fail_ex+0x497/0x5b0
[  285.505248][T11268]  ? fs_reclaim_acquire+0xae/0x150
[  285.506609][T11268]  should_failslab+0xc2/0x120
[  285.507885][T11268]  __kmalloc_noprof+0xce/0x4f0
[  285.509152][T11268]  ? nla_strdup+0xc6/0x150
[  285.510336][T11268]  nla_strdup+0xc6/0x150
[  285.511455][T11268]  nf_tables_newtable+0xe08/0x1b40
[  285.512800][T11268]  ? net_generic+0xea/0x2a0
[  285.513996][T11268]  ? __pfx_nf_tables_newtable+0x10/0x10
[  285.515530][T11268]  ? __nla_parse+0x40/0x60
[  285.516708][T11268]  nfnetlink_rcv_batch+0x1a2a/0x24e0
[  285.518124][T11268]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  285.520089][T11268]  ? __pfx_lock_release+0x10/0x10
[  285.521945][T11268]  ? __local_bh_enable_ip+0xa4/0x120
[  285.523881][T11268]  ? lockdep_hardirqs_on+0x7c/0x110
[  285.525788][T11268]  ? __pfx___dev_queue_xmit+0x10/0x10
[  285.527804][T11268]  ? __nla_parse+0x40/0x60
[  285.529466][T11268]  nfnetlink_rcv+0x3c3/0x430
[  285.531155][T11268]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  285.533037][T11268]  netlink_unicast+0x53c/0x7f0
[  285.534787][T11268]  ? __pfx_netlink_unicast+0x10/0x10
[  285.536803][T11268]  ? __phys_addr_symbol+0x30/0x80
[  285.538746][T11268]  ? __check_object_size+0x488/0x710
[  285.540696][T11268]  netlink_sendmsg+0x8b8/0xd70
[  285.542469][T11268]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.544470][T11268]  ____sys_sendmsg+0x9ae/0xb40
[  285.546246][T11268]  ? __pfx_____sys_sendmsg+0x10/0x10
[  285.548141][T11268]  ? get_compat_msghdr+0x11b/0x170
[  285.550000][T11268]  ___sys_sendmsg+0x135/0x1e0
[  285.551756][T11268]  ? __pfx____sys_sendmsg+0x10/0x10
[  285.553674][T11268]  ? __pfx_lock_release+0x10/0x10
[  285.555523][T11268]  ? trace_lock_acquire+0x14e/0x1f0
[  285.557500][T11268]  ? __fget_files+0x206/0x3a0
[  285.559230][T11268]  __sys_sendmsg+0x16e/0x220
[  285.560923][T11268]  ? __pfx___sys_sendmsg+0x10/0x10
[  285.562621][T11268]  __do_fast_syscall_32+0x73/0x120
[  285.564088][T11268]  do_fast_syscall_32+0x32/0x80
[  285.565881][T11268]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  285.568187][T11268] RIP: 0023:0xf7f62579
[  285.569416][T11268] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  285.574500][T11268] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  285.577501][T11268] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000300
[  285.580393][T11268] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  285.583281][T11268] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  285.586137][T11268] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  285.588971][T11268] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  285.591793][T11268]  </TASK>
[  285.635927][ T1175] bond0: (slave netdevsim0): Releasing backup interface
[  285.651765][ T1175] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.709196][   T68] wlan1: Creating new IBSS network, BSSID 7a:9d:f5:70:8d:c8
[  285.784501][ T1175] bridge_slave_1: left allmulticast mode
[  285.787204][ T1175] bridge_slave_1: left promiscuous mode
[  285.789505][ T1175] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.793004][ T1175] bridge_slave_0: left allmulticast mode
[  285.794485][ T1175] bridge_slave_0: left promiscuous mode
[  285.796143][ T1175] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.799723][   T12] 
[  285.800678][   T12] =============================
[  285.802362][   T12] WARNING: suspicious RCU usage
[  285.803993][   T12] 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 Not tainted
[  285.807570][   T12] -----------------------------
[  285.809638][   T12] net/sched/sch_generic.c:1290 suspicious rcu_dereference_protected() usage!
[  285.812694][   T12] 
[  285.812694][   T12] other info that might help us debug this:
[  285.812694][   T12] 
[  285.815976][   T12] 
[  285.815976][   T12] rcu_scheduler_active = 2, debug_locks = 1
[  285.818304][   T12] 3 locks held by kworker/u32:1/12:
[  285.819865][   T12]  #0: ffff8880650cc948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_one_work+0x12cd/0x1b30
[  285.823366][   T12]  #1: ffffc900001e7d80 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30
[  285.827997][   T12]  #2: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x140/0x2d90
[  285.831412][   T12] 
[  285.831412][   T12] stack backtrace:
[  285.833541][   T12] CPU: 3 UID: 0 PID: 12 Comm: kworker/u32:1 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  285.837413][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.841208][   T12] Workqueue: bond0 bond_mii_monitor
[  285.843134][   T12] Call Trace:
[  285.844352][   T12]  <TASK>
[  285.845429][   T12]  dump_stack_lvl+0x16c/0x1f0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  285.847173][   T12]  lockdep_rcu_suspicious+0x210/0x3c0
[  285.849221][   T12]  dev_deactivate_queue+0x167/0x190
[  285.851102][   T12]  dev_deactivate_many+0xe7/0xb20
[  285.852936][   T12]  dev_deactivate+0xf9/0x1c0
[  285.854635][   T12]  ? __pfx_dev_deactivate+0x10/0x10
[  285.856523][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  285.858674][   T12]  linkwatch_do_dev+0x11e/0x160
[  285.860443][   T12]  linkwatch_sync_dev+0x181/0x210
[  285.862286][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  285.863480][T11276] syz-executor: vmalloc error: size 4194304, failed to allocated page array size 8192, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null)
[  285.864447][   T12]  ethtool_op_get_link+0x1d/0x70
[  285.868985][T11276] ,cpuset=
[  285.870313][   T12]  bond_check_dev_link+0x197/0x430
[  285.870332][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  285.871727][T11276] /
[  285.873035][   T12]  bond_mii_monitor+0x3c1/0x2d90
[  285.875505][T11276] ,mems_allowed=0-1
[  285.876005][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  285.878094][T11276] 
[  285.879224][   T12]  ? rcu_is_watching+0x12/0xc0
[  285.883370][   T12]  ? lock_acquire+0x2f/0xb0
[  285.884540][   T12]  ? process_one_work+0x8bb/0x1b30
[  285.885914][   T12]  process_one_work+0x958/0x1b30
[  285.887224][   T12]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  285.888740][   T12]  ? __pfx_process_one_work+0x10/0x10
[  285.890142][   T12]  ? rcu_is_watching+0x12/0xc0
[  285.891411][   T12]  ? assign_work+0x1a0/0x250
[  285.892625][   T12]  worker_thread+0x6c8/0xf00
[  285.893837][   T12]  ? __pfx_worker_thread+0x10/0x10
[  285.895158][   T12]  kthread+0x2c1/0x3a0
[  285.896255][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  285.897802][   T12]  ? __pfx_kthread+0x10/0x10
[  285.899119][   T12]  ret_from_fork+0x45/0x80
[  285.900274][   T12]  ? __pfx_kthread+0x10/0x10
[  285.901484][   T12]  ret_from_fork_asm+0x1a/0x30
[  285.902723][   T12]  </TASK>
[  285.903547][T11276] CPU: 0 UID: 0 PID: 11276 Comm: syz-executor Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  285.903952][   T12] 
[  285.906954][T11276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.906964][T11276] Call Trace:
[  285.906969][T11276]  <TASK>
[  285.906973][T11276]  dump_stack_lvl+0x16c/0x1f0
[  285.906989][T11276]  warn_alloc+0x24d/0x3a0
[  285.907004][T11276]  ? __pfx_warn_alloc+0x10/0x10
[  285.907021][T11276]  ? __get_vm_area_node+0x1b0/0x2f0
[  285.907032][T11276]  ? __get_vm_area_node+0x1dc/0x2f0
[  285.907045][T11276]  __vmalloc_node_range_noprof+0x1105/0x1530
[  285.907056][T11276]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  285.907075][T11276]  ? kcov_ioctl+0x4c/0x730
[  285.907088][T11276]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  285.907103][T11276]  ? kcov_ioctl+0x4c/0x730
[  285.907111][T11276]  ? __pfx_kcov_ioctl+0x10/0x10
[  285.907121][T11276]  vmalloc_user_noprof+0x6b/0x90
[  285.907133][T11276]  ? kcov_ioctl+0x4c/0x730
[  285.907142][T11276]  kcov_ioctl+0x4c/0x730
[  285.907152][T11276]  ? __pfx_kcov_ioctl+0x10/0x10
[  285.907162][T11276]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  285.907178][T11276]  __do_fast_syscall_32+0x73/0x120
[  285.907192][T11276]  do_fast_syscall_32+0x32/0x80
[  285.907204][T11276]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  285.907219][T11276] RIP: 0023:0xf7fa4579
[  285.907228][T11276] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  285.907237][T11276] RSP: 002b:00000000ffaf3ff4 EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  285.907249][T11276] RAX: ffffffffffffffda RBX: 00000000000000d9 RCX: 0000000080086301
[  285.907255][T11276] RDX: 0000000000080000 RSI: 00000000f7433ff4 RDI: 0000000000000000
[  285.907262][T11276] RBP: 0000000000080000 R08: 0000000000000000 R09: 0000000000000000
[  285.907268][T11276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  285.907274][T11276] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  285.907285][T11276]  </TASK>
[  285.907339][T11276] Mem-Info:
[  285.907348][T11276] active_anon:13512 inactive_anon:7542 isolated_anon:0
[  285.907348][T11276]  active_file:6351 inactive_file:27049 isolated_file:0
[  285.907348][T11276]  unevictable:1768 dirty:355 writeback:0
[  285.907348][T11276]  slab_reclaimable:5967 slab_unreclaimable:63458
[  285.907348][T11276]  mapped:21097 shmem:18020 pagetables:909
[  285.907348][T11276]  sec_pagetables:306 bounce:0
[  285.907348][T11276]  kernel_misc_reclaimable:0
[  285.907348][T11276]  free:53616 free_pcp:7257 free_cma:0
[  285.907983][   T12] =============================
[  285.907989][   T12] WARNING: suspicious RCU usage
[  285.911901][T11276] Node 0 active_anon:9828kB inactive_anon:0kB active_file:6748kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:3616kB dirty:36kB writeback:0kB shmem:12324kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9684kB pagetables:932kB sec_pagetables:1140kB all_unreclaimable? yes
[  285.912804][   T12] 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 Not tainted
[  285.913904][T11276] Node 1 active_anon:44220kB inactive_anon:30168kB active_file:18656kB inactive_file:108196kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:71168kB dirty:1384kB writeback:0kB shmem:59756kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2992kB pagetables:2704kB sec_pagetables:84kB all_unreclaimable? no
[  285.915152][   T12] -----------------------------
[  285.915158][   T12] ./include/linux/rtnetlink.h:156 suspicious rcu_dereference_protected() usage!
[  285.916685][T11276] Node 0 
[  285.918129][   T12] 
[  285.918129][   T12] other info that might help us debug this:
[  285.918129][   T12] 
[  285.919759][T11276] DMA free:2940kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:432kB local_pcp:80kB free_cma:0kB
[  285.920947][   T12] 
[  285.920947][   T12] rcu_scheduler_active = 2, debug_locks = 1
[  285.922839][T11276] lowmem_reserve[]:
[  285.923987][   T12] 3 locks held by kworker/u32:1/12:
[  285.925399][T11276]  0 273
[  285.927071][   T12]  #0: ffff8880650cc948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_one_work+0x12cd/0x1b30
[  285.927110][   T12]  #1: ffffc900001e7d80 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30
[  285.927137][   T12]  #2: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x140/0x2d90
[  285.928609][T11276]  0 0 0
[  285.929962][   T12] 
[  285.929962][   T12] stack backtrace:
[  285.929970][   T12] CPU: 2 UID: 0 PID: 12 Comm: kworker/u32:1 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  285.931542][T11276] 
[  285.932654][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  285.932664][   T12] Workqueue: bond0 bond_mii_monitor
[  285.934226][T11276] Node 0 
[  285.935475][   T12] 
[  285.935481][   T12] Call Trace:
[  285.935485][   T12]  <TASK>
[  285.937481][T11276] DMA32 free:19984kB boost:2048kB min:15952kB low:19428kB high:22904kB reserved_highatomic:4096KB active_anon:9828kB inactive_anon:0kB active_file:6748kB inactive_file:0kB unevictable:3536kB writepending:36kB present:1032196kB managed:306308kB mlocked:0kB bounce:0kB free_pcp:1960kB local_pcp:416kB free_cma:0kB
[  285.938863][   T12]  dump_stack_lvl+0x16c/0x1f0
[  285.940646][T11276] lowmem_reserve[]:
[  285.942306][   T12]  lockdep_rcu_suspicious+0x210/0x3c0
[  285.943797][T11276]  0
[  285.948795][   T12]  dev_deactivate_many+0x8af/0xb20
[  285.948817][   T12]  dev_deactivate+0xf9/0x1c0
[  285.948826][   T12]  ? __pfx_dev_deactivate+0x10/0x10
[  285.948836][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  285.951896][T11276]  0
[  285.953969][   T12]  linkwatch_do_dev+0x11e/0x160
[  285.956917][T11276]  0
[  285.958981][   T12]  linkwatch_sync_dev+0x181/0x210
[  285.961877][T11276]  0
[  285.963949][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  285.964759][T11276]  0
[  285.965597][   T12]  ethtool_op_get_link+0x1d/0x70
[  285.977952][T11276] 
[  285.978442][   T12]  bond_check_dev_link+0x197/0x430
[  285.979719][T11276] Node 1 
[  285.987773][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  285.987801][   T12]  bond_mii_monitor+0x3c1/0x2d90
[  285.987818][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  285.987830][   T12]  ? rcu_is_watching+0x12/0xc0
[  285.987845][   T12]  ? lock_acquire+0x2f/0xb0
[  285.987855][   T12]  ? process_one_work+0x8bb/0x1b30
[  285.987866][   T12]  process_one_work+0x958/0x1b30
[  285.987879][   T12]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  285.987889][   T12]  ? __pfx_process_one_work+0x10/0x10
[  285.987897][   T12]  ? rcu_is_watching+0x12/0xc0
[  285.987912][   T12]  ? assign_work+0x1a0/0x250
[  285.987928][   T12]  worker_thread+0x6c8/0xf00
[  285.987942][   T12]  ? __pfx_worker_thread+0x10/0x10
[  285.997485][T11276] DMA32 free:191328kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:42820kB inactive_anon:30168kB active_file:18756kB inactive_file:108196kB unevictable:3536kB writepending:1384kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:27440kB local_pcp:4220kB free_cma:0kB
[  285.998428][   T12]  kthread+0x2c1/0x3a0
[  285.999702][T11276] lowmem_reserve[]:
[  286.002062][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  286.002860][T11276]  0
[  286.005631][   T12]  ? __pfx_kthread+0x10/0x10
[  286.017690][ T9451] vivid-007: reconnect
[  286.017825][   T12]  ret_from_fork+0x45/0x80
[  286.026394][T11276]  0
[  286.026558][   T12]  ? __pfx_kthread+0x10/0x10
[  286.027357][T11276]  0
[  286.028886][   T12]  ret_from_fork_asm+0x1a/0x30
[  286.031631][T11276]  0 0
[  286.032296][   T12]  </TASK>
[  286.035090][T11276] 
[  286.035097][T11276] Node 0 
[  286.051762][   T12] BUG: sleeping function called from invalid context at net/core/dev.c:11403
[  286.055699][T11276] DMA: 
[  286.057200][   T12] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 12, name: kworker/u32:1
[  286.057852][T11276] 19*4kB 
[  286.059119][   T12] preempt_count: 0, expected: 0
[  286.059786][T11276] (U) 
[  286.061089][   T12] RCU nest depth: 1, expected: 0
[  286.061753][T11276] 16*8kB (U) 
[  286.063230][   T12] 3 locks held by kworker/u32:1/12:
[  286.063905][T11276] 41*16kB 
[  286.065193][   T12]  #0: 
[  286.065869][T11276] (U) 65*32kB 
[  286.068854][   T12] ffff8880650cc948
[  286.069512][T11276] (U) 0*64kB 
[  286.070807][   T12]  (
[  286.072208][T11276] 0*128kB 
[  286.073455][   T12] (wq_completion)bond0
[  286.074619][T11276] 0*256kB 
[  286.075941][   T12] #4
[  286.077282][T11276] 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2940kB
[  286.077307][T11276] Node 0 DMA32: 
[  286.078763][   T12] ){+.+.}-{0:0}
[  286.080300][T11276] 254*4kB 
[  286.081546][   T12] , at: process_one_work+0x12cd/0x1b30
[  286.082740][T11276] (UMEH) 167*8kB 
[  286.083944][   T12]  #1: 
[  286.085274][T11276] (UMEH) 106*16kB 
[  286.093255][   T12] ffffc900001e7d80
[  286.094239][T11276] (UMEH) 
[  286.095230][   T12]  (
[  286.096619][T11276] 129*32kB 
[  286.097338][   T12] (work_completion)(&(&bond->mii_work)->work)
[  286.098512][T11276] (UMEH) 
[  286.099568][   T12] ){+.+.}-{0:0}
[  286.100720][T11276] 63*64kB 
[  286.101395][   T12] , at: process_one_work+0x8bb/0x1b30
[  286.102657][T11276] (UMEH) 
[  286.103332][   T12]  #2: 
[  286.104574][T11276] 37*128kB 
[  286.105302][   T12] ffffffff8ddbad40 (
[  286.106622][T11276] (UE) 
[  286.107261][   T12] rcu_read_lock
[  286.108244][T11276] 12*256kB 
[  286.110506][   T12] ){....}-{1:3}
[  286.111240][T11276] (UME) 
[  286.113593][   T12] , at: bond_mii_monitor+0x140/0x2d90
[  286.114367][T11276] 3*512kB 
[  286.115629][   T12] CPU: 2 UID: 0 PID: 12 Comm: kworker/u32:1 Not tainted 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  286.116374][T11276] (UM) 
[  286.117672][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.118542][T11276] 2*1024kB 
[  286.119893][   T12] Workqueue: bond0 bond_mii_monitor
[  286.120698][T11276] (UM) 0*2048kB 
[  286.121438][   T12] 
[  286.121444][   T12] Call Trace:
[  286.122331][T11276] 0*4096kB 
[  286.123310][   T12]  <TASK>
[  286.124172][T11276] = 23600kB
[  286.124842][   T12]  dump_stack_lvl+0x16c/0x1f0
[  286.125787][T11276] Node 1 
[  286.126877][   T12]  __might_resched+0x3c0/0x5e0
[  286.126896][   T12]  ? __pfx___might_resched+0x10/0x10
[  286.126909][   T12]  synchronize_net+0x1b/0x60
[  286.128032][T11276] DMA32: 8*4kB 
[  286.128702][   T12]  dev_deactivate_many+0x2a1/0xb20
[  286.130260][T11276] (UE) 34*8kB 
[  286.131211][   T12]  dev_deactivate+0xf9/0x1c0
[  286.132131][T11276] (E) 
[  286.132948][   T12]  ? __pfx_dev_deactivate+0x10/0x10
[  286.134359][T11276] 170*16kB (ME) 
[  286.135331][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  286.136158][T11276] 221*32kB 
[  286.137138][   T12]  linkwatch_do_dev+0x11e/0x160
[  286.138128][T11276] (ME) 233*64kB 
[  286.138900][   T12]  linkwatch_sync_dev+0x181/0x210
[  286.139557][T11276] (UME) 
[  286.140387][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  286.141946][T11276] 133*128kB 
[  286.142658][   T12]  ethtool_op_get_link+0x1d/0x70
[  286.143561][T11276] (UME) 
[  286.144378][   T12]  bond_check_dev_link+0x197/0x430
[  286.145936][T11276] 49*256kB 
[  286.146727][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  286.146750][   T12]  bond_mii_monitor+0x3c1/0x2d90
[  286.146767][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  286.146779][   T12]  ? rcu_is_watching+0x12/0xc0
[  286.147797][T11276] (UME) 
[  286.148634][   T12]  ? lock_acquire+0x2f/0xb0
[  286.149647][T11276] 57*512kB 
[  286.150381][   T12]  ? process_one_work+0x8bb/0x1b30
[  286.151280][T11276] (UME) 
[  286.152129][   T12]  process_one_work+0x958/0x1b30
[  286.153034][T11276] 43*1024kB (UME) 
[  286.153806][   T12]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  286.155178][T11276] 23*2048kB 
[  286.155994][   T12]  ? __pfx_process_one_work+0x10/0x10
[  286.156008][   T12]  ? rcu_is_watching+0x12/0xc0
[  286.156023][   T12]  ? assign_work+0x1a0/0x250
[  286.156042][   T12]  worker_thread+0x6c8/0xf00
[  286.156057][   T12]  ? __pfx_worker_thread+0x10/0x10
[  286.158842][T11276] (UM) 4*4096kB 
[  286.159580][   T12]  kthread+0x2c1/0x3a0
[  286.162328][T11276] (UM) = 191280kB
[  286.163168][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  286.164513][T11276] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  286.165520][   T12]  ? __pfx_kthread+0x10/0x10
[  286.166236][T11276] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  286.167085][   T12]  ret_from_fork+0x45/0x80
[  286.167917][T11276] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  286.168659][   T12]  ? __pfx_kthread+0x10/0x10
[  286.169494][T11276] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  286.170725][   T12]  ret_from_fork_asm+0x1a/0x30
[  286.171493][T11276] 48946 total pagecache pages
[  286.172754][   T12]  </TASK>
[  286.174107][T11276] 66 pages in swap cache
[  286.174114][T11276] Free swap  = 121996kB
[  286.175591][   T12] 
[  286.176290][T11276] Total swap = 124996kB
[  286.177715][   T12] =============================
[  286.178621][T11276] 524155 pages RAM
[  286.180153][   T12] WARNING: suspicious RCU usage
[  286.180875][T11276] 0 pages HighMem/MovableOnly
[  286.180882][T11276] 206675 pages reserved
[  286.180885][T11276] 0 pages cma reserved
[  286.182647][   T12] 6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0 Tainted: G        W         
[  286.258782][   T12] -----------------------------
[  286.260053][   T12] kernel/rcu/tree_exp.h:946 Illegal synchronize_rcu_expedited() in RCU read-side critical section!
[  286.262755][   T12] 
[  286.262755][   T12] other info that might help us debug this:
[  286.262755][   T12] 
[  286.265356][   T12] 
[  286.265356][   T12] rcu_scheduler_active = 2, debug_locks = 1
[  286.267495][   T12] 3 locks held by kworker/u32:1/12:
[  286.268844][   T12]  #0: ffff8880650cc948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_one_work+0x12cd/0x1b30
[  286.271821][   T12]  #1: ffffc900001e7d80 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30
[  286.275469][   T12]  #2: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x140/0x2d90
[  286.278062][   T12] 
[  286.278062][   T12] stack backtrace:
[  286.279595][   T12] CPU: 2 UID: 0 PID: 12 Comm: kworker/u32:1 Tainted: G        W          6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  286.282763][   T12] Tainted: [W]=WARN
[  286.283773][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.286540][   T12] Workqueue: bond0 bond_mii_monitor
[  286.287898][   T12] Call Trace:
[  286.288772][   T12]  <TASK>
[  286.289591][   T12]  dump_stack_lvl+0x16c/0x1f0
[  286.291113][   T12]  lockdep_rcu_suspicious+0x210/0x3c0
[  286.292670][   T12]  synchronize_rcu_expedited+0x1e5/0x450
[  286.294304][   T12]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  286.296132][   T12]  ? dump_stack_lvl+0x1a1/0x1f0
[  286.297441][   T12]  ? dump_stack_lvl+0x1a3/0x1f0
[  286.298861][   T12]  ? add_taint+0x5f/0xd0
[  286.300318][   T12]  ? __pfx___might_resched+0x10/0x10
[  286.302119][   T12]  synchronize_net+0x3e/0x60
[  286.303710][   T12]  dev_deactivate_many+0x2a1/0xb20
[  286.305239][   T12]  dev_deactivate+0xf9/0x1c0
[  286.306476][   T12]  ? __pfx_dev_deactivate+0x10/0x10
[  286.307984][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  286.309789][   T12]  linkwatch_do_dev+0x11e/0x160
[  286.311337][   T12]  linkwatch_sync_dev+0x181/0x210
[  286.312708][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  286.314194][   T12]  ethtool_op_get_link+0x1d/0x70
[  286.315703][   T12]  bond_check_dev_link+0x197/0x430
[  286.317117][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  286.318595][   T12]  bond_mii_monitor+0x3c1/0x2d90
[  286.319905][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  286.321673][   T12]  ? rcu_is_watching+0x12/0xc0
[  286.323042][   T12]  ? lock_acquire+0x2f/0xb0
[  286.324235][   T12]  ? process_one_work+0x8bb/0x1b30
[  286.325665][   T12]  process_one_work+0x958/0x1b30
[  286.327058][   T12]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  286.328551][   T12]  ? __pfx_process_one_work+0x10/0x10
[  286.329953][   T12]  ? rcu_is_watching+0x12/0xc0
[  286.331210][   T12]  ? assign_work+0x1a0/0x250
[  286.332443][   T12]  worker_thread+0x6c8/0xf00
[  286.333669][   T12]  ? __pfx_worker_thread+0x10/0x10
[  286.335006][   T12]  kthread+0x2c1/0x3a0
[  286.336080][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  286.337487][   T12]  ? __pfx_kthread+0x10/0x10
[  286.338698][   T12]  ret_from_fork+0x45/0x80
[  286.339906][   T12]  ? __pfx_kthread+0x10/0x10
[  286.341472][   T12]  ret_from_fork_asm+0x1a/0x30
[  286.343111][   T12]  </TASK>
[  286.344635][   T12] ------------[ cut here ]------------
[  286.346525][   T12] Voluntary context switch within RCU read-side critical section!
[  286.346604][   T12] WARNING: CPU: 2 PID: 12 at kernel/rcu/tree_plugin.h:331 rcu_note_context_switch+0xc5c/0x1ae0
[  286.352335][   T12] Modules linked in:
[  286.353634][   T12] CPU: 2 UID: 0 PID: 12 Comm: kworker/u32:1 Tainted: G        W          6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  286.356878][   T12] Tainted: [W]=WARN
[  286.358184][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.361776][   T12] Workqueue: bond0 bond_mii_monitor
[  286.363553][   T12] RIP: 0010:rcu_note_context_switch+0xc5c/0x1ae0
[  286.365602][   T12] Code: 7a 00 4c 8b 54 24 30 48 8b 44 24 28 8b 4c 24 10 e9 c6 03 00 00 c6 05 4f 9e 84 0e 01 90 48 c7 c7 c0 a4 4e 8b e8 65 2e d9 ff 90 <0f> 0b 90 90 e9 a8 f4 ff ff 38 d0 7f 08 84 c0 0f 85 2b 08 00 00 80
[  286.370765][   T12] RSP: 0018:ffffc900001e74f8 EFLAGS: 00010086
[  286.372491][   T12] RAX: 0000000000000000 RBX: ffff88802b63fcc0 RCX: ffffffff815a16c9
[  286.374604][   T12] RDX: ffff88801ca8c880 RSI: ffffffff815a16d6 RDI: 0000000000000001
[  286.376745][   T12] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  286.379007][   T12] R10: 0000000000000000 R11: 0000000000000003 R12: ffff88801ca8c880
[  286.381224][   T12] R13: ffff88801ca8c880 R14: ffff88801ca8c880 R15: ffff88802b63ed00
[  286.383339][   T12] FS:  0000000000000000(0000) GS:ffff88802b600000(0000) knlGS:0000000000000000
[  286.385737][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  286.387516][   T12] CR2: 00000000f713fdb0 CR3: 0000000048226000 CR4: 0000000000352ef0
[  286.389832][   T12] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  286.391897][   T12] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  286.394005][   T12] Call Trace:
[  286.394889][   T12]  <TASK>
[  286.395690][   T12]  ? __warn+0xea/0x3c0
[  286.396768][   T12]  ? hlock_class+0x4e/0x130
[  286.397999][   T12]  ? rcu_note_context_switch+0xc5c/0x1ae0
[  286.399496][   T12]  ? report_bug+0x3c0/0x580
[  286.400702][   T12]  ? handle_bug+0x54/0xa0
[  286.401854][   T12]  ? exc_invalid_op+0x17/0x50
[  286.403099][   T12]  ? asm_exc_invalid_op+0x1a/0x20
[  286.404439][   T12]  ? __warn_printk+0x199/0x350
[  286.405712][   T12]  ? __warn_printk+0x1a6/0x350
[  286.406985][   T12]  ? rcu_note_context_switch+0xc5c/0x1ae0
[  286.408503][   T12]  ? rcu_note_context_switch+0xc5b/0x1ae0
[  286.410038][   T12]  ? schedule+0xe7/0x350
[  286.411150][   T12]  ? rcu_is_watching+0x12/0xc0
[  286.412463][   T12]  ? schedule+0xe7/0x350
[  286.413659][   T12]  __schedule+0x297/0x5ad0
[  286.414871][   T12]  ? __pfx___lock_acquire+0x10/0x10
[  286.416281][   T12]  ? find_held_lock+0x2d/0x110
[  286.417621][   T12]  ? __pfx___schedule+0x10/0x10
[  286.418904][   T12]  ? schedule+0x298/0x350
[  286.420037][   T12]  ? __pfx_lock_release+0x10/0x10
[  286.421366][   T12]  ? trace_lock_acquire+0x14e/0x1f0
[  286.422721][   T12]  ? lock_acquire+0x2f/0xb0
[  286.423925][   T12]  ? schedule+0x1fd/0x350
[  286.425087][   T12]  schedule+0xe7/0x350
[  286.426179][   T12]  exp_funnel_lock+0x344/0x3b0
[  286.427468][   T12]  ? __pfx_exp_funnel_lock+0x10/0x10
[  286.428898][   T12]  ? __pfx_autoremove_wake_function+0x10/0x10
[  286.430535][   T12]  ? __pfx___might_resched+0x10/0x10
[  286.431986][   T12]  ? lockdep_rcu_suspicious+0x2ee/0x3c0
[  286.433456][   T12]  synchronize_rcu_expedited+0x290/0x450
[  286.434938][   T12]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  286.437137][   T12]  ? dump_stack_lvl+0x1a1/0x1f0
[  286.438724][   T12]  ? dump_stack_lvl+0x1a3/0x1f0
[  286.440000][   T12]  ? add_taint+0x5f/0xd0
[  286.441116][   T12]  ? __pfx___might_resched+0x10/0x10
[  286.442565][   T12]  synchronize_net+0x3e/0x60
[  286.443815][   T12]  dev_deactivate_many+0x2a1/0xb20
[  286.445187][   T12]  dev_deactivate+0xf9/0x1c0
[  286.446410][   T12]  ? __pfx_dev_deactivate+0x10/0x10
[  286.447787][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  286.449345][   T12]  linkwatch_do_dev+0x11e/0x160
[  286.450645][   T12]  linkwatch_sync_dev+0x181/0x210
[  286.451993][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  286.453467][   T12]  ethtool_op_get_link+0x1d/0x70
[  286.454777][   T12]  bond_check_dev_link+0x197/0x430
[  286.456134][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  286.457634][   T12]  bond_mii_monitor+0x3c1/0x2d90
[  286.458932][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  286.460331][   T12]  ? rcu_is_watching+0x12/0xc0
[  286.461591][   T12]  ? lock_acquire+0x2f/0xb0
[  286.462777][   T12]  ? process_one_work+0x8bb/0x1b30
[  286.464127][   T12]  process_one_work+0x958/0x1b30
[  286.465439][   T12]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  286.466917][   T12]  ? __pfx_process_one_work+0x10/0x10
[  286.468308][   T12]  ? rcu_is_watching+0x12/0xc0
[  286.469568][   T12]  ? assign_work+0x1a0/0x250
[  286.470776][   T12]  worker_thread+0x6c8/0xf00
[  286.471988][   T12]  ? __pfx_worker_thread+0x10/0x10
[  286.473296][   T12]  kthread+0x2c1/0x3a0
[  286.474370][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  286.475737][   T12]  ? __pfx_kthread+0x10/0x10
[  286.476970][   T12]  ret_from_fork+0x45/0x80
[  286.478151][   T12]  ? __pfx_kthread+0x10/0x10
[  286.479352][   T12]  ret_from_fork_asm+0x1a/0x30
[  286.480605][   T12]  </TASK>
[  286.481451][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  286.483335][   T12] CPU: 2 UID: 0 PID: 12 Comm: kworker/u32:1 Tainted: G        W          6.13.0-rc3-syzkaller-00073-geabcdba3ad40 #0
[  286.486571][   T12] Tainted: [W]=WARN
[  286.487595][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  286.490362][   T12] Workqueue: bond0 bond_mii_monitor
[  286.491860][   T12] Call Trace:
[  286.492881][   T12]  <TASK>
[  286.493695][   T12]  dump_stack_lvl+0x3d/0x1f0
[  286.494941][   T12]  panic+0x71d/0x800
[  286.495983][   T12]  ? __pfx_panic+0x10/0x10
[  286.497194][   T12]  ? show_trace_log_lvl+0x29d/0x3d0
[  286.498582][   T12]  ? check_panic_on_warn+0x1f/0xb0
[  286.499938][   T12]  ? rcu_note_context_switch+0xc5c/0x1ae0
[  286.501454][   T12]  check_panic_on_warn+0xab/0xb0
[  286.502762][   T12]  __warn+0xf6/0x3c0
[  286.503812][   T12]  ? hlock_class+0x4e/0x130
[  286.505045][   T12]  ? rcu_note_context_switch+0xc5c/0x1ae0
[  286.506561][   T12]  report_bug+0x3c0/0x580
[  286.507705][   T12]  handle_bug+0x54/0xa0
[  286.508809][   T12]  exc_invalid_op+0x17/0x50
[  286.510030][   T12]  asm_exc_invalid_op+0x1a/0x20
[  286.511313][   T12] RIP: 0010:rcu_note_context_switch+0xc5c/0x1ae0
[  286.513001][   T12] Code: 7a 00 4c 8b 54 24 30 48 8b 44 24 28 8b 4c 24 10 e9 c6 03 00 00 c6 05 4f 9e 84 0e 01 90 48 c7 c7 c0 a4 4e 8b e8 65 2e d9 ff 90 <0f> 0b 90 90 e9 a8 f4 ff ff 38 d0 7f 08 84 c0 0f 85 2b 08 00 00 80
[  286.518073][   T12] RSP: 0018:ffffc900001e74f8 EFLAGS: 00010086
[  286.519682][   T12] RAX: 0000000000000000 RBX: ffff88802b63fcc0 RCX: ffffffff815a16c9
[  286.521758][   T12] RDX: ffff88801ca8c880 RSI: ffffffff815a16d6 RDI: 0000000000000001
[  286.523836][   T12] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  286.525920][   T12] R10: 0000000000000000 R11: 0000000000000003 R12: ffff88801ca8c880
[  286.527981][   T12] R13: ffff88801ca8c880 R14: ffff88801ca8c880 R15: ffff88802b63ed00
[  286.530059][   T12]  ? __warn_printk+0x199/0x350
[  286.531325][   T12]  ? __warn_printk+0x1a6/0x350
[  286.532643][   T12]  ? rcu_note_context_switch+0xc5b/0x1ae0
[  286.534174][   T12]  ? schedule+0xe7/0x350
[  286.535469][   T12]  ? rcu_is_watching+0x12/0xc0
[  286.536933][   T12]  ? schedule+0xe7/0x350
[  286.538068][   T12]  __schedule+0x297/0x5ad0
[  286.539235][   T12]  ? __pfx___lock_acquire+0x10/0x10
[  286.540588][   T12]  ? find_held_lock+0x2d/0x110
[  286.541854][   T12]  ? __pfx___schedule+0x10/0x10
[  286.543123][   T12]  ? schedule+0x298/0x350
[  286.544245][   T12]  ? __pfx_lock_release+0x10/0x10
[  286.545569][   T12]  ? trace_lock_acquire+0x14e/0x1f0
[  286.546935][   T12]  ? lock_acquire+0x2f/0xb0
[  286.548119][   T12]  ? schedule+0x1fd/0x350
[  286.549242][   T12]  schedule+0xe7/0x350
[  286.550397][   T12]  exp_funnel_lock+0x344/0x3b0
[  286.551708][   T12]  ? __pfx_exp_funnel_lock+0x10/0x10
[  286.552996][   T12]  ? __pfx_autoremove_wake_function+0x10/0x10
[  286.554705][   T12]  ? __pfx___might_resched+0x10/0x10
[  286.556098][   T12]  ? lockdep_rcu_suspicious+0x2ee/0x3c0
[  286.557584][   T12]  synchronize_rcu_expedited+0x290/0x450
[  286.559034][   T12]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  286.560636][   T12]  ? dump_stack_lvl+0x1a1/0x1f0
[  286.561919][   T12]  ? dump_stack_lvl+0x1a3/0x1f0
[  286.563193][   T12]  ? add_taint+0x5f/0xd0
[  286.564304][   T12]  ? __pfx___might_resched+0x10/0x10
[  286.565713][   T12]  synchronize_net+0x3e/0x60
[  286.566982][   T12]  dev_deactivate_many+0x2a1/0xb20
[  286.568310][   T12]  dev_deactivate+0xf9/0x1c0
[  286.569537][   T12]  ? __pfx_dev_deactivate+0x10/0x10
[  286.570898][   T12]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  286.572454][   T12]  linkwatch_do_dev+0x11e/0x160
[  286.573760][   T12]  linkwatch_sync_dev+0x181/0x210
[  286.575111][   T12]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  286.576590][   T12]  ethtool_op_get_link+0x1d/0x70
[  286.577899][   T12]  bond_check_dev_link+0x197/0x430
[  286.579246][   T12]  ? __pfx_bond_check_dev_link+0x10/0x10
[  286.580699][   T12]  bond_mii_monitor+0x3c1/0x2d90
[  286.582004][   T12]  ? __pfx_bond_mii_monitor+0x10/0x10
[  286.583395][   T12]  ? rcu_is_watching+0x12/0xc0
[  286.584660][   T12]  ? lock_acquire+0x2f/0xb0
[  286.586104][   T12]  ? process_one_work+0x8bb/0x1b30
[  286.587423][   T12]  process_one_work+0x958/0x1b30
[  286.588698][   T12]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  286.590165][   T12]  ? __pfx_process_one_work+0x10/0x10
[  286.591542][   T12]  ? rcu_is_watching+0x12/0xc0
[  286.592806][   T12]  ? assign_work+0x1a0/0x250
[  286.594024][   T12]  worker_thread+0x6c8/0xf00
[  286.595241][   T12]  ? __pfx_worker_thread+0x10/0x10
[  286.596554][   T12]  kthread+0x2c1/0x3a0
[  286.597649][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  286.599012][   T12]  ? __pfx_kthread+0x10/0x10
[  286.600338][   T12]  ret_from_fork+0x45/0x80
[  286.601526][   T12]  ? __pfx_kthread+0x10/0x10
[  286.602739][   T12]  ret_from_fork_asm+0x1a/0x30
[  286.604000][   T12]  </TASK>
[  286.605404][   T12] Kernel Offset: disabled
[  286.606585][   T12] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:36:39  Registers:
info registers vcpu 0

CPU#0
RAX=000000000103a703 RBX=0000000000000000 RCX=ffffffff8b1a1819 RDX=0000000000000000
RSI=ffffffff8b4cd180 RDI=ffffffff8bb16ec0 RBP=fffffbfff1b52ef8 RSP=ffffffff8da07e20
R8 =0000000000000001 R9 =ffffed1005686fed R10=ffff88802b437f6b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8da977c0 R14=ffffffff901ce210 R15=0000000000000000
RIP=ffffffff8b1a2bff RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7120000 CR3=0000000050d6e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000080000001 RBX=0000000000000001 RCX=1ffffffff3476314 RDX=0000000000000000
RSI=ffffffff81f2d66d RDI=0000000000000001 RBP=ffffc900045cf298 RSP=ffffc900045cf1c8
R8 =ffffc900045cf284 R9 =ffffffff90b8dd8c R10=ffffc900045cf250 R11=000000000000d370
R12=ffffffff81852de0 R13=ffffc900045cf250 R14=0000000000000000 R15=ffff888022552440
RIP=ffffffff816812be RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc105cbdd00 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000056520d116218 CR3=000000004c96e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000009000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=fffffbfff2039c42 RBX=fffffbfff2039c43 RCX=ffffffff81764799 RDX=0000000000000001
RSI=0000000000000008 RDI=ffffffff901ce210 RBP=fffffbfff2039c42 RSP=ffffc90007e17ab0
R8 =0000000000000000 R9 =fffffbfff2039c42 R10=ffffffff901ce217 R11=0000000000000000
R12=ffffffff8ddbad40 R13=0000000000000000 R14=ffff888041093b1c R15=dffffc0000000000
RIP=ffffffff81fbb274 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f713fdb0 CR3=00000000225b6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000009000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000054 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85141f75 RDI=ffffffff9a6672c0 RBP=ffffffff9a667280 RSP=ffffc900001e7410
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000007
R12=0000000000000000 R13=0000000000000054 R14=ffffffff85141f10 R15=0000000000000000
RIP=ffffffff85141f9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffc972b5d88 CR3=0000000063f84000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000