last executing test programs:

12.055761112s ago: executing program 1 (id=2175):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0xa)
r1 = accept4(r0, 0x0, 0x0, 0x0)
write(r1, &(0x7f0000000000)="ea", 0x1)
sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x2}, 0x8)

12.018906617s ago: executing program 1 (id=2176):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000008c0)='page_pool_state_hold\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

11.956783671s ago: executing program 1 (id=2177):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000009c0)}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0xc880)
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r1, 0x80045017, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0xa2465)
ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r2, 0x80104132, &(0x7f0000000000))

11.956642814s ago: executing program 1 (id=2178):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
move_mount(r0, &(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000001c0)='./file0\x00', 0x100)

11.887448193s ago: executing program 1 (id=2179):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1, 0x1, 0x100}}, 0x30)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480008000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

11.679440417s ago: executing program 1 (id=2180):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newtfilter={0x3c, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xd}}, [@filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_DIVISOR={0x8, 0x8, 0xfffffffc}]}}]}, 0x3c}}, 0x0)

11.663411007s ago: executing program 32 (id=2180):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newtfilter={0x3c, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xd}}, [@filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_DIVISOR={0x8, 0x8, 0xfffffffc}]}}]}, 0x3c}}, 0x0)

5.597496455s ago: executing program 2 (id=2243):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0e00000004000000080000000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf55"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r2, r4}, 0x10)
bpf$ITER_CREATE(0x1d, &(0x7f0000000040)={r5, 0x7}, 0x8)

5.56450399s ago: executing program 2 (id=2246):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="186800000006", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x89f1, &(0x7f0000000900)={'ip6gre0\x00', @random="0600002000"})

5.513476176s ago: executing program 2 (id=2248):
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000001980)={{0x12, 0x1, 0x300, 0x3a, 0xcc, 0x73, 0x10, 0x694, 0x1, 0xac0e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x5, 0x8, 0x20, 0xa, [{{0x9, 0x4, 0x16, 0x0, 0x0, 0xa0, 0xf, 0xe7}}]}}]}}, &(0x7f0000001b80)={0x0, 0x0, 0x0, 0x0})
splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0)

2.524632503s ago: executing program 2 (id=2278):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000001000000010000000020000000000000000000081"], 0x0, 0x2a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x4b, 0x1, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)=<r0=>0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f00000001c0)={0x400, 0x280, 0x7eebaadd414f0bd, 0x0, 0x0, 0x0, 0x32, 0x0, {}, {}, {0x0, 0x0, 0xfffffffc}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9})
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a20014006000d00036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x0)
timer_getoverrun(r0)
accept4$netrom(0xffffffffffffffff, &(0x7f0000000280)={{0x3, @bcast}, [@remote, @netrom, @rose, @bcast, @rose, @netrom, @netrom, @bcast]}, &(0x7f0000000300)=0x48, 0x80800)
syz_emit_ethernet(0x5e, &(0x7f0000000340)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x28, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev, @dev}}}}}}, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)

2.298962854s ago: executing program 2 (id=2279):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f00000006c0)=ANY=[@ANYBLOB="b40800000000000073114100000000008510000002000000b7000000000000009500c2000000000095000012000000000e09b9445761db3ed82f7be4b9f1628b9a5c40384cb45e62e827e611f21a01a76f66f616553959b478ad3c46bb20e558783b21dd5307760617deec8b1b75c00853ee69e33ba2c01c28950365dd46fcc9f2ac6d20197fd68292e8445824f49b6fba41a316e13e462e31ca00d2622d56318d78e271d364329e7ae732bf8dade587bb30d67e23f78662621b74aabfd8eaf399893bab50fed33101f5a1085f991877907bd6117db675155932860499977f7384a8d94e810492c284fc7cc784ed942bf11d72897a7896f5f8c957984312e9d39eaa478a3065afd52404cb058b"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r4, 0x0, 0x0}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x10, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000004a0000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000005000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r6, 0x0, 0x0}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@fallback=r3, 0x0, 0x0, 0x401, &(0x7f0000000040)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40)

2.298760356s ago: executing program 2 (id=2280):
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r1 = dup(0xffffffffffffffff)
getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x68, 0x0, &(0x7f0000000040))
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000180)=0x2e45, 0x4)
fsetxattr$security_evm(0xffffffffffffffff, 0x0, &(0x7f0000000140)=@md5={0x1, "45985e2b7e468ae2457c69ff1a6cf530"}, 0x11, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x0, 0xfffffffc})
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r3, 0x0, 0x1, &(0x7f0000000000)=0xcfc37d7ce62f0304, 0x4)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
futex(0x0, 0x5, 0x0, 0x0, 0x0, 0x43000000)
socket(0x0, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r5, &(0x7f0000000200)=""/128, 0x80)
close_range(r4, 0xffffffffffffffff, 0x0)
migrate_pages(r0, 0x8, 0x0, 0x0)
syz_emit_vhci(0x0, 0xa)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, 0x0, 0x0)

1.965183659s ago: executing program 4 (id=2284):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x6, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r3, 0xc0cc5640, 0x0)

1.766911735s ago: executing program 0 (id=2287):
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000040)=0x1b3a, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
sendto$inet(r1, &(0x7f0000000080)='m', 0x1, 0x0, 0x0, 0x0)
r2 = eventfd(0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000540)='net/snmp6\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

1.627922299s ago: executing program 0 (id=2288):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d640500"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
socket$xdp(0x2c, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000800150000000000050016"], 0x4c}, 0x1, 0x0, 0x0, 0x200400a0}, 0x0)

1.532059823s ago: executing program 3 (id=2290):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmsg$inet(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000140)="bb", 0x1}], 0x1}, 0x4040004)
shutdown(r1, 0x1)
socket$igmp(0x2, 0x3, 0x2)

1.444543711s ago: executing program 0 (id=2291):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000004580)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000200)={<r1=>0xffffffffffffffff}, 0x2, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000140)={0x13, 0x10, 0xfa00, {&(0x7f0000000400), r1, 0xa000000}}, 0x18)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f00000002c0))
chdir(&(0x7f00000000c0)='./bus\x00')
mount$9p_xen(&(0x7f0000000100), &(0x7f0000000140)='./bus\x00', &(0x7f0000000180), 0x20001, &(0x7f00000001c0)={'trans=xen,', {[{@version_L}, {@access_user}, {@cache_loose}, {@posixacl}], [{@pcr={'pcr', 0x3d, 0x22}}]}})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000001c0)=ANY=[], 0x118)

1.386900105s ago: executing program 0 (id=2292):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000000)={0x0, 0xfff7fffc, 0x0, 0xffffffff, 0x0, "fb00"})
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba0700000000ebffffff0000f77fff00"})
r2 = syz_open_pts(r1, 0x0)
ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x2, 0x0, "1f00000800"})
r3 = dup3(r2, r1, 0x0)
read$rfkill(r3, &(0x7f00000002c0), 0x8)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180))
ioctl$TUNSETQUEUE(r0, 0x400454d9, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

1.386626735s ago: executing program 3 (id=2293):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000500)=&(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000740)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000580)=""/99, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000ac0))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000)
syz_clone(0x1000080, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

1.308239101s ago: executing program 3 (id=2294):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x76, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r2}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400})

1.101623824s ago: executing program 3 (id=2295):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r0, 0x0, 0x18, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000880)={{{@in6=@mcast1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@loopback}, 0x0, @in=@loopback}}, &(0x7f0000000340)=0xe4)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000c40)="09955a97e1846dfc26f714b0bdf98a3c0fd30de375f3bb5c7e293f60c954e06e2ecf6558b86f946a6a2cf3d5e19591f88eae576761f50c6bbbf2089aac1b3b76599c7ac5e0182e0d4e6689b2cf86f66d0c984a01fdccdbdf061a46803fac34508c56f66e45b4ebadea4300ef6c08e8b492d4d9efc0dccc14b2e1c0dd6fadd3793b492512af5983b50b0a86dd299ff2cc37d12c7ae1451186a1d0d01f85a435f7577a5bb27682dba5b2a623048d32dfe8c81c6e22bf6bbeba35eb482699d3253321aebef36a699bb47da5408815b9302f318a947d012c345fa08ddda691e41694863c73510424a1afe744f088ddd3dfaf45ec5ce52ecb98f6af1dfac47edf16e5ff82450f5aca62703713b77e178db97c8a76a48830961211cef5a1738777e3e35d564290c4b83405c6c20fad003c2efb3d99deadca41504425a76fcc93c6ac38dad5cf9101a40fa0ada6236e82bf8a93a1bf04b9a489872ddf25d5e7cfd78c84f24a12fd5b2296aab2d25253cc39e1b90a3b40cc7ff2294260468fa2c9a6c25fd97287d86bf353ac221c8a374b02abea552896380ed6adc3b47f171e1a644453771ec3e0c72c1aa71c6abe80f455663d950b708371a0e1703c11abaa582a2869a5ec4a9b1e7af5097730ffb1d9fc814342125a184b93ff270903805beff7bf403a3b437c0558d4cbc8d74ff96ec726dd47eff2d4132c823252798d11ae06dc19062484e50157cdb772d7393d44d1085237d3726004d36bb82cfae98b251bc51482f43be07b79b1254b97664183a4d75dddcb0a1fc4c6d95b1a7ef3f7ad17cdb2a8ee08efcc0fa6e987425eb8ac3dc0bcaf731f3b653c18adafa05b6ed8110b9429fc56e53e1186ad24f4d692e159149c58002e88f1167f14d3f2321ba8aca810896f93f93b135d946e541c71385b9e500d30d9e9ce775f0e9f2ab7375387790487d0ed77503de3fb293e32e7a510d150ecc220c0ada30b20c162eafd2d29a5f3938c7ab5375d4dcbb33c0117b340debb3e7edb0a78eb8fa7eb380e6f5fac76bd8d68250a72cf490b3290e1aafbe1c4f71267b525c216de759c99f7d49ea4bf7d57a2a16856efd234d9767e1b448defa43675474351c01103a3bafdd2116a052a00f6c6dcca9f87e85e6c82fe44554bf69e17723c0db0d852b3293ef7269a385e99511c0f446575c0a00b07d0cb8dc6139e05d336bb650655068207dd97c222c03ff4827906c7ac4fc0671f72fb918e960bcd84877b502355a2c6675d0ac43c71f29a90f240261b46d6e3a03357d6a7e6a9681d5d3a8c58823bde20af37e4947926ddc2db8ddd180cb4c39939f6de1a1ac48b899101d86ac321fe2501be3295c39bffc07be3434dbef213b5b7370fe2af2ed358faa8619fae1243decbbe75a0b82dc65747fecb97b2c475705a720a97cbe523a033e02092fd8a49affb0e3f353c15d5487c51dcbefadf5b1aeb2904e15589c8251309385f0e468420d7456df69491811166be46ca8933a36cd7cf92ae473c5b0f1270c9c791ecdec871f604958531e2947794e27ba12a0222adbf4c787f4d8c25303cc698c83a2e1cb5d6a7a7cd3823ebd58d881c782c40bf4caea0155a94b155874d727fd94aa9f2448ec0a6118a47ae00002d766fec0808eb01e1211a3dfdba55b8198236c4c9da4e4a248950d4b258ea6de075e0c59a96ccedf7a043ec46192718a58ac8ac0f31714b017343171a70c8a288858fb8f791065bd2ceedc3c987b192625821b1252e5d63e01f6b1fc2cd930e05f50e022eb416275dc6aee807af25bf5dda37dd7cacc4e1eb0f1e9cd39bf170c41bbb3bbc31540cdf9021ff3696f6205dfc7f5dca594714cff875e1037d5d705704134a479cd418242835136d8b89514eeeb5c24212cb8445503bb0626581e1b9d4f921cd89c353bafba7ece707568e7357183a21d7c1517fcad022eef47c1f0efa713eb9496042c64cde427f673c969f8bc0332913d0b6b3cb16515b8e1f27d45bdd46cca7379ad9b74528fd83bbb0d97f2a982b002f863940bb6c590dffbb2eda2241cb9aa6db10372756a8e9135073367c62cd772e8f0fb7df386fc01fefc5f54b2fcc822d03d9977e119ba2eb19c6dd285620549bca9844c18854bcc7d8aea82f04515886330bc6c9d33d1f0820668831ec22deebfabbd6ed8babe33d03d8698efa76b5a2a2fc06d3a926649cc9db883dba61beef86a1a32c20c0b17a396d1cef9312819156f77e274939fd25bf1005175629135a49b8dd55fb6ab48955e901b32b329c84d61b11355e519545a174b75f43d1c9970288f7117d356459334c6e3773540d01c533d453984802fdb47e1d40f55e908fcd395add5f54e526836029bf63a001e36364fb0871606dfee9ef6647bc0e3e9d3b2f5ee927bd74189e2c7aaa2cbbd8c07cfeb88d47928a4ac553f615505e81704e83dd6f4b417d779c6dec62bd221926cfa56a4b918df70d926f9e3ff4221110eea9ea22c6bf9ca2188f35ca315f0c567decb281bf43a975e15ae56df9df9fa2aabd5b9b7c2b278de896464dcb83efcbe39bfec333a4d2fbe38ea0169e2ce800a416401dee1aee07244f6b40344b6719c2558f67f5a77243dc928fcd14c270e57176639de916cd0c2bb51e08460b403ab71067c55dab9074e72f20de2fd8f67e70e63aae08f943060abd30f31c7425d67793a9f647132b84b72fcccb02cd9b22d0bea8b55716a57354b99267889133a8b4f66f6e4aebde36747216eb01756b8528b3a0ab6ad6e24fb7bee9881545d1925836d74bd02f13038cf644b4cc047c2a3f46cfda7c3c0ea958c0c435ce9abfc3379a6120efb27e1417282d208cd0f2d0d99abbbca61fad1ee2ed4ce50c9c59abeaa5ee131f4a7b4c7c98b9cef5328e928fbda81edbcc4265a3bc7c273993857bb3e2e5b143653f78011f12a91b42b17fdb9a7b3732f3c4c2c0d8d9d0e22159ecda3c9451b9910507cd0278c26089e632b1071618bbb26f4af285c1931e6c48a4f0383f36db091eee72b3e60b2a25f73af68dfdf27140e8944c50be1b55e57a987a77b9e4d46d960ce292fbea54da64ac771abfcab6f98e65f2d31e60de845ef2194ee5f2ef553c65835ad0e9919ceb7c61914c6ad9ff7533207626421d9efa41a03ae9fffcff1c84c36f1d2c59dfddd41a4f48548134894750fb2db809d905425d149a67227e3ac3287601ba935e298dfd9178c175d5d9027440e790c08db35635d5a22d1c141e970d483509f34b3a95db498e16d094621978f642e689cef30b91484aefb0651608b89ad2cd85ba04d3fe905230f3c1dddbe5ee81cfcb3468802446e60cc4290156315f18cef2f4324895c45e5a1155341e9703cda9216cdf631e6489d55c652751a4d7f2ba72be0ef3614cd3bb6203960784b901b18e1af0dad6f5513197443bcb22ed665c473ee61faeba94a8fec274bb5c4dd32f36bbf427010781b471293d6af781a132224f6acf687ceccf08bd61671aa26216f4d1d7a38cc857a91669735c624055551a131c6a27dae8f2f840062742f3623aa17fb55467c4468f68acb941761dc73085a5fcd50106caf17ec8f28f7cbadd8a4bc707dd836c00c3ac530b4e748b2ce9062b12dc0ad5810c03ff63d655f6d04a4fc5dd93ccb2955f46e498ef0fbdab0eea06f832526023c62cbf0f6fc97dcfa068457e3b6e60b142e371d5f403120e0da0bd05421ae0028d2c7248e3447e44246b4ca01ced84d77ea48ca2b0b650d2c2dcb0fe6e21c78365a19fcacb0d21fe2b4df739c1d646fd1621a27b972696621cf43f99cc75512c84255c06fca4fcbd497da12ac05b430c4e3904ca42bdd40f33b91deda62e18203d67e1732ff0b814c09f6bf35a08a8b3c7d827abd31b00ad8d3beb0ccd318abbc8e9fffdc0ac205cab3b95ac96e1e1bebd608f4ce8ba3ddeb614052c2d6e268ffd88f611ab14957da5b5e4971523e7f8b946ba2d75e94ca36f263743686fd0d7d9c221862cc49acd4987006db317f3d47e0b20832745732329292c99f8e314071693d02be8ea3d76b4e8ef495646ecc74645668237e5ca3763ff91d27ccde6212717bc734a35eba3ce9b54133a18bc0d1fa14a09562b79873870a6e17b657c9ba81207a61ba6f8365b90cfbb90b76bb734cbb8a78365dfee84e652cb38522877f1d8fe7d6085a8662d515dc0be135c5ef1ad26b3375bbccbb03eb0eac085b99e1da46d2261468a7e31a098810c0ab7ed7ca28e321706e273867eae5e55a7db6416ca6e2e2f8d1db23ba72cc6e2c282bb530c25cb20ad137da4e921b45b51768abd7fd54aa9358d6d1471092c2d34f0db0026c561082cb6c89ff41fb4009210b60177a72248174c629740fedad031c679ed42367de96c19f0e75da36b958d00e6cdbe1247c61aa7adc4a8df8000bd29a36fc24c11a205b16efb59e4c54a5d10de460f37f5fef1c355822a066f56e8cda9cd7a230ae8d661d4aafaad311d0f99c8111e05215e4dfcc4d6fd4d39ad2efadbe28caaf7b6d95207216289020df0da32e3f3da277100358056c9658d3998046b5a62adf2817394b607eb56a0da9f16e98b63f60af7b5a0e137fcdeccd7455d3743aa461ed8b1184d5be19f07a2d48e1d8f1b6d594038050ec17eb770349ca4f285b9460655c6ef39a77b41f93c34ef06e0af12216f1d6b5cfb4614e20f9f5dc4c4c14a18087e45c126325faf5b45542d42e299f551c14176680ae87abca946d88e28227b3e48c4d99e834dcc0b5bec8e62ed40f7290ac9c42c7d0a3a4d774cbd465c0bfa0203f95dc2cad50cee274c262c66d4f82637825723e0f1f9e83156ca24003dacdf4a95327bb96e6fdf26c0a66cef014fcf83a3aa5cab68604811e418d431a22c66d27025ee0297461cc135116eb2b793e2f34f06ef11abdf49fab821774975110d3b37997fe89ce15a20b92b8217d6f8276c1763515bff90b997ac358bd66d4c35713dd952dddd5a3254e1054a4b5062c4d1e874de2a9d2fbe0d8bc2e847c3f0bf202789f5134aefc35d1396ca8337a78cfd2d1d8a043b000c9893e0b407634a7d2ce81b9aab30d567c93e7b6932e4ab5e93fd7662beb36cba1333d1d0d114b1fb3335c8f416693d21980d5da3fd5752095bfb0081ca4a308f8d173f9a87b861a43d876dae4d31658cc3010a3d1ba7b42f8f710ecfcbf60241df034d4df2c7dd25dc00224c4394f28cf9e75741cc2385c42bad2d737a943fa0a5a0aee9a36ceabce8748b080017fdee48f8b1d6e67968470e7f35cecd8397034665a5d4bbc3599993614b60d3d6f53c5ad8fe30af3f7402d090bac48658f2c927c987a6a522bfce8941c15dfe8c1da0535fbd5491f7cc9a313514d6a0178b892c2fc391f542063b17d80ad6672caa1f99406eb5c26f34f1f5a17e525aa08488c7c86ef87876b81b20b33508e1a5169f22821e44aa115bff1e0e1f177978081ac5018125b050bd5d77e0585801c655404830c2ec3e2a55ea0042f646ac869edac68a9216e904ac19f894a27bc3c386647e94f7efada9277e0f9983b3c22f4105e988c6cb8733b033755197402f7b5248950c452fe6e7189f6652682d34be509bd2d17680644861cd89054cb0c0469f9b8d33039b2a9a96f485ada008123b64753b063e0ee2e07b6c406c41ffa3da72bf506d910ba8b4e9911beb852b52cdbf279224fdff6d5c1ebf97020c7433f637198ace3676a7f4f14271349d6dc65fd52e846b34eff6bd5e9e0a5723176de6344dbf3e9e76498925fa8b1ec81b824675a5d8bbb7b82bd37c70298e2067ee3bfba441f34b85cf719e253284049107715ead4b580ef4b1f747cc3df760fdf5d4aa5cfcca4bcd7612158e46ebbf82f5318563cb0b1809b02fea761289370a919c4afbed5c55164d9090a946151fa7b7c3d01ef85e48ff52f72654672a342fe397970a4365f1f8af33924330ebb356f39b35657b67dc164498e24cd42e477f9672e0e8a9307474d7b651bdc9898616fbf0d52db2cdce8b538b3fd37cf25bee3a78c7287745445ab697100bdd4e3b0df6a61b51c29dba83d285d9c5913e37c9bf455ab80fea66c922f220496cc47687087297dcb938b7d9e291b0dab7fd3c9e84c44e1e2636421b685f056c1d4026f19a05ea7ab264125a3aa322b95cd77f9cf17882d07dd6eb66f7a0d64c01e352a7c0e105236ec89af0a88e3f2767f4e2031d2412b10c09ac9feb7d91790251ce0014815dd78bbf5c41107d4e2c6750c226afa0511ea33ac0da78e420df1790dc92ab152412c45b55ce8d05acb15c7b1e014dcd63f2a116a2f310aef744628742aea7ebb25d0bc58aa1486d9109248843b41d48dc7e963e541b419982e38ecb75f305344ca7733b465e7883cf4a526c054ada815554c1aabc7b347b0a4e6dffa61e1d7b7db0b13d11cb8d66ca855c758e6b8848efb15d07cda16aeb244018fa6b6c8810e12d89856aca1284c0a94eb97536cda80e2410bdd4e1737986358857064fd9e8398925654424fce4cb45d85f3fcacb0cc53be74470ba0e23343da4e202d169b19f15f57ad559c3155f6e4f0d57859df7fa8ff1a43f41e49ad1b15b0461a863f353961c41f8a35c4a1b9cd126683ce748ce1c152936a6ca3578da4a306c456c254529d95bf2ecaef555496e37f8cacda6b965050fe1253f2b2bdf35610c2573ab7aaf4aaf0b54ea587a343cc38538825147ae27579201b45efbd7f4e30b39e5a2aba889ae48044a2b10946dc6d5078f50303a04c85293ef092c16607113bd0eaaa04db30aa90f735bd07179a12f89b5b585c115a335c1ff1fa9fa710fcb8207beae6b183a1e12394d37f96e5f7902df68f88a5dfef9418163418a33d5cf7027a3d6c0f1de48286cb24c0228e34540c7a011b0ce69bffabb0cf0a994146c3670e65e87d9a2c84240e7e9c67cdbabc217c469afff5b44f84be35fcc33c59560f834d4b4c8a97e21d3957488ae98a3e56cb1127acd5f5c610262b639dcf7170242d2c3818127847049eceed4b1c9cc5ebdeff5c3ffc5c2e98c8441562cc1dfb8abd2c9282ea0ff89b37e5392d317642a4a855d87b8f74ef7d17cd17d860ac499b9e028d36e8499a27f038a6328b709bad936c04fe24a89c0e96a0b27254958801cb462f5955997df999bbb89927e73608a719d416456fdbabd6aa033f9bc50d67568129186a0457e2e9029ce83b5c4e9cbe33c44a96c5560acbc31c6c4e4537f362c0f6bc6a35c72c550ae93f63920aaf27cf8986aae5a7ca47701b902ce0263bb4551c2ede0344d6185924c1e2380f47e6097bc8fa643332e652702c0e74833d2f8f1f3346a26567d0c8dae85a8fb62090659e5719d8af29a5acbfce0b4e77ccea63a37df11835846cea78f981cc1e30f070dabc6f1e292947e2a92b7b39b360f5d05ea3dd51e85ffebf2906484477cb0a662bbcc6de1e423852faf9735c0c71e9d1c7ac8b19aab41ed18a2a3ee47ace287fd3dfda42b63d8f8ddd59395fc76e01e609aaad43738b63eb3795f1d142626d61a6804777ed60ac57af1ea9ea4e60c0520e8f070aae812389fdcf77ef4d227bd163ae819a2f9dc2a671eb18eeeaa8b778cc6f3f1709f8bbc519e8d99ebe3cf6766133418374b7bf2670e0509f62e5592caaba214bdcdd774e97b5b3158b8194006666523a1346d0b80045ceaa587b22ccbaff6aeb87d81655e96623ae9279cca834ef12eaba7babe96c08455192206dfc74ac3b9c5f7a5e75df3e026f4af1cdf5609a09f0c3e6536773ca4055232ca6d8ee64d8f34227a7d44a66e6376b3fa790c044682ce6a685eb82656f9e53fb1845b2b644b8fb57a980ede473a1b2d783018e9d925129d0df826f59abbf1897ea6097e6581147450c6cd8e9f60f3ba66d5e1605f6cbdc3bdf795e03a3ed6bff9f0fe4808040132555e574e094fc9ee6b698cd9df3f677c64e4b525e7bb18adb34f9084bf81bc22fc668d90d5bb49c7e14bc66e117db2590a97e376e8e6190897315cfc6dcbf7d0e7377bf98c786a819ff3d42f01a0cf7b3777a7e237ab07ce202cd18d07aaa1cfc496d903b921d3706bef71751c4c0e643ab22c237bb5b92054ab3649f14ea071f868528cfaa4ff0c9ffe7732f81e36696ea6a05fc2e28aaff46da244e9d5ec6ec4f883965f24f9d09362291d8d91c26288a180058eb79748abeb6c416f6cd84b77f50d3dce525cee460a69ccc8ef3d2a0f4594ef932eb6ead3b367f7fa5c7e596bb587bf115b9f01908b51d06f4713a9f27a5984423b9603186bc01f357ef1bcafb088f96581bb86665baccbb6e9e924b7850dee84c916e78c87e3558a79eaa9697c8659142e67fb35b08d8e29eae5941ada3c2125d23129e641e6704348b56898be104294fc0c40deb1996173eca2029561286697305f7686c0dbc59fac88e1b3d7549e602b7e2f8b3667baa6aaa47ef92cb48a92a7cb5ee7f7b665678cec99208b51b9bc66988888babf6a61299a1c635f765796f1d2559f69aa1946b6eb0ede5721fc911a9aa3f0fbd407688b09597944fce08005acacfd5f1220cb450f44c8e738e23f78df33132f395e6f1b14930a0db69192e87463cd0e552d868de6e2116c38751587ded3c92abc0797079be490e3f12bc4638e696e1e729e5fa4698d273721c8e7b8ee907c257006a104e85a1b67d6def24ac16c0bc1861116469f63bcc66355299ff68f18a470bc7b9d16f8a19071201406b7e6a13f2ff20f3e5f355be768db81188d97ffc8a146dd000c72602d9f4b806bbc0531ddfaa166741ef760edb031b5611fcae01399ba040728ecc669fc3b5a78d9317f1cbb263b62cca1e587bc8a45db6fadaaae66c7e21ae6f73004023a9fd66f2fbae5b72c3659f98153df5803d0017272487399acba15322386863a59a799e8bacfc188dcb2095acdf05248b5015476179c6fd42e6ddaaa49f7f40ab397f99933df49782bac108c0cfb5c9ab13592f4146245404e4bbdf75588b2ccfa579f37d2416b6ea6dd83755fdc137a5150be3421cb983cff2f2206f22fa73cb07f7e009a7ce866df737a4f5f5028a5a4304f390877758e4f005371afa851b5f784e089c9437f9c6b19f9f682ae2850837cb4074772f20f9e3922e751b0b46caa16171ba502bfe7d7c4cebdbc23e82704cc3bf12261dea9b18b5099d67d6edc34fbcc49ab52c3682334efb091694cc3116ac2730fe20caae41121f6e77b21a8e15d760555ee901ea91098837fb541469737ac174de153472b19d85b8fe37b45f0342f77f9322338385842f7e6fada249a8526c974f1367b2e86568854f9a5dcdb5dcdb35e0f52d43cbb5a73cbd548adc61a308121ed9fb4da54472cef6c72b331a208e7937e0c5f870537cbd5adaaae5e15f24328cd1573d731e6ddeea4d8f3fb57fc6b3281ddb908453f66ced967897c285eb214c9b547d6fa870e596d06b9378da5b20716cca215dce736831ce1c7ca7e62b353f300873373b4dd86669f5415e60b1d7666e4916e43a3b00e89d27c546305a898ca72c689dbad28d824f9c7194f8ea8fde4e8efbff72bb4569ce1c305d4f15c6150c380e4c04be85122db6dd81722a8154e11ffb922705651cfe3fd2afaea0e041d90d7fcaa1c0be3ad548cc702f3b1482bdbf5ada037d0bb7d93adfb5253fa580cccde3d40802fbd4ff7167f135e574890ad5db79153f86ddcb62f22b7cc7b5d0c751ab656a151a4cfd7834d9c895f3c07a5cbea334ec880cfc5768432147b2f0717b8199d375a515be70456f8fdad12ea56f125e08cb4cd40ed8df54fce1407a1550b26e2f0885dc2e31b2175c291915d42e1f4e786940ab508b8efc981ba144c561beed2d33dbf35e8dc1e6ab634f4bf62a664b6e913b99ae0f1a5d31b2de90ea3e4c1904996dfb5c582fcd3649f2481315239042a0d7801c99ef768889620727237f01369da5da852d847e65dbb9fe1ec2f99ddb7ce967a725eea8c1e691b075eb039dc09c207063b8e1442169010c305679cca67d92eccd4595902f4161227d48c80fe390e4d2a59c7a8c79bff4c1b75ef122df011980a12088141876e3a553b916ed8873b738e85978d99bc2269ee2b1f2a4fd92107e6166fbaf9b3d741904ed0e5c28edeacfc14b5abb3aa0eae52404f105b951d552c8082897cc1729f496585787c69e1ae721dc8ebc3022c235a7691c68056bb5da670a93551f7e47f30111c363b1476007c69395af8b0153820abde20269da9ea69e447f111adde020a3339d84b94d7b8928edc49a23f4eaec6c7ab2a00f7186f473f42ab5a857869dac8084cc012847b7fba002b9d1b8faced158713d749ecf63e6f1c57a999b1af9f691fa24dbb3e3436cf8745f6a994d00098ccf3dc8d184bd9828ff219eaae5b83898f4349f340fd2793eea8e7abf1fafa169484acb290aa2eed5f9b9a23fd4f0f9b59b05d1542347478ea20a3ea9dbc4b55f5b4df2fd90a578baf9278a7c03ffac527c9475abcce5b73dd71aeabfc021c85fb701c934a5b3fa90f08fead021a7a307d90918b526d4c42ff96e8d409034ca71d16cc74d6bd64a23f80b73e603999742de768d2fb8b3529be46bfb133eb24fcfc4f84049445c5f3ed6b6f73e01c4fd9c57b5780ef04d26e3b3fefbec0c859fc591a64ff6118a620842b17b646ef04d2ee8e1a8854da526260b76eeb17d6abbbbcefd3541c3a8337aacaad572fdc03080359e7140922de1a8e870dde8e711246cdd68b6175d81527745b612392a373e4595d3c726dce115c7e6256b90e2f8cd5c2936e576c41c6c68b57317ecb636c3206a7ed860f39fd063445f955c3df3c3e3537682babbda6d263763e0d06a41afc8ed2bea137df46e6a0f1a808b883456261f231208888a2b5ccdf66c4bd23d6a806faaa2ae174b50751d7a4fef91d906943ab80a3245d7f55c3411e560e5f3ede15f69e07e86442fc2fd93cd9a84e65b99f7cc189d9e1a1a4e4b7fa96f2c339f5e1bede62b0905a7b9ea0157d21335c9fea211074d61b8554f7b700615e092ede74d68345add3366e0b472e44daa16695996ee5d5e6fb4bfc98b2ae526b48e8c7f1f8034a5599a3bc92a27bc38f5088e12829f791ff7307260c9f34ece098a54c1e196a631a0767f171169aafd2596a1f0e595455e2b40d5308d9e8ce23e8f8942283a6f2d2ecfcc7f12872c12ab978f445def1da7c4ea8195edddfab0562485ce182f2a660e28c2e185920d3dd063de7ef6b5fd6ed1162d5d8b9dc57643c0dd4a5abe6711eb01c905eb48b57bfb83a6a2db2ac3bd50f6214a3ecfba14e09b9ea1aa0c0c3d798d66a76662cbb135ab43492f52677123ff0f28ea780fc19a2148d82e6d77e5835547e169262f7980f483565fe5229bef03a6a839d4e18979b64da2f7bac63e1235e84ebe08b0a64aab04cf4414a5a03127676efc2858e7e7415937d0241e0611b2509425764e23d8f44e41776fc98901b8d902801155be0df294d5c80aae795d1e14265fb5ef4b53a94fe678218cc7bc027eb1d89cde19fd62b59ae28e2a92f34176e0b76c5ffa5cea4b484f6d8c32c5623a6929f7fa19d2ec17c4d2df2fafc5b6837a16bbb6d1d17a816326ce4677f750a0189797db37651eb96442cdecca4ff", 0x2000, &(0x7f0000003000)={&(0x7f0000000500)={0x50, 0x0, 0x1, {0x7, 0x29, 0xffff, 0x20802, 0x6, 0xd, 0x91, 0x1}}, &(0x7f0000000580)={0x18, 0xfffffffffffffff5, 0x10, {0xd}}, &(0x7f00000005c0)={0x18, 0x0, 0x2, {0x2}}, &(0x7f0000000600)={0x18, 0xffffffffffffffd1, 0x1, {0x7}}, &(0x7f0000000680)={0x18, 0x0, 0x3, {0x10000}}, &(0x7f00000006c0)={0x28, 0xfffffffffffffffe, 0x14000000000, {{0x6, 0x52935b30, 0x1}}}, &(0x7f0000000780)={0x60, 0x0, 0x7, {{0x9, 0x0, 0x8000, 0xffffffff, 0x1, 0x9, 0x6, 0x3}}}, &(0x7f0000000700)={0x18, 0xffffffffffffffda, 0x4, {0x6}}, &(0x7f0000000800)={0x13, 0x0, 0x9, {'9p\x00'}}, &(0x7f0000000840)={0x20, 0x0, 0x8001, {0x0, 0x2}}, &(0x7f00000009c0)={0x78, 0x0, 0x1, {0x3, 0x2, 0x0, {0x4, 0x0, 0x8, 0x3, 0x1000, 0x3, 0x7, 0xfffffff6, 0x1, 0x4000, 0x81, 0x0, 0x0, 0x81, 0x2}}}, &(0x7f0000000a40)={0x90, 0x0, 0x0, {0x6, 0x1, 0x6, 0x4, 0xfff, 0x0, {0x4, 0x1, 0x97a, 0x42e, 0x4, 0x904, 0x3, 0x8, 0xfffffff2, 0x4000, 0x12, 0x0, 0x0, 0x0, 0xffffff7f}}}, &(0x7f0000000b00)={0x50, 0xfffffffffffffffe, 0x3, [{0x1, 0x7ff, 0x3, 0x2, '#! '}, {0x1, 0x1ff, 0x1, 0xffffffff, '\x00'}]}, &(0x7f0000002d00)={0x10, 0x0, 0x5}, &(0x7f0000002f00)={0xa0, 0x0, 0x0, {{0x3, 0x3, 0x0, 0x7, 0x0, 0xc0, {0x4, 0x9a, 0xf5, 0x1, 0x1, 0x0, 0x3, 0x8, 0x3, 0x4000, 0xa8, r3, 0xffffffffffffffff, 0x5, 0xa6b}}, {0x0, 0xa}}}, &(0x7f0000002fc0)={0x20, 0x0, 0x8, {0x7, 0x0, 0x1, 0x5}}})
set_mempolicy(0x4005, &(0x7f0000000080)=0x41, 0xb)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000112000/0xc00000)=nil, 0xc00000, 0xb)
setsockopt$inet_int(r0, 0x0, 0x4, 0x0, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x8, [@decl_tag={0xb, 0x0, 0x0, 0x11, 0x5, 0x2}]}, {0x0, [0x61, 0x2e, 0x0, 0x30, 0x5f, 0x30]}}, &(0x7f00000002c0)=""/16, 0x30, 0x10, 0x1, 0x2, 0x10000, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{}, {}, {0x85, 0x0, 0x0, 0x39}}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
chdir(0x0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)

1.023566559s ago: executing program 4 (id=2296):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000300)=0x208)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000001001811"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000002c0)={'vxcan1\x00', <r1=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000012c0)=@newtfilter={0x36c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x33c, 0x2, [@TCA_BASIC_ACT={0x338, 0x3, [@m_gact={0x6c, 0x1, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xfffffff8, 0x100, 0x0, 0x800, 0x9}}, @TCA_GACT_PARMS={0x18, 0x2, {0x9, 0x3, 0x0, 0x4, 0x7ff}}, @TCA_GACT_PROB={0xc, 0x3, {0x3, 0x1298, 0xffffffffffffffff}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_skbmod={0x30, 0x10, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_ctinfo={0x54, 0x16, 0x0, 0x0, {{0xb}, {0x14, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x7fff}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0x9}]}, {0x15, 0x6, "abd3bf99b5c24731f64b826c70bd8a4eb2"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_mpls={0x5c, 0xb, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8, 0x5, 0x3ac1d}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0xb, 0x3, 0x5, 0xf}, 0x1}}, @TCA_MPLS_TC={0x5, 0x6, 0x5}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x3}}}}, @m_csum={0xe4, 0x15, 0x0, 0x0, {{0x9}, {0xac, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x81, 0xfffffff7, 0x6, 0x1, 0x10}, 0x11}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x8001, 0x8, 0x3, 0x7}, 0x46}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xf, 0x7fffffff, 0x2, 0x0, 0x4}, 0x5f}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7fff, 0x3, 0x0, 0xffdfffff, 0x2}, 0x39}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x5, 0x0, 0x5, 0x1ff, 0x3ff}, 0x52}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x6, 0x6, 0x5, 0x4, 0x5}, 0x2d}}]}, {0xf, 0x6, "663482aeaebf50dd65dcf7"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_mirred={0x104, 0x7, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0xff, 0x5, 0x8, 0x10, 0x7fff}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x8, 0x8, 0x9, 0xa8bf}, 0x1, r1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x904, 0x7, 0x5, 0x8, 0x5}, 0x1}}]}, {0x76, 0x6, "6787468d882a396a20975c206bd323eb1422081c0bff46fadb21a168713cc635017046da7b082a15dbbbe0120b5bcd5dbc076ea8633346256d6e56402b3f54b7ade0eb5ccb6ef5ee15ee446b537e53a5d6e7c0d88f67f85703cb39aac1bd9361a828607e42cc4a8baa0d187266dc5b5574fa"}, {0xc, 0x7, {0x69323b8289056c4, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0x36c}}, 0x0)

1.023195482s ago: executing program 4 (id=2297):
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000380), 0x4)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
syz_open_procfs(0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0x1}, "02"}}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
r2 = io_uring_setup(0xaa2, &(0x7f0000000440)={0x0, 0x6b7e, 0x0, 0x3})
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000740)={0x0}, 0x1)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

935.875626ms ago: executing program 4 (id=2298):
write$RDMA_USER_CM_CMD_NOTIFY(0xffffffffffffffff, &(0x7f0000000340)={0xf, 0x8}, 0x10)
openat$dlm_control(0xffffffffffffff9c, 0x0, 0x18000, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
connect$pppoe(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0xfce1)

875.431697ms ago: executing program 4 (id=2299):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
bind$l2tp6(0xffffffffffffffff, &(0x7f0000000380)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b33090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f3b0009090890e0878f0e1ac6e7049b336d959b6c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074b0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)

413.015067ms ago: executing program 0 (id=2300):
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0xa, 0x300)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000140))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x19e6}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x205})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

237.154319ms ago: executing program 0 (id=2301):
r0 = socket(0x10, 0x3, 0x0)
setitimer(0x1, &(0x7f0000000580)={{}, {0x0, 0xea60}}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001200010a001800000000000080"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
setitimer(0x2, &(0x7f0000000200)={{}, {0x0, 0x2710}}, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000000180), 0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r4, 0x4048aec9, &(0x7f0000000740)={0x2, 0x0, @ioapic={0x0, 0x4, 0x0, 0x0, 0x0, [{0xff}, {}, {}, {0x0, 0x0, 0x2}, {0x2}, {0x0, 0x0, 0x0, '\x00', 0x4}, {0x0, 0x0, 0x0, '\x00', 0xf3}, {0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x0, 0xfc}, {}, {0x0, 0x3}, {}, {}, {0x0, 0x8}, {0x0, 0x0, 0x10}, {0x9}, {0x0, 0x4, 0x0, '\x00', 0x5}, {0x0, 0x0, 0xfc}]}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10)
setsockopt$MRT_DONE(r1, 0x0, 0xc9, 0x0, 0x0)

236.841955ms ago: executing program 3 (id=2302):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095be9c28dabeeb3a99e13a8ea59b02c9ff220c4523afd106ff25ed6a449c4b1ab907b31b93693127d24b3e9dea86da89bd136d90afceec80e253f7f24b22ea2587c1e9952f195e1f66828fd8e30d82554b2dcf3ec253e8e525585f"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r0}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001400)
syz_clone(0x4eb82100, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x8004745a, 0x2000000c)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_subtree(r2, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000040)={[{0x2b, 'cpu'}, {0x2d, 'pids'}]}, 0xb)
socket$inet_tcp(0x2, 0x1, 0x0)
write$cgroup_subtree(r3, &(0x7f00000000c0)={[{0x2b, 'cpuset'}]}, 0x8)

11.203541ms ago: executing program 4 (id=2303):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xe)
shutdown(r0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(r0, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0)

0s ago: executing program 3 (id=2304):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$netlink(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYBLOB="0000000000008000"], 0x50}}, 0x4000000)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
sendto$packet(r1, 0x0, 0x0, 0x8080, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r3, @ANYBLOB="01000000000000000000010000000c0005006c000000000000000c0002000000000000000000040007800c000800000000000000000008000100000000004400078008000100", @ANYRES32, @ANYBLOB="38000100", @ANYRES32=r4, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB="08000100", @ANYBLOB="06"], 0x90}}, 0x0)

kernel console output (not intermixed with test programs):

audit(1733096947.706:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.3.1250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  282.737263][   T39] audit: type=1326 audit(1733096947.706:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.3.1250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  282.743908][   T39] audit: type=1326 audit(1733096947.716:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.3.1250" exe="/syz-executor" sig=0 arch=40000003 syscall=379 compat=1 ip=0xf742e579 code=0x7ffc0000
[  282.750831][   T39] audit: type=1326 audit(1733096947.716:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.3.1250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  282.756646][   T39] audit: type=1326 audit(1733096947.716:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.3.1250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  282.763135][   T39] audit: type=1326 audit(1733096947.716:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.3.1250" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf742e579 code=0x7ffc0000
[  282.769142][   T39] audit: type=1326 audit(1733096947.716:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.3.1250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  282.776956][   T39] audit: type=1326 audit(1733096947.726:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.3.1250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  282.786797][   T39] audit: type=1326 audit(1733096947.726:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.3.1250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  282.792726][T10680] netlink: 'syz.0.1249': attribute type 4 has an invalid length.
[  282.799509][   T58] lo speed is unknown, defaulting to 1000
[  282.811181][   T39] audit: type=1326 audit(1733096947.726:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10676 comm="syz.3.1250" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  282.812752][T10680] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1249'.
[  282.838891][T10680] netlink: 173 bytes leftover after parsing attributes in process `syz.0.1249'.
[  283.247211][ T5945] libceph: connect (1)[c::]:6789 error -101
[  283.250733][ T5945] libceph: mon0 (1)[c::]:6789 connect error
[  283.264847][T10668] ceph: No mds server is up or the cluster is laggy
[  283.957616][T10695] xt_time: invalid argument - start or stop time greater than 23:59:59
[  285.231294][ T5945] IPVS: starting estimator thread 0...
[  285.334513][T10714] IPVS: using max 22 ests per chain, 52800 per kthread
[  285.644175][   T58] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  285.824319][   T58] usb 8-1: Using ep0 maxpacket: 32
[  285.827774][   T58] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  285.830580][   T58] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  285.833541][   T58] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  285.837563][   T58] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  285.841650][   T58] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  285.845461][   T58] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  285.849874][   T58] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  285.853873][   T58] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.858292][   T58] usb 8-1: config 0 descriptor??
[  286.065199][   T58] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 11 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  286.072307][   T58] usb 8-1: USB disconnect, device number 11
[  286.075013][   T58] usblp0: removed
[  286.503220][   T58] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  286.653052][   T58] usb 8-1: Using ep0 maxpacket: 32
[  286.656398][   T58] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  286.659467][   T58] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  286.662735][   T58] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  286.667608][   T58] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  286.670280][   T58] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  286.674174][   T58] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  286.677774][   T58] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  286.680693][   T58] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.685651][   T58] usb 8-1: config 0 descriptor??
[  286.888413][T10736] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2758444543 (5516889086 ns) > initial count (4205064 ns). Using initial count to start timer.
[  286.912956][   T58] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  286.996586][    T8] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  287.142749][    T8] usb 7-1: Using ep0 maxpacket: 32
[  287.149470][    T8] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  287.155432][    T8] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  287.160239][    T8] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  287.164243][    T8] usb 7-1: Product: syz
[  287.166104][    T8] usb 7-1: Manufacturer: syz
[  287.167970][    T8] usb 7-1: SerialNumber: syz
[  287.170962][    T8] usb 7-1: config 0 descriptor??
[  287.179330][T10733] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  287.296411][T10743] xt_time: invalid argument - start or stop time greater than 23:59:59
[  287.302116][   T35] usb 8-1: USB disconnect, device number 12
[  287.313378][   T35] usblp0: removed
[  287.403953][   T64] usb 7-1: USB disconnect, device number 10
[  289.395214][T10786] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1272'.
[  290.055418][T10786] orangefs_mount: mount request failed with -4
[  290.347959][T10792] xt_time: invalid argument - start or stop time greater than 23:59:59
[  291.255967][T10804] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  291.597292][T10830] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1279'.
[  291.779156][T10825] xt_time: invalid argument - start or stop time greater than 23:59:59
[  292.325214][T10831] orangefs_mount: mount request failed with -4
[  292.581963][T10864] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1281'.
[  293.046002][T10865] netlink: 'syz.0.1284': attribute type 2 has an invalid length.
[  293.710439][T10888] xt_time: invalid argument - start or stop time greater than 23:59:59
[  293.908453][T10879] binder: Unknown parameter 'smackfsroot'
[  294.802014][T10900] binder: Unknown parameter 'smackfsroot'
[  294.815707][T10900] ubi: mtd0 is already attached to ubi0
[  294.914632][T10908] xt_time: invalid argument - start or stop time greater than 23:59:59
[  295.699423][T10921] netlink: 'syz.3.1294': attribute type 4 has an invalid length.
[  296.131077][T10925] sp0: Synchronizing with TNC
[  296.942591][T10936] xt_time: invalid argument - start or stop time greater than 23:59:59
[  297.363364][T10952] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1300'.
[  298.339268][T10963] netfs: Duplicate cookie detected
[  298.340851][T10963] netfs: O-cookie c=00000004 [fl=4008 na=0 nA=0 s=-]
[  298.342635][T10963] netfs: O-cookie V=00000003 [9p,syz,]
[  298.344146][T10963] netfs: O-key=[8] '9b00520200000000'
[  298.345674][T10963] netfs: N-cookie c=00000007 [fl=8 na=0 nA=0 s=-]
[  298.347432][T10963] netfs: N-cookie V=00000003 [9p,syz,]
[  298.348903][T10963] netfs: N-key=[8] '9b00520200000000'
[  298.624992][T10970] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  300.145781][T10995] netlink: 'syz.1.1312': attribute type 10 has an invalid length.
[  300.150944][T10995] team0: Port device netdevsim0 added
[  300.158951][T10995] netlink: 'syz.1.1312': attribute type 10 has an invalid length.
[  300.165859][T10995] team0: Port device netdevsim0 removed
[  300.168474][T10995] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  300.370586][T10999] binder: Unknown parameter 'smackfsroot'
[  302.989073][T11048] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1325'.
[  303.484739][T11043] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  303.488884][T11043] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  304.478240][T11061] xt_time: invalid argument - start or stop time greater than 23:59:59
[  305.939786][T11079] binder: 11074:11079 ioctl c0306201 0 returned -14
[  305.947990][T11079] binder: BINDER_SET_CONTEXT_MGR already set
[  305.950483][T11079] binder: 11074:11079 ioctl 4018620d 20000040 returned -16
[  308.187828][T11094] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  308.410085][T11111] xt_time: invalid argument - start or stop time greater than 23:59:59
[  309.313734][T11119] cgroup: fork rejected by pids controller in /syz3
[  309.530159][T11160] netlink: 'syz.2.1342': attribute type 10 has an invalid length.
[  309.600962][T11157] netlink: 'syz.2.1342': attribute type 10 has an invalid length.
[  309.676496][T11160] team0: Port device netdevsim0 added
[  309.687523][T11157] team0: Port device netdevsim0 removed
[  309.690027][T11157] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  309.856437][T11164] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  311.018042][T11195] loop7: detected capacity change from 0 to 16384
[  311.265323][T11194] fuse: Bad value for 'fd'
[  311.269300][   T39] kauditd_printk_skb: 10 callbacks suppressed
[  311.269309][   T39] audit: type=1326 audit(1733096976.362:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11200 comm="syz.3.1354" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x0
[  311.497102][T11208] nbd: must specify a device to reconfigure
[  311.510995][T11208] dccp_invalid_packet: P.Data Offset(4) too small
[  311.944232][T11213] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  312.970004][   T35] hid-generic 0000:0000:0000.0047: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  312.985479][T11226] input: syz1 as /devices/virtual/input/input80
[  314.308839][T11253] netlink: 'syz.3.1367': attribute type 1 has an invalid length.
[  314.311264][T11253] netlink: 'syz.3.1367': attribute type 3 has an invalid length.
[  314.313370][T11253] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1367'.
[  314.324930][T11254] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  314.991651][T11266] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1370'.
[  315.003356][T11266] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1370'.
[  315.009127][T11266] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1370'.
[  315.050177][T11267] input: syz0 as /devices/virtual/input/input81
[  315.638223][T11274] lo speed is unknown, defaulting to 1000
[  315.964954][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  316.302368][T11283] usb usb7: selecting invalid altsetting 6
[  317.276946][   T39] audit: type=1326 audit(1733096982.373:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11285 comm="syz.1.1377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  317.294018][   T39] audit: type=1326 audit(1733096982.373:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11285 comm="syz.1.1377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  317.299819][   T39] audit: type=1326 audit(1733096982.383:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11285 comm="syz.1.1377" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  317.310587][   T39] audit: type=1326 audit(1733096982.383:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11285 comm="syz.1.1377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  317.316333][   T39] audit: type=1326 audit(1733096982.383:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11285 comm="syz.1.1377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  317.342028][   T39] audit: type=1326 audit(1733096982.383:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11285 comm="syz.1.1377" exe="/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  317.347998][   T39] audit: type=1326 audit(1733096982.423:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11285 comm="syz.1.1377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  317.354531][   T39] audit: type=1326 audit(1733096982.423:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11285 comm="syz.1.1377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  317.465783][T11306] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1379'.
[  317.468144][T11306] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1379'.
[  318.092597][T11321] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  318.650809][T11334] binder: 11326:11334 ioctl 4018620d 0 returned -22
[  318.654805][T11334] binder: 11326:11334 ioctl c0306201 20000280 returned -11
[  319.187398][T11337] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  319.273459][T11340] tipc: Started in network mode
[  319.274941][T11340] tipc: Node identity ffffffff, cluster identity 4711
[  319.276721][T11340] tipc: Node number set to 4294967295
[  320.289034][   T39] audit: type=1326 audit(1733096985.374:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11352 comm="syz.3.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  320.295417][   T39] audit: type=1326 audit(1733096985.374:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11352 comm="syz.3.1390" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  320.587187][T11363] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1391'.
[  321.307797][T11375] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1396'.
[  321.504849][T11383] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1394'.
[  322.225275][T11390] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  322.306134][T11394] tipc: Started in network mode
[  322.308035][T11394] tipc: Node identity ffffffff, cluster identity 4711
[  322.310794][T11394] tipc: Node number set to 4294967295
[  322.412989][T11398] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  322.412989][T11398]    program syz.0.1407 not setting count and/or reply_len properly
[  322.699638][T11405] lo speed is unknown, defaulting to 1000
[  322.715769][T11406] overlayfs: failed to resolve './file1': -2
[  323.257699][T11411] binder: 11409:11411 ioctl 4018620d 0 returned -22
[  323.721396][T11418] lo speed is unknown, defaulting to 1000
[  326.489603][T11468] syzkaller0: entered promiscuous mode
[  326.491167][T11468] syzkaller0: entered allmulticast mode
[  329.121445][T11541] sctp: [Deprecated]: syz.2.1424 (pid 11541) Use of struct sctp_assoc_value in delayed_ack socket option.
[  329.121445][T11541] Use struct sctp_sack_info instead
[  329.139865][T11541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1424'.
[  329.302084][   T45] Bluetooth: hci4: Frame reassembly failed (-84)
[  329.304699][  T101] Bluetooth: hci4: Frame reassembly failed (-84)
[  329.919509][T11554] lo speed is unknown, defaulting to 1000
[  330.499315][T11560] nbd0: detected capacity change from 0 to 12
[  330.505730][T11561] block nbd0: NBD_DISCONNECT
[  330.506790][ T5954] block nbd0: Send control failed (result -89)
[  330.509892][ T5954] block nbd0: Request send failed, requeueing
[  330.514280][ T5954] block nbd0: Disconnected due to user request.
[  330.517250][T11561] block nbd0: Send disconnect failed -89
[  330.522338][ T1255] blk_print_req_error: 29 callbacks suppressed
[  330.522348][ T1255] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  330.527804][ T1255] buffer_io_error: 25 callbacks suppressed
[  330.527812][ T1255] Buffer I/O error on dev nbd0, logical block 0, async page read
[  330.538968][ T5954] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  330.541423][ T5954] Buffer I/O error on dev nbd0, logical block 0, async page read
[  330.543452][ T5954] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  330.545719][ T5954] Buffer I/O error on dev nbd0, logical block 0, async page read
[  330.547663][ T5954] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  330.549946][ T5954] Buffer I/O error on dev nbd0, logical block 0, async page read
[  330.551864][ T5954] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  330.554075][ T5954] Buffer I/O error on dev nbd0, logical block 0, async page read
[  330.556088][ T5954] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  330.558267][ T5954] Buffer I/O error on dev nbd0, logical block 0, async page read
[  330.561117][ T5954] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  330.565789][ T5954] Buffer I/O error on dev nbd0, logical block 0, async page read
[  330.568766][ T5954] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  330.571372][ T5954] Buffer I/O error on dev nbd0, logical block 0, async page read
[  330.573336][ T5954] ldm_validate_partition_table(): Disk read failed.
[  330.575138][ T5954] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  330.577487][ T5954] Buffer I/O error on dev nbd0, logical block 0, async page read
[  330.579679][ T5954] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  330.581893][ T5954] Buffer I/O error on dev nbd0, logical block 0, async page read
[  330.583918][ T5954] Dev nbd0: unable to read RDB block 0
[  330.585376][ T5954]  nbd0: unable to read partition table
[  330.586890][ T5954] nbd0: partition table beyond EOD, truncated
[  330.589510][T11557] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  330.744800][ T5954] ldm_validate_partition_table(): Disk read failed.
[  330.746605][ T5954] Dev nbd0: unable to read RDB block 0
[  330.748086][ T5954]  nbd0: unable to read partition table
[  330.749584][ T5954] nbd0: partition table beyond EOD, truncated
[  331.309598][ T5295] Bluetooth: hci4: command 0xfc11 tx timeout
[  331.314139][ T5947] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  332.214747][T11593] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1435'.
[  332.951424][   T39] kauditd_printk_skb: 51 callbacks suppressed
[  332.951436][   T39] audit: type=1326 audit(1733096998.055:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11597 comm="syz.3.1438" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  332.960536][   T39] audit: type=1326 audit(1733096998.055:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11597 comm="syz.3.1438" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf742e579 code=0x7ffc0000
[  332.967775][   T39] audit: type=1326 audit(1733096998.055:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11597 comm="syz.3.1438" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  332.984806][   T39] audit: type=1326 audit(1733096998.055:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11597 comm="syz.3.1438" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf742e579 code=0x7ffc0000
[  332.990878][   T39] audit: type=1326 audit(1733096998.055:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11597 comm="syz.3.1438" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  332.996545][   T39] audit: type=1326 audit(1733096998.055:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11597 comm="syz.3.1438" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf742e579 code=0x7ffc0000
[  333.002023][   T39] audit: type=1326 audit(1733096998.055:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11597 comm="syz.3.1438" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  333.009391][   T39] audit: type=1326 audit(1733096998.055:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11597 comm="syz.3.1438" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  333.156308][T11604] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1439'.
[  333.329468][T11607] ata1.00: invalid command format 189
[  333.633779][T11617] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1442'.
[  333.636067][T11617] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1442'.
[  334.407302][T11628] input: syz0 as /devices/virtual/input/input83
[  334.435066][T11628] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1444'.
[  334.919857][   T39] audit: type=1804 audit(1733097000.015:683): pid=11631 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1445" name="/newroot/355/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  335.034363][T11640] 9pnet_virtio: no channels available for device syz
[  335.553330][T11648] libceph: resolve '.
[  335.553330][T11648] #)|.زf͹Ç�²a×ïÅ2sˆoÖw¿úÕ?£'Ê%Ð�KAq‰f»�CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM�¤¨ìó¤h‡E$
[  335.553330][T11648] ' (ret=-3): failed
[  335.969104][   T57] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  336.120376][   T57] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  336.122669][   T57] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  336.125267][   T57] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  336.127613][   T57] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  336.130630][   T57] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  336.135852][   T57] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  336.138327][   T57] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  336.145118][   T57] usb 8-1: Product: syz
[  336.146334][   T57] usb 8-1: Manufacturer: syz
[  336.151327][   T57] cdc_wdm 8-1:1.0: skipping garbage
[  336.152766][   T57] cdc_wdm 8-1:1.0: skipping garbage
[  336.154829][   T57] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  336.156436][   T57] cdc_wdm 8-1:1.0: Unknown control protocol
[  336.183731][T11661] syz.0.1452 (11661): drop_caches: 2
[  337.722624][   T39] audit: type=1326 audit(1733097002.825:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11681 comm="syz.2.1457" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  338.508469][   T39] kauditd_printk_skb: 20 callbacks suppressed
[  338.508485][   T39] audit: type=1326 audit(1733097003.605:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11681 comm="syz.2.1457" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  338.515786][   T39] audit: type=1326 audit(1733097003.605:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11681 comm="syz.2.1457" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  338.538710][    T8] usb 8-1: USB disconnect, device number 13
[  338.552162][   T39] audit: type=1804 audit(1733097003.655:707): pid=11687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1458" name="/newroot/373/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  339.604494][T11710] syz.3.1463 (11710): drop_caches: 2
[  339.696122][T11708] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  339.811137][T11714] netlink: 'syz.1.1464': attribute type 10 has an invalid length.
[  339.813183][T11714] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1464'.
[  339.815538][T11714] team0: entered promiscuous mode
[  339.819036][T11714] team_slave_0: entered promiscuous mode
[  339.822316][T11714] team_slave_1: entered promiscuous mode
[  339.824222][T11714] bridge0: port 4(team0) entered blocking state
[  339.826014][T11714] bridge0: port 4(team0) entered disabled state
[  339.832627][T11714] team0: entered allmulticast mode
[  339.836940][T11714] team_slave_0: entered allmulticast mode
[  339.839269][T11714] team_slave_1: entered allmulticast mode
[  339.845068][T11714] bridge0: port 4(team0) entered blocking state
[  339.847300][T11714] bridge0: port 4(team0) entered forwarding state
[  340.715598][T11729] usb usb8: usbfs: process 11729 (syz.0.1468) did not claim interface 0 before use
[  341.050424][T11735] sp0: Synchronizing with TNC
[  341.097087][T11736] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  341.108962][T11736] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  341.539398][   T39] audit: type=1804 audit(1733097006.645:708): pid=11741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1471" name="/newroot/361/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  341.701752][T11743] 9pnet_fd: Insufficient options for proto=fd
[  344.578929][   T57] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  344.738790][   T57] usb 6-1: Using ep0 maxpacket: 32
[  344.741458][   T57] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  344.745815][   T57] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  344.748262][   T57] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  344.750554][   T57] usb 6-1: Product: syz
[  344.751768][   T57] usb 6-1: Manufacturer: syz
[  344.753092][   T57] usb 6-1: SerialNumber: syz
[  344.755390][   T57] usb 6-1: config 0 descriptor??
[  344.757161][T11780] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  345.026321][   T57] usb 6-1: USB disconnect, device number 9
[  345.647935][T11798] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1484'.
[  346.635843][T11812] wireguard0: entered promiscuous mode
[  346.637376][T11812] wireguard0: entered allmulticast mode
[  346.778478][T11814] Bluetooth: MGMT ver 1.23
[  347.240724][T11821] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  347.242821][T11821] IPv6: NLM_F_CREATE should be set when creating new route
[  347.244697][T11821] IPv6: NLM_F_CREATE should be set when creating new route
[  347.247221][T11821] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  347.268178][T11827] usb usb7: selecting invalid altsetting 6
[  347.381299][T11833] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.384012][T11833] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.551441][T11836] lo speed is unknown, defaulting to 1000
[  347.759448][T11841] sp0: Synchronizing with TNC
[  347.810722][T11844] overlay: Unknown parameter '/dev/snd/pcmC#D#p'
[  347.862362][T11844] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  348.006654][T11846] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1496'.
[  348.033573][   T39] audit: type=1107 audit(1733097013.135:709): pid=11845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  349.141696][T11877] tmpfs: Unknown parameter ''
[  350.051618][T11891] usb usb7: selecting invalid altsetting 6
[  350.148700][   T35] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  350.298649][   T35] usb 8-1: Using ep0 maxpacket: 32
[  350.301236][   T35] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  350.305156][   T35] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  350.307599][   T35] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  350.309942][   T35] usb 8-1: Product: syz
[  350.311240][   T35] usb 8-1: Manufacturer: syz
[  350.312541][   T35] usb 8-1: SerialNumber: syz
[  350.319473][   T35] usb 8-1: config 0 descriptor??
[  350.321385][T11887] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  350.600489][   T25] usb 8-1: USB disconnect, device number 14
[  350.860215][T11901] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1506'.
[  351.100514][T11908] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  351.543541][T11919] IPVS: Scheduler module ip_vs_sip not found
[  352.025793][T11925] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  352.249509][T11927] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  352.251634][T11927] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  352.254707][T11927] vhci_hcd vhci_hcd.0: Device attached
[  352.431698][   T35] vhci_hcd: vhci_device speed not set
[  352.489800][T11938] afs: Unknown parameter '_µWzk'
[  352.498685][   T35] usb 41-1: new full-speed USB device number 3 using vhci_hcd
[  352.932094][T11935] 8021q: adding VLAN 0 to HW filter on device bond2
[  353.051996][T11928] vhci_hcd: connection reset by peer
[  353.053825][   T45] vhci_hcd: stop threads
[  353.055057][   T45] vhci_hcd: release socket
[  353.056274][   T45] vhci_hcd: disconnect device
[  353.222026][T11955] xt_cgroup: invalid path, errno=-2
[  353.476680][T11962] 9pnet_virtio: no channels available for device syz
[  353.538349][T11962] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  353.540685][T11962] overlayfs: failed to set xattr on upper
[  353.542244][T11962] overlayfs: ...falling back to redirect_dir=nofollow.
[  353.544129][T11962] overlayfs: ...falling back to index=off.
[  353.545687][T11962] overlayfs: ...falling back to uuid=null.
[  353.711220][T11963] sp0: Synchronizing with TNC
[  355.314618][T11986] x_tables: ip_tables: osf match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT/FORWARD
[  356.312911][T11999] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1526'.
[  356.330438][T11999] virtio-fs: tag <(null)> not found
[  356.441148][T12005] overlayfs: empty lowerdir
[  356.475705][   T39] audit: type=1326 audit(1733097021.575:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.0.1528" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  356.481522][   T39] audit: type=1326 audit(1733097021.575:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.0.1528" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  356.484452][T12007] netlink: 'syz.0.1528': attribute type 10 has an invalid length.
[  356.487197][   T39] audit: type=1326 audit(1733097021.575:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.0.1528" exe="/syz-executor" sig=0 arch=40000003 syscall=291 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  356.500163][   T39] audit: type=1326 audit(1733097021.575:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.0.1528" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  356.508798][   T39] audit: type=1326 audit(1733097021.575:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.0.1528" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  356.515205][   T39] audit: type=1326 audit(1733097021.575:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.0.1528" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  356.521374][   T39] audit: type=1326 audit(1733097021.575:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.0.1528" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  356.527188][   T39] audit: type=1326 audit(1733097021.575:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.0.1528" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  356.533771][   T39] audit: type=1326 audit(1733097021.575:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.0.1528" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  356.540300][   T39] audit: type=1326 audit(1733097021.575:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12006 comm="syz.0.1528" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  357.611446][T12030] netlink: 'syz.0.1532': attribute type 1 has an invalid length.
[  357.618696][   T35] vhci_hcd: vhci_device speed not set
[  358.171637][T12039] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1534'.
[  358.174673][T12039] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  358.177213][T12039] batman_adv: batadv0: Removing interface: batadv_slave_0
[  358.183894][T12039] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  358.186927][T12039] batman_adv: batadv0: Removing interface: batadv_slave_1
[  358.197595][T12039] bridge0: port 3(batadv0) entered disabled state
[  358.223193][T12039] bridge0: port 3(batadv0) entered disabled state
[  359.104045][T12056] netlink: 'syz.0.1538': attribute type 10 has an invalid length.
[  359.848592][ T5945] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  360.003573][ T5945] usb 6-1: config 0 has no interfaces?
[  360.010333][ T5945] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  360.012747][ T5945] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.015034][ T5945] usb 6-1: Product: syz
[  360.016167][ T5945] usb 6-1: Manufacturer: syz
[  360.017425][ T5945] usb 6-1: SerialNumber: syz
[  360.025793][ T5945] usb 6-1: config 0 descriptor??
[  360.285911][T12077] ALSA: mixer_oss: invalid OSS volume '00000000000000001361'
[  360.321145][T12078] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1540'.
[  360.586589][ T6001] usb 6-1: USB disconnect, device number 10
[  360.937142][T12083] netlink: 'syz.3.1544': attribute type 13 has an invalid length.
[  361.035862][T12086] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.128202][T12086] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.236487][T12094] input: syz1 as /devices/virtual/input/input84
[  361.277407][T12088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1546'.
[  361.319340][T12086] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.442870][T12102] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1547'.
[  361.445415][T12102] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1547'.
[  361.537929][T12086] bond0: (slave netdevsim0): Releasing backup interface
[  361.570606][T12086] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.710618][T12086] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.718725][T12086] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.725357][T12086] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.734032][T12086] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  362.524835][T12110] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  362.546450][T12110] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  362.703546][T12113] netlink: 'syz.3.1551': attribute type 21 has an invalid length.
[  362.766035][   T39] kauditd_printk_skb: 99 callbacks suppressed
[  362.766048][   T39] audit: type=1326 audit(1733097027.865:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12111 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  362.774611][   T39] audit: type=1326 audit(1733097027.865:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12111 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  362.780933][   T39] audit: type=1326 audit(1733097027.865:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12111 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf742e579 code=0x7ffc0000
[  362.788544][   T39] audit: type=1326 audit(1733097027.865:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12111 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  362.794287][   T39] audit: type=1326 audit(1733097027.865:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12111 comm="syz.3.1551" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  363.005028][T12120] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1553'.
[  363.150266][T12123] ieee802154 phy0 wpan0: encryption failed: -22
[  363.934019][   T39] audit: type=1804 audit(1733097029.035:823): pid=12128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1554" name="/newroot/395/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  364.050245][T12130] lo speed is unknown, defaulting to 1000
[  364.312685][T12139] mmap: syz.2.1556 (12139) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  364.624321][T12144] ax25_connect(): syz.2.1558 uses autobind, please contact jreuter@yaina.de
[  366.148529][ T8697] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  366.399894][ T8697] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  366.402154][ T8697] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  366.404780][ T8697] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  366.407105][ T8697] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  366.409994][ T8697] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  366.413885][ T8697] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  366.416235][ T8697] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  366.418287][ T8697] usb 6-1: Product: syz
[  366.420273][ T8697] usb 6-1: Manufacturer: syz
[  366.429966][ T8697] cdc_wdm 6-1:1.0: skipping garbage
[  366.431373][ T8697] cdc_wdm 6-1:1.0: skipping garbage
[  366.435635][ T8697] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  366.437271][ T8697] cdc_wdm 6-1:1.0: Unknown control protocol
[  366.633899][   T35] usb 6-1: USB disconnect, device number 11
[  366.998194][T12175] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  367.001388][T12175] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  367.235035][   T39] audit: type=1804 audit(1733097032.335:824): pid=12184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1567" name="/newroot/385/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  367.288498][   T35] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  367.344651][T12187] netlink: 'syz.2.1568': attribute type 10 has an invalid length.
[  367.347114][T12187] netlink: 55 bytes leftover after parsing attributes in process `syz.2.1568'.
[  367.460649][   T35] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  367.463038][   T35] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  367.465727][   T35] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  367.468066][   T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  367.470953][   T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  367.474861][   T35] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  367.477301][   T35] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  367.479656][   T35] usb 6-1: Product: syz
[  367.480754][   T35] usb 6-1: Manufacturer: syz
[  367.483782][   T35] cdc_wdm 6-1:1.0: skipping garbage
[  367.485177][   T35] cdc_wdm 6-1:1.0: skipping garbage
[  367.487089][   T35] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  367.488907][   T35] cdc_wdm 6-1:1.0: Unknown control protocol
[  368.043441][T12162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  368.049189][T12162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  368.327414][T12199] can0: slcan on ttyS3.
[  368.562803][T12208] bridge_slave_1: left allmulticast mode
[  368.564328][T12208] bridge_slave_1: left promiscuous mode
[  368.566024][T12208] bridge1: port 1(bridge_slave_1) entered disabled state
[  368.573156][T12208] bond0: (slave bond_slave_0): Releasing backup interface
[  368.582287][T12208] bond0: (slave bond_slave_1): Releasing backup interface
[  368.643105][T12208] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1572'.
[  368.988693][   T35] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  369.083116][    T9] usb 6-1: USB disconnect, device number 12
[  369.141252][   T35] usb 8-1: config 108 has an invalid interface number: 85 but max is 0
[  369.143530][   T35] usb 8-1: config 108 has no interface number 0
[  369.145110][   T35] usb 8-1: config 108 interface 85 has no altsetting 0
[  369.148352][   T35] usb 8-1: language id specifier not provided by device, defaulting to English
[  369.154776][   T35] usb 8-1: New USB device found, idVendor=12d1, idProduct=c187, bcdDevice=2b.99
[  369.157974][   T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.170484][   T35] usb 8-1: Product: syz
[  369.171933][   T35] usb 8-1: Manufacturer: 뫄ǹౘ噘꿴ⷜ�䀼颤碅ﰊⳮោ͡퇂魾�űㅟ뭆୼ࠒ쌟
[  369.175491][   T35] usb 8-1: SerialNumber: syz
[  369.362745][T12224] syz.0.1575 (12224): drop_caches: 2
[  369.786586][   T35] option 8-1:108.85: GSM modem (1-port) converter detected
[  369.793851][   T35] usb 8-1: USB disconnect, device number 15
[  369.796105][   T35] option 8-1:108.85: device disconnected
[  370.334251][   T39] audit: type=1326 audit(1733097035.415:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12225 comm="syz.1.1576" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x0
[  371.085989][   T39] audit: type=1804 audit(1733097036.185:826): pid=12239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1578" name="/newroot/388/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  371.112112][   T39] audit: type=1326 audit(1733097036.215:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12237 comm="syz.1.1579" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x0
[  371.439331][T12198] can0 (unregistered): slcan off ttyS3.
[  371.563531][T12258] lo speed is unknown, defaulting to 1000
[  371.576282][T12261] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1580'.
[  371.934227][T12272] netlink: 'syz.1.1583': attribute type 9 has an invalid length.
[  371.936358][T12272] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1583'.
[  372.450557][T12283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  372.455632][T12283] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  372.728526][   T39] audit: type=1326 audit(1733097037.825:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12285 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  372.734160][   T39] audit: type=1326 audit(1733097037.825:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12285 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  372.739929][   T39] audit: type=1326 audit(1733097037.825:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12285 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  372.746075][   T39] audit: type=1326 audit(1733097037.825:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12285 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  372.752674][   T39] audit: type=1326 audit(1733097037.825:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12285 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  372.758596][   T39] audit: type=1326 audit(1733097037.825:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12285 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  372.764180][   T39] audit: type=1326 audit(1733097037.825:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12285 comm="syz.1.1587" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  373.525636][T12285] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  374.071121][T12302] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1598'.
[  374.368526][   T64] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  374.518451][   T64] usb 6-1: Using ep0 maxpacket: 16
[  374.521245][   T64] usb 6-1: config 0 has no interfaces?
[  374.524241][   T64] usb 6-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=ec.89
[  374.526757][   T64] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.528913][   T64] usb 6-1: Product: syz
[  374.530074][   T64] usb 6-1: Manufacturer: syz
[  374.531375][   T64] usb 6-1: SerialNumber: syz
[  374.534046][   T64] usb 6-1: config 0 descriptor??
[  374.668474][  T833] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  374.818658][  T833] usb 8-1: Using ep0 maxpacket: 8
[  374.824337][  T833] usb 8-1: config 0 has no interfaces?
[  374.832400][  T833] usb 8-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=e6.7f
[  374.837848][  T833] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.840280][  T833] usb 8-1: Product: syz
[  374.841414][  T833] usb 8-1: Manufacturer: syz
[  374.842707][  T833] usb 8-1: SerialNumber: syz
[  374.849348][  T833] usb 8-1: config 0 descriptor??
[  374.965375][T12319] Process accounting resumed
[  375.046231][ T6001] usb 6-1: USB disconnect, device number 13
[  375.077946][T12324] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  375.080161][T12324] UDF-fs: Scanning with blocksize 512 failed
[  375.082401][T12324] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  375.084436][T12324] UDF-fs: Scanning with blocksize 1024 failed
[  375.086513][T12324] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  375.088911][T12324] UDF-fs: Scanning with blocksize 2048 failed
[  375.090970][T12324] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[  375.093050][T12324] UDF-fs: Scanning with blocksize 4096 failed
[  375.340200][T12331] loop7: detected capacity change from 16384 to 16383
[  376.171119][T12346] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1607'.
[  376.173646][T12346] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1607'.
[  376.838740][T12354] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  376.877337][T12357] block device autoloading is deprecated and will be removed.
[  377.115906][    T9] usb 8-1: USB disconnect, device number 16
[  377.353566][T12369] netlink: 'syz.3.1604': attribute type 1 has an invalid length.
[  377.390874][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  378.100544][T12381] misc userio: Invalid payload size
[  378.103113][T12381] misc userio: The device must be registered before sending interrupts
[  378.106399][T12381] misc userio: The device must be registered before sending interrupts
[  379.151330][T12399] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1613'.
[  379.389905][T12404] netlink: 'syz.1.1614': attribute type 1 has an invalid length.
[  379.391961][T12404] netlink: 'syz.1.1614': attribute type 3 has an invalid length.
[  379.394039][T12404] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1614'.
[  379.682927][T12406] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1615'.
[  379.786087][T12406] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.792818][T12406] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.910344][T12412] mkiss: ax0: crc mode is auto.
[  382.566178][T12456] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1627'.
[  383.231072][T12465] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  383.279693][T12465] lo speed is unknown, defaulting to 1000
[  384.031114][T12483] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1633'.
[  384.469041][T12488] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  385.331090][T12495] binder: 12489:12495 ioctl 4018620d 0 returned -22
[  385.333171][T12495] binder: 12489:12495 ioctl c0306201 20000280 returned -11
[  385.336203][   T64] IPVS: starting estimator thread 0...
[  385.448493][T12499] IPVS: using max 37 ests per chain, 88800 per kthread
[  386.238724][T12515] netlink: 'syz.1.1639': attribute type 10 has an invalid length.
[  386.333749][T12515] bridge0: port 4(team0) entered disabled state
[  386.358768][T12515] team0: left allmulticast mode
[  386.360256][T12515] team_slave_0: left allmulticast mode
[  386.361840][T12515] team_slave_1: left allmulticast mode
[  386.363952][T12515] team0: left promiscuous mode
[  386.365327][T12515] team_slave_0: left promiscuous mode
[  386.367294][T12515] team_slave_1: left promiscuous mode
[  386.369485][T12515] bridge0: port 4(team0) entered disabled state
[  386.633367][T12521] netlink: 'syz.2.1640': attribute type 3 has an invalid length.
[  386.635481][T12521] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1640'.
[  386.644694][T12521] pimreg: entered allmulticast mode
[  387.166647][    C2] hpet_rtc_timer_reinit: 16 callbacks suppressed
[  387.166665][    C2] hpet: Lost 1 RTC interrupts
[  388.350885][T12545] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  388.353593][T12545] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[  388.357597][T12545] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  388.359765][T12545] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[  388.509413][T12547] ata1.00: non-matching transfer count (1530558389/0)
[  388.578442][   T25] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  388.738672][   T25] usb 6-1: Using ep0 maxpacket: 32
[  388.741494][   T25] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  388.747359][   T25] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  388.750001][   T25] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  388.752905][   T25] usb 6-1: Product: syz
[  388.754544][   T25] usb 6-1: Manufacturer: syz
[  388.756360][   T25] usb 6-1: SerialNumber: syz
[  388.761040][   T25] usb 6-1: config 0 descriptor??
[  388.764066][T12546] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  389.118190][T12555] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1648'.
[  389.120630][T12555] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1648'.
[  389.458238][T12560] x_tables: duplicate underflow at hook 2
[  390.124987][T12571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  390.128593][T12571] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  391.339871][ T6001] usb 6-1: USB disconnect, device number 14
[  392.386121][T12591] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  392.887111][T12596] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  392.889696][T12596] netdevsim netdevsim0: Falling back to sysfs fallback for: ./file0
[  393.076889][T12602] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1658'.
[  393.079482][T12602] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1658'.
[  393.082129][T12602] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1658'.
[  393.084571][T12602] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1658'.
[  393.214267][T12607] Bluetooth: hci4: Frame reassembly failed (-84)
[  393.460223][   T65] Bluetooth: hci4: Frame reassembly failed (-84)
[  393.487311][T12609] netlink: 'syz.1.1667': attribute type 21 has an invalid length.
[  393.723635][   T39] audit: type=1326 audit(1733097058.825:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12605 comm="syz.1.1667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  393.766065][   T39] audit: type=1326 audit(1733097058.865:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12605 comm="syz.1.1667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  393.778506][   T39] audit: type=1326 audit(1733097058.875:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12605 comm="syz.1.1667" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  393.784176][   T39] audit: type=1326 audit(1733097058.875:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12605 comm="syz.1.1667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  393.790182][   T39] audit: type=1326 audit(1733097058.875:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12605 comm="syz.1.1667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  393.848231][T12616] bond1: left promiscuous mode
[  393.850116][T12616] bridge0: port 3(bond1) entered disabled state
[  393.853878][T12617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  393.857067][T12617] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  393.861195][T12616] bridge_slave_1: left allmulticast mode
[  393.862718][T12616] bridge_slave_1: left promiscuous mode
[  393.864258][T12616] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.871908][T12616] bridge_slave_0: left allmulticast mode
[  393.874481][T12616] bridge_slave_0: left promiscuous mode
[  393.876408][T12616] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.985093][T12619] siw: device registration error -23
[  395.228574][ T5947] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  395.511524][   T39] audit: type=1326 audit(1733097060.615:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12620 comm="syz.2.1664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  395.517808][   T39] audit: type=1326 audit(1733097060.615:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12620 comm="syz.2.1664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  395.526462][   T39] audit: type=1326 audit(1733097060.625:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12620 comm="syz.2.1664" exe="/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  395.538538][   T39] audit: type=1326 audit(1733097060.625:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12620 comm="syz.2.1664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  395.544293][   T39] audit: type=1326 audit(1733097060.625:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12620 comm="syz.2.1664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  395.566882][T12625] binder: 12623:12625 ioctl 4018620d 0 returned -22
[  395.736302][T12634] syzkaller0: entered promiscuous mode
[  395.737832][T12634] syzkaller0: entered allmulticast mode
[  398.082996][T12644] bridge_slave_0: left allmulticast mode
[  398.085068][T12644] bridge_slave_0: left promiscuous mode
[  398.087758][T12644] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.100385][T12644] bridge_slave_1: left allmulticast mode
[  398.102549][T12644] bridge_slave_1: left promiscuous mode
[  398.104410][T12644] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.163738][T12644] bond0: (slave bond_slave_0): Releasing backup interface
[  398.169605][T12644] bond0: (slave bond_slave_1): Releasing backup interface
[  398.187896][T12644] team0: Port device team_slave_0 removed
[  398.202191][T12644] team0: Port device team_slave_1 removed
[  398.209112][T12644] bond0: (slave netdevsim0): Releasing backup interface
[  398.215396][T12644] bond1: (slave batadv1): Releasing active interface
[  398.285921][T12644] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1668'.
[  399.468643][T12671] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  399.471201][T12671] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  399.473932][T12671] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  399.476373][T12671] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  399.480904][T12671] geneve2: entered promiscuous mode
[  399.482383][T12671] geneve2: entered allmulticast mode
[  399.525961][T12672] lo speed is unknown, defaulting to 1000
[  399.569665][T12673] netlink: 'syz.1.1681': attribute type 1 has an invalid length.
[  399.734050][T12677] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1670'.
[  400.491654][   T39] kauditd_printk_skb: 27 callbacks suppressed
[  400.491835][   T39] audit: type=1326 audit(1733097065.595:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12681 comm="syz.3.1674" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  400.516331][   T39] audit: type=1326 audit(1733097065.595:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12681 comm="syz.3.1674" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  400.562857][T12685] lo speed is unknown, defaulting to 1000
[  400.588524][    C3] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  400.650194][   T39] audit: type=1326 audit(1733097065.755:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12681 comm="syz.3.1674" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf742e579 code=0x7ffc0000
[  400.655751][   T39] audit: type=1326 audit(1733097065.755:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12681 comm="syz.3.1674" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  400.742397][   T39] audit: type=1326 audit(1733097065.755:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12681 comm="syz.3.1674" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  400.778971][   T39] audit: type=1326 audit(1733097065.875:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12681 comm="syz.3.1674" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf742e579 code=0x7ffc0000
[  400.785726][   T39] audit: type=1326 audit(1733097065.885:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12681 comm="syz.3.1674" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  400.799733][   T39] audit: type=1326 audit(1733097065.885:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12681 comm="syz.3.1674" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  400.819105][   T39] audit: type=1326 audit(1733097065.885:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12681 comm="syz.3.1674" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf742e579 code=0x7ffc0000
[  400.824790][   T39] audit: type=1326 audit(1733097065.885:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12681 comm="syz.3.1674" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  401.083954][T12690] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1675'.
[  401.177905][T12681] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  402.294002][T12707] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  402.296587][T12707] IPv6: NLM_F_CREATE should be set when creating new route
[  402.299168][T12707] IPv6: NLM_F_CREATE should be set when creating new route
[  402.303267][T12707] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  402.504414][T12714] 9pnet_virtio: no channels available for device syz
[  402.508745][T12714] overlay: Unknown parameter '/dev/snd/pcmC#D#p'
[  402.886573][T12715] lo speed is unknown, defaulting to 1000
[  403.361335][T12726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  403.363810][T12726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  403.653657][T12729] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1686'.
[  404.180244][T12739] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[  404.182546][T12739] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[  404.184730][T12739] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[  404.187199][T12739] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[  404.191263][T12739] geneve2: entered promiscuous mode
[  404.192683][T12739] geneve2: entered allmulticast mode
[  404.201782][T12739] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  404.460429][T12741] netlink: 'syz.2.1687': attribute type 1 has an invalid length.
[  405.300722][T12750] bond0: (slave syz_tun): Releasing backup interface
[  405.310889][T12750] bond0: (slave bond_slave_0): Releasing backup interface
[  405.317044][T12750] bond0: (slave bond_slave_1): Releasing backup interface
[  405.339202][T12750] bond0: (slave netdevsim0): Releasing backup interface
[  405.503259][T12750] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1691'.
[  406.745056][T12775] sp0: Synchronizing with TNC
[  406.905011][T12769] ata1.00: invalid command format 189
[  408.773590][T12804] sp0: Synchronizing with TNC
[  410.431389][T12835] bond0: (slave bond_slave_0): Releasing backup interface
[  410.437513][T12835] bond0: (slave bond_slave_1): Releasing backup interface
[  410.451758][T12835] team0: Port device team_slave_0 removed
[  410.454373][T12835] bond3: (slave team_slave_1): Releasing active interface
[  410.456643][T12835] team_slave_1: left promiscuous mode
[  410.463093][T12835] bond2: (slave ip6gretap1): Releasing active interface
[  410.465310][T12835] ip6gretap1: left allmulticast mode
[  410.492017][   T39] kauditd_printk_skb: 16 callbacks suppressed
[  410.492029][   T39] audit: type=1804 audit(1733097075.595:914): pid=12833 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1707" name="/newroot/418/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  410.537444][T12835] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1709'.
[  411.459312][   T39] audit: type=1804 audit(1733097076.565:915): pid=12852 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1720" name="/newroot/441/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  411.496153][T12855] ata1.00: non-matching transfer count (1530558389/0)
[  411.504490][T12855] 9pnet_virtio: no channels available for device syz
[  412.431634][T12869] siw: device registration error -23
[  413.246418][T12882] lo speed is unknown, defaulting to 1000
[  414.081787][T12897] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  415.191611][T12924] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1727'.
[  415.396701][T12923] IPVS: Scheduler module ip_vs_sip not found
[  416.115894][T12944] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1729'.
[  416.118448][T12944] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1729'.
[  417.089087][   T76] Bluetooth: hci4: Frame reassembly failed (-84)
[  417.091409][   T76] Bluetooth: hci4: Frame reassembly failed (-84)
[  417.391786][T12964] lo speed is unknown, defaulting to 1000
[  418.874822][   T39] audit: type=1326 audit(1733097083.975:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12994 comm="syz.1.1747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  418.880671][   T39] audit: type=1326 audit(1733097083.975:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12994 comm="syz.1.1747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  418.887013][   T39] audit: type=1326 audit(1733097083.975:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12994 comm="syz.1.1747" exe="/syz-executor" sig=0 arch=40000003 syscall=291 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  418.892749][   T39] audit: type=1326 audit(1733097083.975:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12994 comm="syz.1.1747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  418.899348][   T39] audit: type=1326 audit(1733097083.975:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12994 comm="syz.1.1747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  418.903174][T12995] netlink: 'syz.1.1747': attribute type 10 has an invalid length.
[  418.905237][   T39] audit: type=1326 audit(1733097083.975:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12994 comm="syz.1.1747" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  418.914271][   T39] audit: type=1326 audit(1733097083.985:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12994 comm="syz.1.1747" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  418.921926][   T39] audit: type=1326 audit(1733097083.985:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12994 comm="syz.1.1747" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  418.938474][   T39] audit: type=1326 audit(1733097083.985:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12994 comm="syz.1.1747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  418.944364][   T39] audit: type=1326 audit(1733097083.985:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12994 comm="syz.1.1747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb1579 code=0x7ffc0000
[  419.149115][ T5947] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  420.095171][T13009] xt_cgroup: invalid path, errno=-2
[  420.709017][T13022] netlink: 'syz.1.1744': attribute type 10 has an invalid length.
[  420.804096][T13027] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  420.806995][T13027] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  421.188450][ T8697] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  421.338502][ T8697] usb 8-1: Using ep0 maxpacket: 16
[  421.341737][ T8697] usb 8-1: config 0 has no interfaces?
[  421.344696][ T8697] usb 8-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=ec.89
[  421.347074][ T8697] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.349701][ T8697] usb 8-1: Product: syz
[  421.350905][ T8697] usb 8-1: Manufacturer: syz
[  421.352150][ T8697] usb 8-1: SerialNumber: syz
[  421.354615][ T8697] usb 8-1: config 0 descriptor??
[  421.429751][T13035] input: syz0 as /devices/virtual/input/input87
[  421.435995][T13035] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1746'.
[  421.739531][T13041] Process accounting resumed
[  421.912591][T13047] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1749'.
[  421.915090][T13047] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1749'.
[  422.202081][   T25] usb 8-1: USB disconnect, device number 17
[  424.011453][   T39] kauditd_printk_skb: 100 callbacks suppressed
[  424.011466][   T39] audit: type=1326 audit(1733097089.115:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13065 comm="syz.3.1755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  424.021836][   T39] audit: type=1326 audit(1733097089.115:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13065 comm="syz.3.1755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  424.027712][   T39] audit: type=1326 audit(1733097089.115:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13065 comm="syz.3.1755" exe="/syz-executor" sig=0 arch=40000003 syscall=291 compat=1 ip=0xf742e579 code=0x7ffc0000
[  424.035047][   T39] audit: type=1326 audit(1733097089.115:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13065 comm="syz.3.1755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  424.041664][   T39] audit: type=1326 audit(1733097089.115:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13065 comm="syz.3.1755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  424.049115][   T39] audit: type=1326 audit(1733097089.115:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13065 comm="syz.3.1755" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf742e579 code=0x7ffc0000
[  424.056219][   T39] audit: type=1326 audit(1733097089.125:1032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13065 comm="syz.3.1755" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf742e579 code=0x7ffc0000
[  424.061624][   T39] audit: type=1326 audit(1733097089.125:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13065 comm="syz.3.1755" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf742e579 code=0x7ffc0000
[  424.067388][   T39] audit: type=1326 audit(1733097089.125:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13065 comm="syz.3.1755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  424.070166][T13067] netlink: 'syz.3.1755': attribute type 10 has an invalid length.
[  424.074246][   T39] audit: type=1326 audit(1733097089.125:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13065 comm="syz.3.1755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[  424.644533][T13069] 8021q: adding VLAN 0 to HW filter on device bond2
[  425.408470][   T58] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  425.558414][   T58] usb 8-1: Using ep0 maxpacket: 32
[  425.562069][   T58] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  425.566586][   T58] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  425.570021][   T58] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  425.572414][   T58] usb 8-1: Product: syz
[  425.573785][   T58] usb 8-1: Manufacturer: syz
[  425.575327][   T58] usb 8-1: SerialNumber: syz
[  425.577786][   T58] usb 8-1: config 0 descriptor??
[  425.579775][T13090] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  425.639917][T13094] netlink: 'syz.2.1759': attribute type 10 has an invalid length.
[  425.887055][   T25] usb 8-1: USB disconnect, device number 18
[  426.108489][    T8] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  426.272773][    T8] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  426.275634][    T8] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  426.279321][    T8] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  426.282345][    T8] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  426.285994][    T8] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  426.299606][    T8] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  426.302625][    T8] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  426.305357][    T8] usb 6-1: Product: syz
[  426.306751][    T8] usb 6-1: Manufacturer: syz
[  426.320326][    T8] cdc_wdm 6-1:1.0: skipping garbage
[  426.322120][    T8] cdc_wdm 6-1:1.0: skipping garbage
[  426.330398][    T8] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  426.332372][    T8] cdc_wdm 6-1:1.0: Unknown control protocol
[  426.624346][T13110] 9pnet_fd: Insufficient options for proto=fd
[  427.761009][T13129] sp0: Synchronizing with TNC
[  429.383485][   T25] usb 6-1: USB disconnect, device number 15
[  429.485442][T13148] syz.3.1772 (13148): drop_caches: 2
[  429.635969][T13151] netlink: 'syz.0.1773': attribute type 10 has an invalid length.
[  429.641829][T13151] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1773'.
[  430.008486][   T25] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  430.181204][   T25] usb 6-1: config 108 has an invalid interface number: 85 but max is 0
[  430.184165][   T25] usb 6-1: config 108 has no interface number 0
[  430.186276][   T25] usb 6-1: config 108 interface 85 has no altsetting 0
[  430.189308][   T25] usb 6-1: language id specifier not provided by device, defaulting to English
[  430.193728][   T25] usb 6-1: New USB device found, idVendor=12d1, idProduct=c187, bcdDevice=2b.99
[  430.197513][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  430.201223][   T25] usb 6-1: Product: syz
[  430.202719][   T25] usb 6-1: Manufacturer: 뫄ǹౘ噘꿴ⷜ�䀼颤碅ﰊⳮោ͡퇂魾�űㅟ뭆୼ࠒ쌟
[  430.206267][   T25] usb 6-1: SerialNumber: syz
[  430.453609][   T25] option 6-1:108.85: GSM modem (1-port) converter detected
[  430.459131][   T25] usb 6-1: USB disconnect, device number 16
[  430.461531][   T25] option 6-1:108.85: device disconnected
[  430.871636][T13159] netlink: 'syz.0.1776': attribute type 10 has an invalid length.
[  430.873743][T13159] netlink: 55 bytes leftover after parsing attributes in process `syz.0.1776'.
[  431.054321][T13165] syz.2.1783 (13165): drop_caches: 2
[  431.288786][   T39] kauditd_printk_skb: 102 callbacks suppressed
[  431.288800][   T39] audit: type=1804 audit(1733097096.385:1138): pid=13166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1777" name="/newroot/438/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  432.336866][   T39] audit: type=1804 audit(1733097097.435:1139): pid=13175 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1788" name="/newroot/446/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  432.794318][T13181] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1780'.
[  433.127975][T13195] lo speed is unknown, defaulting to 1000
[  433.438193][T13203] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1786'.
[  433.440606][T13203] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1786'.
[  433.693855][T13205] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1787'.
[  433.818120][T13207] ieee802154 phy0 wpan0: encryption failed: -22
[  434.074489][T13209] 9pnet_fd: Insufficient options for proto=fd
[  434.595810][T13217] xt_cgroup: invalid path, errno=-2
[  435.165071][T13230] netlink: 'syz.2.1800': attribute type 10 has an invalid length.
[  435.165094][T13230] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1800'.
[  435.252793][T13234] siw: device registration error -23
[  435.293160][T13235] netlink: 'syz.3.1791': attribute type 10 has an invalid length.
[  435.293515][T13235] netlink: 55 bytes leftover after parsing attributes in process `syz.3.1791'.
[  436.689935][T13247] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  436.695082][T13247] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  436.972000][T13250] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1796'.
[  436.974971][T13250] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1796'.
[  437.176316][T13251] Process accounting resumed
[  438.001247][T13265] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1797'.
[  438.003655][T13265] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1797'.
[  438.166555][T13267] random: crng reseeded on system resumption
[  438.181297][   T58] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  438.403515][T13277] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  438.405643][T13277] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  438.409197][T13277] vhci_hcd vhci_hcd.0: Device attached
[  438.505670][T13277] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  438.708538][    T8] vhci_hcd: vhci_device speed not set
[  438.778425][    T8] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[  438.843574][ T1414] ieee802154 phy0 wpan0: encryption failed: -22
[  439.119319][T13285] vhci_hcd: connection reset by peer
[  439.121224][   T12] vhci_hcd: stop threads
[  439.122453][   T12] vhci_hcd: release socket
[  439.125614][   T12] vhci_hcd: disconnect device
[  439.792952][T13310] serio: Serial port ptm0
[  439.828483][   T25] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  439.875908][T13309] netlink: 'syz.1.1805': attribute type 10 has an invalid length.
[  439.878998][T13309] netlink: 55 bytes leftover after parsing attributes in process `syz.1.1805'.
[  439.880339][T13310] netlink: 'syz.0.1804': attribute type 12 has an invalid length.
[  439.888501][T13310] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1804'.
[  439.992555][   T25] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  439.995675][   T25] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  439.999340][   T25] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  440.002721][   T25] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  440.006486][   T25] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  440.016186][   T25] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  440.019572][   T25] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  440.022368][   T25] usb 8-1: Product: syz
[  440.024566][   T25] usb 8-1: Manufacturer: syz
[  440.035251][   T25] cdc_wdm 8-1:1.0: skipping garbage
[  440.037058][   T25] cdc_wdm 8-1:1.0: skipping garbage
[  440.045772][   T25] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  440.048059][   T25] cdc_wdm 8-1:1.0: Unknown control protocol
[  441.018491][T13322] Bluetooth: hci4: Frame reassembly failed (-84)
[  441.041907][  T101] Bluetooth: hci4: Frame reassembly failed (-84)
[  441.659421][T13332] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1809'.
[  441.661661][T13332] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1809'.
[  442.449681][ T8697] usb 8-1: USB disconnect, device number 19
[  443.070447][ T5295] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  443.072132][ T5947] Bluetooth: hci4: command 0x1003 tx timeout
[  443.858658][    T8] vhci_hcd: vhci_device speed not set
[  445.153334][   T39] audit: type=1326 audit(1733097110.255:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13343 comm="syz.0.1810" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  445.161680][   T39] audit: type=1326 audit(1733097110.255:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13343 comm="syz.0.1810" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  445.167857][   T39] audit: type=1326 audit(1733097110.255:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13343 comm="syz.0.1810" exe="/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  445.175567][   T39] audit: type=1326 audit(1733097110.255:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13343 comm="syz.0.1810" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  445.183333][   T39] audit: type=1326 audit(1733097110.255:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13343 comm="syz.0.1810" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  445.189545][   T39] audit: type=1326 audit(1733097110.265:1145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13343 comm="syz.0.1810" exe="/syz-executor" sig=0 arch=40000003 syscall=355 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  445.196069][   T39] audit: type=1326 audit(1733097110.265:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13343 comm="syz.0.1810" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  445.202146][   T39] audit: type=1326 audit(1733097110.265:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13343 comm="syz.0.1810" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  445.209274][   T39] audit: type=1326 audit(1733097110.265:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13343 comm="syz.0.1810" exe="/syz-executor" sig=0 arch=40000003 syscall=326 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  445.216992][   T39] audit: type=1326 audit(1733097110.265:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13343 comm="syz.0.1810" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  445.318488][   T64] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  445.472543][   T64] usb 6-1: Using ep0 maxpacket: 8
[  445.476497][   T64] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  445.489459][   T64] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  445.498492][   T64] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.505522][   T64] usb 6-1: config 0 descriptor??
[  445.626236][T13355] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1815'.
[  445.721062][   T64] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  446.290801][   T58] usb 6-1: USB disconnect, device number 17
[  446.290881][    C3] iowarrior 6-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19
[  446.555865][T13376] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1818'.
[  446.558262][T13376] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1818'.
[  446.924365][T13380] netlink: 'syz.3.1819': attribute type 10 has an invalid length.
[  446.926484][T13380] netlink: 55 bytes leftover after parsing attributes in process `syz.3.1819'.
[  447.232837][T13382] AppArmor: change_hat: Invalid input '0'
[  447.655092][  T101] Bluetooth: hci4: Frame reassembly failed (-84)
[  447.659115][  T101] Bluetooth: hci4: Frame reassembly failed (-84)
[  448.039045][T13393] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1822'.
[  448.501990][T13401] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  448.504054][T13401] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[  448.506150][T13401] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  448.508152][T13401] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[  449.408488][   T64] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  449.437234][T13409] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1827'.
[  449.548473][ T5295] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  449.618502][   T64] usb 8-1: Using ep0 maxpacket: 8
[  449.621069][   T64] usb 8-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  449.628683][T13417] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  449.631066][T13417] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  449.634004][T13417] vhci_hcd vhci_hcd.0: Device attached
[  450.038760][   T25] vhci_hcd: vhci_device speed not set
[  450.108472][   T25] usb 37-1: new full-speed USB device number 3 using vhci_hcd
[  450.453556][   T64] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  450.456208][   T64] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  450.459220][   T64] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  450.462609][   T64] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  450.464932][   T64] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.489522][   T64] hub 8-1:1.0: bad descriptor, ignoring hub
[  450.491103][   T64] hub 8-1:1.0: probe with driver hub failed with error -5
[  450.493195][   T64] cdc_wdm 8-1:1.0: skipping garbage
[  450.494560][   T64] cdc_wdm 8-1:1.0: skipping garbage
[  450.498545][   T64] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  450.500115][   T64] cdc_wdm 8-1:1.0: Unknown control protocol
[  450.532291][T13418] vhci_hcd: connection reset by peer
[  450.535501][   T76] vhci_hcd: stop threads
[  450.536665][   T76] vhci_hcd: release socket
[  450.537936][   T76] vhci_hcd: disconnect device
[  450.608126][T13433] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1830'.
[  450.610722][T13433] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1830'.
[  451.090793][ T8697] usb 8-1: USB disconnect, device number 20
[  451.428310][   T64] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  451.566523][T13445] netlink: 'syz.0.1833': attribute type 10 has an invalid length.
[  451.578187][   T64] usb 8-1: Using ep0 maxpacket: 8
[  451.580915][   T64] usb 8-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  451.584065][   T64] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  451.586757][   T64] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  451.590263][   T64] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  451.593301][   T64] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  451.595683][   T64] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.600407][   T64] hub 8-1:1.0: bad descriptor, ignoring hub
[  451.602046][   T64] hub 8-1:1.0: probe with driver hub failed with error -5
[  451.604122][   T64] cdc_wdm 8-1:1.0: skipping garbage
[  451.605515][   T64] cdc_wdm 8-1:1.0: skipping garbage
[  451.607307][   T64] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  451.608955][   T64] cdc_wdm 8-1:1.0: Unknown control protocol
[  452.246467][T13459] can: request_module (can-proto-0) failed.
[  452.267957][ T8697] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  452.286311][T13462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1835'.
[  452.411873][ T8697] usb 6-1: Using ep0 maxpacket: 8
[  452.447430][ T8697] usb 6-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  452.450330][ T8697] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  452.452763][ T8697] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  452.460231][ T8697] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  452.468085][ T8697] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  452.478644][ T8697] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  452.494321][ T8697] hub 6-1:1.0: bad descriptor, ignoring hub
[  452.496009][ T8697] hub 6-1:1.0: probe with driver hub failed with error -5
[  452.499953][ T8697] cdc_wdm 6-1:1.0: skipping garbage
[  452.501426][ T8697] cdc_wdm 6-1:1.0: skipping garbage
[  452.506084][ T8697] cdc_wdm 6-1:1.0: cdc-wdm1: USB WDM device
[  452.507757][ T8697] cdc_wdm 6-1:1.0: Unknown control protocol
[  453.131299][ T8697] usb 6-1: USB disconnect, device number 18
[  453.331430][T13474] syz.3.1837[13474] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  453.335028][T13474] syz.3.1837[13474] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  453.345863][T13474] syz.3.1837[13474] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  453.452424][T13475] siw: device registration error -23
[  455.133029][   T25] vhci_hcd: vhci_device speed not set
[  456.336828][T13451] cdc_wdm 8-1:1.0: Error autopm - -16
[  456.336986][   T58] usb 8-1: USB disconnect, device number 21
[  456.663548][T13506] mkiss: ax0: crc mode is auto.
[  457.194694][T13535] autofs: Unknown parameter '0x0000000000000000'
[  457.302983][T13529] usb usb4: usbfs: process 13529 (syz.1.1860) did not claim interface 0 before use
[  457.657039][T13560] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1874'.
[  457.700887][T13562] binder: 13561:13562 ioctl c0046209 0 returned -22
[  457.807244][   T39] kauditd_printk_skb: 46 callbacks suppressed
[  457.807260][   T39] audit: type=1804 audit(1733097123.062:1196): pid=13564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1872" name="/newroot/465/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  457.887148][T13570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1876'.
[  457.887895][T13572] ieee802154 phy0 wpan0: encryption failed: -22
[  458.904027][ T5945] usb 6-1: new full-speed USB device number 19 using dummy_hcd
[  459.083885][ T5945] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 4
[  459.121287][ T5945] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  459.123958][ T5945] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.126119][ T5945] usb 6-1: Product: syz
[  459.127260][ T5945] usb 6-1: Manufacturer: syz
[  459.128511][ T5945] usb 6-1: SerialNumber: syz
[  459.134659][ T5945] usb 6-1: config 0 descriptor??
[  459.142832][ T5945] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input88
[  459.298526][T13637] netlink: 65047 bytes leftover after parsing attributes in process `syz.3.1906'.
[  459.334724][T13639] capability: warning: `syz.3.1909' uses 32-bit capabilities (legacy support in use)
[  459.399833][  T833] usb 6-1: USB disconnect, device number 19
[  459.450169][T13643] lo speed is unknown, defaulting to 1000
[  460.279358][T13704] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1939'.
[  460.282480][T13704] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1939'.
[  460.370106][T13715] lo speed is unknown, defaulting to 1000
[  460.516909][T13732] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1952'.
[  460.647043][T13743] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  460.801577][T13752] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  460.841745][T13756] sg_write: data in/out 196608/1 bytes for SCSI command 0xdb-- guessing data in;
[  460.841745][T13756]    program syz.2.1963 not setting count and/or reply_len properly
[  461.237832][T13813] input: syz1 as /devices/virtual/input/input89
[  461.896421][T13841] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  461.898899][T13841] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  461.938075][T13839] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  462.267470][T13876] usb usb8: usbfs: process 13876 (syz.1.2018) did not claim interface 0 before use
[  462.431004][T13907] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  462.472365][T13915] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2031'.
[  462.916123][   T39] audit: type=1326 audit(1733097128.270:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13967 comm="syz.2.2052" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f13579 code=0x0
[  463.129492][T13982] netlink: 'syz.3.2057': attribute type 3 has an invalid length.
[  463.131701][T13982] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2057'.
[  463.138097][T13982] pimreg: entered allmulticast mode
[  463.399994][   T39] audit: type=1326 audit(1733097128.757:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.0.2064" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  463.405706][   T39] audit: type=1326 audit(1733097128.757:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.0.2064" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  463.411384][   T39] audit: type=1326 audit(1733097128.757:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.0.2064" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  463.417738][   T39] audit: type=1326 audit(1733097128.757:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.0.2064" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  463.425738][   T39] audit: type=1326 audit(1733097128.757:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.0.2064" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  463.431742][   T39] audit: type=1326 audit(1733097128.757:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.0.2064" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  463.437501][   T39] audit: type=1326 audit(1733097128.757:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.0.2064" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  463.443196][   T39] audit: type=1326 audit(1733097128.757:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.0.2064" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fd05a7 code=0x7ffc0000
[  463.449070][   T39] audit: type=1326 audit(1733097128.757:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13996 comm="syz.0.2064" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fd0579 code=0x7ffc0000
[  463.626100][T14013] can: request_module (can-proto-0) failed.
[  464.320090][T14039] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  464.455548][T14049] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2084'.
[  464.458316][T14049] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  464.460721][T14049] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2084'.
[  464.569570][T14057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  464.571863][T14057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  465.058060][ T6248] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  465.098312][T14064] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2091'.
[  465.134315][T14066] netlink: 'syz.0.2092': attribute type 10 has an invalid length.
[  465.137951][T14066] netlink: 'syz.0.2092': attribute type 10 has an invalid length.
[  465.215959][ T6248] usb 6-1: Using ep0 maxpacket: 8
[  465.219501][ T6248] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  465.224777][ T6248] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  465.231388][ T6248] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  465.234139][ T6248] usb 6-1: SerialNumber: syz
[  465.238020][ T6248] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22
[  465.439171][   T64] usb 6-1: USB disconnect, device number 20
[  465.859766][T14100] syz.0.2098[14100] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  465.860182][T14100] syz.0.2098[14100] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  465.863539][T14100] syz.0.2098[14100] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  465.967148][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.972214][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.974222][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.977637][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.979766][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.981773][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.983756][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.986617][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.988666][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.990640][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.992660][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.994618][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.997471][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  465.999662][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.001619][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.003583][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.005957][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.008171][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.010386][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.012461][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.016624][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.019233][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.021429][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.023462][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.025918][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.027980][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.029994][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.032340][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.034331][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.036673][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.038778][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.040818][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.043161][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.045318][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.047288][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.049274][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.051227][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.053379][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.055513][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.057498][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.059499][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.061501][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.063570][   T64] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  466.066295][   T64] hid-generic 0000:0000:0000.0048: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  466.360547][ T5295] Bluetooth: hci0: command tx timeout
[  466.370849][ T6248] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  466.519793][ T6248] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[  466.522188][ T6248] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  466.525934][ T6248] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  466.528704][ T6248] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  466.530803][ T6248] usb 6-1: Manufacturer: syz
[  466.533182][ T6248] usb 6-1: config 0 descriptor??
[  466.587608][ T6248] rc_core: IR keymap rc-hauppauge not found
[  466.589249][ T6248] Registered IR keymap rc-empty
[  466.591914][ T6248] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0
[  466.595166][ T6248] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input90
[  466.738363][ T6248] usb 6-1: USB disconnect, device number 21
[  467.073255][T14138] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  467.075763][T14138] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  467.565550][   T64] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  467.733767][   T64] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  467.737064][   T64] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  467.739936][   T64] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  467.742555][   T64] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  467.746406][   T64] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  467.750992][   T64] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  467.755090][   T64] usb 8-1: config 0 descriptor??
[  467.833942][T14167] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  467.841182][T14168] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  467.843186][T14168] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  467.845824][T14168] vhci_hcd vhci_hcd.0: Device attached
[  468.079452][ T6248] usb 37-1: new high-speed USB device number 4 using vhci_hcd
[  468.162284][   T64] plantronics 0003:047F:FFFF.0049: No inputs registered, leaving
[  468.165917][   T64] plantronics 0003:047F:FFFF.0049: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  468.455163][   T25] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  468.611487][T14169] vhci_hcd: connection reset by peer
[  468.613166][ T1140] vhci_hcd: stop threads
[  468.614409][ T1140] vhci_hcd: release socket
[  468.615637][ T1140] vhci_hcd: disconnect device
[  468.617357][   T25] usb 6-1: Using ep0 maxpacket: 32
[  468.620129][   T25] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  468.624974][   T25] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  468.627390][   T25] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  468.629631][   T25] usb 6-1: Product: syz
[  468.630810][   T25] usb 6-1: Manufacturer: syz
[  468.632500][   T25] usb 6-1: SerialNumber: syz
[  468.635997][   T25] usb 6-1: config 0 descriptor??
[  468.638117][T14183] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  468.964679][   T25] usb 6-1: USB disconnect, device number 22
[  469.558274][   T39] kauditd_printk_skb: 29 callbacks suppressed
[  469.558285][   T39] audit: type=1804 audit(1733097134.997:1236): pid=14200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2142" name="/newroot/525/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  470.013794][T14204] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2144'.
[  470.237364][    T8] usb 8-1: USB disconnect, device number 22
[  470.313049][T14212] netlink: 'syz.0.2147': attribute type 4 has an invalid length.
[  470.319106][   T25] lo speed is unknown, defaulting to 1000
[  470.384542][  T833] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  470.533090][  T833] usb 6-1: Using ep0 maxpacket: 8
[  470.535799][  T833] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  470.537971][  T833] usb 6-1: config 0 has no interface number 0
[  470.539597][  T833] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  470.542481][  T833] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  470.545039][  T833] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.548187][  T833] usb 6-1: config 0 descriptor??
[  470.551204][  T833] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  470.757496][   T25] usb 6-1: USB disconnect, device number 23
[  470.946542][T14227] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  470.950029][T14227] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  471.602585][   T25] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  471.744506][   T39] audit: type=1804 audit(1733097137.209:1237): pid=14238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2155" name="/newroot/534/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  471.781750][   T25] usb 6-1: Using ep0 maxpacket: 32
[  471.785487][   T25] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  471.790537][   T25] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  471.793558][   T25] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  471.796316][   T25] usb 6-1: Product: syz
[  471.797766][   T25] usb 6-1: Manufacturer: syz
[  471.799396][   T25] usb 6-1: SerialNumber: syz
[  471.803190][   T25] usb 6-1: config 0 descriptor??
[  471.805863][T14233] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  472.075957][ T8697] usb 6-1: USB disconnect, device number 24
[  472.209905][T14245] block device autoloading is deprecated and will be removed.
[  472.212490][T14245] syz.2.2158: attempt to access beyond end of device
[  472.212490][T14245] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  472.627415][T14260] wg2: left promiscuous mode
[  472.629189][T14260] wg2: left allmulticast mode
[  472.634385][T14260] wg2: entered promiscuous mode
[  472.635703][T14260] wg2: entered allmulticast mode
[  472.684780][T14269] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2171'.
[  472.840174][   T39] audit: type=1804 audit(1733097138.308:1238): pid=14278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2170" name="/newroot/549/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  473.168676][ T6248] vhci_hcd: vhci_device speed not set
[  473.293972][ T5947] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  473.299721][ T5947] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  473.302966][ T5947] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  473.306577][ T5947] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  473.310475][ T5947] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  473.313115][ T5947] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  473.329338][ T5295] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  473.332807][ T5295] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  473.334900][ T5295] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  473.337579][ T5295] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  473.341220][ T5295] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  473.343236][ T5295] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  473.366099][T14290] lo speed is unknown, defaulting to 1000
[  473.423688][T14290] chnl_net:caif_netlink_parms(): no params data found
[  473.479567][T14290] bridge0: port 1(bridge_slave_0) entered blocking state
[  473.481756][T14290] bridge0: port 1(bridge_slave_0) entered disabled state
[  473.483734][T14290] bridge_slave_0: entered allmulticast mode
[  473.485987][T14290] bridge_slave_0: entered promiscuous mode
[  473.490381][T14290] bridge0: port 2(bridge_slave_1) entered blocking state
[  473.492426][T14290] bridge0: port 2(bridge_slave_1) entered disabled state
[  473.494407][T14290] bridge_slave_1: entered allmulticast mode
[  473.496506][T14290] bridge_slave_1: entered promiscuous mode
[  473.528969][T14290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  473.537574][T14290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  473.567930][T14290] team0: Port device team_slave_0 added
[  473.571118][T14290] team0: Port device team_slave_1 added
[  473.590976][T14290] batman_adv: batadv0: Adding interface: batadv_slave_0
[  473.592817][T14290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  473.599597][T14290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  473.603181][T14290] batman_adv: batadv0: Adding interface: batadv_slave_1
[  473.605586][T14290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  473.612384][T14290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  473.639805][T14290] hsr_slave_0: entered promiscuous mode
[  473.641818][T14290] hsr_slave_1: entered promiscuous mode
[  473.643550][T14290] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  473.645477][T14290] Cannot create hsr debugfs directory
[  473.730104][T14290] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  473.742100][T14290] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  473.745725][T14290] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  473.748986][T14290] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  473.757549][T14290] bridge0: port 2(bridge_slave_1) entered blocking state
[  473.759487][T14290] bridge0: port 2(bridge_slave_1) entered forwarding state
[  473.761488][T14290] bridge0: port 1(bridge_slave_0) entered blocking state
[  473.763396][T14290] bridge0: port 1(bridge_slave_0) entered forwarding state
[  473.794775][T14290] 8021q: adding VLAN 0 to HW filter on device bond0
[  473.802713][ T1140] bridge0: port 1(bridge_slave_0) entered disabled state
[  473.806567][ T1140] bridge0: port 2(bridge_slave_1) entered disabled state
[  473.819448][T14290] 8021q: adding VLAN 0 to HW filter on device team0
[  473.830165][  T101] bridge0: port 1(bridge_slave_0) entered blocking state
[  473.832027][  T101] bridge0: port 1(bridge_slave_0) entered forwarding state
[  473.838175][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[  473.841448][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  473.870832][T14308] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2184'.
[  473.927327][T14290] 8021q: adding VLAN 0 to HW filter on device batadv0
[  474.082025][T14290] veth0_vlan: entered promiscuous mode
[  474.085883][T14290] veth1_vlan: entered promiscuous mode
[  474.108142][T14290] veth0_macvtap: entered promiscuous mode
[  474.111214][T14290] veth1_macvtap: entered promiscuous mode
[  474.117678][T14290] batman_adv: batadv0: Interface activated: batadv_slave_0
[  474.122306][T14290] batman_adv: batadv0: Interface activated: batadv_slave_1
[  474.128234][T14290] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  474.130553][T14290] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  474.132853][T14290] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  474.135304][T14290] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  474.154005][   T25] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  474.166532][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  474.168580][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  474.180320][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  474.182393][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  474.221855][T14322] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  474.224593][   T39] audit: type=1326 audit(1733097139.710:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14321 comm="syz.4.2181" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[  474.304124][   T25] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  474.307492][   T25] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  474.310134][   T25] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  474.313359][   T25] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  474.316168][   T25] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  474.319652][   T25] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  474.322268][   T25] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  474.325803][   T25] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  474.328642][   T25] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  474.332185][   T25] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  474.336110][   T25] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  474.341103][   T25] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  474.344815][   T25] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  474.348706][   T25] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  474.351990][   T25] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  474.355344][   T25] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  474.357944][   T25] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 9
[  474.361645][   T25] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  474.364089][   T25] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  474.366601][   T25] usb 8-1: Product: syz
[  474.367702][   T25] usb 8-1: Manufacturer: syz
[  474.368935][   T25] usb 8-1: SerialNumber: syz
[  474.371058][   T25] usb 8-1: config 0 descriptor??
[  474.576499][    T9] usb 8-1: USB disconnect, device number 23
[  475.377202][ T5295] Bluetooth: hci2: command tx timeout
[  475.579621][   T25] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  475.734860][   T25] usb 8-1: Using ep0 maxpacket: 8
[  475.737702][   T25] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  475.739916][   T25] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  475.742874][   T25] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  475.746630][   T25] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  475.749148][   T25] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  475.752480][   T25] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  475.755095][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.842526][T14353] siw: device registration error -23
[  475.963631][   T25] usb 8-1: GET_CAPABILITIES returned 0
[  475.965259][   T25] usbtmc 8-1:16.0: can't read capabilities
[  476.161508][ T8697] usb 8-1: USB disconnect, device number 24
[  476.383258][T14363] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2203'.
[  476.508274][T14367] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2205'.
[  476.547427][T14371] tipc: Started in network mode
[  476.548772][T14371] tipc: Node identity 7f000001, cluster identity 4711
[  476.551378][T14371] tipc: Enabled bearer <udp:syz2>, priority 10
[  476.582085][T14373] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  477.202428][   T57] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  477.348568][   T57] usb 8-1: Using ep0 maxpacket: 32
[  477.352047][   T57] usb 8-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x7B, changing to 0xB
[  477.356335][   T57] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 248
[  477.361729][   T57] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  477.365002][   T57] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.368168][   T57] usb 8-1: Product: syz
[  477.369649][   T57] usb 8-1: Manufacturer: syz
[  477.371352][   T57] usb 8-1: SerialNumber: syz
[  477.375490][T14388] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  477.396968][ T5295] Bluetooth: hci2: command tx timeout
[  477.465229][T14404] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  477.533607][    T8] tipc: Node number set to 2130706433
[  477.576282][   T57] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 25 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  477.783021][    C0] usblp0: nonzero write bulk status received: -71
[  477.785447][    T8] usb 8-1: USB disconnect, device number 25
[  477.793364][    T8] usblp0: removed
[  477.950034][   T39] audit: type=1326 audit(1733097143.530:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14427 comm="syz.2.2224" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x0
[  478.106587][T14435] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2226'.
[  478.544853][T14459] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  478.548613][T14459] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.360604][T14497] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  479.362972][T14497] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.425805][ T5295] Bluetooth: hci2: command tx timeout
[  479.478455][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  479.967689][T14520] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2257'.
[  480.281410][T14543] xt_CT: You must specify a L4 protocol and not use inversions on it
[  480.387189][T14549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  480.390299][T14549] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  480.988635][ T5295] Bluetooth: Unknown LE signaling command 0xdf
[  480.990487][ T5295] Bluetooth: Wrong link type (-22)
[  481.282647][T14572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  481.284977][T14572] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  481.440707][   T25] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  481.470035][ T5295] Bluetooth: hci2: command tx timeout
[  481.607052][   T25] usb 9-1: Using ep0 maxpacket: 32
[  481.610030][   T25] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  481.612601][   T25] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  481.615358][   T25] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  481.618307][   T25] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  481.621460][   T25] usb 9-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  481.623711][   T25] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.626612][   T25] usb 9-1: config 0 descriptor??
[  482.028285][   T25] ntrig 0003:1B96:000A.004A: unknown main item tag 0x0
[  482.030217][   T25] ntrig 0003:1B96:000A.004A: unknown main item tag 0x0
[  482.031984][   T25] ntrig 0003:1B96:000A.004A: unknown main item tag 0x0
[  482.033764][   T25] ntrig 0003:1B96:000A.004A: unknown main item tag 0x0
[  482.035536][   T25] ntrig 0003:1B96:000A.004A: unknown main item tag 0x0
[  482.040768][   T25] ntrig 0003:1B96:000A.004A: hidraw1: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0
[  482.290977][   T25] usb 9-1: USB disconnect, device number 2
[  482.317190][   T39] audit: type=1326 audit(1733097148.000:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14576 comm="syz.2.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  482.325271][   T39] audit: type=1326 audit(1733097148.000:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14576 comm="syz.2.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  482.333833][   T39] audit: type=1326 audit(1733097148.000:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14576 comm="syz.2.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  482.341426][   T39] audit: type=1326 audit(1733097148.000:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14576 comm="syz.2.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  482.350007][   T39] audit: type=1326 audit(1733097148.000:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14576 comm="syz.2.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  482.357526][   T39] audit: type=1326 audit(1733097148.000:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14576 comm="syz.2.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  482.365083][   T39] audit: type=1326 audit(1733097148.000:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14576 comm="syz.2.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  482.372842][   T39] audit: type=1326 audit(1733097148.000:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14576 comm="syz.2.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  482.379713][   T39] audit: type=1326 audit(1733097148.000:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14576 comm="syz.2.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13579 code=0x7ffc0000
[  483.070060][T14598] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2286'.
[  483.165137][    T9] kernel write not supported for file /1965/net/snmp6 (pid: 9 comm: kworker/0:1)
[  483.395760][T14615] overlayfs: missing 'lowerdir'
[  483.797335][T14631] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2296'.
[  483.830761][ T5295] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  483.898222][   T39] kauditd_printk_skb: 534 callbacks suppressed
[  483.898238][   T39] audit: type=1804 audit(1733097149.610:1784): pid=14634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2295" name="/newroot/573/file0/bus" dev="9p" ino=38928568 res=1 errno=0
[  484.429182][T14642] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  484.438647][T14642] kvm: pic: non byte read
[  484.440934][T14642] kvm: pic: level sensitive irq not supported
[  484.441313][T14642] kvm: pic: non byte read
[  484.660702][T14648] lo speed is unknown, defaulting to 1000
[  484.876141][T14655] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2304'.
[  484.880166][T14655] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2304'.
[  484.883275][T14655] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2304'.
[  484.923067][ T5295] block nbd0: Receive control failed (result -107)
[  484.964864][T14655] 
[  484.965583][T14655] ======================================================
[  484.967409][T14655] WARNING: possible circular locking dependency detected
[  484.969147][T14655] 6.12.0-syzkaller-12128-gf788b5ef1ca9 #0 Not tainted
[  484.971208][T14655] ------------------------------------------------------
[  484.974014][T14655] syz.3.2304/14655 is trying to acquire lock:
[  484.975633][T14655] ffff888023d69a88 (&q->limits_lock){+.+.}-{4:4}, at: __nbd_set_size+0x2c0/0x730
[  484.978010][T14655] 
[  484.978010][T14655] but task is already holding lock:
[  484.979925][T14655] ffff888023d69438 (&q->q_usage_counter(io)#49){++++}-{0:0}, at: nbd_start_device+0x8ef/0xd70
[  484.982660][T14655] 
[  484.982660][T14655] which lock already depends on the new lock.
[  484.982660][T14655] 
[  484.985321][T14655] 
[  484.985321][T14655] the existing dependency chain (in reverse order) is:
[  484.987494][T14655] 
[  484.987494][T14655] -> #5 (&q->q_usage_counter(io)#49){++++}-{0:0}:
[  484.989638][T14655]        blk_mq_submit_bio+0x1fb6/0x24c0
[  484.991090][T14655]        __submit_bio+0x384/0x540
[  484.992409][T14655]        submit_bio_noacct_nocheck+0x698/0xd70
[  484.994009][T14655]        submit_bio_noacct+0x93a/0x1e20
[  484.995446][T14655]        block_read_full_folio+0x812/0xa50
[  484.996966][T14655]        filemap_read_folio+0xc6/0x2a0
[  484.998389][T14655]        filemap_get_pages+0x155f/0x1be0
[  484.999839][T14655]        filemap_read+0x3ca/0xd70
[  485.001169][T14655]        blkdev_read_iter+0x187/0x480
[  485.002579][T14655]        vfs_read+0x87f/0xbe0
[  485.003815][T14655]        ksys_read+0x12b/0x250
[  485.005066][T14655]        do_syscall_64+0xcd/0x250
[  485.006403][T14655]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.008068][T14655] 
[  485.008068][T14655] -> #4 (mapping.invalidate_lock#2){++++}-{4:4}:
[  485.010260][T14655]        down_read+0x9a/0x330
[  485.011492][T14655]        page_cache_ra_unbounded+0x173/0x750
[  485.013037][T14655]        page_cache_ra_order+0x7d9/0xc90
[  485.014486][T14655]        filemap_fault+0x14a5/0x2820
[  485.015862][T14655]        __do_fault+0x10a/0x490
[  485.017138][T14655]        do_pte_missing+0xebd/0x3e00
[  485.018526][T14655]        __handle_mm_fault+0x103c/0x2a40
[  485.020008][T14655]        handle_mm_fault+0x3fa/0xaa0
[  485.021382][T14655]        __get_user_pages+0x8d9/0x3b50
[  485.022822][T14655]        get_user_pages_unlocked+0x1c2/0x780
[  485.024376][T14655]        hva_to_pfn+0x8be/0xc20
[  485.025650][T14655]        kvm_follow_pfn+0x29f/0x3f0
[  485.026998][T14655]        __kvm_faultin_pfn+0x11c/0x1a0
[  485.028409][T14655]        kvm_mmu_faultin_pfn+0x469/0x1f30
[  485.029889][T14655]        kvm_tdp_page_fault+0x182/0x3d0
[  485.031323][T14655]        kvm_mmu_do_page_fault+0x58d/0x690
[  485.032847][T14655]        kvm_mmu_page_fault+0x20f/0x1bb0
[  485.034315][T14655]        handle_ept_violation+0x25a/0x640
[  485.035796][T14655]        vmx_handle_exit+0x733/0x1f70
[  485.037212][T14655]        vcpu_run+0x2aaf/0x4c00
[  485.038494][T14655]        kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  485.040087][T14655]        kvm_vcpu_ioctl+0x6ce/0x1520
[  485.041464][T14655]        kvm_vcpu_compat_ioctl+0x210/0x3f0
[  485.042988][T14655]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  485.044502][T14655]        __do_fast_syscall_32+0x73/0x120
[  485.045981][T14655]        do_fast_syscall_32+0x32/0x80
[  485.047385][T14655]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  485.049151][T14655] 
[  485.049151][T14655] -> #3 (&mm->mmap_lock){++++}-{4:4}:
[  485.051107][T14655]        __might_fault+0x11b/0x190
[  485.052442][T14655]        _copy_from_user+0x29/0xd0
[  485.053788][T14655]        compat_blk_trace_setup+0xc9/0x200
[  485.055299][T14655]        blk_trace_ioctl+0x24a/0x290
[  485.056684][T14655]        compat_blkdev_ioctl+0x13c/0x750
[  485.058146][T14655]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  485.059653][T14655]        __do_fast_syscall_32+0x73/0x120
[  485.061124][T14655]        do_fast_syscall_32+0x32/0x80
[  485.062538][T14655]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  485.064302][T14655] 
[  485.064302][T14655] -> #2 (&q->debugfs_mutex){+.+.}-{4:4}:
[  485.066324][T14655]        __mutex_lock+0x19b/0xa60
[  485.067633][T14655]        blk_mq_init_sched+0x42b/0x640
[  485.069043][T14655]        elevator_init_mq+0x2cd/0x420
[  485.070451][T14655]        add_disk_fwnode+0x113/0x1300
[  485.071836][T14655]        sd_probe+0xa66/0xfa0
[  485.073059][T14655]        really_probe+0x23e/0xa90
[  485.074382][T14655]        __driver_probe_device+0x1de/0x440
[  485.075894][T14655]        driver_probe_device+0x4c/0x1b0
[  485.077325][T14655]        __device_attach_driver+0x1df/0x310
[  485.078867][T14655]        bus_for_each_drv+0x157/0x1e0
[  485.080282][T14655]        __device_attach_async_helper+0x1d3/0x290
[  485.081955][T14655]        async_run_entry_fn+0x9c/0x530
[  485.083377][T14655]        process_one_work+0x958/0x1b30
[  485.084783][T14655]        worker_thread+0x6c8/0xf00
[  485.086116][T14655]        kthread+0x2c1/0x3a0
[  485.087288][T14655]        ret_from_fork+0x45/0x80
[  485.088576][T14655]        ret_from_fork_asm+0x1a/0x30
[  485.089956][T14655] 
[  485.089956][T14655] -> #1 (&q->q_usage_counter(queue)#51){++++}-{0:0}:
[  485.092234][T14655]        blk_queue_enter+0x50f/0x640
[  485.093622][T14655]        blk_mq_alloc_request+0x59b/0x950
[  485.095090][T14655]        scsi_execute_cmd+0x1f1/0xff0
[  485.096486][T14655]        read_capacity_16+0x21a/0xe20
[  485.097893][T14655]        sd_revalidate_disk.isra.0+0x1a06/0xa8d0
[  485.099538][T14655]        sd_probe+0x8ee/0xfa0
[  485.100783][T14655]        really_probe+0x23e/0xa90
[  485.102111][T14655]        __driver_probe_device+0x1de/0x440
[  485.103634][T14655]        driver_probe_device+0x4c/0x1b0
[  485.105080][T14655]        __device_attach_driver+0x1df/0x310
[  485.106634][T14655]        bus_for_each_drv+0x157/0x1e0
[  485.108028][T14655]        __device_attach_async_helper+0x1d3/0x290
[  485.109696][T14655]        async_run_entry_fn+0x9c/0x530
[  485.111130][T14655]        process_one_work+0x958/0x1b30
[  485.112553][T14655]        worker_thread+0x6c8/0xf00
[  485.113914][T14655]        kthread+0x2c1/0x3a0
[  485.115124][T14655]        ret_from_fork+0x45/0x80
[  485.116414][T14655]        ret_from_fork_asm+0x1a/0x30
[  485.117791][T14655] 
[  485.117791][T14655] -> #0 (&q->limits_lock){+.+.}-{4:4}:
[  485.119775][T14655]        __lock_acquire+0x249e/0x3c40
[  485.121183][T14655]        lock_acquire.part.0+0x11b/0x380
[  485.122687][T14655]        __mutex_lock+0x19b/0xa60
[  485.124009][T14655]        __nbd_set_size+0x2c0/0x730
[  485.125376][T14655]        nbd_start_device+0x8fd/0xd70
[  485.126788][T14655]        nbd_genl_connect+0x1204/0x1c00
[  485.128233][T14655]        genl_family_rcv_msg_doit+0x202/0x2f0
[  485.129828][T14655]        genl_rcv_msg+0x565/0x800
[  485.131148][T14655]        netlink_rcv_skb+0x165/0x410
[  485.132531][T14655]        genl_rcv+0x28/0x40
[  485.133725][T14655]        netlink_unicast+0x53c/0x7f0
[  485.135097][T14655]        netlink_sendmsg+0x8b8/0xd70
[  485.136475][T14655]        ____sys_sendmsg+0x9ae/0xb40
[  485.137871][T14655]        ___sys_sendmsg+0x135/0x1e0
[  485.139201][T14655]        __sys_sendmsg+0x16e/0x220
[  485.140551][T14655]        __do_fast_syscall_32+0x73/0x120
[  485.142016][T14655]        do_fast_syscall_32+0x32/0x80
[  485.143411][T14655]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  485.145160][T14655] 
[  485.145160][T14655] other info that might help us debug this:
[  485.145160][T14655] 
[  485.147803][T14655] Chain exists of:
[  485.147803][T14655]   &q->limits_lock --> mapping.invalidate_lock#2 --> &q->q_usage_counter(io)#49
[  485.147803][T14655] 
[  485.151708][T14655]  Possible unsafe locking scenario:
[  485.151708][T14655] 
[  485.153639][T14655]        CPU0                    CPU1
[  485.155039][T14655]        ----                    ----
[  485.156436][T14655]   lock(&q->q_usage_counter(io)#49);
[  485.157855][T14655]                                lock(mapping.invalidate_lock#2);
[  485.159906][T14655]                                lock(&q->q_usage_counter(io)#49);
[  485.161984][T14655]   lock(&q->limits_lock);
[  485.163164][T14655] 
[  485.163164][T14655]  *** DEADLOCK ***
[  485.163164][T14655] 
[  485.165241][T14655] 5 locks held by syz.3.2304/14655:
[  485.166618][T14655]  #0: ffffffff8fb5b310 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  485.168731][T14655]  #1: ffffffff8fb5b3c8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x580/0x800
[  485.171034][T14655]  #2: ffff888023d84998 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_genl_connect+0x433/0x1c00
[  485.173625][T14655]  #3: ffff888023d69438 (&q->q_usage_counter(io)#49){++++}-{0:0}, at: nbd_start_device+0x8ef/0xd70
[  485.176392][T14655]  #4: ffff888023d69470 (&q->q_usage_counter(queue)#33){+.+.}-{0:0}, at: nbd_start_device+0x8ef/0xd70
[  485.179230][T14655] 
[  485.179230][T14655] stack backtrace:
[  485.180787][T14655] CPU: 2 UID: 0 PID: 14655 Comm: syz.3.2304 Not tainted 6.12.0-syzkaller-12128-gf788b5ef1ca9 #0
[  485.183509][T14655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  485.186286][T14655] Call Trace:
[  485.187172][T14655]  <TASK>
[  485.187956][T14655]  dump_stack_lvl+0x116/0x1f0
[  485.189214][T14655]  print_circular_bug+0x41c/0x610
[  485.190547][T14655]  check_noncircular+0x31a/0x400
[  485.191845][T14655]  ? __pfx_check_noncircular+0x10/0x10
[  485.193269][T14655]  ? lockdep_lock+0xc6/0x200
[  485.194492][T14655]  ? __pfx_lockdep_lock+0x10/0x10
[  485.195808][T14655]  ? __pfx_mark_lock+0x10/0x10
[  485.197067][T14655]  __lock_acquire+0x249e/0x3c40
[  485.198353][T14655]  ? __pfx___lock_acquire+0x10/0x10
[  485.199703][T14655]  lock_acquire.part.0+0x11b/0x380
[  485.201057][T14655]  ? __nbd_set_size+0x2c0/0x730
[  485.202335][T14655]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  485.203799][T14655]  ? rcu_is_watching+0x12/0xc0
[  485.205071][T14655]  ? trace_lock_acquire+0x14e/0x1f0
[  485.206457][T14655]  ? __nbd_set_size+0x2c0/0x730
[  485.207730][T14655]  ? lock_acquire+0x2f/0xb0
[  485.208915][T14655]  ? __nbd_set_size+0x2c0/0x730
[  485.210193][T14655]  __mutex_lock+0x19b/0xa60
[  485.211397][T14655]  ? __nbd_set_size+0x2c0/0x730
[  485.212662][T14655]  ? __pfx_lock_release+0x10/0x10
[  485.213973][T14655]  ? __nbd_set_size+0x2c0/0x730
[  485.215240][T14655]  ? hlock_class+0x4e/0x130
[  485.216428][T14655]  ? __pfx___mutex_lock+0x10/0x10
[  485.217752][T14655]  ? __nbd_set_size+0x2c0/0x730
[  485.219023][T14655]  __nbd_set_size+0x2c0/0x730
[  485.220263][T14655]  ? lock_acquire.part.0+0x11b/0x380
[  485.221643][T14655]  ? find_held_lock+0x2d/0x110
[  485.222888][T14655]  ? blk_mq_freeze_queue_wait+0x186/0x190
[  485.224362][T14655]  ? __pfx_lock_release+0x10/0x10
[  485.225668][T14655]  ? __pfx___nbd_set_size+0x10/0x10
[  485.227019][T14655]  ? __pfx_autoremove_wake_function+0x10/0x10
[  485.228597][T14655]  ? nbd_start_device+0x8ef/0xd70
[  485.229928][T14655]  nbd_start_device+0x8fd/0xd70
[  485.231210][T14655]  nbd_genl_connect+0x1204/0x1c00
[  485.232530][T14655]  ? __pfx_nbd_genl_connect+0x10/0x10
[  485.233934][T14655]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  485.235855][T14655]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  485.237758][T14655]  genl_family_rcv_msg_doit+0x202/0x2f0
[  485.239194][T14655]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  485.241079][T14655]  ? genl_get_cmd+0x195/0x580
[  485.242492][T14655]  ? __radix_tree_lookup+0x21f/0x2c0
[  485.243884][T14655]  genl_rcv_msg+0x565/0x800
[  485.245103][T14655]  ? __pfx_genl_rcv_msg+0x10/0x10
[  485.246803][T14655]  ? __pfx_nbd_genl_connect+0x10/0x10
[  485.248326][T14655]  ? __pfx___lock_acquire+0x10/0x10
[  485.249714][T14655]  netlink_rcv_skb+0x165/0x410
[  485.250951][T14655]  ? __pfx_genl_rcv_msg+0x10/0x10
[  485.252440][T14655]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  485.253889][T14655]  ? down_read+0xc9/0x330
[  485.255031][T14655]  ? __pfx_down_read+0x10/0x10
[  485.256283][T14655]  ? netlink_deliver_tap+0x1ae/0xca0
[  485.257653][T14655]  genl_rcv+0x28/0x40
[  485.258696][T14655]  netlink_unicast+0x53c/0x7f0
[  485.259945][T14655]  ? __pfx_netlink_unicast+0x10/0x10
[  485.261345][T14655]  ? __phys_addr_symbol+0x30/0x80
[  485.262673][T14655]  ? __check_object_size+0x488/0x710
[  485.264044][T14655]  netlink_sendmsg+0x8b8/0xd70
[  485.265290][T14655]  ? __pfx_netlink_sendmsg+0x10/0x10
[  485.266678][T14655]  ____sys_sendmsg+0x9ae/0xb40
[  485.267931][T14655]  ? __pfx_____sys_sendmsg+0x10/0x10
[  485.269309][T14655]  ? get_compat_msghdr+0x11b/0x170
[  485.270660][T14655]  ___sys_sendmsg+0x135/0x1e0
[  485.271890][T14655]  ? __pfx____sys_sendmsg+0x10/0x10
[  485.273249][T14655]  ? __pfx_lock_release+0x10/0x10
[  485.274564][T14655]  ? trace_lock_acquire+0x14e/0x1f0
[  485.275930][T14655]  ? __fget_files+0x206/0x3a0
[  485.277167][T14655]  __sys_sendmsg+0x16e/0x220
[  485.278382][T14655]  ? __pfx___sys_sendmsg+0x10/0x10
[  485.279730][T14655]  ? __ia32_sys_futex_time32+0x1da/0x460
[  485.281215][T14655]  __do_fast_syscall_32+0x73/0x120
[  485.282562][T14655]  do_fast_syscall_32+0x32/0x80
[  485.283835][T14655]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  485.285478][T14655] RIP: 0023:0xf742e579
[  485.286553][T14655] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  485.291518][T14655] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  485.293663][T14655] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000200002c0
[  485.295651][T14655] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  485.297667][T14655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  485.299698][T14655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  485.301742][T14655] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  485.303796][T14655]  </TASK>
[  485.305797][    C2] hpet: Lost 21 RTC interrupts
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  485.378284][    T9] usb 5-1: USB disconnect, device number 3

VM DIAGNOSIS:
23:52:29  Registers:
info registers vcpu 0

CPU#0
EAX=00000000 EBX=f7460ff4 ECX=f5155518 EDX=f51555d8
ESI=f5155580 EDI=f5155594 EBP=00000003 ESP=f5155500
EIP=f7183f4f EFL=00000293 [--S-A-C] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 f5156b40 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 00003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020001018 CR3=000000006b718000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000001309a54 RBX=0000000000000001 RCX=ffffffff8b1ab999 RDX=ffffed10056a6fee
RSI=ffffffff8bb13640 RDI=ffffffff81701ef9 RBP=ffffed10039dc910 RSP=ffffc9000047fe08
R8 =0000000000000000 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000000
R12=0000000000000001 R13=ffff88801cee4880 R14=ffffffff901cb190 R15=0000000000000000
RIP=ffffffff8b1acd7f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002001a000 CR3=0000000066b24000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851531d5 RDI=ffffffff9a6682c0 RBP=ffffffff9a668280 RSP=ffffc9000e14e790
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000002d R14=ffffffff85153170 R15=0000000000000000
RIP=ffffffff851531ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f201ffc CR3=000000006803a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88802b646740 RCX=ffffffff818d43fc RDX=ffff88801cacc880
RSI=ffffffff818d43d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900001e79a0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000006
R12=ffffed10056c8ce9 R13=0000000000000001 R14=ffff88802b646748 R15=ffff88802b73ff80
RIP=ffffffff818d43dd RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3708d2 CR3=000000000db7e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000