last executing test programs:

1m56.16724541s ago: executing program 1 (id=996):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
setgroups(0x0, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x4})
socket$netlink(0x10, 0x3, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x3, &(0x7f0000000000)=@raw=[@jmp={0x5, 0x0, 0x4, 0x4, 0x4, 0xfffffffffffffff0, 0xfffffffffffffffc}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x2}], &(0x7f0000000280)='syzkaller\x00', 0x6, 0x1e, &(0x7f0000000300)=""/30, 0x41000, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000bc0)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000c00)={0x4, 0xb, 0x902c}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000cc0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f000000c340)={0xa802100, 0x0, 0x0, 0x0, {0x2e}, 0x0, 0x0, 0x0, &(0x7f000000c2c0)=[0x0], 0x1}, 0x58)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
write$uinput_user_dev(r8, &(0x7f00000004c0)={'syz0\x00', {0x7, 0x3, 0x1, 0x9}, 0x7, [0x4, 0x6, 0x802, 0xe9a2, 0x1, 0x0, 0xa9ba, 0xc1f, 0x1, 0x7f5b, 0x3, 0x6, 0x5, 0x10000, 0x2, 0x3, 0x0, 0x3, 0xe, 0x3, 0x0, 0x2, 0xd9, 0x2, 0x6, 0x3, 0x3, 0x9, 0xfff, 0x8a0, 0x6, 0x8001, 0x33b5, 0x1, 0xfffffffc, 0x0, 0x9, 0xb, 0xcc, 0x5, 0x80, 0x401, 0x5, 0x5, 0xfffffffd, 0x8, 0xb, 0x3, 0xffff8001, 0x6, 0x3, 0x80000000, 0x1, 0x9, 0x7, 0x8, 0x5, 0xfff, 0x1, 0x7fe, 0x7fff, 0x10000, 0x2, 0x8], [0x2, 0x1, 0x10000, 0x7, 0x9, 0x6, 0x5, 0x4, 0x9, 0x7, 0x5, 0xdd5a, 0x6, 0x5, 0x7, 0x8, 0x5, 0xcc, 0xbc1, 0x80000, 0x0, 0x5e81339d, 0xffffc256, 0xb, 0x80000001, 0x0, 0x0, 0x4, 0x4, 0x7, 0x8, 0x10d, 0x1, 0x5, 0x5, 0xfffffb66, 0xfb5, 0x2, 0x4, 0x7, 0x2, 0x8000, 0x7fff, 0x1, 0x9425, 0x4, 0x6f, 0x80b, 0x1, 0x6, 0x525ba681, 0x4f74, 0x7, 0x1, 0x1, 0x8, 0x100, 0x6, 0x10000, 0x1306, 0x8b, 0x10000, 0xfe4, 0x3ff], [0x2, 0x40, 0x4, 0xfffffff9, 0x7aa, 0x10, 0x80, 0x8001, 0x5, 0x0, 0x9, 0x8, 0x7fffffff, 0x1, 0x1, 0x4, 0x8, 0xfffffffa, 0x7, 0x49, 0x6, 0x4, 0x5, 0xa3, 0x40003, 0x2, 0x0, 0x3, 0x4c, 0x3, 0x5, 0x2, 0xd21e, 0x9, 0x12, 0x0, 0x2, 0xfff, 0x6, 0x800100, 0x7c83, 0xd, 0x1, 0x4, 0xf, 0x81, 0x47, 0x7, 0x0, 0x11, 0x2, 0xffd, 0x7, 0x7, 0x7ffd, 0x7ff, 0x10, 0x2, 0x10001, 0x1, 0x10001, 0x6, 0x71c], [0x81, 0x3, 0x10, 0x4e26, 0x3, 0x7, 0xfffffff3, 0x497, 0x4, 0x1, 0x3, 0x5, 0x56, 0xc28, 0x9, 0x5, 0x5, 0xa, 0x79a, 0x4, 0x9, 0x6, 0xc41f, 0x5, 0x8b6, 0xffffffff, 0x0, 0x0, 0x6a, 0x9, 0x0, 0x0, 0x1000, 0x10, 0xd, 0x6, 0x8000, 0x53, 0x78d, 0x4, 0x1, 0xffffb027, 0xfffffff8, 0x9, 0x7, 0x7, 0x101, 0x7, 0x7, 0x4, 0x0, 0xb, 0x400, 0x8, 0x0, 0x8, 0x7, 0x9, 0x8, 0x0, 0x1, 0x8001, 0xfffffff7, 0x5]}, 0x45c)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000000314230c2dbd7000ffdbdf250900020073797a32000f00000800410072786500140033007767320000000000000000000000000066129cbdaaf92ea305126427a766b1c085924cd6ad57b03cfe9655f622d77d2aeea86454e08d702ca2d6392ca31ef21b722d78da5d90886bb0db32b0e33c89a5e901bb4e0379f25665d395238e6730ad37288567b268fe7f1586d588e526e7d727ec73b81279a75e879dd960e5107507609756ec582a8032a0ae41beb16ed972c66cc59029b79ace6666660cde28316ee23ff7ea64e39ae6d39b5f45f5ccf2adaffee80cc44776710ba5c2a2e806dcb0a1fd133d1190"], 0x38}, 0x1, 0x0, 0x0, 0x400c080}, 0x0)
pipe(&(0x7f0000000080))

1m54.426066227s ago: executing program 1 (id=1002):
gettid()
truncate(&(0x7f0000000000)='./file0\x00', 0x96f)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001700)=@newtaction={0x211c, 0x30, 0x1, 0x0, 0x0, {}, [{0xb0, 0x1, [@m_ctinfo={0xac, 0xd, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0x238}, @TCA_CTINFO_ACT={0x18, 0x3, {0x10000, 0x6, 0x20000000, 0x3, 0xc}}, @TCA_CTINFO_ACT={0x18, 0x3, {0x7, 0x5, 0x8, 0x100, 0x7f}}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0x1000}]}, {0x3d, 0x6, "80106921722262fd6a85403cbe961dbccaa7e62d2ef121f16c0267df577401614f29b935982735c16936d9e5041660ce678afce1e78e8e9f5f"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}, {0x934, 0x1, [@m_mpls={0xdc, 0x19, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x65, 0x100, 0x0, 0xffffffff, 0x80000}, 0x3}}, @TCA_MPLS_TTL={0x5, 0x7, 0x8}]}, {0x8a, 0x6, "531f7ab2416d2ba8a01d1ddfbc2a7996c000dceb3850436289c8ca93fc3dc407866c804e9463e954e13d1a0704194ccbf4f083a8bfb537973cdb0479913649d7905f62be25b8b1d0b166d1895ef5b9c62b3cee5fa29363f3d0e6d01a763761700058920b91fcd1695f408644b817237982f6aa398b6d6fd3dbb03208d2cfa23390bb301ce33b"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_mirred={0x178, 0x16, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0xfffffffc, 0x7, 0x2, 0x0, 0x7fff}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xa, 0x7fff, 0x10000000, 0x9, 0xb}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xff, 0x7f, 0x8, 0x5, 0x8}, 0x1}}]}, {0xea, 0x6, "d0d2e7ce5ad7eedd63cd0c8b81705f425df34c7ae3338e783932df3143b896736321beccb0cc56455a76bf0119aeab91673fa14214ac252383918a3e6641519bbe33e0b2226d7219eeaa75bf3161663eb5a69bda7c1e085bf43881a797214f895ccb434eb8cbabf132d1e76e82c49be6d7a1f12f6e8db891353d74c7aa9c477f8e27f4b0d006cda7de11c2fbe3dd9b6ad2833b4eaacd3b38bb819e095a0bed8aa344e479d620d4e3dba4cb6d4e24c07f8d3725581a9492e135a2ac79b2e5db88eb5a41f23694820f70fc459edb29db67a1f0bbcce0f0e1b34fe04d1c3bfcd152dc6b42fb46f5"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x998d2bd52db86097, 0x2}}}}, @m_nat={0xe4, 0x7, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x5, 0x185, 0x5, 0x80000001, 0x2}, @remote, @remote, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x1257, 0x9, 0x3, 0x2, 0x3}, @dev={0xac, 0x14, 0x14, 0xa}, @multicast2, 0xff000000}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x101, 0x22705e7b, 0x2, 0xab8e, 0xffff}, @multicast2, @multicast1, 0xff000000, 0x1}}]}, {0x41, 0x6, "35cc92408c0b2a5d9da8e2c70218cb44c5abd6f0818c6631343b089a4a463a70e3635cfaa7f5190b29445d82656b186f4641523aab350fa2fef3c2d510"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_nat={0x12c, 0x1e, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x777, 0x1000000c, 0x7, 0x10}, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8, 0x7, 0x2, 0x2, 0x100}, @loopback, @multicast1, 0xffffffff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x2, 0x8, 0x8, 0xf}, @multicast2, @dev={0xac, 0x14, 0x14, 0x1b}, 0xff}}]}, {0x89, 0x6, "5deb7e3dfb440b2ba662e9f06d35f51964a813c1a4a5fbe5a5e1cad46264943362c74ed32ace24283b1ed03d9bab94ec1f76e3f09040074dcdc39a1c58ad4420306d4fb5f40f0036284e57668fb9b0e128261a5c3272612bb4576e113160339f7ce23d360da595941b0991d226c1cef4e8f67228bc1b21b17b60b1d29c6f33a9f568fb484e"}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_skbmod={0x14c, 0xe, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x7f}, @TCA_SKBMOD_PARMS={0x20, 0x2, {{0x92, 0x0, 0xfffffffffffffffe, 0x0, 0x8}, 0x10}}, @TCA_SKBMOD_PARMS={0x20, 0x2, {{0x5, 0x4, 0x7, 0x7, 0x1000}, 0x7}}, @TCA_SKBMOD_DMAC={0xa, 0x3, @random="46cd3473a718"}, @TCA_SKBMOD_SMAC={0xa}]}, {0xbe, 0x6, "262185d60b31e7afcd33abe753f3f1cb5f847116c1a277f78d619349d852254084ad3b97ac529cf2c83841199c2b3b90a163b48c4b916d7bfb76fa92dff595bd2e4771fb495f520217fa86220119681309a01e051526afdef6c2f4747a9de67fcb16cfb73fdb36bb5cc29a8b2f1ab19082df952e817aaacbad487a21dfec70a21f6bd15e467fb40921f3cb83d47faeffc524b6db16ec75510da621634d949fc197e66c73b2911a05dec6af187ffdd2416258c08ef376bbc22564"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3}}}}, @m_nat={0x258, 0x17, 0x0, 0x0, {{0x8}, {0x144, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x0, 0x6, 0x4ea, 0xd521}, @multicast1, @multicast2, 0xffffffff, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x2, 0xffffffffffffffff, 0xb, 0x7ff}, @private=0xa010102, @rand_addr=0x64010102, 0x0, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0xab4, 0x0, 0x7, 0x5, 0x3}, @loopback, @rand_addr=0x64010100, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x3, 0x8, 0xe255}, @loopback, @broadcast}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x3, 0x6, 0x8, 0x6c, 0x8}, @broadcast, @broadcast, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x4, 0x0, 0x1000000, 0x1ff}, @local, @rand_addr=0x64010100, 0xffffff00, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x5616, 0x3, 0x2, 0x7}, @multicast2, @loopback, 0xff000000}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x44c, 0x1, 0x6, 0x3, 0x7}, @private=0xa010102, @empty, 0xffffff00}}]}, {0xee, 0x6, "a6cba1770ec851aee91d1eb7af780dd8a49545b00d4dbb5e3f023563f16966b4ebd012d74841a3a424c3b62c567a6cf66e364583ce6fd74c7b979681e9fd4e5791fef367beef2d44aa4d86b612a8564206c1ad04471004e9c0e2d390e63b925f86b72190f824bcc6629d908db30c6e57452f95ce69bb55679191039666f9789d7dc05b0b8846f13cd9fd493e8f08005349c8ffc369d02a03abf41fd762a290974353fed432aeebbb619dcf7bf4dc4a357ca1e6db37008e020d864980e9a5f199e8932cffa00c50ec3f8da5cdfb2b049c541ec714f8b7ac39072e99205230522d9f22f93c5a4fd949e093"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_nat={0x128, 0x1c, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x5, 0x20000000, 0xc, 0x6}, @multicast1, @dev={0xac, 0x14, 0x14, 0x39}}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0x4, 0x3, 0x9, 0x7}, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101, 0x0, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x7, 0x10000, 0x8, 0xfffffffd, 0x800}, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102, 0xffffff00, 0x1}}]}, {0x87, 0x6, "5617fe26b77ca0d81a5152ae736769cfe91aca61fe6ead0929bff1852b13453154423d0b4af17a1a03073279e23aa2494f005e995eb5930603f42ea62f8cef4ffdfee801f498738a57b1604ecb6ecb30245a9665264a69eddf64a6f78920b42d4e0561a688ee4345f549eceabca9c7a7ad4900eeb299a2bb131077848aea0c465b228c"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, {0xb8, 0x1, [@m_nat={0xb4, 0x6, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0xffff, 0x7, 0x7, 0x9fae, 0x4}, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0xffffffff}}]}, {0x62, 0x6, "7a2e2fda17300be0479b880d8df1fdd89bac615357d6c4d17add9eca90d9bda88f2a4ee29950b7cf120a7eefafc125f3c8ab3cfeb50a7d08ba85ef7c165c57ed312a21531daa9b4a8678b76c51350b62fb68daa96f503870cf8c0bc4efde"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, {0x11c4, 0x1, [@m_police={0x11c0, 0x1, 0x0, 0x0, {{0xb}, {0x114c, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x7, 0xfffffffffffffff4, 0xb, 0x3ef, 0x7ad0, {0x50, 0x0, 0x6, 0x5, 0x1, 0xfffffffe}, {0xf9, 0x2, 0x5, 0x1, 0x5, 0x5}, 0x9, 0x6, 0xfffffffb}}, @TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x2, 0xc, 0x2, 0xacb, 0x200, 0x140000, 0x80000000, 0x100, 0x0, 0xfff, 0x91, 0x40, 0xfff, 0x800, 0x4, 0xb07d, 0x8001, 0xbdaf, 0x24b, 0x0, 0x2, 0x3, 0xc5, 0x61, 0x1d3, 0xd2, 0x0, 0x40, 0x2596, 0x6, 0x4, 0x5, 0x5, 0xf, 0x5, 0x4, 0x80, 0x1, 0xd, 0xc6, 0x53e4c43f, 0xb777, 0xfffffffb, 0x7, 0x8f, 0xfc, 0x8, 0x400, 0x8ae, 0x1ec, 0x101, 0xf12c, 0xd, 0xc368, 0x0, 0x77, 0xfff, 0x5, 0x2, 0x777, 0x9, 0x7, 0x5, 0x5, 0x6, 0x2, 0x3, 0x7, 0x80, 0x800, 0x4, 0x0, 0x0, 0x0, 0xf8ce, 0x400, 0x0, 0x50d, 0xd89, 0x4, 0x3, 0x2, 0x200, 0xff, 0xe44, 0x0, 0x57d, 0x101, 0x6, 0x0, 0xc, 0x3, 0x8, 0x9, 0x9, 0x6, 0x9, 0x2, 0x74, 0x8, 0x3, 0x2, 0x7, 0x1, 0x7, 0x1, 0xfffffffa, 0xece0, 0x6, 0x1c000, 0x6e1, 0x1, 0x0, 0x7, 0x8d27, 0x7, 0x5, 0x10, 0x4, 0x1, 0x5, 0x9, 0xfff, 0x7f96, 0x4, 0x9, 0xfffffffa, 0xe0a, 0xf, 0x9, 0x4, 0x909, 0xd, 0x4, 0x10, 0x80, 0x7, 0x58, 0x0, 0x1, 0x6, 0x3, 0x3ff, 0x5, 0x55bd, 0x5, 0x3, 0x15b, 0x1, 0x6, 0x7, 0x2, 0x0, 0x0, 0x7, 0x4, 0x400, 0xfffffff3, 0x6, 0xfffffffb, 0x5, 0x40, 0x6, 0x8, 0x5, 0x44b906fc, 0x2, 0x8, 0x7, 0x8001, 0xfffffb05, 0xfffff001, 0x2, 0x5, 0x1, 0x6, 0xbab, 0x9, 0x5, 0xb, 0x9, 0xa1c2, 0x81, 0x1, 0x2df7, 0x8, 0x200, 0xffff, 0xca, 0x7, 0x0, 0x13df, 0x8, 0x2, 0x6, 0x7fff, 0x7ff, 0x9, 0x80000000, 0x4, 0xca44, 0x0, 0x6, 0xffffb22d, 0x2, 0x81, 0xf, 0x10, 0x1ff, 0x2, 0x6, 0x3ff, 0xb, 0xb10, 0x4, 0x1, 0x81, 0x1ff, 0x3, 0x5, 0x8001, 0x3, 0xd3, 0x8, 0x2, 0x80000001, 0x4, 0x3, 0x5, 0x9, 0x1, 0x6e2, 0x5, 0x5, 0xb235, 0x3ff, 0x3, 0x2, 0x16, 0xc9a, 0x5de5, 0x5, 0x1, 0x4, 0x7, 0x0, 0x2, 0x4, 0x4f55badc, 0x1, 0x9, 0x4, 0xe, 0xfffffff7, 0x10001]}], [@TCA_POLICE_AVRATE={0x8, 0x4, 0x2}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x2}, @TCA_POLICE_TBF={0x3c, 0x1, {0x596d, 0x3, 0xef8, 0x4, 0x9, {0x7, 0x0, 0x6e7, 0xe, 0x1, 0x18d}, {0xf2, 0x2, 0x8, 0x0, 0x4, 0x819}, 0xfffffffc, 0x4, 0xe}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x7, 0x1c5f, 0x7fffffff, 0x6, 0x688c, 0x1, 0xbf, 0x6, 0x90d, 0x3, 0x8, 0x1ff, 0x1, 0x1, 0x4, 0xf, 0x3, 0x4, 0xa99f, 0x6, 0x1, 0x0, 0x3, 0x6, 0x80, 0x3, 0x7fffffff, 0x9, 0x0, 0x2, 0x3, 0x1, 0x6, 0x9, 0x7, 0x9000000, 0x2, 0x400, 0x7, 0x2, 0xa, 0x9, 0xffffaf32, 0xb8, 0x40, 0x9, 0x7, 0x80000000, 0x8399, 0xfa2, 0x1, 0x8, 0x3a5f, 0xfffff3eb, 0x2000200, 0x80000000, 0xffffc86b, 0x1, 0x7, 0x2, 0x38, 0xc6, 0x8, 0x6, 0x2, 0x6, 0xac8, 0xa, 0x6, 0x8, 0x3, 0x3, 0xd, 0x1, 0x8, 0x3, 0x3, 0x1da9cc6, 0x2, 0xd, 0xffffff4e, 0x7f, 0x4, 0x8, 0x2, 0x8b9, 0xfffffbca, 0xc6d6, 0x4, 0x80000000, 0x7, 0x60, 0x9, 0x9, 0xc, 0x80000000, 0x2c7a, 0x2, 0x6, 0x0, 0x80000000, 0x80, 0xc30, 0x8, 0x9, 0x7, 0x6, 0x5, 0x34e5f7cc, 0x10, 0x8, 0x7, 0x4, 0xfffffff9, 0x260, 0xfffffffc, 0x9, 0x76, 0xdca0, 0x6, 0xffffffab, 0x9, 0x8, 0x2, 0x80000000, 0x6, 0x10, 0x8000, 0x5, 0x1, 0x6, 0xf7f0, 0x8, 0x3, 0x4, 0x7fffffff, 0x6, 0x4, 0x7, 0x3, 0x0, 0xda2, 0x6, 0x9, 0x6, 0x0, 0xffffffff, 0x0, 0x8, 0x7fff, 0x8, 0x3, 0xb7, 0xff, 0x6, 0x9, 0x4, 0x3, 0x5, 0x6, 0x40, 0xffff, 0x0, 0xd0f4, 0x5, 0x34c, 0x2, 0x4, 0xc25e830, 0x3, 0x0, 0x5, 0xffff, 0x6, 0xf, 0x80000001, 0x1ff, 0x3, 0x355, 0x0, 0x1ff, 0x7c, 0xc, 0x800, 0x3ff, 0x7, 0x3, 0xa, 0x1, 0x7, 0x8, 0x0, 0xffff, 0x3, 0x8000, 0x5, 0x3ff, 0x3ff, 0x1, 0x10, 0x0, 0x63c1f5d8, 0x10, 0x1, 0x8, 0x1, 0x5, 0x7, 0x3, 0x0, 0xb3, 0x9eb, 0x2ba, 0x6, 0xf3f, 0x8, 0x7f0000, 0x1, 0xfff, 0x0, 0x6, 0x7f, 0x8, 0x3, 0xfffffffa, 0xffff, 0x4, 0x0, 0x5, 0x3, 0xfffffff7, 0xa5, 0x1ff, 0x5, 0x3, 0xf, 0x4, 0x1, 0x4, 0x9, 0x3, 0x8, 0xf, 0x3ff, 0x3, 0x68, 0xfffffffe, 0x6, 0x1000, 0xf21, 0x0, 0x0, 0x10000, 0x4, 0x88]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x10001}], [@TCA_POLICE_RATE64={0xc, 0x8, 0x4}, @TCA_POLICE_RATE64={0xc, 0x8, 0x9}, @TCA_POLICE_RATE={0x404, 0x2, [0x666, 0xe, 0x8000, 0x20000, 0x3ff, 0x3, 0x2, 0xfffffffc, 0x6, 0x7, 0x0, 0x5, 0xfffffffc, 0x7, 0x81, 0x6, 0x9, 0x9, 0x5, 0x7fff, 0x5, 0x2, 0xffff, 0xa, 0x5, 0x9, 0x80000001, 0x3, 0xffffa50b, 0xac66, 0xa, 0x5d, 0x4, 0x280000, 0x8, 0x81, 0x4, 0x8d, 0x43f0, 0xc000000, 0x5, 0x1, 0x1, 0x6, 0xd, 0x3, 0x1, 0x2, 0x5, 0x7, 0x7, 0x5, 0x8, 0x4, 0x8, 0x7, 0x8, 0x100, 0x9, 0x5, 0xffffffff, 0x9, 0xceff, 0x1, 0x8001, 0x2, 0x8, 0x5, 0x8, 0x5, 0x6, 0x6c67, 0x8ca, 0x300000, 0x2, 0x3, 0x0, 0x3, 0xff, 0x7, 0x1, 0x3, 0x9, 0x3b76f53a, 0xd, 0xe, 0x7, 0x4, 0xfffffc00, 0x80, 0x3, 0x9, 0xff, 0x6, 0x2, 0x0, 0xc4, 0x8, 0x6, 0x7, 0x20a, 0x8, 0xf8000000, 0x3, 0xa583, 0x4, 0x3, 0x23, 0x7ff, 0xfffffff8, 0x8, 0x2, 0x1, 0x1e, 0xff, 0x6, 0x3ff, 0x5, 0xffff, 0x7, 0x0, 0x4, 0x3, 0x1, 0x80000001, 0x81c8, 0x101, 0x0, 0x2, 0x6, 0x1, 0x1ff, 0x3, 0x2, 0x3, 0xd2e, 0x6, 0x4, 0x9, 0xb, 0xfffffffb, 0x3, 0x7, 0xb74f, 0x5, 0xd, 0x2, 0x0, 0x7, 0x1, 0x7ff, 0x9, 0x4, 0x2573, 0x6, 0x5, 0x9, 0x1f, 0x0, 0x25, 0xffffffff, 0x401, 0x8, 0x7, 0x6, 0x4, 0x0, 0x8, 0x5, 0x2, 0x6, 0x81, 0x8, 0x2, 0xb, 0xffffffff, 0x5, 0x748, 0x1, 0x2, 0x140000, 0x3, 0x9, 0x29, 0x84d, 0xd, 0x399b, 0xffffffff, 0x3, 0x7ff, 0x3, 0x8, 0x9, 0x0, 0xffff, 0x813a, 0x0, 0x5, 0x3ff, 0x1, 0x0, 0xc0, 0x2, 0x1d, 0x1, 0xcdc, 0x9, 0x40, 0xffffffff, 0x1, 0xff, 0x8, 0x6, 0xed6f, 0xcc69, 0xffff17a9, 0x7, 0x8000, 0x7, 0x8, 0x81, 0x7ff, 0x6066, 0x8001, 0x63bd, 0x8, 0x2, 0x3, 0x7, 0x9, 0x10000, 0x4, 0x0, 0x0, 0x100, 0x5, 0x40000, 0x0, 0x4, 0x0, 0x1000, 0x0, 0x7, 0x75, 0x95da, 0x9, 0x5, 0x2, 0x3, 0xc, 0x1b2, 0x7, 0xfffffff7, 0x200, 0x5, 0x100]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xd, 0xfffffffffffffff4, 0xfffffff6, 0x5, 0x5, {0x9, 0x2, 0x300, 0xfffb, 0x8, 0x1}, {0xf, 0x0, 0x1, 0x560, 0x4, 0x1}, 0x6, 0x400000, 0x1}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3}, @TCA_POLICE_RESULT={0x8, 0x5, 0x6}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x9}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xf193}], [@TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x96, 0xd9, 0x1a0, 0x1ff, 0x0, 0x81, 0x4, 0xfffffff8, 0x2, 0x8, 0x4, 0x1000, 0x1, 0x7, 0x40, 0x140000, 0x6, 0x7174, 0x8, 0x40, 0x1, 0x2, 0x0, 0xff9, 0x10000, 0xfffffff5, 0x5, 0x3f8e1e7, 0x9, 0x7, 0x3, 0xfffffc00, 0xa0, 0x80, 0x8, 0x8, 0x3fe07b3c, 0x0, 0x1, 0x6, 0xfff, 0x5, 0x4, 0x5, 0x3, 0x5e9, 0xffffffff, 0x8, 0x8001, 0x0, 0x101, 0x0, 0x2b22, 0x262a, 0x6, 0x7, 0x8, 0x7, 0x7, 0x8, 0x9, 0x2000000, 0x800, 0x1, 0x3, 0x3, 0x9, 0x7, 0x5, 0xe03, 0x2, 0x1ff, 0x800, 0x9, 0xffff, 0x7fff, 0x10001, 0x3, 0x5, 0x401, 0x9, 0x0, 0xb0ef, 0x4, 0x53bc, 0x7, 0xfffffe64, 0x0, 0x7, 0x1, 0xd328, 0x7fff, 0x4268, 0xfffffeff, 0x8, 0x1, 0x8, 0xb, 0x56, 0xfffffff0, 0x7, 0xf, 0x9, 0x643, 0x1ff, 0x9, 0x10, 0x10000, 0xe72c, 0x4, 0x7fff, 0x4, 0x0, 0xfffffffb, 0x4, 0x4, 0x5, 0x7fff, 0x100, 0x9c1f, 0x9, 0x4, 0x1, 0x5, 0x7, 0xffff0001, 0x5d2a, 0x8, 0x0, 0xffffffff, 0x6, 0x0, 0x4, 0x9, 0x80000000, 0x4, 0x9, 0x9, 0x3ff, 0x7, 0x2, 0x9, 0x6, 0x8, 0x7, 0x4, 0x1, 0xff, 0x3, 0x4, 0x6, 0x4, 0x23, 0xff, 0x2d5, 0x8000, 0x5, 0x6, 0x80000000, 0x3, 0x1, 0x3, 0x4, 0xfffffffe, 0x9, 0x7f, 0x9b5, 0x5, 0x8d1, 0x9, 0x9, 0x3, 0x8, 0x0, 0x10001, 0x5, 0x4, 0x7fffffff, 0x7, 0x5, 0x4, 0xd, 0x8, 0x101, 0x6, 0xb, 0xfffffff7, 0x9, 0x1d, 0x2, 0x9, 0x10b, 0x7fff, 0xa, 0x5, 0x4, 0x7fff, 0x1, 0x0, 0x0, 0x7f, 0x3, 0x50f, 0xb31, 0x7, 0x8b, 0x4, 0x80000001, 0x0, 0x70d, 0x6, 0x401, 0x1ff, 0x1, 0x1, 0x6, 0x80000000, 0x4, 0xb25, 0x80000001, 0x200, 0xfffffffe, 0x1ff, 0x9, 0x7, 0x7ff, 0x80, 0x2, 0x4, 0x800, 0x7, 0x5, 0x10, 0x2, 0x6, 0x401, 0x3e, 0x7, 0x200, 0xa, 0x4, 0x1000, 0x3ccf7628, 0x9, 0x30000000, 0x92, 0x7, 0x3, 0x2, 0x1, 0x1, 0xf8b4, 0x6, 0x9, 0xb128, 0x7fffffff]}, @TCA_POLICE_RATE64={0xc, 0x8, 0x2}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x1}]]}, {0x4a, 0x6, "b393a4007956e433df3918a441ad008eaa00ef464ff3ff945516ab9e43c9ad48549b71499eeadbeebe87e5e3fc4139ea74d91015f4396243dba133874a6f39bb8d7709fc1a58"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}]}, {0x4a8, 0x1, [@m_connmark={0x19c, 0x14, 0x0, 0x0, {{0xd}, {0x100, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x4, 0x433a, 0x0, 0x0, 0x67d33a53}, 0x3db}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8, 0x5ac, 0x7, 0x2, 0x5}, 0x6}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xc, 0x2, 0x2, 0x80, 0x9}, 0x3}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x6, 0x7, 0xfffffffc, 0xf57}, 0x9}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9, 0x421, 0x20000000, 0x1, 0x4490fbba}, 0x5670}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xf5, 0xffffffffffffffff, 0x5c4ab4a, 0x9}, 0x5}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8f, 0x10, 0x1, 0x33, 0xb55}, 0x7}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x101, 0x9a, 0x7, 0x8, 0x2}, 0x9}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x9da, 0x7, 0xfffffffc, 0x3}, 0x101}}]}, {0x6f, 0x6, "eff0fbc3cf6a354f9b410a6a8087d2c0d135776c7430d57f0e476ae10f4a3ba731eb1341a92b3121bfeabf354d9983320933015bed7353a13752239af12613d138e3ddfc236e085d376e576a3951d6be2fb45d6db2801002c60f155110887dbfcd124562b677c3b3b1ad7a"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_xt={0x1a4, 0xe, 0x0, 0x0, {{0x7}, {0x90, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'raw\x00'}, @TCA_IPT_HOOK={0x8, 0x2, 0x2}, @TCA_IPT_TABLE={0x24, 0x1, 'filter\x00'}, @TCA_IPT_HOOK={0x8}, @TCA_IPT_HOOK={0x8, 0x2, 0x2}, @TCA_IPT_TABLE={0x24, 0x1, 'security\x00'}, @TCA_IPT_INDEX={0x8, 0x3, 0x2}]}, {0xee, 0x6, "390ab60ef5d125d23170ae746fe8c17297de5de91a155e17ff99ab0e19384670495c006d61265cf34b638a76c9e415837cf14f94d2ad241df38aed8cf7843c3610e834b5fc732c6c0271199641cc09773be0f974b44ec0507801492e10c0e78ee6846cc1dcf8b8e0f1529a6a2d05c0acd78b5d16a85552a49a39803049ec49d8a9ada190f663fee6558f04b6034aeea95ad2055d2ed17ea37582116d040a73c782cbd40c43c28086022d920a71c0a2a7d9a57891154ee40f3dda4441f42c508967580983a326c53cfff8a818c2dacd0c9d499b8743162b656f4f5ce3d290b1887b1a2e6f3fc6c1a5b4a0"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_ife={0x164, 0xe, 0x0, 0x0, {{0x8}, {0xd0, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0x34, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0x3}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x1}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0x3507}, @IFE_META_TCINDEX={0x4, 0x5, @void}]}, @TCA_IFE_SMAC={0xa, 0x4, @random="c8f6437dedc6"}, @TCA_IFE_DMAC={0xa, 0x3, @random="1b54853e633b"}, @TCA_IFE_METALST={0x24, 0x6, [@IFE_META_PRIO={0x8, 0x3, @val=0x1}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0x1}]}, @TCA_IFE_METALST={0x18, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_TCINDEX={0x6, 0x5, @val=0x7}]}, @TCA_IFE_TYPE={0x6, 0x5, 0x8}, @TCA_IFE_METALST={0x30, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_SKBMARK={0x8}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0xba}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x401}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0x1}]}, @TCA_IFE_SMAC={0xa}]}, {0x6e, 0x6, "c0340ec37d6d112c9422f279f64cb63301dfed34cb44d7beef605132a5795766d40d5cd9e11c0aa19361474cc8270a18c8863ea2f50f843c0eb9e4cf9c38e668b572022e3dde7abf6f3d5aeee5ef2823fe5fbe13d8c17473244ba98480ac536033ce5505205bbc903924"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x211c}, 0x1, 0x0, 0x0, 0x4044890}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r3, 0x11c, 0x4, 0x0, &(0x7f0000000000)=0x42)
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000300)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20)
r5 = socket$inet_sctp(0x2, 0x400000000001, 0x84)
sendto$inet(r5, &(0x7f0000000800)='u', 0x1, 0x801, &(0x7f0000000040)={0x2, 0x4e23, @private=0xa010100}, 0x10)
recvmmsg(r5, &(0x7f0000005700)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x20, 0x0)
listen(r5, 0xda8c)
accept4(r5, 0x0, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)

1m53.397591034s ago: executing program 1 (id=1007):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5})
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
listen(r3, 0xda90)

1m51.296650348s ago: executing program 1 (id=1012):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000006000000080000000c"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) (fail_nth: 24)

1m51.237354714s ago: executing program 1 (id=1013):
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0xa2602, 0x0)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000040)="01bb", 0x2}, {&(0x7f00000003c0)="bd", 0x1}], 0x2)
r1 = socket(0x11, 0x2, 0x0)
setsockopt(r1, 0x107, 0x1, &(0x7f00000001c0)="110000000200060000071a80010061cc", 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x891c, &(0x7f0000000540)={'pim6reg\x00', {0x2, 0x4e22, @rand_addr=0x64010100}})
close(0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee6, 0x8031, 0xffffffffffffffff, 0x85494000)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0xaae7, 0x180000)
ioctl$EVIOCGID(r2, 0x80084502, &(0x7f0000000180)=""/129)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r3 = openat$ipvs(0xffffff9c, 0x0, 0x2, 0x0)
madvise(&(0x7f0000408000/0x1000)=nil, 0x1000, 0x4)
ioctl$FIDEDUPERANGE(r3, 0xc0189436, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200)
shmget$private(0x0, 0x1000, 0x20, &(0x7f0000882000/0x1000)=nil)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
sched_setscheduler(0x0, 0x6, &(0x7f0000001040)=0x61ff)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

1m50.906362876s ago: executing program 1 (id=1015):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x40004)
recvmmsg(r3, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000040)=""/55, 0x37}, {&(0x7f0000000540)=""/189, 0xbd}, {&(0x7f0000001ac0)=""/4096, 0x1000}, {&(0x7f0000000940)=""/74, 0x4a}], 0x4}, 0x5d}], 0x1b00, 0x10022, 0x0)

1m35.856883799s ago: executing program 32 (id=1015):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x40004)
recvmmsg(r3, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000040)=""/55, 0x37}, {&(0x7f0000000540)=""/189, 0xbd}, {&(0x7f0000001ac0)=""/4096, 0x1000}, {&(0x7f0000000940)=""/74, 0x4a}], 0x4}, 0x5d}], 0x1b00, 0x10022, 0x0)

6.715380497s ago: executing program 2 (id=1458):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0x8, 0x1, 'LED\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e"], 0x0, 0x37, 0x0, 0x1}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000180)="440f20c03505000000440f22c0f26df20f38f17a64b805000000b9e10d00000f01d9d8dd0f01728eb8010000000f01d94c0fc71d000000003ef245dbed410fc7f7", 0x41}], 0x1, 0x72, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fd, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x6e, 0x0, 0x0, 0x20, 0x13, 0x7, 0x106c, 0x8, 0x8000000000000, 0x8000000400007f, 0x0, 0x6, 0x0, 0x204, 0x0, 0x8001], 0xeeee0000, 0x2c0290})
open(&(0x7f00000000c0)='./file0\x00', 0x108843, 0x190)
ioctl$KVM_RUN(r2, 0xae80, 0xffff0000)

6.345703907s ago: executing program 2 (id=1460):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x5, 0x1, 0x9, 0x2, 0x0, 0x1, 0x1}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x7, 0x4, 0x8000004, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xf0ffffffffffff}, 0x48)

6.345432717s ago: executing program 2 (id=1461):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_open_procfs(0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r1, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x68, r3, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x68}, 0x1, 0x0, 0x0, 0x4040094}, 0x4000)
ioctl$PPPIOCGIDLE(r1, 0x8008743f, &(0x7f00000001c0))
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r4=>0x0})
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="c4000000120005010000000001eddf25a8000700fe8000000000000000000000000000aa640101010000000000000000010000004e2300074e22007f0a0020802b000000", @ANYRES32=r4, @ANYRES32=0x0, @ANYBLOB="09000000000000000f0000000000000005000000000000001500000000000000030000000000000000000000000000000004000000000000f50000000000000009000000000000000900000000000000e50000000000000000000000000000000c000000b96b6e00010003010c000f000004000000000000"], 0xc4}, 0x1, 0x0, 0x0, 0x4000}, 0x20040810)

6.235800015s ago: executing program 2 (id=1462):
syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3}, {}, {0xeda7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0x3f8, 0x0, 0x0, 0x2004cb, 0x3, 0x0, 0xfffffffffffffff8, 0x0, 0x9, 0x2000000000003ff, 0x2], 0x2000, 0x200206})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x80100)

5.606404069s ago: executing program 2 (id=1467):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
inotify_add_watch(r1, 0x0, 0x40)
ioctl$HIDIOCINITREPORT(r1, 0x4805, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x7fa962bfffff, 0x12, r0, 0x0)
munmap(&(0x7f0000ff9000/0x2000)=nil, 0x2000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xd)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000000c0)=0xfd)
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000100))
r3 = syz_open_dev$vim2m(&(0x7f0000000140), 0x200000001003, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
mremap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x2000, 0x0, &(0x7f0000ff8000/0x2000)=nil)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'dummy0\x00', 0x1000})
write$sysctl(r4, &(0x7f0000000580)='1\x00', 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12011900000000406a0563000000000000010902"], 0x0)
write$sysctl(r4, &(0x7f00000000c0)='2\x00', 0x2)

2.301320549s ago: executing program 4 (id=1477):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = fsopen(&(0x7f0000000240)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchdir(r2)
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
lseek(r3, 0x3, 0x1)
syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000280)={'wpan1\x00', <r5=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x38, r4, 0x4, 0x70bd2a, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x80000001}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x8050)
r6 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x40440, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_MCAST_LEAVE_GROUP(r7, 0x29, 0x2d, &(0x7f0000000180)={0x5, {{0xa, 0x4e23, 0xae, @private1={0xfc, 0x1, '\x00', 0x1}, 0x80000000}}}, 0x84)
r8 = socket$inet6_sctp(0xa, 0x801, 0x84)
socket(0x2, 0x80805, 0x0)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r9, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000200)={<r10=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
r11 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xf)
ioctl$KVM_SET_IRQCHIP(r11, 0x8208ae63, &(0x7f0000000680)={0x2, 0x0, @pic={0x1, 0x1, 0x81, 0x4, 0x5, 0x5, 0xc, 0x14, 0x6, 0x8, 0x10, 0x6, 0x3, 0x3, 0x2, 0x3}})
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r9, 0x84, 0x7a, &(0x7f0000000340)={r10, @in6={{0xa, 0x3, 0x4, @remote, 0x100000}}}, &(0x7f0000000040)=0x84)
setsockopt(r8, 0x84, 0x82, &(0x7f0000000080)="1a4f30d089f5bd5b", 0x8)
ioctl$TCXONC(r6, 0x540a, 0x0)
close(0x3)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SIGNAL_MSI(r13, 0x4020aea5, &(0x7f0000000040)={0x3000, 0x3000, 0x0, 0x1, 0x9})

2.062147102s ago: executing program 4 (id=1478):
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000100))
close(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_request}}}}, 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$VIDIOC_OVERLAY(0xffffffffffffffff, 0x4004560e, &(0x7f0000000040)=0x6)
r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
close_range(r2, r3, 0x0)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f00000000c0)={0x1, 0xfffffffe}, 0x8)
shutdown(r1, 0x0)

2.002015829s ago: executing program 4 (id=1479):
r0 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r0, 0x8008f512, &(0x7f0000000000))
socket$nl_route(0x10, 0x3, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
semget$private(0x0, 0x6, 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r1, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc60, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd5, 0x0, 0x7, 0x0, 0xebc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x100003, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9ef, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0xffffffff, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x934a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r1, 0x7b1, &(0x7f0000000080)={0x0, 0x1})
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f0000000000)={0x6, 0x3})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000002bc0)={0x0, 0x0, &(0x7f0000002b80)={&(0x7f0000000380)=ANY=[@ANYBLOB="340000001100010027bd7000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="c000000000140000140035f177673200000000000000000000000000280bc242042ec9fc052307ae10bc1f82e6a7207093b74d827e18809701c696e41b4e03fef01ff7d677e055422e5c6d77a0be143a685759458d49f9c373be41de4ca4e3ca8a43f4359979387dc29fa3bf83c37e95c9f3"], 0x34}, 0x1, 0x0, 0x0, 0x40000100}, 0x40004)
r3 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @empty, 0x1}, 0x1c)
listen(r3, 0x50)
r4 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e60, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r5 = syz_open_dev$usbmon(&(0x7f0000000080), 0x7, 0x100)
ioctl$MON_IOCX_GET(r5, 0x400c9206, &(0x7f0000000340)={0x0, 0x0})
preadv(r5, &(0x7f0000000040)=[{&(0x7f0000000000)=""/23, 0x17}], 0x1, 0x100, 0x2)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x205, 0x8401)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180), 0x8001, 0x0)
openat$procfs(0xffffff9c, &(0x7f00000001c0)='/proc/consoles\x00', 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)

1.391706704s ago: executing program 3 (id=1480):
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) (async, rerun: 64)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 64)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000c080}, 0x4040848)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) (async)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x80200, 0x0) (async)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, 0x0, 0x0) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x800, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x400001, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x4) (async)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) (async)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) (async)
bpf$LINK_DETACH(0x22, 0x0, 0x0) (async)
r2 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10) (async)
connect$inet(r2, &(0x7f0000000100)={0x2, 0x4e22, @multicast2}, 0x10) (async, rerun: 64)
sendmmsg$inet(r2, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}, 0x700}], 0x40000cf, 0x0) (async, rerun: 64)
setsockopt$MRT_DEL_VIF(0xffffffffffffffff, 0x0, 0xcb, &(0x7f00000020c0)={0x1, 0x8, 0xf, 0x7, @vifc_lcl_addr=@broadcast, @rand_addr=0x64010102}, 0x10) (async, rerun: 64)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) (rerun: 64)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async, rerun: 32)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x29, 0x0, 0x0) (rerun: 32)

1.311829152s ago: executing program 3 (id=1481):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000400)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x9, 0x21, 0x0, @rand_addr=0x64010102, @broadcast}, @redirect={0x5, 0x0, 0x0, @private=0xa010101, {0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x700, 0x0, 0x0, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x22}, {[@rr={0x7, 0x3}]}}}}}}}, 0x0)

1.311407594s ago: executing program 3 (id=1482):
openat$rdma_cm(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140), 0x180, 0x0)
unshare(0x22020400)
unshare(0x20000380)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15})
io_setup(0x4e6, &(0x7f0000004200)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0xfffe, r0, 0x0}])
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0x15b0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x1, 0x800}, 0x0, &(0x7f0000000240)={0x1f, 0x3}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
openat$rdma_cm(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140), 0x180, 0x0) (async)
unshare(0x22020400) (async)
unshare(0x20000380) (async)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) (async)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000009c0)={{}, 'syz0\x00', 0x15}) (async)
io_setup(0x4e6, &(0x7f0000004200)) (async)
io_submit(r1, 0x1, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0xfffe, r0, 0x0}]) (async)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) (async)
write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[], 0x15b0) (async)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x1, 0x800}, 0x0, &(0x7f0000000240)={0x1f, 0x3}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) (async)

1.131607057s ago: executing program 4 (id=1483):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3a)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = openat$vmci(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r2, 0x7a6, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, 0x0, 0x0)

1.131354833s ago: executing program 3 (id=1484):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000340)={0x400, 0x300, 0x578, 0x40, 0x1000, 0x0, 0xd968d5b908ac0cde, 0x0, {0x0, 0x8, 0xfffffffe}, {0x350, 0x0, 0xfffffffd}, {0x3, 0x3e00}, {0x0, 0x0, 0xffe}, 0x1, 0x100, 0x0, 0xd614, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, 0x4, 0x0, 0xb})

1.13098146s ago: executing program 4 (id=1485):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000800"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0x7000000)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x7, <r2=>0x0}, 0x8)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0), 0x8)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/rcu_normal', 0x88102, 0x0)
write$cgroup_int(r4, &(0x7f0000000040)=0x700, 0xfdef)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000000314230c2abd7000ff05df250900020073797a310000000008004100727865001400330073797a5f74756e"], 0x38}, 0x1, 0x0, 0x0, 0x48844}, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={<r6=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r7, &(0x7f0000005c80)=[{{&(0x7f00000016c0)={0x2, 0x4e23, @empty}, 0x10, 0x0}}, {{&(0x7f00000002c0)={0x2, 0x4e22, @local}, 0x10, 0x0}}], 0x2, 0x20000000)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f0000000000)={0x15, 0x110, 0xfa08, {r6, 0x0, 0x10, 0x10, 0x0, @in={0x2, 0x0, @empty}, @in={0x2, 0x0, @empty}}}, 0x118)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(0xffffffffffffffff, 0x0, 0x0)
r8 = add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="8e", 0x1, 0xffffffffffffffff)
r9 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
write$sndseq(r9, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x5}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@tick=0x5}], 0x70)
keyctl$dh_compute(0x17, &(0x7f0000000240)={r8, r8, r8}, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, 0x0, 0x0)
r10 = syz_io_uring_setup(0x5efd, &(0x7f0000000600)={0x0, 0xfadc, 0x204b, 0x2, 0x1}, &(0x7f00000003c0), &(0x7f00000005c0))
unshare(0x60400)
syz_io_uring_setup(0x3c66, &(0x7f0000000240)={0x0, 0x7b46, 0x27, 0x0, 0x0, 0x0, r10}, 0x0, 0x0)
r11 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_usb_connect$cdc_ncm(0x2, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1a, 0x4, &(0x7f0000000080)=ANY=[@ANYRES8], &(0x7f0000000000)='syzkaller\x00', 0x8b2, 0xb0, &(0x7f000000cf3d)=""/176, 0x0, 0x0, '\x00', 0x0, @tracing=0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r2}, 0x94)

1.088578403s ago: executing program 3 (id=1486):
io_setup(0x2, &(0x7f0000000040)=<r0=>0x0)
socket$tipc(0x1e, 0x2, 0x0)
io_submit(r0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
mkdir(&(0x7f0000000200)='./file1\x00', 0x5d)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$KDSKBLED(r1, 0x4b65, 0x5)
socket(0x1e, 0x4, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x8010000000000084)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374"], 0x78}}, 0x0)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0xfffffffe}}, 0x80000, 0x0, 0x0, 0x0, 0xb3550aa4ba878396, 0x0, 0x4}, 0x9c)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1400000003010101"], 0x14}}, 0x0)
recvmmsg(r5, &(0x7f0000003e00)=[{{0x0, 0x0, &(0x7f0000003d40)=[{&(0x7f0000002680)=""/17, 0x11}, {&(0x7f00000026c0)=""/4096, 0x1000}, {&(0x7f00000036c0)=""/136, 0x88}, {&(0x7f0000003780)=""/139, 0x8b}, {&(0x7f0000003840)=""/17, 0x11}, {&(0x7f0000003880)=""/171, 0xab}, {&(0x7f0000003940)=""/193, 0xc1}, {&(0x7f0000003a40)=""/242, 0xf2}, {&(0x7f0000003b40)=""/222, 0xde}, {&(0x7f0000003c40)=""/207, 0xcf}], 0xa}, 0x1c0}], 0x1, 0x40002162, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000002b00)={0x0, 0x41})
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4)

1.076021999s ago: executing program 0 (id=1487):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x8800, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x89}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x4}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x7}, @NFTA_EXTHDR_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)

1.073258866s ago: executing program 2 (id=1488):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
chdir(&(0x7f0000000300)='./file1\x00')
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000091c2f20c81403006c05010203010902"], 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x97)
syz_usb_connect(0x5, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="120110010928fc10ac0591022543010203010902120001000040000904"], 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newtaction={0xa8, 0x30, 0x1, 0x0, 0x0, {}, [{0x94, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x64, 0x1, 0x0, 0x0, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x40, 0x6, 0x8, 0x1082, 0x1ff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[], 0x38}}, 0x0)

991.411923ms ago: executing program 0 (id=1489):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000001c0)={0xffff, 0x8, 0x0, 0x79, 0x3, "5acf8f53872ebc82"})
writev(r0, &(0x7f00000024c0)=[{&(0x7f0000000480)="b9", 0x1}], 0x1)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000001540)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@xino_auto}]})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa, 0x0, 0x9}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
r1 = socket$nl_crypto(0x10, 0x3, 0x15)
fstat(r1, &(0x7f0000000100))

931.271494ms ago: executing program 0 (id=1490):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8912, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3e7000000006ee2ffca1b1f0000000004", 0x23}], 0x1}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010400000500000000000500fffe0900010073797a30000000002c000000030a01020000000000000000050000000900010073797a30000000000900030073797a300000000054000000060a010400000000000000000500000008000b40000000000900010073797a30000000002c0004802800018008000100647570001c000280080002"], 0xc8}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$FS_IOC_GETFLAGS(r0, 0x80046601, &(0x7f0000000180))
r5 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x1, 0x288}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000000)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r4, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
bind$rose(r2, &(0x7f00000001c0)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x1, @default}, 0x1c)
io_uring_enter(r5, 0x3516, 0x0, 0x4, 0x0, 0x0)

444.160439ms ago: executing program 0 (id=1491):
socket$kcm(0x2b, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
pipe2$watch_queue(&(0x7f0000001100), 0x80)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r1, &(0x7f0000000000)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r2, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48)
listen(r1, 0x80)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r3}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x84)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000600)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}})
close_range(r0, 0xffffffffffffffff, 0xfe)

361.021862ms ago: executing program 4 (id=1492):
socket$kcm(0x2b, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
pipe2$watch_queue(&(0x7f0000001100), 0x80)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r1, &(0x7f0000000000)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
r2 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
add_key$keyring(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, r2)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r3, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48)
listen(r1, 0x80)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x158, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xe, 0x7}, {}, {0x1001d, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x128, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x54, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x0, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x0, 0x2, 0x3ff}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x0, 0x2, 0x7}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x44, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffe09}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffef4, 0x1, 0xa}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x38d}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x80000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x40}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}]}]}, @TCA_FLOWER_KEY_ICMPV4_CODE, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0xa4, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xa0}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x0, 0x1, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x10}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xfe}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x2c, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x5}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x46}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE_MASK]}}]}, 0x158}, 0x1, 0x0, 0x0, 0x80}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r4}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x84)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f0000000600)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@version_9p2000}]}})
close_range(r0, 0xffffffffffffffff, 0x0)

69.71651ms ago: executing program 0 (id=1493):
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000040)=""/180, 0xb4}, {&(0x7f0000000100)=""/249, 0xf9}, {&(0x7f0000000200)=""/14, 0xe}], 0x3, 0x0, 0x0, 0x800}, 0x4040010)
write(r0, &(0x7f00000002c0)="f291d2553de39430d9358c766b343ff531cd7bd153ad277afa025d779b374e848f34370727d9b1948902050687ec18611cf52426aab0582dd4f66b7e8e317364dab71257eb2fa2386b68a9ace966a74ff6f91a34faf8bd59b1cff76a3cd1ac166e96716fe114419ffe365c38bd9bc284189bff0dac1751090dd9310a30a30de5c2e9eab94d96064f8a2723039971374ac94d9dd74d8c4075b1b6d4880690cadc524cf7caf947f92c0b22fa484c144c971d26057f3ab5bf961462af03312d75161f4d", 0xc2)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000003c0)={<r2=>r1})
setsockopt$RDS_CONG_MONITOR(r2, 0x114, 0x6, &(0x7f0000000400)=0x1, 0x4)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_open_dev$ndb(&(0x7f0000000440), 0x0, 0x40602)
getsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000480), &(0x7f00000004c0)=0x4)
r4 = openat$ndctl0(0xffffff9c, &(0x7f0000000500), 0x40000, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f00000005c0)={'syztnl0\x00', &(0x7f0000000540)={'erspan0\x00', 0x0, 0x8000, 0x8, 0x5, 0x5, {{0xb, 0x4, 0x3, 0x8, 0x2c, 0x66, 0x0, 0x4, 0x2f, 0x0, @rand_addr=0x64010100, @multicast1, {[@lsrr={0x83, 0x17, 0x15, [@empty, @private=0xa010101, @initdev={0xac, 0x1e, 0x1, 0x0}, @dev={0xac, 0x14, 0x14, 0x17}, @private=0xa010100]}]}}}}})
ioctl$sock_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000600))
ioctl$BTRFS_IOC_SNAP_DESTROY(r4, 0x5000940f, &(0x7f0000000640)={{}, "908301b73d6d2467038906637f1eea24758268567b0b6a5b9569edfede91f4b7c9b8530e600f62e06cbe2b2ff1507ec7535ce22c1cea3ded75d871c84b89c5b8b2faa883df0e68f78522f4f6726ed9a99b74244a9377f35398090f8e04d7ba3ef293bdb5e5eeeeee2170ca4fad532c94f4513bdb6c033f81642a0885ba756d74ebe917ef36bda476b541e85a6dc7dd98249b00633fd1a80cbc66c79e7c9eb50d149e87a1f0b05b057cc27761f84586d980a2f807b909301a11b0bcc6a7c8156324d04a7004e2fd6c59d500de6dc3368eb9be97a7cdee8bf94b28dd5bbfd2322d8e51bade1fe98d6b2ebd83e6aceaf6ba9dc2850a701301bde8abd536ff568184881ff375699889e0225f983adc2549e8b84152f922793ed07e711f78d361322cc473b9c58e39a62ce0ad04ed0b8aa946c0d792841990b26fc52fa815e93fe68417de83062fb55b75373f260ea09915062e64b17c0be69e33d3d76eebc06cb5d3d5a6961e93e08b3feab530150d3e8c7ad406f66db8161b640541bd38f79f1de2e78958c986566c429c97c98124c9daab30ef2b898e40ae3b6be736d28681b8d26566bca00475581704d02e71a273bc0cb7d0355ac7030dac0ef71b85b8c73c01a00bc3053d30f45143ff4c40c35bff74eae73c2f0ff5b76fb17908dc75614c323ffd280e3f245cbcc78b0d6d2e3efb2d823c26901df8620afbf2dc0767c041a2706185c3f51a62bfe8dcfd6069cf4978996cae6a3e97fc2d1486fc08c343640d7d0296a54dcc40d779a329cad14e5bfbe49d8d1a65e00647baa23444326dfb96d55fc916546414838ee9d71367ca8f9b10e39b31296887c51457e6505fcbf8a58a301beee9304ea2bcda3bee0aab902b563efc1229fe3c20a8d8b40ea701f655332815567c1af787223071ae887666703ec9b575b4c444e11a0d5f150aea828da6d8730a97f738345d5fdda9405f2b544689b14f17f7c8f121145e32485db1afa074851a48b6f12e1dd947c9d8e55b3053dbe730087cb2587c4c8506b530d0ea5d01d673edb36b6cb099d476a452fa70cd3f6068dfe83118238e298a0be34c10cb09dd174079fedfcd7353d54ded9ac14568683ecd2634736fa4a2a4287e326d49e4ddb24c3c04560314646accf9d11ecb15aa6393d9c68c0056fee89d047bea4d9e7cac03f34c35053d89e12f282899595b6a392a5521fd2e6420d769e94e17bb035905cab349aa24ad92c376a9b4b1e7dc2a3d682800cc13dc520f4f3dd7549f0f038b4bd02b1cceadc5bf995148b62cc5ac2fe72e8abcb7cb455aee6ffa7d4fc1d0e52b10397b20401cffae20f0b1f157557ff0362a0c0ccc4b9e15f63200fbdda74430a336b2a7512a6b71d4d886b696e13d31641af76fda113f68f5c742baaba46d8774be4fef46cda9d08fdb01da888b64b49ceed754e76b5af85d245fd78adf64dd380036e852ffccfec8f003e00164a51a4d260cd7e8f80c9c8aef3acc096da66fc1787773bce5660027f21c548613eca804abb5d00cf1d9cb182c101bf323e988ef968d170dc42d279932fd27732e9aa566fd4828e244f0a270cb98fade1f60538c1409d92cc489a6b361e884696e989cc6e15d3021b65606dab632b37d81770aa8ff7a6f3ca6245eab38bbf22c2a696c5218e5bf03f2f72d95e71e16f5dc0194fcb119a58edeac247d0a0b61eaf3fa4eb2d54ed307917ccba7c67ae10d453eaf3ed8e6e648ba5649a621893ef8efd1436cc3df8a5b60d16d672a0baecced5e5829eb3d27e0899ab5ce66050c6f205832cb55d95c4f5bd894521c82da4e93225becd04c363190abba23b16be888d9f65ca529214a4784482ab0779078651cac5c0c7c43e61eb1d1f2f8ba4215b3397623221af5c3f8c29a96d112501e2bf900a014705c4ea483952cc589fa4f7c5c03d2ba08b91c4198cf1173a9fe07058a6f13a345cabb7bb892de3d311001631dec87880084ae7cd1ed08d921abcc611cbad4a11de572958b8250d7f882475ee11551d034ffd06e254428d996855a6ed92e5cb8871e2348e52120562e4179802f0656b5f9e07dc56648957395c50ebbf0bdad975dfafb66ca07257f58ad570b4aad66b00bebc239570a9320fbc19842833ba26f88928d4f1bfa22b51e57d15bfcd48ce3e5a3086c3b770ab04cb5c7dc554b686b47761a794f09f885040ed92fcd835986f8dd1882cfa6a2ed24ac498fcc0a999358d17374b3f51d02362d2659a34e107603ec1ef85e19c7b93a75edba21c1eae2710a3b90a2932a72d2edd9a990ae9c8eebc443b9fe7bf3512560842fe13a3cd2f0f00b1c0e9697017789ff6baba5bd3ab01cb3b488551ccd77fe196f0a8caeffff734093e2d114faf57631e04ec4be8056edf2636e569b7ce714766b486a04e75e4c0d949b4cde5bd7bdf988087e955900af0167398791ecef291f98e182926bbfd30d424f0cfbf75c192f7c548d848ff48d1bb1bdd0e2dcb10c2bd9835556662a7a28695db5b6ccdbededc3abef8dba5448967f4748900ad3344dae5c90d13efc8b31e7185ff515bbaea0bbd6a3fe3eba1b7dacf51ab1bf00e51b1f6d7dc2326cdf26d3d8184dc47663a5396110765d72e32cd446205c470ee4fa14b7fb77fcb32acda89313e82ebe47e40e13538d40bcce59976837e547f4ad3c6cccec9b6ddb21f6d365b89ea5bc0de85e253de066f43b38906438460f91efef1c1807b1397e973b64867a4dd70f8db253e52eafc8f5c36c032e79a2274b14a12be1eed82fdca49175f99b1c24763791d26f1a250ca17a8da564acc08759dfc383f81c22da24bc2bb9fa17c4c3fdf08c3d85680a93f06d50de2f57e61ca2287b4b37292ea1746622a6340da7db5ef86a0deed4268b66fbe94dae868f4c52355cc6f207a714d977907ba0689fbe4c4db57cb5b345ca1f7a51982faed38adbca6a9178843a5c38b58248b41b99096d57f166cdd42ecd1d2f187edd6c3948850fa52874037ffff0003247cf69d67a9fe03ff6e944df5d9fbc9708209dc435e486233a5a7cbfd5b6d747a8a161bce955cedc0af02672934bf3a4c67a08a5c352069db568bfd1383768b0eb86813b7c3db848926b297db5259c8f997e4e34884cfd48d315d01020d231540f9659ec751524bd32d97e7dc3f41f5e90f0ecec4185fb66720cabed15fdad969b3bfcad3711594a6e28b656d3f7d770b40e17e43cc2176096ca33670a06310133b04452db92d309c90ff6a9848f66ca91fdcf8a8fefd564b378f3bc84d77490849a8ce1670a4bbe65458761a8c4dadfca0332548ee76be696fe481e049e2cbda0a52ba52fa30a46be1efd132fe953663f1896f74a16993174bb233a5948469976339439153673d2501701bed447867f7a905f74aaafec8e9c86ba83dce8d1a3b06715b37fe38541f9dd59ba79f034833cc35220bccf71ed4a87b358df7371c77cdfc7cc1c26f73ffec6de1d441b633df70ce2c9496137cc008de32531e0f34523ad677cf3cf310c5c27a311cdef2cc8bd467ca0e12251918a1e74eb58e5ebf3c4498f91a94f6e598cb0ec11e251363dfad4820b3f2600766376daefd46a333cf62f5ceef4ca746b46c479fb5dcd72342fad526c9df034feeab7e826862921dbc32c19f401c680a7d3ce9d005dfe6519f5315a143b46cecfb78168628564ef93dae1c7f6527f74a86bfe09db0f72ee0aecf78b4748581f567ee74c9f88960bf99a4cc072564381a62049e2afa155319347fdc3e08b4a923ac558bf16974cd80220e22f1ec0f86468434fcb85a2563969d25e3b9f8e494d16ba7e18b5f32f737c37575d5c8e14c0d7ba1eb681760f8befa4e81810522bcc1fb30245dd0e444eab0c60e35d6829a02db5456d40c5ed77fb65c0719c6179f36b67d8e778c7a437d4691e0266f6afff5b82b19108374c89b16eccef52e3afec23c14c8125484a0221c47c0ffe49f86f92e18cf48f1571faccbb4463e43bf212488016d59ace8e2282cb8899c881c2ae66d86834ac1aa688b2ccb0185b79fc2df3b47ebbb3fe0a940155f2df912594913df76dd83b595dd5a3a2f1c604b869df0b739e6613e1407322ba314a67da1c61e8667490d12fee609cf66ad650612ba7341f1305668715e6b62dd4df2bebd709f7804cb968da712ca2055237be062cdefb678b6ed023cf14da0efd046b4399900c34b891479f4695b295ce4fa77227453593de590fc9bca8022339212d46c5fe1d37b5c11a2495c3c83c6bd48e0d55b83db370c84929979027627b74f080e6baec48c1936069fc277398bc3fbe35679d49e33509717ba813069035990b79dbeeebe99f69c640ac87f92ea746595f80c57020c4b2256f08b71d7922c156b36dfe6e702327a289fa56dfc848297aebd35438854c548d91069a4dfb5c41c1aae755b9a3a0909d0434488fd5d7fd1eb7260af4b3d15daca58d9accd2fee0bbce2dd425cfec9ac3e15475a3cf0d9de8570f1b4c9f4e9a17fb50ca23c8105ed716e2d37b02bc146264ec2edbe787e81a71b9a6c179e8af3fccca050684cd488a3d7ad54af971667d4312da01d299454cc362ef0ff3815719ddaa3f30ff5541a6ebf4cd657e758dfb64fb4ff0ffe719ad78d900c375f7cc5866fd97e3ab6b89958671bdfb8c7ff56ba0630063869e1b023acefc756a6176868fdc785fcbf518cdd2f63f576899b67f800798b8efa945eb3645faa2ee2f7d780a8f5893591104af8300ad7bb58d057713e7031cdeebbf22d0a7d86547579cef46c0cfc0fecaae1f29ea2fd6e917548bd91bb7081aebaf2570970b160525c5d8e806560c0ce5d6461727b8ec81a761731e9f59551136e21cade176553ca586685104d6412b68d61fab0575f3b4d4fab5bd830297d4e16cd8d444d587fabe6f136df9ee84cdc6190eaf03f69e2e5123089ca16da7f84ad101f31c8548e95f8547beb73595321c012068254a5583845386083e46369bd5a6a2d29329ec7983db15104ab17dc4de12058582d180102f5fa7ca929f9d36e32990c1656c2586fb50193bb43d0f618a095e9bcbda312dfca815cc258e0e2e1b9d8bf5182bd336c2a97f3b2909bcf111d68cb134623258af49a20dcd5794ff2ea011043b3e61eb7ed72f0ea40f669852db3f098b942126dab805eb6e34677c3e89e487c633120bf389d034ed21483eb3f628005f82f4b66feb06856fff85b3533e35c7dc97d9b133cdd17cd5bdd378d28d9689ab4fe67964481062a8e39e8955e3c1f3ff3efb3f08618cbb57d1fef315a216c029fd79288a5b7448b689c45ccbe5d134baf7a9708cfec895366d40a5d806a02ec84255348323669c335a04a3d004582f8371eaa31e9b4ed7d2620f47f9adbd85a50f2ba98ee540013f269905adf983be2c434a68bf6e2b71d099246a7e6d670a96af6696ed79932b15b510a9a7d6cdc18adacdb2841586c00c568d646fc2887fc37da948c4bd0e7b8b1909a30bbe4f65b1f8d7292408af9fa5b103ff89c32683c236cae0e1ea77920f079505b355160e0500ff829d6047e264ce005c940c5cdac71e9cacc27209d7cda510f1839e2d6efb01702433e7f695dd035997b802c13674584c67b7abe0b880f29bbe37f55d3d6111973e15538fd13168e26937750dac22d5281394943ba77360ebe9a23b13adcb40039fed63437b9fc296a93212fcf8eda67951d2ff1c68ef8c7e7688f4b381a41e7efbbbeb746b7274866d79f0af5da57625bf9ed359d2da6a36f0b3d282015a2d09ea18a1533af0c3f45f1ebca887b5cb729c8cc80bcddf77"})
socket$kcm(0x29, 0x2, 0x0)
io_uring_setup(0x3a63, &(0x7f0000001640)={0x0, 0x568, 0x4, 0x1, 0x65, 0x0, r4})
getpeername$packet(r2, &(0x7f00000016c0), &(0x7f0000001700)=0x14)
ioctl$SIOCX25CALLACCPTAPPRV(r2, 0x89e8)
r5 = openat$kvm(0xffffff9c, &(0x7f0000001740), 0x40, 0x0)
fallocate(r5, 0x3e, 0xfe, 0x8)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x11, r4, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x80, &(0x7f0000001780), 0x0, 0x4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$bt_hci(r4, &(0x7f00000017c0)={0x1f, 0x2, 0x3}, 0x6)
flock(r3, 0xc)
r8 = openat$ppp(0xffffff9c, &(0x7f0000001800), 0x80, 0x0)
shutdown(r7, 0x1)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001840)={0xffffffffffffffff, 0x4, 0x8}, 0xc)
ioctl$FICLONE(r8, 0x40049409, r9)
r10 = syz_open_dev$sndctrl(&(0x7f0000001880), 0xfffffe01, 0x20500)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r10, 0xc1105518, &(0x7f0000001ac0)={{0x8, 0x1, 0x1, 0x2, 'syz0\x00', 0x80000001}, 0x1, 0x40, 0x8, 0x0, 0x2, 0x8, 'syz1\x00', &(0x7f0000001a80)=['\x00', '{%\x00'], 0x4})

393.843µs ago: executing program 3 (id=1494):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000000300)={@void, @void, @eth={@multicast, @random="fdb065f649d1", @val={@val={0x88a8, 0x1, 0x1, 0x1}}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x2, 0x14, 0x68, 0x1800, 0x9, 0x6c, 0x0, @private=0xa010101, @multicast1}}}}}}, 0x2a)

0s ago: executing program 0 (id=1495):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r3 = openat$comedi(0xffffff9c, &(0x7f00000000c0)='/dev/comedi0\x00', 0x8100, 0x0)
ioctl$COMEDI_INSNLIST(r3, 0x8008640b, &(0x7f0000000200)={0x2, &(0x7f0000000280)=[{0x4000000, 0xf00, 0x0, 0x0, 0x1}, {0xe000003, 0x0, 0x0, 0x40000000, 0x2}]})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x4e20, @empty}, 0x10)
r7 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r7, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r7, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r5, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48050}, 0x0)
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1, 0x8}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000c40)=@newtfilter={0x50, 0x2c, 0xd27, 0xf0bd26, 0x25dfdbff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff3}, {}, {0x10, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x20, 0x2, [@TCA_FLOW_EMATCHES={0x1c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x401}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xc, 0x1, 0x0, 0x0, {{0xe6a7, 0x104}}}]}]}]}}]}, 0x50}}, 0x2008c010)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0x64, r5, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x2}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x48, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r10}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x88c}, 0x1000)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r13, 0xc008ae88, &(0x7f0000000300)={0x1, 0x0, [{0x40000021, 0x0, 0x9}]})
r14 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002880)='.\x00', &(0x7f00000028c0), 0x4001, &(0x7f0000000180)={{'fd', 0x3d, r14}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_STORE(r14, &(0x7f0000000040)={0x2a, 0x4, 0x0, {0x1, 0xffffffffffdfffff, 0x2, 0x0, [0x0, 0x0]}}, 0x2a)
write$tun(r0, &(0x7f0000000300)={@void, @void, @eth={@multicast, @random="fdb065f649d1", @val={@val={0x88a8, 0x1, 0x1, 0x1}}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x2, 0x14, 0x68, 0x1800, 0x9, 0x6c, 0x0, @private=0xa010101, @multicast1}}}}}}, 0x2a)

kernel console output (not intermixed with test programs):

2655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  339.609083][ T9796] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  339.609093][ T9796] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  339.609102][ T9796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  339.609109][ T9796] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  339.609115][ T9796] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  339.609129][ T9796]  </TASK>
[  339.951995][ T9802] netlink: 36 bytes leftover after parsing attributes in process `syz.0.917'.
[  340.076945][ T9804] netlink: 'syz.1.918': attribute type 11 has an invalid length.
[  341.342984][ T9820] serio: Serial port ptm1
[  341.692663][   T53] usb 38-1: device descriptor read/8, error -110
[  342.083389][   T53] usb usb38-port1: attempt power cycle
[  342.389889][ T9843] netlink: 'syz.0.930': attribute type 21 has an invalid length.
[  342.392473][ T9843] netlink: 128 bytes leftover after parsing attributes in process `syz.0.930'.
[  342.396059][ T9843] netlink: 'syz.0.930': attribute type 4 has an invalid length.
[  342.398469][ T9843] netlink: 'syz.0.930': attribute type 3 has an invalid length.
[  342.400851][ T9843] netlink: 3 bytes leftover after parsing attributes in process `syz.0.930'.
[  342.486863][ T9858] ip6gre1: entered promiscuous mode
[  342.489091][ T9858] ip6gre1: entered allmulticast mode
[  342.492566][ T9858] team0: Device ip6gre1 is of different type
[  342.540507][ T9864] FAULT_INJECTION: forcing a failure.
[  342.540507][ T9864] name failslab, interval 1, probability 0, space 0, times 0
[  342.545730][ T9864] CPU: 2 UID: 0 PID: 9864 Comm: syz.1.936 Not tainted syzkaller #0 PREEMPT(full) 
[  342.545746][ T9864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  342.545752][ T9864] Call Trace:
[  342.545757][ T9864]  <TASK>
[  342.545762][ T9864]  dump_stack_lvl+0x16c/0x1f0
[  342.545779][ T9864]  should_fail_ex+0x512/0x640
[  342.545795][ T9864]  ? fs_reclaim_acquire+0xae/0x150
[  342.545811][ T9864]  should_failslab+0xc2/0x120
[  342.545825][ T9864]  __kmalloc_noprof+0xdd/0x880
[  342.545843][ T9864]  ? tomoyo_encode2+0x100/0x3e0
[  342.545857][ T9864]  ? tomoyo_encode2+0x100/0x3e0
[  342.545868][ T9864]  tomoyo_encode2+0x100/0x3e0
[  342.545881][ T9864]  tomoyo_encode+0x29/0x50
[  342.545892][ T9864]  tomoyo_realpath_from_path+0x18f/0x6e0
[  342.545908][ T9864]  tomoyo_path_perm+0x274/0x460
[  342.545917][ T9864]  ? tomoyo_path_perm+0x260/0x460
[  342.545927][ T9864]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  342.545942][ T9864]  ? lockref_get_not_dead+0x6a/0x80
[  342.545964][ T9864]  ? __do_fast_syscall_32+0x7c/0x300
[  342.545977][ T9864]  ? do_fast_syscall_32+0x32/0x80
[  342.545989][ T9864]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  342.546014][ T9864]  ? rcu_is_watching+0x12/0xc0
[  342.546027][ T9864]  tomoyo_sb_umount+0x8c/0xd0
[  342.546040][ T9864]  ? __pfx_tomoyo_sb_umount+0x10/0x10
[  342.546056][ T9864]  security_sb_umount+0x8e/0x210
[  342.546074][ T9864]  path_umount+0x329/0x1220
[  342.546092][ T9864]  ? putname+0x154/0x1a0
[  342.546110][ T9864]  ? __pfx_path_umount+0x10/0x10
[  342.546124][ T9864]  ? putname+0x154/0x1a0
[  342.546142][ T9864]  ? putname+0x154/0x1a0
[  342.546157][ T9864]  __ia32_sys_umount+0x169/0x190
[  342.546168][ T9864]  ? __pfx___ia32_sys_umount+0x10/0x10
[  342.546180][ T9864]  ? rcu_is_watching+0x12/0xc0
[  342.546190][ T9864]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  342.546206][ T9864]  __do_fast_syscall_32+0x7c/0x300
[  342.546220][ T9864]  do_fast_syscall_32+0x32/0x80
[  342.546234][ T9864]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  342.546247][ T9864] RIP: 0023:0xf7fc1579
[  342.546255][ T9864] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  342.546265][ T9864] RSP: 002b:00000000f549555c EFLAGS: 00000296 ORIG_RAX: 0000000000000034
[  342.546276][ T9864] RAX: ffffffffffffffda RBX: 0000000080000380 RCX: 0000000000000000
[  342.546283][ T9864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  342.546289][ T9864] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  342.546295][ T9864] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  342.546315][ T9864] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  342.546335][ T9864]  </TASK>
[  342.546377][ T9864] ERROR: Out of memory at tomoyo_realpath_from_path.
[  342.663181][   T53] usb usb38-port1: unable to enumerate USB device
[  342.720245][ T9866] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  342.869660][ T9877] misc userio: Invalid payload size
[  343.692647][ T6833] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  343.845411][ T6833] usb 6-1: Using ep0 maxpacket: 32
[  343.849531][ T6833] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  343.852274][ T6833] usb 6-1: config 0 has no interface number 0
[  343.856223][ T6833] usb 6-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  343.859577][ T6833] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.862148][ T6833] usb 6-1: Product: syz
[  343.865167][ T6833] usb 6-1: Manufacturer: syz
[  343.866848][ T6833] usb 6-1: SerialNumber: syz
[  343.870611][ T6833] usb 6-1: config 0 descriptor??
[  343.876213][ T9901] rdma_rxe: rxe_newlink: failed to add syz_tun
[  343.876773][ T6833] usb 6-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  343.881107][ T6833] usb 6-1: selecting invalid altsetting 1
[  343.883402][ T6833] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  343.888717][ T6833] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  343.892203][ T6833] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  343.895419][ T6833] usb 6-1: media controller created
[  343.905562][ T6833] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  344.086278][ T9905] netlink: 8 bytes leftover after parsing attributes in process `syz.2.949'.
[  344.502423][ T9908] misc userio: Invalid payload size
[  344.505562][ T9908] dummy0: entered allmulticast mode
[  344.610501][ T9907] dummy0: left allmulticast mode
[  344.801166][ T9912] netlink: 8 bytes leftover after parsing attributes in process `syz.3.951'.
[  344.972945][ T6833] usb 6-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  344.979857][ T6833] zl10353_read_register: readreg error (reg=127, ret==-110)
[  344.981243][ T9914] netlink: 16 bytes leftover after parsing attributes in process `syz.2.952'.
[  345.002934][ T9895] usb 6-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  345.072370][ T6833] usb 6-1: USB disconnect, device number 13
[  345.214880][ T9914] netlink: 16 bytes leftover after parsing attributes in process `syz.2.952'.
[  346.623562][ T9935] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  346.625521][ T9935] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  346.627961][ T9935] vhci_hcd vhci_hcd.0: Device attached
[  346.670854][ T9938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.958'.
[  346.731896][ T9940] FAULT_INJECTION: forcing a failure.
[  346.731896][ T9940] name failslab, interval 1, probability 0, space 0, times 0
[  346.739194][ T9940] CPU: 2 UID: 0 PID: 9940 Comm: syz.3.959 Not tainted syzkaller #0 PREEMPT(full) 
[  346.739218][ T9940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  346.739228][ T9940] Call Trace:
[  346.739234][ T9940]  <TASK>
[  346.739240][ T9940]  dump_stack_lvl+0x16c/0x1f0
[  346.739264][ T9940]  should_fail_ex+0x512/0x640
[  346.739286][ T9940]  ? fs_reclaim_acquire+0xae/0x150
[  346.739309][ T9940]  should_failslab+0xc2/0x120
[  346.739330][ T9940]  __kmalloc_noprof+0xdd/0x880
[  346.739353][ T9940]  ? tomoyo_encode2+0x100/0x3e0
[  346.739374][ T9940]  ? tomoyo_encode2+0x100/0x3e0
[  346.739390][ T9940]  tomoyo_encode2+0x100/0x3e0
[  346.739409][ T9940]  tomoyo_encode+0x29/0x50
[  346.739425][ T9940]  tomoyo_realpath_from_path+0x18f/0x6e0
[  346.739445][ T9940]  ? tomoyo_profile+0x47/0x60
[  346.739466][ T9940]  tomoyo_path_number_perm+0x245/0x580
[  346.739489][ T9940]  ? tomoyo_path_number_perm+0x237/0x580
[  346.739514][ T9940]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  346.739562][ T9940]  ? find_held_lock+0x2b/0x80
[  346.739578][ T9940]  ? hook_file_ioctl_common+0x145/0x410
[  346.739599][ T9940]  ? __fget_files+0x20e/0x3c0
[  346.739619][ T9940]  security_file_ioctl_compat+0x9b/0x240
[  346.739637][ T9940]  __ia32_compat_sys_ioctl+0xc3/0x370
[  346.739663][ T9940]  __do_fast_syscall_32+0x7c/0x300
[  346.739686][ T9940]  do_fast_syscall_32+0x32/0x80
[  346.739705][ T9940]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  346.739723][ T9940] RIP: 0023:0xf7f67579
[  346.739736][ T9940] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  346.739750][ T9940] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  346.739765][ T9940] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c020aa00
[  346.739775][ T9940] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  346.739784][ T9940] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  346.739792][ T9940] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  346.739801][ T9940] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  346.739839][ T9940]  </TASK>
[  346.740349][ T9940] ERROR: Out of memory at tomoyo_realpath_from_path.
[  346.954256][ T9935] rdma_rxe: rxe_newlink: failed to add wg2
[  346.963088][   T53] usb 38-1: SetAddress Request (46) to port 0
[  346.965176][   T53] usb 38-1: new SuperSpeed USB device number 46 using vhci_hcd
[  347.146605][ T9936] vhci_hcd: connection reset by peer
[  347.148546][ T1140] vhci_hcd: stop threads
[  347.149947][ T1140] vhci_hcd: release socket
[  347.151422][ T1140] vhci_hcd: disconnect device
[  347.295332][ T9957] FAULT_INJECTION: forcing a failure.
[  347.295332][ T9957] name failslab, interval 1, probability 0, space 0, times 0
[  347.299416][ T9957] CPU: 3 UID: 0 PID: 9957 Comm: syz.1.966 Not tainted syzkaller #0 PREEMPT(full) 
[  347.299434][ T9957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  347.299443][ T9957] Call Trace:
[  347.299449][ T9957]  <TASK>
[  347.299456][ T9957]  dump_stack_lvl+0x16c/0x1f0
[  347.299483][ T9957]  should_fail_ex+0x512/0x640
[  347.299506][ T9957]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  347.299528][ T9957]  should_failslab+0xc2/0x120
[  347.299554][ T9957]  kmem_cache_alloc_node_noprof+0x78/0x770
[  347.299572][ T9957]  ? __dev_queue_xmit+0xaf1/0x4490
[  347.299596][ T9957]  ? __alloc_skb+0x2b2/0x380
[  347.299628][ T9957]  ? __alloc_skb+0x2b2/0x380
[  347.299645][ T9957]  __alloc_skb+0x2b2/0x380
[  347.299661][ T9957]  ? __pfx___alloc_skb+0x10/0x10
[  347.299676][ T9957]  ? inet_diag_rcv_msg_compat+0x1b4/0x2d0
[  347.299694][ T9957]  netlink_ack+0x15d/0xb80
[  347.299711][ T9957]  netlink_rcv_skb+0x332/0x420
[  347.299722][ T9957]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  347.299739][ T9957]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  347.299755][ T9957]  ? netlink_deliver_tap+0x1ae/0xd30
[  347.299768][ T9957]  netlink_unicast+0x5aa/0x870
[  347.299781][ T9957]  ? __pfx_netlink_unicast+0x10/0x10
[  347.299798][ T9957]  netlink_sendmsg+0x8c8/0xdd0
[  347.299811][ T9957]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.299824][ T9957]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  347.299842][ T9957]  ____sys_sendmsg+0xa98/0xc70
[  347.299857][ T9957]  ? __pfx_____sys_sendmsg+0x10/0x10
[  347.299869][ T9957]  ? get_compat_msghdr+0x11a/0x170
[  347.299885][ T9957]  ___sys_sendmsg+0x134/0x1d0
[  347.299897][ T9957]  ? __pfx____sys_sendmsg+0x10/0x10
[  347.299913][ T9957]  ? find_held_lock+0x2b/0x80
[  347.299934][ T9957]  __sys_sendmsg+0x16d/0x220
[  347.299945][ T9957]  ? __pfx___sys_sendmsg+0x10/0x10
[  347.299961][ T9957]  ? rcu_is_watching+0x12/0xc0
[  347.299975][ T9957]  __do_fast_syscall_32+0x7c/0x300
[  347.299989][ T9957]  do_fast_syscall_32+0x32/0x80
[  347.300003][ T9957]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  347.300045][ T9957] RIP: 0023:0xf7fc1579
[  347.300056][ T9957] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  347.300066][ T9957] RSP: 002b:00000000f54b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  347.300077][ T9957] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000280
[  347.300083][ T9957] RDX: 0000000020004010 RSI: 0000000000000000 RDI: 0000000000000000
[  347.300089][ T9957] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  347.300095][ T9957] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  347.300101][ T9957] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  347.300115][ T9957]  </TASK>
[  347.352618][ T6014] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  347.399054][ T9958] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  347.572697][ T6014] usb 8-1: Using ep0 maxpacket: 32
[  347.577050][ T6014] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  347.580438][ T6014] usb 8-1: config 0 has no interface number 0
[  347.593587][ T6014] usb 8-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  347.597520][ T6014] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.600861][ T6014] usb 8-1: Product: syz
[  347.602836][ T6014] usb 8-1: Manufacturer: syz
[  347.604822][ T6014] usb 8-1: SerialNumber: syz
[  347.616231][ T6014] usb 8-1: config 0 descriptor??
[  347.624490][ T6014] usb 8-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  347.628304][ T6014] usb 8-1: selecting invalid altsetting 1
[  347.630826][ T6014] usb 8-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  347.644396][ T6014] usb 8-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  347.648904][ T6014] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  347.652679][ T6014] usb 8-1: media controller created
[  347.668177][ T6014] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  347.762738][ T9966] misc userio: Invalid payload size
[  347.764991][ T9966] dummy0: entered allmulticast mode
[  347.862897][ T9965] dummy0: left allmulticast mode
[  348.496591][ T9980] netlink: 16 bytes leftover after parsing attributes in process `syz.0.974'.
[  348.510551][ T9982] netlink: 16 bytes leftover after parsing attributes in process `syz.2.973'.
[  348.542363][ T9983] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  348.545178][ T9983] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  348.551341][ T9983] vhci_hcd vhci_hcd.0: Device attached
[  348.743703][ T6014] usb 8-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  348.747544][ T6014] zl10353_read_register: readreg error (reg=127, ret==-110)
[  348.763285][ T9951] usb 8-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  348.778498][ T9983] rdma_rxe: rxe_newlink: failed to add wg2
[  348.793035][ T6014] usb 8-1: USB disconnect, device number 23
[  348.832707][ T6089] usb 40-1: SetAddress Request (43) to port 0
[  348.835694][ T6089] usb 40-1: new SuperSpeed USB device number 43 using vhci_hcd
[  349.068901][ T9984] vhci_hcd: connection reset by peer
[  349.070804][ T1140] vhci_hcd: stop threads
[  349.072229][ T1140] vhci_hcd: release socket
[  349.074188][ T1140] vhci_hcd: disconnect device
[  349.297297][T10002] misc userio: Invalid payload size
[  349.299360][T10002] dummy0: entered allmulticast mode
[  349.450100][T10001] dummy0: left allmulticast mode
[  349.661073][T10009] netlink: 20 bytes leftover after parsing attributes in process `syz.0.980'.
[  349.812868][T10016] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  349.886239][T10019] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  349.888645][T10019] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  349.892145][T10019] vhci_hcd vhci_hcd.0: Device attached
[  349.919884][T10024] FAULT_INJECTION: forcing a failure.
[  349.919884][T10024] name failslab, interval 1, probability 0, space 0, times 0
[  349.942619][T10024] CPU: 2 UID: 0 PID: 10024 Comm: syz.1.981 Not tainted syzkaller #0 PREEMPT(full) 
[  349.942644][T10024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  349.942653][T10024] Call Trace:
[  349.942660][T10024]  <TASK>
[  349.942666][T10024]  dump_stack_lvl+0x16c/0x1f0
[  349.942692][T10024]  should_fail_ex+0x512/0x640
[  349.942716][T10024]  ? __kmalloc_cache_noprof+0x5f/0x780
[  349.942733][T10024]  should_failslab+0xc2/0x120
[  349.942756][T10024]  __kmalloc_cache_noprof+0x72/0x780
[  349.942776][T10024]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  349.942804][T10024]  ? tcp_sendmsg_fastopen+0x24d/0x750
[  349.942827][T10024]  tcp_sendmsg_fastopen+0x24d/0x750
[  349.942855][T10024]  mptcp_sendmsg+0x14d0/0x1ec0
[  349.942878][T10024]  ? aa_sk_perm+0x2f4/0xb10
[  349.942901][T10024]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  349.942926][T10024]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  349.942947][T10024]  inet_sendmsg+0x11c/0x140
[  349.942974][T10024]  ____sys_sendmsg+0x973/0xc70
[  349.943007][T10024]  ? __pfx_____sys_sendmsg+0x10/0x10
[  349.943027][T10024]  ? get_compat_msghdr+0x11a/0x170
[  349.943060][T10024]  ___sys_sendmsg+0x134/0x1d0
[  349.943082][T10024]  ? __pfx____sys_sendmsg+0x10/0x10
[  349.943117][T10024]  ? find_held_lock+0x2b/0x80
[  349.943159][T10024]  __sys_sendmsg+0x16d/0x220
[  349.943177][T10024]  ? __pfx___sys_sendmsg+0x10/0x10
[  349.943210][T10024]  ? rcu_is_watching+0x12/0xc0
[  349.943233][T10024]  __do_fast_syscall_32+0x7c/0x300
[  349.943259][T10024]  do_fast_syscall_32+0x32/0x80
[  349.943282][T10024]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  349.943304][T10024] RIP: 0023:0xf7fc1579
[  349.943319][T10024] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  349.943336][T10024] RSP: 002b:00000000f549555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  349.943353][T10024] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000240
[  349.943364][T10024] RDX: 0000000034004000 RSI: 0000000000000000 RDI: 0000000000000000
[  349.943374][T10024] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  349.943383][T10024] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  349.943393][T10024] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  349.943422][T10024]  </TASK>
[  350.177516][ T5371] usb 43-1: new low-speed USB device number 3 using vhci_hcd
[  350.285275][T10028] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  350.421697][T10030] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  350.993204][T10020] vhci_hcd: connection reset by peer
[  351.002227][ T7284] vhci_hcd: stop threads
[  351.004054][ T7284] vhci_hcd: release socket
[  351.005820][ T7284] vhci_hcd: disconnect device
[  351.337127][T10040] serio: Serial port ptm1
[  351.702796][    T9] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  351.912662][    T9] usb 5-1: Using ep0 maxpacket: 32
[  351.921837][    T9] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  351.952731][    T9] usb 5-1: config 0 has no interface number 0
[  351.957653][    T9] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  351.961522][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.997561][    T9] usb 5-1: Product: syz
[  351.999330][    T9] usb 5-1: Manufacturer: syz
[  352.001221][    T9] usb 5-1: SerialNumber: syz
[  352.005734][    T9] usb 5-1: config 0 descriptor??
[  352.022631][   T53] usb 38-1: device descriptor read/8, error -110
[  352.023574][    T9] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  352.027475][    T9] usb 5-1: selecting invalid altsetting 1
[  352.029340][    T9] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  352.043092][    T9] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  352.046405][    T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  352.048926][    T9] usb 5-1: media controller created
[  352.059586][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  352.113962][T10049] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  352.116788][T10049] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  352.120615][T10049] vhci_hcd vhci_hcd.0: Device attached
[  352.312590][ T6032] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  352.423540][   T53] usb usb38-port1: attempt power cycle
[  352.466615][ T6032] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  352.473758][ T6032] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  352.480654][ T6032] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  352.484608][ T6032] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  352.494754][ T6032] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  352.500923][ T6032] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.503524][ T6032] usb 6-1: Product: syz
[  352.506162][ T6032] usb 6-1: Manufacturer: syz
[  352.508811][ T6032] usb 6-1: SerialNumber: syz
[  352.514249][ T6032] usb 6-1: config 0 descriptor??
[  352.574812][T10050] vhci_hcd: connection closed
[  352.575656][ T7282] vhci_hcd: stop threads
[  352.578728][ T7282] vhci_hcd: release socket
[  352.580418][ T7282] vhci_hcd: disconnect device
[  352.721137][ T6032] adutux 6-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  353.010442][   T53] usb usb38-port1: unable to enumerate USB device
[  353.116729][T10054] usb 6-1: Couldn't submit interrupt_out_urb -90
[  353.341473][    T9] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  353.341526][    T9] zl10353_read_register: readreg error (reg=127, ret==-110)
[  353.353848][T10043] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  353.366736][    T9] usb 5-1: USB disconnect, device number 24
[  353.943311][ T6089] usb 40-1: device descriptor read/8, error -110
[  354.013715][T10060] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  354.340599][  T840] libceph: connect (1)[c::]:6789 error -101
[  354.343467][ T6089] usb usb40-port1: attempt power cycle
[  354.343749][  T840] libceph: mon0 (1)[c::]:6789 connect error
[  354.382126][ T6031] libceph: connect (1)[b::]:6789 error -101
[  354.385510][ T6031] libceph: mon0 (1)[b::]:6789 connect error
[  354.545153][T10073] tmpfs: Bad value for 'mpol'
[  354.547668][T10073] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  354.614043][  T840] libceph: connect (1)[c::]:6789 error -101
[  354.616099][  T840] libceph: mon0 (1)[c::]:6789 connect error
[  354.642698][   T53] libceph: connect (1)[b::]:6789 error -101
[  354.649430][   T53] libceph: mon0 (1)[b::]:6789 connect error
[  354.778031][T10075] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  354.780140][T10075] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  354.782974][T10075] vhci_hcd vhci_hcd.0: Device attached
[  354.919773][ T6089] usb usb40-port1: unable to enumerate USB device
[  354.938708][T10075] syz2: rxe_newlink: already configured on wg2
[  355.113420][   T53] usb 42-1: SetAddress Request (54) to port 0
[  355.116080][   T53] usb 42-1: new SuperSpeed USB device number 54 using vhci_hcd
[  355.122847][  T840] libceph: connect (1)[c::]:6789 error -101
[  355.123866][ T6089] usb 6-1: USB disconnect, device number 14
[  355.124808][  T840] libceph: mon0 (1)[c::]:6789 connect error
[  355.154717][T10063] ceph: No mds server is up or the cluster is laggy
[  355.155833][T10066] ceph: No mds server is up or the cluster is laggy
[  355.250736][ T6031] libceph: connect (1)[b::]:6789 error -101
[  355.264856][ T6031] libceph: mon0 (1)[b::]:6789 connect error
[  355.312650][ T5371] vhci_hcd: vhci_device speed not set
[  355.383912][T10083] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  355.386369][T10083] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  355.389611][T10083] vhci_hcd vhci_hcd.0: Device attached
[  355.434497][T10083] rdma_rxe: rxe_newlink: failed to add wg2
[  355.491721][T10089] netlink: 8 bytes leftover after parsing attributes in process `syz.3.997'.
[  355.525391][T10076] vhci_hcd: connection reset by peer
[  355.563311][ T7286] vhci_hcd: stop threads
[  355.565224][ T7286] vhci_hcd: release socket
[  355.568174][ T7286] vhci_hcd: disconnect device
[  355.614395][T10090] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  355.652928][ T6031] usb 40-1: SetAddress Request (47) to port 0
[  355.655910][ T6031] usb 40-1: new SuperSpeed USB device number 47 using vhci_hcd
[  355.979910][T10084] vhci_hcd: connection reset by peer
[  355.983140][ T7287] vhci_hcd: stop threads
[  355.984735][ T7287] vhci_hcd: release socket
[  355.986314][ T7287] vhci_hcd: disconnect device
[  356.287143][T10095] netlink: 72 bytes leftover after parsing attributes in process `syz.2.998'.
[  356.296737][T10095] netlink: 80 bytes leftover after parsing attributes in process `syz.2.998'.
[  356.452635][  T840] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  356.612662][  T840] usb 8-1: Using ep0 maxpacket: 32
[  356.615585][  T840] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  356.618107][  T840] usb 8-1: config 0 has no interface number 0
[  356.622118][  T840] usb 8-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  356.625294][  T840] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  356.627762][  T840] usb 8-1: Product: syz
[  356.629192][  T840] usb 8-1: Manufacturer: syz
[  356.630733][  T840] usb 8-1: SerialNumber: syz
[  356.635447][  T840] usb 8-1: config 0 descriptor??
[  356.639280][  T840] usb 8-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  356.642131][  T840] usb 8-1: selecting invalid altsetting 1
[  356.644818][  T840] usb 8-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  356.648956][  T840] usb 8-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  356.653803][  T840] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  356.656398][  T840] usb 8-1: media controller created
[  356.671136][  T840] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  356.749407][   T29] usb usb44-port1: attempt power cycle
[  357.313410][   T29] usb usb44-port1: unable to enumerate USB device
[  357.484676][T10115] netlink: 'syz.0.1003': attribute type 12 has an invalid length.
[  357.488158][T10115] netlink: 'syz.0.1003': attribute type 29 has an invalid length.
[  357.490754][T10115] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1003'.
[  357.494197][T10115] netlink: 59 bytes leftover after parsing attributes in process `syz.0.1003'.
[  357.773188][  T840] usb 8-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  357.776179][  T840] zl10353_read_register: readreg error (reg=127, ret==-110)
[  357.792671][ T6014] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  357.795412][T10093] usb 8-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  357.803104][  T840] usb 8-1: USB disconnect, device number 24
[  357.980135][T10124] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  358.124256][ T6014] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  358.128755][ T6014] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  358.132811][ T6014] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  358.137087][ T6014] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  358.142387][ T6014] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  358.145381][ T6014] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.147818][ T6014] usb 5-1: Product: syz
[  358.149155][ T6014] usb 5-1: Manufacturer: syz
[  358.150636][ T6014] usb 5-1: SerialNumber: syz
[  358.154704][ T6014] usb 5-1: config 0 descriptor??
[  358.368516][ T6014] adutux 5-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  358.550610][T10131] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  358.779868][T10134] usb 5-1: Couldn't submit interrupt_out_urb -90
[  360.036055][T10146] raw_sendmsg: syz.3.1011 forgot to set AF_INET. Fix it!
[  360.062425][T10151] misc userio: Invalid payload size
[  360.065193][T10151] dummy0: entered allmulticast mode
[  360.222551][T10150] dummy0: left allmulticast mode
[  360.342649][   T53] usb 42-1: device descriptor read/8, error -110
[  360.572336][T10162] syzkaller0: entered promiscuous mode
[  360.574942][T10162] syzkaller0: entered allmulticast mode
[  360.586465][ T5371] usb 5-1: USB disconnect, device number 25
[  360.732668][ T6031] usb 40-1: device descriptor read/8, error -110
[  360.748318][   T53] usb usb42-port1: attempt power cycle
[  360.855391][T10168] serio: Serial port ptm1
[  360.967631][T10172] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  361.144587][ T6031] usb usb40-port1: attempt power cycle
[  361.329805][   T53] usb usb42-port1: unable to enumerate USB device
[  361.826301][T10187] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  361.829159][T10187] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  361.950806][T10187] vhci_hcd vhci_hcd.0: Device attached
[  361.994385][ T6031] usb usb40-port1: unable to enumerate USB device
[  362.212650][   T53] usb 44-1: SetAddress Request (70) to port 0
[  362.215616][   T53] usb 44-1: new SuperSpeed USB device number 70 using vhci_hcd
[  362.473360][T10188] vhci_hcd: connection reset by peer
[  362.475413][ T7287] vhci_hcd: stop threads
[  362.476853][ T7287] vhci_hcd: release socket
[  362.478438][ T7287] vhci_hcd: disconnect device
[  364.191455][T10221] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  366.432469][T10242] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  366.434565][T10242] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  366.437523][T10242] vhci_hcd vhci_hcd.0: Device attached
[  366.506811][T10242] rdma_rxe: rxe_newlink: failed to add wg2
[  367.073938][T10243] vhci_hcd: connection closed
[  367.074088][ T7287] vhci_hcd: stop threads
[  367.078429][ T7287] vhci_hcd: release socket
[  367.080448][ T7287] vhci_hcd: disconnect device
[  367.297094][   T53] usb 44-1: device descriptor read/8, error -110
[  367.727865][   T53] usb usb44-port1: attempt power cycle
[  368.308628][   T53] usb usb44-port1: unable to enumerate USB device
[  370.148059][T10254] comedi comedi3: 8255: I/O port conflict (0x40404f26,4)
[  370.151257][T10254] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  370.153971][T10254] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  370.156718][T10254] comedi comedi3: 8255: I/O port conflict (0xc,4)
[  370.159456][T10254] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  370.162687][T10254] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  370.165503][T10254] comedi comedi3: 8255: I/O port conflict (0x5c95238c,4)
[  370.168474][T10254] comedi comedi3: 8255: I/O port conflict (0xa,4)
[  370.171475][T10254] comedi comedi3: 8255: I/O port conflict (0x3bf,4)
[  370.174434][T10254] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  370.177132][T10254] comedi comedi3: 8255: I/O port conflict (0x20000001,4)
[  370.181805][T10254] comedi comedi3: 8255: I/O port conflict (0x400e1c8,4)
[  370.184734][T10254] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  370.187396][T10254] comedi comedi3: 8255: I/O port conflict (0x7,4)
[  370.190466][T10254] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  370.193266][T10254] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  370.195970][T10254] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  370.198676][T10254] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  370.201926][T10254] comedi comedi3: 8255: I/O port conflict (0x10,4)
[  370.204650][T10254] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  370.207357][T10254] comedi comedi3: 8255: I/O port conflict (0xef,4)
[  375.601232][ T5955] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  375.605882][ T5955] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  375.609598][ T5955] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  375.613729][ T5955] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  375.618026][ T5955] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  375.811206][T10258] wg2 speed is unknown, defaulting to 1000
[  376.040638][T10272] serio: Serial port ptm1
[  376.266182][T10270] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  376.888060][T10278] syz1: rxe_newlink: already configured on syz_tun
[  376.950886][ T1140] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.352529][T10285] serio: Serial port ptm1
[  377.417817][ T1140] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.526149][T10290] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  377.528931][T10290] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  377.532831][T10290] vhci_hcd vhci_hcd.0: Device attached
[  377.651171][T10290] rdma_rxe: rxe_newlink: failed to add wg2
[  377.670583][ T1140] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.717309][ T5959] Bluetooth: hci4: command tx timeout
[  377.726635][T10258] chnl_net:caif_netlink_parms(): no params data found
[  377.807098][ T6031] usb 44-1: SetAddress Request (74) to port 0
[  377.809663][ T6031] usb 44-1: new SuperSpeed USB device number 74 using vhci_hcd
[  377.918574][ T1140] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.030112][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  378.097043][T10291] vhci_hcd: connection reset by peer
[  378.099197][ T6014] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  378.099836][ T7288] vhci_hcd: stop threads
[  378.103681][ T7288] vhci_hcd: release socket
[  378.105662][ T7288] vhci_hcd: disconnect device
[  378.269117][ T6014] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  378.273618][ T6014] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  378.277522][ T6014] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  378.281441][ T6014] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  378.286386][ T6014] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  378.289540][ T6014] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  378.292046][ T6014] usb 5-1: Product: syz
[  378.293464][ T6014] usb 5-1: Manufacturer: syz
[  378.294907][ T6014] usb 5-1: SerialNumber: syz
[  378.299422][ T6014] usb 5-1: config 0 descriptor??
[  378.551470][T10258] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.555027][T10258] bridge0: port 1(bridge_slave_0) entered disabled state
[  378.559305][ T6014] adutux 5-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  378.568178][T10258] bridge_slave_0: entered allmulticast mode
[  378.574965][T10258] bridge_slave_0: entered promiscuous mode
[  378.588319][T10258] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.592251][T10258] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.595419][T10258] bridge_slave_1: entered allmulticast mode
[  378.600025][T10258] bridge_slave_1: entered promiscuous mode
[  378.870389][T10258] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  378.879093][T10258] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  379.009063][T10323] usb 5-1: Couldn't submit interrupt_out_urb -90
[  379.160073][T10314] syzkaller1: entered promiscuous mode
[  379.162419][T10314] syzkaller1: entered allmulticast mode
[  379.789007][ T5959] Bluetooth: hci4: command tx timeout
[  380.867800][   T29] usb 5-1: USB disconnect, device number 26
[  381.012101][ T1140] bond0 (unregistering): Released all slaves
[  381.275916][T10332] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  381.882441][ T5959] Bluetooth: hci4: command tx timeout
[  382.222605][ T1140] bond1 (unregistering): (slave bond2): Releasing backup interface
[  382.226107][ T1140] bond2 (unregistering): left promiscuous mode
[  382.252463][ T1140] bond1 (unregistering): Released all slaves
[  382.255117][T10337] serio: Serial port ptm1
[  382.912017][ T6031] usb 44-1: device descriptor read/8, error -110
[  383.113493][ T1140] bond2 (unregistering): Released all slaves
[  383.172933][T10258] team0: Port device team_slave_0 added
[  383.187487][T10347] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  383.189630][T10347] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  383.192627][T10347] vhci_hcd vhci_hcd.0: Device attached
[  383.335629][T10347] rdma_rxe: rxe_newlink: failed to add wg2
[  383.368571][ T6031] usb usb44-port1: attempt power cycle
[  383.472709][   T29] usb 38-1: SetAddress Request (50) to port 0
[  383.475753][   T29] usb 38-1: new SuperSpeed USB device number 50 using vhci_hcd
[  383.478903][T10258] team0: Port device team_slave_1 added
[  383.835872][T10348] vhci_hcd: connection reset by peer
[  383.837986][ T7285] vhci_hcd: stop threads
[  383.839841][ T7285] vhci_hcd: release socket
[  383.841825][ T7285] vhci_hcd: disconnect device
[  383.854710][T10258] batman_adv: batadv0: Adding interface: batadv_slave_0
[  383.857220][T10258] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  383.867042][T10258] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  383.900934][T10258] batman_adv: batadv0: Adding interface: batadv_slave_1
[  383.905116][T10258] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  383.915311][T10258] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  383.953220][ T5959] Bluetooth: hci4: command tx timeout
[  383.955209][ T6031] usb usb44-port1: unable to enumerate USB device
[  384.357327][T10258] hsr_slave_0: entered promiscuous mode
[  384.359655][T10258] hsr_slave_1: entered promiscuous mode
[  384.361997][T10258] debugfs: 'hsr0' already exists in 'hsr'
[  384.367303][T10258] Cannot create hsr debugfs directory
[  384.485810][T10369] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  384.723655][  T840] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  384.888310][  T840] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  384.892358][  T840] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  384.895505][  T840] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  384.899029][  T840] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  384.903656][  T840] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  384.910803][  T840] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.913276][  T840] usb 5-1: Product: syz
[  384.916528][  T840] usb 5-1: Manufacturer: syz
[  384.918013][  T840] usb 5-1: SerialNumber: syz
[  384.944181][  T840] usb 5-1: config 0 descriptor??
[  385.159174][  T840] adutux 5-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  385.444354][ T1140] hsr_slave_0: left promiscuous mode
[  385.542414][ T1140] veth1_macvtap: left promiscuous mode
[  385.545435][ T1140] veth0_macvtap: left promiscuous mode
[  385.547961][ T1140] veth1_vlan: left promiscuous mode
[  386.006960][T10381] usb 5-1: Couldn't submit interrupt_out_urb -90
[  386.911454][T10388] serio: Serial port ptm1
[  387.495755][  T840] usb 5-1: USB disconnect, device number 27
[  387.594924][T10398] xt_ecn: cannot match TCP bits for non-tcp packets
[  388.517197][   T29] usb 38-1: device descriptor read/8, error -110
[  389.017902][   T29] usb usb38-port1: attempt power cycle
[  389.580364][   T29] usb usb38-port1: unable to enumerate USB device
[  390.423508][  T840] hid_parser_main: 6 callbacks suppressed
[  390.423521][  T840] hid-generic 0000:0000:0000.0007: unknown main item tag 0x7
[  390.428409][  T840] hid-generic 0000:0000:0000.0007: ignoring exceeding usage max
[  390.431724][  T840] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  390.434673][  T840] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  390.437598][  T840] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  390.440979][  T840] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  390.443298][  T840] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  390.445613][  T840] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  390.447905][  T840] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  390.450943][  T840] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  390.453266][  T840] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  390.458148][  T840] hid-generic 0000:0000:0000.0007: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  390.482805][T10419] fido_id[10419]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  398.953473][T10258] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  399.002102][T10258] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  399.099256][T10258] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  399.139782][T10258] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  399.188959][T10436] serio: Serial port ptm1
[  399.268512][T10258] 8021q: adding VLAN 0 to HW filter on device bond0
[  399.284789][T10258] 8021q: adding VLAN 0 to HW filter on device team0
[  399.292090][ T7285] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.294375][ T7285] bridge0: port 1(bridge_slave_0) entered forwarding state
[  399.304524][ T7286] bridge0: port 2(bridge_slave_1) entered blocking state
[  399.306866][ T7286] bridge0: port 2(bridge_slave_1) entered forwarding state
[  399.469897][T10258] 8021q: adding VLAN 0 to HW filter on device batadv0
[  399.656919][T10258] veth0_vlan: entered promiscuous mode
[  399.664129][T10258] veth1_vlan: entered promiscuous mode
[  399.691583][T10258] veth0_macvtap: entered promiscuous mode
[  399.698239][T10258] veth1_macvtap: entered promiscuous mode
[  399.708555][T10258] batman_adv: batadv0: Interface activated: batadv_slave_0
[  399.714706][T10258] batman_adv: batadv0: Interface activated: batadv_slave_1
[  399.720862][ T7286] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  399.724763][ T7286] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  399.734318][ T7286] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  399.739057][ T7286] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  400.006267][ T7287] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  400.016259][ T7287] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  400.036542][ T7281] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  400.039421][ T7281] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  400.988762][T10478] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  400.990798][T10478] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  400.993751][T10478] vhci_hcd vhci_hcd.0: Device attached
[  400.997533][T10477] wg2 speed is unknown, defaulting to 1000
[  401.022407][T10481] netlink: 'syz.0.1079': attribute type 5 has an invalid length.
[  401.129861][T10484] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  401.129878][T10484] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  401.130006][T10484] vhci_hcd vhci_hcd.0: Device attached
[  401.279376][T10478] rdma_rxe: rxe_newlink: failed to add wg2
[  401.428077][T10484] syz2: rxe_newlink: already configured on wg2
[  401.883926][T10479] vhci_hcd: connection closed
[  401.884366][ T7285] vhci_hcd: stop threads
[  401.887178][ T7285] vhci_hcd: release socket
[  401.889504][ T7285] vhci_hcd: disconnect device
[  401.979546][   T53] usb 42-1: SetAddress Request (58) to port 0
[  401.981511][   T53] usb 42-1: new SuperSpeed USB device number 58 using vhci_hcd
[  402.000940][T10485] vhci_hcd: connection reset by peer
[  402.002836][ T7285] vhci_hcd: stop threads
[  402.004304][ T7285] vhci_hcd: release socket
[  402.006059][ T7285] vhci_hcd: disconnect device
[  402.436221][T10496] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1082'.
[  402.608118][T10498] Cannot find del_set index 1 as target
[  402.838896][T10502] FAULT_INJECTION: forcing a failure.
[  402.838896][T10502] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.844660][T10502] CPU: 0 UID: 0 PID: 10502 Comm: syz.2.1085 Not tainted syzkaller #0 PREEMPT(full) 
[  402.844686][T10502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  402.844697][T10502] Call Trace:
[  402.844704][T10502]  <TASK>
[  402.844711][T10502]  dump_stack_lvl+0x16c/0x1f0
[  402.844740][T10502]  should_fail_ex+0x512/0x640
[  402.844789][T10502]  _copy_from_user+0x2e/0xd0
[  402.844817][T10502]  do_compat_sigaltstack+0xf6/0x310
[  402.844843][T10502]  ? __pfx_do_compat_sigaltstack+0x10/0x10
[  402.844866][T10502]  ? ia32_restore_sigcontext+0x451/0x630
[  402.844894][T10502]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  402.844926][T10502]  ? rcu_is_watching+0x12/0xc0
[  402.844945][T10502]  ? _raw_spin_unlock_irq+0x23/0x50
[  402.844964][T10502]  ? lockdep_hardirqs_on+0x7c/0x110
[  402.844988][T10502]  compat_restore_altstack+0x17/0x40
[  402.845013][T10502]  __do_compat_sys_rt_sigreturn+0x204/0x270
[  402.845041][T10502]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  402.845071][T10502]  ? rcu_is_watching+0x12/0xc0
[  402.845092][T10502]  do_int80_emulation+0x104/0x3e0
[  402.845118][T10502]  asm_int80_emulation+0x1a/0x20
[  402.845135][T10502] RIP: 0023:0xf7f94577
[  402.845149][T10502] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  402.845167][T10502] RSP: 002b:00000000f548655c EFLAGS: 00000296
[  402.845182][T10502] RAX: 0000000000000139 RBX: 0000000000000004 RCX: 0000000000000000
[  402.845193][T10502] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000007
[  402.845203][T10502] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  402.845212][T10502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  402.845222][T10502] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  402.845246][T10502]  </TASK>
[  402.895808][T10504] serio: Serial port ptm1
[  403.086459][ T5959] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  403.099076][T10510] Cannot find del_set index 1 as target
[  403.432428][ T5959] Bluetooth: hci1: Dropping invalid advertising data
[  403.435860][ T5959] Bluetooth: hci1: Malformed LE Event: 0x02
[  403.438072][T10517] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1090'.
[  404.857368][T10550] trusted_key: encrypted_key: keylen parameter is missing
[  404.931986][T10552] misc userio: Invalid payload size
[  404.935776][T10552] dummy0: entered allmulticast mode
[  405.091836][T10551] dummy0: left allmulticast mode
[  405.138906][T10555] comedi comedi0: comedi_bond: 3:3 3:10 3:11 3:14 3:19 3:23  attached, 144 channels from 6 devices
[  405.229431][T10559] wg2 speed is unknown, defaulting to 1000
[  405.380098][T10563] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1101'.
[  405.383827][T10563] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1101'.
[  405.924203][T10573] kvm: user requested TSC rate below hardware speed
[  405.929951][T10574] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1523369646 (12186957168 ns) > initial count (699924040 ns). Using initial count to start timer.
[  406.198374][T10584] MINIX-fs: unable to read superblock
[  406.780287][T10599] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1110'.
[  407.014152][   T53] usb 42-1: device descriptor read/8, error -110
[  407.086559][T10604] trusted_key: encrypted_key: keylen parameter is missing
[  407.415148][   T53] usb usb42-port1: attempt power cycle
[  407.995826][   T53] usb usb42-port1: unable to enumerate USB device
[  408.405251][    T9] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  408.510477][T10621] misc userio: Invalid payload size
[  408.513013][T10621] dummy0: entered allmulticast mode
[  408.576646][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  408.580077][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  408.583146][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  408.586854][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  408.592404][    T9] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  408.595233][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.598005][    T9] usb 5-1: Product: syz
[  408.599348][    T9] usb 5-1: Manufacturer: syz
[  408.600854][    T9] usb 5-1: SerialNumber: syz
[  408.603638][    T9] usb 5-1: config 0 descriptor??
[  408.628133][T10620] dummy0: left allmulticast mode
[  408.811341][    T9] adutux 5-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  409.294711][T10632] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1120'.
[  409.417984][T10626] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  409.615182][T10639] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1121'.
[  409.840687][T10645] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1125'.
[  410.910624][T10684] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  410.913115][T10684] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  410.916906][T10684] vhci_hcd vhci_hcd.0: Device attached
[  411.101414][T10684] rdma_rxe: rxe_newlink: failed to add wg2
[  411.140064][T10690] netlink: 'syz.2.1129': attribute type 10 has an invalid length.
[  411.215661][   T53] usb 46-1: SetAddress Request (3) to port 0
[  411.217604][   T53] usb 46-1: new SuperSpeed USB device number 3 using vhci_hcd
[  411.220134][ T5371] usb 5-1: USB disconnect, device number 28
[  411.259446][T10690] wg2 speed is unknown, defaulting to 1000
[  411.306171][T10697] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1131'.
[  411.494494][T10685] vhci_hcd: connection reset by peer
[  411.496470][ T7282] vhci_hcd: stop threads
[  411.497859][ T7282] vhci_hcd: release socket
[  411.499858][ T7282] vhci_hcd: disconnect device
[  411.819592][    T9] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  411.824220][T10709] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  411.982197][T10716] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1137'.
[  412.490854][    T9] usb 5-1: config index 0 descriptor too short (expected 28277, got 36)
[  412.493931][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  412.497059][    T9] usb 5-1: config 0 has no interfaces?
[  412.509109][    T9] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  412.512983][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  412.521691][    T9] usb 5-1: config 0 descriptor??
[  412.569435][T10722] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  412.572188][T10722] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  412.575691][T10722] vhci_hcd vhci_hcd.0: Device attached
[  412.771271][    T9] usb 5-1: USB disconnect, device number 29
[  412.848532][T10731] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1141'.
[  412.899609][ T5371] usb 44-1: SetAddress Request (78) to port 0
[  412.907495][ T5371] usb 44-1: new SuperSpeed USB device number 78 using vhci_hcd
[  413.157316][T10723] vhci_hcd: connection reset by peer
[  413.159813][ T7285] vhci_hcd: stop threads
[  413.161410][ T7285] vhci_hcd: release socket
[  413.162962][ T7285] vhci_hcd: disconnect device
[  413.678478][T10754] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  414.309931][T10763] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1150'.
[  414.677156][T10758] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[  414.681122][T10758] overlayfs: overlapping lowerdir path
[  414.747748][T10776] use of bytesused == 0 is deprecated and will be removed in the future,
[  414.751258][T10776] use the actual size instead.
[  414.973562][T10789] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  414.991095][    T9] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  415.703398][    T9] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  415.707961][    T9] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  415.712378][    T9] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  415.716182][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.723285][T10779] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  415.729543][    T9] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  415.914392][T10807] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1163'.
[  416.400541][   T53] usb 46-1: device descriptor read/8, error -110
[  416.873225][   T53] usb usb46-port1: attempt power cycle
[  417.438961][T10813] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[  417.446748][T10813] overlayfs: overlapping lowerdir path
[  417.457729][   T53] usb usb46-port1: unable to enumerate USB device
[  417.666324][T10825] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  417.668516][T10825] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  417.671658][T10825] vhci_hcd vhci_hcd.0: Device attached
[  417.728570][T10824] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  417.913733][   T53] usb 41-1: new low-speed USB device number 3 using vhci_hcd
[  417.983919][ T5371] usb 44-1: device descriptor read/8, error -110
[  418.099517][T10826] vhci_hcd: connection reset by peer
[  418.102603][ T1140] vhci_hcd: stop threads
[  418.104422][ T1140] vhci_hcd: release socket
[  418.106324][ T1140] vhci_hcd: disconnect device
[  418.244624][    T9] usb 5-1: USB disconnect, device number 30
[  418.384974][ T5371] usb usb44-port1: attempt power cycle
[  418.391783][T10834] netlink: 'syz.0.1172': attribute type 5 has an invalid length.
[  418.394875][T10834] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.1172'.
[  418.689945][T10837] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1173'.
[  418.764764][T10844] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  418.768517][T10844] block device autoloading is deprecated and will be removed.
[  418.825566][T10844] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1175'.
[  418.939109][T10847] picdev_read: 502 callbacks suppressed
[  418.939120][T10847] kvm: pic: non byte read
[  418.942352][T10847] kvm: pic: non byte read
[  418.943726][T10847] kvm: pic: non byte read
[  418.975984][T10847] kvm: pic: non byte read
[  418.977302][T10847] kvm: pic: non byte read
[  418.978932][T10847] kvm: pic: non byte read
[  418.980732][T10847] kvm: pic: non byte read
[  418.982107][T10847] kvm: pic: non byte read
[  418.983494][T10847] kvm: pic: non byte read
[  418.985979][T10847] kvm: pic: non byte read
[  419.006792][ T5371] usb usb44-port1: unable to enumerate USB device
[  419.014401][T10859] fuse: Unknown parameter 'group_vSw)v�����.�1 �id'
[  419.305830][T10868] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  420.721505][T10908] syz_tun: refused to change device tx_queue_len
[  420.724492][ T9211] syz1: Port: 1 Link DOWN
[  420.966459][T10911] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  421.286737][ T5371] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  421.490338][T10919] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  421.492543][T10919] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  421.495318][T10919] vhci_hcd vhci_hcd.0: Device attached
[  421.498368][T10920] rdma_rxe: rxe_newlink: failed to add wg2
[  421.626906][ T5371] usb 9-1: Using ep0 maxpacket: 32
[  421.630334][ T5371] usb 9-1: config index 0 descriptor too short (expected 156, got 27)
[  421.633561][ T5371] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  421.639278][ T5371] usb 9-1: config 0 interface 0 altsetting 191 has an invalid descriptor for endpoint zero, skipping
[  421.642977][ T5371] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  421.647659][ T5371] usb 9-1: config 0 interface 0 has no altsetting 0
[  421.651757][ T5371] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  421.654718][ T5371] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  421.657454][ T5371] usb 9-1: Product: syz
[  421.658845][ T5371] usb 9-1: Manufacturer: syz
[  421.660381][ T5371] usb 9-1: SerialNumber: syz
[  421.664017][ T5371] usb 9-1: config 0 descriptor??
[  421.667491][ T5371] ldusb 9-1:0.0: Interrupt in endpoint not found
[  421.709231][T10921] vhci_hcd: connection closed
[  421.709738][ T7281] vhci_hcd: stop threads
[  421.712702][ T7281] vhci_hcd: release socket
[  421.714183][ T7281] vhci_hcd: disconnect device
[  421.872277][T10916] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  421.875295][T10916] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  421.879232][ T6012] usb 9-1: USB disconnect, device number 2
[  421.946309][T10924] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  422.328903][T10938] FAULT_INJECTION: forcing a failure.
[  422.328903][T10938] name failslab, interval 1, probability 0, space 0, times 0
[  422.333084][T10938] CPU: 0 UID: 0 PID: 10938 Comm: syz.0.1207 Not tainted syzkaller #0 PREEMPT(full) 
[  422.333099][T10938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  422.333105][T10938] Call Trace:
[  422.333110][T10938]  <TASK>
[  422.333114][T10938]  dump_stack_lvl+0x16c/0x1f0
[  422.333130][T10938]  should_fail_ex+0x512/0x640
[  422.333146][T10938]  ? fs_reclaim_acquire+0xae/0x150
[  422.333162][T10938]  should_failslab+0xc2/0x120
[  422.333176][T10938]  kmem_cache_alloc_noprof+0x75/0x6e0
[  422.333187][T10938]  ? p9_tag_alloc+0x9c/0x640
[  422.333204][T10938]  ? p9_tag_alloc+0x9c/0x640
[  422.333216][T10938]  p9_tag_alloc+0x9c/0x640
[  422.333230][T10938]  ? __pfx_p9_tag_alloc+0x10/0x10
[  422.333243][T10938]  ? stack_depot_save_flags+0x29/0x9c0
[  422.333271][T10938]  p9_client_prepare_req+0x19b/0x4d0
[  422.333286][T10938]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  422.333300][T10938]  ? __ia32_compat_sys_openat+0x16d/0x210
[  422.333318][T10938]  ? __lock_acquire+0xb8a/0x1c90
[  422.333335][T10938]  p9_client_rpc+0x1c4/0xc40
[  422.333349][T10938]  ? node_tag_clear+0x105/0x290
[  422.333359][T10938]  ? __pfx_p9_client_rpc+0x10/0x10
[  422.333374][T10938]  ? idr_alloc_u32+0x20f/0x2f0
[  422.333388][T10938]  ? idr_preload_end+0xc2/0x230
[  422.333402][T10938]  ? rcu_is_watching+0x12/0xc0
[  422.333416][T10938]  p9_client_walk+0x1ab/0x530
[  422.333432][T10938]  ? __pfx_p9_client_walk+0x10/0x10
[  422.333450][T10938]  ? v9fs_fid_lookup+0xe9/0xeb0
[  422.333465][T10938]  v9fs_file_open+0x599/0xab0
[  422.333477][T10938]  ? __pfx_apparmor_file_open+0x10/0x10
[  422.333493][T10938]  ? __pfx_v9fs_file_open+0x10/0x10
[  422.333505][T10938]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  422.333519][T10938]  do_dentry_open+0x982/0x1530
[  422.333532][T10938]  ? __pfx_v9fs_file_open+0x10/0x10
[  422.333545][T10938]  vfs_open+0x82/0x3f0
[  422.333561][T10938]  path_openat+0x1de4/0x2cb0
[  422.333577][T10938]  ? __pfx_path_openat+0x10/0x10
[  422.333592][T10938]  do_filp_open+0x20b/0x470
[  422.333604][T10938]  ? __pfx_do_filp_open+0x10/0x10
[  422.333624][T10938]  ? _raw_spin_unlock+0x28/0x50
[  422.333635][T10938]  ? alloc_fd+0x471/0x7d0
[  422.333649][T10938]  do_sys_openat2+0x11b/0x1d0
[  422.333664][T10938]  ? __pfx_do_sys_openat2+0x10/0x10
[  422.333681][T10938]  ? __fget_files+0x20e/0x3c0
[  422.333690][T10938]  ? handle_mm_fault+0x1e0/0xd10
[  422.333709][T10938]  __ia32_compat_sys_openat+0x16d/0x210
[  422.333725][T10938]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  422.333741][T10938]  ? ksys_write+0x1ac/0x250
[  422.333754][T10938]  ? rcu_is_watching+0x12/0xc0
[  422.333767][T10938]  __do_fast_syscall_32+0x7c/0x300
[  422.333782][T10938]  do_fast_syscall_32+0x32/0x80
[  422.333795][T10938]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  422.333808][T10938] RIP: 0023:0xf7f31579
[  422.333817][T10938] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  422.333828][T10938] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  422.333838][T10938] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000280
[  422.333845][T10938] RDX: 000000000000275a RSI: 0000000000000000 RDI: 0000000000000000
[  422.333851][T10938] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  422.333856][T10938] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  422.333862][T10938] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  422.333875][T10938]  </TASK>
[  422.500938][T10944] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1208'.
[  422.824304][T10951] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  423.028376][   T53] vhci_hcd: vhci_device speed not set
[  423.620974][T10954] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  423.623034][T10954] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  423.625392][T10954] vhci_hcd vhci_hcd.0: Device attached
[  423.865148][T10973] binder: 10972:10973 ioctl c0306201 800001c0 returned -14
[  423.871738][T10973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1218'.
[  424.014232][T10964] vhci_hcd: connection closed
[  424.021239][ T1140] vhci_hcd: stop threads
[  424.023828][ T1140] vhci_hcd: release socket
[  424.084983][ T1140] vhci_hcd: disconnect device
[  425.169589][T11006] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  425.198970][T11009] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1228'.
[  425.841102][T11009] team0: Port device team_slave_1 removed
[  425.986572][   T40] kauditd_printk_skb: 326 callbacks suppressed
[  425.986584][   T40] audit: type=1400 audit(1763217986.177:501): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=11015 comm="syz.3.1231"
[  426.454377][   T40] audit: type=1326 audit(1763217986.647:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11025 comm="syz.0.1233" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  426.461713][   T40] audit: type=1326 audit(1763217986.647:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11025 comm="syz.0.1233" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  426.468614][   T40] audit: type=1326 audit(1763217986.647:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11025 comm="syz.0.1233" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  426.475488][   T40] audit: type=1326 audit(1763217986.647:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11025 comm="syz.0.1233" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  426.482829][   T40] audit: type=1326 audit(1763217986.647:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11025 comm="syz.0.1233" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  426.489756][   T40] audit: type=1326 audit(1763217986.647:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11025 comm="syz.0.1233" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f31579 code=0x7ffc0000
[  426.497265][   T40] audit: type=1326 audit(1763217986.647:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11025 comm="syz.0.1233" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f31598 code=0x7ffc0000
[  426.504126][   T40] audit: type=1326 audit(1763217986.647:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11025 comm="syz.0.1233" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f31598 code=0x7ffc0000
[  426.510977][   T40] audit: type=1326 audit(1763217986.647:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11025 comm="syz.0.1233" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f31598 code=0x7ffc0000
[  426.977360][T11047] FAULT_INJECTION: forcing a failure.
[  426.977360][T11047] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  426.983148][T11047] CPU: 2 UID: 0 PID: 11047 Comm: syz.2.1240 Not tainted syzkaller #0 PREEMPT(full) 
[  426.983164][T11047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  426.983171][T11047] Call Trace:
[  426.983174][T11047]  <TASK>
[  426.983178][T11047]  dump_stack_lvl+0x16c/0x1f0
[  426.983195][T11047]  should_fail_ex+0x512/0x640
[  426.983214][T11047]  should_fail_alloc_page+0xe7/0x130
[  426.983229][T11047]  prepare_alloc_pages+0x3c2/0x610
[  426.983245][T11047]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  426.983263][T11047]  ? rcu_is_watching+0x12/0xc0
[  426.983293][T11047]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  426.983306][T11047]  ? __alloc_frozen_pages_noprof+0x292/0x2470
[  426.983320][T11047]  ? find_held_lock+0x2b/0x80
[  426.983332][T11047]  ? is_bpf_text_address+0x8a/0x1a0
[  426.983348][T11047]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  426.983367][T11047]  ? policy_nodemask+0xea/0x4e0
[  426.983382][T11047]  alloc_pages_mpol+0x1fb/0x550
[  426.983397][T11047]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  426.983414][T11047]  alloc_pages_noprof+0x131/0x390
[  426.983429][T11047]  __pmd_alloc+0x3b/0x8b0
[  426.983444][T11047]  __handle_mm_fault+0xada/0x2aa0
[  426.983462][T11047]  ? mt_find+0x3e2/0xa20
[  426.983476][T11047]  ? __pfx___handle_mm_fault+0x10/0x10
[  426.983491][T11047]  ? __pfx_mt_find+0x10/0x10
[  426.983511][T11047]  ? find_vma+0xbf/0x140
[  426.983527][T11047]  ? __pfx_find_vma+0x10/0x10
[  426.983541][T11047]  handle_mm_fault+0x589/0xd10
[  426.983557][T11047]  ? __pkru_allows_pkey+0x21/0xb0
[  426.983575][T11047]  do_user_addr_fault+0x7a6/0x1370
[  426.983587][T11047]  ? rcu_is_watching+0x12/0xc0
[  426.983599][T11047]  exc_page_fault+0x64/0xc0
[  426.983612][T11047]  asm_exc_page_fault+0x26/0x30
[  426.983622][T11047] RIP: 0010:__put_user_4+0xd/0x20
[  426.983634][T11047] Code: 66 89 01 31 c9 0f 01 ca e9 c0 80 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 97 80 03 00 0f 1f 80 00 00 00 00 90 90 90
[  426.983644][T11047] RSP: 0018:ffffc90002fbfe00 EFLAGS: 00050202
[  426.983653][T11047] RAX: 0000000000000004 RBX: 0000000000000000 RCX: 0000000080000040
[  426.983659][T11047] RDX: ffff888012f0a480 RSI: ffffffff8924c974 RDI: ffffffff8bf075c0
[  426.983666][T11047] RBP: 1ffff920005f7fc4 R08: 3f01a8e99979f77c R09: 0000000000000000
[  426.983672][T11047] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000004
[  426.983678][T11047] R13: 0000000000000005 R14: 0000000000000002 R15: dffffc0000000000
[  426.983688][T11047]  ? __sys_socketpair+0x114/0x5a0
[  426.983704][T11047]  __sys_socketpair+0x120/0x5a0
[  426.983719][T11047]  ? __pfx___sys_socketpair+0x10/0x10
[  426.983733][T11047]  ? fput+0x9b/0xd0
[  426.983747][T11047]  ? __pfx_ksys_write+0x10/0x10
[  426.983761][T11047]  __ia32_sys_socketpair+0x95/0x100
[  426.983775][T11047]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  426.983789][T11047]  __do_fast_syscall_32+0x7c/0x300
[  426.983804][T11047]  do_fast_syscall_32+0x32/0x80
[  426.983817][T11047]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  426.983830][T11047] RIP: 0023:0xf7f94579
[  426.983838][T11047] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  426.983847][T11047] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000168
[  426.983856][T11047] RAX: ffffffffffffffda RBX: 0000000000000023 RCX: 0000000000000002
[  426.983862][T11047] RDX: 0000000000000001 RSI: 0000000080000040 RDI: 0000000000000000
[  426.983868][T11047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  426.983874][T11047] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  426.983880][T11047] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  426.983893][T11047]  </TASK>
[  426.994783][T11049] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1241'.
[  427.073498][T11042] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  427.596092][T11064] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1243'.
[  427.855107][T11058] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  427.859309][T11058] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  427.945468][T11058] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  427.947859][T11058] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  428.003877][T11058] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  428.005862][T11058] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  428.083335][T11058] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  428.085285][T11058] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  428.143143][T11058] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  428.217945][T11071] 9pnet: Could not find request transport: xen
[  428.488276][T11082] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1249'.
[  428.534333][T11088] FAULT_INJECTION: forcing a failure.
[  428.534333][T11088] name failslab, interval 1, probability 0, space 0, times 0
[  428.539788][T11088] CPU: 2 UID: 0 PID: 11088 Comm: syz.2.1250 Not tainted syzkaller #0 PREEMPT(full) 
[  428.539803][T11088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  428.539810][T11088] Call Trace:
[  428.539814][T11088]  <TASK>
[  428.539818][T11088]  dump_stack_lvl+0x16c/0x1f0
[  428.539840][T11088]  should_fail_ex+0x512/0x640
[  428.539856][T11088]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  428.539867][T11088]  should_failslab+0xc2/0x120
[  428.539881][T11088]  kmem_cache_alloc_noprof+0x75/0x6e0
[  428.539893][T11088]  ? skb_clone+0x190/0x3f0
[  428.539906][T11088]  ? skb_clone+0x190/0x3f0
[  428.539915][T11088]  skb_clone+0x190/0x3f0
[  428.539926][T11088]  netlink_deliver_tap+0xabd/0xd30
[  428.539940][T11088]  netlink_unicast+0x71f/0x870
[  428.539953][T11088]  ? __pfx_netlink_unicast+0x10/0x10
[  428.539964][T11088]  ? genl_rcv_msg+0x4bb/0x800
[  428.539980][T11088]  netlink_ack+0x696/0xb80
[  428.539995][T11088]  netlink_rcv_skb+0x332/0x420
[  428.540006][T11088]  ? __pfx_genl_rcv_msg+0x10/0x10
[  428.540019][T11088]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  428.540036][T11088]  ? netlink_deliver_tap+0x1ae/0xd30
[  428.540048][T11088]  genl_rcv+0x28/0x40
[  428.540059][T11088]  netlink_unicast+0x5aa/0x870
[  428.540072][T11088]  ? __pfx_netlink_unicast+0x10/0x10
[  428.540088][T11088]  netlink_sendmsg+0x8c8/0xdd0
[  428.540102][T11088]  ? __pfx_netlink_sendmsg+0x10/0x10
[  428.540114][T11088]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  428.540132][T11088]  ____sys_sendmsg+0xa98/0xc70
[  428.540147][T11088]  ? __pfx_____sys_sendmsg+0x10/0x10
[  428.540160][T11088]  ? get_compat_msghdr+0x11a/0x170
[  428.540180][T11088]  ___sys_sendmsg+0x134/0x1d0
[  428.540191][T11088]  ? __pfx____sys_sendmsg+0x10/0x10
[  428.540208][T11088]  ? find_held_lock+0x2b/0x80
[  428.540228][T11088]  __sys_sendmsg+0x16d/0x220
[  428.540238][T11088]  ? __pfx___sys_sendmsg+0x10/0x10
[  428.540254][T11088]  ? rcu_is_watching+0x12/0xc0
[  428.540268][T11088]  __do_fast_syscall_32+0x7c/0x300
[  428.540283][T11088]  do_fast_syscall_32+0x32/0x80
[  428.540296][T11088]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  428.540310][T11088] RIP: 0023:0xf7f94579
[  428.540319][T11088] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  428.540329][T11088] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  428.540339][T11088] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800006c0
[  428.540346][T11088] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  428.540351][T11088] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  428.540357][T11088] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  428.540363][T11088] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  428.540376][T11088]  </TASK>
[  429.207005][T11099] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  429.513889][ T5959] Bluetooth: hci1: command 0x0406 tx timeout
[  429.933717][T11121] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  429.936465][T11121] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  429.939277][T11121] vhci_hcd vhci_hcd.0: Device attached
[  429.995960][ T5959] Bluetooth: hci2: command 0x0406 tx timeout
[  430.079698][T11122] vhci_hcd: connection closed
[  430.080033][ T7281] vhci_hcd: stop threads
[  430.083945][ T7281] vhci_hcd: release socket
[  430.086421][ T5959] Bluetooth: hci3: command 0x0406 tx timeout
[  430.087464][ T7281] vhci_hcd: disconnect device
[  430.124640][   T53] vhci_hcd: vhci_device speed not set
[  430.145417][T11130] rdma_rxe: rxe_newlink: failed to add syz_tun
[  430.154491][ T5959] Bluetooth: hci4: command 0x0c1a tx timeout
[  430.331455][T11133] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  430.333537][T11133] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  430.336569][T11133] vhci_hcd vhci_hcd.0: Device attached
[  430.614716][   T29] usb 42-1: SetAddress Request (62) to port 0
[  430.616696][   T29] usb 42-1: new SuperSpeed USB device number 62 using vhci_hcd
[  430.885161][ T5371] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  430.913341][T11134] vhci_hcd: connection reset by peer
[  430.916329][ T7288] vhci_hcd: stop threads
[  430.918005][ T7288] vhci_hcd: release socket
[  430.919770][ T7288] vhci_hcd: disconnect device
[  430.925138][ T6012] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  431.051264][ T5371] usb 9-1: config index 0 descriptor too short (expected 23569, got 27)
[  431.054675][ T5371] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  431.058786][ T5371] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  431.061526][ T5371] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  431.063960][ T5371] usb 9-1: Manufacturer: syz
[  431.067198][ T5371] usb 9-1: config 0 descriptor??
[  431.096970][ T6012] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  431.101384][ T6012] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  431.106070][ T6012] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  431.110444][ T6012] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  431.116645][ T6012] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  431.118855][ T5371] rc_core: IR keymap rc-hauppauge not found
[  431.120274][ T6012] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.122700][ T5371] Registered IR keymap rc-empty
[  431.123967][ T5371] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0
[  431.125432][ T6012] usb 5-1: Product: syz
[  431.125443][ T6012] usb 5-1: Manufacturer: syz
[  431.125452][ T6012] usb 5-1: SerialNumber: syz
[  431.127649][ T6012] usb 5-1: config 0 descriptor??
[  431.140219][ T5371] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0/input9
[  431.309260][T11137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  431.313371][T11137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  431.345866][ T5371] usb 9-1: USB disconnect, device number 3
[  431.347853][ T6012] adutux 5-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  431.371546][T11150] netlink: 348 bytes leftover after parsing attributes in process `syz.3.1268'.
[  431.605678][ T5959] Bluetooth: hci1: command 0x0406 tx timeout
[  431.721704][T11154] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  432.075986][ T5959] Bluetooth: hci2: command 0x0406 tx timeout
[  432.149021][T11163] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  432.156077][ T5959] Bluetooth: hci3: command 0x0406 tx timeout
[  432.246174][ T5959] Bluetooth: hci4: command 0x0c1a tx timeout
[  432.836586][T11167] FAULT_INJECTION: forcing a failure.
[  432.836586][T11167] name failslab, interval 1, probability 0, space 0, times 0
[  432.840435][T11167] CPU: 1 UID: 0 PID: 11167 Comm: syz.2.1272 Not tainted syzkaller #0 PREEMPT(full) 
[  432.840461][T11167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  432.840467][T11167] Call Trace:
[  432.840472][T11167]  <TASK>
[  432.840480][T11167]  dump_stack_lvl+0x16c/0x1f0
[  432.840497][T11167]  should_fail_ex+0x512/0x640
[  432.840514][T11167]  ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0
[  432.840530][T11167]  should_failslab+0xc2/0x120
[  432.840544][T11167]  __kmalloc_node_track_caller_noprof+0xde/0x8a0
[  432.840557][T11167]  ? ovl_mount_dir+0x26/0x1f0
[  432.840576][T11167]  ? kstrdup+0x53/0x100
[  432.840586][T11167]  kstrdup+0x53/0x100
[  432.840598][T11167]  ovl_mount_dir+0x26/0x1f0
[  432.840614][T11167]  ovl_parse_param+0x10ae/0x1570
[  432.840633][T11167]  ? __pfx_ovl_parse_param+0x10/0x10
[  432.840649][T11167]  ? __kmalloc_node_track_caller_noprof+0x362/0x8a0
[  432.840663][T11167]  ? static_key_count+0x5a/0x70
[  432.840677][T11167]  ? __pfx_ovl_parse_param+0x10/0x10
[  432.840694][T11167]  vfs_parse_fs_param+0x20b/0x3c0
[  432.840707][T11167]  vfs_parse_fs_qstr+0x138/0x1c0
[  432.840719][T11167]  ? __pfx_vfs_parse_fs_qstr+0x10/0x10
[  432.840733][T11167]  ? lockdep_init_map_type+0x5c/0x280
[  432.840749][T11167]  ? ovl_next_opt+0x143/0x1c0
[  432.840765][T11167]  ? __pfx_ovl_next_opt+0x10/0x10
[  432.840779][T11167]  vfs_parse_monolithic_sep+0x18d/0x210
[  432.840793][T11167]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  432.840806][T11167]  ? alloc_fs_context+0x59b/0x9c0
[  432.840820][T11167]  path_mount+0x768/0x23a0
[  432.840835][T11167]  ? __pfx_path_mount+0x10/0x10
[  432.840848][T11167]  ? kmem_cache_free+0x2d4/0x6c0
[  432.840858][T11167]  ? putname+0x154/0x1a0
[  432.840874][T11167]  ? putname+0x154/0x1a0
[  432.840888][T11167]  ? __ia32_sys_mount+0x291/0x310
[  432.840900][T11167]  __ia32_sys_mount+0x291/0x310
[  432.840913][T11167]  ? __pfx___ia32_sys_mount+0x10/0x10
[  432.840926][T11167]  ? rcu_is_watching+0x12/0xc0
[  432.840940][T11167]  __do_fast_syscall_32+0x7c/0x300
[  432.840955][T11167]  do_fast_syscall_32+0x32/0x80
[  432.840969][T11167]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  432.840982][T11167] RIP: 0023:0xf7f94579
[  432.840991][T11167] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  432.841001][T11167] RSP: 002b:00000000f544455c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  432.841011][T11167] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000040
[  432.841018][T11167] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000080000400
[  432.841024][T11167] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  432.841030][T11167] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  432.841036][T11167] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  432.841050][T11167]  </TASK>
[  432.935085][T11166] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  432.957558][ T5959] Bluetooth: hci3: unexpected event for opcode 0x9103
[  433.048882][T11175] rdma_rxe: rxe_newlink: failed to add syz_tun
[  433.657714][T11183] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1277'.
[  433.709030][ T5371] usb 5-1: USB disconnect, device number 31
[  434.030147][T11197] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  434.336674][T11202] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1282'.
[  434.350111][T11204] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1283'.
[  434.353013][T11204] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1283'.
[  434.356615][T11204] netlink: 'syz.4.1283': attribute type 12 has an invalid length.
[  434.361424][T11204] netlink: 'syz.4.1283': attribute type 11 has an invalid length.
[  434.407499][ T5959] Bluetooth: hci4: command 0x0c1a tx timeout
[  434.837463][T11219] rdma_rxe: rxe_newlink: failed to add syz_tun
[  435.044736][T11223] ufs: You didn't specify the type of your ufs filesystem
[  435.044736][T11223] 
[  435.044736][T11223] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  435.044736][T11223] 
[  435.044736][T11223] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  435.059789][T11223] ufs: ufs_fill_super(): bad magic number
[  435.343662][T11226] FAULT_INJECTION: forcing a failure.
[  435.343662][T11226] name failslab, interval 1, probability 0, space 0, times 0
[  435.347643][T11226] CPU: 2 UID: 0 PID: 11226 Comm: syz.0.1291 Not tainted syzkaller #0 PREEMPT(full) 
[  435.347661][T11226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  435.347670][T11226] Call Trace:
[  435.347675][T11226]  <TASK>
[  435.347680][T11226]  dump_stack_lvl+0x16c/0x1f0
[  435.347701][T11226]  should_fail_ex+0x512/0x640
[  435.347721][T11226]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  435.347738][T11226]  should_failslab+0xc2/0x120
[  435.347761][T11226]  kmem_cache_alloc_node_noprof+0x78/0x770
[  435.347775][T11226]  ? __alloc_skb+0x2b2/0x380
[  435.347800][T11226]  ? __alloc_skb+0x2b2/0x380
[  435.347817][T11226]  __alloc_skb+0x2b2/0x380
[  435.347837][T11226]  ? __pfx___alloc_skb+0x10/0x10
[  435.347856][T11226]  ? __local_bh_enable_ip+0xa4/0x120
[  435.347870][T11226]  ? __dev_queue_xmit+0xaf1/0x4490
[  435.347889][T11226]  ? __dev_queue_xmit+0xae0/0x4490
[  435.347913][T11226]  alloc_skb_with_frags+0xe0/0x860
[  435.347930][T11226]  ? look_up_lock_class+0x59/0x150
[  435.347950][T11226]  sock_alloc_send_pskb+0x7f9/0x980
[  435.347992][T11226]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  435.348017][T11226]  ? __lock_acquire+0x622/0x1c90
[  435.348039][T11226]  __ip_append_data+0x2149/0x41a0
[  435.348060][T11226]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  435.348074][T11226]  ? find_held_lock+0x2b/0x80
[  435.348088][T11226]  ? ip_dst_mtu_maybe_forward.constprop.0+0x328/0x750
[  435.348111][T11226]  ? ip_dst_mtu_maybe_forward.constprop.0+0x332/0x750
[  435.348131][T11226]  ? __pfx___ip_append_data+0x10/0x10
[  435.348156][T11226]  ip_make_skb+0x27f/0x300
[  435.348174][T11226]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  435.348194][T11226]  ? __pfx_ip_make_skb+0x10/0x10
[  435.348214][T11226]  ? ipv4_dst_check+0x1a8/0x3b0
[  435.348236][T11226]  ? udp_sendmsg+0x17d7/0x2870
[  435.348250][T11226]  udp_sendmsg+0x17d7/0x2870
[  435.348270][T11226]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  435.348307][T11226]  ? __pfx_udp_sendmsg+0x10/0x10
[  435.348347][T11226]  ? __pfx_udp_sendmsg+0x10/0x10
[  435.348363][T11226]  inet_sendmsg+0x105/0x140
[  435.348383][T11226]  ____sys_sendmsg+0x973/0xc70
[  435.348403][T11226]  ? __pfx_____sys_sendmsg+0x10/0x10
[  435.348418][T11226]  ? get_compat_msghdr+0x11a/0x170
[  435.348434][T11226]  ? __pfx__kstrtoull+0x10/0x10
[  435.348453][T11226]  ___sys_sendmsg+0x134/0x1d0
[  435.348468][T11226]  ? __pfx____sys_sendmsg+0x10/0x10
[  435.348479][T11226]  ? __lock_acquire+0x622/0x1c90
[  435.348514][T11226]  ? __pfx___might_resched+0x10/0x10
[  435.348532][T11226]  __sys_sendmmsg+0x2f9/0x420
[  435.348548][T11226]  ? __pfx___sys_sendmmsg+0x10/0x10
[  435.348567][T11226]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  435.348592][T11226]  ? fput+0x9b/0xd0
[  435.348610][T11226]  ? ksys_write+0x1ac/0x250
[  435.348638][T11226]  ? __pfx_ksys_write+0x10/0x10
[  435.348657][T11226]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  435.348670][T11226]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  435.348688][T11226]  __do_fast_syscall_32+0x7c/0x300
[  435.348707][T11226]  do_fast_syscall_32+0x32/0x80
[  435.348724][T11226]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  435.348742][T11226] RIP: 0023:0xf7f31579
[  435.348753][T11226] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  435.348765][T11226] RSP: 002b:00000000f540555c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  435.348779][T11226] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080004d00
[  435.348788][T11226] RDX: 0000000000000300 RSI: 0000000000000f00 RDI: 0000000000000000
[  435.348795][T11226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  435.348801][T11226] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  435.348807][T11226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  435.348821][T11226]  </TASK>
[  435.691306][   T29] usb 42-1: device descriptor read/8, error -110
[  435.808976][T11235] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1294'.
[  435.965843][T11237] FAULT_INJECTION: forcing a failure.
[  435.965843][T11237] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  435.977394][T11237] CPU: 0 UID: 0 PID: 11237 Comm: syz.4.1295 Not tainted syzkaller #0 PREEMPT(full) 
[  435.977421][T11237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  435.977437][T11237] Call Trace:
[  435.977443][T11237]  <TASK>
[  435.977448][T11237]  dump_stack_lvl+0x16c/0x1f0
[  435.977465][T11237]  should_fail_ex+0x512/0x640
[  435.977484][T11237]  should_fail_alloc_page+0xe7/0x130
[  435.977499][T11237]  prepare_alloc_pages+0x3c2/0x610
[  435.977514][T11237]  ? rcu_is_watching+0x12/0xc0
[  435.977527][T11237]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  435.977538][T11237]  ? css_rstat_updated+0x1c2/0x510
[  435.977551][T11237]  ? __pfx_css_rstat_updated+0x10/0x10
[  435.977567][T11237]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  435.977583][T11237]  ? __lock_acquire+0x622/0x1c90
[  435.977600][T11237]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  435.977618][T11237]  ? policy_nodemask+0xea/0x4e0
[  435.977634][T11237]  alloc_pages_mpol+0x1fb/0x550
[  435.977648][T11237]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  435.977666][T11237]  folio_alloc_mpol_noprof+0x36/0x2f0
[  435.977682][T11237]  vma_alloc_folio_noprof+0xed/0x1e0
[  435.977698][T11237]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  435.977718][T11237]  do_pte_missing+0x2202/0x3ba0
[  435.977735][T11237]  ? find_held_lock+0x2b/0x80
[  435.977749][T11237]  __handle_mm_fault+0x1556/0x2aa0
[  435.977769][T11237]  ? __pfx___handle_mm_fault+0x10/0x10
[  435.977786][T11237]  ? __pte_offset_map_lock+0x174/0x310
[  435.977799][T11237]  ? find_held_lock+0x2b/0x80
[  435.977814][T11237]  ? follow_page_pte+0x5cf/0x1390
[  435.977831][T11237]  handle_mm_fault+0x589/0xd10
[  435.977849][T11237]  __get_user_pages+0x54e/0x3530
[  435.977868][T11237]  ? down_read_killable+0x220/0x4b0
[  435.977883][T11237]  ? __lock_acquire+0x622/0x1c90
[  435.977896][T11237]  ? __pfx___get_user_pages+0x10/0x10
[  435.977914][T11237]  __gup_longterm_locked+0xa92/0x17e0
[  435.977933][T11237]  ? __pfx___gup_longterm_locked+0x10/0x10
[  435.977948][T11237]  ? try_get_folio+0x255/0x730
[  435.977961][T11237]  ? find_held_lock+0x2b/0x80
[  435.977972][T11237]  ? sanity_check_pinned_pages+0x58a/0x11d0
[  435.977988][T11237]  gup_fast_fallback+0xee2/0x22a0
[  435.978013][T11237]  ? __pfx_gup_fast_fallback+0x10/0x10
[  435.978034][T11237]  pin_user_pages_fast+0xa7/0xf0
[  435.978048][T11237]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  435.978063][T11237]  ? rds_info_getsockopt+0x377/0x4f0
[  435.978079][T11237]  rds_info_getsockopt+0x39f/0x4f0
[  435.978092][T11237]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  435.978105][T11237]  ? find_held_lock+0x2b/0x80
[  435.978115][T11237]  ? __might_fault+0x13b/0x190
[  435.978129][T11237]  rds_getsockopt+0x173/0x2d0
[  435.978145][T11237]  ? __pfx_rds_getsockopt+0x10/0x10
[  435.978160][T11237]  do_sock_getsockopt+0x34d/0x440
[  435.978179][T11237]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  435.978190][T11237]  ? __fget_files+0x204/0x3c0
[  435.978208][T11237]  __sys_getsockopt+0x123/0x1b0
[  435.978221][T11237]  __ia32_sys_getsockopt+0xbc/0x160
[  435.978230][T11237]  ? lockdep_hardirqs_on+0x7c/0x110
[  435.978243][T11237]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  435.978257][T11237]  __do_fast_syscall_32+0x7c/0x300
[  435.978272][T11237]  do_fast_syscall_32+0x32/0x80
[  435.978285][T11237]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  435.978298][T11237] RIP: 0023:0xf70dd579
[  435.978307][T11237] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  435.978317][T11237] RSP: 002b:00000000f54cd55c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  435.978328][T11237] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000114
[  435.978334][T11237] RDX: 0000000000002711 RSI: 0000000080000600 RDI: 0000000080000000
[  435.978350][T11237] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  435.978357][T11237] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  435.978363][T11237] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  435.978376][T11237]  </TASK>
[  436.108455][   T29] usb usb42-port1: attempt power cycle
[  436.481110][T11243] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  436.701750][   T29] usb usb42-port1: unable to enumerate USB device
[  437.042637][ T5959] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  437.045867][ T5959] Bluetooth: hci3: Injecting HCI hardware error event
[  437.052917][ T5955] Bluetooth: hci3: hardware error 0x00
[  437.123441][T11249] misc userio: Invalid payload size
[  437.125868][T11249] dummy0: entered allmulticast mode
[  437.229650][T11248] dummy0: left allmulticast mode
[  437.987016][T11259] rdma_rxe: rxe_newlink: failed to add syz_tun
[  438.495301][T11275] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1304'.
[  438.981184][T11284] netlink: 'syz.3.1308': attribute type 12 has an invalid length.
[  439.131987][ T5955] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  439.445013][T11296] FAULT_INJECTION: forcing a failure.
[  439.445013][T11296] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  439.449378][T11296] CPU: 2 UID: 0 PID: 11296 Comm: syz.4.1312 Not tainted syzkaller #0 PREEMPT(full) 
[  439.449413][T11296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  439.449421][T11296] Call Trace:
[  439.449426][T11296]  <TASK>
[  439.449432][T11296]  dump_stack_lvl+0x16c/0x1f0
[  439.449449][T11296]  should_fail_ex+0x512/0x640
[  439.449468][T11296]  _copy_from_user+0x2e/0xd0
[  439.449485][T11296]  copy_mount_options+0x76/0x190
[  439.449502][T11296]  __ia32_sys_mount+0x1ab/0x310
[  439.449515][T11296]  ? __pfx___ia32_sys_mount+0x10/0x10
[  439.449528][T11296]  ? rcu_is_watching+0x12/0xc0
[  439.449542][T11296]  __do_fast_syscall_32+0x7c/0x300
[  439.449557][T11296]  do_fast_syscall_32+0x32/0x80
[  439.449571][T11296]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  439.449585][T11296] RIP: 0023:0xf70dd579
[  439.449594][T11296] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  439.449605][T11296] RSP: 002b:00000000f54ac55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  439.449615][T11296] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000300
[  439.449622][T11296] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000080000600
[  439.449628][T11296] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  439.449634][T11296] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  439.449639][T11296] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  439.449653][T11296]  </TASK>
[  439.553787][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  440.054762][T11310] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1316'.
[  440.624435][T11319] rdma_rxe: rxe_newlink: failed to add syz_tun
[  440.676158][T11321] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.1321'.
[  441.084530][ T7288] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  441.086928][ T7288] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  441.461816][T11338] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1326'.
[  441.640611][T11340] misc userio: Invalid payload size
[  441.643336][T11340] dummy0: entered allmulticast mode
[  441.779173][T11339] dummy0: left allmulticast mode
[  442.019798][T11347] netlink: 'syz.4.1328': attribute type 1 has an invalid length.
[  442.719527][T11352] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  443.246474][T11357] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1332'.
[  443.408755][    T9] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  443.575704][    T9] usb 5-1: Using ep0 maxpacket: 8
[  443.582525][    T9] usb 5-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  443.587390][    T9] usb 5-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  443.591447][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  443.594154][    T9] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  443.598444][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.603632][    T9] usb 5-1: config 0 descriptor??
[  443.737963][T11367] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1335'.
[  444.218720][T11351] netlink: 'syz.0.1331': attribute type 10 has an invalid length.
[  444.221202][T11351] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1331'.
[  444.224694][T11351] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  444.228019][T11351] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  444.232605][T11351] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  444.309274][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  444.311480][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  444.320006][    T9] usb 5-1: USB disconnect, device number 32
[  444.597968][T11389] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  445.222418][   T40] kauditd_printk_skb: 495 callbacks suppressed
[  445.222429][   T40] audit: type=1326 audit(1763218005.391:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11397 comm="syz.3.1345" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000
[  445.232822][   T40] audit: type=1326 audit(1763218005.391:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11397 comm="syz.3.1345" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f67598 code=0x7ffc0000
[  445.241046][   T40] audit: type=1326 audit(1763218005.391:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11397 comm="syz.3.1345" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000
[  445.253612][   T40] audit: type=1326 audit(1763218005.411:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11397 comm="syz.3.1345" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000
[  445.263159][   T40] audit: type=1326 audit(1763218005.411:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11397 comm="syz.3.1345" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000
[  445.272085][   T40] audit: type=1326 audit(1763218005.411:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11397 comm="syz.3.1345" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000
[  445.280708][   T40] audit: type=1326 audit(1763218005.411:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11397 comm="syz.3.1345" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000
[  445.292168][   T40] audit: type=1326 audit(1763218005.411:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11397 comm="syz.3.1345" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000
[  445.301192][   T40] audit: type=1326 audit(1763218005.411:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11397 comm="syz.3.1345" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000
[  445.309924][   T40] audit: type=1326 audit(1763218005.411:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11397 comm="syz.3.1345" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f67598 code=0x7ffc0000
[  445.340266][T11398] overlayfs: failed to resolve './file0': -2
[  445.447302][T11402] 9pnet_fd: Insufficient options for proto=fd
[  445.499453][T11404] overlayfs: overlapping lowerdir path
[  445.627212][T11405] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  445.835566][T11407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1348'.
[  445.840476][T11407] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1348'.
[  445.888010][T11408] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1348'.
[  446.101088][T11410] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1348'.
[  447.067155][T11415] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  447.250642][T11424] syz1: rxe_newlink: already configured on syz_tun
[  447.389502][T11428] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  447.848724][T11440] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  448.676174][T11461] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1364'.
[  448.746811][T11459] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1365'.
[  448.803114][T11468] netlink: 'syz.3.1366': attribute type 1 has an invalid length.
[  449.492152][T11472] rdma_rxe: rxe_newlink: failed to add syz_tun
[  449.905492][T11477] bridge_slave_0: left allmulticast mode
[  449.907929][T11477] bridge_slave_0: left promiscuous mode
[  449.911085][T11477] bridge0: port 1(bridge_slave_0) entered disabled state
[  450.002253][T11477] bridge_slave_1: left allmulticast mode
[  450.004238][T11477] bridge_slave_1: left promiscuous mode
[  450.006545][T11477] bridge0: port 2(bridge_slave_1) entered disabled state
[  450.293991][T11477] bond0: (slave bond_slave_0): Releasing backup interface
[  450.450987][T11477] bond0: (slave bond_slave_1): Releasing backup interface
[  450.571481][ T5959] Bluetooth: hci4: command 0x0c1a tx timeout
[  450.583517][T11477] team0: Port device team_slave_0 removed
[  450.585889][T11477] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  450.588519][T11477] batman_adv: batadv0: Removing interface: batadv_slave_0
[  450.632462][T11477] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  450.634703][T11477] batman_adv: batadv0: Removing interface: batadv_slave_1
[  450.683094][T11477] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  451.009653][T11490] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  451.111990][   T40] kauditd_printk_skb: 207 callbacks suppressed
[  451.112002][   T40] audit: type=1326 audit(1763218011.266:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11493 comm="syz.2.1374" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x0
[  451.450257][T11515] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1377'.
[  451.454342][T11515] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1377'.
[  452.526398][T11542] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1385'.
[  453.119743][T11551] syz.2.1387 (11551) used obsolete PPPIOCDETACH ioctl
[  453.155611][T11552] rdma_rxe: rxe_newlink: failed to add syz_tun
[  453.332858][T11557] 8021q: adding VLAN 0 to HW filter on device bond1
[  453.362613][T11557] bond1: (slave ip6gretap1): making interface the new active one
[  453.365825][T11557] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  453.375576][T11557] 8021q: adding VLAN 0 to HW filter on device bond1
[  453.378617][T11557] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1390'.
[  454.743592][T11579] IPVS: Error connecting to the multicast addr
[  454.856245][T11582] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1397'.
[  455.143040][T11585] FAULT_INJECTION: forcing a failure.
[  455.143040][T11585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  455.148340][T11585] CPU: 2 UID: 0 PID: 11585 Comm: syz.0.1398 Not tainted syzkaller #0 PREEMPT(full) 
[  455.148363][T11585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  455.148387][T11585] Call Trace:
[  455.148394][T11585]  <TASK>
[  455.148400][T11585]  dump_stack_lvl+0x16c/0x1f0
[  455.148425][T11585]  should_fail_ex+0x512/0x640
[  455.148453][T11585]  _copy_to_user+0x32/0xd0
[  455.148481][T11585]  simple_read_from_buffer+0xcb/0x170
[  455.148508][T11585]  proc_fail_nth_read+0x197/0x240
[  455.148529][T11585]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  455.148552][T11585]  ? rw_verify_area+0xcf/0x6c0
[  455.148568][T11585]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  455.148587][T11585]  vfs_read+0x1e4/0xcf0
[  455.148613][T11585]  ? __pfx_vfs_read+0x10/0x10
[  455.148628][T11585]  ? find_held_lock+0x2b/0x80
[  455.148655][T11585]  ? __fget_files+0x20e/0x3c0
[  455.148680][T11585]  ksys_read+0x12a/0x250
[  455.148698][T11585]  ? __pfx_ksys_read+0x10/0x10
[  455.148716][T11585]  ? fput+0x9b/0xd0
[  455.148738][T11585]  ? rcu_is_watching+0x12/0xc0
[  455.148761][T11585]  __do_fast_syscall_32+0x7c/0x300
[  455.148786][T11585]  do_fast_syscall_32+0x32/0x80
[  455.148807][T11585]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  455.148829][T11585] RIP: 0023:0xf7f31579
[  455.148842][T11585] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  455.148858][T11585] RSP: 002b:00000000f5405590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  455.148874][T11585] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000f5405620
[  455.148885][T11585] RDX: 000000000000000f RSI: 00000000f73c6ff4 RDI: 0000000000000000
[  455.148894][T11585] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  455.148903][T11585] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  455.148914][T11585] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  455.148949][T11585]  </TASK>
[  455.223580][    C2] vkms_vblank_simulate: vblank timer overrun
[  455.356302][T11587] lo: entered promiscuous mode
[  455.357912][T11587] lo: entered allmulticast mode
[  455.360838][T11587] tunl0: entered promiscuous mode
[  455.362985][T11587] tunl0: entered allmulticast mode
[  455.367527][T11587] gre0: entered promiscuous mode
[  455.369603][T11587] gre0: entered allmulticast mode
[  455.374201][T11587] gretap0: entered promiscuous mode
[  455.376636][T11587] gretap0: entered allmulticast mode
[  455.377894][T11590] tmpfs: Bad value for 'mpol'
[  455.380393][T11587] erspan0: entered promiscuous mode
[  455.383035][T11587] erspan0: entered allmulticast mode
[  455.387419][T11587] ip_vti0: entered promiscuous mode
[  455.389661][T11587] ip_vti0: entered allmulticast mode
[  455.393111][T11587] ip6_vti0: entered promiscuous mode
[  455.396619][T11587] ip6_vti0: entered allmulticast mode
[  455.399593][T11587] sit0: entered promiscuous mode
[  455.401426][T11587] sit0: entered allmulticast mode
[  455.430573][T11587] ip6tnl0: entered promiscuous mode
[  455.433372][T11587] ip6tnl0: entered allmulticast mode
[  455.438464][T11587] ip6gre0: entered promiscuous mode
[  455.441399][T11587] ip6gre0: entered allmulticast mode
[  455.458556][T11587] syz_tun: entered promiscuous mode
[  455.460790][T11587] syz_tun: entered allmulticast mode
[  455.475151][T11587] ip6gretap0: entered promiscuous mode
[  455.478042][T11587] ip6gretap0: entered allmulticast mode
[  455.485916][T11587] vcan0: entered promiscuous mode
[  455.488266][T11587] vcan0: entered allmulticast mode
[  455.492327][T11587] bond0: entered promiscuous mode
[  455.495059][T11587] bond_slave_0: entered promiscuous mode
[  455.498057][T11587] bond_slave_1: entered promiscuous mode
[  455.500109][T11587] bond0: entered allmulticast mode
[  455.502882][T11587] bond_slave_0: entered allmulticast mode
[  455.506766][T11587] bond_slave_1: entered allmulticast mode
[  455.511972][T11587] 8021q: adding VLAN 0 to HW filter on device bond0
[  455.517883][T11587] team0: entered promiscuous mode
[  455.520785][T11587] C: entered promiscuous mode
[  455.532202][T11587] team_slave_1: entered promiscuous mode
[  455.535782][T11587] team0: entered allmulticast mode
[  455.537837][T11587] C: entered allmulticast mode
[  455.540033][T11587] team_slave_1: entered allmulticast mode
[  455.545235][T11587] 8021q: adding VLAN 0 to HW filter on device team0
[  455.548543][T11587] dummy0: entered promiscuous mode
[  455.551243][T11587] dummy0: entered allmulticast mode
[  455.556999][T11587] nlmon0: entered promiscuous mode
[  455.560112][T11587] nlmon0: entered allmulticast mode
[  455.586318][T11587] caif0: entered promiscuous mode
[  455.588364][T11587] caif0: entered allmulticast mode
[  455.590517][T11587] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  455.626778][  T840] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  455.825934][ T7282] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  455.946134][  T840] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  456.187589][T11606] netlink: 'syz.4.1405': attribute type 3 has an invalid length.
[  456.303911][T11611] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1406'.
[  456.431045][T11610] picdev_read: 502 callbacks suppressed
[  456.431063][T11610] kvm: pic: non byte read
[  456.436035][T11610] kvm: pic: non byte read
[  456.440336][T11610] kvm: pic: non byte read
[  456.442502][T11610] kvm: pic: non byte read
[  456.444644][T11610] kvm: pic: non byte read
[  456.448406][T11610] kvm: pic: non byte read
[  456.450100][T11610] kvm: pic: non byte read
[  456.451792][T11610] kvm: pic: non byte read
[  456.453469][T11610] kvm: pic: non byte read
[  456.455220][T11610] kvm: pic: non byte read
[  456.623057][T11617] debugfs: 'ttyS3' already exists in 'caif_serial'
[  456.749587][T11624] 9pnet: Could not find request transport: vi�
[  456.900964][T11627] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  457.168848][ T7281] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  457.171994][ T7281] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  457.216989][   T34] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  457.802129][    T9] kernel write not supported for file task/1180/attr/fscreate (pid: 9 comm: kworker/0:0)
[  457.811325][T11656] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1417'.
[  458.059157][T11662] warn_alloc: 1 callbacks suppressed
[  458.059168][T11662] syz.0.1420: vmalloc error: size 16384, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  458.077798][T11662] CPU: 2 UID: 0 PID: 11662 Comm: syz.0.1420 Not tainted syzkaller #0 PREEMPT(full) 
[  458.077815][T11662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  458.077822][T11662] Call Trace:
[  458.077826][T11662]  <TASK>
[  458.077831][T11662]  dump_stack_lvl+0x16c/0x1f0
[  458.077847][T11662]  warn_alloc+0x248/0x3a0
[  458.077860][T11662]  ? __pfx_warn_alloc+0x10/0x10
[  458.077871][T11662]  ? alloc_pages_mpol+0x25a/0x550
[  458.077885][T11662]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  458.077898][T11662]  ? __pfx_alloc_pages_bulk_mempolicy_noprof+0x10/0x10
[  458.077916][T11662]  ? __kmalloc_node_noprof+0x364/0x8a0
[  458.077928][T11662]  ? __get_vm_area_node+0x208/0x330
[  458.077945][T11662]  __vmalloc_node_range_noprof+0x119b/0x1480
[  458.077965][T11662]  ? vhost_task_create+0x1d2/0x370
[  458.077985][T11662]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  458.078003][T11662]  ? rcu_is_watching+0x12/0xc0
[  458.078015][T11662]  ? vhost_task_create+0x1d2/0x370
[  458.078029][T11662]  __vmalloc_node_noprof+0xad/0xf0
[  458.078044][T11662]  ? vhost_task_create+0x1d2/0x370
[  458.078060][T11662]  copy_process+0x2c77/0x76a0
[  458.078080][T11662]  ? __pfx_copy_process+0x10/0x10
[  458.078094][T11662]  ? lockdep_init_map_type+0x5c/0x280
[  458.078111][T11662]  ? lockdep_init_map_type+0x5c/0x280
[  458.078125][T11662]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  458.078141][T11662]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  458.078154][T11662]  vhost_task_create+0x1d2/0x370
[  458.078169][T11662]  ? __pfx_vhost_task_create+0x10/0x10
[  458.078195][T11662]  ? __pfx_vhost_task_fn+0x10/0x10
[  458.078216][T11662]  kvm_mmu_post_init_vm+0x1b7/0x380
[  458.078229][T11662]  kvm_arch_vcpu_ioctl_run+0x66/0x1920
[  458.078241][T11662]  ? kvm_vcpu_ioctl+0x14c5/0x1690
[  458.078258][T11662]  kvm_vcpu_ioctl+0x5eb/0x1690
[  458.078274][T11662]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  458.078288][T11662]  ? tomoyo_path_number_perm+0x18d/0x580
[  458.078308][T11662]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  458.078329][T11662]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  458.078348][T11662]  ? do_vfs_ioctl+0x128/0x14f0
[  458.078364][T11662]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  458.078385][T11662]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  458.078400][T11662]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  458.078415][T11662]  ? __fget_files+0x20e/0x3c0
[  458.078428][T11662]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  458.078443][T11662]  __ia32_compat_sys_ioctl+0x242/0x370
[  458.078460][T11662]  __do_fast_syscall_32+0x7c/0x300
[  458.078475][T11662]  do_fast_syscall_32+0x32/0x80
[  458.078489][T11662]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  458.078503][T11662] RIP: 0023:0xf7f31579
[  458.078511][T11662] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  458.078521][T11662] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  458.078531][T11662] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  458.078538][T11662] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  458.078544][T11662] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  458.078549][T11662] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  458.078555][T11662] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  458.078569][T11662]  </TASK>
[  458.078573][T11662] Mem-Info:
[  458.123170][T11665] lo speed is unknown, defaulting to 1000
[  458.123781][T11662] active_anon:12918 inactive_anon:2707 isolated_anon:0
[  458.123781][T11662]  active_file:10070 inactive_file:14433 isolated_file:0
[  458.123781][T11662]  unevictable:1768 dirty:113 writeback:0
[  458.123781][T11662]  slab_reclaimable:6474 slab_unreclaimable:65400
[  458.123781][T11662]  mapped:31109 shmem:10920 pagetables:1319
[  458.123781][T11662]  sec_pagetables:320 bounce:0
[  458.123781][T11662]  kernel_misc_reclaimable:0
[  458.123781][T11662]  free:50126 free_pcp:14144 free_cma:0
[  458.125841][T11665] lo speed is unknown, defaulting to 1000
[  458.128049][T11662] Node 0 active_anon:2396kB inactive_anon:12kB active_file:4kB inactive_file:4kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2208kB dirty:4kB writeback:0kB shmem:4924kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8164kB pagetables:1288kB sec_pagetables:1160kB all_unreclaimable? yes Balloon:0kB
[  458.128078][T11662] Node 1 active_anon:49376kB inactive_anon:10816kB active_file:40276kB inactive_file:57728kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:122228kB dirty:448kB writeback:0kB shmem:38756kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5284kB pagetables:3988kB sec_pagetables:120kB all_unreclaimable? no Balloon:0kB
[  458.128104][T11662] Node 0 DMA free:2096kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:220kB local_pcp:24kB free_cma:0kB
[  458.135124][T11665] lo speed is unknown, defaulting to 1000
[  458.135976][T11662] lowmem_reserve[]: 0 294 294 294
[  458.145647][T11665] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  458.147125][T11662]  294
[  458.167683][T11665] infiniband syz: RDMA CMA: cma_listen_on_dev, error -98
[  458.168195][T11662] 
[  458.215896][T11665] lo speed is unknown, defaulting to 1000
[  458.223244][T11662] Node 0 DMA32 free:16488kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:0KB free_highatomic:0KB active_anon:2384kB inactive_anon:12kB active_file:4kB inactive_file:4kB unevictable:3536kB writepending:4kB zspages:0kB present:1032196kB managed:301140kB mlocked:0kB bounce:0kB free_pcp:12704kB local_pcp:3696kB free_cma:0kB
[  458.223281][T11662] lowmem_reserve[]: 0 0 0 0 0
[  458.223302][T11662] Node 1 DMA32 free:181920kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:50376kB inactive_anon:10816kB active_file:40276kB inactive_file:57728kB unevictable:3536kB writepending:448kB zspages:1740kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:42416kB local_pcp:16896kB free_cma:0kB
[  458.242125][T11665] lo speed is unknown, defaulting to 1000
[  458.245709][T11662] lowmem_reserve[]:
[  458.252116][T11665] lo speed is unknown, defaulting to 1000
[  458.252461][T11662]  0
[  458.257092][T11665] lo speed is unknown, defaulting to 1000
[  458.259431][T11662]  0 0 0 0
[  458.259451][T11662] Node 0 DMA: 50*4kB (U) 21*8kB (U) 4*16kB (UM) 4*32kB (UM) 0*64kB 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2096kB
[  458.259527][T11662] Node 0 DMA32: 424*4kB (UME) 111*8kB (UME) 41*16kB (UE) 68*32kB (UE) 13*64kB (UE) 4*128kB (UE) 10*256kB (UM) 8*512kB (UM) 3*1024kB (UM) 0*2048kB 0*4096kB = 16488kB
[  458.309888][T11662] Node 1 DMA32: 2*4kB (ME) 3*8kB (UME) 2*16kB (ME) 45*32kB (UME) 193*64kB (UE) 125*128kB (UME) 96*256kB (UME) 66*512kB (UME) 27*1024kB (UM) 14*2048kB (UM) 9*4096kB (UM) = 181408kB
[  458.315645][T11662] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  458.318748][T11662] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  458.321731][T11662] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  458.324690][T11662] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  458.327630][T11662] 35569 total pagecache pages
[  458.329207][T11662] 163 pages in swap cache
[  458.330709][T11662] Free swap  = 121524kB
[  458.332091][T11662] Total swap = 124996kB
[  458.333413][T11662] 524155 pages RAM
[  458.334700][T11662] 0 pages HighMem/MovableOnly
[  458.336217][T11662] 207975 pages reserved
[  458.337623][T11662] 0 pages cma reserved
[  458.703901][T11685] Bluetooth: MGMT ver 1.23
[  459.710307][T11699] FAULT_INJECTION: forcing a failure.
[  459.710307][T11699] name failslab, interval 1, probability 0, space 0, times 0
[  459.720101][T11699] CPU: 3 UID: 0 PID: 11699 Comm: syz.4.1432 Not tainted syzkaller #0 PREEMPT(full) 
[  459.720130][T11699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  459.720137][T11699] Call Trace:
[  459.720152][T11699]  <TASK>
[  459.720156][T11699]  dump_stack_lvl+0x16c/0x1f0
[  459.720188][T11699]  should_fail_ex+0x512/0x640
[  459.720213][T11699]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  459.720226][T11699]  should_failslab+0xc2/0x120
[  459.720240][T11699]  kmem_cache_alloc_noprof+0x75/0x6e0
[  459.720250][T11699]  ? __kvm_mmu_topup_memory_cache+0x455/0x600
[  459.720265][T11699]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  459.720283][T11699]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  459.720298][T11699]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  459.720317][T11699]  mmu_topup_memory_caches+0x25/0x170
[  459.720335][T11699]  kvm_mmu_load+0xd6/0x23c0
[  459.720351][T11699]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  459.720364][T11699]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  459.720379][T11699]  ? __pfx_kvm_mmu_load+0x10/0x10
[  459.720395][T11699]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  459.720410][T11699]  ? kvm_check_and_inject_events+0x71c/0x1310
[  459.720431][T11699]  vcpu_run+0x3779/0x54d0
[  459.720447][T11699]  ? __pfx_vcpu_run+0x10/0x10
[  459.720464][T11699]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1920
[  459.720475][T11699]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1920
[  459.720490][T11699]  kvm_vcpu_ioctl+0x5eb/0x1690
[  459.720505][T11699]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  459.720520][T11699]  ? tomoyo_path_number_perm+0x18d/0x580
[  459.720539][T11699]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  459.720560][T11699]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  459.720579][T11699]  ? do_vfs_ioctl+0x128/0x14f0
[  459.720595][T11699]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  459.720616][T11699]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  459.720631][T11699]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  459.720646][T11699]  ? __fget_files+0x20e/0x3c0
[  459.720659][T11699]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  459.720673][T11699]  __ia32_compat_sys_ioctl+0x242/0x370
[  459.720691][T11699]  __do_fast_syscall_32+0x7c/0x300
[  459.720706][T11699]  do_fast_syscall_32+0x32/0x80
[  459.720720][T11699]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  459.720733][T11699] RIP: 0023:0xf70dd579
[  459.720742][T11699] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  459.720753][T11699] RSP: 002b:00000000f54cd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  459.720763][T11699] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  459.720769][T11699] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  459.720775][T11699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  459.720781][T11699] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  459.720787][T11699] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  459.720801][T11699]  </TASK>
[  460.352473][T11716] rdma_rxe: rxe_newlink: failed to add syz_tun
[  460.739816][ T5959] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  460.739829][ T5955] Bluetooth: hci2: command 0x0406 tx timeout
[  460.809827][    T9] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  460.959951][    T9] usb 5-1: Using ep0 maxpacket: 8
[  460.964296][    T9] usb 5-1: config 230 has an invalid interface number: 153 but max is 0
[  460.967031][    T9] usb 5-1: config 230 has an invalid interface number: 97 but max is 0
[  460.970596][    T9] usb 5-1: config 230 contains an unexpected descriptor of type 0x2, skipping
[  460.974201][    T9] usb 5-1: config 230 has 2 interfaces, different from the descriptor's value: 1
[  460.977938][    T9] usb 5-1: config 230 has no interface number 0
[  460.980524][    T9] usb 5-1: config 230 has no interface number 1
[  460.982583][    T9] usb 5-1: config 230 interface 153 altsetting 194 endpoint 0x5 has invalid maxpacket 512, setting to 64
[  460.986062][    T9] usb 5-1: config 230 interface 153 altsetting 194 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  460.991453][    T9] usb 5-1: too many endpoints for config 230 interface 97 altsetting 161: 163, using maximum allowed: 30
[  460.995855][    T9] usb 5-1: config 230 interface 97 altsetting 161 has an invalid descriptor for endpoint zero, skipping
[  461.000347][    T9] usb 5-1: config 230 interface 97 altsetting 161 endpoint 0xE has an invalid bInterval 208, changing to 11
[  461.004012][    T9] usb 5-1: config 230 interface 97 altsetting 161 has 3 endpoint descriptors, different from the interface descriptor's value: 163
[  461.008159][    T9] usb 5-1: config 230 interface 153 has no altsetting 0
[  461.010398][    T9] usb 5-1: config 230 interface 97 has no altsetting 0
[  461.014627][    T9] usb 5-1: New USB device found, idVendor=152d, idProduct=0583, bcdDevice=13.ce
[  461.017482][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  461.020068][    T9] usb 5-1: Product: 晅ﯤㄥá宜춷졌渣䦸蝨톶큮雔㝿꽳쪪蕍粒箸
[  461.023079][    T9] usb 5-1: Manufacturer: ж
[  461.024513][    T9] usb 5-1: SerialNumber: syz
[  461.140199][    C3] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  461.239249][    T9] usb-storage 5-1:230.153: USB Mass Storage device detected
[  461.262356][    T9] usb-storage 5-1:230.153: Quirks match for vid 152d pid 0583: 4000000
[  461.293826][T11735] netlink: 'syz.3.1444': attribute type 10 has an invalid length.
[  461.332144][    T9] usb-storage 5-1:230.97: USB Mass Storage device detected
[  461.338697][    T9] usb-storage 5-1:230.97: Quirks match for vid 152d pid 0583: 4000000
[  461.409287][    T9] usb 5-1: USB disconnect, device number 33
[  461.862720][T11749] rdma_rxe: rxe_newlink: failed to add syz_tun
[  464.715535][T11784] netlink: 'syz.3.1457': attribute type 10 has an invalid length.
[  464.734355][T11785] rdma_rxe: rxe_newlink: failed to add syz_tun
[  465.165848][T11794] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  465.546003][T11802] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1463'.
[  466.807699][T11819] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 64993
[  467.885439][ T6032] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  467.997671][T11834] rdma_rxe: rxe_newlink: failed to add syz_tun
[  468.035875][ T6032] usb 5-1: Using ep0 maxpacket: 32
[  468.046788][ T6032] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  468.050592][ T6032] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  468.055302][ T6032] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  468.060324][ T6032] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  468.066057][ T6032] usb 5-1: config 0 interface 0 has no altsetting 0
[  468.071283][ T6032] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  468.075313][ T6032] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  468.080180][ T6032] usb 5-1: Product: syz
[  468.081702][ T6032] usb 5-1: Manufacturer: syz
[  468.083674][ T6032] usb 5-1: SerialNumber: syz
[  468.087362][ T6032] usb 5-1: config 0 descriptor??
[  468.095949][ T6032] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  468.101395][ T6032] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  469.131955][ T6833] usb 5-1: USB disconnect, device number 34
[  469.132149][T11847] ldusb 5-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71
[  469.136817][T11849] ldusb 5-1:0.0: Couldn't submit HID_REQ_SET_REPORT -19
[  469.140015][ T6833] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  469.627169][    C3] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  470.020817][T11865] input: syz0 as /devices/virtual/input/input11
[  470.233386][T11876] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1486'.
[  470.236444][T11876] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1486'.
[  470.244107][T11874] rdma_rxe: rxe_newlink: failed to add syz_tun
[  470.322092][T11882] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  470.326761][T11882] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[  470.333130][T11881] [U] �
[  470.675094][T11887] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1490'.
[  471.008375][T11894] netlink: 184 bytes leftover after parsing attributes in process `syz.4.1492'.
[  471.012462][T11894] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1492'.
[  471.407441][T11903] 
[  471.408338][T11903] ============================================
[  471.410254][T11903] WARNING: possible recursive locking detected
[  471.412281][T11903] syzkaller #0 Not tainted
[  471.414470][T11903] --------------------------------------------
[  471.418142][T11903] syz.0.1495/11903 is trying to acquire lock:
[  471.420735][T11903] ffff8880444c18f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_do_insn+0x2e/0x3e0
[  471.424563][T11903] 
[  471.424563][T11903] but task is already holding lock:
[  471.427798][T11903] ffff8880444c00f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_compat_ioctl+0x7fe/0x990
[  471.431704][T11903] 
[  471.431704][T11903] other info that might help us debug this:
[  471.435028][T11903]  Possible unsafe locking scenario:
[  471.435028][T11903] 
[  471.438106][T11903]        CPU0
[  471.439533][T11903]        ----
[  471.440959][T11903]   lock(&dev->mutex#4);
[  471.442756][T11903]   lock(&dev->mutex#4);
[  471.444571][T11903] 
[  471.444571][T11903]  *** DEADLOCK ***
[  471.444571][T11903] 
[  471.448133][T11903]  May be due to missing lock nesting notation
[  471.448133][T11903] 
[  471.451876][T11903] 1 lock held by syz.0.1495/11903:
[  471.454151][T11903]  #0: ffff8880444c00f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_compat_ioctl+0x7fe/0x990
[  471.458410][T11903] 
[  471.458410][T11903] stack backtrace:
[  471.460935][T11903] CPU: 0 UID: 0 PID: 11903 Comm: syz.0.1495 Not tainted syzkaller #0 PREEMPT(full) 
[  471.460959][T11903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  471.460971][T11903] Call Trace:
[  471.460977][T11903]  <TASK>
[  471.460984][T11903]  dump_stack_lvl+0x116/0x1f0
[  471.461008][T11903]  print_deadlock_bug+0x1e9/0x240
[  471.461032][T11903]  __lock_acquire+0x1106/0x1c90
[  471.461058][T11903]  lock_acquire+0x179/0x350
[  471.461083][T11903]  ? comedi_do_insn+0x2e/0x3e0
[  471.461101][T11903]  ? __pfx___might_resched+0x10/0x10
[  471.461122][T11903]  ? comedi_do_insn+0x2e/0x3e0
[  471.461137][T11903]  __mutex_lock+0x193/0x1060
[  471.461160][T11903]  ? comedi_do_insn+0x2e/0x3e0
[  471.461180][T11903]  ? __pfx___mutex_lock+0x10/0x10
[  471.461204][T11903]  ? __pfx___might_resched+0x10/0x10
[  471.461224][T11903]  ? __up_read+0x1f8/0x750
[  471.461250][T11903]  ? down_read+0x13d/0x480
[  471.461275][T11903]  ? comedi_do_insn+0x2e/0x3e0
[  471.461291][T11903]  comedi_do_insn+0x2e/0x3e0
[  471.461310][T11903]  comedi_dio_bitfield2+0x3c4/0x420
[  471.461329][T11903]  ? __pfx_comedi_dio_bitfield2+0x10/0x10
[  471.461347][T11903]  ? __alloc_frozen_pages_noprof+0x292/0x2470
[  471.461367][T11903]  ? __kernel_text_address+0xd/0x40
[  471.461387][T11903]  ? find_held_lock+0x2b/0x80
[  471.461407][T11903]  bonding_dio_insn_bits+0x2bd/0x570
[  471.461431][T11903]  ? __pfx_bonding_dio_insn_bits+0x10/0x10
[  471.461452][T11903]  ? __lock_acquire+0x622/0x1c90
[  471.461476][T11903]  insn_rw_emulate_bits+0x29b/0x5f0
[  471.461507][T11903]  ? __pfx_insn_rw_emulate_bits+0x10/0x10
[  471.461534][T11903]  ? rcu_read_unlock+0x17/0x60
[  471.461559][T11903]  ? comedi_check_chanlist+0x2d6/0x380
[  471.461587][T11903]  parse_insn+0xf4c/0x1970
[  471.461610][T11903]  ? __pfx_parse_insn+0x10/0x10
[  471.461630][T11903]  ? do_insnlist_ioctl+0x15f/0x700
[  471.461656][T11903]  do_insnlist_ioctl+0x272/0x700
[  471.461682][T11903]  comedi_compat_ioctl+0x810/0x990
[  471.461707][T11903]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  471.461731][T11903]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  471.461760][T11903]  ? do_vfs_ioctl+0x128/0x14f0
[  471.461786][T11903]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  471.461814][T11903]  ? find_held_lock+0x2b/0x80
[  471.461832][T11903]  ? hook_file_ioctl_common+0x145/0x410
[  471.461863][T11903]  ? __fget_files+0x20e/0x3c0
[  471.461881][T11903]  ? __ia32_compat_sys_openat+0x110/0x210
[  471.461913][T11903]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  471.461940][T11903]  __ia32_compat_sys_ioctl+0x242/0x370
[  471.461969][T11903]  __do_fast_syscall_32+0x7c/0x300
[  471.461996][T11903]  do_fast_syscall_32+0x32/0x80
[  471.462019][T11903]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  471.462042][T11903] RIP: 0023:0xf7f31579
[  471.462057][T11903] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  471.462074][T11903] RSP: 002b:00000000f540555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  471.462092][T11903] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000008008640b
[  471.462103][T11903] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000
[  471.462114][T11903] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  471.462125][T11903] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  471.462136][T11903] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  471.462154][T11903]  </TASK>

VM DIAGNOSIS:
14:42:55  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85269390 RDI=ffffffff9adc5de0 RBP=ffffffff9adc5da0 RSP=ffffc9000d4af038
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=656c6c616b7a7973
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff35b8c0e R15=dffffc0000000000
RIP=ffffffff852693b7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88809780d000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000310e6420 CR3=000000006e047000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000c0160c RBX=0000000000000001 RCX=ffffffff8b5d92a9 RDX=ffffed1005666656
RSI=ffffffff8bf07540 RDI=ffffffff8191bf0d RBP=ffffed1003b5f490 RSP=ffffc9000046fde8
R8 =0000000000000000 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000001
R12=0000000000000001 R13=ffff88801dafa480 R14=ffffffff908248d0 R15=0000000000000000
RIP=ffffffff8b5d7d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88809790d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5405da4 CR3=000000004841c000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000046 RBX=ffff88802b427c80 RCX=ffffffff81c4580f RDX=0000000000000000
RSI=ffffffff8bf07540 RDI=ffffffff8b603ac2 RBP=0000000000000246 RSP=ffffc900033efc38
R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff908248d7 R11=0000000000000000
R12=dffffc0000000000 R13=ffffc900033efd90 R14=0000000000000001 R15=ffff8880277f8018
RIP=ffffffff8b603aa1 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097a0d000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f7fa67225d0 CR3=00000000472b4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7446ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000046f44c RBX=0000000000000003 RCX=ffffffff8b5d92a9 RDX=ffffed10056a6656
RSI=ffffffff8bf07540 RDI=ffffffff8191bf0d RBP=ffffed10037e5000 RSP=ffffc9000048fde8
R8 =0000000000000000 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000001
R12=0000000000000003 R13=ffff88801bf28000 R14=ffffffff908248d0 R15=0000000000000000
RIP=ffffffff8b5d7d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097b0d000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3361fc CR3=000000004841c000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000