last executing test programs:

9.889390598s ago: executing program 2 (id=695):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x200}}]}, 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000280)=[0x1], &(0x7f0000000340)=[{0x4, 0x2, 0x6, 0x8}, {0x0, 0x1, 0xb, 0x8}, {0x0, 0x2, 0x9, 0x5}, {0x1, 0x2, 0xf, 0x7}, {0x3, 0x5, 0xe, 0xa}, {0x5, 0x2, 0xf, 0x2}, {0x5, 0x5, 0x3, 0x9}], 0x10, 0xfffffffb, @void, @value}, 0x94)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000006900000000000001000000940fa7c7326ae0367600000007070000b28a4533503319"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x1a, 0x4000095)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x1f2f, 0xc0, 0x0, &(0x7f0000000480)="9f44948721919580684010a405dda2717060ce495279829e885d4ce90c523581d5176139cbff678c665c39a4a355cf7be014c74aab5afc1173fca09b436f7a26cdd634e101abbef0db144b8f2d5abd18ada30460ba731fab3bf7bf7fb419a6769cc6cf4906308db105d0b503ffb7e64f5fc98b0f48b8ad2a4ed10782a8cbce676147e697f36e08fd1a24b93de910fa2faa41a69cfb8d9a760657287681921e332f941874c9b33a489c570917e3b3e82d600d5c1ba4a70373695d4b54e33cfae1", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0xe, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r6 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x20000000}, 0xc)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')
lseek(r7, 0x10401, 0x0)
syz_usb_connect$cdc_ecm(0x5, 0x56, &(0x7f0000000800)=ANY=[@ANYBLOB="12010000020000102505a1a4400000000101090244000101000000090400001602020000052406000005240000000d240f01000000000000000000090581030000000000090582f5ffffffffff080503020000000000f2d8c2eaef600316972c06f93980052980bb410281a3181e20850fb75c5807181fdb0bb890b982e7dddf81084907fcddd6b9e857c5206a22dbc1b89f667599a57c28afc74eb3bd75b2f4faae99e386c48a6b9f1280553830c3e3ba56c1dec3269d17447b852957dd6e6d312c1af9cd676eed792adb6dd1d365a4f9031006d2be6efc6d62978ed74d391237684e2399203a50952a148ca255c57816eab78b97b9f155dd213e0308666064d4f80018cdbb7f68a41036aab20da67e938dbeb2677ba9e1f163cafaf74ef400"/299, @ANYRES8=r7, @ANYRESOCT=r5], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

9.192762445s ago: executing program 3 (id=696):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000001800)=ANY=[@ANYBLOB="aaaaaaaaaaaa50a245d5cde0080045000028000000000002907800000000ffffffff11009078e000000200000000b74bad93b59a16c3"], 0x0)
syz_emit_ethernet(0x11, &(0x7f0000000080)=ANY=[@ANYBLOB="0180c200000050a245d5cde00805030af714d82ccbfbb2a053f43a5bd1bbc5e309bd81a920d6e10c20837dddcaf898a8c8af5d0bdc84f197e86faa8355bab45c14d98f7fb4da413e5eab864212ec6d1ca38448c7501585c14d07fd1845b27786f1e49cd85653f7593e5092eabc5f0b39b734fb5fed55e1c8b7360ef5427d124885d19c3188ac22eaaf655afff998c07349125a60322d19"], 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000140)={'syztnl0\x00', 0x0})
setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000180)={@multicast2, @remote}, 0xc)
userfaultfd(0x1)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
clock_gettime(0x7, &(0x7f0000000000))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x9)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r6, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000000)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x28, r8, 0x9, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1d}]}]}, 0x28}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

8.169834444s ago: executing program 3 (id=697):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021500000000c0a01010000000000000000070000000900020073797a31000000000900010073797a300000000024000380f2fe008008000340000000000b80100001800000010066776400000002800000034000000000000002400000"], 0xd4}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
gettid()
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a004000040000000600"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x48, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x2, 0x3, 0x5, 0x0, {0x0, 0x9, 0x0, 0x5, 0x0, 0x1, 0x0, 0x1, 0x1}, 0x8, 0x1ff, 0x1}}]}, 0x48}}, 0x0)
r5 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000003c0)="1002d7d957c9dc8dda937c7b61db3029e2054dec044c2fbb6bf865c9331165cb94d940b11393c0030046c2e390f91dbd9ddf7accf1295f9abfb2b534ba00", 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000ffff000000007200ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x21, 0x4, 0x0, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]}, @cipso={0x86, 0x15, 0x0, [{0x0, 0xf, "a9490bb122ee359fc0231cf0be"}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@dev}, {@remote}, {@multicast2}, {@private}, {}, {@broadcast}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0x3, 0xdc}]}}}}})
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @private}}}}}}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r8, 0x4008ae90, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000001"])
r9 = dup(r8)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4400ae8f, &(0x7f0000000040))
r10 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
read$FUSE(r10, &(0x7f00000021c0)={0x2020}, 0x2020)

7.892074685s ago: executing program 1 (id=698):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xffffff65, &(0x7f0000000200)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x4)
fcntl$addseals(r0, 0x409, 0x5)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x10, 0xffffffffffffffff, 0x0)
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x200000000000022e, 0x0, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000440)={r5, 0x0, 0x0, 0x0, 0x0, [<r6=>0x0], [0x0, 0x4], [0x0, 0x0, 0x0, 0xffffffff]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, <r7=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000200)={0x0, 0xffffffff, 0x0, 0x0, 0x3, [<r8=>0x0], [0x0, 0x0, 0x0, 0xfffffff7], [0x0, 0x6, 0x8], [0x0, 0x0, 0x1, 0x3]})
r9 = openat$sysfs(0xffffff9c, &(0x7f0000000180)='/sys/kernel/kexec_crash_size', 0x8800, 0x70)
read$FUSE(r9, &(0x7f0000000f80)={0x2020}, 0x2020)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r7})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000040)={r8})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f00000004c0)={r8})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000150000", @ANYRES32=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

6.473050033s ago: executing program 2 (id=700):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000033c0)={0x53, 0x0, 0x37, 0x6b, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000300)="000000000000c862b779b6ebb7bd3312bab85be550f7679d8e9d88b886edd26b0f5d53d06b1d8822895b9787abe255e000000000000000", &(0x7f0000002240)=""/4103, 0x0, 0x0, 0x0, 0x0})
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x68)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r2 = socket(0x0, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mount$fuse(0x0, 0x0, 0x0, 0x4000, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r2])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a300000000068000000090a010400000000000000000100000008000a4000000000200011800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30000000000900020073797a3200000000080005400000001f0c000980080001400037"], 0xb0}}, 0x0)
r4 = socket(0x10, 0x3, 0xc)
write(r4, &(0x7f0000000040)="effd00001000ff00fd4344c007110000f3050a00dbfd010000000001ffdf00", 0xfe00)
sendmsg$kcm(r4, &(0x7f0000000400)={0x0, 0xfffffebd, 0x0, 0xfffffffffffffdc2, 0x0, 0x0, 0x3000}, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x20001439)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[], 0x48)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="c7"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r9 = dup(r8)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4400ae8f, &(0x7f0000000040))
ioctl$KVM_SET_VAPIC_ADDR(r9, 0x4008ae93, &(0x7f00000001c0)=0x10000)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

6.29320783s ago: executing program 3 (id=701):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44055}, 0x40800)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000005c0)={'gre0\x00'})
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001140), 0xffffffffffffffff)
sendmsg$IPVS_CMD_FLUSH(r0, &(0x7f0000001280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001180)={&(0x7f0000001200)={0x44, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_SERVICE={0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xf7}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x84}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x20040805)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x19)
socket$alg(0x26, 0x5, 0x0)
socket$kcm(0x10, 0x0, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
fcntl$setlease(0xffffffffffffffff, 0x8, 0x0)
open$dir(&(0x7f0000000080)='./cgroup/../file0\x00', 0x121801, 0x0)
creat(&(0x7f00000001c0)='./file1\x00', 0x0)
close(0xffffffffffffffff)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4018aee1, &(0x7f0000000040)={0x1, 0x0, [{0xc0000100}]})
socket$qrtr(0x2a, 0x2, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0xffffffffffffffff)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r6, &(0x7f00000000c0), 0x2, 0x0)
rmdir(&(0x7f0000000700)='./cgroup/../file0\x00')

6.077808539s ago: executing program 1 (id=702):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000070000000900010073797a300000000058010000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff000800034000000038e3000d400acc20f896064e79c929702145fa63595955b57c5c023e63c8a0b353b0f092392779d44d411d6ad83ca91a8e8b282cc8bfb1ab91caa2ade3593a098f600f3e5645182a9ca5ace4cf126873c040cb3327edf3073be8b51d83cd436a3de9f9797c6d6bbb2a290d1c41dc2d836f9e12779d77160fe31758fff54b25fe4976ec2f65358361ce1aa371dc03936b25fa521423d30d6fd8e686"], 0x1d0}}, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000200)='./file0\x00', 0x60)
r2 = syz_open_procfs(0x0, 0x0)
r3 = syz_open_dev$loop(&(0x7f00000001c0), 0x100000, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r5, 0x5016, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYRES16=r4, @ANYRES16=r3, @ANYRESOCT=r4, @ANYRES32=r4], 0x34}}, 0x0)
preadv(r2, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/223, 0xdf}], 0x1, 0xfffff62d, 0x0)
socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000017c0)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast2}, 0x80, 0x0, 0xd}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYBLOB], 0x14}}, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x14}}, 0x0)
r7 = socket$inet(0xa, 0x801, 0x84)
syz_open_dev$usbfs(&(0x7f0000000240), 0xfffffffe, 0x490000)
connect$inet(r7, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r7, 0x8)
r8 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_qrtr_TIOCINQ(r8, 0x541b, &(0x7f0000000480))
r9 = accept4(r7, 0x0, 0x0, 0x0)
sendto$inet(r9, &(0x7f00000002c0)="cc", 0x1, 0x44800, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r9, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
sendto$inet(r9, &(0x7f0000000300)="b3", 0x1, 0x0, 0x0, 0x0)

5.189536449s ago: executing program 3 (id=703):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
preadv(r0, &(0x7f0000000180)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
setresuid(0x0, 0x0, 0x0)
stat(&(0x7f0000000500)='./file1\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
chown(&(0x7f00000004c0)='./file0\x00', 0x0, r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001040)={<r3=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000080), r3, 0x0, 0x3, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f00000005c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000800), r3, 0x2}}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r4=>0x0})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r2, 0x0, 0x2e, &(0x7f00000006c0)={0x20, {{0x2, 0x0, @loopback}}, {{0x2, 0x0, @multicast2}}}, 0x104)
getsockopt$inet_buf(r5, 0x0, 0x30, &(0x7f0000000340)=""/225, &(0x7f0000000140)=0xe1)
getsockopt$IP_SET_OP_GET_BYNAME(r5, 0x1, 0x53, &(0x7f0000000440)={0x6, 0x7, 'syz2\x00'}, &(0x7f0000000480)=0x28)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r6, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {r7, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x0, 0x0, @empty}, @ib={0x1b, 0x0, 0x0, {"0e000000000000000000000004000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_LISTEN(r6, &(0x7f0000000340)={0x7, 0x8, 0xfa00, {r7}}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(r6, &(0x7f0000000280)={0x1, 0x10, 0xfa00, {&(0x7f0000000040), r7}}, 0x18)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000240)={{{@in6=@private0, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@loopback}, 0x0, @in=@private}}, &(0x7f0000000080)=0xe4)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@empty, 0x4e22, 0x1, 0x4e22, 0x8ba5, 0xa, 0x0, 0xa0, 0x2b, r4, r8}, {0x6, 0x6, 0x400, 0x100, 0x4, 0x9, 0x0, 0xfb}, {0x80, 0x6, 0x4, 0x4}, 0x4, 0x6e6bbb, 0x1, 0x1, 0x3, 0x2}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d3, 0x32}, 0xa, @in=@remote, 0x0, 0x1, 0x3, 0xc3, 0x9, 0x0, 0x5}}, 0xe4)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000000c0)={{{@in=@loopback, @in6=@dev}}, {{@in6=@ipv4={""/10, ""/2, @dev}}, 0x0, @in=@multicast2}}, &(0x7f0000000600)=0xe4)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1)
r9 = openat$vicodec1(0xffffff9c, &(0x7f0000000200), 0x2, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000005c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f200011800e000100636f6e6e6c696d69740000000c00028008000140000000003c0000000c0a01020000000000000000010000000900020073797a3200000000100103800c00008008000340000000020900010073797a30000000001400000010000100000000000098282720504a7c506ba0f50000000000000a"], 0xe0}}, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r9, 0xc0185649, &(0x7f0000000180)={0xa10000, 0x3ff, 0x2, 0xffffffffffffffff, 0x0, &(0x7f0000000140)={0x9a0901, 0x1, '\x00', @ptr=0x7fffffff}})

5.030214651s ago: executing program 1 (id=704):
getuid()
openat$dsp(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5002, 0x0)
r0 = openat$dlm_monitor(0xffffff9c, &(0x7f00000000c0), 0x2300, 0x0)
r1 = io_uring_setup(0x7fdb, &(0x7f0000000080))
mknodat$null(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x103)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x1000}})
r3 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
fstat(r3, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r5, 0x40045542, &(0x7f0000000b00))
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000140)={0x6, 'bridge_slave_1\x00', {0x200}, 0x2})
capset(&(0x7f0000000240)={0x19980330}, &(0x7f0000000280)={0x0, 0xfffffffe, 0x0, 0xfffff0f4, 0x9, 0x1})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000002500)=ANY=[@ANYBLOB="b7000000010003c3bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff0000000065040200000000ff2d400500000000003400000001ed00007b030000000000001d440000000000007a0a00fe00ffffffdb03000000000000b5000000000000009500000000000000023bc065b78111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e51815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc00eec36574a8f6456e2ccae25ea21714eca8cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2400000000000000800643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d64364c82770c8204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f4720082f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eaeb883418f562ae00003ea96d10f172c0374d6eed826407000000000000004a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d851680f6f2f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f4ca2195234648e0a1ca50db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145eb6dc5f6a9037d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba583fef3ec7932f5954f31a878e2fae6691df8b4b7ecd27ce82f7df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ecb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd0000000069ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fd691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a000000000000000000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc00956d2227db60c0a461ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d680aa1af102d97681656bf56ff0674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ff6d4c5dbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ae7c5f58af43866ca64750f43e583ca1ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656859db4cb06aaaf9f02cfab5b9e61cc00e8e19429921b8df4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd069629a1052f441e96884f90c91f4a974242aabfc8adbadc9ca27955b5c90f0bd9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b7236bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37afe20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a049414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e140792297d023ef52de2e75b9dbbfb8712ccc15c69cfb4c6c1bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd61000000000000000000000000000000000000000000000000000000000000000000000000f637782e317d492b2392fd0ea81397a80227f271bad21d688af35a2bd02c15d20f3d62a50e20260642c25f304c8034a5f4d8e45e701dbd84294d1096e715662b8223e10e98c4c38451fc5c702084e3fa9b184e0d0fba44acf3bb8a846cf680dfbf312cddfdb2043288fa6b67fa762c8b75d4478756ef240f2b314e4d77a3afb4fcec92248327004d1dac7ac87a6f8cb04d82acc307d60e4713bd9a8f29091d3048c669a5f5439e0a906ce098d177b9579882586511cfe6a23e57c44d1654899f077b5636e4181f3de6b814bedcac5290ad8018bbe4424edc6d9b0e61b404bb7a2d4883bb"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc020f509, &(0x7f0000000040)={r6, 0x7fffffff, 0x4, 0x9b})
socket$nl_generic(0x10, 0x3, 0x10)
getpid()
sendmsg$MPTCP_PM_CMD_REMOVE(0xffffffffffffffff, 0x0, 0x20000045)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
recvmsg(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x1f00)
sendmmsg$sock(r8, &(0x7f0000003bc0)=[{{0x0, 0xfe3d, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4000000000002ca, 0x4040014)

4.942656655s ago: executing program 2 (id=706):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021500000000c0a01010000000000000000070000000900020073797a31000000000900010073797a300000000024000380f2fe008008000340000000000b8010000180000001006677640000000280000003400000000000000240000000000000034000000000000003400000000000000240000000000000024000000000000001400000000000000140000000001400"], 0xd4}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$rxrpc(0x21, 0x2, 0x2)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
write$char_usb(r2, &(0x7f00000008c0)='-0', 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(0x0, r2)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYRESOCT=r1, @ANYRES16=r4, @ANYBLOB="05000000000000e000000600000008000300", @ANYRES32=<r6=>r5, @ANYBLOB="080005000200"], 0x24}}, 0x20000000)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000001c0)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x24060951}, 0x0)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
socketpair(0x29, 0x2, 0x0, &(0x7f0000000a40)={<r7=>0xffffffffffffffff})
r8 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, &(0x7f0000000000)=0x84, 0x4)
sendto$inet6(r8, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e22, 0x7, @mcast2, 0x8}, 0x1c)
sendto$inet6(r8, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)
sendmsg$inet6(r8, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet6_int(r8, 0x29, 0x19, &(0x7f0000000340), 0x4)
r9 = socket$unix(0x1, 0x2, 0x0)
syz_80211_inject_frame(&(0x7f0000000280), &(0x7f0000000580)=ANY=[@ANYRES8=r8, @ANYRESDEC=r8, @ANYRES32=r9, @ANYRES64=r6, @ANYRESDEC, @ANYRES64=r0, @ANYRESHEX=r4], 0x28)
sendto$inet(0xffffffffffffffff, &(0x7f0000000300)="e229fc04553d512e813124f99b80d5326782df004e2e54705982f0cb77cbbd52fceda2a7fedf3595e4ab7737f1e7fde3c3892bf4f107e2131e94fd9810ed68f7c9c22efc8c8cfa17fe00336361fee07d9d50c4c13b5e5bfba541a8d0ce278affdcd0625e649d17829a2d5a63131de996e92909871f6b01ec1b1a04375b96e2ce5b9100f6ff0000000000000000000000000087941817a3496c400d95b24a55f53551c1699ec7868f36f10fa2c68a03592e3c4a48f8a21715120bf6f4126e3747d1359e39cf6e095718ef36e2f61dbad20f8b3d4ee9cf4b55a1487835021d520ab85ef59b60580b4ed75e727bd76f47ab6bb2e631e1a1a45ab2d0db275cc3633f12aa7ce126c318616bb54f9bae2e2311daad7b254448e552bda71cdc3aa6fe18537822d6fc30114d83bfd5d6aa027f0a146206ceead6d5b347619419d5881ee325672b7476afcdfade51b9ae568b40c2fc91a52d29c7e5e596610cb36edc8116000dd8a93a9551f7d7d2d62a56939938a171c1ed960f59a6e013e557fad71b3b8986d14dbaf649f5340f75ffa296eec9d8b788623901aca301c07124efee955f1a7cde6c89", 0x1a5, 0x4048041, 0x0, 0x0)
socket(0x21, 0x2, 0x2)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
sendmsg$NL80211_CMD_GET_MPP(r7, &(0x7f0000000680)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000640)={&(0x7f00000006c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="10002abd7000ffdbdf256b00000008000300", @ANYRES8=r6, @ANYBLOB="0a0066a41a0008021100000100000a00060008021100000100000a001a00ffffffffffff0000f1e0a21bb7e677cb4a2e483b38cc004e166842a81127d905b7cc84ebc8ed896c7b1bc60dc7907cf31519ffa2b09cf636197ffddaffd6d783bb0000d76eccbada42ec3313e11f504e8db5a691913b49b810f099aa8c1df3e4a8df5fcd74be42f267b35701a4ccefa0d2dc4d67fbf5ae70f62e34dc3570bb633d09c8b7103cda3beb8d85ffbac92dd6e07d399b4b758578879552a08ac90690ed5ab1a8ce3f43810171afc124c102000000000000"], 0x40}, 0x1, 0x0, 0x0, 0x4084}, 0x8000)
syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e4001020303090224002af62300000904000002ca744d0009053f034d00ff99090805848f"], &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

4.580885663s ago: executing program 0 (id=707):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'ipvlan0\x00', &(0x7f0000000140)=@ethtool_link_settings={0x4c, 0x0, 0x89, 0x40, 0x38, 0x0, 0x0, 0x6, 0xa, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4d26]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f00000001c0)={0x0, 0x0, <r8=>0x0, 0x0, 0x0, 0x0, 0x0})
r9 = syz_open_dev$dri(&(0x7f0000000000), 0xab, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r9, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
fstat(r0, &(0x7f0000007e40)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008140)={&(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbfb, 0x80000}, 0xc, &(0x7f0000000180), 0x0, &(0x7f0000002d40)=[@rights={{0x2c, 0x1, 0x1, [r5, r1, r4, r1, r7, r1, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10, 0x1, 0x1, [r6]}}, @rights={{0x24, 0x1, 0x1, [r9, r9, 0xffffffffffffffff, r1, r9, r5]}}, @cred={{0x18, 0x1, 0x2, {r2, 0x0, r10}}}, @cred={{0x18, 0x1, 0x2, {r2, 0x0, r10}}}], 0x90, 0x20000040}, 0x4000004)
ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f0000000200)={0x0, <r11=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r11, r8, 0x3, 0x0, 0x0, 0x800, {0x4, 0x1, 0x3, 0x69, 0x200, 0x0, 0x2, 0x5, 0x4cab, 0xe154, 0x1000, 0x0, 0x10, 0xf9, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

4.139001419s ago: executing program 3 (id=708):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r1, 0xc0745645, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
futex(0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f7, &(0x7f0000000000)={'bridge0\x00', 0x0})
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
getsockname(r2, &(0x7f0000000280)=@xdp, &(0x7f0000000040)=0x80)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(0xffffffffffffffff, 0x184c, 0x0, 0x0, 0x0, 0x0)
io_setup(0x3, &(0x7f0000000180)=<r3=>0x0)
io_submit(r3, 0x0, &(0x7f0000000440))
io_cancel(r3, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x6, 0x8, r1, &(0x7f00000001c0)="e7135d55b92c6fe52d84c2e237a6928f543319954ac6f88197ffd5d9b8f7cac9c47e355a3b396e640e42b9a07a6214a0c23763c8ff80", 0x36, 0x5, 0x0, 0x1}, &(0x7f00000003c0))
r4 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000140)=0x3)
syz_usb_connect$uac1(0x0, 0x82, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000086b1d01014000010203010902700003010000000904000000010100000a240100fc816f91dd99422c24f4c500000201020624050202be0b240402029443b490b8750904010000010200000904010101010200000905010900020000000725010000000009040200000102"], 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x6, &(0x7f0000000040)=[{0x3, 0x6, 0x2, 0x9}, {0x4, 0x6, 0x6}, {0x0, 0x3, 0x29, 0x3}, {0x4, 0x5, 0x40, 0xf}, {0x805, 0x16, 0x6, 0x7}, {0x0, 0x0, 0x5, 0x2}]}, 0x8)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ef502"], 0xf8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="004e0000006cf8c84d000900"/24, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)

4.122304076s ago: executing program 1 (id=709):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x200}}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000280)=[0x1], &(0x7f0000000340)=[{0x4, 0x2, 0x6, 0x8}, {0x0, 0x1, 0xb, 0x8}, {0x0, 0x2, 0x9, 0x5}, {0x1, 0x2, 0xf, 0x7}, {0x3, 0x5, 0xe, 0xa}, {0x5, 0x2, 0xf, 0x2}, {0x5, 0x5, 0x3, 0x9}], 0x10, 0xfffffffb, @void, @value}, 0x94)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000006900000000000001000000940fa7c7326ae0367600000007070000b28a4533503319"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x1a, 0x4000095)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x1f2f, 0xc0, 0x0, &(0x7f0000000480)="9f44948721919580684010a405dda2717060ce495279829e885d4ce90c523581d5176139cbff678c665c39a4a355cf7be014c74aab5afc1173fca09b436f7a26cdd634e101abbef0db144b8f2d5abd18ada30460ba731fab3bf7bf7fb419a6769cc6cf4906308db105d0b503ffb7e64f5fc98b0f48b8ad2a4ed10782a8cbce676147e697f36e08fd1a24b93de910fa2faa41a69cfb8d9a760657287681921e332f941874c9b33a489c570917e3b3e82d600d5c1ba4a70373695d4b54e33cfae1", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0xe, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r6 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x20000000}, 0xc)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')
lseek(r7, 0x10401, 0x0)
syz_usb_connect$cdc_ecm(0x5, 0x56, &(0x7f0000000800)=ANY=[@ANYBLOB="12010000020000102505a1a4400000000101090244000101000000090400001602020000052406000005240000000d240f01000000000000000000090581030000000000090582f5ffffffffff080503020000000000f2d8c2eaef600316972c06f93980052980bb410281a3181e20850fb75c5807181fdb0bb890b982e7dddf81084907fcddd6b9e857c5206a22dbc1b89f667599a57c28afc74eb3bd75b2f4faae99e386c48a6b9f1280553830c3e3ba56c1dec3269d17447b852957dd6e6d312c1af9cd676eed792adb6dd1d365a4f9031006d2be6efc6d62978ed74d391237684e2399203a50952a148ca255c57816eab78b97b9f155dd213e0308666064d4f80018cdbb7f68a41036aab20da67e938dbeb2677ba9e1f163cafaf74ef400"/299, @ANYRES8=r7, @ANYRESOCT=r5], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

3.682640195s ago: executing program 0 (id=710):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'ipvlan0\x00', &(0x7f0000000140)=@ethtool_link_settings={0x4c, 0x0, 0x89, 0x40, 0x38, 0x0, 0x0, 0x6, 0xa, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4d26]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r8=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f00000001c0)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = syz_open_dev$dri(&(0x7f0000000000), 0xab, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r9, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
fstat(r0, &(0x7f0000007e40)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008140)={&(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbfb, 0x80000}, 0xc, &(0x7f0000000180), 0x0, &(0x7f0000002d40)=[@rights={{0x2c, 0x1, 0x1, [r5, r1, r4, r1, r7, r1, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10, 0x1, 0x1, [r6]}}, @rights={{0x24, 0x1, 0x1, [r9, r9, 0xffffffffffffffff, r1, r9, r5]}}, @cred={{0x18, 0x1, 0x2, {r2, 0x0, r10}}}, @cred={{0x18, 0x1, 0x2, {r2, 0x0, r10}}}], 0x90, 0x20000040}, 0x4000004)
ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f0000000200)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

3.002578095s ago: executing program 2 (id=711):
socket$kcm(0x10, 0x400000002, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r2, 0x1}, 0x14}}, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
iopl(0x3)
r5 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
pwritev2(r5, &(0x7f00000000c0)=[{&(0x7f0000000040)="d0600b401f39b97bf93ecf49759e94b4519a0de2f87e5c417273a5dce55efb335b22dce602ca972f116438489fdab766171401f130eb1c9e78ec70db15755f97ca197fc3da0b85ea0d2f7bdffcc1caa5810430b5448f4ae272489f5c7ac1e4660c4f7b0446d5457181924a3d4dbfdfee93a14379adfe7c1effdacb69a945", 0x7e}], 0x1, 0xa, 0x6e6f2b53, 0x10)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="02090000026c03000000000000000000"], 0x10}}, 0x0)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x200, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000600)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
mount(&(0x7f0000000000)=@sr0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='tmpfs\x00', 0x2000000, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000480), 0xc, 0x141341)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
sendmmsg$inet(r5, &(0x7f0000005240), 0x264e33, 0xff88)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/custom1\x00', 0x0, 0x0)

2.753173677s ago: executing program 0 (id=712):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
getsockname$l2tp6(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
close(0x3)
socket$kcm(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', <r4=>0x0})
r5 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r4, 0x25, 0x0, @void}, 0x10)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000002c0)={r5, r6, 0x4, r2}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000011c0)={'vxcan0\x00'})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r4, 0x3, {0x2}, 0xfe}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3], &(0x7f0000000400)='GPL\x00', 0xfffff117, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
r7 = dup(0xffffffffffffffff)
write$FUSE_NOTIFY_RETRIEVE(r7, &(0x7f00000000c0)={0x14c}, 0x137)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, 0x0)
openat$dlm_control(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
r8 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
r9 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='tlb_flush\x00', r7}, 0x10)
process_vm_readv(r9, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$I2C_SMBUS(r8, 0x720, &(0x7f00000000c0)={0x0, 0x0, 0x5, &(0x7f0000000080)={0x1, "df1e970974a7c9e7472342370d2762faff00"}})
gettid()

2.468821492s ago: executing program 0 (id=713):
r0 = getpid()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x35)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={0x0, r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
socket$packet(0x11, 0x0, 0x300)
r2 = socket(0x10, 0x803, 0x0)
syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x0)
sendto(r2, &(0x7f0000000740)="120000001200e7ef007b000000000000", 0x10, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@xino_auto}]})
chdir(&(0x7f0000000140)='./bus\x00')
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r4 = open(&(0x7f0000000080)='./file1\x00', 0x12b842, 0x0)
sendfile(r4, r3, 0x0, 0x80000000)
recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {0x0}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
recvmmsg(r6, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r7, &(0x7f0000001800), 0x0, 0x0)
bind$bt_hci(r3, &(0x7f0000000340)={0x1f, 0x0, 0x4}, 0x6)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0x9)

1.926385005s ago: executing program 2 (id=714):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_emit_vhci(&(0x7f00000006c0)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYRES64=r0, @ANYRES32=r0, @ANYRESHEX=r0, @ANYBLOB="95f2726d17966fc57ab02aee8545d78210bcf6d3484beced258fdd44cc1149a2be8bc60b22bba8a12a33551dba59ca02eff46f3b6074d7118768b7c3cc0d17df8e1dd246c2448c78501d7984ca7e7a0a38455e49daf761bc4428b7995a5e3232f247a879d0891a38792ae70ca522c95f63f40df38081a5101c5a79408a9e39cb3ca35761f21723bff2524b27d5f40ece2ef49a5df37241c64c61ece6eb938c64c415a3e4", @ANYRES8=0x0], 0x22)
syz_emit_vhci(&(0x7f00000004c0)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x100010, r0, 0x8aa07000)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00'})
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="a12a12099b629573c39eb04e7b1c8c3c2515fc5bbde5dda9854b29e179071bab74694e88261e07f4d1e51edb41961811262fc83c7fbf67a5f183c344dbd62924b6f9ec8b74d1e63a3385c565284a61a96a6be8e05fc7588a1e19aa0cf3c25b4988dc38f0ba1b0c5dfa5da649b79b1736cf84b6bae042179300e406fe8c615637291bfa3457a51606d08098c06fc49b5e90bd357656e2a7a6ad3f3b6935456784104c5272d0435283c5cc8bd8f29a67823295f900"/194], 0x5c)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000180)={'#! ', './file0'}, 0xb)
preadv(r1, &(0x7f00000015c0), 0x0, 0x0, 0x0)
ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f0000000200)={&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000300)=""/108, 0xfffffffffffffd2b})
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="030f0404000000"], 0x7)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000ac0)={[0x0, 0x825, 0x4, 0x0, 0x4, 0x8000, 0x9, 0x10005, 0x0, 0xffffffff, 0x0, 0x414, 0x2, 0x10001, 0xfffffffffffff924, 0xffffffff7fffffff], 0x2000, 0x323804})
syz_open_dev$sndpcmc(&(0x7f0000000400), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000003c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x3)
readv(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r3, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x8})
io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r5}, 0xc)
write(r1, &(0x7f0000000600)="5d4525aa7a2353ee05eb0a2d01f62fd3ba62a75819d7eaa3c2b79612e4da618d0999ea6ab2a2c1a79b3518ca507c3d8dbeadd69a3dbf762e3ff3fed45b026cfd7cb5ef22f76f4efb98440699196af62c8a2c7533179e5c62e8ee14bb74e8c974ade8f4d9c03d9a577b70ec88587430100ba80eec11e3b3369edb5eb2bd780b7357469862b9e8c9d82b655f496febfba6461e54", 0x93)
ioctl$sock_netdev_private(r3, 0x8914, &(0x7f0000000000))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380))
openat$vcsu(0xffffff9c, &(0x7f0000001780), 0x200400, 0x0)

1.566003527s ago: executing program 0 (id=715):
socket$inet_tcp(0x2, 0x1, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f0000000180), 0x4)
connect$inet6(r0, 0x0, 0x0)
madvise(&(0x7f0000ac2000/0x1000)=nil, 0x1000, 0x0)
madvise(&(0x7f000018e000/0x3000)=nil, 0x3000, 0x1)
r1 = io_uring_setup(0x3450, &(0x7f0000000080)={0x0, 0xda89, 0x80, 0x2, 0x5b})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
shmget$private(0x0, 0x4000, 0x80, &(0x7f0000795000/0x4000)=nil)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x12, r4, 0x0)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x4000)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f0000000240)={0x0, 0x1000000})
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000140)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r6, &(0x7f00000000c0)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000240)='illinois\x00', 0x9)
r7 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000012000103000000000000000000000000000000000000000000000000fcff7fff000000cf57c5df12f5a6a2930cf2c70000000000", @ANYRES32=0x0, @ANYBLOB="000000008000000006"], 0x4c}}, 0x0)

983.023059ms ago: executing program 2 (id=716):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = io_uring_setup(0xfc6, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x382})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r2, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r5 = userfaultfd(0x1)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x7d})
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_WRITEPROTECT(r5, 0xc018aa06, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r6 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000480)={0x1, 0xfb})
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r6)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r6})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f00000001c0)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000280)=""/73})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f00000007c0)={0x1, 0x0, [{0x0, 0xf3, &(0x7f00000005c0)=""/243}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0xde)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCSPGRP(r2, 0x8902, &(0x7f00000004c0))

931.851129ms ago: executing program 3 (id=717):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000080)={0x1})
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000000)={0x0, 0x1, 0x2})
close_range(r1, 0xffffffffffffffff, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
ftruncate(r3, 0xc17c)
sendmsg$nl_route_sched(r3, &(0x7f0000008f40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14850}, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
unshare(0x42000000)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x20001439)
unshare(0x44000000)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r5, 0xffffffffffffffff, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0xb, 0x101000)
ioctl$USBDEVFS_REAPURB(r6, 0x4004550c, &(0x7f0000000140))
r7 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_TABLE(r7, 0x29, 0xd1, &(0x7f0000000040)=0xfe, 0x4)
r8 = getpid()
process_vm_readv(r8, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
write$FUSE_LK(r3, &(0x7f00000002c0)={0x28, 0x0, 0x0, {{0x0, 0x400000, 0x0, r8}}}, 0x28)

930.96119ms ago: executing program 1 (id=718):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'ipvlan0\x00', &(0x7f0000000140)=@ethtool_link_settings={0x4c, 0x0, 0x89, 0x40, 0x38, 0x0, 0x0, 0x6, 0xa, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4d26]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f00000001c0)={0x0, 0x0, <r8=>0x0, 0x0, 0x0, 0x0, 0x0})
r9 = syz_open_dev$dri(&(0x7f0000000000), 0xab, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r9, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
fstat(r0, &(0x7f0000007e40)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000008140)={&(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbfb, 0x80000}, 0xc, &(0x7f0000000180), 0x0, &(0x7f0000002d40)=[@rights={{0x2c, 0x1, 0x1, [r5, r1, r4, r1, r7, r1, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10, 0x1, 0x1, [r6]}}, @rights={{0x24, 0x1, 0x1, [r9, r9, 0xffffffffffffffff, r1, r9, r5]}}, @cred={{0x18, 0x1, 0x2, {r2, 0x0, r10}}}, @cred={{0x18, 0x1, 0x2, {r2, 0x0, r10}}}], 0x90, 0x20000040}, 0x4000004)
ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f0000000200)={0x0, <r11=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f0000000400)={&(0x7f0000000280), 0x0, r11, r8, 0x3, 0x0, 0x0, 0x800, {0x4, 0x1, 0x3, 0x69, 0x200, 0x0, 0x2, 0x5, 0x4cab, 0xe154, 0x1000, 0x0, 0x10, 0xf9, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

298.935941ms ago: executing program 0 (id=719):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa1", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001e40)=ANY=[@ANYBLOB="b702000026000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643c4e8d41cdb7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6659f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac1223331f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c095162b3b5fb3832ee68e2b53d44bd84bf6770157e96bbb96b5e1f165c87e7a9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3df3572a7d9ef5f6103997f1f9e4b0c3970bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501aed80000010000000000e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9f"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r3, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000040)="76389e147583ddd0569ba56a888e55", 0x0, 0xff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000002600181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000300000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1000000, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB='5\x00 \x00\x00\x00', @ANYRES32=r4, @ANYBLOB="00000000a3706417b6623132000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300007ca4873e08000000b70400000200000085000000822a3c09"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x90)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x40046207, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000000)={0xc, 0x0, &(0x7f00000003c0)=[@increfs, @enter_looper], 0x0, 0x0, 0x0})
dup3(r6, r5, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000580)={0x10, 0x0, &(0x7f0000000700)=[@request_death={0x400c630e, 0x0, 0xffffff7f00000000}], 0x0, 0x1000000000000, 0x0})
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
lseek(r7, 0x851, 0x0)

0s ago: executing program 1 (id=720):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x1, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x1a, 0x1, 0x0, "9611e6d6ffc88885163200000000000000000300000000000000000083df00"})
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r1, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000080))
prlimit64(0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x42000, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b0400000000000000000200000024000480200001800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x78}}, 0x0)
close(r4)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r6 = pidfd_getfd(r3, r5, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r6, 0x4008af30, 0x0)
r7 = dup(r5)
write$UHID_INPUT(r7, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5d060987f70e06d038e7ff7fc6e5539b0d650e8b089b3f353b68090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07410936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
r8 = fsopen(&(0x7f0000000040)='cifs\x00', 0x0)
r9 = fsopen(&(0x7f0000000100)='tracefs\x00', 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001500010300000000000000000a"], 0x14}}, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f00000004c0)=""/198, 0xc6}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2)
fsconfig$FSCONFIG_SET_FD(r8, 0x5, &(0x7f0000000000)='acl\x00JN\xa0\xc3\xcd,\xebL>', 0x0, r9)
prctl$PR_SET_NAME(0xf, &(0x7f0000000500)='//(\x00')
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4, 0x0, 0x0)

kernel console output (not intermixed with test programs):

number 2 using dummy_hcd
[   52.879384][ T5347] Bluetooth: hci1: command tx timeout
[   52.879608][ T4778] Bluetooth: hci2: command tx timeout
[   52.881507][ T5347] Bluetooth: hci0: command tx timeout
[   52.885555][ T5404] usb 8-1: Using ep0 maxpacket: 8
[   52.892133][ T5404] usb 8-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[   52.896238][ T5404] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[   52.904138][ T5404] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   52.907459][ T5404] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   52.910963][ T5404] usb 8-1: Product: syz
[   52.912488][ T5404] usb 8-1: Manufacturer: syz
[   52.914209][ T5404] usb 8-1: SerialNumber: syz
[   52.968103][ T5347] Bluetooth: hci3: command tx timeout
[   53.060072][ T5466] capability: warning: `syz.2.15' uses deprecated v2 capabilities in a way that may be insecure
[   53.148825][ T5347] Bluetooth: hci2: unknown advertising packet type: 0x65
[   53.148884][ T5347] Bluetooth: hci2: unknown advertising packet type: 0x07
[   53.152370][ T5347] Bluetooth: hci2: Dropping invalid advertising data
[   53.157433][ T5347] Bluetooth: hci2: Malformed LE Event: 0x02
[   53.161480][ T5404] usb 8-1: invalid UAC_HEADER (v1)
[   53.191925][ T5404] snd-usb-audio 8-1:1.0: probe with driver snd-usb-audio failed with error -22
[   53.203013][ T5404] usb 8-1: USB disconnect, device number 2
[   53.232601][ T5353] udevd[5353]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   54.958932][ T5347] Bluetooth: hci0: command tx timeout
[   54.958978][ T5350] Bluetooth: hci2: command tx timeout
[   54.960528][ T5347] Bluetooth: hci1: command tx timeout
[   55.038250][ T5347] Bluetooth: hci3: command tx timeout
[   55.836953][ T5505] process 'syz.1.25' launched './file2' with NULL argv: empty string added
[   56.674227][ T5512] netlink: 32 bytes leftover after parsing attributes in process `syz.3.26'.
[   56.676885][ T5512] tipc: Invalid UDP bearer configuration
[   56.676915][ T5512] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   57.039519][ T5347] Bluetooth: hci2: command tx timeout
[   58.224291][ T5523] netlink: 'syz.0.29': attribute type 4 has an invalid length.
[   58.276291][ T5523] binder: 5522:5523 ioctl 810c9365 20000980 returned -22
[   58.714687][ T5531] syz.3.31: attempt to access beyond end of device
[   58.714687][ T5531] loop3: rw=4096, sector=2, nr_sectors = 2 limit=0
[   58.722425][ T5531] EXT4-fs (loop3): unable to read superblock
[   59.545693][ T5539] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   59.617074][ T5541] netlink: 'syz.1.34': attribute type 10 has an invalid length.
[   59.636405][ T5541] batman_adv: batadv0: Adding interface: team0
[   59.643686][ T5541] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.654891][ T5541] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[   59.671486][ T5541] netlink: 'syz.1.34': attribute type 10 has an invalid length.
[   59.674731][ T5541] netlink: 2 bytes leftover after parsing attributes in process `syz.1.34'.
[   59.677874][ T5541] team0: entered promiscuous mode
[   59.683883][ T5541] team_slave_0: entered promiscuous mode
[   59.686379][ T5541] team_slave_1: entered promiscuous mode
[   59.691841][ T5541] 8021q: adding VLAN 0 to HW filter on device team0
[   59.693892][ T5541] batman_adv: batadv0: Interface activated: team0
[   59.695663][ T5541] batman_adv: batadv0: Interface deactivated: team0
[   59.697500][ T5541] batman_adv: batadv0: Removing interface: team0
[   59.705995][ T5541] bridge0: port 3(team0) entered blocking state
[   59.709116][ T5541] bridge0: port 3(team0) entered disabled state
[   59.710937][ T5541] team0: entered allmulticast mode
[   59.712465][ T5541] team_slave_0: entered allmulticast mode
[   59.714153][ T5541] team_slave_1: entered allmulticast mode
[   59.716928][ T5541] bridge0: port 3(team0) entered blocking state
[   59.718921][ T5541] bridge0: port 3(team0) entered forwarding state
[   60.443522][ T5541] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   60.580205][ T5551] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   60.622571][ T5552] netlink: 'syz.1.37': attribute type 4 has an invalid length.
[   60.648174][ T5347] Bluetooth: hci1: command tx timeout
[   60.653241][ T5554] netlink: 'syz.3.38': attribute type 4 has an invalid length.
[   60.656636][ T5552] binder: 5550:5552 ioctl 810c9365 20000980 returned -22
[   60.681858][ T5554] binder: 5553:5554 ioctl 810c9365 20000980 returned -22
[   60.865132][ T5559] bridge0: port 2(bridge_slave_1) entered disabled state
[   60.868462][ T5559] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.772079][ T5404] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   61.968262][ T5404] usb 5-1: Using ep0 maxpacket: 8
[   61.993398][ T5404] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[   62.004400][ T5404] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   62.016349][ T5404] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   62.028013][ T5404] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   62.030953][ T5404] usb 5-1: Product: syz
[   62.032499][ T5404] usb 5-1: Manufacturer: syz
[   62.034200][ T5404] usb 5-1: SerialNumber: syz
[   62.245009][ T5347] Bluetooth: hci1: unknown advertising packet type: 0x65
[   62.245091][ T5347] Bluetooth: hci1: Dropping invalid advertising data
[   62.250806][ T5347] Bluetooth: hci1: Malformed LE Event: 0x02
[   62.253889][ T5404] usb 5-1: invalid UAC_HEADER (v1)
[   62.264609][ T5404] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[   62.268605][ T5404] usb 5-1: USB disconnect, device number 2
[   62.327753][ T5570] udevd[5570]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   62.344665][ T5578] mkiss: ax0: crc mode is auto.
[   62.942451][ T5586] sp0: Synchronizing with TNC
[   63.621331][ T5593] netlink: 'syz.3.47': attribute type 4 has an invalid length.
[   63.625622][ T5593] binder: 5589:5593 ioctl 810c9365 20000980 returned -22
[   63.812278][ T5594] veth1_macvtap: entered allmulticast mode
[   63.977436][ T5597] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   64.786134][ T5606] ptrace attach of "/syz-executor exec"[5343] was attempted by "/syz-executor exec"[5606]
[   64.800836][   T39] audit: type=1326 audit(1727875092.077:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5605 comm="syz.1.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[   64.810079][   T39] audit: type=1326 audit(1727875092.087:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5605 comm="syz.1.52" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf73de579 code=0x7ffc0000
[   64.816344][   T39] audit: type=1326 audit(1727875092.087:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5605 comm="syz.1.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[   64.826664][   T39] audit: type=1326 audit(1727875092.087:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5605 comm="syz.1.52" exe="/syz-executor" sig=0 arch=40000003 syscall=30 compat=1 ip=0xf73de579 code=0x7ffc0000
[   64.858123][   T39] audit: type=1326 audit(1727875092.087:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5605 comm="syz.1.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[   64.864927][   T39] audit: type=1326 audit(1727875092.087:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5605 comm="syz.1.52" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[   64.871547][   T39] audit: type=1326 audit(1727875092.087:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5605 comm="syz.1.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[   64.878844][   T39] audit: type=1326 audit(1727875092.087:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5605 comm="syz.1.52" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[   64.885798][   T39] audit: type=1326 audit(1727875092.087:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5605 comm="syz.1.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[   64.891719][   T39] audit: type=1326 audit(1727875092.087:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5605 comm="syz.1.52" exe="/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf73de579 code=0x7ffc0000
[   65.084494][ T5612] netlink: 68 bytes leftover after parsing attributes in process `syz.3.53'.
[   65.268019][ T1298] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   65.273213][ T5613] netlink: 'syz.3.53': attribute type 10 has an invalid length.
[   65.276649][ T5613] bridge0: port 3(team0) entered blocking state
[   65.281185][ T5613] bridge0: port 3(team0) entered disabled state
[   65.286738][ T5613] team0: entered allmulticast mode
[   65.290673][ T5613] team_slave_0: entered allmulticast mode
[   65.294089][ T5613] team_slave_1: entered allmulticast mode
[   65.307647][ T5613] team0: entered promiscuous mode
[   65.309959][ T5613] team_slave_0: entered promiscuous mode
[   65.313430][ T5613] team_slave_1: entered promiscuous mode
[   65.418075][ T1298] usb 6-1: Using ep0 maxpacket: 8
[   65.421452][ T1298] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[   65.424931][ T1298] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[   65.430798][ T1298] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   65.433972][ T1298] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   65.436782][ T1298] usb 6-1: Product: syz
[   65.438645][ T1298] usb 6-1: Manufacturer: syz
[   65.440298][ T1298] usb 6-1: SerialNumber: syz
[   65.646935][ T5347] Bluetooth: hci0: unknown advertising packet type: 0x65
[   65.647022][ T5347] Bluetooth: hci0: Dropping invalid advertising data
[   65.653185][ T5347] Bluetooth: hci0: Malformed LE Event: 0x02
[   65.656566][ T1298] usb 6-1: invalid UAC_HEADER (v1)
[   65.668423][ T1298] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[   65.672497][ T1298] usb 6-1: USB disconnect, device number 2
[   65.681519][ T5353] udevd[5353]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   66.263934][ T5618] kvm: apic: phys broadcast and lowest prio
[   66.286932][ T5618] netlink: 'syz.2.56': attribute type 9 has an invalid length.
[   66.289170][ T5618] netlink: 399 bytes leftover after parsing attributes in process `syz.2.56'.
[   66.653294][ T5625] netlink: 'syz.2.58': attribute type 4 has an invalid length.
[   66.769040][ T5627] binder: 5624:5627 ioctl 810c9365 20000980 returned -22
[   67.511112][ T5646] random: crng reseeded on system resumption
[   67.732172][ T5650] netlink: 'syz.1.63': attribute type 4 has an invalid length.
[   67.736520][ T5650] binder: 5648:5650 ioctl 810c9365 20000980 returned -22
[   67.988084][    T8] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   68.131203][ T5652] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[   68.138107][    T8] usb 7-1: Using ep0 maxpacket: 16
[   68.140810][ T5652] CIFS: Unable to determine destination address
[   68.145586][    T8] usb 7-1: config 1 descriptor has 1 excess byte, ignoring
[   68.147777][    T8] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   68.152679][    T8] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.155554][    T8] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[   68.160381][    T8] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[   68.163508][    T8] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   68.166305][    T8] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[   68.169634][    T8] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[   68.174506][    T8] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   68.177182][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   68.179570][    T8] usb 7-1: SerialNumber: syz
[   68.190138][    T8] cdc_acm 7-1:1.0: Control and data interfaces are not separated!
[   68.287527][ T5658] netlink: 'syz.1.66': attribute type 4 has an invalid length.
[   68.293825][ T5658] binder: 5656:5658 ioctl 810c9365 20000980 returned -22
[   68.318168][ T1298] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   68.477994][ T1298] usb 8-1: Using ep0 maxpacket: 8
[   68.481050][ T1298] usb 8-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[   68.484311][ T1298] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[   68.488297][ T1298] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   68.490945][ T1298] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   68.493025][ T1298] usb 8-1: Product: syz
[   68.494258][ T1298] usb 8-1: Manufacturer: syz
[   68.495457][ T1298] usb 8-1: SerialNumber: syz
[   68.700734][ T5347] Bluetooth: hci2: unknown advertising packet type: 0x65
[   68.700758][ T5347] Bluetooth: hci2: Dropping invalid advertising data
[   68.704479][ T5347] Bluetooth: hci2: Malformed LE Event: 0x02
[   68.710066][ T1298] usb 8-1: invalid UAC_HEADER (v1)
[   68.717689][ T5664] netlink: 'syz.0.68': attribute type 4 has an invalid length.
[   68.720088][ T1298] snd-usb-audio 8-1:1.0: probe with driver snd-usb-audio failed with error -22
[   68.722498][ T5664] binder: 5661:5664 ioctl 810c9365 20000980 returned -22
[   68.725205][ T1298] usb 8-1: USB disconnect, device number 3
[   68.731037][ T5353] udevd[5353]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   70.032935][   T30] usb 7-1: USB disconnect, device number 2
[   70.249893][ T5677] netlink: 'syz.2.71': attribute type 4 has an invalid length.
[   70.253181][ T5677] binder: 5675:5677 ioctl 810c9365 20000980 returned -22
[   70.372917][ T5680] netlink: 'syz.3.72': attribute type 4 has an invalid length.
[   70.382609][ T5680] binder: 5678:5680 ioctl 810c9365 20000980 returned -22
[   70.558723][ T5683] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   70.721897][ T1375] ieee802154 phy0 wpan0: encryption failed: -22
[   70.724599][ T1375] ieee802154 phy1 wpan1: encryption failed: -22
[   70.730462][ T5689] netlink: 'syz.3.75': attribute type 4 has an invalid length.
[   70.745245][ T5689] binder: 5684:5689 ioctl 810c9365 20000980 returned -22
[   71.045760][ T5696] netlink: 'syz.3.77': attribute type 4 has an invalid length.
[   71.057424][ T5696] binder: 5693:5696 ioctl 810c9365 20000980 returned -22
[   71.334167][ T5701] syz.0.76 (5701): /proc/5690/oom_adj is deprecated, please use /proc/5690/oom_score_adj instead.
[   71.368369][ T5708] netlink: 'syz.3.79': attribute type 1 has an invalid length.
[   71.378102][ T5708] netlink: 636 bytes leftover after parsing attributes in process `syz.3.79'.
[   71.537156][ T5712] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   71.903020][ T5716] netlink: 'syz.0.81': attribute type 4 has an invalid length.
[   71.918602][ T5716] binder: 5714:5716 ioctl 810c9365 20000980 returned -22
[   72.447115][ T5724] netlink: 'syz.0.83': attribute type 4 has an invalid length.
[   72.456802][ T5724] binder: 5722:5724 ioctl 810c9365 20000980 returned -22
[   72.737265][ T5736] netlink: 'syz.2.85': attribute type 4 has an invalid length.
[   72.742065][ T5736] binder: 5730:5736 ioctl 810c9365 20000980 returned -22
[   73.024363][ T5745] netlink: 'syz.1.87': attribute type 4 has an invalid length.
[   73.027159][ T5745] binder: 5739:5745 ioctl 810c9365 20000980 returned -22
[   73.201093][ T5747] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   73.366901][ T5751] binder: 5749:5751 ioctl 810c9365 20000980 returned -22
[   74.263465][ T5757] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.266266][ T5757] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.415703][ T5761] validate_nla: 1 callbacks suppressed
[   74.415719][ T5761] netlink: 'syz.0.92': attribute type 4 has an invalid length.
[   74.436788][ T5761] binder: 5758:5761 ioctl 810c9365 0 returned -22
[   74.636439][ T5764] mkiss: ax0: crc mode is auto.
[   74.872177][ T5767] netlink: 'syz.0.94': attribute type 4 has an invalid length.
[   74.876504][ T5767] binder: 5765:5767 ioctl 810c9365 20000980 returned -22
[   75.845325][ T5774] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   75.848749][   T35] cfg80211: failed to load regulatory.db
[   76.041532][ T5778] netlink: 'syz.0.97': attribute type 4 has an invalid length.
[   76.047230][ T5778] binder: 5776:5778 ioctl 810c9365 20000980 returned -22
[   76.323674][ T5782] macsec1: entered allmulticast mode
[   76.348639][ T5783] netlink: 'syz.0.98': attribute type 4 has an invalid length.
[   76.354971][ T5783] binder: 5779:5783 ioctl 810c9365 20000980 returned -22
[   76.661988][ T5791] netlink: 'syz.0.101': attribute type 1 has an invalid length.
[   76.666456][ T5791] netlink: 9388 bytes leftover after parsing attributes in process `syz.0.101'.
[   76.742232][ T5791] No control pipe specified
[   76.760817][ T5794] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   76.772366][ T5791] ALSA: seq fatal error: cannot create timer (-22)
[   76.783985][ T5795] netlink: 'syz.1.102': attribute type 4 has an invalid length.
[   76.786888][ T5795] binder: 5792:5795 ioctl 810c9365 0 returned -22
[   77.006201][ T5799] netlink: 'syz.0.103': attribute type 4 has an invalid length.
[   77.011467][ T5799] binder: 5797:5799 ioctl 810c9365 20000980 returned -22
[   78.225650][ T5822] netlink: 'syz.2.109': attribute type 4 has an invalid length.
[   78.238578][ T5822] binder: 5819:5822 ioctl 810c9365 20000980 returned -22
[   78.566393][ T5825] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   79.435892][ T5828] kvm: apic: phys broadcast and lowest prio
[   79.475415][ T5828] netlink: 'syz.3.112': attribute type 9 has an invalid length.
[   79.477733][ T5828] netlink: 399 bytes leftover after parsing attributes in process `syz.3.112'.
[   79.513541][ T5835] netlink: 'syz.0.111': attribute type 1 has an invalid length.
[   79.515833][ T5835] netlink: 636 bytes leftover after parsing attributes in process `syz.0.111'.
[   79.607874][ T5840] netlink: 'syz.1.114': attribute type 4 has an invalid length.
[   79.614495][ T5840] binder: 5836:5840 ioctl 810c9365 20000980 returned -22
[   79.815123][ T5843] warning: `syz.3.115' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   79.823165][ T5347] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[   79.826517][ T5347] CPU: 3 UID: 0 PID: 5347 Comm: kworker/u33:2 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[   79.830231][ T5347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.833968][ T5347] Workqueue: hci2 hci_rx_work
[   79.835650][ T5347] Call Trace:
[   79.836686][ T5347]  <TASK>
[   79.837702][ T5347]  dump_stack_lvl+0x16c/0x1f0
[   79.839360][ T5347]  sysfs_warn_dup+0x7f/0xa0
[   79.840911][ T5347]  sysfs_create_dir_ns+0x24d/0x2b0
[   79.842536][ T5347]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   79.844526][ T5347]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   79.846497][ T5347]  ? kobject_add_internal+0x12d/0x990
[   79.848321][ T5347]  ? do_raw_spin_unlock+0x172/0x230
[   79.849934][ T5347]  kobject_add_internal+0x2c8/0x990
[   79.851598][ T5347]  kobject_add+0x16f/0x240
[   79.853078][ T5347]  ? __pfx_kobject_add+0x10/0x10
[   79.854458][ T5347]  ? class_to_subsys+0x3e/0x160
[   79.856032][ T5347]  ? do_raw_spin_unlock+0x172/0x230
[   79.857824][ T5347]  ? kobject_put+0xab/0x5a0
[   79.859442][ T5347]  device_add+0x289/0x1a70
[   79.861016][ T5347]  ? __pfx_dev_set_name+0x10/0x10
[   79.862771][ T5347]  ? __pfx_device_add+0x10/0x10
[   79.864513][ T5347]  ? mgmt_send_event_skb+0x2f2/0x460
[   79.866441][ T5347]  hci_conn_add_sysfs+0x17e/0x230
[   79.868220][ T5347]  le_conn_complete_evt+0xfc7/0x1cf0
[   79.870175][ T5347]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   79.872199][ T5347]  ? trace_contention_end+0xea/0x140
[   79.874082][ T5347]  hci_le_enh_conn_complete_evt+0x23d/0x380
[   79.876137][ T5347]  ? skb_pull_data+0x166/0x210
[   79.877801][ T5347]  hci_le_meta_evt+0x2e2/0x5d0
[   79.879407][ T5347]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   79.881806][ T5347]  hci_event_packet+0x666/0x1190
[   79.883871][ T5347]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   79.886002][ T5347]  ? __pfx_hci_event_packet+0x10/0x10
[   79.887761][ T5347]  ? mark_held_locks+0x9f/0xe0
[   79.889086][ T5347]  ? kcov_remote_start+0x3cf/0x6e0
[   79.890649][ T5347]  ? lockdep_hardirqs_on+0x7c/0x110
[   79.892189][ T5347]  hci_rx_work+0x2c6/0x1610
[   79.893626][ T5347]  ? lock_acquire+0x2f/0xb0
[   79.895039][ T5347]  ? process_one_work+0x8bb/0x1b30
[   79.896775][ T5347]  process_one_work+0x958/0x1b30
[   79.898404][ T5347]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   79.900357][ T5347]  ? __pfx_process_one_work+0x10/0x10
[   79.902159][ T5347]  ? assign_work+0x1a0/0x250
[   79.903769][ T5347]  worker_thread+0x6c8/0xf00
[   79.905447][ T5347]  ? __pfx_worker_thread+0x10/0x10
[   79.907167][ T5347]  kthread+0x2c1/0x3a0
[   79.908572][ T5347]  ? _raw_spin_unlock_irq+0x23/0x50
[   79.910321][ T5347]  ? __pfx_kthread+0x10/0x10
[   79.911925][ T5347]  ret_from_fork+0x45/0x80
[   79.913483][ T5347]  ? __pfx_kthread+0x10/0x10
[   79.915053][ T5347]  ret_from_fork_asm+0x1a/0x30
[   79.916724][ T5347]  </TASK>
[   79.918267][ T5347] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   79.922696][ T5347] Bluetooth: hci2: failed to register connection device
[   80.998178][    T8] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   81.075641][ T5347] Bluetooth: hci0: unexpected event for opcode 0x0803
[   81.102254][ T5855] netlink: 'syz.1.119': attribute type 1 has an invalid length.
[   81.104522][ T5855] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.119'.
[   81.106913][ T5855] netlink: 'syz.1.119': attribute type 1 has an invalid length.
[   81.158110][    T8] usb 5-1: Using ep0 maxpacket: 8
[   81.163516][    T8] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[   81.168059][    T8] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   81.180347][    T8] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   81.184709][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.187341][    T8] usb 5-1: Product: syz
[   81.190429][    T8] usb 5-1: Manufacturer: syz
[   81.192348][    T8] usb 5-1: SerialNumber: syz
[   81.292417][ T5858] overlayfs: conflicting lowerdir path
[   81.339731][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.342814][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.344829][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.347124][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.352599][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.361819][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.364540][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.372969][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.376107][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.379605][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.382117][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.384655][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.387320][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.390423][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.392989][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.395516][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.398140][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.400736][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.403215][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.405257][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.407220][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.409492][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.411787][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.414331][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.416815][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.419523][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.422106][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.424609][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.427863][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.430373][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.430593][ T5861] netlink: 'syz.3.121': attribute type 4 has an invalid length.
[   81.432817][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.439470][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.441998][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.444660][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.447200][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.449667][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.451921][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.454159][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.456500][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.459143][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.461697][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.461795][ T5861] binder: 5859:5861 ioctl 810c9365 20000980 returned -22
[   81.464276][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.468573][    T8] usb 5-1: invalid UAC_HEADER (v1)
[   81.469016][ T5347] Bluetooth: hci1: unknown advertising packet type: 0x65
[   81.470630][ T5347] Bluetooth: hci1: Dropping invalid advertising data
[   81.474561][ T5347] Bluetooth: hci1: Malformed LE Event: 0x02
[   81.477008][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.479084][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.482009][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.484002][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.485957][ T1298] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   81.492034][ T1298] hid-generic 0000:0000:0000.0002: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   81.532359][    T8] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[   81.537097][    T8] usb 5-1: USB disconnect, device number 3
[   81.537840][ T5754] udevd[5754]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   81.998153][ T5347] Bluetooth: hci2: command tx timeout
[   82.536400][ T5869] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.131'.
[   82.598037][ T5873] netlink: 'syz.2.124': attribute type 4 has an invalid length.
[   82.617432][ T5873] binder: 5866:5873 ioctl 810c9365 0 returned -22
[   83.615980][ T5869] syz.0.131 (5869) used greatest stack depth: 20864 bytes left
[   83.844259][ T5890] netlink: 32 bytes leftover after parsing attributes in process `syz.0.128'.
[   84.063217][   T39] kauditd_printk_skb: 2 callbacks suppressed
[   84.063234][   T39] audit: type=1326 audit(1727875111.347:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5888 comm="syz.0.128" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x0
[   84.117209][ T5901] netlink: 'syz.3.130': attribute type 4 has an invalid length.
[   84.133754][ T5901] binder: 5897:5901 ioctl 810c9365 20000980 returned -22
[   84.530380][ T5907] netlink: 12 bytes leftover after parsing attributes in process `syz.3.133'.
[   84.639125][ T5910] bridge0: port 4(syz_tun) entered blocking state
[   84.641201][ T5910] bridge0: port 4(syz_tun) entered disabled state
[   84.643341][ T5910] syz_tun: entered allmulticast mode
[   84.646635][ T5910] syz_tun: entered promiscuous mode
[   84.652671][ T5910] bridge0: port 4(syz_tun) entered blocking state
[   84.655135][ T5910] bridge0: port 4(syz_tun) entered forwarding state
[   84.891915][ T5917] netlink: 'syz.3.134': attribute type 4 has an invalid length.
[   84.896259][ T5917] binder: 5913:5917 ioctl 810c9365 0 returned -22
[   84.942979][ T5918] netlink: 'syz.2.135': attribute type 4 has an invalid length.
[   84.948653][ T5918] binder: 5915:5918 ioctl 810c9365 20000980 returned -22
[   85.364365][ T5923] veth1_macvtap: entered allmulticast mode
[   86.502389][ T5946] netlink: 'syz.1.141': attribute type 4 has an invalid length.
[   86.507149][ T5946] binder: 5943:5946 ioctl 810c9365 20000980 returned -22
[   88.048294][   T56] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   88.218027][   T56] usb 5-1: Using ep0 maxpacket: 16
[   88.221031][   T56] usb 5-1: config 1 descriptor has 1 excess byte, ignoring
[   88.223328][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.226232][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.229452][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[   88.232548][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[   88.236195][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   88.239113][   T56] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[   88.241984][   T56] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[   88.248096][   T56] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   88.250581][   T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   88.253208][   T56] usb 5-1: SerialNumber: syz
[   88.270151][   T56] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[   88.894115][ T5974] netlink: 'syz.1.147': attribute type 13 has an invalid length.
[   89.254368][ T5975] syz.1.147 (5975) used greatest stack depth: 20832 bytes left
[   90.275975][ T5988] netlink: 'syz.1.151': attribute type 4 has an invalid length.
[   90.290870][ T5988] binder: 5986:5988 ioctl 810c9365 20000980 returned -22
[   90.604985][ T1423] usb 5-1: USB disconnect, device number 4
[   90.836593][ T6001] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   90.843368][ T5999] hub 2-0:1.0: USB hub found
[   90.854439][ T5999] hub 2-0:1.0: 2 ports detected
[   91.828162][ T6013] netlink: 8 bytes leftover after parsing attributes in process `syz.3.156'.
[   91.836615][ T6013] netlink: 'syz.3.156': attribute type 3 has an invalid length.
[   91.840325][ T6013] netlink: 196520 bytes leftover after parsing attributes in process `syz.3.156'.
[   91.905310][ T6016] usb usb8: usbfs: process 6016 (syz.3.156) did not claim interface 0 before use
[   91.908949][ T6015] netlink: 'syz.2.157': attribute type 4 has an invalid length.
[   91.914997][ T6015] binder: 6011:6015 ioctl 810c9365 20000980 returned -22
[   93.797633][ T5347] Bluetooth: hci2: SCO packet for unknown connection handle 768
[   93.800766][ T5347] Bluetooth: hci2: SCO packet for unknown connection handle 1039
[   94.388108][   T25] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   94.426837][ T6043] binder: 6039:6043 ioctl 810c9365 20000980 returned -22
[   94.548084][   T25] usb 7-1: Using ep0 maxpacket: 16
[   94.551311][   T25] usb 7-1: config 1 descriptor has 1 excess byte, ignoring
[   94.553440][   T25] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.567075][   T25] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.569897][   T25] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[   94.578064][   T25] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[   94.579785][ T6030] e1000e 0000:00:02.0 eth1: NIC Link is Down
[   94.584683][   T25] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   94.596740][   T25] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[   94.600006][ T6042] netlink: 'syz.1.163': attribute type 4 has an invalid length.
[   94.603862][   T25] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[   94.610971][   T25] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   94.620197][   T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   94.622481][   T25] usb 7-1: SerialNumber: syz
[   94.646754][   T25] cdc_acm 7-1:1.0: Control and data interfaces are not separated!
[   94.831573][ T6050] mkiss: ax0: crc mode is auto.
[   95.864068][ T6082] netlink: 'syz.3.166': attribute type 4 has an invalid length.
[   95.868220][ T6082] binder: 6080:6082 ioctl 810c9365 20000980 returned -22
[   96.406714][ T5347] Bluetooth: hci1: SCO packet for unknown connection handle 768
[   96.411877][ T5347] Bluetooth: hci1: SCO packet for unknown connection handle 1039
[   96.912553][   T30] usb 7-1: USB disconnect, device number 3
[   97.542548][ T6104] netlink: 'syz.3.173': attribute type 4 has an invalid length.
[   97.550934][ T6104] binder: 6094:6104 ioctl 810c9365 20000980 returned -22
[   98.084040][ T5347] Bluetooth: hci2: SCO packet for unknown connection handle 768
[   98.086323][ T5347] Bluetooth: hci2: SCO packet for unknown connection handle 1039
[   99.556908][ T5347] Bluetooth: hci3: SCO packet for unknown connection handle 768
[   99.563140][ T5347] Bluetooth: hci3: SCO packet for unknown connection handle 1039
[   99.612099][ T6128] mkiss: ax0: crc mode is auto.
[  100.278060][    T8] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  100.432403][ T6136] overlayfs: missing 'lowerdir'
[  100.434885][ T6136] overlayfs: missing 'lowerdir'
[  100.447797][    T8] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  100.453146][    T8] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  100.470948][    T8] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  100.473371][    T8] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.488680][    T8] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  100.491097][    T8] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  100.493219][    T8] usb 8-1: Product: syz
[  100.494343][    T8] usb 8-1: Manufacturer: syz
[  100.498624][    T8] cdc_wdm 8-1:1.0: skipping garbage
[  100.500212][    T8] cdc_wdm 8-1:1.0: skipping garbage
[  100.509129][    T8] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  100.510715][    T8] cdc_wdm 8-1:1.0: Unknown control protocol
[  101.119536][ T6134] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  102.430898][ T5725] usb 8-1: USB disconnect, device number 4
[  103.861906][ T4778] Bluetooth: hci2: SCO packet for unknown connection handle 768
[  103.872670][ T4778] Bluetooth: hci2: SCO packet for unknown connection handle 1039
[  105.128081][ T6180] mkiss: ax0: crc mode is auto.
[  105.598051][ T4778] Bluetooth: hci3: command 0x0406 tx timeout
[  106.126669][ T6187] mkiss: ax0: crc mode is auto.
[  106.410966][ T6193] overlayfs: failed to resolve './file1': -2
[  108.181456][ T6212] IPv6: addrconf: prefix option has invalid lifetime
[  108.244877][ T5347] Bluetooth: hci0: SCO packet for unknown connection handle 768
[  108.246124][ T5347] Bluetooth: hci0: SCO packet for unknown connection handle 1039
[  108.618422][ T5347] Bluetooth: hci2: SCO packet for unknown connection handle 768
[  108.626502][ T5347] Bluetooth: hci2: SCO packet for unknown connection handle 1039
[  111.114153][ T6250] mkiss: ax0: crc mode is auto.
[  111.225375][   T39] audit: type=1326 audit(1727875138.507:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  111.233459][   T39] audit: type=1326 audit(1727875138.507:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  111.244498][   T39] audit: type=1326 audit(1727875138.517:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.210" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  111.250754][   T39] audit: type=1326 audit(1727875138.517:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  111.257476][   T39] audit: type=1326 audit(1727875138.517:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  111.266755][   T39] audit: type=1326 audit(1727875138.517:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.210" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  111.274991][   T39] audit: type=1326 audit(1727875138.517:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  111.288643][   T39] audit: type=1326 audit(1727875138.517:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  111.295198][   T39] audit: type=1326 audit(1727875138.517:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.210" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  111.305832][   T39] audit: type=1326 audit(1727875138.517:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.210" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  111.868078][ T5725] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  112.037992][ T5725] usb 8-1: Using ep0 maxpacket: 16
[  112.041348][ T5725] usb 8-1: config 1 descriptor has 1 excess byte, ignoring
[  112.043231][ T5725] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.047505][ T5725] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.051150][ T5725] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  112.056446][ T5725] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  112.060864][ T5725] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  112.068658][ T5725] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  112.071352][ T5725] usb 8-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  112.076441][ T5725] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  112.079572][ T5725] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  112.083378][ T5725] usb 8-1: SerialNumber: syz
[  112.099319][ T5725] cdc_acm 8-1:1.0: Control and data interfaces are not separated!
[  113.884623][ T5347] Bluetooth: hci3: SCO packet for unknown connection handle 768
[  113.885292][ T5347] Bluetooth: hci3: SCO packet for unknown connection handle 1039
[  114.024559][ T5347] Bluetooth: hci0: SCO packet for unknown connection handle 768
[  114.026779][ T5347] Bluetooth: hci0: SCO packet for unknown connection handle 1039
[  114.450093][ T5725] usb 8-1: USB disconnect, device number 5
[  116.160211][ T6296] netlink: 4 bytes leftover after parsing attributes in process `syz.0.221'.
[  117.211754][ T6307] overlayfs: failed to resolve './file1': -2
[  117.317667][ T6310] ieee802154 phy0 wpan0: encryption failed: -22
[  117.672597][ T6317] input: syz0 as /devices/virtual/input/input5
[  118.165306][ T4778] Bluetooth: hci4: sending frame failed (-49)
[  118.167317][ T5347] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  118.172221][ T6322] Bluetooth: hci4: Frame reassembly failed (-84)
[  118.174435][ T6322] Bluetooth: hci4: Frame reassembly failed (-84)
[  118.245238][ T6327] netlink: 'syz.2.228': attribute type 4 has an invalid length.
[  118.251315][ T6327] binder: 6324:6327 ioctl 810c9365 20000980 returned -22
[  118.587290][ T6334] overlayfs: failed to resolve './file0': -2
[  119.520566][ T6344] Bluetooth: MGMT ver 1.23
[  119.768780][ T6344] Zero length message leads to an empty skb
[  119.771197][ T6353] mkiss: ax0: crc mode is auto.
[  122.518137][ T6385] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  122.524554][ T6385] IPv6: addrconf: prefix option has invalid lifetime
[  122.529041][    C2] IPv6: addrconf: prefix option has invalid lifetime
[  122.532487][    C2] IPv6: addrconf: prefix option has invalid lifetime
[  122.960690][ T6393] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  123.057013][ T6385] syz.1.240 (6385) used greatest stack depth: 20288 bytes left
[  123.293473][ T6399] overlayfs: failed to resolve './file0': -2
[  127.222624][ T6451] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  127.224557][ T6451] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  127.232788][ T6451] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  127.234543][ T6451] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  127.256596][ T6451] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  127.258803][ T6451] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  127.313738][ T6451] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  127.315428][ T6451] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  128.163054][ T6487] overlayfs: failed to resolve './file0': -2
[  130.473995][ T6527] overlayfs: failed to resolve './file0': -2
[  130.496418][ T6530] random: crng reseeded on system resumption
[  130.520716][ T6530] Restarting kernel threads ... done.
[  130.828182][    T8] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  130.968251][    T8] usb 8-1: device descriptor read/64, error -71
[  131.228356][    T8] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  131.388021][    T8] usb 8-1: device descriptor read/64, error -71
[  131.499655][    T8] usb usb8-port1: attempt power cycle
[  131.848381][    T8] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  132.010976][    T8] usb 8-1: device descriptor read/8, error -71
[  132.184153][ T1375] ieee802154 phy0 wpan0: encryption failed: -22
[  132.189327][ T1375] ieee802154 phy1 wpan1: encryption failed: -22
[  132.620174][    T8] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  132.791520][    T8] usb 8-1: device descriptor read/8, error -71
[  132.846361][ T6551] vivid-000: =================  START STATUS  =================
[  132.852923][ T6551] vivid-000: Test Pattern: 75% Colorbar
[  132.854523][ T6551] vivid-000: Fill Percentage of Frame: 100
[  132.856183][ T6551] vivid-000: Horizontal Movement: No Movement
[  132.857864][ T6551] vivid-000: Vertical Movement: No Movement
[  132.872248][ T6551] vivid-000: OSD Text Mode: All
[  132.874091][ T6551] vivid-000: Show Border: false
[  132.875890][ T6551] vivid-000: Show Square: false
[  132.877662][ T6551] vivid-000: Sensor Flipped Horizontally: false
[  132.899006][    T8] usb usb8-port1: unable to enumerate USB device
[  132.998362][ T6551] vivid-000: Sensor Flipped Vertically: false
[  133.003900][ T6554] binder: 6550:6554 ioctl c018620c 20000140 returned -22
[  133.018800][ T6551] vivid-000: Insert SAV Code in Image: false
[  133.021085][ T6551] vivid-000: Insert EAV Code in Image: false
[  133.023459][ T6551] vivid-000: Insert Video Guard Band: false
[  133.025840][ T6551] vivid-000: Reduced Framerate: false
[  133.027908][ T6551] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  133.072060][ T6551] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  133.074994][ T6551] vivid-000: Enable Capture Cropping: true grabbed
[  133.077289][ T6551] vivid-000: Enable Capture Composing: true grabbed
[  133.089343][ T6551] vivid-000: Enable Capture Scaler: true grabbed
[  133.091795][ T6551] vivid-000: Timestamp Source: End of Frame
[  133.093967][ T6551] vivid-000: Colorspace: sRGB
[  133.095676][ T6551] vivid-000: Transfer Function: Default
[  133.097634][ T6551] vivid-000: Y'CbCr Encoding: Default
[  133.144793][ T6551] vivid-000: HSV Encoding: Hue 0-179
[  133.146234][ T6551] vivid-000: Quantization: Default
[  133.147590][ T6551] vivid-000: Apply Alpha To Red Only: false
[  133.180182][ T6551] vivid-000: Standard Aspect Ratio: 4x3
[  133.182124][ T6551] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  133.184222][ T6551] vivid-000: DV Timings: 640x480p59 inactive
[  133.185869][ T6551] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  133.187913][ T6551] vivid-000: Maximum EDID Blocks: 2
[  133.208944][ T6551] vivid-000: Limited RGB Range (16-235): false
[  133.211084][ T6551] vivid-000: Rx RGB Quantization Range: Automatic
[  133.213575][ T6551] vivid-000: Power Present: 0x00000001
[  133.215642][ T6551] tpg source WxH: 320x180 (Y'CbCr)
[  133.217479][ T6551] tpg field: 1
[  133.220647][ T6551] tpg crop: 320x180@0x0
[  133.222168][ T6551] tpg compose: 320x180@0x0
[  133.223817][ T6551] tpg colorspace: 8
[  133.225429][ T6551] tpg transfer function: 0/2
[  133.227037][ T6551] tpg Y'CbCr encoding: 0/1
[  133.229652][ T6551] tpg quantization: 0/2
[  133.231278][ T6551] tpg RGB range: 0/2
[  133.232696][ T6551] vivid-000: ==================  END STATUS  ==================
[  134.325793][ T6570] mkiss: ax0: crc mode is auto.
[  134.408571][   T39] kauditd_printk_skb: 43 callbacks suppressed
[  134.408586][   T39] audit: type=1326 audit(1727875161.697:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.0.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  134.429711][   T39] audit: type=1326 audit(1727875161.707:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.0.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  134.448132][   T39] audit: type=1326 audit(1727875161.707:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.0.273" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  134.454864][   T39] audit: type=1326 audit(1727875161.707:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.0.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  134.460988][   T39] audit: type=1326 audit(1727875161.707:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.0.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  134.468211][   T39] audit: type=1326 audit(1727875161.707:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.0.273" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  134.474766][   T39] audit: type=1326 audit(1727875161.707:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.0.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  134.490763][   T39] audit: type=1326 audit(1727875161.707:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.0.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  134.496651][   T39] audit: type=1326 audit(1727875161.707:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.0.273" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  134.504076][   T39] audit: type=1326 audit(1727875161.707:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.0.273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  134.529161][ T6574] netlink: 'syz.3.275': attribute type 4 has an invalid length.
[  134.533407][ T6574] binder: 6571:6574 ioctl 810c9365 20000980 returned -22
[  135.002088][ T6577] vivid-002: =================  START STATUS  =================
[  135.005458][ T6577] vivid-002: Radio HW Seek Mode: Bounded
[  135.007238][ T6577] vivid-002: Radio Programmable HW Seek: false
[  135.015428][ T6577] vivid-002: RDS Rx I/O Mode: Block I/O
[  135.019487][ T6577] vivid-002: Generate RBDS Instead of RDS: false
[  135.022533][ T6577] vivid-002: RDS Reception: true
[  135.024300][ T6577] vivid-002: RDS Program Type: 0 inactive
[  135.026239][ T6577] vivid-002: RDS PS Name:  inactive
[  135.028105][ T6577] vivid-002: RDS Radio Text:  inactive
[  135.030015][ T6577] vivid-002: RDS Traffic Announcement: false inactive
[  135.032286][ T6577] vivid-002: RDS Traffic Program: false inactive
[  135.034643][ T6577] vivid-002: RDS Music: false inactive
[  135.036678][ T6577] vivid-002: ==================  END STATUS  ==================
[  135.434007][ T6585] mkiss: ax0: crc mode is auto.
[  136.079106][ T6588] netlink: 64 bytes leftover after parsing attributes in process `syz.0.278'.
[  136.683864][ T6595] netlink: 'syz.2.280': attribute type 4 has an invalid length.
[  136.710835][ T6595] binder: 6593:6595 ioctl 810c9365 20000980 returned -22
[  136.797263][ T6592] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'.
[  137.562295][ T6603] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  138.300256][ T6611] netlink: 'syz.2.284': attribute type 4 has an invalid length.
[  138.306594][ T6611] binder: 6609:6611 ioctl 810c9365 20000980 returned -22
[  139.848065][ T5725] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  140.008005][ T5725] usb 5-1: Using ep0 maxpacket: 16
[  140.011315][ T5725] usb 5-1: config 1 descriptor has 1 excess byte, ignoring
[  140.014295][ T5725] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.021651][ T5725] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.024374][ T5725] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  140.027303][ T5725] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  140.030803][ T5725] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  140.034514][ T5725] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  140.039448][ T5725] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  140.044258][ T5725] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  140.046409][ T5725] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  140.049691][ T5725] usb 5-1: SerialNumber: syz
[  140.067040][ T5725] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  140.375634][ T6648] mkiss: ax0: crc mode is auto.
[  140.728963][ T6656] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  140.835057][ T6654] netdevsim netdevsim1: Direct firmware load for ng failed with error -2
[  140.837711][ T6654] netdevsim netdevsim1: Falling back to sysfs fallback for: ng
[  142.412290][   T63] usb 5-1: USB disconnect, device number 5
[  142.488107][ T6676] netlink: 224 bytes leftover after parsing attributes in process `syz.3.298'.
[  144.545617][ T6702] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  144.985872][ T6706] input: syz0 as /devices/virtual/input/input7
[  145.214539][ T6712] kvm: kvm [6710]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x21
[  145.456720][ T6720] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  145.687465][ T6724] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  145.967995][ T5380] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  146.126235][ T6728] netlink: 'syz.2.310': attribute type 4 has an invalid length.
[  146.131667][ T6728] binder: 6726:6728 ioctl 810c9365 20000980 returned -22
[  146.148089][ T5380] usb 8-1: Using ep0 maxpacket: 8
[  146.150682][ T5380] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  146.153029][ T5380] usb 8-1: config 246 descriptor has 1 excess byte, ignoring
[  146.154988][ T5380] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42
[  146.157386][ T5380] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  146.160547][ T5380] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  146.163479][ T5380] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  146.166342][ T5380] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  146.172418][ T5380] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  146.174744][ T5380] usb 8-1: config 246 descriptor has 1 excess byte, ignoring
[  146.176764][ T5380] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42
[  146.179488][ T5380] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  146.182709][ T5380] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  146.188049][ T5380] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  146.190945][ T5380] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  146.198701][ T5380] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  146.201071][ T5380] usb 8-1: config 246 descriptor has 1 excess byte, ignoring
[  146.203021][ T5380] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42
[  146.205461][ T5380] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  146.218004][ T5380] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  146.220986][ T5380] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  146.223865][ T5380] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  146.243134][ T5380] usb 8-1: string descriptor 0 read error: -22
[  146.244863][ T5380] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  146.247317][ T5380] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.260236][ T5380] adutux 8-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  146.403181][ T6733] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  146.539457][ T6734] netlink: 288 bytes leftover after parsing attributes in process `syz.1.311'.
[  146.862890][ T6738] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  147.182247][ T6741] netlink: 24 bytes leftover after parsing attributes in process `syz.0.313'.
[  148.225360][ T6751] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  148.628141][    T8] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  148.629262][ T1298] usb 8-1: USB disconnect, device number 10
[  148.788016][    T8] usb 6-1: Using ep0 maxpacket: 8
[  148.797265][    T8] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  148.804038][    T8] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  148.820147][    T8] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  148.829361][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.833653][    T8] usb 6-1: Product: syz
[  148.836245][    T8] usb 6-1: Manufacturer: syz
[  148.841999][    T8] usb 6-1: SerialNumber: syz
[  149.073651][    T8] usb 6-1: invalid UAC_HEADER (v1)
[  149.184506][    T8] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[  149.206957][    T8] usb 6-1: USB disconnect, device number 3
[  149.225765][ T5353] udevd[5353]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  149.307118][ T6762] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  149.738235][ T6768] netdevsim netdevsim3: Direct firmware load for ng failed with error -2
[  149.740825][ T6768] netdevsim netdevsim3: Falling back to sysfs fallback for: ng
[  150.089756][ T6773] ecryptfs_parse_options: eCryptfs: unrecognized option [&@]
[  150.091906][ T6773] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  150.097812][ T6773] Error parsing options; rc = [-22]
[  150.304243][ T6776] netlink: 'syz.0.323': attribute type 4 has an invalid length.
[  150.309556][ T6776] binder: 6774:6776 ioctl 810c9365 20000980 returned -22
[  150.663580][ T6780] tipc: Started in network mode
[  150.665964][ T6780] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  150.669883][ T6780] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  154.131401][ T6824] netlink: 224 bytes leftover after parsing attributes in process `syz.1.331'.
[  154.226368][ T6822] netlink: 24 bytes leftover after parsing attributes in process `syz.2.332'.
[  154.476888][ T6831] 9pnet_virtio: no channels available for device syz
[  155.296586][ T6835] netlink: 288 bytes leftover after parsing attributes in process `syz.3.335'.
[  155.648982][ T6839] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  156.024013][ T6845] netlink: 16 bytes leftover after parsing attributes in process `syz.1.338'.
[  157.659239][ T6868] netlink: 4 bytes leftover after parsing attributes in process `syz.1.343'.
[  157.894132][ T6871] netlink: 4 bytes leftover after parsing attributes in process `syz.3.344'.
[  159.245116][ T6882] netlink: 224 bytes leftover after parsing attributes in process `syz.2.346'.
[  159.498247][ T6887] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  160.397164][ T6901] 9pnet_fd: Insufficient options for proto=fd
[  160.731647][   T39] kauditd_printk_skb: 46 callbacks suppressed
[  160.731662][   T39] audit: type=1326 audit(1727875188.017:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6906 comm="syz.3.351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  160.751145][   T39] audit: type=1326 audit(1727875188.037:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6906 comm="syz.3.351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  160.757837][   T39] audit: type=1326 audit(1727875188.037:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6906 comm="syz.3.351" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  160.780201][   T39] audit: type=1326 audit(1727875188.037:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6906 comm="syz.3.351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  160.785700][   T39] audit: type=1326 audit(1727875188.037:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6906 comm="syz.3.351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  160.834300][   T39] audit: type=1326 audit(1727875188.037:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6906 comm="syz.3.351" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  160.840436][   T39] audit: type=1326 audit(1727875188.037:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6906 comm="syz.3.351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  160.847308][   T39] audit: type=1326 audit(1727875188.037:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6906 comm="syz.3.351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  160.852454][   T39] audit: type=1326 audit(1727875188.057:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6906 comm="syz.3.351" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  160.857489][   T39] audit: type=1326 audit(1727875188.057:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6906 comm="syz.3.351" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  160.887812][ T6914] netlink: 288 bytes leftover after parsing attributes in process `syz.0.353'.
[  162.843401][ T6932] netlink: 224 bytes leftover after parsing attributes in process `syz.0.356'.
[  162.898310][ T6935] netlink: 'syz.1.357': attribute type 4 has an invalid length.
[  162.902583][ T6935] binder: 6927:6935 ioctl 810c9365 20000980 returned -22
[  163.577570][ T6942] 9pnet_virtio: no channels available for device syz
[  164.091014][ T6947] netlink: 'syz.0.363': attribute type 1 has an invalid length.
[  165.911343][ T6967] netlink: 'syz.0.368': attribute type 4 has an invalid length.
[  165.922182][ T6967] binder: 6965:6967 ioctl 810c9365 20000980 returned -22
[  166.698648][ T6973] netlink: 224 bytes leftover after parsing attributes in process `syz.2.370'.
[  167.323485][ T6984] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  168.308051][ T6991] 9pnet_virtio: no channels available for device syz
[  169.228203][ T7009] netlink: 'syz.0.377': attribute type 4 has an invalid length.
[  169.232865][ T7009] binder: 7002:7009 ioctl 810c9365 20000980 returned -22
[  170.655251][ T7023] tipc: Started in network mode
[  170.656882][ T7023] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  170.661766][ T7023] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  171.000658][ T7033] netlink: 224 bytes leftover after parsing attributes in process `syz.3.383'.
[  172.020878][   T39] kauditd_printk_skb: 42 callbacks suppressed
[  172.020889][   T39] audit: type=1326 audit(1727875199.307:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7050 comm="syz.0.386" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000
[  172.959677][ T7060] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  173.783101][ T7070] veth1_macvtap: entered allmulticast mode
[  174.938119][ T1298] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  175.019173][ T7080] tipc: Started in network mode
[  175.023181][ T7080] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  175.027766][ T7080] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  175.087986][ T1298] usb 7-1: Using ep0 maxpacket: 8
[  175.090696][ T1298] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  175.093929][ T1298] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  175.105056][ T1298] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  175.109159][ T1298] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.111327][ T1298] usb 7-1: Product: syz
[  175.112497][ T1298] usb 7-1: Manufacturer: syz
[  175.113790][ T1298] usb 7-1: SerialNumber: syz
[  175.334514][ T1298] usb 7-1: invalid UAC_HEADER (v1)
[  175.355497][ T1298] snd-usb-audio 7-1:1.0: probe with driver snd-usb-audio failed with error -22
[  175.365270][ T5353] udevd[5353]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  175.373012][ T1298] usb 7-1: USB disconnect, device number 4
[  175.765500][ T7085] netlink: 20 bytes leftover after parsing attributes in process `syz.3.396'.
[  175.844650][ T7089] overlayfs: failed to resolve './file1': -2
[  176.019374][ T7090] nbd1: detected capacity change from 0 to 22
[  176.031269][ T7094] block nbd1: shutting down sockets
[  176.041714][    C2] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  176.045238][    C2] Buffer I/O error on dev nbd1, logical block 0, async page read
[  176.053009][ T1217] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  176.055551][ T1217] Buffer I/O error on dev nbd1, logical block 0, async page read
[  176.058952][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  176.088509][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  176.121181][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  176.121977][ T7095] netlink: 224 bytes leftover after parsing attributes in process `syz.2.398'.
[  176.123654][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  176.128307][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  176.131050][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  176.133202][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  176.135777][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  176.138077][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  176.140557][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  176.143697][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  176.147204][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  176.151737][ T5353] ldm_validate_partition_table(): Disk read failed.
[  176.158186][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  176.161038][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  176.163197][ T5353] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  176.169684][ T5353] Buffer I/O error on dev nbd1, logical block 0, async page read
[  176.172667][ T5353] Dev nbd1: unable to read RDB block 0
[  176.174889][ T5353]  nbd1: unable to read partition table
[  176.177229][ T5353] nbd1: partition table beyond EOD, truncated
[  176.201593][ T5353] ldm_validate_partition_table(): Disk read failed.
[  176.203569][ T5353] Dev nbd1: unable to read RDB block 0
[  176.205118][ T5353]  nbd1: unable to read partition table
[  176.206631][ T5353] nbd1: partition table beyond EOD, truncated
[  176.248013][   T56] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  176.388111][   T56] usb 8-1: device descriptor read/64, error -71
[  176.638054][   T56] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  176.768024][   T56] usb 8-1: device descriptor read/64, error -71
[  176.879148][   T56] usb usb8-port1: attempt power cycle
[  177.238057][   T56] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  177.258949][   T56] usb 8-1: device descriptor read/8, error -71
[  177.320350][ T7105] overlayfs: failed to get index nlink (file1/file0, err=-61)
[  177.346743][ T7105] overlayfs: failed to get index nlink (file1/file0, err=-61)
[  177.518009][   T56] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  177.541877][   T56] usb 8-1: device descriptor read/8, error -71
[  177.652068][   T56] usb usb8-port1: unable to enumerate USB device
[  177.907717][ T7111] hub 9-0:1.0: USB hub found
[  177.910009][ T7111] hub 9-0:1.0: 1 port detected
[  177.999527][   T39] audit: type=1326 audit(1727875205.287:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.2.403" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x0
[  179.162182][ T7159] mkiss: ax0: crc mode is auto.
[  179.460900][ T7163] random: crng reseeded on system resumption
[  179.475943][ T7163] Restarting kernel threads ... done.
[  179.998068][   T56] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  180.138040][   T56] usb 7-1: device descriptor read/64, error -71
[  180.378066][   T56] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  180.508066][   T56] usb 7-1: device descriptor read/64, error -71
[  180.628228][   T56] usb usb7-port1: attempt power cycle
[  180.978284][   T56] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  181.028131][   T56] usb 7-1: device descriptor read/8, error -71
[  181.278270][   T56] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  181.298470][   T56] usb 7-1: device descriptor read/8, error -71
[  181.421759][   T56] usb usb7-port1: unable to enumerate USB device
[  181.959653][ T7178] fuse: Bad value for 'fd'
[  182.036755][   T39] audit: type=1326 audit(1727875209.317:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7179 comm="syz.1.412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000
[  182.048022][   T39] audit: type=1326 audit(1727875209.327:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7179 comm="syz.1.412" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73de579 code=0x7fc00000
[  182.153281][ T7183] netlink: 8 bytes leftover after parsing attributes in process `syz.0.411'.
[  182.412456][ T7185] netlink: 20 bytes leftover after parsing attributes in process `syz.2.413'.
[  182.499141][ T7186] overlayfs: failed to resolve './file1': -2
[  182.778018][    T8] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  182.806280][   T39] audit: type=1326 audit(1727875210.087:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7179 comm="syz.1.412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000
[  182.918194][    T8] usb 7-1: device descriptor read/64, error -71
[  183.898836][    T8] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  184.088054][    T8] usb 7-1: device descriptor read/64, error -71
[  184.208351][    T8] usb usb7-port1: attempt power cycle
[  184.394072][ T5380] libceph: connect (1)[c::]:6789 error -101
[  184.396140][ T5380] libceph: mon0 (1)[c::]:6789 connect error
[  184.570147][    T8] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  184.599290][    T8] usb 7-1: device descriptor read/8, error -71
[  184.679439][ T5380] libceph: connect (1)[c::]:6789 error -101
[  184.681648][ T5380] libceph: mon0 (1)[c::]:6789 connect error
[  184.838088][    T8] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  184.871219][    T8] usb 7-1: device descriptor read/8, error -71
[  184.978404][    T8] usb usb7-port1: unable to enumerate USB device
[  185.124332][ T7208] ceph: No mds server is up or the cluster is laggy
[  185.198443][ T5380] libceph: connect (1)[c::]:6789 error -101
[  185.200142][ T5380] libceph: mon0 (1)[c::]:6789 connect error
[  185.462898][ T7229] netlink: 68 bytes leftover after parsing attributes in process `syz.2.422'.
[  185.510166][ T7227] bpq0: entered promiscuous mode
[  185.512829][ T7227] bpq0: entered allmulticast mode
[  185.667164][ T7232] program syz.2.423 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  187.104901][ T7245] netlink: 'syz.1.426': attribute type 4 has an invalid length.
[  187.109973][ T7245] binder: 7241:7245 ioctl 810c9365 20000980 returned -22
[  187.958492][ T7257] netlink: 20 bytes leftover after parsing attributes in process `syz.0.431'.
[  188.025854][ T7257] overlayfs: failed to resolve './file1': -2
[  188.298067][   T56] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  188.428189][   T56] usb 5-1: device descriptor read/64, error -71
[  188.668109][   T56] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  188.808001][   T56] usb 5-1: device descriptor read/64, error -71
[  188.918864][   T56] usb usb5-port1: attempt power cycle
[  189.269111][   T56] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  189.288702][   T56] usb 5-1: device descriptor read/8, error -71
[  189.368653][ T7271] sp0: Synchronizing with TNC
[  189.406605][ T7271] sp0: Found TNC
[  189.558013][   T56] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  189.578974][   T56] usb 5-1: device descriptor read/8, error -71
[  189.692269][   T56] usb usb5-port1: unable to enumerate USB device
[  189.739096][ T7275] netlink: 8 bytes leftover after parsing attributes in process `syz.1.435'.
[  189.767610][ T7275] 9pnet: Unknown protocol version 9
[  190.010028][ T7269] [U] è`
[  191.578639][ T7295] netlink: 'syz.3.442': attribute type 4 has an invalid length.
[  191.588646][ T7295] binder: 7293:7295 ioctl 810c9365 20000980 returned -22
[  191.684531][ T7298] random: crng reseeded on system resumption
[  191.711353][ T7298] Restarting kernel threads ... done.
[  191.953678][ T7301] netlink: zone id is out of range
[  191.961001][ T7301] netlink: zone id is out of range
[  191.964075][ T7301] netlink: zone id is out of range
[  191.969548][ T7301] netlink: zone id is out of range
[  191.985803][ T7301] netlink: set zone limit has 4 unknown bytes
[  192.138219][    T8] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  192.268436][    T8] usb 6-1: device descriptor read/64, error -71
[  192.508061][    T8] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  192.648116][    T8] usb 6-1: device descriptor read/64, error -71
[  192.760232][    T8] usb usb6-port1: attempt power cycle
[  193.128196][    T8] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  193.148510][    T8] usb 6-1: device descriptor read/8, error -71
[  193.388324][    T8] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  193.429083][    T8] usb 6-1: device descriptor read/8, error -71
[  193.549087][    T8] usb usb6-port1: unable to enumerate USB device
[  193.615626][ T1375] ieee802154 phy1 wpan1: encryption failed: -22
[  193.634957][ T7316] netlink: 'syz.2.446': attribute type 10 has an invalid length.
[  193.637012][ T7316] ipvlan1: entered promiscuous mode
[  193.655340][ T7316] team0: Device ipvlan1 failed to register rx_handler
[  193.718117][ T7316] autofs: Bad value for 'fd'
[  193.842514][ T7323] usb usb8: usbfs: process 7323 (syz.2.449) did not claim interface 0 before use
[  194.694617][ T7334] netlink: 'syz.0.451': attribute type 4 has an invalid length.
[  194.701310][ T7334] binder: 7331:7334 ioctl 810c9365 20000980 returned -22
[  194.720682][ T7330] netlink: 4 bytes leftover after parsing attributes in process `syz.3.450'.
[  195.002145][ T7343] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.492467][ T7347] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.938995][ T7355] netlink: 3 bytes leftover after parsing attributes in process `syz.3.457'.
[  196.052451][ T7355] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  197.961859][ T7371] random: crng reseeded on system resumption
[  198.057809][ T7370] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  198.059712][ T7370] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  198.073642][ T7370] vhci_hcd vhci_hcd.0: Device attached
[  198.098069][ T7376] usbip_core: unknown command
[  198.112230][ T7376] vhci_hcd: unknown pdu 0
[  198.113824][ T7376] usbip_core: unknown command
[  198.118936][ T1131] vhci_hcd: stop threads
[  198.120534][ T1131] vhci_hcd: release socket
[  198.122141][ T1131] vhci_hcd: disconnect device
[  198.308003][   T56] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  198.438067][   T56] usb 5-1: device descriptor read/64, error -71
[  198.530298][ T7379] netlink: 'syz.1.463': attribute type 21 has an invalid length.
[  198.688073][   T56] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  198.889334][   T56] usb 5-1: device descriptor read/64, error -71
[  199.018302][   T56] usb usb5-port1: attempt power cycle
[  199.302580][ T7388] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  199.368110][   T56] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  199.388863][   T56] usb 5-1: device descriptor read/8, error -71
[  199.620331][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.622462][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.624480][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.626438][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.632631][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.635528][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.639838][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.642015][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.644072][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.646031][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.648493][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.650597][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.652727][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.655037][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.657278][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.658037][   T56] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  199.659745][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.664923][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.666938][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.669093][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.671218][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.673230][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.675399][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.677426][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.679572][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.681588][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.683595][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.685693][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.687831][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.688848][   T56] usb 5-1: device descriptor read/8, error -71
[  199.690248][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.694134][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.696151][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.698256][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.700484][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.703247][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.705306][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.707373][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.709448][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.711505][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.713450][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.715394][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.717340][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.719440][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.722237][ T5380] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  199.725892][ T5380] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  199.809121][   T56] usb usb5-port1: unable to enumerate USB device
[  200.012791][ T7397] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  201.280105][ T7408] tls_set_device_offload: netdev not found
[  201.448653][ T7415] 9pnet_fd: Insufficient options for proto=fd
[  202.088095][ T5347] Bluetooth: hci0: command tx timeout
[  202.242890][ T7421] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  202.338824][ T7423] netlink: 24 bytes leftover after parsing attributes in process `syz.2.474'.
[  202.368975][ T7423] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  202.371780][ T7423] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  202.851177][   T39] audit: type=1326 audit(1727875230.137:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz.1.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  202.857622][   T39] audit: type=1326 audit(1727875230.137:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz.1.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  202.870227][   T39] audit: type=1326 audit(1727875230.137:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz.1.476" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73de579 code=0x7ffc0000
[  202.875379][   T39] audit: type=1326 audit(1727875230.137:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz.1.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  202.882563][   T39] audit: type=1326 audit(1727875230.137:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz.1.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  202.887743][   T39] audit: type=1326 audit(1727875230.147:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz.1.476" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf73de579 code=0x7ffc0000
[  202.893216][   T39] audit: type=1326 audit(1727875230.147:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz.1.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  202.901123][   T39] audit: type=1326 audit(1727875230.147:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz.1.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  202.906458][   T39] audit: type=1326 audit(1727875230.147:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz.1.476" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  202.908778][ T7427] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  202.911751][   T39] audit: type=1326 audit(1727875230.147:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz.1.476" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  204.918278][ T7454] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.696452][ T7465] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  205.771185][ T7471] autofs: Bad value for 'fd'
[  205.918851][ T7471] evm: overlay not supported
[  206.178038][   T63] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  206.351813][   T63] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  206.354680][   T63] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  206.358302][   T63] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  206.361574][   T63] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  206.365284][   T63] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  206.378234][   T63] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  206.381247][   T63] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  206.384122][   T63] usb 7-1: Product: syz
[  206.385586][   T63] usb 7-1: Manufacturer: syz
[  206.398463][   T63] cdc_wdm 7-1:1.0: skipping garbage
[  206.400264][   T63] cdc_wdm 7-1:1.0: skipping garbage
[  206.404093][   T63] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  206.406054][   T63] cdc_wdm 7-1:1.0: Unknown control protocol
[  206.538690][ T2785] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  206.605010][ T5380] kernel write not supported for file /cdc-wdm0 (pid: 5380 comm: kworker/3:3)
[  206.613918][ T7481] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  206.635102][ T7476] vcan0 speed is unknown, defaulting to 1000
[  206.637874][ T7476] vcan0 speed is unknown, defaulting to 1000
[  206.641553][ T7476] vcan0 speed is unknown, defaulting to 1000
[  206.678932][ T7483] netlink: 'syz.3.495': attribute type 10 has an invalid length.
[  206.681029][ T7483] ipvlan1: entered promiscuous mode
[  206.687565][ T7476] infiniband syz1: set active
[  206.689028][ T7476] infiniband syz1: added vcan0
[  206.694755][ T7483] team0: Device ipvlan1 failed to register rx_handler
[  206.698068][ T2785] usb 6-1: Using ep0 maxpacket: 8
[  206.702122][ T2785] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  206.704810][ T2785] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  206.708775][ T2785] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  206.711273][ T2785] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.713558][ T2785] usb 6-1: Product: syz
[  206.714684][ T2785] usb 6-1: Manufacturer: syz
[  206.715974][ T2785] usb 6-1: SerialNumber: syz
[  206.721087][ T7487] autofs: Bad value for 'fd'
[  206.723036][    T8] vcan0 speed is unknown, defaulting to 1000
[  206.752428][ T7476] RDS/IB: syz1: added
[  206.753895][ T7476] smc: adding ib device syz1 with port count 1
[  206.755808][ T7476] smc:    ib device syz1 port 1 has pnetid SYZ0 (user defined)
[  206.760160][    T8] vcan0 speed is unknown, defaulting to 1000
[  206.764758][ T7476] vcan0 speed is unknown, defaulting to 1000
[  206.843337][ T7476] vcan0 speed is unknown, defaulting to 1000
[  206.932829][ T7476] vcan0 speed is unknown, defaulting to 1000
[  206.958151][ T2785] usb 6-1: invalid UAC_HEADER (v1)
[  206.968711][ T2785] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[  206.973166][ T2785] usb 6-1: USB disconnect, device number 8
[  206.991807][ T5353] udevd[5353]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  207.038910][ T7476] vcan0 speed is unknown, defaulting to 1000
[  207.109542][   T63] usb 7-1: USB disconnect, device number 13
[  207.486050][ T7492] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  208.204487][ T7503] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  208.264594][ T7505] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  208.662018][ T7513] xt_connbytes: Forcing CT accounting to be enabled
[  208.664168][ T7513] xt_CT: You must specify a L4 protocol and not use inversions on it
[  209.329373][ T7528] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  209.368250][   T63] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  209.518106][   T63] usb 5-1: Using ep0 maxpacket: 8
[  209.522230][   T63] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  209.525435][   T63] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  209.531262][   T63] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  209.534173][   T63] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.536651][   T63] usb 5-1: Product: syz
[  209.538153][   T63] usb 5-1: Manufacturer: syz
[  209.539621][   T63] usb 5-1: SerialNumber: syz
[  209.754329][   T63] usb 5-1: invalid UAC_HEADER (v1)
[  209.770356][   T63] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  209.776944][   T63] usb 5-1: USB disconnect, device number 14
[  209.788216][ T5353] udevd[5353]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  209.802945][   T39] kauditd_printk_skb: 52 callbacks suppressed
[  209.802960][   T39] audit: type=1326 audit(1727875237.087:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7531 comm="syz.2.510" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x0
[  209.838666][ T7535] block nbd2: Device being setup by another task
[  209.857871][ T7534] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  209.860306][ T7534] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  209.868059][ T7534] vhci_hcd vhci_hcd.0: Device attached
[  209.872990][ T7536] usbip_core: unknown command
[  209.874656][ T7536] vhci_hcd: unknown pdu 0
[  209.876193][ T7536] usbip_core: unknown command
[  209.880263][ T1131] vhci_hcd: stop threads
[  209.881455][ T1131] vhci_hcd: release socket
[  209.882715][ T1131] vhci_hcd: disconnect device
[  209.904709][ T7535] block nbd2: shutting down sockets
[  210.761672][ T7550] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  210.952962][ T7553] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  211.090748][ T7556] usb usb8: usbfs: process 7556 (syz.1.515) did not claim interface 0 before use
[  211.644017][ T7563] netlink: 'syz.2.516': attribute type 4 has an invalid length.
[  211.652455][ T7563] binder: 7559:7563 ioctl 810c9365 20000980 returned -22
[  212.918051][   T56] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  213.068007][   T56] usb 7-1: Using ep0 maxpacket: 16
[  213.072052][   T56] usb 7-1: config 1 descriptor has 1 excess byte, ignoring
[  213.074101][   T56] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  213.078709][   T56] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  213.082382][   T56] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  213.085648][   T56] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  213.088746][   T56] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  213.091290][   T56] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  213.095985][   T56] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  213.100567][   T56] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  213.102981][   T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  213.105630][   T56] usb 7-1: SerialNumber: syz
[  213.113873][   T56] cdc_acm 7-1:1.0: Control and data interfaces are not separated!
[  215.343510][ T5380] usb 7-1: USB disconnect, device number 14
[  216.367706][ T7629] netlink: 36 bytes leftover after parsing attributes in process `syz.0.532'.
[  216.414311][ T7620] netlink: 8 bytes leftover after parsing attributes in process `syz.3.530'.
[  216.446450][ T7629] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  216.450216][ T7630] serio: Serial port pts0
[  216.758093][ T5380] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  216.923413][ T5380] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  216.927368][ T5380] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  216.931801][ T5380] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  216.936574][ T5380] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  216.941301][ T5380] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.949479][ T5380] usb 7-1: config 0 descriptor??
[  216.954416][ T7630] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  217.033983][ T7635] netlink: 'syz.1.534': attribute type 4 has an invalid length.
[  217.038906][ T7635] binder: 7632:7635 ioctl 810c9365 20000980 returned -22
[  217.230313][ T7642] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond_slave_0, syncid = 0, id = 0
[  218.732349][ T5380] usbhid 7-1:0.0: can't add hid device: -71
[  218.733914][ T5380] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  218.744101][ T5380] usb 7-1: USB disconnect, device number 15
[  218.806753][ T7648] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  218.917315][ T7650] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  220.452570][ T7671] netlink: 'syz.2.545': attribute type 4 has an invalid length.
[  220.456977][ T7671] binder: 7669:7671 ioctl 810c9365 20000980 returned -22
[  220.939680][ T7678] netlink: 8 bytes leftover after parsing attributes in process `syz.1.548'.
[  221.488049][   T56] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  221.638049][   T56] usb 6-1: Using ep0 maxpacket: 16
[  221.648459][   T56] usb 6-1: config 1 descriptor has 1 excess byte, ignoring
[  221.652219][   T56] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  221.657412][   T56] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  221.660370][   T56] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  221.663274][   T56] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  221.668144][   T56] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  221.672778][   T56] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  221.681102][   T56] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  221.689309][   T56] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  221.691695][   T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  221.693782][   T56] usb 6-1: SerialNumber: syz
[  221.698720][   T56] cdc_acm 6-1:1.0: Control and data interfaces are not separated!
[  222.063392][ T7694] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  223.027677][ T7701] random: crng reseeded on system resumption
[  223.082591][ T7706] netlink: 'syz.2.554': attribute type 4 has an invalid length.
[  223.088346][ T7706] binder: 7704:7706 ioctl 810c9365 20000980 returned -22
[  223.629611][ T7715] syz.3.557(7715): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  224.029284][   T56] usb 6-1: USB disconnect, device number 9
[  225.425579][ T7741] netlink: 'syz.3.564': attribute type 4 has an invalid length.
[  225.428965][ T7741] binder: 7738:7741 ioctl 810c9365 20000980 returned -22
[  226.562951][ T7754] netlink: 8 bytes leftover after parsing attributes in process `syz.0.567'.
[  226.865264][ T7761] syzkaller0: entered promiscuous mode
[  226.866840][ T7761] syzkaller0: entered allmulticast mode
[  226.894704][   T39] audit: type=1326 audit(1727875254.177:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7760 comm="syz.2.569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  226.901233][   T39] audit: type=1326 audit(1727875254.177:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7760 comm="syz.2.569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  226.907051][   T39] audit: type=1326 audit(1727875254.187:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7760 comm="syz.2.569" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  226.916626][   T39] audit: type=1326 audit(1727875254.187:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7760 comm="syz.2.569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  226.923893][   T39] audit: type=1326 audit(1727875254.187:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7760 comm="syz.2.569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  226.933281][   T39] audit: type=1326 audit(1727875254.187:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7760 comm="syz.2.569" exe="/syz-executor" sig=0 arch=40000003 syscall=334 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  226.940533][   T39] audit: type=1326 audit(1727875254.187:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7760 comm="syz.2.569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  226.947763][   T39] audit: type=1326 audit(1727875254.187:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7760 comm="syz.2.569" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  226.955559][   T39] audit: type=1326 audit(1727875254.187:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7760 comm="syz.2.569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  226.961456][   T39] audit: type=1326 audit(1727875254.187:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7760 comm="syz.2.569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  227.429939][ T7765] netlink: 8 bytes leftover after parsing attributes in process `syz.2.570'.
[  227.445082][ T7768] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  227.457803][ T7765] ax25_connect(): syz.2.570 uses autobind, please contact jreuter@yaina.de
[  227.661917][ T7771] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  229.888011][ T7790] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  230.200078][ T7794] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  230.687326][ T7805] 9pnet_fd: Insufficient options for proto=fd
[  231.658149][   T56] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  231.818055][   T56] usb 7-1: Using ep0 maxpacket: 16
[  231.821350][   T56] usb 7-1: config 1 descriptor has 1 excess byte, ignoring
[  231.823832][   T56] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.868008][   T56] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.870501][   T56] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  231.873255][   T56] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  231.876207][   T56] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  231.880156][   T56] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  231.902234][   T56] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  231.911770][   T56] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  231.914168][   T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  231.916309][   T56] usb 7-1: SerialNumber: syz
[  231.949295][   T56] cdc_acm 7-1:1.0: Control and data interfaces are not separated!
[  234.134767][   T56] usb 7-1: USB disconnect, device number 16
[  234.483644][ T7845] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  235.258593][ T7852] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  235.726518][ T7856] netlink: 4 bytes leftover after parsing attributes in process `syz.3.596'.
[  235.782134][ T7856] syz.3.596[7856] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  236.100936][ T7862] 9pnet: Unknown protocol version 9p20\++}
[  236.782272][ T7872] hub 2-0:1.0: USB hub found
[  236.784910][ T7872] hub 2-0:1.0: 2 ports detected
[  237.014452][ T7872] binder: 7867:7872 ioctl 4018620d 0 returned -22
[  237.278131][ T5347] Bluetooth: hci0: command tx timeout
[  237.755978][ T7880] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  237.915335][ T7886] netlink: zone id is out of range
[  237.920338][ T7886] netlink: zone id is out of range
[  237.928297][ T7886] netlink: zone id is out of range
[  237.930960][ T7886] netlink: zone id is out of range
[  237.963311][ T7886] netlink: set zone limit has 4 unknown bytes
[  238.633933][ T7901] netlink: 8 bytes leftover after parsing attributes in process `syz.3.607'.
[  238.697641][ T7903] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  238.962659][ T7907] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.178838][ T7910] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  242.128777][ T7939] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond_slave_0, syncid = 0, id = 0
[  242.797255][ T7951] ISOFS: Unable to identify CD-ROM format.
[  243.312402][ T7954] netlink: 68 bytes leftover after parsing attributes in process `syz.3.622'.
[  243.649781][ T7957] input: syz0 as /devices/virtual/input/input11
[  244.516627][ T7963] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  245.708059][   T56] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  245.858091][   T56] usb 5-1: Using ep0 maxpacket: 16
[  245.861675][   T56] usb 5-1: config 1 descriptor has 1 excess byte, ignoring
[  245.863604][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  245.866381][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  245.867586][ T7976] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  245.878159][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  245.881189][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  245.884146][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  245.886675][   T56] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  245.892762][   T56] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  245.897441][   T56] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  245.899874][   T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  245.902080][   T56] usb 5-1: SerialNumber: syz
[  245.907465][   T56] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  246.331561][ T7980] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  246.871287][ T7988] autofs4:pid:7988:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(4294967071.1), cmd(0xc018937e)
[  246.875899][ T7988] autofs4:pid:7988:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e)
[  247.797146][ T7997] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[  248.344065][   T56] usb 5-1: USB disconnect, device number 15
[  251.875426][ T8037] hub 2-0:1.0: USB hub found
[  251.880826][ T8037] hub 2-0:1.0: 2 ports detected
[  252.013724][ T8045] binder: 8031:8045 ioctl 4018620d 0 returned -22
[  253.084051][ T8054] input: syz0 as /devices/virtual/input/input12
[  253.332817][ T8056] RDS: rds_bind could not find a transport for fe80::aa, load rds_tcp or rds_rdma?
[  253.401316][ T8057] No control pipe specified
[  253.540401][   T39] kauditd_printk_skb: 16 callbacks suppressed
[  253.540521][   T39] audit: type=1804 audit(1727875280.827:270): pid=8057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.650" name="/newroot/172/bus/bus" dev="overlay" ino=1048 res=1 errno=0
[  254.998585][ T8072] netlink: zone id is out of range
[  255.000354][ T8072] netlink: zone id is out of range
[  255.001785][ T8072] netlink: zone id is out of range
[  255.003467][ T8072] netlink: zone id is out of range
[  255.007337][ T8072] netlink: set zone limit has 4 unknown bytes
[  255.051056][ T1375] ieee802154 phy1 wpan1: encryption failed: -22
[  255.187675][ T8063] Process accounting resumed
[  256.360283][ T8091] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  256.688042][   T56] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  256.858138][   T56] usb 5-1: Using ep0 maxpacket: 16
[  256.863524][   T56] usb 5-1: config 1 descriptor has 1 excess byte, ignoring
[  256.863566][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  256.863587][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  256.863605][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  256.863625][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  256.863646][   T56] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  256.863662][   T56] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  256.863789][   T56] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  256.864544][   T56] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  256.864558][   T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  256.864568][   T56] usb 5-1: SerialNumber: syz
[  256.881029][   T56] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  256.931832][ T8104] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  257.241975][ T8108] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.971424][ T8114] vivid-000: =================  START STATUS  =================
[  257.974116][ T8114] vivid-000: Radio HW Seek Mode: Bounded
[  257.976163][ T8114] vivid-000: Radio Programmable HW Seek: false
[  257.979233][ T8114] vivid-000: RDS Rx I/O Mode: Block I/O
[  257.981192][ T8114] vivid-000: Generate RBDS Instead of RDS: false
[  257.983292][ T8114] vivid-000: RDS Reception: true
[  257.985078][ T8114] vivid-000: RDS Program Type: 0 inactive
[  257.987114][ T8114] vivid-000: RDS PS Name:  inactive
[  257.989158][ T8114] vivid-000: RDS Radio Text:  inactive
[  257.991953][ T8114] vivid-000: RDS Traffic Announcement: false inactive
[  257.998209][ T8114] vivid-000: RDS Traffic Program: false inactive
[  258.003188][ T8114] vivid-000: RDS Music: false inactive
[  258.005783][ T8114] vivid-000: ==================  END STATUS  ==================
[  258.568409][ T8125] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 80
[  258.959905][ T5347] Bluetooth: hci0: command tx timeout
[  259.166539][   T56] usb 5-1: USB disconnect, device number 16
[  259.335245][ T8136] netlink: 'syz.1.676': attribute type 10 has an invalid length.
[  259.355588][ T8138] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  259.356150][ T8136] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  259.364421][ T8136] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  259.371385][ T8136] team0: Port device netdevsim0 added
[  259.744434][ T8146] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  261.176199][ T8165] tls_set_device_offload: netdev not found
[  261.625919][ T8174] input: syz1 as /devices/virtual/input/input13
[  262.378337][ T8190] 9pnet: Unknown protocol version 9p20\++}
[  263.161336][ T8195] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  263.887400][ T8199] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  264.218023][   T30] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  264.368022][   T30] usb 7-1: Using ep0 maxpacket: 8
[  264.373818][   T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  264.376476][   T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  264.378636][   T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  264.381274][   T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  264.384821][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  264.388205][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  264.391043][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  264.396459][   T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  264.398910][   T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  264.400933][   T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  264.403903][   T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  264.407252][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  264.410575][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  264.414199][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  264.418982][   T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  264.421540][   T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  264.423647][   T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  264.426679][   T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  264.430108][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  264.433894][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  264.439380][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  264.452281][   T30] usb 7-1: string descriptor 0 read error: -22
[  264.454202][   T30] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  264.457157][   T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.473138][   T30] adutux 7-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  264.924181][    T8] usb 7-1: USB disconnect, device number 17
[  265.977701][ T8227] netlink: 36 bytes leftover after parsing attributes in process `syz.1.690'.
[  265.981722][ T8227] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.997310][ T8227] loop6: detected capacity change from 0 to 524287999
[  266.003596][    C1] blk_print_req_error: 25 callbacks suppressed
[  266.003613][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  266.009328][    C1] buffer_io_error: 25 callbacks suppressed
[  266.009344][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  266.013894][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  266.017387][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  266.020772][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  266.023363][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  266.025687][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  266.028488][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  266.031692][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  266.034099][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  266.037996][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  266.041477][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  266.044085][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  266.046682][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  266.051158][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  266.054103][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  266.056258][ T8227] ldm_validate_partition_table(): Disk read failed.
[  266.058438][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  266.061818][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  266.065032][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  266.068455][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  266.074022][ T8227] Dev loop6: unable to read RDB block 0
[  266.077478][ T8227]  loop6: unable to read partition table
[  266.079904][ T8227] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  266.179259][ T8233] vcan0 speed is unknown, defaulting to 1000
[  266.219684][ T8234] netlink: 45 bytes leftover after parsing attributes in process `syz.0.692'.
[  266.488255][   T63] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  266.583794][ T8237] RDS: rds_bind could not find a transport for fe80::aa, load rds_tcp or rds_rdma?
[  266.619035][   T63] usb 5-1: device descriptor read/64, error -71
[  266.643486][ T8238] No control pipe specified
[  266.684606][   T39] audit: type=1804 audit(1727875293.967:271): pid=8238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.693" name="/newroot/170/bus/bus" dev="overlay" ino=1043 res=1 errno=0
[  266.858186][   T63] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  266.998232][   T63] usb 5-1: device descriptor read/64, error -71
[  267.110195][   T63] usb usb5-port1: attempt power cycle
[  267.118243][ T8243] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  267.478029][   T63] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  267.499060][   T63] usb 5-1: device descriptor read/8, error -71
[  267.628079][   T30] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  267.751474][   T63] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  267.778067][   T30] usb 7-1: Using ep0 maxpacket: 16
[  267.780357][   T63] usb 5-1: device descriptor read/8, error -71
[  267.782783][   T30] usb 7-1: config 1 descriptor has 1 excess byte, ignoring
[  267.784767][   T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.787600][   T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.790403][   T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  267.796358][   T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  267.808620][   T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  267.813381][   T30] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  267.816963][   T30] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  267.823046][   T30] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  267.826397][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  267.829703][   T30] usb 7-1: SerialNumber: syz
[  267.838336][   T30] cdc_acm 7-1:1.0: Control and data interfaces are not separated!
[  267.908272][   T63] usb usb5-port1: unable to enumerate USB device
[  268.947797][ T8256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.705'.
[  268.964784][ T8256] bridge0: port 4(syz_tun) entered disabled state
[  269.808111][   T30] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  269.988054][   T30] usb 5-1: Using ep0 maxpacket: 16
[  269.995923][   T30] usb 5-1: config 1 descriptor has 1 excess byte, ignoring
[  269.998747][   T30] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  270.002511][   T30] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  270.005711][   T30] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  270.016439][   T30] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  270.028904][   T30] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  270.032806][   T30] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  270.040690][   T30] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  270.094127][   T30] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  270.147862][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  270.150119][   T30] usb 5-1: SerialNumber: syz
[  270.178538][   T30] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  270.369809][   T30] usb 7-1: USB disconnect, device number 18
[  270.593962][ T8274] netlink: 'syz.2.700': attribute type 1 has an invalid length.
[  271.874135][ T8288] netlink: 28 bytes leftover after parsing attributes in process `syz.3.703'.
[  272.073089][ T8290] capability: warning: `syz.1.704' uses 32-bit capabilities (legacy support in use)
[  272.114099][ T8294] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  272.252540][   T56] usb 5-1: USB disconnect, device number 21
[  272.358116][   T30] usb 7-1: new full-speed USB device number 19 using dummy_hcd
[  272.556366][   T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  272.750969][   T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  272.753663][   T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  272.756805][   T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  272.761622][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 64
[  272.765417][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  272.769572][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  272.774255][   T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  272.777305][   T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  272.788146][   T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  272.791587][   T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  272.795236][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 64
[  272.808124][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  272.811566][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  272.819631][   T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  272.822395][   T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  272.824780][   T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  272.828064][   T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  272.831711][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 64
[  272.834708][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  272.838062][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  272.850172][   T30] usb 7-1: string descriptor 0 read error: -22
[  272.851866][   T30] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  272.854123][   T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.868640][   T30] adutux 7-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  273.338019][   T30] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  273.367825][    T8] usb 7-1: USB disconnect, device number 19
[  273.488039][   T30] usb 6-1: Using ep0 maxpacket: 16
[  273.493156][   T30] usb 6-1: config 1 descriptor has 1 excess byte, ignoring
[  273.495859][   T30] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.499227][   T30] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.502579][   T30] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  273.506386][   T30] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59391, setting to 1024
[  273.510263][   T30] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  273.514576][   T30] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  273.518731][   T30] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  273.534119][   T30] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  273.537303][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  273.540204][   T30] usb 6-1: SerialNumber: syz
[  273.560097][   T30] cdc_acm 6-1:1.0: Control and data interfaces are not separated!
[  274.057549][ T8314] hub 2-0:1.0: USB hub found
[  274.059387][ T8314] hub 2-0:1.0: 2 ports detected
[  274.119735][ T8314] binder: 8309:8314 ioctl 4018620d 0 returned -22
[  274.542727][ T8319] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  275.876396][   T63] usb 6-1: USB disconnect, device number 10
[  276.159882][ T8330] vcan0 speed is unknown, defaulting to 1000
[  276.247540][ T8334] vcan0 speed is unknown, defaulting to 1000
[  276.821800][ T8346] binder: 8344:8346 ioctl c0306201 0 returned -14
[  276.986585][ T8334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xf7f65 pfn:0x77eea
[  276.997990][ T8334] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  276.999946][ T8334] raw: 04fff00000000000 ffffea0001dfb948 ffffea0001dfbac8 0000000000000000
[  277.002197][ T8334] raw: 00000000000f7f65 0000000000000000 00000000ffffffff 0000000000000000
[  277.004439][ T8334] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u))
[  277.007171][ T8334] page_owner tracks the page as freed
[  277.027984][ T8334] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 8329, tgid 8329 (syz-executor), ts 275989667084, free_ts 276984617066
[  277.032678][ T8334]  post_alloc_hook+0x2d1/0x350
[  277.034024][ T8334]  get_page_from_freelist+0x101e/0x3070
[  277.035496][ T8334]  __alloc_pages_noprof+0x223/0x25c0
[  277.036885][ T8334]  alloc_pages_mpol_noprof+0x2c9/0x610
[  277.079627][ T8334]  folio_alloc_mpol_noprof+0x36/0xd0
[  277.087988][ T8334]  vma_alloc_folio_noprof+0xee/0x1b0
[  277.089427][ T8334]  do_wp_page+0x2012/0x4930
[  277.089485][ T8334]  __handle_mm_fault+0x1a93/0x2a10
[  277.089499][ T8334]  handle_mm_fault+0x3fa/0xaa0
[  277.089512][ T8334]  do_user_addr_fault+0x60d/0x13f0
[  277.094757][ T8334]  exc_page_fault+0x5c/0xc0
[  277.094818][ T8334]  asm_exc_page_fault+0x26/0x30
[  277.094839][ T8334] page last free pid 8334 tgid 8329 stack trace:
[  277.094846][ T8334]  free_unref_folios+0x956/0x1310
[  277.094860][ T8334]  folios_put_refs+0x551/0x750
[  277.094873][ T8334]  free_pages_and_swap_cache+0x45f/0x510
[  277.094885][ T8334]  __tlb_batch_free_encoded_pages+0xf9/0x290
[  277.094899][ T8334]  tlb_finish_mmu+0x168/0x7b0
[  277.094912][ T8334]  exit_mmap+0x3df/0xb30
[  277.094923][ T8334]  __mmput+0x12a/0x480
[  277.094933][ T8334]  mmput+0x62/0x70
[  277.094942][ T8334]  do_exit+0x9bf/0x2d70
[  277.094957][ T8334]  do_group_exit+0xd3/0x2a0
[  277.094969][ T8334]  get_signal+0x2658/0x26d0
[  277.094980][ T8334]  arch_do_signal_or_restart+0x90/0x7e0
[  277.094993][ T8334]  syscall_exit_to_user_mode+0x150/0x2a0
[  277.095005][ T8334]  __do_fast_syscall_32+0x80/0x120
[  277.095018][ T8334]  do_fast_syscall_32+0x32/0x80
[  277.095029][ T8334]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  277.096668][ T8334] ------------[ cut here ]------------
[  277.096712][ T8334] kernel BUG at include/linux/mm.h:1444!
[  277.096728][ T8334] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  277.096739][ T8334] CPU: 2 UID: 0 PID: 8334 Comm: syz.3.717 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  277.096750][ T8334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  277.096756][ T8334] RIP: 0010:__iov_iter_get_pages_alloc+0x1d10/0x2230
[  277.138052][ T8334] Code: b0 8b 48 89 df e8 f0 23 4b fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 40 75 05 fd 48 c7 c6 a0 c6 b0 8b 4c 89 e7 e8 d1 23 4b fd 90 <0f> 0b e8 29 75 05 fd 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c
[  277.138066][ T8334] RSP: 0018:ffffc90002aeec70 EFLAGS: 00010293
[  277.138075][ T8334] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  277.138081][ T8334] RDX: ffff888024f90000 RSI: ffffffff84873a3f RDI: ffff888024f90444
[  277.138088][ T8334] RBP: ffffea0001dfbab4 R08: 0000000000000001 R09: fffffbfff2d315bf
[  277.138094][ T8334] R10: ffffffff9698adff R11: ffff88802b728a40 R12: ffffea0001dfba80
[  277.155351][ T8334] R13: ffff88802660b400 R14: 0000000000001000 R15: 0000000000001000
[  277.157956][ T8334] FS:  0000000000000000(0000) GS:ffff88802b600000(0000) knlGS:0000000000000000
[  277.160301][ T8334] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  277.162110][ T8334] CR2: 0000000031cfcff8 CR3: 000000005e162000 CR4: 0000000000352ef0
[  277.164282][ T8334] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  277.166382][ T8334] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  277.168540][ T8334] Call Trace:
[  277.169425][ T8334]  <TASK>
[  277.170207][ T8334]  ? die+0x31/0x80
[  277.171221][ T8334]  ? do_trap+0x232/0x430
[  277.172371][ T8334]  ? __iov_iter_get_pages_alloc+0x1d10/0x2230
[  277.173976][ T8334]  ? __iov_iter_get_pages_alloc+0x1d10/0x2230
[  277.175624][ T8334]  ? do_error_trap+0xf4/0x230
[  277.176906][ T8334]  ? __iov_iter_get_pages_alloc+0x1d10/0x2230
[  277.178940][ T8334]  ? handle_invalid_op+0x34/0x40
[  277.180796][ T8334]  ? __iov_iter_get_pages_alloc+0x1d10/0x2230
[  277.183130][ T8334]  ? exc_invalid_op+0x2e/0x50
[  277.184943][ T8334]  ? asm_exc_invalid_op+0x1a/0x20
[  277.186850][ T8334]  ? __iov_iter_get_pages_alloc+0x1d0f/0x2230
[  277.188560][ T8334]  ? __iov_iter_get_pages_alloc+0x1d10/0x2230
[  277.190169][ T8334]  ? __pfx___iov_iter_get_pages_alloc+0x10/0x10
[  277.191813][ T8334]  ? delete_node+0x207/0x8e0
[  277.193031][ T8334]  iov_iter_get_pages_alloc2+0x53/0xf0
[  277.194473][ T8334]  p9_get_mapped_pages.part.0.constprop.0+0x4ca/0x7d0
[  277.196293][ T8334]  ? p9pdu_vwritef+0x368/0x21d0
[  277.197714][ T8334]  ? __pfx_p9_get_mapped_pages.part.0.constprop.0+0x10/0x10
[  277.199622][ T8334]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  277.200955][ T8334]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  277.202307][ T8334]  ? p9_tag_alloc+0x4cc/0x870
[  277.203547][ T8334]  ? reacquire_held_locks+0x466/0x4c0
[  277.204948][ T8334]  p9_virtio_zc_request+0x1ac/0x1460
[  277.206337][ T8334]  ? p9pdu_writef+0xc4/0x100
[  277.207697][ T8334]  ? __pfx_p9pdu_writef+0x10/0x10
[  277.209110][ T8334]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  277.210578][ T8334]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  277.212106][ T8334]  ? rcu_is_watching+0x12/0xc0
[  277.213368][ T8334]  ? trace_9p_protocol_dump+0x192/0x220
[  277.214811][ T8334]  ? rcu_is_watching+0x12/0xc0
[  277.216056][ T8334]  ? p9_client_prepare_req+0x111/0x4d0
[  277.217534][ T8334]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  277.219060][ T8334]  ? hlock_class+0x4e/0x130
[  277.220250][ T8334]  p9_client_zc_rpc.constprop.0+0x29a/0x880
[  277.221785][ T8334]  ? __pfx_p9_client_zc_rpc.constprop.0+0x10/0x10
[  277.223470][ T8334]  ? hlock_class+0x4e/0x130
[  277.224664][ T8334]  ? mark_lock+0xb5/0xc60
[  277.225804][ T8334]  ? __pfx_mark_lock+0x10/0x10
[  277.227161][ T8334]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  277.228820][ T8334]  p9_client_write+0x447/0x680
[  277.230082][ T8334]  ? __pfx_p9_client_write+0x10/0x10
[  277.231473][ T8334]  ? mark_held_locks+0x9f/0xe0
[  277.232726][ T8334]  v9fs_issue_write+0xe2/0x180
[  277.234002][ T8334]  ? __pfx_v9fs_issue_write+0x10/0x10
[  277.235414][ T8334]  ? rcu_is_watching+0x12/0xc0
[  277.236672][ T8334]  ? trace_netfs_sreq+0x193/0x220
[  277.238048][ T8334]  netfs_do_issue_write+0x92/0x110
[  277.239412][ T8334]  netfs_advance_write+0x164/0xc80
[  277.240761][ T8334]  ? netfs_buffer_append_folio+0x276/0x360
[  277.242334][ T8334]  netfs_write_folio+0xc19/0x1930
[  277.243717][ T8334]  netfs_writepages+0x2ba/0xb90
[  277.245055][ T8334]  ? __pfx_netfs_writepages+0x10/0x10
[  277.246632][ T8334]  ? __pfx___lock_acquire+0x10/0x10
[  277.248078][ T8334]  ? __pfx_netfs_writepages+0x10/0x10
[  277.249515][ T8334]  do_writepages+0x1a3/0x7f0
[  277.250762][ T8334]  ? __pfx_do_writepages+0x10/0x10
[  277.252133][ T8334]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  277.253640][ T8334]  ? do_raw_spin_lock+0x12d/0x2c0
[  277.254981][ T8334]  ? do_raw_spin_unlock+0x172/0x230
[  277.256310][ T8334]  ? _raw_spin_unlock+0x28/0x50
[  277.257686][ T8334]  ? wbc_attach_and_unlock_inode+0x597/0x940
[  277.259283][ T8334]  filemap_fdatawrite_wbc+0x148/0x1c0
[  277.260699][ T8334]  ? hlock_class+0x4e/0x130
[  277.261907][ T8334]  v9fs_mmap_vm_close+0x1ff/0x250
[  277.263260][ T8334]  ? __pfx_v9fs_mmap_vm_close+0x10/0x10
[  277.264717][ T8334]  ? __pfx___might_resched+0x10/0x10
[  277.266117][ T8334]  ? __pfx_v9fs_mmap_vm_close+0x10/0x10
[  277.267611][ T8334]  remove_vma+0xa8/0x1a0
[  277.268740][ T8334]  exit_mmap+0x4e0/0xb30
[  277.269877][ T8334]  ? __pfx_exit_mmap+0x10/0x10
[  277.271153][ T8334]  ? __mutex_lock+0x1a6/0x9c0
[  277.272408][ T8334]  __mmput+0x12a/0x480
[  277.273484][ T8334]  mmput+0x62/0x70
[  277.274485][ T8334]  do_exit+0x9bf/0x2d70
[  277.275595][ T8334]  ? get_signal+0x8fb/0x26d0
[  277.276809][ T8334]  ? __pfx_do_exit+0x10/0x10
[  277.278056][ T8334]  ? do_raw_spin_lock+0x12d/0x2c0
[  277.279393][ T8334]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  277.280795][ T8334]  do_group_exit+0xd3/0x2a0
[  277.281996][ T8334]  get_signal+0x2658/0x26d0
[  277.283219][ T8334]  ? __pfx_get_signal+0x10/0x10
[  277.284510][ T8334]  ? create_new_namespaces+0x59f/0xad0
[  277.285937][ T8334]  arch_do_signal_or_restart+0x90/0x7e0
[  277.287493][ T8334]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  277.289285][ T8334]  syscall_exit_to_user_mode+0x150/0x2a0
[  277.290810][ T8334]  __do_fast_syscall_32+0x80/0x120
[  277.292164][ T8334]  do_fast_syscall_32+0x32/0x80
[  277.293448][ T8334]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  277.295137][ T8334] RIP: 0023:0xf7f75579
[  277.296438][ T8334] Code: Unable to access opcode bytes at 0xf7f7554f.
[  277.298481][ T8334] RSP: 002b:00000000f56d556c EFLAGS: 00000296 ORIG_RAX: 0000000000000136
[  277.300914][ T8334] RAX: fffffffffffffffc RBX: 0000000044000000 RCX: 0000000000000000
[  277.303108][ T8334] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  277.305382][ T8334] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  277.307459][ T8334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  277.309477][ T8334] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  277.311557][ T8334]  </TASK>
[  277.312382][ T8334] Modules linked in:
[  277.313506][    C2] vkms_vblank_simulate: vblank timer overrun
[  277.315706][ T8334] ---[ end trace 0000000000000000 ]---
[  277.332381][ T8334] RIP: 0010:__iov_iter_get_pages_alloc+0x1d10/0x2230
[  277.332423][ T8334] Code: b0 8b 48 89 df e8 f0 23 4b fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 40 75 05 fd 48 c7 c6 a0 c6 b0 8b 4c 89 e7 e8 d1 23 4b fd 90 <0f> 0b e8 29 75 05 fd 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c
[  277.332440][ T8334] RSP: 0018:ffffc90002aeec70 EFLAGS: 00010293
[  277.332459][ T8334] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  277.332470][ T8334] RDX: ffff888024f90000 RSI: ffffffff84873a3f RDI: ffff888024f90444
[  277.332483][ T8334] RBP: ffffea0001dfbab4 R08: 0000000000000001 R09: fffffbfff2d315bf
[  277.332495][ T8334] R10: ffffffff9698adff R11: ffff88802b728a40 R12: ffffea0001dfba80
[  277.332507][ T8334] R13: ffff88802660b400 R14: 0000000000001000 R15: 0000000000001000
[  277.332518][ T8334] FS:  0000000000000000(0000) GS:ffff88802b600000(0000) knlGS:0000000000000000
[  277.332549][ T8334] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  277.332564][ T8334] CR2: 00000000f5745ffc CR3: 000000002a62e000 CR4: 0000000000352ef0
[  277.332575][ T8334] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  277.332586][ T8334] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  277.332599][ T8334] Kernel panic - not syncing: Fatal exception
[  277.333250][ T8334] Kernel Offset: disabled

VM DIAGNOSIS:
13:21:44  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88802b644cc0 RCX=ffffffff81809cec RDX=ffff88801e46a440
RSI=ffffffff81809cc6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90000aaf9a0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=ffffed10056c8999 R13=0000000000000001 R14=ffff88802b644cc8 R15=ffff88802b440100
RIP=ffffffff81809cc8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000031ef1ff8 CR3=000000000db7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000016400000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000d1a8b4 RBX=0000000000000001 RCX=ffffffff8b12f739 RDX=ffffed10056a7026
RSI=ffffffff8bb11fe0 RDI=ffffffff8164098c RBP=ffffed10036e9910 RSP=ffffc90000477e08
R8 =0000000000000000 R9 =ffffed10056a7025 R10=ffff88802b53812b R11=0000000000000001
R12=0000000000000001 R13=ffff88801b74c880 R14=ffffffff901cc608 R15=0000000000000000
RIP=ffffffff8b130b1f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5683ffc CR3=000000005bbb8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000010800000000 0000000300000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000014000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85035a15 RDI=ffffffff9a63a260 RBP=ffffffff9a63a220 RSP=ffffc90002aee580
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552032203a555043
R12=0000000000000000 R13=000000000000002d R14=ffffffff850359b0 R15=0000000000000000
RIP=ffffffff85035a3f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000031cfcff8 CR3=000000005e162000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000016400000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffffc90000e2fc78 RCX=1ffff920001c5f0e RDX=ffff88801f544880
RSI=ffffffff81c8420a RDI=ffff88801acb4048 RBP=0000000000000000 RSP=ffffc90000e2f810
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffff88801acb4048 R13=ffff88801acb4048 R14=0000000000000000 R15=ffffc90000e2fcc0
RIP=ffffffff818cafd6 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020ff7000 CR3=000000005bbbc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c400000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000