last executing test programs:

6.116827138s ago: executing program 3 (id=436):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4040001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f0000000280)={{0x5}, 'syz1\x00', 0x10})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff000000000008000000000000", @ANYRES32=0x0, @ANYBLOB="00f7ffffff1e00ff130012800b00010062617461647600000400028008000a00", @ANYRES32], 0x3c}}, 0x0)
ioctl$UI_DEV_CREATE(r4, 0x5501)
ioctl$UI_DEV_DESTROY(r4, 0x5502)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a580000afe48000060a09040000000000000000020000002c000480280001800a00010072616e676500004000000000040003800900010073797a30000000000900020073797a32000000001400000011000100000000fcff0000000000000a00"/131], 0x80}}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000030000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0x0, 0x10, 0x38, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000440)={&(0x7f0000000640)="008ba4026138c95a77702660e19b133bfedf8a271b4ad23f2eb8947da7ee3404ea6ade7b0f1b3f46fa52a8f3472b5796b7f7905b9138aec4bd45b74f59804a11a53c3cab209986c2a7d6656827383da29c2dd36b89e35cb527068e0e5955fd6ce4fc6a3100bb3e069cc786edc9ee9defaecac60d683fbd0266487c201b41dd71598d474cd2603d4c8902c2e3da0d16864520815ef855f5e199c154ac130a84fc9f31ce794e632cb7cb735c656e53c56369b8080b8624e72120a67262b2028d33cfbcc26ba8fd7884bf849bfb7fbc202e8a1172743eb7ea299099ea769cecd5c65f850c727c3f10f4", &(0x7f00000004c0)=""/72, &(0x7f0000000740)="effc933fe97c092030ca0851ca0cc117e36a7e03595e3af0c20ebb7e88059987afe046f064cfa53bb46c81b7863201e3f94db67db895893f0f", &(0x7f00000007c0)="df74c55f844757ee72779411b6043dd1c270b9048ad1f690a1dd3174496dc63d4f16ba8ef113afbf4139d33458e94867b75fd01544123aeb56aa0f50817c7bb7eef34c440e32c12df88697d1ffa6fe1a918b750f3768ac90aaa83e573281748a56722a4805f9", 0x1, 0xffffffffffffffff, 0x4}, 0x38)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)

5.812987502s ago: executing program 2 (id=437):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_clone(0x21202100, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r2 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x900, 0x11)
fsetxattr$trusted_overlay_upper(r2, &(0x7f0000000100), 0x0, 0x0, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/pid_for_children\x00')
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r6, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfe, 0x1}, 0xc)
r7 = socket$inet6(0xa, 0x80003, 0x6)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r2)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r2, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0x84, r8, 0x4, 0x70bd26, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffffff9}}]}, 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
connect$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in6=@mcast1, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe4)
sendmmsg(r7, &(0x7f0000000480), 0x2e9, 0x0)

5.492337735s ago: executing program 0 (id=438):
bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x0, @local}, 0x2}}, 0x26)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2}}, 0x2e)
r3 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x80000)
ioctl$BLKDISCARDZEROES(r3, 0x127c, &(0x7f0000000040))
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

5.429478459s ago: executing program 0 (id=439):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
r1 = socket$inet6(0xa, 0x1, 0x84)
bind$inet6(r1, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
shutdown(r1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4, 0x0, 0x700}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
sendto$inet6(r1, &(0x7f0000000100)="bc", 0x1, 0x4, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @loopback, 0x1}, 0x1c)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
r4 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000"], 0x18}, 0x0)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x400}}, 0x24)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x10, 0x110, 0x1}], 0x10, 0xe000}, 0x5}], 0x1, 0x0)
close(r1)
writev(r0, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9)
r5 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
r7 = eventfd(0xffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000080000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$VHOST_SET_LOG_FD(r6, 0x4004af07, &(0x7f0000000240)=r7)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000080)=0x2, 0x4)
ioctl$VHOST_SET_VRING_KICK(r6, 0x4008af20, &(0x7f0000000040)={0x1, r7})
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f00000004c0)=""/72, 0x0, 0xeeef0000})
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/237, &(0x7f00000000c0)=""/84, &(0x7f0000000480)=""/58, 0xf000})
ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f0000000e00)={0x2, 0x0, [{0x11119001, 0x24, &(0x7f0000000bc0)=""/36}, {0x1000, 0x3, &(0x7f0000000c00)=""/3}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r6, 0x4004af61, &(0x7f0000000000)=0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

5.262601848s ago: executing program 0 (id=440):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0xf0b, 0x3, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff3, 0xfff2}, {0x2, 0x1}, {0xfff3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_TARGET={0x8, 0x8, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44045}, 0xc090)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
sendmsg$inet(r1, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x4000080)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r2 = openat$vimc0(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x30, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe3000/0x18000)=nil, &(0x7f00000003c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f00000007c0)={0x1f, 0x0, @any, 0x4}, 0xe)
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r6, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
timerfd_create(0x0, 0x100000)

5.102027533s ago: executing program 0 (id=441):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000001000030400000000fedbdf2100007400", @ANYRES32=0x0, @ANYBLOB="0008000000000000280012800b0001006272696467650000180002800c00210000000000000000000500260000000000"], 0x48}, 0x1, 0x0, 0x0, 0x24008000}, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x11, &(0x7f00000000c0)=0xfffffffe, 0x4)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x14, 0x0, 0x1, 0x2, 0x25dfdbf8, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000001)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000080)=@req={0x9, 0xfffffffd, 0x7, 0x1}, 0x10)
ioctl$F2FS_IOC_SEC_TRIM_FILE(r1, 0x4018f514, &(0x7f0000000000)={0x3, 0x5, 0x2})

5.029732474s ago: executing program 0 (id=442):
r0 = socket(0x80000000000000a, 0xa, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x101402)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, 0x0, &(0x7f00000000c0))
ioctl$FBIOGET_FSCREENINFO(0xffffffffffffffff, 0x4602, &(0x7f0000000100))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x52, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, 0x0)
r3 = socket(0x2, 0x2, 0x0)
setsockopt$inet_int(r3, 0x0, 0xb, &(0x7f00000000c0)=0x1002, 0x4)
sendto$inet(r3, 0x0, 0x0, 0x800, &(0x7f0000000380)={0x2, 0x4e24, @local}, 0x10)
sendto$inet(r3, 0x0, 0xffe5, 0x0, &(0x7f0000000000)={0x2, 0x4e20}, 0x10)
recvmsg(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x12160)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=@getqdisc={0x24, 0x26, 0x2, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0xffff, 0xfff2}, {0xd, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000005"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
r7 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000201b4510fc0428155d6d01020301090212000100000000090401"], 0x0)
r8 = io_uring_setup(0x25f5, &(0x7f0000000580)={0x0, 0xc859, 0x2, 0x0, 0x257})
io_uring_register$IORING_REGISTER_IOWQ_AFF(r8, 0x11, &(0x7f0000000a40)="b1", 0x1)
syz_usb_control_io$printer(r7, 0x0, 0x0)

4.926573358s ago: executing program 2 (id=443):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x3, 0xc3)
ioctl$sock_TIOCINQ(r1, 0x541b, &(0x7f0000000c40))
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]}) (fail_nth: 14)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r3, &(0x7f00000002c0)='./file1\x00', 0x6000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r3, &(0x7f0000000100)='./file1\x00', r3, &(0x7f0000000240)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x4, 0x7fe, 0x0, &(0x7f0000000040)=0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, 0x0)
preadv(r4, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0xc002a0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000640)={0xe8, 0x0, &(0x7f0000000540)=[@acquire={0x40046305, 0x1}, @transaction={0x40406300, {0x2, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat=@weak_handle={0x77682a85, 0x101, 0x3}, @fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, &(0x7f00000000c0)=""/191, 0xbf, 0x2, 0x2f}}, &(0x7f0000000040)={0x0, 0x18, 0x30}}}, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000400)={@fda={0x66646185, 0x8, 0x0, 0x29}, @fda={0x66646185, 0xa, 0x1, 0x34}, @ptr={0x70742a85, 0x1, &(0x7f0000000240)=""/43, 0x2b, 0x2, 0x38}}, &(0x7f0000000280)={0x0, 0x1c, 0x38}}}, @acquire, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000480)={@flat=@handle={0x73682a85, 0x1182016943993805, 0x3}, @flat=@binder={0x73622a85, 0xb, 0x1}, @flat=@handle={0x73682a85, 0x1}}, &(0x7f0000000500)={0x0, 0x18, 0x30}}}, @exit_looper, @release={0x40046306, 0x3}], 0x0, 0x0, 0x0})

4.333024442s ago: executing program 3 (id=444):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000340)={'pim6reg\x00', 0x2})
setsockopt$MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f0000000000)={0x4, 0x1, 0x4}, 0xc)
syz_emit_ethernet(0x56, &(0x7f0000000300)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa00000d010004a016008000f8b50d307d74af3707da9707f653e8130f40ace5733a33dc5af03aa1939e28153eb8282b1da382161fd80ff92d02bc041fa11b1dd4586f5daecbaaf8b332233f7aa2c5bc733749dcc206807bc7541a9eadead3d75963e65fdd1684bb7010572ce1cb86f56fe169633c8b36ef8ae8a40981ab4def06973b5e47a3efa726c73fa4622475fa701ee2214552246ad513c9bd95c9a475fa99d56530fb0d86ecfaee0a470b22516b327094453ffea69af5d4d019a4c38915f09a36854762c8b35aeaa8cc9108eb2a44f0443657133bceedb9875e2c827fcea089bf7279a01ad163b375ab5ed8d24b24c8612202000103bcf675bc81842d"], 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040f610100039108"], 0x7)
shmctl$SHM_INFO(0x0, 0xe, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x0)
openat$userio(0xffffffffffffff9c, &(0x7f00000001c0), 0xa00, 0x0)
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x10000}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x11}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x5c}}, 0x4004804)
ioctl$BLKTRACESTART(r3, 0x1274, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000740)={'#! ', './file0', [], 0xa, "feb8283e0671202ee85e438a7870d7cd6f1026a6ad3e8b8d19d597434180c37464df070ebc3e2b9c8f1de4167699ad595f591fa29c520c7279a189099ec925d4ecf1a0d26292f3c91f321a0668c903bcc73bab77cc96ba79e0647bf3184095f5331bc4e1c0d520710248ec6c5c7cbbadab58857c6aa7ad18ce2ea76c2cfda88054687a182417ea0dd2e40d44bf17fd04ee887b0603f17f8829"}, 0xa4)
r5 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "00009200000000000000000000000058b200"})
epoll_create(0x8)

4.029365819s ago: executing program 2 (id=445):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
r1 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, r0)
setpgid(0x0, r1)
ptrace$peeksig(0x4209, r1, &(0x7f0000000040)={0x93b, 0x1}, &(0x7f0000000500))
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000040)={0x26, 0x1, 0x0, "27425b895f17386bcec1d8665c0084feea0be6b8a80052d063e6179d13f019e3"})
bind$bt_sco(r2, &(0x7f0000000000), 0x8)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000003c0))
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
syz_open_dev$dri(0x0, 0x0, 0x0)
r6 = fsopen(&(0x7f0000000000)='udf\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@bloom_filter={0x1e, 0x3, 0x0, 0xe, 0x60a00, 0xffffffffffffffff, 0xfffffff8, '\x00', 0x0, r4, 0x4, 0x5, 0x4, 0x7}, 0x50)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, 0x6e)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xe, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x1}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0xd, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xaa9a}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1e}}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r8, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76ea090000000000009ba56a88ca", 0x0, 0x6400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.214010684s ago: executing program 2 (id=449):
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x404000c}, 0x40000)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x100000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_SIOCINQ(r3, 0x541b, &(0x7f0000000180))
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="180000001800ff0f0000000000e0ff00850000086d0000008591d87c278f533c3a3f3c8f1e5ffa4cb6846e"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x2}, 0x94)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
lsetxattr$security_ima(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100), &(0x7f0000000380)=@v2={0x3, 0x2, 0xfe, 0xe79f, 0x2, 'JE'}, 0xb, 0x1)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x1, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x9, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x0, 0x202, 0x2, 0xc})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000131d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r8, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)

2.217883014s ago: executing program 3 (id=451):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000040)='./file1\x00', &(0x7f0000000140)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
r1 = openat$procfs(0xffffff9c, &(0x7f0000000140)='/proc/sysvipc/sem\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000040)={0x3, 0x8, 0x3, 0x3, 0x10001})
r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x8341, 0x0)
write$nbd(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x40)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x0, 0x0})
getrlimit(0x7, &(0x7f0000000180))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008"], 0x7c}}, 0x0)
r6 = syz_open_dev$sg(0x0, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
fstat(r7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
statx(r1, &(0x7f0000000480)='./file0\x00', 0x6000, 0x7ff, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
r10 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r10, &(0x7f0000000080)=0x3, 0x12)
setsockopt$packet_rx_ring(r10, 0x107, 0x5, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000001380)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000001c0)="99e117f769066baed53897c397e8e9c151570f1187b2f49f5f53480acde061ac884ce211eb5362b94a236016cb26a33412", 0x31}, {&(0x7f0000000280)="2e2493ddfbf7d519f53eb4a0b9dc7b2afa28d5041035b4f8b45a539de352f2582bda87dbfa7673bdbe16cb618b439b9d8c1ca369ad646d6fef9181dff81d02", 0x3f}], 0x2, &(0x7f0000000680)=[@cred={{0x18, 0x1, 0x2, {0x0, r8, r9}}}], 0x18, 0x24040000}}, {{&(0x7f00000006c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000740)="d6b4f2553b343079b5e055acdeff9749fbf009a682ab854a16caaecbc7524ade09b8acc86706f3f268ab82cf429d322805a240b37ec31004526142aa124b861a482e6ef9276c481801c421adc3cf37ddada9d47b0cbb3e783fdd3aef2b195694e1f77adef0d433cf", 0x68}, {&(0x7f00000007c0)="da7ebdce0e81580711a94686e127dfd51eec52d4321b1859a8f9f18beefb5bc3a298ca73d3c5306e9507b79a3b9b69f58f6663ba4898f67788a339d2d4147173d6268da9fe0c3e1fc1186b8d376286504d369d008e8b682e0a7035d3af97949d24277aef07329039afac744ae0849c2c72", 0x71}, {&(0x7f0000000880)="4012f8219f3dc17d54ab7cf53bb8ae25d06e4ce6be0f38b7f906f704e9e9302044c135b3118842539d4c30edc92cae203046dd13df0e05f1fd93511b9b699a7882766862d18de81d5e9fe21c87c145244a1f18b2fcffd72091eff895b1a0be5a0c25bd38981eaf68392c611195c86303463a72a03d8f3241c01b6f472b2cca9125617464173d4e6b6d287991f44089023df380660e9abe15102e810ee9fd8f29b0127753602d72b77a09f6cc88f2be820854af", 0xb3}, {&(0x7f0000000940)="db4d40526bd4294abf133219787863e71946c3e74b077abac67392bc578e53c9dc06e62267b2054a2087fa031438b7571f2ef03f017a485f72059fc11c26beca887093ea87f64f0202cb01a903f76dc23fac6cc838c9ff25489d61a580681131bea07671ada03b6ca50190b4c022318caaa6621befd3be3fc61d174583f6b9e1e61d1ec4867374dec0b0f3993b3396a8fa6b3f94d091d9a090069993bfcbe7cc0c365994872bbb94d4b94b193cd1ae42901d5c9f29b26329b82b15d3a10ef302aa0427bc42525fd03139b7388faed56e08e72116c84d47c375c6812f07f70f9d88", 0xe1}, {&(0x7f0000000a40)="f340e33f1e92bae9bce86d018c26c193fdc4ab1b2695cbf0c5f616", 0x1b}, {&(0x7f0000000bc0)="19bdb309170e0d06b1764dd78988fadc1161002ea460286dbd07948534a1605824fed67720d04ea76b0c9a476286995d0c58fce56fd358a2df0214bd7e3e38470dc55eedcd1c918e1ef86a16184ab883cc568c1fc1c3d5c7fb6f3f0baf07fddb1561579f2db96ee093d92d24a1e306d312e947d32ee56bb13faf76d88dbfc40d2cb3692670bfce5285464ff42b8c907eb2bbe9aeee64e5f3402d48e8a8e0897f076b07da370d54d11892b55e09", 0xad}, {&(0x7f0000000cc0)="ec4a87b2973556475157aa0c7e0ef06180954b6ebcda60067a723164b7e13bf73cea91d984f8bbe60417377b01296369b1d29bb8e744221d16ba29ae646a7632ba88295e14c5da6bf17ace49d17b11534023168b66bbc9baf880a82b5a6ff24dce326bacc3820ccd809d8fcbb8aad28b9beb73a9e2219caa8b8d67e6e3fefd08b4565575ebf1f5b2510492e6e08b9e9ae2cd15aaf8f397f8d6382bb66a80d708e174e8a2f3c94ec1c26169d159f42d009dea6780ee7eeaecf5799b4d1e4f6c65b553e82d30adedb44d2e2eb185e2c56d14a26d0ebeb4fd236839b239b0f02fe79c4425b6aae88df54740350600", 0xed}], 0x7, 0x0, 0x0, 0x40}}, {{0x0, 0x0, &(0x7f0000000dc0), 0x0, &(0x7f0000000e00)=[@rights={{0x24, 0x1, 0x1, [r3, r2, r5, r3, r1, r10]}}, @rights={{0x24, 0x1, 0x1, [r6, r6, r2, r6, r4, 0xffffffffffffffff]}}], 0x48, 0x4004000}}, {{&(0x7f0000000e80)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000001340), 0x0, 0x0, 0x0, 0x40000}}], 0x4, 0x0)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'dt2814\x00', [0x4f27, 0x5, 0x10000, 0x4, 0x5, 0x6, 0x8, 0x7, 0xa, 0x100, 0x2, 0x4, 0x1, 0x1, 0x6, 0x101, 0x0, 0x1a449, 0x3, 0x3, 0x81, 0xcaa7, 0x0, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]})
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)

2.169301773s ago: executing program 1 (id=452):
syz_open_dev$MSR(0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff12, 0x1, 0x0, &(0x7f0000000300)='=', 0x2, 0x0, 0x400}, 0x4c)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42000, 0xf8)
lseek(r1, 0x9, 0x0)
getdents(r1, &(0x7f0000000780)=""/153, 0x99)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x4)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000740)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
io_submit(0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff, 0x3c, 0x0, @void}, 0x10)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000600), 0x4)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="00000000020000720010000000005aa59dfd27d0289f963b47db72e9"], 0x50)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000012c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000cfb2"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="180800000000000b000000000000000018117c00", @ANYRES32=r6, @ANYBLOB="0000000000000000b70200001c000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b702000004000000632af8ff00000000b509000000000000c3aaf8fff1000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffc40200000800000018220000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7c, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
syz_emit_ethernet(0x2c2, &(0x7f0000000f80)=ANY=[@ANYBLOB="0180c2000000bbbbbbbbbbbb86dd66812c12028c060020010000000000000000000000000002fc0200000000000000000000000000002f02020300000000ff0200000000000000000000000000012f1004088124040000000000000000000000000000000001fc020000000000000000000000000000fe880000000000000000000000000101ff020000000000000000000000000001fe80000000000000000000000000003afe880000000000000000000000000001fe800000000000000000000000000043fc010000000000000000000000000000081a00000000000005020035c204000088960107000000000000000401050c7447e300aebf49fc50fa10519c75cbf8ae46b9830a61dd7a40cd24595cf00c2ff752f8ea7d9b57d4082fba578d506d2c0afcc7a0cf837c7311d0773640c7f953eb40298ba223a425e81fe9cee2e0a48abe40e74ffb43c7eb13fa8b0d0ef985f7d29c41b5a9c03e946aad49e3cd1f95d3c902a6d74ac91000000000000000000000000000000001071000000002020703000200000000000000000100c910fe880000000000000000000000000001c910fe880000000000000000000000000001003c0100000000000004010204013c0401080401fa00000000000a00000000000005020001081d57be258c3ed8f6be8e4d27c2c20b713a5de2f46dc08a0d5bcbb2b6e63f05020009010a00000000000000000000000100c20400000100c910fc010000000000000000000000000000040105000000000000003305000000000000c91000000000000000000000ffffac1e00010104000000000401130106000000000000010400000000010200000100003c000400bb10ff033306000200000000ff010000000000000000000000000001fe880000000000000000000000000001fc0100000000000000000000000000010000000000000000000000000000000100004e2100004e20000000009dc5ed773c3dc1dbe135edcbc2d1ef96db2f97c41a8b877a1a6758690d643ba980e7f225f351038c0ee20d42010c2e8bc6472aaf35f0d5e117857f6919317420b40155680945f2436c6f6278921e370562b13f6cbdf97c7e6f36d4e6d5556167"], 0x0)
r7 = syz_open_dev$video(&(0x7f0000000380), 0xfc, 0x26444)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r7, 0x4020565a, &(0x7f0000000540)={0x0, 0x3, 0x2})

2.0019002s ago: executing program 2 (id=453):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x3, 0xc3)
ioctl$sock_TIOCINQ(r1, 0x541b, &(0x7f0000000c40))
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]}) (fail_nth: 15)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r3, &(0x7f00000002c0)='./file1\x00', 0x6000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r3, &(0x7f0000000100)='./file1\x00', r3, &(0x7f0000000240)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x4, 0x7fe, 0x0, &(0x7f0000000040)=0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, 0x0)
preadv(r4, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0xc002a0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000640)={0xe8, 0x0, &(0x7f0000000540)=[@acquire={0x40046305, 0x1}, @transaction={0x40406300, {0x2, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat=@weak_handle={0x77682a85, 0x101, 0x3}, @fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, &(0x7f00000000c0)=""/191, 0xbf, 0x2, 0x2f}}, &(0x7f0000000040)={0x0, 0x18, 0x30}}}, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000400)={@fda={0x66646185, 0x8, 0x0, 0x29}, @fda={0x66646185, 0xa, 0x1, 0x34}, @ptr={0x70742a85, 0x1, &(0x7f0000000240)=""/43, 0x2b, 0x2, 0x38}}, &(0x7f0000000280)={0x0, 0x1c, 0x38}}}, @acquire, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000480)={@flat=@handle={0x73682a85, 0x1182016943993805, 0x3}, @flat=@binder={0x73622a85, 0xb, 0x1}, @flat=@handle={0x73682a85, 0x1}}, &(0x7f0000000500)={0x0, 0x18, 0x30}}}, @exit_looper, @release={0x40046306, 0x3}], 0x0, 0x0, 0x0})

1.957270428s ago: executing program 0 (id=454):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
io_getevents(0x0, 0x9, 0x0, 0x0, 0x0)
read$char_usb(r2, &(0x7f0000000000)=""/188, 0xbc)
read$char_usb(r2, &(0x7f0000000100)=""/67, 0x43)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DREG={0x8}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x83}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x5}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x8c}}, 0x0)
syz_usb_disconnect(r1)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$media(0x0, 0x0, 0x101d01)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r4 = syz_io_uring_setup(0xd6, &(0x7f0000000480)={0x0, 0xc609, 0x100, 0x3, 0xffffffff}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000080)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x47bd, 0x0, 0x0, 0x0, 0x0)

1.661189062s ago: executing program 2 (id=455):
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_setup(0x57a0, &(0x7f0000000080)={0x0, 0xd498, 0x40, 0x1, 0x348}, &(0x7f0000000100), &(0x7f0000000140))
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$ARPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x20000002)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000640)={'#! ', './file0', [{}, {0x20, 'rp\xee\xff\xe4'}], 0xa, "7bad65c4da5338577feb172ca63250224c76e2027f000000000000007e2ac7fe2e31a2e87e3ee43ed92dfbb6bc0700de24db4ec870b8000000000000002c65e7495fe9afeb28bb60e91e23e104f6dbbf40e1fc2ab1a77fd9f6414e438f03"}, 0x70)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x4})
write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="03040000b500000001008aea0000feff"], 0xc8)
syz_usb_connect$cdc_ncm(0x4, 0xa0, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x8e, 0x2, 0x1, 0x6, 0x0, 0xf5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x400}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x4e, 0x663, 0x8}, {0x6, 0x24, 0x1a, 0x3, 0x1a}, [@mdlm={0x15, 0x24, 0x12, 0x6}, @mbim={0xc, 0x24, 0x1b, 0x3, 0x3, 0x81, 0x3, 0x1, 0x7}, @mbim={0xc, 0x24, 0x1b, 0x6, 0x7, 0x8, 0xd, 0x5, 0x7f}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0x8}]}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xdc, 0x1, 0xf}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x20, 0x3, 0x7}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x0, 0x2, 0x10}}}}}}}]}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x94, 0x30, 0x1, 0x10003, 0x25dfdbfb, {}, [{0x80, 0x1, [@m_ct={0x34, 0x11, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @loopback}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xfffffe8d}, {0xc}}}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x804}, 0x0)

1.117131142s ago: executing program 3 (id=456):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f00000002c0)={0x0, 0x1000000, 0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="4400000010000104fcfffffffcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0315000000000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r1, @ANYBLOB="0827f02ef22673bd1d611be9d1686c9403f0f195ec95fb53dab423142c2e55187aeb908eab822e84c9bf2c0b0b3dcd42718c9589be9adbbce6acb06ec02b357cd1cdafbbaab312bdb3b74afa54d36aa79246598ba1c15707edb4a6e344204947eb50c220131987084536cea98bac65f000f1ce9b2e7454e643994089bd0c76878aabdbd7929c9443ce19d0411cd21ee8be25b3f568197e9a44da21008cbf66ec3b3afa80244de3", @ANYRES32=r1, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x24000891}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
ioctl$FICLONERANGE(r2, 0x4020940d, &(0x7f0000000000)={{}, 0x0, 0xe00000000000000, 0xd})

1.079760851s ago: executing program 3 (id=457):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f0000000480)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000240)={0x1e4, 0x0, 0x2, 0x70bd2a, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0xac, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3926d983}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x81}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x907}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8000}]}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffeff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x80000001}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_NODE={0x8}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x6}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffeffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xb4}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3ff}]}, @TIPC_NLA_MEDIA={0xf0, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff1eb3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7f}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6}]}]}, 0x1e4}, 0x1, 0x0, 0x0, 0x1}, 0x24000040)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_emit_ethernet(0x1b3, &(0x7f0000000180)=ANY=[@ANYBLOB="0180c2000003aaaaaaaaaabb0800478a01a5006700000a119078ac1e0001ac141433940400008313dee0000002ac1414bbe0000002e0000002"], 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="7a0af8ff75253073bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000023000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f81d9217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651ddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000098045f785a1292fcb8c1d3079a00db453620ce72d75946c2b638d91dbef661935839c77edf2d34b12cd48a1b20fb7dd8430a19f2c50d77bc0ea9b0af58e604f4942eb613eff28902010045ef76d7d864409ef2dc9518a09f4886afc26abba34635d0e8b598a51bc7421d33fe226c944bc76be40d435aa8b5208ff0df2db7619a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d8b815fedb0d982936156be34dda66fb977aef7c9cb92428ef25d9bf665bd60020500000000000000abe4cb8d826e1ec03cc492f5cad6227c94fea467aea7fa8b58abc37056433edf43fba5566a3e02200b95941d34ac81fd48f9b7314ffa730017f3d37fdb23bc26992529402a520ef67e246415a697a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f000000000080c4adf75a0a108585e9b2000000000000000000000074054d643c2b5692d8304a23eaf9153c457ae5bbe49b3c164461470a452bd357fa62341c759dc21b45a06ec414cadf9695d030012acad582e3fe75e61ae908347e4d6d089b"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r4 = socket$kcm(0x10, 0x2, 0x4)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r3, 0x4)
sendmsg$kcm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="39000000140081ae50003c00fbff008311001f9f660fcf065c05acb612f691f3bd3508abca1be6eeb89c44ebb37358582bb8b7d553b4e92155", 0x39}], 0x1}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000010030000000ffdbdf2500000000", @ANYRES32=r7, @ANYBLOB="0000000000100000240012800b0001006d616373656300001400028005000f"], 0x44}}, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x18, &(0x7f00000000c0)=0x3, 0x4)
r8 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r8, &(0x7f00000001c0), 0x12)
r9 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000018002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000f00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
read$hiddev(r10, &(0x7f0000000100)=""/100, 0x64)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)

1.070478715s ago: executing program 1 (id=458):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10)
r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000140), 0x80401, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000040)={0x1, 0x6}, 0x2)
write$USERIO_CMD_REGISTER(r1, &(0x7f00000001c0), 0x2)
write$USERIO_CMD_SEND_INTERRUPT(r1, &(0x7f00000000c0)={0x2, 0xfa}, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x110, r1, 0x0)
socket$kcm(0xa, 0x3, 0x87)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="f0000000100013000000000000000000000025870a2c00000000ffffe00000020aefa112c5fc0101020000000000000000000000004e2314"], 0xf0}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r3 = socket$kcm(0x2, 0xa, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x503, 0x70bd28, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x15615, 0xef}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x89}, @IFLA_IPTUN_ENCAP_DPORT={0x6, 0x12, 0x4e22}]}}}]}, 0x40}}, 0x28048810)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
write$tun(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003088700fe88a43de1a400000000000000007d01ff020000000000000000000000000001"], 0xfdef)
msync(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x6)
write$USERIO_CMD_SEND_INTERRUPT(r1, &(0x7f0000000100)={0x2, 0x63}, 0x2)
fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000000), &(0x7f0000000200)={0x0, 0xfb, 0x88, 0x0, 0x1, "1ac288f941cd7fb4f588b41ee058d201", "b83b5cc83d4f3065afc06fe223978c3e56c0ad6f8e1a57ce20fe7cc09fe1215ba28990712ea0ed2f41a8cee2c421b7e0325a663ea258d66d722e182e58d454e07ed91e8f1e5170be00e085d6080b55595a8affc46b026d8e72e6a152dde4e78028471279c7f05fabb96e63faf3b3f8c164d576"}, 0x88, 0x0)
mount(&(0x7f0000000140)=@loop={'/dev/loop', 0x0}, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x2209006, 0x0)

1.030704432s ago: executing program 3 (id=459):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000340)={'pim6reg\x00', 0x2})
setsockopt$MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f0000000000)={0x4, 0x1, 0x4}, 0xc)
syz_emit_ethernet(0x56, &(0x7f0000000300)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa00000d010004a016008000f8b50d307d74af3707da9707f653e8130f40ace5733a33dc5af03aa1939e28153eb8282b1da382161fd80ff92d02bc041fa11b1dd4586f5daecbaaf8b332233f7aa2c5bc733749dcc206807bc7541a9eadead3d75963e65fdd1684bb7010572ce1cb86f56fe169633c8b36ef8ae8a40981ab4def06973b5e47a3efa726c73fa4622475fa701ee2214552246ad513c9bd95c9a475fa99d56530fb0d86ecfaee0a470b22516b327094453ffea69af5d4d019a4c38915f09a36854762c8b35aeaa8cc9108eb2a44f0443657133bceedb9875e2c827fcea089bf7279a01ad163b375ab5ed8d24b24c8612202000103bcf675bc81842d"], 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040f610100039108"], 0x7)
shmctl$SHM_INFO(0x0, 0xe, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x0)
openat$userio(0xffffffffffffff9c, &(0x7f00000001c0), 0xa00, 0x0)
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x10000}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x11}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x5c}}, 0x4004804)
ioctl$BLKTRACESTART(r3, 0x1274, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000740)={'#! ', './file0', [], 0xa, "feb8283e0671202ee85e438a7870d7cd6f1026a6ad3e8b8d19d597434180c37464df070ebc3e2b9c8f1de4167699ad595f591fa29c520c7279a189099ec925d4ecf1a0d26292f3c91f321a0668c903bcc73bab77cc96ba79e0647bf3184095f5331bc4e1c0d520710248ec6c5c7cbbadab58857c6aa7ad18ce2ea76c2cfda88054687a182417ea0dd2e40d44bf17fd04ee887b0603f17f8829"}, 0xa4)
r5 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x121301, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "00009200000000000000000000000058b200"})
epoll_create(0x8)

878.87843ms ago: executing program 1 (id=460):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000a40)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB='/'], 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000340)={@cgroup=r0, r0, 0x2f, 0x4, 0x4, @void, @value=r0}, 0x20)

878.103752ms ago: executing program 1 (id=461):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x0, 0x48)
open_by_handle_at(r0, &(0x7f0000000440)=ANY=[@ANYBLOB='1\x00\x00\x00'], 0x755c00)

818.739392ms ago: executing program 1 (id=462):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000800)={0x24, r1, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
sendto$inet(r2, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f00000000c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

0s ago: executing program 1 (id=463):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='4', @ANYRES16=r2, @ANYBLOB="010026bd7000ffdbdf25010700000000000001410000001800170000001d000869623a"], 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x20020c0) (async)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x181440, 0x0)
ioctl$FIONREAD(r3, 0x541b, 0x0) (async)
r4 = gettid() (async)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) (async)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf) (async)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$TCFLSH(r7, 0x400455c8, 0x2) (async)
ioctl$TIOCSETD(r7, 0x5412, &(0x7f0000000140)=0xffffffc0)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000040)=0xfc) (async)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000280)=0x4) (async)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000180)=0x98) (async)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000380)=0xff)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f00000002c0)=0xff) (async)
connect$inet(r5, &(0x7f0000000480)={0x2, 0xffff, @multicast2}, 0x10) (async)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x60) (async)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) (async)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000480)='\xf5\xfc\xd2\xec]\x95zx8*\xa2d\x11\xb5\xb1\x01\x00\x00\x00\xe49{\x8a{\x81s\xea$\xdfg\xb1\x03DY!\x97\xadM\xd7\xff\x8a\xcd[>\x12e\xc3]d8\xba\x8ec\x00\x00\x00\x00\x00\x00\x00\xa0\xe2\xd5y\xec\x90\x00\x98Y\x91\x19\x16\x89\xd0\x1a\xad\xcd\xd6\xd0\xc6\xb9\xeb\x95\xd3\x9cl\x9cu#\xb4\xee\xe5\x9d\t\fV\xd4\xda\xfc`2?\x15P\xba\x14b\x1c\xcc\xd5\xb9jA$s\xb9g3\x15[\xc7\xec\xa9;\xee\x01\xc9\xc4\x1f\xc3\xe4\xfa\xd3fU\x0e\x86\xc8\xa7\xaf\xaf\x04P\xa3\x8bb\xbf\\\xdb\x83\x00\x96sy\x14\x1eo\xcc9&\x946\xf9\xf5v\xee\xb5m$;\x01\xb8\xeau\x00\xd1S=\x920H\xc2z\xb5\xbe\x95\xef\xeb\xd1\xc8\xa1\xba\xach\xbef\xa8\x86\xc2\x18\x9cC\x15\x9c^\xcf\xe9\xbcp\xb4Ff\x00\x9d>p\"\x19\xd8}|\x92\x13\x874\xe3\x01\xfd-?\xba\xf2\x8e\xa5y\\\xf0\fkd??-\x983\xf3\x19\xc7\xc0/\xe9\x1a\x80=\xa72)\xd2\x00'/272, &(0x7f0000000240)='/\t\x00\x00\x00\x98', 0x0)
tkill(r4, 0xb) (async)
sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x4040004)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:3252' (ED25519) to the list of known hosts.
[   40.864128][ T5886] cgroup: Unknown subsys name 'net'
[   41.018241][ T5886] cgroup: Unknown subsys name 'cpuset'
[   41.022251][ T5886] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   41.972174][ T5886] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   45.564315][ T5974] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   45.567824][ T5978] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   45.569354][ T5977] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   45.570548][ T5978] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   45.572838][ T5977] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   45.574639][ T5978] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   45.576714][ T5977] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   45.578897][ T5978] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   45.581857][ T5981] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   45.582774][ T5978] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   45.585640][ T5987] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   45.587720][ T5982] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   45.588393][ T5978] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   45.590055][ T5986] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   45.592309][ T5982] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   45.593907][ T5987] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   45.596333][ T5982] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   45.597919][ T5986] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   45.600664][ T5987] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   45.605918][ T5986] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   45.793146][ T5970] chnl_net:caif_netlink_parms(): no params data found
[   45.947085][ T5970] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.950575][ T5970] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.953587][ T5970] bridge_slave_0: entered allmulticast mode
[   45.958252][ T5970] bridge_slave_0: entered promiscuous mode
[   45.962757][ T5983] chnl_net:caif_netlink_parms(): no params data found
[   45.993381][ T5970] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.995636][ T5970] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.998187][ T5970] bridge_slave_1: entered allmulticast mode
[   46.000744][ T5970] bridge_slave_1: entered promiscuous mode
[   46.009084][ T5973] chnl_net:caif_netlink_parms(): no params data found
[   46.032347][ T5979] chnl_net:caif_netlink_parms(): no params data found
[   46.098492][ T5970] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.109748][ T5970] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.183916][ T5970] team0: Port device team_slave_0 added
[   46.233644][ T5970] team0: Port device team_slave_1 added
[   46.256504][ T5973] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.258699][ T5973] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.260896][ T5973] bridge_slave_0: entered allmulticast mode
[   46.263402][ T5973] bridge_slave_0: entered promiscuous mode
[   46.296369][ T5983] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.298618][ T5983] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.300779][ T5983] bridge_slave_0: entered allmulticast mode
[   46.303256][ T5983] bridge_slave_0: entered promiscuous mode
[   46.334461][ T5973] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.337128][ T5973] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.339420][ T5973] bridge_slave_1: entered allmulticast mode
[   46.342196][ T5973] bridge_slave_1: entered promiscuous mode
[   46.344979][ T5970] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.347236][ T5970] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.355094][ T5970] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.361250][ T5970] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.363421][ T5970] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.371328][ T5970] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.374838][ T5983] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.377220][ T5983] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.379484][ T5983] bridge_slave_1: entered allmulticast mode
[   46.382051][ T5983] bridge_slave_1: entered promiscuous mode
[   46.397125][ T5979] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.399311][ T5979] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.401517][ T5979] bridge_slave_0: entered allmulticast mode
[   46.404050][ T5979] bridge_slave_0: entered promiscuous mode
[   46.407149][ T5979] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.409250][ T5979] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.411397][ T5979] bridge_slave_1: entered allmulticast mode
[   46.413851][ T5979] bridge_slave_1: entered promiscuous mode
[   46.509038][ T5983] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.513736][ T5979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.518495][ T5973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.536212][ T5983] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.540836][ T5979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.545010][ T5973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.617389][ T5970] hsr_slave_0: entered promiscuous mode
[   46.619626][ T5970] hsr_slave_1: entered promiscuous mode
[   46.636715][ T5983] team0: Port device team_slave_0 added
[   46.673528][ T5973] team0: Port device team_slave_0 added
[   46.677900][ T5983] team0: Port device team_slave_1 added
[   46.682001][ T5979] team0: Port device team_slave_0 added
[   46.686549][ T5979] team0: Port device team_slave_1 added
[   46.689882][ T5973] team0: Port device team_slave_1 added
[   46.820495][ T5983] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.822649][ T5983] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.830496][ T5983] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.859902][ T5979] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.862088][ T5979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.871939][ T5979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.877370][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.880259][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.890972][ T5973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.894845][ T5983] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.897245][ T5983] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.904898][ T5983] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.915221][ T5979] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.918227][ T5979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.929028][ T5979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.934352][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.937058][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.945262][ T5973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.009508][ T5983] hsr_slave_0: entered promiscuous mode
[   47.011856][ T5983] hsr_slave_1: entered promiscuous mode
[   47.014013][ T5983] debugfs: 'hsr0' already exists in 'hsr'
[   47.016048][ T5983] Cannot create hsr debugfs directory
[   47.050948][ T5973] hsr_slave_0: entered promiscuous mode
[   47.053483][ T5973] hsr_slave_1: entered promiscuous mode
[   47.055626][ T5973] debugfs: 'hsr0' already exists in 'hsr'
[   47.057526][ T5973] Cannot create hsr debugfs directory
[   47.117779][ T5979] hsr_slave_0: entered promiscuous mode
[   47.119959][ T5979] hsr_slave_1: entered promiscuous mode
[   47.122007][ T5979] debugfs: 'hsr0' already exists in 'hsr'
[   47.123774][ T5979] Cannot create hsr debugfs directory
[   47.375589][ T5970] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.387749][ T5970] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.392377][ T5970] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.403975][ T5970] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   47.434308][ T5973] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   47.439490][ T5973] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   47.445292][ T5973] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   47.457798][ T5973] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   47.493071][ T5979] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   47.498302][ T5979] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.503666][ T5979] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.508310][ T5979] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.552774][ T5983] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   47.557508][ T5983] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   47.565063][ T5983] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   47.570057][ T5983] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   47.593938][ T5970] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.596349][ T5974] Bluetooth: hci0: command tx timeout
[   47.619505][ T5970] 8021q: adding VLAN 0 to HW filter on device team0
[   47.629467][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.631696][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.637431][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.639709][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.650610][ T5973] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.671674][ T5979] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.676047][ T5334] Bluetooth: hci1: command tx timeout
[   47.676060][ T5974] Bluetooth: hci2: command tx timeout
[   47.676329][ T5986] Bluetooth: hci3: command tx timeout
[   47.677419][ T5973] 8021q: adding VLAN 0 to HW filter on device team0
[   47.688049][ T1138] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.690263][ T1138] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.699279][ T5979] 8021q: adding VLAN 0 to HW filter on device team0
[   47.709994][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.712209][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.715547][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.717835][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.721235][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.723700][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.756453][ T5983] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.774365][ T5983] 8021q: adding VLAN 0 to HW filter on device team0
[   47.792785][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.795102][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.803120][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.806187][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.883029][ T5970] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.902016][ T5979] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.916946][ T5970] veth0_vlan: entered promiscuous mode
[   47.928289][ T5970] veth1_vlan: entered promiscuous mode
[   47.940915][ T5973] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.949943][ T5979] veth0_vlan: entered promiscuous mode
[   47.961185][ T5979] veth1_vlan: entered promiscuous mode
[   47.971879][ T5983] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.980107][ T5970] veth0_macvtap: entered promiscuous mode
[   47.987278][ T5970] veth1_macvtap: entered promiscuous mode
[   48.006352][ T5970] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.010434][ T5979] veth0_macvtap: entered promiscuous mode
[   48.020163][ T5970] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.022645][ T5973] veth0_vlan: entered promiscuous mode
[   48.028232][ T5979] veth1_macvtap: entered promiscuous mode
[   48.040288][ T5973] veth1_vlan: entered promiscuous mode
[   48.042640][ T1138] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.052247][ T1138] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.054958][ T1138] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.062186][ T5979] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.065060][ T1138] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.070579][ T5983] veth0_vlan: entered promiscuous mode
[   48.078504][ T5979] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.088294][ T5983] veth1_vlan: entered promiscuous mode
[   48.090859][  T217] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.093843][  T217] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.104537][ T5973] veth0_macvtap: entered promiscuous mode
[   48.111198][  T217] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.114118][  T217] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.128621][ T5973] veth1_macvtap: entered promiscuous mode
[   48.149686][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.152189][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.175013][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.186073][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.186177][ T5983] veth0_macvtap: entered promiscuous mode
[   48.190354][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.193007][ T5983] veth1_macvtap: entered promiscuous mode
[   48.196416][  T217] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.197041][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.198882][  T217] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.222817][ T5983] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.226850][   T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.227582][ T5983] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.229494][   T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.232080][  T217] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.239050][  T217] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.240379][ T5970] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   48.241858][  T217] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.256629][  T217] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.259317][  T217] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.277609][  T217] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.281166][  T217] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.290150][  T217] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.295030][ T6058] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[   48.326110][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[   48.333848][  T217] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.336932][  T217] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.358213][  T217] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.360419][  T217] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.401523][   T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.405845][   T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.408113][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.411257][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.553247][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   48.616907][ T6071] input: syz1 as /devices/virtual/input/input5
[   48.754399][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   48.757530][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   48.760804][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   48.763282][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   48.836023][ T6018] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   48.965825][ T6018] usb 8-1: device descriptor read/64, error -71
[   49.196377][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.226208][ T6018] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   49.256480][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.343458][ T6078] syz.2.6 uses obsolete (PF_INET,SOCK_PACKET)
[   49.375942][ T6018] usb 8-1: device descriptor read/64, error -71
[   49.486596][ T6018] usb usb8-port1: attempt power cycle
[   49.491097][ T6086] binfmt_misc: register: failed to install interpreter file ./file0
[   49.676781][ T5986] Bluetooth: hci0: command tx timeout
[   49.756040][ T5986] Bluetooth: hci1: command tx timeout
[   49.765872][ T5986] Bluetooth: hci3: command tx timeout
[   49.765927][ T5334] Bluetooth: hci2: command tx timeout
[   49.826249][ T6018] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   49.847102][ T6018] usb 8-1: device descriptor read/8, error -71
[   50.085817][ T6018] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   50.106353][ T6018] usb 8-1: device descriptor read/8, error -71
[   50.216008][ T6018] usb usb8-port1: unable to enumerate USB device
[   50.392831][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   50.675885][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   51.350234][ T6103] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   51.425931][ T6097] comedi comedi3: reset error (fatal)
[   51.571496][ T6108] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   51.756336][ T5334] Bluetooth: hci0: command tx timeout
[   51.839258][ T5334] Bluetooth: hci3: command tx timeout
[   51.839582][ T5986] Bluetooth: hci1: command tx timeout
[   51.845960][ T5986] Bluetooth: hci2: command tx timeout
[   52.604952][ T6128] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   53.354639][ T6136] netlink: 3 bytes leftover after parsing attributes in process `syz.3.21'.
[   53.401167][ T6136] batadv1: entered allmulticast mode
[   53.470029][ T6137] input: syz1 as /devices/virtual/input/input6
[   53.496217][ T6139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22'.
[   53.836635][ T5986] Bluetooth: hci0: command tx timeout
[   53.917175][ T5334] Bluetooth: hci2: command tx timeout
[   53.917206][ T5974] Bluetooth: hci1: command tx timeout
[   53.918524][ T5986] Bluetooth: hci3: command tx timeout
[   54.668720][ T6158] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   54.930065][ T6162] pim6reg: entered allmulticast mode
[   55.441379][ T6152] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   55.741343][ T6175] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   55.875819][   T24] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   56.035861][   T24] usb 6-1: Using ep0 maxpacket: 32
[   56.042438][   T24] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   56.404641][   T24] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   56.407629][   T24] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   56.423812][   T24] usb 6-1: Product: syz
[   56.425141][   T24] usb 6-1: Manufacturer: syz
[   56.429503][   T24] usb 6-1: SerialNumber: syz
[   56.446731][   T24] usb 6-1: config 0 descriptor??
[   56.456918][ T6174] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   56.477230][ T6180] netlink: 'syz.3.34': attribute type 10 has an invalid length.
[   56.487147][ T6180] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.490664][ T6180] team0: Port device bond0 added
[   56.502635][ T6180] netlink: 4 bytes leftover after parsing attributes in process `syz.3.34'.
[   56.546435][ T6171] comedi comedi3: reset error (fatal)
[   56.583240][ T6182] netlink: 8 bytes leftover after parsing attributes in process `syz.0.35'.
[   57.199458][ T6188] cgroup: fork rejected by pids controller in /syz1
[   57.828429][ T6237] netlink: 8 bytes leftover after parsing attributes in process `syz.2.41'.
[   58.345356][ T6244] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   58.651765][   T61] usb 6-1: USB disconnect, device number 2
[   59.036800][ T5974] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[   59.040789][ T6055] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   59.044121][ T5974] Bluetooth: hci0: Injecting HCI hardware error event
[   59.047920][ T5974] Bluetooth: hci0: hardware error 0x00
[   59.215852][ T6055] usb 7-1: Using ep0 maxpacket: 32
[   59.219166][ T6055] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   59.226851][ T6055] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   59.229647][ T6055] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   59.232165][ T6055] usb 7-1: Product: syz
[   59.233480][ T6055] usb 7-1: Manufacturer: syz
[   59.234994][ T6055] usb 7-1: SerialNumber: syz
[   59.238100][ T6055] usb 7-1: config 0 descriptor??
[   59.452278][ T6055] usb 7-1: USB disconnect, device number 2
[   59.725802][ T6257] comedi comedi3: reset error (fatal)
[   60.053319][ T6276] cgroup: fork rejected by pids controller in /syz2
[   60.635069][ T6343] input: syz1 as /devices/virtual/input/input7
[   61.148476][ T5974] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[   61.287337][ T6351] netlink: 3 bytes leftover after parsing attributes in process `syz.0.58'.
[   61.317602][ T6351] batadv1: entered allmulticast mode
[   61.395544][ T6352] input: syz1 as /devices/virtual/input/input8
[   61.929979][ T6360] input: syz1 as /devices/virtual/input/input9
[   62.683830][   T61] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   62.845801][   T61] usb 5-1: Using ep0 maxpacket: 32
[   62.855645][   T61] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[   62.881981][   T61] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0
[   62.913302][   T61] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   62.916634][   T61] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   62.919132][   T61] usb 5-1: Product: syz
[   62.920529][   T61] usb 5-1: Manufacturer: syz
[   62.922195][   T61] usb 5-1: SerialNumber: syz
[   62.930885][   T61] usb 5-1: config 0 descriptor??
[   63.214216][   T24] usb 5-1: USB disconnect, device number 2
[   63.644803][ T6388] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   64.434765][ T6419] netlink: 'syz.2.68': attribute type 1 has an invalid length.
[   64.437343][ T6419] netlink: 220 bytes leftover after parsing attributes in process `syz.2.68'.
[   64.542492][ T6422] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   64.684313][ T6428] netlink: 3 bytes leftover after parsing attributes in process `syz.1.69'.
[   64.703973][ T6428] batadv1: entered allmulticast mode
[   64.990901][  T217] Bluetooth: (null): Invalid header checksum
[   64.995889][  T217] Bluetooth: (null): Invalid header checksum
[   65.100908][  T217] Bluetooth: (null): Invalid header checksum
[   65.208903][  T217] Bluetooth: (null): Invalid header checksum
[   65.339223][   T12] Bluetooth: (null): Invalid header checksum
[   65.426884][   T12] Bluetooth: (null): Invalid header checksum
[   66.132571][ T6448] netlink: 52 bytes leftover after parsing attributes in process `syz.0.74'.
[   66.135653][ T6448] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[   66.475978][ T6451] FAULT_INJECTION: forcing a failure.
[   66.475978][ T6451] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   66.480103][ T6451] CPU: 3 UID: 0 PID: 6451 Comm: syz.2.76 Not tainted syzkaller #0 PREEMPT(full) 
[   66.480118][ T6451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   66.480124][ T6451] Call Trace:
[   66.480129][ T6451]  <TASK>
[   66.480133][ T6451]  dump_stack_lvl+0x16c/0x1f0
[   66.480152][ T6451]  should_fail_ex+0x512/0x640
[   66.480171][ T6451]  strncpy_from_user+0x3b/0x2e0
[   66.480187][ T6451]  getname_flags.part.0+0x8f/0x550
[   66.480206][ T6451]  getname_flags+0x93/0xf0
[   66.480218][ T6451]  __do_compat_sys_newlstat+0x8a/0x130
[   66.480235][ T6451]  ? __pfx___do_compat_sys_newlstat+0x10/0x10
[   66.480258][ T6451]  ? __pfx_ksys_write+0x10/0x10
[   66.480272][ T6451]  ? rcu_is_watching+0x12/0xc0
[   66.480284][ T6451]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   66.480301][ T6451]  __do_fast_syscall_32+0x7c/0x3a0
[   66.480318][ T6451]  do_fast_syscall_32+0x32/0x80
[   66.480333][ T6451]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   66.480347][ T6451] RIP: 0023:0xf706e579
[   66.480355][ T6451] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   66.480365][ T6451] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 000000000000006b
[   66.480388][ T6451] RAX: ffffffffffffffda RBX: 00000000800001c0 RCX: 0000000080000200
[   66.480395][ T6451] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   66.480401][ T6451] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   66.480407][ T6451] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   66.480413][ T6451] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   66.480426][ T6451]  </TASK>
[   66.609590][ T6453] process 'syz.2.77' launched './file0' with NULL argv: empty string added
[   66.794048][ T6463] netlink: 4 bytes leftover after parsing attributes in process `syz.2.79'.
[   66.877377][ T6469] FAULT_INJECTION: forcing a failure.
[   66.877377][ T6469] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.882052][ T6469] CPU: 3 UID: 0 PID: 6469 Comm: syz.0.82 Not tainted syzkaller #0 PREEMPT(full) 
[   66.882067][ T6469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   66.882073][ T6469] Call Trace:
[   66.882077][ T6469]  <TASK>
[   66.882081][ T6469]  dump_stack_lvl+0x16c/0x1f0
[   66.882100][ T6469]  should_fail_ex+0x512/0x640
[   66.882117][ T6469]  _copy_from_user+0x2e/0xd0
[   66.882135][ T6469]  do_handle_open+0xee/0xc50
[   66.882146][ T6469]  ? __fget_files+0x20e/0x3c0
[   66.882158][ T6469]  ? __pfx_do_handle_open+0x10/0x10
[   66.882172][ T6469]  ? ksys_write+0x1ac/0x250
[   66.882184][ T6469]  ? __pfx_ksys_write+0x10/0x10
[   66.882200][ T6469]  ? __do_fast_syscall_32+0x7c/0x3a0
[   66.882215][ T6469]  __do_fast_syscall_32+0x7c/0x3a0
[   66.882231][ T6469]  do_fast_syscall_32+0x32/0x80
[   66.882246][ T6469]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   66.882260][ T6469] RIP: 0023:0xf70fe579
[   66.882269][ T6469] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   66.882279][ T6469] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000156
[   66.882289][ T6469] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000440
[   66.882295][ T6469] RDX: 0000000000755c00 RSI: 0000000000000000 RDI: 0000000000000000
[   66.882301][ T6469] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   66.882307][ T6469] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   66.882313][ T6469] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   66.882326][ T6469]  </TASK>
[   67.043713][ T6477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.86'.
[   67.278964][ T6480] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   67.807679][ T6485] netlink: 8 bytes leftover after parsing attributes in process `syz.1.88'.
[   68.067956][ T6497] binder: 6492:6497 ioctl 4018620d 0 returned -22
[   68.229618][ T6500] netlink: 3 bytes leftover after parsing attributes in process `syz.0.83'.
[   68.241900][ T6500] batadv1: entered allmulticast mode
[   68.678855][ T6501] input: syz1 as /devices/virtual/input/input10
[   68.978679][ T6507] FAULT_INJECTION: forcing a failure.
[   68.978679][ T6507] name failslab, interval 1, probability 0, space 0, times 1
[   68.986019][ T6507] CPU: 2 UID: 0 PID: 6507 Comm: syz.1.92 Not tainted syzkaller #0 PREEMPT(full) 
[   68.986039][ T6507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.986050][ T6507] Call Trace:
[   68.986056][ T6507]  <TASK>
[   68.986062][ T6507]  dump_stack_lvl+0x16c/0x1f0
[   68.986089][ T6507]  should_fail_ex+0x512/0x640
[   68.986112][ T6507]  ? __kmalloc_noprof+0xbf/0x510
[   68.986132][ T6507]  ? do_handle_open+0x545/0xc50
[   68.986162][ T6507]  should_failslab+0xc2/0x120
[   68.986185][ T6507]  __kmalloc_noprof+0xd2/0x510
[   68.986203][ T6507]  ? bpf_lsm_capable+0x9/0x10
[   68.986224][ T6507]  do_handle_open+0x545/0xc50
[   68.986241][ T6507]  ? __pfx_do_handle_open+0x10/0x10
[   68.986262][ T6507]  ? ksys_write+0x1ac/0x250
[   68.986282][ T6507]  ? __pfx_ksys_write+0x10/0x10
[   68.986307][ T6507]  ? __do_fast_syscall_32+0x7c/0x3a0
[   68.986329][ T6507]  __do_fast_syscall_32+0x7c/0x3a0
[   68.986353][ T6507]  do_fast_syscall_32+0x32/0x80
[   68.986376][ T6507]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   68.986396][ T6507] RIP: 0023:0xf705e579
[   68.986410][ T6507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   68.986424][ T6507] RSP: 002b:00000000f544e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000156
[   68.986438][ T6507] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000440
[   68.986450][ T6507] RDX: 0000000000755c00 RSI: 0000000000000000 RDI: 0000000000000000
[   68.986461][ T6507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   68.986470][ T6507] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   68.986479][ T6507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   68.986500][ T6507]  </TASK>
[   69.113733][ T6513] FAULT_INJECTION: forcing a failure.
[   69.113733][ T6513] name failslab, interval 1, probability 0, space 0, times 0
[   69.120100][ T6513] CPU: 2 UID: 0 PID: 6513 Comm: syz.0.95 Not tainted syzkaller #0 PREEMPT(full) 
[   69.120123][ T6513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.120134][ T6513] Call Trace:
[   69.120140][ T6513]  <TASK>
[   69.120147][ T6513]  dump_stack_lvl+0x16c/0x1f0
[   69.120176][ T6513]  should_fail_ex+0x512/0x640
[   69.120202][ T6513]  ? fs_reclaim_acquire+0xae/0x150
[   69.120231][ T6513]  ? tomoyo_encode2+0x100/0x3e0
[   69.120255][ T6513]  should_failslab+0xc2/0x120
[   69.120279][ T6513]  __kmalloc_noprof+0xd2/0x510
[   69.120301][ T6513]  ? d_absolute_path+0x136/0x1a0
[   69.120332][ T6513]  tomoyo_encode2+0x100/0x3e0
[   69.120362][ T6513]  tomoyo_encode+0x29/0x50
[   69.120385][ T6513]  tomoyo_realpath_from_path+0x18f/0x6e0
[   69.120419][ T6513]  tomoyo_path_perm+0x274/0x460
[   69.120440][ T6513]  ? tomoyo_path_perm+0x260/0x460
[   69.120463][ T6513]  ? __pfx_tomoyo_path_perm+0x10/0x10
[   69.120515][ T6513]  ? find_held_lock+0x2b/0x80
[   69.120533][ T6513]  ? __might_fault+0xe3/0x190
[   69.120553][ T6513]  ? __might_fault+0xe3/0x190
[   69.120572][ T6513]  ? __might_fault+0x13b/0x190
[   69.120597][ T6513]  security_inode_getattr+0x116/0x290
[   69.120620][ T6513]  vfs_statx+0x121/0x3f0
[   69.120647][ T6513]  ? __pfx_vfs_statx+0x10/0x10
[   69.120672][ T6513]  ? getname_flags.part.0+0x1c5/0x550
[   69.120706][ T6513]  __do_compat_sys_newlstat+0xa8/0x130
[   69.120733][ T6513]  ? __pfx___do_compat_sys_newlstat+0x10/0x10
[   69.120774][ T6513]  ? __pfx_ksys_write+0x10/0x10
[   69.120797][ T6513]  ? rcu_is_watching+0x12/0xc0
[   69.120814][ T6513]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   69.120842][ T6513]  __do_fast_syscall_32+0x7c/0x3a0
[   69.120869][ T6513]  do_fast_syscall_32+0x32/0x80
[   69.120892][ T6513]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   69.120913][ T6513] RIP: 0023:0xf70fe579
[   69.120927][ T6513] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   69.120942][ T6513] RSP: 002b:00000000f54ee55c EFLAGS: 00000296 ORIG_RAX: 000000000000006b
[   69.120959][ T6513] RAX: ffffffffffffffda RBX: 00000000800001c0 RCX: 0000000080000200
[   69.120970][ T6513] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   69.120979][ T6513] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   69.120989][ T6513] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   69.120999][ T6513] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   69.121026][ T6513]  </TASK>
[   69.121043][ T6513] ERROR: Out of memory at tomoyo_realpath_from_path.
[   69.339723][ T6520] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.342650][ T6520] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.396768][ T6521] Zero length message leads to an empty skb
[   69.406510][ T6520] bridge_slave_1: left allmulticast mode
[   69.409485][ T6520] bridge_slave_1: left promiscuous mode
[   69.415984][ T6520] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.786259][ T6520] bridge_slave_0: left allmulticast mode
[   69.788256][ T6520] bridge_slave_0: left promiscuous mode
[   69.794721][ T6520] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.871181][ T6528] program syz.2.99 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   69.874665][ T6528] netlink: 36 bytes leftover after parsing attributes in process `syz.2.99'.
[   70.100850][ T6533] =======================================================
[   70.100850][ T6533] WARNING: The mand mount option has been deprecated and
[   70.100850][ T6533]          and is ignored by this kernel. Remove the mand
[   70.100850][ T6533]          option from the mount to silence this warning.
[   70.100850][ T6533] =======================================================
[   70.749397][ T6549] netlink: 'syz.1.105': attribute type 11 has an invalid length.
[   70.768400][ T6549] ISOFS: Unable to identify CD-ROM format.
[   70.896150][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[   70.898081][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[   71.004941][ T6554] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   71.030137][ T6559] FAULT_INJECTION: forcing a failure.
[   71.030137][ T6559] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.034172][ T6559] CPU: 3 UID: 0 PID: 6559 Comm: syz.2.109 Not tainted syzkaller #0 PREEMPT(full) 
[   71.034186][ T6559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   71.034192][ T6559] Call Trace:
[   71.034196][ T6559]  <TASK>
[   71.034200][ T6559]  dump_stack_lvl+0x16c/0x1f0
[   71.034218][ T6559]  should_fail_ex+0x512/0x640
[   71.034239][ T6559]  _copy_to_user+0x32/0xd0
[   71.034251][ T6559]  cp_compat_stat+0x571/0x850
[   71.034267][ T6559]  ? __pfx_cp_compat_stat+0x10/0x10
[   71.034288][ T6559]  __do_compat_sys_newlstat+0x11f/0x130
[   71.034305][ T6559]  ? __pfx___do_compat_sys_newlstat+0x10/0x10
[   71.034329][ T6559]  ? __pfx_ksys_write+0x10/0x10
[   71.034343][ T6559]  ? rcu_is_watching+0x12/0xc0
[   71.034354][ T6559]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   71.034371][ T6559]  __do_fast_syscall_32+0x7c/0x3a0
[   71.034388][ T6559]  do_fast_syscall_32+0x32/0x80
[   71.034403][ T6559]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   71.034417][ T6559] RIP: 0023:0xf706e579
[   71.034425][ T6559] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   71.034436][ T6559] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 000000000000006b
[   71.034446][ T6559] RAX: ffffffffffffffda RBX: 00000000800001c0 RCX: 0000000080000200
[   71.034452][ T6559] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   71.034458][ T6559] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   71.034464][ T6559] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   71.034470][ T6559] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   71.034482][ T6559]  </TASK>
[   72.423218][ T6568] netlink: 3 bytes leftover after parsing attributes in process `syz.1.111'.
[   72.429305][ T6568] batadv1: entered allmulticast mode
[   72.487304][ T6579] input: syz1 as /devices/virtual/input/input11
[   73.021466][ T6585] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   73.094603][ T6589] netlink: 12 bytes leftover after parsing attributes in process `syz.1.118'.
[   73.391342][ T6594] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   73.835983][ T6039] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   73.855436][ T6611] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[   74.015796][ T6039] usb 7-1: Using ep0 maxpacket: 32
[   74.019224][ T6039] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[   74.022626][ T6039] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0
[   74.028214][ T6039] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   74.031582][ T6039] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   74.034187][ T6039] usb 7-1: Product: syz
[   74.035654][ T6039] usb 7-1: Manufacturer: syz
[   74.037768][ T6039] usb 7-1: SerialNumber: syz
[   74.041348][ T6039] usb 7-1: config 0 descriptor??
[   74.253577][ T6039] usb 7-1: USB disconnect, device number 3
[   74.640953][ T6619] netlink: 3 bytes leftover after parsing attributes in process `syz.3.126'.
[   74.682709][ T6619] batadv1: entered allmulticast mode
[   74.824432][ T6620] input: syz1 as /devices/virtual/input/input12
[   74.855779][ T6611] comedi comedi3: reset error (fatal)
[   74.939699][ T6625] syzkaller1: entered promiscuous mode
[   74.941452][ T6625] syzkaller1: entered allmulticast mode
[   75.555856][ T4305] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   75.706867][ T4305] usb 8-1: Using ep0 maxpacket: 32
[   75.710214][ T4305] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   75.725174][ T4305] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   75.730600][ T4305] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   75.733847][ T4305] usb 8-1: Product: syz
[   75.735166][ T4305] usb 8-1: Manufacturer: syz
[   75.738893][ T4305] usb 8-1: SerialNumber: syz
[   75.747061][ T4305] usb 8-1: config 0 descriptor??
[   75.750068][ T6661] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   75.854962][ T6666] mmap: syz.2.133 (6666) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   76.286820][ T6677] netlink: 8 bytes leftover after parsing attributes in process `syz.1.137'.
[   76.714518][ T6671] cgroup: fork rejected by pids controller in /syz3
[   77.220770][ T6717] nvme_fabrics: missing parameter 'transport=%s'
[   77.223245][ T6717] nvme_fabrics: missing parameter 'nqn=%s'
[   77.520962][ T6729] netlink: 3 bytes leftover after parsing attributes in process `syz.0.141'.
[   77.674209][ T6729] batadv1: entered allmulticast mode
[   77.734974][ T6732] input: syz1 as /devices/virtual/input/input14
[   77.781464][ T6733] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   77.844593][ T6727] netlink: 8 bytes leftover after parsing attributes in process `syz.0.141'.
[   78.317918][ T6738] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   78.352780][   T34] usb 8-1: USB disconnect, device number 6
[   78.620848][ T6746] netlink: 8 bytes leftover after parsing attributes in process `syz.2.147'.
[   79.594014][ T6759] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[   79.596122][ T6759] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   79.599377][ T6759] vhci_hcd vhci_hcd.0: Device attached
[   79.635843][ T5984] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   79.805951][ T5984] usb 5-1: Using ep0 maxpacket: 8
[   79.808906][ T5984] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   79.811802][ T5984] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   79.815074][ T5984] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   79.821257][ T5984] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   79.825722][ T5984] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   79.829142][ T5984] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.040801][ T5984] usb 5-1: GET_CAPABILITIES returned 0
[   80.044394][ T5984] usbtmc 5-1:16.0: can't read capabilities
[   80.045827][ T4305] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[   80.218606][ T6760] vhci_hcd: connection reset by peer
[   80.221719][   T78] vhci_hcd: stop threads
[   80.223560][   T78] vhci_hcd: release socket
[   80.225569][   T78] vhci_hcd: disconnect device
[   80.241013][   T40] audit: type=1326 audit(1756899659.104:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6749 comm="syz.0.148" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70fe579 code=0x0
[   80.343943][ T6756] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   80.655232][ T6770] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -90
[   80.891158][ T6775] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[   80.953560][ T6778] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   81.575337][ T3240] cfg80211: failed to load regulatory.db
[   81.743844][ T6782] 9pnet_virtio: no channels available for device syz
[   82.071197][    C1] vxcan1: j1939_tp_rxtimer: 0xffff8880251acc00: rx timeout, send abort
[   82.462636][ T1018] usb 5-1: USB disconnect, device number 3
[   82.484215][ T6798] F2FS-fs (nbd0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[   82.486875][ T6798] F2FS-fs (nbd0): Can't find valid F2FS filesystem in 1th superblock
[   82.490394][ T6798] F2FS-fs (nbd0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[   82.493543][ T6798] F2FS-fs (nbd0): Can't find valid F2FS filesystem in 2th superblock
[   82.566077][ T6798] openvswitch: netlink: Missing key (keys=40, expected=100)
[   82.575140][    C1] vxcan1: j1939_tp_rxtimer: 0xffff8880251acc00: abort rx timeout. Force session deactivation
[   82.657020][   T40] audit: type=1800 audit(1756899661.514:3): pid=6798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.0.161" name="/newroot/38/file0" dev="tmpfs" ino=263 res=0 errno=0
[   82.909821][ T6814] netlink: 24 bytes leftover after parsing attributes in process `syz.0.163'.
[   82.975337][ T6816] netlink: 8 bytes leftover after parsing attributes in process `syz.1.164'.
[   83.332086][ T6819] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   84.168818][ T6836] netlink: 3 bytes leftover after parsing attributes in process `syz.0.169'.
[   84.303456][ T6836] batadv1: entered allmulticast mode
[   84.313530][ T6841] input: syz1 as /devices/virtual/input/input15
[   84.693437][ T6830] netlink: 24 bytes leftover after parsing attributes in process `syz.0.169'.
[   85.186447][ T4305] vhci_hcd: vhci_device speed not set
[   85.336032][ T3240] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   85.355873][   T10] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   85.485787][ T3240] usb 6-1: Using ep0 maxpacket: 32
[   85.489816][ T3240] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   85.529981][ T3240] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   85.532826][ T3240] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   85.535314][ T3240] usb 6-1: Product: syz
[   85.536818][ T3240] usb 6-1: Manufacturer: syz
[   85.538240][ T3240] usb 6-1: SerialNumber: syz
[   85.542824][ T3240] usb 6-1: config 0 descriptor??
[   85.546983][ T6852] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   85.555861][   T10] usb 7-1: Using ep0 maxpacket: 32
[   85.561198][   T10] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   85.571138][   T10] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   85.573878][   T10] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   85.582410][   T10] usb 7-1: Product: syz
[   85.584777][   T10] usb 7-1: Manufacturer: syz
[   85.589445][   T10] usb 7-1: SerialNumber: syz
[   85.612626][   T10] usb 7-1: config 0 descriptor??
[   85.617472][ T6854] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[   85.632546][   T10] chaoskey 7-1:0.0: Unable to register with hwrng
[   86.545879][   T10] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[   86.715942][   T10] usb 8-1: Using ep0 maxpacket: 32
[   86.719984][   T10] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   86.727516][   T10] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   86.731128][   T10] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   86.733741][   T10] usb 8-1: Product: syz
[   86.735112][   T10] usb 8-1: Manufacturer: syz
[   86.737045][   T10] usb 8-1: SerialNumber: syz
[   86.740877][   T10] usb 8-1: config 0 descriptor??
[   86.744039][ T6869] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[   86.749039][   T10] chaoskey 8-1:0.0: Unable to register with hwrng
[   87.009666][   T10] usb 8-1: USB disconnect, device number 7
[   88.109450][   T10] usb 6-1: USB disconnect, device number 3
[   88.146779][ T4305] usb 7-1: USB disconnect, device number 4
[   88.239816][ T6911] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   88.394272][ T6916] Bluetooth: MGMT ver 1.23
[   90.073847][ T4305] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   90.239723][ T6948] netlink: 3 bytes leftover after parsing attributes in process `syz.2.183'.
[   90.275810][ T6948] batadv1: entered allmulticast mode
[   90.326218][ T4305] usb 6-1: Using ep0 maxpacket: 32
[   90.330100][ T4305] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   90.331610][ T5974] Bluetooth: hci2: unexpected event 0x2f length: 1017 > 260
[   90.337281][ T4305] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   90.342487][ T4305] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   90.345534][ T4305] usb 6-1: Product: syz
[   90.347661][ T4305] usb 6-1: Manufacturer: syz
[   90.349290][ T4305] usb 6-1: SerialNumber: syz
[   90.357623][ T4305] usb 6-1: config 0 descriptor??
[   90.359791][ T6934] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   90.362982][ T6951] input: syz1 as /devices/virtual/input/input16
[   90.469352][ T6951] netlink: 24 bytes leftover after parsing attributes in process `syz.2.183'.
[   90.508834][ T6950] 9pnet_fd: Insufficient options for proto=fd
[   91.336017][ T6969] netlink: 3 bytes leftover after parsing attributes in process `syz.0.191'.
[   91.372868][ T6969] batadv1: entered allmulticast mode
[   91.568258][ T6974] input: syz1 as /devices/virtual/input/input17
[   91.569417][ T6972] syz_tun: entered allmulticast mode
[   91.573890][ T6970] syz_tun: left allmulticast mode
[   92.253574][ T6229] usb 6-1: USB disconnect, device number 4
[   92.966938][   T24] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[   93.044942][ T6999] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   93.133975][   T24] usb 7-1: unable to read config index 0 descriptor/start: -71
[   93.138234][   T24] usb 7-1: can't read configurations, error -71
[   94.039564][ T7019] netlink: 830 bytes leftover after parsing attributes in process `syz.2.208'.
[   94.049301][ T7019] overlayfs: failed to resolve './file0': -2
[   94.125106][ T7021] bridge: RTM_NEWNEIGH with invalid ether address
[   94.129345][ T7021] netlink: 'syz.0.206': attribute type 10 has an invalid length.
[   94.131827][ T7021] netlink: 40 bytes leftover after parsing attributes in process `syz.0.206'.
[   94.135336][ T7021] dummy0: entered promiscuous mode
[   94.144869][ T7021] bridge0: port 3(dummy0) entered blocking state
[   94.147938][ T7021] bridge0: port 3(dummy0) entered disabled state
[   94.150160][ T7021] dummy0: entered allmulticast mode
[   94.154802][ T7021] bridge0: port 3(dummy0) entered blocking state
[   94.157172][ T7021] bridge0: port 3(dummy0) entered forwarding state
[   94.176386][ T6039] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   94.325912][ T6039] usb 6-1: Using ep0 maxpacket: 32
[   94.332254][ T6039] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   94.348121][ T6039] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   94.351868][ T6039] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   94.355144][ T6039] usb 6-1: Product: syz
[   94.357576][ T6039] usb 6-1: Manufacturer: syz
[   94.359529][ T6039] usb 6-1: SerialNumber: syz
[   94.377022][ T6039] usb 6-1: config 0 descriptor??
[   94.382223][ T7017] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   94.684011][ T6039] usb 6-1: USB disconnect, device number 5
[   94.842365][ T7035] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   96.091446][ T7057] netlink: 8 bytes leftover after parsing attributes in process `syz.0.218'.
[   96.648632][ T7066] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   97.082960][ T7069] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[   98.085794][ T7069] comedi comedi3: reset error (fatal)
[   98.476142][ T7095] netlink: 8 bytes leftover after parsing attributes in process `syz.2.230'.
[   98.911274][ T7110] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   99.051207][ T7114] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[   99.893083][ T7121] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  100.055791][ T7114] comedi comedi3: reset error (fatal)
[  100.148380][ T7127] overlayfs: failed to resolve './file0': -2
[  100.435814][ T5984] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  100.565821][ T5984] usb 5-1: device descriptor read/64, error -71
[  100.836499][ T5984] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  101.219874][ T7161] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  101.295903][ T5984] usb 5-1: device descriptor read/64, error -71
[  101.300353][ T7163] netlink: 3 bytes leftover after parsing attributes in process `syz.3.245'.
[  101.312225][ T7163] batadv1: entered allmulticast mode
[  101.390237][ T7164] input: syz1 as /devices/virtual/input/input18
[  101.418298][ T5984] usb usb5-port1: attempt power cycle
[  101.610679][ T7166] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  102.615813][ T7166] comedi comedi3: reset error (fatal)
[  102.626101][ T5984] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  102.646419][ T5984] usb 5-1: device descriptor read/8, error -71
[  102.887444][ T5984] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  102.906834][ T5984] usb 5-1: device descriptor read/8, error -71
[  102.999628][ T7188] bond0: (slave macsec1): Error -34 calling dev_set_mtu
[  103.016034][ T5984] usb usb5-port1: unable to enumerate USB device
[  103.041139][ T7188] block nbd2: Attempted send on invalid socket
[  103.043748][ T7188] I/O error, dev nbd2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  103.047638][ T7188] block nbd2: Attempted send on invalid socket
[  103.050063][ T7188] I/O error, dev nbd2, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  103.053476][ T7188] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  103.057904][ T7188] block nbd2: Attempted send on invalid socket
[  103.060313][ T7188] I/O error, dev nbd2, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  103.063936][ T7188] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  103.068735][ T7188] block nbd2: Attempted send on invalid socket
[  103.070997][ T7188] I/O error, dev nbd2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  103.073972][ T7188] block nbd2: Attempted send on invalid socket
[  103.076535][ T7188] I/O error, dev nbd2, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  103.079952][ T7188] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  103.083133][ T7188] block nbd2: Attempted send on invalid socket
[  103.085278][ T7188] I/O error, dev nbd2, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  103.088699][ T7188] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  103.092005][ T7188] block nbd2: Attempted send on invalid socket
[  103.093999][ T7188] I/O error, dev nbd2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  103.096936][ T7188] block nbd2: Attempted send on invalid socket
[  103.098880][ T7188] I/O error, dev nbd2, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  103.101854][ T7188] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  103.104899][ T7188] block nbd2: Attempted send on invalid socket
[  103.107219][ T7188] I/O error, dev nbd2, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  103.110688][ T7188] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  103.113974][ T7188] block nbd2: Attempted send on invalid socket
[  103.116905][ T7188] I/O error, dev nbd2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  103.120600][ T7188] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  103.123748][ T7188] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  103.127445][ T7188] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[  103.760526][ T7200] block device autoloading is deprecated and will be removed.
[  104.916537][ T7220] netlink: 8 bytes leftover after parsing attributes in process `syz.1.263'.
[  104.937981][ T5984] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  104.941544][ T7213] netlink: 3 bytes leftover after parsing attributes in process `syz.3.259'.
[  104.947288][ T7213] batadv1: entered allmulticast mode
[  105.012869][ T7211] input: syz1 as /devices/virtual/input/input19
[  105.105812][ T5984] usb 5-1: Using ep0 maxpacket: 32
[  105.109535][ T5984] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  105.120594][ T5984] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  105.123485][ T5984] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  105.126213][ T5984] usb 5-1: Product: syz
[  105.127581][ T5984] usb 5-1: Manufacturer: syz
[  105.129066][ T5984] usb 5-1: SerialNumber: syz
[  105.136571][ T5984] usb 5-1: config 0 descriptor??
[  105.147930][ T7206] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  105.727726][   T40] audit: type=1326 audit(1756899684.594:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.1.267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  105.734969][   T40] audit: type=1326 audit(1756899684.594:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.1.267" exe="/syz-executor" sig=0 arch=40000003 syscall=443 compat=1 ip=0xf705e579 code=0x7ffc0000
[  105.741705][   T40] audit: type=1326 audit(1756899684.594:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.1.267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  105.748378][   T40] audit: type=1326 audit(1756899684.594:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.1.267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  105.753311][ T6018] libceph: connect (1)[c::]:6789 error -101
[  105.754817][   T40] audit: type=1326 audit(1756899684.594:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.1.267" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf705e579 code=0x7ffc0000
[  105.760258][ T6018] libceph: mon0 (1)[c::]:6789 connect error
[  105.763359][   T40] audit: type=1326 audit(1756899684.594:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.1.267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  105.767634][ T6018] libceph: connect (1)[c::]:6789 error -101
[  105.772003][   T40] audit: type=1326 audit(1756899684.594:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.1.267" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf705e579 code=0x7ffc0000
[  105.774187][ T6018] libceph: mon0 (1)[c::]:6789 connect error
[  105.781385][   T40] audit: type=1326 audit(1756899684.594:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.1.267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  105.789057][   T40] audit: type=1326 audit(1756899684.594:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.1.267" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf705e579 code=0x7ffc0000
[  105.795831][   T40] audit: type=1326 audit(1756899684.594:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.1.267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[  105.846572][ T7238] ceph: No mds server is up or the cluster is laggy
[  106.246683][ T4305] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  106.448477][ T4305] usb 6-1: Using ep0 maxpacket: 32
[  106.453566][ T4305] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  106.459058][ T4305] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  106.462133][ T4305] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  106.466229][ T4305] usb 6-1: Product: syz
[  106.469890][ T4305] usb 6-1: Manufacturer: syz
[  106.471464][ T4305] usb 6-1: SerialNumber: syz
[  106.477742][ T4305] usb 6-1: config 0 descriptor??
[  106.481261][ T7250] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  106.490825][ T4305] chaoskey 6-1:0.0: Unable to register with hwrng
[  106.830422][ T7252] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  106.889327][ T5984] usb 6-1: USB disconnect, device number 6
[  107.208313][ T6229] usb 5-1: USB disconnect, device number 8
[  107.500294][ T7279] netlink: 3 bytes leftover after parsing attributes in process `syz.0.274'.
[  107.522751][ T7279] batadv1: entered allmulticast mode
[  107.581775][ T7281] input: syz1 as /devices/virtual/input/input20
[  108.186250][ T7298] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  108.199276][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.205907][ T7298] netlink: 72 bytes leftover after parsing attributes in process `syz.2.276'.
[  108.265397][ T7302] tipc: Started in network mode
[  108.267748][ T7302] tipc: Node identity d2c15687ad5a, cluster identity 4711
[  108.270922][ T7302] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  108.274170][ T7302] syzkaller0: entered promiscuous mode
[  108.276744][ T7302] syzkaller0: entered allmulticast mode
[  108.283531][ T7302] tipc: Resetting bearer <eth:syzkaller0>
[  108.315975][ T7303] tipc: Resetting bearer <eth:syzkaller0>
[  108.356616][ T7303] tipc: Disabling bearer <eth:syzkaller0>
[  109.272843][ T7324] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  109.765974][ T7336] fuse: blksize only supported for fuseblk
[  109.769548][ T7336] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  109.772892][ T7336] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  111.471796][ T7394] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  111.805869][   T10] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  111.926984][ T7399] netlink: 8 bytes leftover after parsing attributes in process `syz.1.303'.
[  111.965798][   T10] usb 5-1: Using ep0 maxpacket: 32
[  111.968524][   T10] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  111.972941][   T10] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  111.975629][   T10] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  111.979694][   T10] usb 5-1: Product: syz
[  111.981334][   T10] usb 5-1: Manufacturer: syz
[  111.983130][   T10] usb 5-1: SerialNumber: syz
[  111.989201][   T10] usb 5-1: config 0 descriptor??
[  111.991879][ T7396] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  112.246877][ T7402] overlayfs: workdir and upperdir must be separate subtrees
[  112.271164][ T6039] usb 5-1: USB disconnect, device number 9
[  112.511723][ T7407] netlink: 3 bytes leftover after parsing attributes in process `syz.2.305'.
[  112.526844][ T7407] batadv1: entered allmulticast mode
[  112.575020][ T7408] input: syz1 as /devices/virtual/input/input21
[  113.109252][ T7413] pim6reg: entered allmulticast mode
[  113.445818][ T7403] cgroup: fork rejected by pids controller in /syz0
[  113.794558][ T7409] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  114.271499][ T7471] warning: `syz.3.314' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  114.317823][ T7474] netlink: 8 bytes leftover after parsing attributes in process `syz.3.315'.
[  114.659961][ T7478] netlink: 'syz.0.316': attribute type 1 has an invalid length.
[  114.668646][ T7478] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  114.698617][ T7490] netlink: 3 bytes leftover after parsing attributes in process `syz.1.317'.
[  114.717446][ T7490] batadv1: entered allmulticast mode
[  114.788962][ T7493] input: syz1 as /devices/virtual/input/input22
[  115.275884][   T61] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  115.515846][   T61] usb 5-1: Using ep0 maxpacket: 32
[  115.520937][   T61] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  115.527640][   T61] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  115.531415][   T61] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  115.534743][   T61] usb 5-1: Product: syz
[  115.536599][   T61] usb 5-1: Manufacturer: syz
[  115.538558][   T61] usb 5-1: SerialNumber: syz
[  115.542799][   T61] usb 5-1: config 0 descriptor??
[  115.546832][ T7495] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  115.888319][ T1018] usb 5-1: USB disconnect, device number 10
[  116.004443][ T7510] netlink: 4 bytes leftover after parsing attributes in process `syz.2.325'.
[  116.033341][ T7516] netlink: 8 bytes leftover after parsing attributes in process `syz.3.327'.
[  116.295920][ T4305] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  116.455833][ T4305] usb 7-1: Using ep0 maxpacket: 16
[  116.459882][ T4305] usb 7-1: config 1 interface 0 altsetting 3 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  116.468266][ T4305] usb 7-1: config 1 interface 0 has no altsetting 0
[  116.475231][ T4305] usb 7-1: New USB device found, idVendor=056a, idProduct=003f, bcdDevice= 0.40
[  116.478762][ T4305] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.481550][ T4305] usb 7-1: Product: ࠢ
[  116.482975][ T4305] usb 7-1: Manufacturer: ч
[  116.485529][ T4305] usb 7-1: SerialNumber: syz
[  116.711572][ T4305] usbhid 7-1:1.0: can't add hid device: -71
[  116.713653][ T4305] usbhid 7-1:1.0: probe with driver usbhid failed with error -71
[  116.719095][ T4305] usb 7-1: USB disconnect, device number 7
[  116.847963][ T7512] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  117.195926][ T5974] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  117.199321][ T5974] Bluetooth: hci1: Injecting HCI hardware error event
[  117.202205][ T5974] Bluetooth: hci1: hardware error 0x00
[  117.216020][ T5984] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  117.234774][ T7568] libceph: resolve '400' (ret=-3): failed
[  117.355806][ T5984] usb 8-1: device descriptor read/64, error -71
[  117.485175][ T7572] team0: Port device team_slave_0 removed
[  117.615858][ T5984] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  117.751199][ T7586] netlink: 4 bytes leftover after parsing attributes in process `syz.1.335'.
[  117.769017][ T5984] usb 8-1: device descriptor read/64, error -71
[  117.789336][ T7592] netlink: 7 bytes leftover after parsing attributes in process `syz.1.336'.
[  117.792903][ T7592] netlink: 8 bytes leftover after parsing attributes in process `syz.1.336'.
[  117.879808][ T5984] usb usb8-port1: attempt power cycle
[  117.985988][ T6039] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  118.717030][ T5984] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  118.817564][ T5984] usb 8-1: device descriptor read/8, error -71
[  118.869965][ T7599] sp0: Synchronizing with TNC
[  118.905995][ T6039] usb 5-1: Using ep0 maxpacket: 32
[  118.910559][ T6039] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.916274][ T6039] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.921246][ T6039] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  118.926073][ T6039] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.931478][ T6039] usb 5-1: config 0 descriptor??
[  119.055947][ T5984] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  119.076393][ T5984] usb 8-1: device descriptor read/8, error -71
[  119.152262][ T5986] Bluetooth: hci1: unexpected event for opcode 0x9103
[  119.186319][ T5984] usb usb8-port1: unable to enumerate USB device
[  119.275823][ T5974] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  119.646343][ T6039] usbhid 5-1:0.0: can't add hid device: -71
[  119.826829][ T7600] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  120.147486][ T6039] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  120.167467][ T6039] usb 5-1: USB disconnect, device number 11
[  120.234846][ T7611] netlink: 3 bytes leftover after parsing attributes in process `syz.3.341'.
[  120.277360][ T7611] batadv1: entered allmulticast mode
[  120.312980][ T7614] input: syz1 as /devices/virtual/input/input23
[  122.406481][ T7629] netlink: 3 bytes leftover after parsing attributes in process `syz.2.346'.
[  122.439965][ T7629] batadv1: entered allmulticast mode
[  122.626670][ T7640] netlink: 28 bytes leftover after parsing attributes in process `syz.1.350'.
[  122.639726][ T7640] netlink: 28 bytes leftover after parsing attributes in process `syz.1.350'.
[  122.745868][   T61] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  122.886046][   T61] usb 5-1: device descriptor read/64, error -71
[  123.137130][   T61] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  123.276553][ T7629] input: syz1 as /devices/virtual/input/input24
[  123.321199][   T61] usb 5-1: device descriptor read/64, error -71
[  123.436800][   T61] usb usb5-port1: attempt power cycle
[  123.687710][ T7641] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  123.785824][   T61] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  123.806428][   T61] usb 5-1: device descriptor read/8, error -71
[  124.047138][   T61] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  124.076683][   T61] usb 5-1: device descriptor read/8, error -71
[  124.187265][   T61] usb usb5-port1: unable to enumerate USB device
[  124.890810][ T7667] netlink: 8 bytes leftover after parsing attributes in process `syz.3.358'.
[  125.284404][ T7671] netlink: 3 bytes leftover after parsing attributes in process `syz.3.359'.
[  125.304582][ T7671] batadv1: entered allmulticast mode
[  125.389043][ T7672] input: syz1 as /devices/virtual/input/input25
[  125.708463][ T7686] vivid-001: =================  START STATUS  =================
[  125.711825][ T7686] vivid-001: RDS Tx I/O Mode: Controls
[  125.714124][ T7686] vivid-001: RDS Program ID: 32904
[  125.742914][ T7686] vivid-001: RDS Program Type: 3
[  125.744529][ T7686] vivid-001: RDS PS Name: VIVID-TX
[  125.746454][ T7686] vivid-001: RDS Radio Text: This is a VIVID default Radio Text template text, change at will
[  125.749671][ T7686] vivid-001: RDS Stereo: true
[  125.751231][ T7686] vivid-001: RDS Artificial Head: false
[  125.753119][ T7686] vivid-001: RDS Compressed: false
[  125.754777][ T7686] vivid-001: RDS Dynamic PTY: false
[  125.756918][ T7686] vivid-001: RDS Traffic Announcement: false
[  125.758879][ T7686] vivid-001: RDS Traffic Program: true
[  125.766006][ T7686] vivid-001: RDS Music: true
[  125.767884][ T7686] vivid-001: ==================  END STATUS  ==================
[  126.726574][ T7696] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  127.935788][ T7700] comedi comedi3: reset error (fatal)
[  129.218643][ T7743] fuse: Bad value for 'fd'
[  129.422946][ T7743] netlink: 40 bytes leftover after parsing attributes in process `syz.2.377'.
[  129.609182][ T7755] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  130.579843][ T7767] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  130.696405][ T7755] comedi comedi3: reset error (fatal)
[  131.324836][ T7781] netlink: 4 bytes leftover after parsing attributes in process `syz.1.387'.
[  131.475855][   T61] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  131.501497][ T7786] netlink: 8 bytes leftover after parsing attributes in process `syz.3.390'.
[  131.645813][   T61] usb 5-1: Using ep0 maxpacket: 32
[  131.648792][   T61] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  131.745822][ T1018] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  131.833205][   T61] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  131.837406][   T61] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  131.840878][   T61] usb 5-1: Product: syz
[  131.842805][   T61] usb 5-1: Manufacturer: syz
[  131.844870][   T61] usb 5-1: SerialNumber: syz
[  131.868006][   T61] usb 5-1: config 0 descriptor??
[  131.874037][ T7778] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  132.185805][ T1018] usb 7-1: Using ep0 maxpacket: 32
[  132.249176][   T61] usb 5-1: USB disconnect, device number 16
[  132.251470][ T1018] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  132.256762][ T1018] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  132.259562][ T1018] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  132.262164][ T1018] usb 7-1: Product: syz
[  132.263480][ T1018] usb 7-1: Manufacturer: syz
[  132.264928][ T1018] usb 7-1: SerialNumber: syz
[  132.270015][ T1018] usb 7-1: config 0 descriptor??
[  132.271647][ T5974] Bluetooth: hci3: unexpected event 0x2f length: 1017 > 260
[  132.276082][ T7784] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  132.329859][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  132.331866][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  132.913418][ T1018] usb 7-1: USB disconnect, device number 8
[  134.230399][ T7824] netlink: 8 bytes leftover after parsing attributes in process `syz.3.400'.
[  134.574809][ T7854] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  134.936156][ T7862] pim6reg: entered allmulticast mode
[  135.303315][ T7866] fuse: Bad value for 'group_id'
[  135.305050][ T7866] fuse: Bad value for 'group_id'
[  135.680689][ T7859] comedi comedi3: reset error (fatal)
[  136.109946][   T40] kauditd_printk_skb: 38 callbacks suppressed
[  136.109957][   T40] audit: type=1326 audit(1756899714.964:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.0.407" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  136.130156][   T40] audit: type=1326 audit(1756899714.964:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.0.407" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  136.138493][ T7873] overlayfs: failed to resolve './file0': -2
[  136.142942][   T40] audit: type=1326 audit(1756899714.974:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.0.407" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  136.163162][   T40] audit: type=1326 audit(1756899714.974:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.0.407" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  136.200418][   T40] audit: type=1326 audit(1756899714.974:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.0.407" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  136.251157][   T40] audit: type=1326 audit(1756899714.984:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.0.407" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  136.266320][   T40] audit: type=1326 audit(1756899714.984:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.0.407" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  136.279392][   T40] audit: type=1326 audit(1756899714.984:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.0.407" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  136.288397][   T40] audit: type=1326 audit(1756899714.984:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.0.407" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  136.295177][   T40] audit: type=1326 audit(1756899714.994:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7872 comm="syz.0.407" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000
[  136.398720][ T7857] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  136.821345][ T7883] fuse: Bad value for 'fd'
[  137.194953][ T7893] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  137.247956][ T3240] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  137.426167][ T3240] usb 8-1: Using ep0 maxpacket: 32
[  137.430212][ T3240] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  137.438802][ T3240] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  137.441655][ T3240] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  137.444004][ T3240] usb 8-1: Product: syz
[  137.460312][ T3240] usb 8-1: Manufacturer: syz
[  137.463628][ T3240] usb 8-1: SerialNumber: syz
[  137.469279][ T3240] usb 8-1: config 0 descriptor??
[  137.471345][ T7888] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  137.508255][ T7902] trusted_key: encrypted_key: insufficient parameters specified
[  137.538397][ T7891] /dev/sr0: Can't open blockdev
[  138.285932][ T7897] comedi comedi3: reset error (fatal)
[  138.458160][ T7907] binder: 7905:7907 ioctl 40189429 80001140 returned -22
[  138.486099][ T7908] binder: 7905:7908 ioctl 40189429 80001140 returned -22
[  138.507561][ T6039] usb 8-1: USB disconnect, device number 12
[  138.514539][ T7912] netlink: 60 bytes leftover after parsing attributes in process `syz.0.419'.
[  138.583297][ T7914] netlink: 16 bytes leftover after parsing attributes in process `syz.1.418'.
[  138.825961][ T1018] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  138.995844][ T1018] usb 6-1: Using ep0 maxpacket: 8
[  139.001981][ T1018] usb 6-1: config 1 interface 0 altsetting 8 bulk endpoint 0x1 has invalid maxpacket 16
[  139.006630][ T1018] usb 6-1: config 1 interface 0 altsetting 8 bulk endpoint 0x82 has invalid maxpacket 64
[  139.010887][ T1018] usb 6-1: config 1 interface 0 has no altsetting 0
[  139.022409][ T1018] usb 6-1: string descriptor 0 read error: -22
[  139.026452][ T1018] usb 6-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  139.031060][ T1018] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.038915][ T7914] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  139.041692][ T7914] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  139.046882][ T1018] usblp0: Disabling reads from problematic bidirectional printer
[  139.967206][ T1018] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 8 proto 3 vid 0x03F0 pid 0x0004
[  139.986414][ T1018] usb 6-1: USB disconnect, device number 7
[  139.995868][ T5974] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  139.999490][ T5974] Bluetooth: hci3: Injecting HCI hardware error event
[  140.001582][ T1018] usblp0: removed
[  140.003616][ T5974] Bluetooth: hci3: hardware error 0x00
[  140.402895][ T7959] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  141.465862][ T7961] comedi comedi3: reset error (fatal)
[  141.641914][ T5986] Bluetooth: hci3: unexpected event for opcode 0x9103
[  142.075867][ T5974] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  142.412887][ T7976] dvmrp1: entered allmulticast mode
[  142.519729][ T7964] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  142.755814][ T6039] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  142.936410][ T6039] usb 6-1: Using ep0 maxpacket: 32
[  142.945000][ T6039] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  142.955142][ T6039] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  142.960599][ T6039] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  142.963854][ T6039] usb 6-1: Product: syz
[  142.969046][ T6039] usb 6-1: Manufacturer: syz
[  142.970753][ T6039] usb 6-1: SerialNumber: syz
[  142.986263][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  142.986273][   T40] audit: type=1326 audit(1756899721.844:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7994 comm="syz.0.435" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70fe579 code=0x0
[  142.992526][ T6039] usb 6-1: config 0 descriptor??
[  143.010624][ T7978] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  143.065166][ T7996] netlink: 24 bytes leftover after parsing attributes in process `syz.0.435'.
[  143.334566][ T1018] usb 6-1: USB disconnect, device number 8
[  143.592629][ T8004] netlink: 3 bytes leftover after parsing attributes in process `syz.3.436'.
[  143.626831][ T8004] batadv1: entered allmulticast mode
[  143.743933][ T8008] input: syz1 as /devices/virtual/input/input26
[  144.208364][ T8043] netlink: 8 bytes leftover after parsing attributes in process `syz.0.440'.
[  144.211069][ T8043] netlink: 12 bytes leftover after parsing attributes in process `syz.0.440'.
[  144.560321][ T8054] netlink: 'syz.0.442': attribute type 27 has an invalid length.
[  144.633878][ T8055] FAULT_INJECTION: forcing a failure.
[  144.633878][ T8055] name failslab, interval 1, probability 0, space 0, times 0
[  144.639466][ T8055] CPU: 2 UID: 0 PID: 8055 Comm: syz.2.443 Not tainted syzkaller #0 PREEMPT(full) 
[  144.639518][ T8055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.639529][ T8055] Call Trace:
[  144.639536][ T8055]  <TASK>
[  144.639544][ T8055]  dump_stack_lvl+0x16c/0x1f0
[  144.639575][ T8055]  should_fail_ex+0x512/0x640
[  144.639601][ T8055]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  144.639623][ T8055]  should_failslab+0xc2/0x120
[  144.639646][ T8055]  __kmalloc_cache_noprof+0x6a/0x3e0
[  144.639665][ T8055]  ? ovl_init_fs_context+0x96/0x5f0
[  144.639685][ T8055]  ? kasan_save_track+0x14/0x30
[  144.639708][ T8055]  ovl_init_fs_context+0x96/0x5f0
[  144.639729][ T8055]  ? __pfx_ovl_init_fs_context+0x10/0x10
[  144.639750][ T8055]  alloc_fs_context+0x54a/0x9c0
[  144.639777][ T8055]  path_mount+0xbdd/0x2000
[  144.639805][ T8055]  ? __pfx_path_mount+0x10/0x10
[  144.639829][ T8055]  ? kmem_cache_free+0x2d1/0x4d0
[  144.639849][ T8055]  ? putname+0x154/0x1a0
[  144.639873][ T8055]  ? getname_flags.part.0+0x1c5/0x550
[  144.639908][ T8055]  ? __ia32_sys_mount+0x28b/0x310
[  144.639929][ T8055]  __ia32_sys_mount+0x28b/0x310
[  144.639952][ T8055]  ? __pfx___ia32_sys_mount+0x10/0x10
[  144.639977][ T8055]  ? rcu_is_watching+0x12/0xc0
[  144.640000][ T8055]  __do_fast_syscall_32+0x7c/0x3a0
[  144.640027][ T8055]  do_fast_syscall_32+0x32/0x80
[  144.640057][ T8055]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.640079][ T8055] RIP: 0023:0xf706e579
[  144.640093][ T8055] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  144.640109][ T8055] RSP: 002b:00000000f543d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  144.640127][ T8055] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800000c0
[  144.640138][ T8055] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000080000400
[  144.640148][ T8055] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  144.640158][ T8055] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  144.640169][ T8055] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  144.640193][ T8055]  </TASK>
[  144.885273][ T8054] bridge0: port 3(dummy0) entered disabled state
[  144.887793][ T8054] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.888116][ T3240] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  144.890793][ T8054] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.056624][ T3240] usb 5-1: Using ep0 maxpacket: 16
[  145.062848][ T3240] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  145.069804][ T3240] usb 5-1: config 0 has no interface number 0
[  145.080213][ T3240] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  145.085452][ T3240] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.094566][ T3240] usb 5-1: Product: syz
[  145.097740][ T3240] usb 5-1: Manufacturer: syz
[  145.099810][ T3240] usb 5-1: SerialNumber: syz
[  145.108808][ T3240] usb 5-1: config 0 descriptor??
[  145.146719][ T3240] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  145.160369][ T8054] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  145.174568][ T8054] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  145.888921][ T3240] gspca_spca1528: reg_w err -110
[  145.906788][ T3240] spca1528 5-1:0.1: probe with driver spca1528 failed with error -110
[  146.002366][ T8058] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  146.037419][   T46] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.041341][   T46] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.045349][   T46] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.055020][   T46] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  146.209929][ T8080] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  147.167390][ T8088] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  147.373605][   T10] usb 5-1: USB disconnect, device number 17
[  147.475209][ T8096] FAULT_INJECTION: forcing a failure.
[  147.475209][ T8096] name failslab, interval 1, probability 0, space 0, times 0
[  147.481010][ T8096] CPU: 0 UID: 0 PID: 8096 Comm: syz.2.453 Not tainted syzkaller #0 PREEMPT(full) 
[  147.481056][ T8096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.481067][ T8096] Call Trace:
[  147.481075][ T8096]  <TASK>
[  147.481082][ T8096]  dump_stack_lvl+0x16c/0x1f0
[  147.481116][ T8096]  should_fail_ex+0x512/0x640
[  147.481140][ T8096]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  147.481167][ T8096]  should_failslab+0xc2/0x120
[  147.481191][ T8096]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  147.481217][ T8096]  ? vfs_parse_fs_string+0xc3/0x150
[  147.481244][ T8096]  kmemdup_nul+0x49/0xf0
[  147.481268][ T8096]  vfs_parse_fs_string+0xc3/0x150
[  147.481288][ T8096]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  147.481317][ T8096]  ? lockdep_init_map_type+0x5c/0x280
[  147.481343][ T8096]  ? ovl_next_opt+0x143/0x1c0
[  147.481362][ T8096]  ? __pfx_ovl_next_opt+0x10/0x10
[  147.481379][ T8096]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  147.481402][ T8096]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  147.481424][ T8096]  ? alloc_fs_context+0x59b/0x9c0
[  147.481451][ T8096]  path_mount+0x14c9/0x2000
[  147.481479][ T8096]  ? __pfx_path_mount+0x10/0x10
[  147.481502][ T8096]  ? kmem_cache_free+0x2d1/0x4d0
[  147.481522][ T8096]  ? putname+0x154/0x1a0
[  147.481546][ T8096]  ? getname_flags.part.0+0x1c5/0x550
[  147.481582][ T8096]  ? __ia32_sys_mount+0x28b/0x310
[  147.481604][ T8096]  __ia32_sys_mount+0x28b/0x310
[  147.481627][ T8096]  ? __pfx___ia32_sys_mount+0x10/0x10
[  147.481653][ T8096]  ? rcu_is_watching+0x12/0xc0
[  147.481675][ T8096]  __do_fast_syscall_32+0x7c/0x3a0
[  147.481705][ T8096]  do_fast_syscall_32+0x32/0x80
[  147.481730][ T8096]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.481752][ T8096] RIP: 0023:0xf706e579
[  147.481768][ T8096] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  147.481784][ T8096] RSP: 002b:00000000f543d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  147.481801][ T8096] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800000c0
[  147.481812][ T8096] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000080000400
[  147.481823][ T8096] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.481833][ T8096] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  147.481842][ T8096] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.481866][ T8096]  </TASK>
[  148.222702][   T10] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  148.225780][ T8091] comedi comedi3: reset error (fatal)
[  148.304126][ T8111] netlink: 8 bytes leftover after parsing attributes in process `syz.3.457'.
[  148.313743][ T8110] syzkaller1: entered promiscuous mode
[  148.315462][ T8110] syzkaller1: entered allmulticast mode
[  148.385871][   T10] usb 5-1: Using ep0 maxpacket: 32
[  148.389723][   T10] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  148.395461][   T10] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  148.398373][   T10] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  148.400841][   T10] usb 5-1: Product: syz
[  148.402559][   T10] usb 5-1: Manufacturer: syz
[  148.404219][   T10] usb 5-1: SerialNumber: syz
[  148.407160][   T10] usb 5-1: config 0 descriptor??
[  148.409542][ T8100] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  148.732423][ T6018] usb 5-1: USB disconnect, device number 18
[  149.223487][ T8112] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  149.372945][ T8155] Oops: general protection fault, probably for non-canonical address 0xdffffc000000005f: 0000 [#1] SMP KASAN NOPTI
[  149.377366][ T8155] KASAN: null-ptr-deref in range [0x00000000000002f8-0x00000000000002ff]
[  149.380986][ T8155] CPU: 2 UID: 0 PID: 8155 Comm: syz.1.463 Not tainted syzkaller #0 PREEMPT(full) 
[  149.384261][ T8155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.387541][ T8155] RIP: 0010:h5_recv+0x104/0x950
[  149.389061][ T8155] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 21 18 43 f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00
[  149.395710][ T8155] RSP: 0018:ffffc90007fbfba8 EFLAGS: 00010293
[  149.397590][ T8155] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff8877f29a
[  149.400037][ T8155] RDX: ffff888025210000 RSI: ffffffff8877f2df RDI: 0000000000000005
[  149.402924][ T8155] RBP: ffffc90007fbfd30 R08: 0000000000000005 R09: 0000000000000000
[  149.406220][ T8155] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
[  149.409510][ T8155] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8cb48020
[  149.412824][ T8155] FS:  0000000000000000(0000) GS:ffff8880976c0000(0063) knlGS:00000000f542db40
[  149.415640][ T8155] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  149.417661][ T8155] CR2: 0000000000000000 CR3: 000000006ea61000 CR4: 0000000000352ef0
[  149.420369][ T8155] Call Trace:
[  149.421443][ T8155]  <TASK>
[  149.422384][ T8155]  ? __pfx_h5_recv+0x10/0x10
[  149.423832][ T8155]  hci_uart_tty_receive+0x254/0x7e0
[  149.425478][ T8155]  ? __pfx_hci_uart_tty_receive+0x10/0x10
[  149.427247][ T8155]  tty_ioctl+0x580/0x1680
[  149.428601][ T8155]  ? __pfx_tty_ioctl+0x10/0x10
[  149.430103][ T8155]  ? do_vfs_ioctl+0x128/0x14f0
[  149.431754][ T8155]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  149.433724][ T8155]  ? find_held_lock+0x2b/0x80
[  149.435442][ T8155]  ? hook_file_ioctl_common+0x145/0x410
[  149.437240][ T8155]  ? __fget_files+0x20e/0x3c0
[  149.438761][ T8155]  ? __ia32_compat_sys_openat+0x80/0x210
[  149.440561][ T8155]  tty_compat_ioctl+0x24a/0x4d0
[  149.442191][ T8155]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  149.444078][ T8155]  __ia32_compat_sys_ioctl+0x23f/0x370
[  149.446271][ T8155]  __do_fast_syscall_32+0x7c/0x3a0
[  149.448340][ T8155]  do_fast_syscall_32+0x32/0x80
[  149.450288][ T8155]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  149.452899][ T8155] RIP: 0023:0xf705e579
[  149.454254][ T8155] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  149.460161][ T8155] RSP: 002b:00000000f542d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  149.462845][ T8155] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000005412
[  149.466146][ T8155] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  149.469444][ T8155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  149.472758][ T8155] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  149.476072][ T8155] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  149.479379][ T8155]  </TASK>
[  149.480609][ T8155] Modules linked in:
[  149.482765][ T8155] ---[ end trace 0000000000000000 ]---
[  149.485499][ T8155] RIP: 0010:h5_recv+0x104/0x950
[  149.487546][ T8155] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 21 18 43 f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00
[  149.495069][ T8155] RSP: 0018:ffffc90007fbfba8 EFLAGS: 00010293
[  149.497608][ T8155] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff8877f29a
[  149.500515][ T8155] RDX: ffff888025210000 RSI: ffffffff8877f2df RDI: 0000000000000005
[  149.503408][ T8155] RBP: ffffc90007fbfd30 R08: 0000000000000005 R09: 0000000000000000
[  149.505960][ T8155] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
[  149.508420][ T8155] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8cb48020
[  149.510917][ T8155] FS:  0000000000000000(0000) GS:ffff8880976c0000(0063) knlGS:00000000f542db40
[  149.513720][ T8155] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  149.515846][ T8155] CR2: 0000000000000000 CR3: 000000006ea61000 CR4: 0000000000352ef0
[  149.518278][ T8155] Kernel panic - not syncing: Fatal exception
[  149.520845][ T8155] Kernel Offset: disabled
[  149.522341][ T8155] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:42:08  Registers:
info registers vcpu 0

CPU#0
RAX=00000000001d5964 RBX=0000000000000000 RCX=ffffffff8b90fbf9 RDX=ffffed1005646656
RSI=ffffffff8c162e80 RDI=ffffffff8190ca91 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08
R8 =0000000000000000 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab9290 R15=0000000000000000
RIP=ffffffff8b90e75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000581624c0 CR3=0000000068e4b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000002db634 RBX=0000000000000001 RCX=ffffffff8b90fbf9 RDX=ffffed1005666656
RSI=ffffffff8c162e80 RDI=ffffffff8190ca91 RBP=ffffed1003bd8488 RSP=ffffc9000046fdf8
R8 =0000000000000000 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000001
R12=0000000000000001 R13=ffff88801dec2440 R14=ffffffff90ab9290 R15=0000000000000000
RIP=ffffffff8b90e75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000080202018 CR3=000000002352c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85617a35 RDI=ffffffff9b0fc700 RBP=ffffffff9b0fc6c0 RSP=ffffc90007fbf5a0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b
R12=0000000000000000 R13=0000000000000030 R14=ffffffff9b0fc6c0 R15=ffffffff856179d0
RIP=ffffffff85617a5f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880976c0000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000000000000 CR3=000000006ea61000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000001a8dc4 RBX=0000000000000003 RCX=ffffffff8b90fbf9 RDX=ffffed10056a6656
RSI=ffffffff8c162e80 RDI=ffffffff8190ca91 RBP=ffffed1003bdd000 RSP=ffffc9000048fdf8
R8 =0000000000000000 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000001
R12=0000000000000003 R13=ffff88801dee8000 R14=ffffffff90ab9290 R15=0000000000000000
RIP=ffffffff8b90e75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f733b92c CR3=000000006ea61000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000