last executing test programs:

4.850441826s ago: executing program 2 (id=344):
r0 = syz_open_dev$usbfs(&(0x7f00000002c0), 0xc, 0x101b01)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x2, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0cba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34201113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed00083fe5c5ca033dfce0a82575ef14eee686be0fc58bbf5993943aea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f61e00"})
ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522)
ioctl$USBDEVFS_FORBID_SUSPEND(r0, 0x5521)

4.452777337s ago: executing program 2 (id=347):
r0 = socket$kcm(0x10, 0x2, 0x10)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x2) (async)
r1 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x2)
ioctl$SCSI_IOCTL_STOP_UNIT(r1, 0x5319)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x200a4800)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0e00000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="feffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000001008000"/28], 0x50)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="012a8000", @ANYRES16=r4, @ANYBLOB="01002abd7000fddbdf252600000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}}, 0xc00)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r2, 0x0, 0x0, 0x9cb73b83a8d87629}, 0x20)
recvmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4135, 0x1027}], 0x1}, 0x42) (async)
recvmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4135, 0x1027}], 0x1}, 0x42)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a1d010000000000000000020000000900010073797a3000000000080002400000000098"], 0xfc}}, 0x0)
socket$kcm(0x10, 0x3, 0x10)
sendmsg$inet(r0, &(0x7f00000003c0)={&(0x7f0000000140)={0x2, 0x4e23, @private=0xa010100}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000180)="848d3a91bfbe03447736f86a8953ce37bdce5d1ff2ed0f5636c98b683f6503cfa583f98938ac71a368323d58cf6fac712b4dc86d59ffcace9f69378cad5655bf8de1b40065d249db9634e1f8e2f77caa2b40dba22a7b4b2263efb327b2a9ab", 0x5f}, {&(0x7f0000000200)="e2c3ceba469e5ab2b878f6580731bf0c041f", 0x12}, {&(0x7f0000000240)="5067320ea772abdf989631d5a73f14b7fb974d1d1d9ca282523457f271be901846de3c4db42b1452f387a72d9e93cca995736f03378ec2eea1607a5a440db958546ced231733ebdcbb1dcf494546061a078358d82e7dd33a5645ef1e7971a132de2ef092206f30b101fdf1127732b52ee651ee4a0f36a34fbd6e2040c56efa317e75601ef0b59178742257b7e4c91d14076f84292d8fd591a8b0e1cb49f3576199f0a5584a678cf1d8c14e30abe161db5bba55ad49af58da27ed1334e90988c629", 0xc1}], 0x3, &(0x7f0000000380)}, 0x4000004)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
r7 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r7, 0x4610, &(0x7f0000000000)={0x9})
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="64000000020605000a0000000000000000000000100003006269746d61703a706f72740005000400000000000900020073797a3000000000050005000000000005000100060000001c00078008000840000000200600044000000000060005"], 0x64}}, 0x0) (async)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="64000000020605000a0000000000000000000000100003006269746d61703a706f72740005000400000000000900020073797a3000000000050005000000000005000100060000001c00078008000840000000200600044000000000060005"], 0x64}}, 0x0)
r8 = syz_io_uring_setup(0x4b6, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x0, 0x20e}, &(0x7f0000ff0000), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)=""/14, 0xe}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000040)=""/6, 0x6}], 0x0, 0x2}, 0x20) (async)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000040)=""/6, 0x6}], 0x0, 0x2}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x11, 0x4, 0x4, 0x1000ff, 0x8, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x18}, 0x50) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x11, 0x4, 0x4, 0x1000ff, 0x8, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x18}, 0x50)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='devlink_hwerr\x00', r9}, 0x11)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000001500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000440)={&(0x7f0000001540)=ANY=[@ANYBLOB="2c0000000206010300000000006700000a00000005000500020000000d000300686173683a6d616300000035ce36b81900330c405e10df56c5c2099c66c095c8c29a09349bf1fc702e89eba82d6f909bd527ab5050069818ef0f3b467fbb62c5431da08f89c186cef2fc880b9c6e53c61b05cb7a4f2d9b3fab5fed084ccfffa2f7e771e88818ca6a"], 0x2c}}, 0x800) (async)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000001500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000440)={&(0x7f0000001540)=ANY=[@ANYBLOB="2c0000000206010300000000006700000a00000005000500020000000d000300686173683a6d616300000035ce36b81900330c405e10df56c5c2099c66c095c8c29a09349bf1fc702e89eba82d6f909bd527ab5050069818ef0f3b467fbb62c5431da08f89c186cef2fc880b9c6e53c61b05cb7a4f2d9b3fab5fed084ccfffa2f7e771e88818ca6a"], 0x2c}}, 0x800)

4.21251482s ago: executing program 1 (id=349):
socket$inet6_icmp(0xa, 0x2, 0x3a) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
socket$unix(0x1, 0x1, 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) (async)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000080)=ANY=[@ANYBLOB="739b5220412135dbf7be2fa7e520d61fd1f1e773ec3fe9fea4b8dd3d9c58ed981aa5"], 0x14) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6) (async)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) (async)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x87}) (async)
connect$ax25(0xffffffffffffffff, &(0x7f0000000440)={{0x3, @default, 0x5}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @null, @null, @bcast]}, 0x48)
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000000)=0x1) (async)
ioctl$vim2m_VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000200)=@fd={0x807, 0x1, 0x4, 0x8, 0x6, {}, {0x2, 0x2, 0x9, 0x6, 0x9, 0xfd, 'hT=7'}, 0x0, 0x4, {}, 0x4}) (async)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f046}) (async)
r4 = syz_io_uring_setup(0x7a51, &(0x7f00000003c0)={0x0, 0xbbc1, 0x80, 0x2, 0x319}, &(0x7f0000000100), &(0x7f00000001c0))
futex(&(0x7f0000002200)=0x2, 0x5, 0x0, 0x0, &(0x7f0000002240)=0x3, 0xab02000d) (async)
io_uring_register$IORING_UNREGISTER_BUFFERS(r4, 0x1, 0x0, 0x0)
writev(r1, 0x0, 0x0) (async)
connect$unix(0xffffffffffffffff, 0x0, 0x0) (async)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0) (async)
syz_io_uring_setup(0x88f, 0x0, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, 0x0, 0x0, 0x4)

4.153577952s ago: executing program 1 (id=350):
r0 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r0, 0x40044103, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)={0x34, r1, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}]}]}, 0x34}}, 0x0)
r2 = openat$vnet(0xffffff9c, &(0x7f0000000340), 0x2, 0x0)
r3 = openat$dlm_monitor(0xffffff9c, &(0x7f0000000680), 0x200, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, &(0x7f0000000040)={0x2, 0xffffffffffffffff, 0x2})
close(0xffffffffffffffff)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r5, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000002c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
setsockopt$inet6_udp_encap(r5, 0x11, 0x64, &(0x7f0000000200)=0x2, 0x4)
write$tun(r6, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001311ff00000000000000000000000000000000ff0200000003000000000000e9ffff004f194e20"], 0x4b)
lseek(r2, 0x80000000, 0x4)

4.038391408s ago: executing program 2 (id=351):
mount$9p_tcp(0x0, 0x0, &(0x7f00000003c0), 0x2000000, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x2, 0x336, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r5, 0x117, 0x5, 0x0, 0x10000)
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
io_setup(0x9, &(0x7f0000000340)=<r7=>0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
io_submit(r7, 0x1, &(0x7f0000000280)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r8, 0x0}])
sendto$inet(r8, 0x0, 0x4d, 0x200047ee, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
connect$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r9, &(0x7f0000003180)={0x0, 0x0, &(0x7f0000003140)={&(0x7f0000003080)={0x28, 0x0, 0xe6e964277ae08d57, 0x70bd2c, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x8040000}, 0x90)
close(0x3)
pipe(&(0x7f0000000080)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
tee(r10, r12, 0x8f5, 0x0)
setsockopt$inet_int(r11, 0x0, 0x22, &(0x7f00000000c0)=0x25cb, 0x4)

3.852730414s ago: executing program 1 (id=352):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0}, 0x4)
syz_open_dev$loop(&(0x7f0000000240), 0x1, 0x160862)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x13}]}}}, {0x1c, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0x17}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x10, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0xc, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x15)
writev(r6, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r5, 0x0)
pipe2(&(0x7f0000000040), 0x0)
memfd_create(&(0x7f00000000c0)='\xe9`\x10\x98[\x82?O3#\xfa\x02\xdc\x96\xa1\xbc\x80\x00+\xb6O', 0x0)
sendfile(r5, r5, 0x0, 0x40008)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

3.642588283s ago: executing program 3 (id=356):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000800000095"], &(0x7f00000003c0)='GPL\x00', 0x1, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='contention_end\x00', r0}, 0x18)
fsopen(&(0x7f00000001c0)='ecryptfs\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1)
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x1c9, 0x12)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x55020, &(0x7f0000000400)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)={0x240, 0x40}, 0x18)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x405, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x111, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f0000000180)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e25, 0x10001, @mcast2, 0xb}, r2}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000300)={0x3, 0x40, 0xfa00, {{0xa, 0x4e28, 0x711, @loopback, 0x206}, {0xa, 0x4e21, 0x0, @empty, 0x8}, r2, 0x8}}, 0x48)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f00000002c0)={0x4, 0x8, 0xfa00, {r2, 0x5}}, 0x10)

3.53356304s ago: executing program 3 (id=357):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x0, 0x9}, @queue={0xee, {0x7, 0xc9a}}}, {0x0, 0x0, 0x0, 0x0, @time={0x367f, 0xfffffffd}, {}, {0x80}, @time=@time={0x9, 0x1}}], 0x38)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x2a, 0x0, 0x80, @tick=0x9, {}, {}, @note={0x3, 0x4, 0xaf, 0x2, 0xc5a8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffffff, 0x7fffffff}, {0x4}, {0x0, 0x4}, @time=@tick=0x3}, {0xff, 0x0, 0xb4, 0x0, @time={0x7}, {0x0, 0x3}, {}, @control={0x0, 0x0, 0x800}}, {0x0, 0x0, 0x0, 0x7, @tick, {}, {0xb, 0x4}, @raw32={[0x3, 0xfeffffff, 0x5df]}}, {0x0, 0x0, 0x0, 0x0, @tick, {0x3, 0x3}, {}, @quote={{0x0, 0xfe}}}, {0x0, 0x0, 0x6, 0x5, @time, {0x2}, {0x0, 0x9}, @raw8={"448cc85300"}}, {0x0, 0x1, 0x2, 0x6, @tick=0x6, {}, {}, @connect}], 0xc4)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendto$inet6(r2, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)
ioctl$SG_GET_NUM_WAITING(r0, 0x227d, &(0x7f0000000300))

3.403749279s ago: executing program 3 (id=358):
r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000007c0)={'syz1\x00', {0x7, 0x0, 0xfffb, 0x8101}, 0x3d, [0x3, 0x0, 0x1, 0x6, 0x2, 0x0, 0x2, 0x7, 0xffffffff, 0x4, 0x7, 0xc, 0x33cf, 0x1, 0x7, 0x0, 0x306, 0x0, 0xffffffff, 0x9, 0x2, 0x6, 0x1, 0x0, 0x6, 0x7, 0x1, 0x0, 0x2, 0x10000, 0xc, 0x6, 0x10001, 0x2, 0x1000000, 0x1, 0x8004, 0x8, 0x7, 0x2, 0x660, 0x3, 0xc643ecb1, 0x8, 0x5, 0x4, 0x200008a1, 0x401, 0x7, 0x6d, 0x5, 0xc, 0x6, 0x249a, 0x6, 0x5a30, 0xe788, 0x8001, 0x2, 0x5, 0xab, 0x7, 0x4, 0x6], [0x200, 0x139, 0x6, 0x271, 0x2, 0x9a9, 0x3, 0x4, 0x5, 0x5, 0x9, 0x10000, 0x10001, 0x8, 0x3ff, 0x0, 0xfff, 0x8, 0x6, 0x8, 0xc, 0x75b1, 0x0, 0x9d, 0x6, 0xb, 0x1, 0x8, 0x16f4, 0x1, 0x400, 0x5, 0x5, 0x953b, 0x8, 0x9, 0x8, 0x10000001, 0xec2, 0xbd, 0x9, 0xff, 0x6596, 0x8, 0x4, 0x7f, 0xb, 0x6, 0x3, 0x9, 0x8, 0x0, 0xf78, 0xd, 0x35ce0cb3, 0x0, 0x0, 0x8, 0x5b0, 0x18f, 0x10, 0x5, 0x3, 0xb], [0x222e, 0xa, 0x4, 0x3, 0x6f083aad, 0x5, 0x0, 0x1, 0xfffffffc, 0x0, 0x7d, 0x8000000, 0x1, 0x121, 0x2, 0x7ff, 0x3, 0x9, 0x1e, 0x3162, 0x800, 0x101, 0x100, 0x0, 0x6, 0x2c, 0x7, 0xfffffff8, 0x6, 0x80000000, 0x3, 0x6, 0x7, 0x0, 0x4a, 0x575b089f, 0xbd3e, 0x4, 0x1, 0x9bd7, 0x3, 0x0, 0x9, 0x6, 0x7, 0x7, 0xfff, 0x4, 0x401, 0xa55, 0x6, 0x3, 0xfffffffe, 0xfff, 0x40000000, 0x5, 0x7, 0x4, 0x7, 0x800, 0xffffffff, 0x81, 0x6, 0xd], [0x25, 0x8000, 0x1, 0x7, 0x3, 0xb, 0x7, 0x10000, 0x5, 0xe47f, 0x117, 0x4, 0x36, 0x3f47, 0x8000006, 0x8, 0x3, 0x1, 0x0, 0x601f, 0x2, 0x9, 0xd, 0x1, 0x9, 0x1000ff, 0x6, 0x10001, 0x5, 0x2, 0x1000, 0x10, 0x4, 0xd8, 0x2, 0x8, 0xa, 0x2, 0x7fffffff, 0x9, 0x40, 0xfffffff3, 0x7, 0x7fff, 0x7, 0x1, 0x3, 0x9, 0x2, 0x8, 0x3, 0x7, 0x1a00000, 0xe72, 0x5, 0x2, 0x1, 0x4, 0xc000000, 0x7fffffff, 0x40, 0x3, 0x2, 0x4000006]}, 0x45c)
read$msr(r0, 0x0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x822f01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x12d8)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81004e22d991000000010000a80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r5, &(0x7f00000001c0)={0xa, 0x4e23, 0x3ff, @empty, 0xfffffffe}, 0x1c)
listen(r5, 0x1)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4000000)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a34000000030a0fdb00000b00000000000a00000508000b40000000040900010073797a31000000000400048008000a40000001"], 0x5c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
connect$inet6(r5, &(0x7f0000000140)={0xa, 0x4e24, 0xffff, @loopback, 0x7}, 0x1c)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r8, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
dup(r3)
r9 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0xc0c00)
ioctl$IOC_PR_PREEMPT(r9, 0x40026102, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r8, 0x40605414, &(0x7f0000000440)={0x1, 0x20000006})
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r7, 0x4068aea3, &(0x7f0000000180)={0xbe, 0x0, 0x1})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r10, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newlink={0x7c, 0x10, 0x401, 0x0, 0x3, {0x0, 0x0, 0x0, r10, 0x42024, 0x8d85}, [@IFLA_LINKINFO={0x5c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x48, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_DIR={0x5}, @IFLA_GRE_LOCAL={0x14, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e22}]}}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4040014}, 0x0)
setsockopt$inet6_mreq(r5, 0x29, 0x15, &(0x7f00000002c0)={@loopback, r10}, 0x14)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x4b564d06}]})

3.13851826s ago: executing program 3 (id=359):
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
openat$dsp1(0xffffff9c, 0x0, 0x200, 0x0)
socket(0x2, 0x2, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x4}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)={0x58, 0x2, 0x6, 0x5, 0x7, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x8404)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f00000000c0)={0x4, 0x9dc7, 0x0, 0x0, 0xf})
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x1c8, 0x12)
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r4, r4, r4}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})

2.944952002s ago: executing program 1 (id=360):
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f00000001c0)=0x107, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0xfffffffffffffed9, 0x92b468fb35a6697c, 0x0, {0x7, 0x1f, 0x6f, 0x10408}}, 0x50)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'wlan0\x00'})
ioctl(r2, 0x8b22, &(0x7f0000000040))
r3 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f0000000000))
sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)

2.860216336s ago: executing program 0 (id=361):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000080), &(0x7f0000000040)='./file0/file0\x00', 0xe, 0x2)

2.858103637s ago: executing program 2 (id=362):
io_uring_setup(0x664, &(0x7f0000000000)={0x0, 0x8dd3, 0x1, 0x42, 0x29d})
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000840), 0x0)
read(r0, &(0x7f0000000680)=""/219, 0xdb)
r1 = openat(0xffffffffffffff9c, 0x0, 0x300000d, 0x1)
ioctl$KVM_MEMORY_ENCRYPT_UNREG_REGION(r1, 0x80104d12, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f0000000080)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
unshare(0x6a040000)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000), 0x111, 0x4}}, 0x20)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x3ff, 0xc1, 0x8, 0x7}]})
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
close_range(r6, 0xffffffffffffffff, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000500)='./binderfs/binder0\x00', 0x0, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/custom0\x00', 0x0, 0x0)
r9 = dup3(r8, r7, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000000)={0x4c, 0x0, &(0x7f0000000300)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x1, 0xfdfd, &(0x7f0000001540)='\t'})
socketpair$unix(0x1, 0x2, 0x0, 0x0)

2.856963831s ago: executing program 0 (id=363):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001e00), r0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000002040)={&(0x7f0000001dc0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000002000)={&(0x7f0000001e40)={0x188, r1, 0x200, 0x70bd2a, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x5cd}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x107f}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_FRAME={0x14c, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0xa}, @device_b, @device_b, @initial, {0x5, 0x8}}, @val={0x0, 0x6, @default_ibss_ssid}, @void, @val={0x3, 0x1, 0x78}, @val={0x2d, 0x1a, {0x1000, 0x1, 0x2, 0x0, {0x9, 0x6, 0x0, 0x8f, 0x0, 0x1, 0x1, 0x2, 0x1}, 0x6, 0x101, 0x7}}, @val={0x72, 0x6}, [{0xdd, 0xff, "cfb5addb2a1f437232e47c4a35a0a1bb5a9aafc5018d26607a0a0fd64bebf5b93d5fb9a8647763365ed94932c251c72d2a7b50e63cd7962c7d36d0f7aa25a6a271b1edef97931c9ea3785dc4f31441fe1eac78a56703b2b1c4c28e8ae93eed4d1ba353a5d8535140f6b262f42a0abd498afcdf4cde4ba08fa84b32a7c79ccae433140a7e2e73415698de31962c2deec6b0196c4c33127395ea9989736b1b8ef824ab38f52b5a470ef2068c76b2620acfe1912dcb49bdb8483163bf5e8c568d891e9e4cf7c41e4ae352a55ba87f838775ed206c8d3ca01ca9781ce4a5f8aee0d83b32f65ca50fbf074a2dc678ec4745592aafa3801273e5fcea1fae368ea73c"}]}}]}, 0x188}, 0x1, 0x0, 0x0, 0x4048004}, 0x2400c044)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x2)
write$UHID_INPUT(r2, &(0x7f0000000000)={0x9, {"a2e3ad21ed0d09f90e3d090987f70e06d038e7ff7fc6e5539b0d5b0e8b099b3f36006e090890e0878f0e1ac6e7f89b334d959b4a9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31310d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0a6193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000400000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617679314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec230911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918c91243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac5a4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4b333bd5bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3be3b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ce0700c7e658828163e2d25c4aa348561f927eff7f3aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f05004b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d486046b2c0e2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee6157eb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de225727aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d78749a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29c60acebdbe8ddbd75c2f998d8a57f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95ff80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8870b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513007000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae8489d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60299473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d946a2daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810300000000000000a12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf000000800000000007b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae0e797e8bd1f4108b7807fb36207685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ad50dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b9048017848416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b00f1000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de9c0587c2cb5fe36d7d3e5db21b013b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cf4b23329072e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06810002000000000000957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f3e90d5943dbc10360a1a49700d1dfbf66d69f6fbafe1e83cdde8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000100", 0x1000}}, 0x1006)
chdir(&(0x7f0000000140)='./cgroup\x00')
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$F_SET_RW_HINT(r4, 0x40c, &(0x7f0000002080)=0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioprio_set$uid(0x3, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})
r7 = inotify_init1(0x0)
inotify_add_watch(r7, &(0x7f0000000000)='.\x00', 0x50007a2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r10, 0xc008ae88, &(0x7f0000000080)={0x1, 0x0, [{0xda0, 0x0, 0x5}]})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x2)
ioctl$KVM_SET_SIGNAL_MASK(r13, 0x4004ae8b, &(0x7f00000000c0)={0x8, "45fc46fadf9c9fcc"})

2.45082604s ago: executing program 0 (id=364):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x250200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080))

2.450257218s ago: executing program 0 (id=365):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000800000095"], &(0x7f00000003c0)='GPL\x00', 0x1, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='contention_end\x00', r0}, 0x18)
fsopen(&(0x7f00000001c0)='ecryptfs\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1)
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
fchdir(0xffffffffffffffff)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x1c9, 0x12)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x55020, &(0x7f0000000400)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
openat2$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)={0x240, 0x40}, 0x18)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x405, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x111, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f0000000180)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e25, 0x10001, @mcast2, 0xb}, r2}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000300)={0x3, 0x40, 0xfa00, {{0xa, 0x4e28, 0x711, @loopback, 0x206}, {0xa, 0x4e21, 0x0, @empty, 0x8}, r2, 0x8}}, 0x48)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f00000002c0)={0x4, 0x8, 0xfa00, {r2, 0x5}}, 0x10)

2.382369692s ago: executing program 0 (id=366):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES8=r2], 0x34}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0002000001, 0xfa11, 0x3}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000640)=[{&(0x7f0000000200)="9c30fb4d", 0x4}], 0x1)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f0000000100)={0xa00, 0xa00})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x20000000, '\x00', 0x0, 0x0}, 0x50)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x7}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r4}, {}, {0x46, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x5, 0x0, 0xb, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r6 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r6, 0xc0184800, &(0x7f0000000100)={0x20004, <r7=>r3, 0x80000})
r8 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
lseek(r8, 0x0, 0x1)
r9 = syz_open_procfs(0x0, &(0x7f0000001240)='numa_maps\x00')
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0)
setitimer(0x0, &(0x7f0000000140), &(0x7f0000001180))
preadv(r9, &(0x7f0000000040)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x1000000)
r10 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r10, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r7})

1.673331081s ago: executing program 1 (id=367):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000200))
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000)
r1 = dup2(r0, r0)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0xaee5, 0x400, 0xffbffffd, 0xb7, 0x0, r1}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x47f6, 0x0, 0x4, 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000100)=0x1)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@enum={0x0, 0x0, 0x0, 0x4}, @volatile={0x0, 0x0, 0x0, 0x9, 0x1}, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x1000080, [{0x0, 0x2, 0x955a}]}]}}, 0x0, 0x4a}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x3, 0x4)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0xfffc, @broadcast}, 0x2}}, 0x2e)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x300, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r7, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x4040800)

1.672736318s ago: executing program 3 (id=368):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x23, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x18, 0x55, 0x2e5, 0x70bd26, 0x1, {0x7, r2}}, 0x18}, 0x1, 0x0, 0x0, 0x44}, 0x20000100)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) (async)
r3 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
syz_usbip_server_init(0x6) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) (async)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x1a}]}}}]}, 0x3c}}, 0x0)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r7, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x4})
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r3, 0x0, 0x5004) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x18) (async)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', r8, 0x0, 0x1}, 0x18)
shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@ipv4_newrule={0x24, 0x20, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_IP_PROTO={0x5, 0x19, 0x3c}]}, 0x24}}, 0x48850) (async)
openat$cdrom(0xffffff9c, &(0x7f00000013c0), 0x4, 0x0)

1.113343808s ago: executing program 2 (id=369):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x0, 0x0, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
setresuid(0xee00, 0xee00, 0x0)
wait4(r0, 0x0, 0x2, 0x0)
setresuid(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0x46a800)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000002540)=ANY=[@ANYBLOB='b'])
syz_fuse_handle_req(r1, &(0x7f0000004180)="efee0d4b83d05176f89facd925dab80e08f32e7c520897b698f4d81968665df1d057c2a25859a797a27ff446db09899843d77db086d52211717bbaf3a235441919dbb9b5caab91a87e8e84d2cc372a92b6850368731d99ddb0b2b7d8558ae733b0dddeae74ca9c73433deb773042642d156fe6384ada6d3e3d40f02d1af42f2f188341decc91997b0f2bec27f2036428ecbef2f8faaf9c02cd6aafea6d37e53683e89b6baf6c0373292ac5c0ab3e18e2d97025ca8db782fe67e5dc304be69319d1bc14d5fd7c779268ff477953d55af5bbcdec5c1f044e3922a7e8acf3b0e3724851a130b1b3ed467a7ba92465bfde9bbfcdd6c6408650cf0d7fb4b050d223e2d11679d3c624a802c8c0075391991b158a6d6396e16ec6fbfcc9cd2427b0da19248d373155bcff93ba8b3878bdf3fe9325eaa0abb09e835f97c5ddd9da414011915d18e8194fc183c95f9f4e4f4d60ed0b5e6a1e45189086e63504e38d3305ab7c09aaceb09102c33a8f769871b235742f41b7d805713d100a42e14bdc28a37dbfe4149ae48312ecf665106550366b23442393211f520e7775fd5d45992242ae89f93eb30f11fcb00468d2a8d9ad2305a663b673b5debeee7b424a2350e58d83e829c6490946bef60513e2df5c4763f6e9b743e57b28e19fb37171a83d6e3e2cb9f1a91467cef3fbc2939fa4826fefdfe64a1678783ce057a82fc9e5927b4ae47891f474815087404a22d08899b24478fc1366615b717ac6771f41b57d49573f2900c9383920d6a67415d44a19c6115e64ad2a2ab007923de8dac7a1d16517717c1a4cb34ca83f81f09411788d5a4daaac955b8630ac0f618892957e0f4dbe4fdb19aaedee968f8826920e2abd46420e9faa85fdd647479ab812a8dfffcfa406cbf2e30f32ad08df8ffe88bd5566c0e7553c949b6f07958467b159b29a944f84fefed95dccb1fa8d05f9d0297dc3b4f9338c62b1d0a8eeac62bc402733c1e0d4e285122b3d5252022b67ba7b65b413a3f3ce6210247685fb36f641fcd48b777c7a2a950f7714a3f1cba09963aca2962bebabe9a4c403d1c066717e0ddc67a573c881b6c6e57bb009826eef7423aa5e23549e5c812b044eee2627521b6e2ccc163511e864ded204e2c5be98958bd83f130d165ce83c875af84e5cc2c8fafd3859af05dedbdd9e4d0cb991fe2c60b000d63e52e18c399c784d00a544614bb13d1ec0266821abd8aed8228fe527182b6248bd3eb08b5bb5928b52f4b736da985f669bd7dcdab9d6db0226f08b66d3fd62c9f06b9d94aeb60c9fa56dd862fe967752456d25aeeb308a5fe306ffa800fb825be3691c1e765c38e0c30adc5d5c826f3002dd5a1343d26c293cd954b2da693510159a5e189d7a625c440cb297a30932d2870769479437637b61465b91333fafbb9f0d4cb461858c18ef28e63285ee502025295ff9b6c0b3d528381a57bbff6c4cd67ff46ba5a4692c4ccc913f5ab12e464d1be766c8e9fa53020907af63d223b6cd78f6648cbf72b7543766d503c905f805b72bc4b72f831c8cee014437e9dd1fa4c67e5618bef5f63c837791a8aa94796833c663ddc0ddc36fd12dde14902939312787c393259f25f763456370706b8c488677e9ac315c06a1273ed1fdecf6c414c5018ce14c13c4dced915dccea6fdee33c1ee93ced37fd34b6e565bd4c4024e7a0f4565afb9112f179850ff6be4b5d758d560bb405e55e72d1349aa39e900edb87da315b8a6d243be5b954817e6f0102f9aa90c5a55af25bcdca07fd63f0870f1ca2d84e29bcca2cbaf9f52582c4aeba796b19655c139212bf5163f63ae783ac87db2fa1a56d169169604d199cd44fd2e9aa32bdf7a695930647f7f46d542115b02b0cdc4de531494306db3bda4e9de063876e7830b03d58ee9a13779af4f0a4ee5befc789efea8e0afbddabdd5ca5a05a8d64d2c8c777642bf89a3c06cee917c5b4f2672baf04ebc2ed9c0ae1a65f4b1a8b6596970865e48ff8d03baf8378a3a56fb371062aaa6363f038ce3646a5caf2a0df2b2e59cd56db1af20dccc1ae31c5c95886b53a38a278183117fa6a014b50c29f2e09d3b4a2d7a09d3b5907089c2519b2c0479138522a080f3203052ce5b7619407368d9315c74c8c52e4475f6c9f8d5847d245ff5f3330c89d74b636f535ca8d09d9889fd12c63f9f0a8dda717d697e1759d3cd69cef1daee5656ae961079a1e020ecea9efe61b3bb64eaceaea300147ad1f53eba2459dea002740dc287ef7c0443fc84677a4d4391aea96eeaa2d17e9f305499f663e212001c8bb191903e812b07a5e1823a862b6dd1829332495c532093cf41344f56b524b6a4d1c04ff2b7ddc627fb20ef271516f2d9774d7427e1825094f5d9c4b65fc9940a7882fce6a26e3f523b69864a72822ab55ea6c4849b89d20249550cd6cc29ca2462ae1f728a7196479a90ad0572cc141349c28d21355c4ce2fca17e73a100da6e5508f140fc5e41c4d326090fb05fb28c819f1e74443e11bfa6a81a7241877c1c32b9c8b89ca457ecf79b64599ed15de989dd6e98b24889bec7a19573b59b83c0652356ee24ce75bfbafa8d089c14c767445713c39f5a96f330a8ea83a9dba2550afe394c1c6ed0712aeb86c4d9a4ef1ae4ff8cb5746e9000af500719afabbdf99516815467d4507975b5fb7a1175ae94c68a1f43289b71d91f08184f57b53b168fb1ccfc88229b0d188198ced60bfa08b62cc300c07cbc193c9f514cdac2cbecb78d75fb0f748d547a84b375edd978e314c778abe31afd2dfb1c1944253057e51f544f9ad1b81659889c14867a8c86b8b5def96ea90d3c969646bf76d620d68a07fb6b438aaedcd33135a10b876bf911e89f6fec781cc0ec7b09650c8c93c41ce920c92c76f723ae850459b9932e4386ff4f165e4107f80b772f2ce77b0e87fdfe4ee9889ba2d5c4f8e52b9f477b3bf44a3784f20a29378944ed9b0dfbbc552a259fdd3d1412c370348d1da358d810285bd4f70ed0898330772e1e835eb0e0527a484c359601f72a0dc21646b8ba39986b027fff7bc1b82dd334a7d66877cc5d3ad6f3b13349885c781d79dbfaccaff9b522c1e1675a27d9b74cdb676ed87ff7db4e1c3f0504794070b6eca4de897c3ad75a5ef48a3fc9175ade66c5760a552a74a4f5f9c6eac0eeb0359234b1f6c2fb2758b0a2bb6577678dd7e2c9ab31215878f5d1a13c6f2527b7756dd49dd8fa5dc77c134cc5db33d2acf5ec00d52b7671a4d576024aa76f0c55f153d79ea75912b3adb554b659096d0391db25d36d42a6250ec190cfd74f82ac14349fa39f11c1b08b601ee4e885c2667768cca021d9910d4b7881504bfe1abf4ded4b6dbe48d6c94414116b25c27a185f0f6f3ac4e442e2148d83a328768adbdb87ad64acaa7a2fd8e10e8e2fc0bedb9335dbe24c7a9ecbc1f0a4cde1717318603d43eb3fdf00b44eaa931bda4cb8f552a123b7ad21aae7ee7ede4047db52b54e11b51c5de364f75803809da505189087c08c508c83014158beb6d8eab93edd5658884b24af1bb493f82e9548b3dfe6c874f9e9ed1d42ace44538d546629fe92696b8c5a549e7854c06922de87851c718b2489759b5b1db4d7722c1533fbe57607bd9da5e0e8b392d81591d47d56a286f358917f69c68770348871ccca29209181855b26a25f8852e6d6a9e0c6dd5c96b9b0ab08a1919cd2bdefacdc1bbb7081782e0389943b2206d27e09e11387924145a79ef21cb31f782609b088ed4577e7208a28d7e5bd391f872de8bab33fdaa08b2f2bbecaaa8b909617ca163e4c9a3f7328d471e30c4c640b40addf57ac650b36e3900405a04a0817bbea5ef4a81461305f9fbd7c57d7feefd4f67d3785270d3d16075fca05dad439d999294cf12eaa6ce89468a24fe13c1583a7881088c63852cb0f01781d9f2a8553b781d953bed50a47fc689e6d2756ec5bc930d2029dcc48e059145ad1525917b0ba6a728e908a3cd80d213849d1c2a3201628a7a9a8cbe25f1e43f8883303f175843ee2685afcaa3f77fdae1b3b127b5f3fc84342069ebe1c386e3c29efe56cf99c9c324255b373028d3bad7e095e06894d6019468bcf418580bbf1ae887966f72980d2d9e6a77fbe92138448eefbce716e401fbd7f95997ec1fc02470e2539942a5db3dd001dea86681cdae6b242928465527365b310cc3d2bf10af4e003ec20446cc102a044e0edbf749171348c492e6d4785962d0457240bed02aa791fd62a077ee5e442df881361d1076d0368e421bc96353aab61082a0c5b118e0b01466161bf9f420eca0c917e0df1836189d4b7105b4d69a9e8e745c1ce824dec0f44d15f47e5fd567fe799a6374aaa47d392218a0bbbfc960d9301e1d5524c5e5cad10aec1bc947e0d5467126834b3d17385dbc9107be0d5e14b48dd49d2d8ea806608b4a5f141d46f0a4b778d0cb47daf4f8fd823214fb4e0d8fd782997ca33e1d0329e815bffbc938dde2a61a4a440618ff8cba7d67460daff103efbd90bb922833f3d38693f4f001af4a4635c8b9af4fbe374f13b1073bace968f0aae76b86f323f61800ee3e62b3fd0c7bf2c2cfab282f60258f45344e6eb7fe0db27b1ea5a95f9b75b8dfd7d4d8e7ffcf0ab3bc9004cbfe4babdc085ce0eb4d12c7b93fe9980ae38fbe2cf791e8adc9cf0685ef31741f341b86b054d45ae9c9584ad3c8b7945be15050361cad94886023d25594bdbe43b4f97cc0c0b9496eef9703d247e80ad2b4ad7fceaa603f5276a8324338974df5599be4a83ccd0d963688a86d4de56c63c5da3633ab6df2847b17bb6f92fd7dc2f3986a88f0d1d50645fd15e5f0d956009f94bb2b1d9f0b9e51eb073688cd601e65b452a04cb9ff2ab2222e9d8a832d61336ad1030700a19770dec17151d3581c208807b6fde0d1d5362e08d4b7107ee977fa73490c4e7bc5cd23c89b8d5bef9809f7bc79ab227b1c08bb86db5a561aaac76d432dafac3a57d92642415acb9cb0339d6180c9216cb507cff38b9600394771d9898bede6f5577d0ac122dd6911ee501ab6095e0455bb5cda6e44861e038866002bb0b492e336d1127f5e1c9d5a7b3059a9b306621fe547404e89e792105ebb9357c0feb94a7f7c001de408d62a269c17f11a74bae2e01837b123034cfd641143900594ed96158705a0de85eb20dd798aa0c0c239e24ea1534c8a20874a93b761e84ff0ef5b7f69ca97ba532a0b7ea14b54749bf6cf29abb71fdd2c43ae7afa717daa9111f06041457d6bb4b2d0e9f23b28ee512bc53f7c1dfc50295833e3668f9c24fdfe95994e16f940bfbc196c7bba0f6e8719ce435866907bc9aa5f19801fb7a832d3f06dc21305dad16355975534d4992b5fad3e3796c6fde3830f9093ca316680dad0b6fb3d88ad3ae5ce6096958a80b78ad05e4817f23ca9d09d17f66108e47c120162274fad2defbe4d63ade5455fff235ad144938d8e03c5fce5e0e9398187ef5a1fa451f3fb29fc6e1eaa676f501ddfa4879233b94ddda0d11da65a44f8ac5d58bcaf2ebd9064775c317f97f3e4e9efc75f7dc1e969961a37023dc9c0bd7e66b2526283b8d147eecaff8d2422a9093a4e4b066d9cefa26dfcb02c1109fee4cb4945c1ee0a48746a48f806ef19aa77aeb826e8e9a2bb412116a6b4287ec45c43a03047277d9f5d972b377bc1089d06d2f4eb8663fcea2a15bca90126d52cfd92a8203e6f9d194929b8b4dde2cff452320eb28fe0b0805e0ec488f23637eb99ccf71e1cf90818d13baf3018ab712f5752a016e504024fcda9cf465b09de96cf33509d7200a38f889978971fa2dab416f73e0a1dae1b07840a5904d0f102f50c297b23f786e4e859908620835279f2b2f49451df97ed9a0b5343efe833e34d4703371192536696b6ff9f31285c63930d0218a5970d6343be67ffb231ab48b887cd26a871ed100606e095676be77cd72f8e4bf992b10da073584d8692d4e5216243a9ca4b2451a5c5cc8498d82d2b8eb9d7ab617d73110d9561ce5a3b96f4ae980dc43f3c89c82896620e803164f930fe3e92519383b1ae26983ad2995411098c52425ea62e2e501425845df455ab6113ccbc53d74e3cb96ce7a4b3265b8d511642924ff7fd5c75333ee8c6c41b1499075f0c632c09493171151f05bfb4c07f2dfcebfe3dde44c1fbd7163af05a6865a08d76a8f4028c6d29d7b2f8a6c75b1d981754f02d2388fc7ad991be39a58a3e44b967a2cace84c86b692119eab4c8fadd93ab9f8f6835187fd9b3da7572b4aad817517f2994900067440795923140dfb50e643fe5443b52f1fbdbada7770b47dbd2ae6b4bff7b23cbf3d686409568f4b679ade04b96bc379ce176f7fdf23502f106db4c0e04722f5696ea3af31d15d7ec02845a903b137584f1934df23f8bde9e5f6d31f115f36e42cd743c49f21267a7a08104d55c64f99cf197b806cc0d1a33daad58cc330dc0be10e5a07f0e54803c6d127e41d196b113a5efab924006050fce798b39aab89d9659e5acff42ef60ecb79f439aa9a896d89c5c9ad6c841c74222d872622ab87ed7b8801761d58765f858bdb508911bc596e29c80eb66cbad4f96c9e4e0eda3d6fb4f6293e47181240b4bc774abc2d766041a9939c56be4205d7daa809391a802b23f101ed4540983de28b4d38fdd141899efdb17487ce557d6e31881ee004bbf5d5af0acaeba7c1761470695e230e7d4c4422459d8ca981be95acb8d782920b78ad0c15f2be14f7c0638186daf649b292ee5d8129756b012e9f4b82b67f37ed1ed74b3d4e94ae803abb507df1f111c0a4ed834e013c6d941f5e3aa23b5d2fce851da782a9cfbed6f6deda4f87d2de8d39d42b9cdcdaa8d0e67e7de9ff152df2c12e2002b4296ee9e12c40da60501c34f0f94ea1701f873ddaf7f0922d75c57cf3f037ef5eef7c1de2984817ea0807adca45c16747d0d469b32a4bc84f3454a78ad3b95b2dc68c7d1ffe1e6c1e23d52e705e40636bef91a987307aef38df504588b231058fe95db121d397be85ee853a3d9d87a10794cb9ba1154c1b8d60c3a4df05cd881ee939a7d6f3bd335b566fcb698ff093a5228e8c0c0c8f9c16476f9533de56c1f1ea1b565af94fa4ae5bd3190814ebb46c1e08c179367a741f23f75027d267b6a43d83675215e24ad6f935670ddc9225b5bf482c3e64a1053de8a34e7fe255e85858ccb8fbba3d3e5ba620a99c9d8d2762cc1feee663929a2fcef5d3f6a777dacdae3826910fc326ecb14d8541db620025ace658cfd8ff5fecc0860061c73d1341924501b8e2073de8f3c45e4b0c6cb75b1ec0205a8c6ed4db1ae4138ed8a0c8572d19d83084512fe5699f66e2e9ce73802e27dc7a0696d106c9acaf940fb8105799e69f740024b39ad269bdce4d7bdf711306d1d34f5bbde0317672b6c59efebf5f0b2a212cf19ca49f1c1d1208cedb3f8aa30da143910b423594df7f60b92edbbe34ce40c983da5943bdd0d6dc72f217b02c202e35a259ddc9dbff3dfa15d9f9adb646a40483b271f16581ee2583db3e729200d6839e012adbb52b3cbde75c115c80bf41aece00284c66ef92a127f37402d98b4ea77214c1eeb29957a9b27fe576c4e05168ea6c91788187c15328a05039b066c5dd9179a5249e6b5d8d18b194d42d21131f56f151fe802beee5163e4fae266560f285429b17c24a7cf38f15871af5b7fe34dcf5a7baa81ee7b9747ca300fd0056ad6d5044135b619402eb829cef170808bae1f72123fe9ca9e2b0282fdfd7c096659352285f4f5cad063cd9ceee30e86a1b6745c5e8de40b8772de6cf93c9be556cf540d1f847a7f1cb64fba2cb08c30bbfafb02e1864053ec0c4241d6c67bcfebab9bcb9a989458208e101db74614ef4c6f327486304199cc49b1c6ec448585cf01f111235954586bcada2c4771a69f393b7f9589aa61ebb2c508c7fa0e88dcbd04be44898e299cee96219dd8f5834849d4b21709508baad425d1f9dee383e16ccdc0a9089c9a859290accded3a0027ca8276873db8bab47f0b3cd71dd006b86b52594daf44c000d43cd6e961b67211f9d31e1e8bbc15ee7091af1e2a609db1b91cf0bc49c8d9ec55f93422bdb278f0f1ad35a0191999d3cf703112f8347e6e1081acdb7a8246064e6f5f2ba75e190a29da27b46edbe9b6919bd98f88f0e8b75d8f04260aafb6c19583f8413e96cf942a69bdbaa705f2990bf3fe429caa883c9a290b57adbc8f814f6d01bbe030bdbbd236e538e22665893fde75315e245349e4f83d459bed6bade3bc35a7b79ef6a844d8dc4b12e53a84d5498ec2c6885bbad859ff92fed7a267f745a2c4ab46f28564faaa4280668b87641db79c90ab0876a26f729eb4b9445b4c21c56cd5435dc439a7e4efbf50ab8cedd05493f71d477851baa52432807c7682f4cc42af19c411a54b64de040e4dfa13537427070a6b5c892b2f3cf9a5418089a880068a7865b4405fe618446234ff2edffe37cdb42ed6ca194797ea0fdf72a55a997e55da45b0537f96bcb38d312467a2544a0e0db418328e03d9308383a8ef82f45b2ed460cbf51ce97fd08c8e2258dd5e38510e9c2a7b0f7e0ee05d1f32c7c42dbd441d3b03daa99b2d8787771dac51f00fb96c3a240517597b3dd7e145ecfd7b54146cbaf50059549bc37fe8e310b2192ee453745d6798e5ebcf8d64474b2503bb8352b917a5c35ce1293f2b8e743997898b2716ee30f0c644db14cebc05843b7ed2a59a44d5d4e3f8cef65310a50df8a1b16ac91cd63ac9183913b91747b7fcac05adac80a3d1403ecea47c2f4b9bbcc65127e68126539ffe6c2dab3c8044e14d1c9a52b5314b32288d755025b65ba26eea1e59d2721108eea4def7d78fdbaddb71dddbe95940a08540a4c45e7dd231a75e5c82a112acbd4601738e15613e9bc600802fadfb509c9f954672044a9e911ebbcc9619e8f5d92348aa78e41b9d000beaca0f9dd7a0bf97188a30eeb2f8d725e1b27b4b95877515bfdd9db58cfb7da76dc26663fe3ccbc857179e72e1c67d0444fd141874148f6f3b7a417e77190347b5a3e7aeb715438cf1b226604b3977a0560b8f5330b12afa9da8c06afb85f577ca48d2e9251639a86b409dfe9a8ab5999335ff7f4d032a7fe63aa436ccdab5b030b8031df5b275ec0d63988e60c68ac324515874eaa3643f06711c6364fe50680d43bd5b8bd0a61054e7b50f5a47e171f82510f524b3d9f6e1d1d0ac577bc877a237e2937a66f0c84f505bd5b7d46fa4e8c9463d940e64d305bd2b47434a24d0c1127e37fc878ac1445f7da168d565a2d06beca8d91a8d9644e6d6fbbcda952b971180e679cf0e1d858da9a7c419d4ddb00990c9a72f38a9a6e7fce6494c773cf03762debb3c343892e0f1f567d1458bb511ea98f202060c4bdac07e05d611abd8b5c919255d845febc9acaa5bc541645641de62ae351433ea10f4fe3468e6bbbd811f59fccbeeb28214b66cccfb85aed4046ce7f08e9167804c867afc05ded9f65e2b0fd891aeedffcf1db4f8e5f99a03a5056aa6dbae357961bad3b374720e15ed690e4847849d7e220f80acfc77eb8f1421ee4c4215713523a3ca8385b6c4279269e6da08aca8ed34f275aa401d89d27b54b8ce438f39dbf877a38da47075429559fa0ee43d338781ec66e300007608b7a3949b9c75e6feef8bfdf64a22823d23212de41b331b1ba50c8d475f398f39f0f402f772adb2ec8d55397371f556ab9bf2fa0a47a4894e6b467ac87ae3c59982e8857b787245bc20f65333f3a7460bd4cfd5e98e919b42bdef0b1ca6f4cd787edfa20f0e80dd0a64adc8376bd13c2e65dfb6036ddc3cbe2affa7f70b9ec87e38cca4e171d19e802fda33683a92f3714a686b14cc46e88f1ecf6841690a23c71a66af1457f0ea68314d84de0c3daf4dfb53cc8ffa689ff79fd1f60d3b14d8099540a9cf634222364e9cfb0692743224620d470475fa70c1d3123e45492f59fa2701a6f9f48882d3917bcf4060005e31e5894a7b342f8c9d7486d87a1867a4c6ab1a349d732333a493e5415543781dc9b6032f6531bcdadeb3fee635d7cc1aa75e1845d1ce0224ecec4154091fd6ebb72c846e79e84afd1348531d1dd316ee1ff1d997087f2aaa4669b289b4ed4bb4e807bad50d0639c69529c26f28999677b1e87d98e07714d68229b99be5b1c28beef95549611d1c165aa40c71d20c499145cf2f86d54c077324bb0148f47e388effd10787d115ba648f82253214adb648055be36a6d2ac882c34f9cc54e5314e2d990238c0c98a7eca404dba95a2f6093f12c5df201a43e52a0fc9e066ef3e6d25918ff3d65ae25c436fcab59f69c4148369159fdc595ed8acd485e1e44241315a82526ea4898e27851f15664a549fa040347403026196998fe58583a4cfc168d923fb9628c2200a165a424923ddd2f0721eba45f617ab2e1fe727e726bfc9bf3ad0134f25e8e76ff59df61fba42699a9570bd542a1f91216e59aebe0b19e48698379ebd88b35a2a22c32d09599c563546c8bac567172fd38a62117b8b94b1bd3aad30661a42382307b8ea700eb1f310c8cd2fc4ccc1ed00893bfdd7fe3c752f52d38b939de79d545de6b25c9b3e843c201d86672f0536b668585d55935cbf3c22cd521dce8fec61b40a25ab97c33108d61a942328a8d75a24151cd03052b5b9ef9d0d2616fdde0fc7da0949511fdcc550b15cdd0bf374ca5f411301394898fb292aefc7eca0c8e6ca98cb09f774e57ea300ed43b3249734aa9af862470d2f9480f5713d02a8ea96138c04e657561c41012d2d978c5ce4436e002af3b24a20f53693f32b8d56bfb74c510b0c3cb9b46961abeb83ee6d7115a80c59eb25ba474db9ed0464076d175bf9b7c6355f929431f049dbe895bae795746117435d901d32d0a7fbb01882e5dcbec95075d908565c321c328e82fb6486f1ccce2b010c20ae82901416635071be340e6cceb52fab572e706dfb1a8f9242bbf80f4eab70f9d3bd9ccbd63893a19f08057e50df2dc43a5aa9a6e12440dd548350a3e406b4ecf0f76c6f2b34fa6a3c0565dc3af1f4ebc915e2957a7bd674105a77ee999035a7cbc36029d9ef669abcc28195344c14ad1950e76095999929f41bc3651fee28c31218a539ad0d3ea26275f7548d053e176ea646d59158468d15a5dc6d6ad595c441d3902104f26eb928b239b6c95d765fa45e4c33d085eb2e6b8cd132ef4e7eea0fecb4198f0c7c94f634bd73a43fc55b87822df007c59e06a7407e3b6b0420fa6d55ebdf03abb5c5fef0b7ab3b20308090518becf1c8c3b105c4e6b17734a3c7912c466b5776696a5a24e7eb886d6ba7b51f40e53f35f472e017e3cc78e799b5438ecd2df6af75bab505e80168ea02a5409b776132ee67662b021a810ae591ebfee88b0fc1245c63e50d6ec0b296f9c4b4be27303ced22faf378023cda7767233e9da1753361182ad2f70dd48ad71572c8e949c859df251d031520d728910b50cfe6a3042f2586fbdefe416ffde32030992dacc86256e499c77792c885e0bbf7060cb36ceb8f365555efaf26bf8ab15b15f32f6d2df866391869c53aef12f572", 0x2000, &(0x7f0000000f00)={&(0x7f0000000080)={0x50, 0x0, 0x200001010800, {0x7, 0x29, 0x7, 0xa110000, 0xc9f, 0xfff, 0xd, 0x8, 0x0, 0x0, 0x10, 0x400}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

735.08878ms ago: executing program 3 (id=370):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
shutdown(r1, 0x1)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={<r2=>0xffffffffffffffff})
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
mmap(&(0x7f00003f7000/0x2000)=nil, 0x2000, 0x2800003, 0x4000010, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000140)={'bond_slave_1\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x4c, 0xd, 0x62, 0x7, 0x8, 0xe, 0xe3, 0x9, 0xa, 0x0, [0x4e, 0x9, 0xd2, 0x7, 0x401, 0x8000004, 0x9, 0xfffffffb], [0x7f]}})
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
add_key(&(0x7f0000000280)='keyring\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0x1, 0xfffffffffffffffe)
r6 = dup(r3)
openat$ocfs2_control(0xffffff9c, &(0x7f0000000180), 0x40, 0x0)
ioctl$EXT4_IOC_GETFSUUID(r4, 0x8008662c, &(0x7f0000000240))
ioctl$TIOCL_SETSEL(r6, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x107, 0x100, 0x100, 0x1, 0x4000}})
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @local}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xa7}, 0x30004084)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000003c0)=0x14)
ioctl$TIOCVHANGUP(r7, 0x5437, 0x2)
ioctl$KDFONTOP_COPY(r7, 0x4b72, &(0x7f0000000440)={0x3, 0x0, 0xa, 0xb, 0x5d, &(0x7f0000000880)})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007012bbd700000000000047c000009003d0027b4893a0000000008001200", @ANYRES32=0x0], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x4040)

442.796442ms ago: executing program 1 (id=371):
mount$9p_tcp(0x0, 0x0, &(0x7f00000003c0), 0x2000000, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x2, 0x336, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r5, 0x117, 0x5, 0x0, 0x10000)
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
io_setup(0x9, &(0x7f0000000340)=<r7=>0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
io_submit(r7, 0x1, &(0x7f0000000280)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r8, 0x0}])
sendto$inet(r8, 0x0, 0x4d, 0x200047ee, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
connect$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r9, &(0x7f0000003180)={0x0, 0x0, &(0x7f0000003140)={&(0x7f0000003080)={0x28, 0x0, 0xe6e964277ae08d57, 0x70bd2c, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x8040000}, 0x90)
close(0x3)
pipe(&(0x7f0000000080)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
tee(r10, r12, 0x8f5, 0x0)
setsockopt$inet_int(r11, 0x0, 0x22, &(0x7f00000000c0)=0x25cb, 0x4)

172.462562ms ago: executing program 2 (id=372):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x20000106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat$cgroup_subtree(r4, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000480)={[{0x2b, 'rdma'}]}, 0x6)
r6 = socket(0x10, 0x803, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001440)=@newtfilter={0x85c, 0x2c, 0xd2b, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_flow={{0x9}, {0x82c, 0x2, [@TCA_FLOW_POLICE={0x818, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0x4, 0x6, 0x2ef, 0x0, 0x5, 0x5, 0x8001, 0xd5, 0x6, 0x9, 0x6, 0x10001, 0x3, 0x1, 0x9, 0x9, 0x7, 0xfffffffb, 0x7, 0x0, 0x1, 0x6, 0x9, 0x2, 0x6, 0x0, 0x2, 0x4, 0x1, 0x3, 0x3ff, 0x7f, 0x3c, 0x7, 0x2, 0x5, 0x2, 0x800, 0x3, 0x64, 0xffff, 0xa37, 0x6, 0x1, 0x2, 0x8, 0x1, 0x0, 0x100, 0xfffff801, 0x80, 0x1, 0xfffff001, 0xff, 0x1, 0x64, 0x0, 0x388, 0x401, 0x9, 0xc, 0x80000002, 0x9, 0xcd, 0xffffffff, 0x7399f0ce, 0x28, 0x72, 0x500000, 0x3ff, 0x8, 0x4, 0xa, 0x7fffffff, 0xffffffc0, 0x2, 0x9, 0x0, 0x6, 0xfffffffb, 0x0, 0x3, 0x8, 0x5, 0x8, 0x755, 0xe7, 0x6, 0x1, 0x9, 0x401, 0x7fff, 0x10, 0x1, 0x800, 0x6, 0x5cf, 0x4, 0x1, 0x0, 0x1, 0x4847, 0xca, 0xe2, 0xffff, 0x3ff, 0x1, 0x200, 0x9f, 0x80, 0x7, 0x4, 0x9ef, 0x0, 0x1, 0x4, 0x1, 0xfffffff7, 0x0, 0x1, 0xc, 0x1, 0x9ed, 0x3, 0x8, 0x7, 0x200, 0x2, 0x4, 0x7fffffff, 0x7, 0x393e, 0x35fc, 0x5, 0x3ff, 0x400, 0x2000000, 0x7b, 0xd0b, 0x5, 0xfffffffa, 0x2, 0x7, 0x1, 0x9, 0x7, 0x3265, 0x9, 0x4, 0x0, 0x8, 0x1, 0x5, 0xc2e, 0xb47, 0xffffffff, 0x4, 0x9, 0x7, 0x6, 0x1, 0x3, 0x4, 0x8, 0x4, 0x4, 0x6, 0x80000001, 0x6, 0x8, 0x4, 0x0, 0x5, 0x44866607, 0x5, 0x334, 0x3, 0xc86f, 0x2, 0x0, 0x1, 0x548, 0x8, 0x5, 0x5fd, 0x184, 0x81, 0xc3, 0x9, 0xf, 0x74d6, 0x8, 0x7ff, 0x1, 0x75, 0x80000001, 0x92d, 0x1, 0x3, 0x60000, 0x3, 0x5, 0x7, 0xfffff327, 0x5, 0x4, 0x0, 0x3, 0x80, 0x65d6, 0x2, 0xfe, 0x8d9, 0x1, 0xfffffff0, 0x3, 0x7, 0xffff, 0x9, 0x2, 0x8202, 0x7, 0x10, 0x9574, 0xfffffff9, 0x3, 0x1, 0x9, 0x4, 0xbb01, 0x0, 0x6, 0x892, 0x0, 0x4, 0x4, 0xe6, 0x7, 0x1, 0x8, 0x1, 0x2bc3, 0x19a, 0x808, 0x7, 0x7, 0x76c59e0f, 0x1, 0x5, 0x10, 0x1, 0x9, 0xa2, 0x81, 0xa]}, @TCA_POLICE_RATE={0x404, 0x2, [0x2cf, 0x3, 0xb, 0x81, 0x7ff, 0x401, 0xc, 0x5, 0xe86, 0x1, 0x5, 0xfffffff5, 0x8, 0x4, 0x3, 0x5, 0x6, 0x4000, 0xffff, 0xb, 0x80, 0x6, 0xef31, 0x8919, 0x9, 0x4c8, 0x0, 0x5, 0x7, 0x3, 0x9, 0xffffffc0, 0x7, 0x7fff, 0x7d, 0x1d, 0x8, 0x0, 0x562d, 0x9, 0x5, 0x0, 0x2, 0x7, 0x1ff, 0x70, 0x5, 0x4de, 0xffff, 0x6, 0x2, 0xf72, 0x5, 0xa, 0x283, 0xafd, 0xfffffffc, 0x4cfe, 0x1, 0x400, 0x0, 0x6, 0x0, 0x1a86, 0x1, 0x5, 0x2, 0x1, 0x2, 0x1, 0x5, 0x1000, 0x8001, 0x10, 0x2, 0x1, 0x4, 0x4ff, 0x5, 0x2, 0xfffffdc7, 0xe4, 0xc22, 0x6, 0x8e5, 0xfffffffb, 0xffffffff, 0x2, 0xd6, 0x5, 0x6, 0xffffffff, 0x3ff, 0x0, 0xfff, 0x52, 0x10001, 0x2, 0x0, 0xffffffff, 0x766, 0xf, 0x8, 0x1, 0x800, 0x4, 0x10001, 0x7, 0x10000, 0x5, 0x10001, 0x9, 0x7, 0x6, 0x6, 0x7c33, 0x6, 0xb, 0x9, 0x4, 0x8, 0xffffffff, 0xff, 0x9, 0x7fff, 0xee, 0x4, 0x100, 0x4, 0x8, 0x73, 0xb, 0x3, 0x48e6, 0x4, 0x9, 0x33, 0x1, 0x4, 0x3, 0x8000, 0x8001, 0x5, 0x2, 0xe, 0x7, 0x1, 0x3, 0x7, 0xa7e5, 0xbac2, 0x0, 0x5, 0xb, 0xfffffff7, 0x3ff, 0x1, 0x7bc8, 0x9, 0x10, 0x8, 0x400, 0xb, 0x5, 0xd, 0x3, 0xfb5, 0x55, 0x8, 0xfffffeff, 0xd7, 0x8, 0x2, 0x2, 0x99, 0x8, 0x5, 0xbe, 0x8cc, 0x3, 0xffffffff, 0xf, 0x1e, 0xe, 0xfffffffa, 0xffff, 0x8, 0xee0, 0x3, 0x8001, 0x8, 0x1, 0x4, 0x10, 0x8, 0x8, 0x3289, 0x2, 0xfffffffd, 0x1, 0x1e69, 0x6, 0x5, 0x4, 0x8, 0x8, 0x3, 0x4, 0x7, 0x10, 0x0, 0x2, 0x8, 0x8, 0x8ff5, 0x3, 0x9, 0x7, 0x9, 0x1, 0x2, 0x23a2, 0x8, 0x1000, 0x1, 0x31b, 0x90, 0x1, 0x6, 0xff, 0x5, 0x0, 0x400, 0x1, 0x4, 0x1, 0x475d, 0x49f739d1, 0xb, 0x1, 0x86c7, 0x1ff, 0x3, 0x4, 0x5, 0xc, 0x2, 0x5, 0x9, 0x3, 0x100, 0xc, 0x5d, 0x0, 0xfffffff7]}, @TCA_POLICE_RATE64={0xc, 0x8, 0x5}]}, @TCA_FLOW_KEYS={0x8, 0x1, 0xba37}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x85c}}, 0x24040084)
socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = syz_open_dev$I2C(0x0, 0x79, 0x40080)
ioctl$I2C_SMBUS(r9, 0x720, &(0x7f0000000600)={0x0, 0x0, 0x6, &(0x7f0000000080)={0x2, "50e1046e0dffda611f117e88f8b2068bda55c85613a3fe0200"}})
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x10, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180200000a00000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x7}, 0x94)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r10, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)

0s ago: executing program 0 (id=373):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x6, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x395, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0xffffffff, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x2002c810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2000000000002)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sysvipc/msg\x00', 0x0, 0x0)
pread64(r6, 0x0, 0x0, 0x7)
bind$netlink(r6, &(0x7f0000000500)={0x10, 0x0, 0x25dfdbfc, 0x2000000}, 0xc)
r7 = syz_io_uring_setup(0x18d7, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x25b}, &(0x7f0000ffe000), &(0x7f0000ffe000))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r7, 0x2, &(0x7f0000000180), 0xfe)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
close(r1)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:65446' (ED25519) to the list of known hosts.
[   48.474174][ T5887] cgroup: Unknown subsys name 'net'
[   48.672880][ T5887] cgroup: Unknown subsys name 'cpuset'
[   48.676587][ T5887] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   49.711337][ T5887] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   53.530710][ T5301] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   53.535722][ T5953] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   53.538926][ T5947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   53.541979][ T5947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   53.544581][ T5947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   53.547096][ T5947] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   53.549242][ T5958] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   53.549863][ T5959] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   53.551126][ T5947] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   53.554102][   T65] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   53.554110][ T5958] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   53.554787][ T5958] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   53.555546][ T5958] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   53.555983][ T5958] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   53.558046][   T65] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   53.560657][ T5959] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   53.563051][   T65] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   53.565962][ T5959] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   53.567219][   T65] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   53.569328][ T5959] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   53.870259][ T5950] chnl_net:caif_netlink_parms(): no params data found
[   53.887789][ T5946] chnl_net:caif_netlink_parms(): no params data found
[   53.927978][ T5954] chnl_net:caif_netlink_parms(): no params data found
[   54.025895][ T5951] chnl_net:caif_netlink_parms(): no params data found
[   54.104949][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.108034][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.130638][ T5950] bridge_slave_0: entered allmulticast mode
[   54.134457][ T5950] bridge_slave_0: entered promiscuous mode
[   54.139085][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.142021][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.144544][ T5946] bridge_slave_0: entered allmulticast mode
[   54.147249][ T5946] bridge_slave_0: entered promiscuous mode
[   54.157096][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.159691][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.162834][ T5946] bridge_slave_1: entered allmulticast mode
[   54.166717][ T5946] bridge_slave_1: entered promiscuous mode
[   54.181964][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.184994][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.187979][ T5950] bridge_slave_1: entered allmulticast mode
[   54.191834][ T5950] bridge_slave_1: entered promiscuous mode
[   54.212125][ T5954] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.214362][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.216663][ T5954] bridge_slave_0: entered allmulticast mode
[   54.219272][ T5954] bridge_slave_0: entered promiscuous mode
[   54.256274][ T5954] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.258519][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.260851][ T5954] bridge_slave_1: entered allmulticast mode
[   54.263466][ T5954] bridge_slave_1: entered promiscuous mode
[   54.267472][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.271873][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.281395][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.292184][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.295989][ T5951] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.298621][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.301068][ T5951] bridge_slave_0: entered allmulticast mode
[   54.303726][ T5951] bridge_slave_0: entered promiscuous mode
[   54.353592][ T5951] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.356533][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.358851][ T5951] bridge_slave_1: entered allmulticast mode
[   54.361674][ T5951] bridge_slave_1: entered promiscuous mode
[   54.365295][ T5954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.369178][ T5950] team0: Port device team_slave_0 added
[   54.372024][ T5946] team0: Port device team_slave_0 added
[   54.380285][ T5950] team0: Port device team_slave_1 added
[   54.384028][ T5954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.388742][ T5946] team0: Port device team_slave_1 added
[   54.425744][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.428698][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.439461][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.446641][ T5951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.460135][ T5951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.471717][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.473964][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.482000][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.486550][ T5954] team0: Port device team_slave_0 added
[   54.498913][ T5954] team0: Port device team_slave_1 added
[   54.501222][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.504001][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.512585][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.533778][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.536192][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.544443][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.554434][ T5951] team0: Port device team_slave_0 added
[   54.563958][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.566218][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.574880][ T5954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.579803][ T5951] team0: Port device team_slave_1 added
[   54.598468][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.600868][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.608984][ T5954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.629397][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.631628][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.639581][ T5951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.646857][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.649029][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   54.656958][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.663822][ T5950] hsr_slave_0: entered promiscuous mode
[   54.666255][ T5950] hsr_slave_1: entered promiscuous mode
[   54.689766][ T5946] hsr_slave_0: entered promiscuous mode
[   54.693270][ T5946] hsr_slave_1: entered promiscuous mode
[   54.696902][ T5946] debugfs: 'hsr0' already exists in 'hsr'
[   54.702695][ T5946] Cannot create hsr debugfs directory
[   54.761491][ T5954] hsr_slave_0: entered promiscuous mode
[   54.763768][ T5954] hsr_slave_1: entered promiscuous mode
[   54.765835][ T5954] debugfs: 'hsr0' already exists in 'hsr'
[   54.767645][ T5954] Cannot create hsr debugfs directory
[   54.781656][ T5951] hsr_slave_0: entered promiscuous mode
[   54.783901][ T5951] hsr_slave_1: entered promiscuous mode
[   54.785968][ T5951] debugfs: 'hsr0' already exists in 'hsr'
[   54.787729][ T5951] Cannot create hsr debugfs directory
[   55.091215][ T5950] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   55.105579][ T5950] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   55.112935][ T5950] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   55.124170][ T5950] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   55.157887][ T5946] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   55.184282][ T5946] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   55.191328][ T5946] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   55.206009][ T5946] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   55.246475][ T5951] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   55.263076][ T5951] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   55.268969][ T5951] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   55.279890][ T5951] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   55.316744][ T5954] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   55.323699][ T5954] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   55.334405][ T5954] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   55.352250][ T5954] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   55.364330][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.395244][ T5950] 8021q: adding VLAN 0 to HW filter on device team0
[   55.413898][  T770] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.416643][  T770] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.435810][  T770] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.438835][  T770] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.454214][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.463704][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.483687][ T5946] 8021q: adding VLAN 0 to HW filter on device team0
[   55.496010][ T5951] 8021q: adding VLAN 0 to HW filter on device team0
[   55.504798][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.507151][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.518784][ T1223] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.520985][ T1223] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.525874][ T1223] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.528194][ T1223] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.542522][ T1223] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.545679][ T1223] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.555802][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.580627][ T5954] 8021q: adding VLAN 0 to HW filter on device team0
[   55.602014][ T1223] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.605293][ T1223] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.615432][ T1223] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.618606][ T1223] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.621810][   T65] Bluetooth: hci3: command tx timeout
[   55.622342][ T5301] Bluetooth: hci0: command tx timeout
[   55.623910][ T5953] Bluetooth: hci1: command tx timeout
[   55.626505][ T5959] Bluetooth: hci2: command tx timeout
[   55.730809][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.758714][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.783564][ T5950] veth0_vlan: entered promiscuous mode
[   55.789354][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.801167][ T5950] veth1_vlan: entered promiscuous mode
[   55.811933][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.828892][ T5946] veth0_vlan: entered promiscuous mode
[   55.851947][ T5946] veth1_vlan: entered promiscuous mode
[   55.865762][ T5950] veth0_macvtap: entered promiscuous mode
[   55.870870][ T5954] veth0_vlan: entered promiscuous mode
[   55.879119][ T5950] veth1_macvtap: entered promiscuous mode
[   55.883461][ T5951] veth0_vlan: entered promiscuous mode
[   55.897663][ T5954] veth1_vlan: entered promiscuous mode
[   55.901986][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.905195][ T5951] veth1_vlan: entered promiscuous mode
[   55.915124][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.925814][ T5946] veth0_macvtap: entered promiscuous mode
[   55.928354][  T770] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.933559][  T770] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.937241][  T770] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.947961][  T770] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.953991][ T5946] veth1_macvtap: entered promiscuous mode
[   55.995476][ T5954] veth0_macvtap: entered promiscuous mode
[   56.003064][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.023221][ T5954] veth1_macvtap: entered promiscuous mode
[   56.034133][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.037521][ T5951] veth0_macvtap: entered promiscuous mode
[   56.046683][ T1223] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.050264][ T1223] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.054490][ T5951] veth1_macvtap: entered promiscuous mode
[   56.057921][   T63] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.074748][   T63] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.082323][   T63] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.085321][  T770] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.087976][  T770] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.090910][   T63] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.100603][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.116220][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.128895][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.133108][   T63] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.136811][   T63] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.149363][ T5950] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   56.150911][   T63] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.157530][   T63] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.172951][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.178871][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.182438][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.186741][ T1147] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.189464][ T1147] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.211467][ T1147] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.215007][ T1147] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.238642][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.243843][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.280872][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.283425][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.316761][  T770] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.319297][  T770] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.347401][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.353322][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.378318][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.381086][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.420936][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   56.423777][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   56.426493][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   56.441524][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   56.770485][ T6034] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   56.920469][ T6034] usb 5-1: Using ep0 maxpacket: 16
[   56.933406][ T6034] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[   56.938145][ T6034] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[   56.941569][ T6034] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   56.944142][ T6034] usb 5-1: Product: syz
[   56.945515][ T6034] usb 5-1: Manufacturer: syz
[   56.947080][ T6034] usb 5-1: SerialNumber: syz
[   56.951073][ T6034] usb 5-1: config 0 descriptor??
[   56.958762][ T6034] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[   56.995500][ T6034] em28xx 5-1:0.0: DVB interface 0 found: bulk
[   57.041041][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   57.044042][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   57.200709][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   57.210696][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   57.375406][ T6061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5'.
[   57.531333][ T6057] nbd1: detected capacity change from 0 to 63
[   57.535147][ T6061] block nbd1: NBD_DISCONNECT
[   57.538669][ T6061] block nbd1: Disconnected due to user request.
[   57.539976][ T6039] libceph: connect (1)[c::]:6789 error -101
[   57.543137][ T6061] block nbd1: shutting down sockets
[   57.543502][ T5963] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   57.543617][ T5963] Buffer I/O error on dev nbd1, logical block 0, async page read
[   57.543692][ T5963] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   57.543705][ T5963] Buffer I/O error on dev nbd1, logical block 1, async page read
[   57.543726][ T5963] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   57.543784][ T5963] Buffer I/O error on dev nbd1, logical block 2, async page read
[   57.543807][ T5963] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   57.543819][ T5963] Buffer I/O error on dev nbd1, logical block 3, async page read
[   57.543851][ T5963] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   57.543863][ T5963] Buffer I/O error on dev nbd1, logical block 0, async page read
[   57.543882][ T5963] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   57.543937][ T5963] Buffer I/O error on dev nbd1, logical block 1, async page read
[   57.543961][ T5963] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   57.543973][ T5963] Buffer I/O error on dev nbd1, logical block 2, async page read
[   57.543992][ T5963] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   57.544006][ T5963] Buffer I/O error on dev nbd1, logical block 3, async page read
[   57.544029][ T5963] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   57.544041][ T5963] Buffer I/O error on dev nbd1, logical block 0, async page read
[   57.544097][ T5963] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   57.544110][ T5963] Buffer I/O error on dev nbd1, logical block 1, async page read
[   57.544533][ T5963] ldm_validate_partition_table(): Disk read failed.
[   57.544857][ T5963] Dev nbd1: unable to read RDB block 0
[   57.546705][ T6039] libceph: mon0 (1)[c::]:6789 connect error
[   57.584756][ T6064] ceph: No mds server is up or the cluster is laggy
[   57.591224][ T6034] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[   57.653443][ T5963]  nbd1: unable to read partition table
[   57.661970][ T5963] ldm_validate_partition_table(): Disk read failed.
[   57.665025][ T5963] Dev nbd1: unable to read RDB block 0
[   57.667491][ T5963]  nbd1: unable to read partition table
[   57.700482][ T5959] Bluetooth: hci3: command tx timeout
[   57.710648][ T5959] Bluetooth: hci2: command tx timeout
[   57.710670][ T5953] Bluetooth: hci0: command tx timeout
[   57.996336][ T6081] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.999127][ T6081] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.041473][ T6081] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   58.046593][ T6081] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   58.104478][ T1147] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.110864][ T1147] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.124922][ T6083] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.133632][ T1147] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   58.246716][ T6088] afs: Unknown parameter '#7dyn'
[   58.252642][ T6088] netlink: 24 bytes leftover after parsing attributes in process `syz.1.10'.
[   59.060352][ T6034] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[   59.063230][ T6034] em28xx 5-1:0.0: board has no eeprom
[   59.120541][ T6034] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[   59.123280][ T6034] em28xx 5-1:0.0: dvb set to bulk mode.
[   59.125797][ T6055] em28xx 5-1:0.0: Binding DVB extension
[   59.163253][ T6055] em28xx 5-1:0.0: Registering input extension
[   59.209971][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   59.217329][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   59.257307][ T6093] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11'.
[   59.273785][ T6094] netlink: 28 bytes leftover after parsing attributes in process `syz.2.12'.
[   59.391840][ T6093] nbd1: detected capacity change from 0 to 63
[   59.394485][ T6094] lo speed is unknown, defaulting to 1000
[   59.395441][ T6095] block nbd1: NBD_DISCONNECT
[   59.396597][ T6094] lo speed is unknown, defaulting to 1000
[   59.398710][ T6095] block nbd1: Disconnected due to user request.
[   59.403182][ T6094] lo speed is unknown, defaulting to 1000
[   59.403575][ T6095] block nbd1: shutting down sockets
[   59.410607][ T5949] ldm_validate_partition_table(): Disk read failed.
[   59.413420][ T5949] Dev nbd1: unable to read RDB block 0
[   59.416318][ T5949]  nbd1: unable to read partition table
[   59.418635][ T6094] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   59.428712][ T5949] ldm_validate_partition_table(): Disk read failed.
[   59.431989][ T5949] Dev nbd1: unable to read RDB block 0
[   59.434718][ T5949]  nbd1: unable to read partition table
[   59.442280][ T6094] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   59.479194][ T6055] usb 5-1: USB disconnect, device number 2
[   59.489419][ T6055] em28xx 5-1:0.0: Disconnecting em28xx
[   59.492302][ T6055] em28xx 5-1:0.0: Closing input extension
[   59.493478][ T6094] lo speed is unknown, defaulting to 1000
[   59.504403][ T6094] lo speed is unknown, defaulting to 1000
[   59.510145][ T6055] em28xx 5-1:0.0: Freeing device
[   59.520198][ T6094] lo speed is unknown, defaulting to 1000
[   59.581155][ T6094] lo speed is unknown, defaulting to 1000
[   59.781121][ T5301] Bluetooth: hci0: command tx timeout
[   59.781160][ T5953] Bluetooth: hci2: command tx timeout
[   59.783183][ T5959] Bluetooth: hci3: command tx timeout
[   60.220576][ T3246] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   60.241839][ T6104] netlink: 'syz.2.15': attribute type 10 has an invalid length.
[   60.245146][ T6104] netlink: 40 bytes leftover after parsing attributes in process `syz.2.15'.
[   60.249148][ T6104] dummy0: entered promiscuous mode
[   60.251892][ T6104] bridge0: port 3(dummy0) entered blocking state
[   60.253992][ T6104] bridge0: port 3(dummy0) entered disabled state
[   60.256228][ T6104] dummy0: entered allmulticast mode
[   60.259182][ T6104] bridge0: port 3(dummy0) entered blocking state
[   60.261365][ T6104] bridge0: port 3(dummy0) entered forwarding state
[   60.370497][ T3246] usb 5-1: Using ep0 maxpacket: 32
[   60.394736][ T6106] binder: 6101:6106 ioctl c0306201 0 returned -14
[   60.671418][ T5959] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   60.674129][ T5959] Bluetooth: hci1: Injecting HCI hardware error event
[   60.677098][ T5301] Bluetooth: hci1: hardware error 0x00
[   60.794853][ T3246] usb 5-1: unable to get BOS descriptor or descriptor too short
[   60.800930][ T3246] usb 5-1: unable to read config index 0 descriptor/start: -71
[   60.803426][ T3246] usb 5-1: can't read configurations, error -71
[   61.802836][ T6119] Zero length message leads to an empty skb
[   61.860512][ T5959] Bluetooth: hci2: command tx timeout
[   61.870659][ T5959] Bluetooth: hci3: command tx timeout
[   61.870677][ T5953] Bluetooth: hci0: command tx timeout
[   62.695364][ T6132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.20'.
[   62.704386][ T6132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.20'.
[   62.715465][ T6132] netlink: 4 bytes leftover after parsing attributes in process `syz.0.20'.
[   62.750944][ T5301] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   64.059448][ T6140] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[   64.061544][ T6140] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   64.064841][ T6140] vhci_hcd vhci_hcd.0: Device attached
[   64.340807][   T60] usb 38-1: SetAddress Request (2) to port 0
[   64.343572][   T60] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[   64.355932][ T6143] syz_tun: entered allmulticast mode
[   64.633023][ T6137] syz_tun: left allmulticast mode
[   64.636318][ T6141] vhci_hcd: connection reset by peer
[   64.639134][ T6118] vhci_hcd vhci_hcd.0: stop threads
[   64.641278][ T6118] vhci_hcd vhci_hcd.0: release socket
[   64.643600][ T6118] vhci_hcd vhci_hcd.0: disconnect device
[   65.674139][ T6167] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[   65.676884][ T6167] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   65.681445][ T6167] vhci_hcd vhci_hcd.0: Device attached
[   66.224342][ T6167] netlink: 16 bytes leftover after parsing attributes in process `syz.0.26'.
[   66.310017][ T6176] evm: overlay not supported
[   66.958724][ T6168] vhci_hcd: connection closed
[   66.959128][   T62] vhci_hcd vhci_hcd.0: stop threads
[   66.969021][   T62] vhci_hcd vhci_hcd.0: release socket
[   66.980754][   T62] vhci_hcd vhci_hcd.0: disconnect device
[   67.083989][ T6180] netlink: 'syz.1.29': attribute type 1 has an invalid length.
[   67.096720][ T6180] netlink: 16 bytes leftover after parsing attributes in process `syz.1.29'.
[   67.270532][   T29] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[   67.360521][ T3246] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   67.520989][ T3246] usb 6-1: too many configurations: 9, using maximum allowed: 8
[   67.524492][ T3246] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.527713][ T3246] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.531626][ T3246] usb 6-1: config 0 interface 0 has no altsetting 0
[   67.534716][ T3246] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.536302][   T29] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 183, setting to 64
[   67.537481][ T3246] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.546155][ T3246] usb 6-1: config 0 interface 0 has no altsetting 0
[   67.549142][ T3246] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.552151][ T3246] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.555527][ T3246] usb 6-1: config 0 interface 0 has no altsetting 0
[   67.558429][ T3246] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.560489][   T29] usb 8-1: config 0 interface 0 has no altsetting 0
[   67.561975][ T3246] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.568056][ T3246] usb 6-1: config 0 interface 0 has no altsetting 0
[   67.571573][ T3246] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.574419][ T3246] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.577885][ T3246] usb 6-1: config 0 interface 0 has no altsetting 0
[   67.582100][ T3246] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.584872][ T3246] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.588217][ T3246] usb 6-1: config 0 interface 0 has no altsetting 0
[   67.591498][ T3246] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.594346][ T3246] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.597786][ T3246] usb 6-1: config 0 interface 0 has no altsetting 0
[   67.601664][ T3246] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.604556][ T3246] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.608396][   T29] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[   67.608826][ T3246] usb 6-1: config 0 interface 0 has no altsetting 0
[   67.616496][ T3246] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   67.619704][ T3246] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   67.622860][ T3246] usb 6-1: Product: syz
[   67.624515][ T3246] usb 6-1: Manufacturer: syz
[   67.626368][ T3246] usb 6-1: SerialNumber: syz
[   67.630187][ T3246] usb 6-1: config 0 descriptor??
[   67.640026][ T3246] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[   67.640322][   T29] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[   67.646902][   T29] usb 8-1: Product: syz
[   67.650688][   T29] usb 8-1: Manufacturer: syz
[   67.654451][   T29] usb 8-1: SerialNumber: syz
[   67.671646][   T29] usb 8-1: config 0 descriptor??
[   67.684789][   T29] usb 8-1: selecting invalid altsetting 0
[   67.912844][ T6190] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[   68.033065][    C3] usb 6-1: yurex_control_callback - control failed: -2
[   68.044324][ T3246] usb 6-1: USB disconnect, device number 2
[   68.054348][ T3246] yurex 6-1:0.0: USB YUREX #0 now disconnected
[   68.059239][ T6195] syzkaller0: entered promiscuous mode
[   68.061580][ T6195] syzkaller0: entered allmulticast mode
[   68.100901][ T6195] lo speed is unknown, defaulting to 1000
[   68.295290][   T40] audit: type=1326 audit(1766293523.210:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6194 comm="syz.0.33" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x0
[   68.398319][ T6198] usb 8-1: cannot submit urb 0, error -2: endpoint not enabled
[   68.692001][ T6208] comedi comedi0: Minor 3 could not be opened
[   69.331739][ T6216] netlink: 4 bytes leftover after parsing attributes in process `syz.0.37'.
[   69.332349][ T6216] netlink: 4 bytes leftover after parsing attributes in process `syz.0.37'.
[   69.334101][ T6216] netlink: 4 bytes leftover after parsing attributes in process `syz.0.37'.
[   69.431060][   T60] usb 38-1: device descriptor read/8, error -110
[   69.830994][   T60] usb usb38-port1: attempt power cycle
[   70.058962][ T6014] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   70.070791][   T29] usb 8-1: USB disconnect, device number 2
[   70.200675][ T6221] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   70.219313][ T6014] usb 5-1: config 4 has an invalid interface number: 28 but max is 0
[   70.230909][ T6014] usb 5-1: config 4 has no interface number 0
[   70.237500][ T6014] usb 5-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= a.3a
[   70.250466][ T6014] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   70.253836][ T6014] usb 5-1: Product: syz
[   70.255594][ T6014] usb 5-1: Manufacturer: syz
[   70.257577][ T6014] usb 5-1: SerialNumber: syz
[   70.276477][ T6014] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:4.28/input/input7
[   70.411117][   T60] usb usb38-port1: unable to enumerate USB device
[   70.575774][ T6226] block device autoloading is deprecated and will be removed.
[   70.581866][ T5335] bcm5974 5-1:4.28: could not read from device
[   70.589312][ T6218] bcm5974 5-1:4.28: could not read from device
[   70.593337][ T6014] usb 5-1: USB disconnect, device number 5
[   70.628012][ T5963] udevd[5963]: Error opening device "/dev/input/event4": No such file or directory
[   70.632404][ T5963] udevd[5963]: Unable to EVIOCGABS device "/dev/input/event4"
[   70.635432][ T5963] udevd[5963]: Unable to EVIOCGABS device "/dev/input/event4"
[   70.638277][ T5963] udevd[5963]: Unable to EVIOCGABS device "/dev/input/event4"
[   70.640823][ T5963] udevd[5963]: Unable to EVIOCGABS device "/dev/input/event4"
[   70.770188][ T6235] netlink: 4 bytes leftover after parsing attributes in process `syz.2.42'.
[   72.750343][ T6259] loop5: detected capacity change from 0 to 7
[   72.761953][ T6259] Dev loop5: unable to read RDB block 7
[   72.762021][ T6259]  loop5: AHDI p1 p2
[   72.762085][ T6259] loop5: partition table partially beyond EOD, truncated
[   72.769133][ T6259] loop5: p1 start 1702000233 is beyond EOD, truncated
[   74.225020][ T6305] netlink: 24 bytes leftover after parsing attributes in process `syz.3.50'.
[   76.005920][ T6333] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[   76.008692][ T6333] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   76.034572][ T6333] vhci_hcd vhci_hcd.0: Device attached
[   76.043970][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[   76.050515][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[   76.330480][ T6034] usb 42-1: SetAddress Request (2) to port 0
[   76.330529][ T6034] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[   77.371147][ T6347] netlink: 4 bytes leftover after parsing attributes in process `syz.3.59'.
[   77.371815][ T6347] netlink: 4 bytes leftover after parsing attributes in process `syz.3.59'.
[   77.373039][ T6347] netlink: 4 bytes leftover after parsing attributes in process `syz.3.59'.
[   77.393085][ T6334] vhci_hcd: connection reset by peer
[   77.393883][ T6118] vhci_hcd vhci_hcd.2: stop threads
[   77.393910][ T6118] vhci_hcd vhci_hcd.2: release socket
[   77.394072][ T6118] vhci_hcd vhci_hcd.2: disconnect device
[   79.108469][ T6358] hub 1-0:1.0: USB hub found
[   79.110219][ T6358] hub 1-0:1.0: 2 ports detected
[   79.234523][ T6367] overlayfs: failed to resolve './file0': -2
[   79.530510][   T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   79.701029][   T10] usb 7-1: too many configurations: 9, using maximum allowed: 8
[   79.705447][   T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   79.708548][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   79.712501][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[   79.716570][   T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   79.720943][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   79.728764][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[   79.735689][   T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   79.739219][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   79.746207][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[   79.752027][   T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   79.758002][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   79.763388][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[   79.767852][   T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   79.772194][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   79.776713][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[   79.783321][   T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   79.787319][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   79.793505][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[   79.801106][   T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   79.806960][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   79.813717][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[   79.819316][   T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   79.824893][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   79.831588][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[   79.845005][   T10] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   79.848796][   T10] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   79.852576][   T10] usb 7-1: Product: syz
[   79.854316][   T10] usb 7-1: Manufacturer: syz
[   79.856284][   T10] usb 7-1: SerialNumber: syz
[   79.861656][   T10] usb 7-1: config 0 descriptor??
[   79.863120][ T6370] overlayfs: workdir and upperdir must be separate subtrees
[   79.872130][   T10] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[   79.968654][ T6373] nvme_fabrics: missing parameter 'transport=%s'
[   79.980764][ T6373] nvme_fabrics: missing parameter 'nqn=%s'
[   80.219720][ T6372] usb 7-1: USB disconnect, device number 2
[   80.225227][ T6372] yurex 7-1:0.0: USB YUREX #0 now disconnected
[   80.429462][ T6376] netlink: 60 bytes leftover after parsing attributes in process `syz.3.67'.
[   81.032325][ T6394] overlayfs: failed to resolve './file0': -2
[   81.390614][ T6034] usb 42-1: device descriptor read/8, error -110
[   81.781508][ T6034] usb usb42-port1: attempt power cycle
[   81.948985][ T6409] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[   81.951207][ T6409] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   81.960226][ T6409] vhci_hcd vhci_hcd.0: Device attached
[   82.280502][   T54] usb 44-1: SetAddress Request (2) to port 0
[   82.283436][   T54] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[   82.350955][ T6034] usb usb42-port1: unable to enumerate USB device
[   82.420085][ T6412] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   82.539254][ T6410] vhci_hcd: connection reset by peer
[   82.541509][ T6267] vhci_hcd vhci_hcd.3: stop threads
[   82.550596][ T6267] vhci_hcd vhci_hcd.3: release socket
[   82.552958][ T6267] vhci_hcd vhci_hcd.3: disconnect device
[   82.825583][ T5301] Bluetooth: hci3: Unknown advertising packet type: 0x78
[   82.825615][ T5301] Bluetooth: hci3: adv larger than maximum supported
[   82.828090][ T5301] Bluetooth: hci3: Malformed LE Event: 0x0d
[   83.021430][ T6034] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[   83.182599][ T6034] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 183, setting to 64
[   83.186100][ T6034] usb 7-1: config 0 interface 0 has no altsetting 0
[   83.190168][ T6034] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[   83.193922][ T6034] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[   83.196543][ T6034] usb 7-1: Product: syz
[   83.198103][ T6034] usb 7-1: Manufacturer: syz
[   83.200123][ T6034] usb 7-1: SerialNumber: syz
[   83.210791][ T6034] usb 7-1: config 0 descriptor??
[   83.217032][ T6034] usb 7-1: selecting invalid altsetting 0
[   83.907245][ T6442] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[   83.911938][ T6444] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (eth1-tx-0)
[   83.935354][ T6444] lo speed is unknown, defaulting to 1000
[   84.595643][ T6451] overlayfs: failed to resolve './file1/file0': -2
[   85.557751][ T6459] netlink: 'syz.3.83': attribute type 10 has an invalid length.
[   85.568743][ T6459] team0: Port device dummy0 added
[   85.852313][   T53] usb 7-1: USB disconnect, device number 3
[   86.236098][ T6472] overlayfs: missing 'lowerdir'
[   86.249310][ T6473] netlink: 4 bytes leftover after parsing attributes in process `syz.3.88'.
[   86.282087][   T24] cfg80211: failed to load regulatory.db
[   86.550497][ T6473] nbd3: detected capacity change from 0 to 63
[   86.556661][ T6474] block nbd3: NBD_DISCONNECT
[   86.560236][ T6474] block nbd3: Disconnected due to user request.
[   86.566893][ T6474] block nbd3: shutting down sockets
[   86.573030][    C1] blk_print_req_error: 286 callbacks suppressed
[   86.573045][    C1] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   86.579833][    C1] buffer_io_error: 286 callbacks suppressed
[   86.579846][    C1] Buffer I/O error on dev nbd3, logical block 0, async page read
[   86.586000][    C1] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   86.590037][    C1] Buffer I/O error on dev nbd3, logical block 1, async page read
[   86.593126][    C1] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   86.596890][    C1] Buffer I/O error on dev nbd3, logical block 2, async page read
[   86.600047][    C1] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   86.604021][    C1] Buffer I/O error on dev nbd3, logical block 3, async page read
[   86.607277][ T5949] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   86.611543][ T5949] Buffer I/O error on dev nbd3, logical block 0, async page read
[   86.614578][ T5949] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   86.617671][ T5949] Buffer I/O error on dev nbd3, logical block 1, async page read
[   86.621042][ T5949] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   86.625144][ T5949] Buffer I/O error on dev nbd3, logical block 2, async page read
[   86.628460][ T5949] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   86.632516][ T5949] Buffer I/O error on dev nbd3, logical block 3, async page read
[   86.635975][ T5949] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   86.639927][ T5949] Buffer I/O error on dev nbd3, logical block 0, async page read
[   86.643330][ T5949] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   86.647403][ T5949] Buffer I/O error on dev nbd3, logical block 1, async page read
[   86.651465][ T5949] ldm_validate_partition_table(): Disk read failed.
[   86.655129][ T5949] Dev nbd3: unable to read RDB block 0
[   86.658080][ T5949]  nbd3: unable to read partition table
[   86.667468][ T5949] ldm_validate_partition_table(): Disk read failed.
[   86.672211][ T5949] Dev nbd3: unable to read RDB block 0
[   86.674747][ T5949]  nbd3: unable to read partition table
[   87.313340][ T6491] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[   87.315722][ T6491] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   87.318912][ T6491] vhci_hcd vhci_hcd.0: Device attached
[   87.363071][ T6035] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   87.384575][   T54] usb 44-1: device descriptor read/8, error -110
[   87.514011][ T6035] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   87.518137][ T6035] usb 7-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   87.523943][ T6035] usb 7-1: config 0 interface 0 has no altsetting 0
[   87.530906][ T6035] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[   87.534754][ T6035] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[   87.538199][ T6035] usb 7-1: Product: syz
[   87.539984][ T6035] usb 7-1: Manufacturer: syz
[   87.558173][ T6035] usb 7-1: SerialNumber: syz
[   87.569688][ T6035] usb 7-1: config 0 descriptor??
[   87.590511][ T6034] usb 38-1: SetAddress Request (6) to port 0
[   87.593140][ T6034] usb 38-1: new SuperSpeed USB device number 6 using vhci_hcd
[   87.641240][ T6035] snd-usb-audio 7-1:0.0: probe with driver snd-usb-audio failed with error -22
[   87.671176][ T5949] udevd[5949]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   87.774774][   T54] usb usb44-port1: attempt power cycle
[   87.846474][ T6492] vhci_hcd: connection reset by peer
[   87.849158][   T46] vhci_hcd vhci_hcd.0: stop threads
[   87.851846][   T46] vhci_hcd vhci_hcd.0: release socket
[   87.854213][   T46] vhci_hcd vhci_hcd.0: disconnect device
[   88.030445][ T6372] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[   88.077641][ T6498] netlink: 12 bytes leftover after parsing attributes in process `syz.2.92'.
[   88.082133][ T3246] usb 7-1: USB disconnect, device number 4
[   88.183271][ T6372] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 183, setting to 64
[   88.187314][ T6372] usb 6-1: config 0 interface 0 has no altsetting 0
[   88.192514][ T6372] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[   88.195411][ T6372] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[   88.198114][ T6372] usb 6-1: Product: syz
[   88.199488][ T6372] usb 6-1: Manufacturer: syz
[   88.201283][ T6372] usb 6-1: SerialNumber: syz
[   88.205347][ T6372] usb 6-1: config 0 descriptor??
[   88.209974][ T6372] usb 6-1: selecting invalid altsetting 0
[   88.344191][   T54] usb usb44-port1: unable to enumerate USB device
[   88.749557][ T6501] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled
[   88.878430][ T6509] FAULT_INJECTION: forcing a failure.
[   88.878430][ T6509] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   88.883944][ T6509] CPU: 3 UID: 0 PID: 6509 Comm: syz.3.97 Not tainted syzkaller #0 PREEMPT(full) 
[   88.883964][ T6509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.883974][ T6509] Call Trace:
[   88.883980][ T6509]  <TASK>
[   88.883986][ T6509]  dump_stack_lvl+0x16c/0x1f0
[   88.884015][ T6509]  should_fail_ex+0x512/0x640
[   88.884036][ T6509]  _copy_to_user+0x32/0xd0
[   88.884054][ T6509]  simple_read_from_buffer+0xcb/0x170
[   88.884076][ T6509]  proc_fail_nth_read+0x197/0x240
[   88.884100][ T6509]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   88.884125][ T6509]  ? rw_verify_area+0xcf/0x6c0
[   88.884144][ T6509]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   88.884167][ T6509]  vfs_read+0x1e4/0xcf0
[   88.884188][ T6509]  ? __pfx___mutex_lock+0x10/0x10
[   88.884213][ T6509]  ? __pfx_vfs_read+0x10/0x10
[   88.884230][ T6509]  ? find_held_lock+0x2b/0x80
[   88.884256][ T6509]  ? __fget_files+0x20e/0x3c0
[   88.884291][ T6509]  ksys_read+0x12a/0x250
[   88.884310][ T6509]  ? __pfx_ksys_read+0x10/0x10
[   88.884330][ T6509]  ? fput+0x70/0xf0
[   88.884349][ T6509]  __do_fast_syscall_32+0xe8/0x680
[   88.884375][ T6509]  do_fast_syscall_32+0x32/0x80
[   88.884389][ T6509]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   88.884408][ T6509] RIP: 0023:0xf704d579
[   88.884420][ T6509] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   88.884433][ T6509] RSP: 002b:00000000f543d590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   88.884449][ T6509] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f543d620
[   88.884458][ T6509] RDX: 000000000000000f RSI: 00000000f73e6ff4 RDI: 0000000000000000
[   88.884467][ T6509] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   88.884475][ T6509] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   88.884483][ T6509] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   88.884504][ T6509]  </TASK>
[   89.042714][ T6513] �2��
: renamed from team_slave_1 (while UP)
[   90.222998][ T6531] overlayfs: missing 'workdir'
[   90.454514][ T6536] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12)
[   90.456605][ T6536] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   90.459095][ T6536] vhci_hcd vhci_hcd.0: Device attached
[   90.494700][ T6536] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(14)
[   90.497514][ T6536] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   90.514672][ T6536] vhci_hcd vhci_hcd.0: Device attached
[   90.550650][ T6536] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(16)
[   90.553569][ T6536] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   90.556764][ T6536] vhci_hcd vhci_hcd.0: Device attached
[   90.566612][ T6536] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(18)
[   90.569491][ T6536] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   90.601101][ T6548] netlink: 12 bytes leftover after parsing attributes in process `syz.0.108'.
[   90.612307][ T6549] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(21)
[   90.614445][ T6549] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   90.616270][ T6536] vhci_hcd vhci_hcd.0: Device attached
[   90.618058][ T6549] vhci_hcd vhci_hcd.0: Device attached
[   90.627396][ T6548] netlink: 8 bytes leftover after parsing attributes in process `syz.0.108'.
[   90.631360][ T6548] netlink: 36 bytes leftover after parsing attributes in process `syz.0.108'.
[   90.637855][ T6548] netlink: 8 bytes leftover after parsing attributes in process `syz.0.108'.
[   90.641071][ T6548] netlink: 36 bytes leftover after parsing attributes in process `syz.0.108'.
[   90.651097][ T6536] vhci_hcd vhci_hcd.0: pdev(2) rhport(5) sockfd(20)
[   90.653281][ T6536] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   90.660112][ T6536] vhci_hcd vhci_hcd.0: Device attached
[   90.663375][ T6536] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   90.667519][ T6536] netlink: 8 bytes leftover after parsing attributes in process `syz.2.107'.
[   90.671517][ T6536] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   90.675459][ T6536] vhci_hcd vhci_hcd.0: port 0 already used
[   90.692781][ T6552] vhci_hcd: connection closed
[   90.692933][ T6550] vhci_hcd: connection closed
[   90.693069][   T12] vhci_hcd vhci_hcd.2: stop threads
[   90.698560][ T6545] vhci_hcd: connection closed
[   90.698655][ T6543] vhci_hcd: connection closed
[   90.698802][ T6540] vhci_hcd: connection closed
[   90.698922][ T6537] vhci_hcd: connection closed
[   90.699152][   T12] vhci_hcd vhci_hcd.2: release socket
[   90.699238][   T12] vhci_hcd vhci_hcd.2: disconnect device
[   90.701622][   T12] vhci_hcd vhci_hcd.2: stop threads
[   90.720724][   T12] vhci_hcd vhci_hcd.2: release socket
[   90.721857][   T54] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[   90.723429][   T12] vhci_hcd vhci_hcd.2: disconnect device
[   90.726713][ T6538] vhci_hcd: sendmsg failed!, ret=-32 for 48
[   90.741039][   T12] vhci_hcd vhci_hcd.2: stop threads
[   90.742788][   T12] vhci_hcd vhci_hcd.2: release socket
[   90.744530][   T12] vhci_hcd vhci_hcd.2: disconnect device
[   90.746710][   T12] vhci_hcd vhci_hcd.2: stop threads
[   90.748374][   T12] vhci_hcd vhci_hcd.2: release socket
[   90.751676][   T12] vhci_hcd vhci_hcd.2: disconnect device
[   90.754057][   T12] vhci_hcd vhci_hcd.2: stop threads
[   90.756183][   T12] vhci_hcd vhci_hcd.2: release socket
[   90.758573][   T12] vhci_hcd vhci_hcd.2: disconnect device
[   90.761052][   T12] vhci_hcd vhci_hcd.2: stop threads
[   90.765862][   T12] vhci_hcd vhci_hcd.2: release socket
[   90.768924][   T12] vhci_hcd vhci_hcd.2: disconnect device
[   90.816017][   T29] usb 6-1: USB disconnect, device number 3
[   91.101239][ T6560] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[   91.101269][ T6560] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   91.101421][ T6560] vhci_hcd vhci_hcd.0: Device attached
[   91.111066][ T6560] netlink: 'syz.0.109': attribute type 4 has an invalid length.
[   91.111078][ T6560] netlink: 17 bytes leftover after parsing attributes in process `syz.0.109'.
[   91.153232][ T6568] overlayfs: missing 'lowerdir'
[   91.341533][ T6566] vhci_hcd: connection closed
[   91.342424][   T12] vhci_hcd vhci_hcd.0: stop threads
[   91.346656][   T12] vhci_hcd vhci_hcd.0: release socket
[   91.349078][   T12] vhci_hcd vhci_hcd.0: disconnect device
[   91.415416][ T6575] FAULT_INJECTION: forcing a failure.
[   91.415416][ T6575] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.424151][ T6575] CPU: 1 UID: 0 PID: 6575 Comm: syz.3.112 Not tainted syzkaller #0 PREEMPT(full) 
[   91.424174][ T6575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.424183][ T6575] Call Trace:
[   91.424189][ T6575]  <TASK>
[   91.424225][ T6575]  dump_stack_lvl+0x16c/0x1f0
[   91.424254][ T6575]  should_fail_ex+0x512/0x640
[   91.424276][ T6575]  _copy_from_user+0x2e/0xd0
[   91.424293][ T6575]  get_compat_msghdr+0xa7/0x170
[   91.424312][ T6575]  ? __pfx_get_compat_msghdr+0x10/0x10
[   91.424332][ T6575]  ? __lock_acquire+0x436/0x2890
[   91.424352][ T6575]  ___sys_recvmsg+0x191/0x1a0
[   91.424369][ T6575]  ? __pfx____sys_recvmsg+0x10/0x10
[   91.424384][ T6575]  ? find_held_lock+0x2b/0x80
[   91.424405][ T6575]  __sys_recvmsg+0x16a/0x220
[   91.424419][ T6575]  ? __pfx___sys_recvmsg+0x10/0x10
[   91.424438][ T6575]  ? do_user_addr_fault+0x843/0x1370
[   91.424453][ T6575]  __do_fast_syscall_32+0xe8/0x680
[   91.424473][ T6575]  do_fast_syscall_32+0x32/0x80
[   91.424482][ T6575]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   91.424495][ T6575] RIP: 0023:0xf704d579
[   91.424504][ T6575] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   91.424514][ T6575] RSP: 002b:00000000f541c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000174
[   91.424523][ T6575] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000100
[   91.424530][ T6575] RDX: 0000000000000122 RSI: 0000000000000000 RDI: 0000000000000000
[   91.424535][ T6575] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   91.424541][ T6575] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   91.424547][ T6575] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   91.424559][ T6575]  </TASK>
[   91.679765][   T40] audit: type=1326 audit(1766293546.590:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.116" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[   91.695091][   T40] audit: type=1326 audit(1766293546.610:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.116" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf704d579 code=0x7ffc0000
[   91.706266][   T40] audit: type=1326 audit(1766293546.610:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.116" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[   91.719383][ T6583] capability: warning: `syz.3.116' uses deprecated v2 capabilities in a way that may be insecure
[   91.723287][   T40] audit: type=1326 audit(1766293546.610:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.116" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[   91.730555][   T40] audit: type=1326 audit(1766293546.610:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.116" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf704d579 code=0x7ffc0000
[   91.740810][   T40] audit: type=1326 audit(1766293546.610:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.116" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[   91.748882][   T40] audit: type=1326 audit(1766293546.610:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.116" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf704d579 code=0x7ffc0000
[   91.757510][   T40] audit: type=1326 audit(1766293546.620:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.116" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704d579 code=0x7ffc0000
[   91.766028][   T40] audit: type=1326 audit(1766293546.620:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6584 comm="syz.3.116" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf704d579 code=0x7ffc0000
[   91.774511][   T40] audit: type=1326 audit(1766293546.640:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.116" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf704d579 code=0x7ffc0000
[   92.092474][ T6596] overlayfs: missing 'workdir'
[   92.201021][ T6608] lo speed is unknown, defaulting to 1000
[   92.395416][ T6615] netlink: 4 bytes leftover after parsing attributes in process `syz.1.123'.
[   92.399171][ T6615] netlink: 4 bytes leftover after parsing attributes in process `syz.1.123'.
[   92.405174][ T6615] netlink: 4 bytes leftover after parsing attributes in process `syz.1.123'.
[   92.415403][ T6618] FAULT_INJECTION: forcing a failure.
[   92.415403][ T6618] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.419718][ T6618] CPU: 0 UID: 0 PID: 6618 Comm: syz.2.124 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[   92.419734][ T6618] Tainted: [L]=SOFTLOCKUP
[   92.419737][ T6618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.419743][ T6618] Call Trace:
[   92.419747][ T6618]  <TASK>
[   92.419751][ T6618]  dump_stack_lvl+0x16c/0x1f0
[   92.419770][ T6618]  should_fail_ex+0x512/0x640
[   92.419785][ T6618]  _copy_from_user+0x2e/0xd0
[   92.419796][ T6618]  bpf_test_init.isra.0+0xce/0x130
[   92.419811][ T6618]  bpf_prog_test_run_xdp+0x66c/0x1660
[   92.419828][ T6618]  ? __fget_files+0x204/0x3c0
[   92.419844][ T6618]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.419859][ T6618]  ? __might_fault+0x80/0x190
[   92.419873][ T6618]  ? fput+0x70/0xf0
[   92.419896][ T6618]  ? __bpf_prog_get+0x97/0x2a0
[   92.419910][ T6618]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[   92.419924][ T6618]  __sys_bpf+0x1035/0x4980
[   92.419936][ T6618]  ? __pfx___sys_bpf+0x10/0x10
[   92.419944][ T6618]  ? find_held_lock+0x2b/0x80
[   92.419961][ T6618]  ? find_held_lock+0x2b/0x80
[   92.419977][ T6618]  ? __mutex_unlock_slowpath+0x161/0x790
[   92.420001][ T6618]  ? fput+0x70/0xf0
[   92.420010][ T6618]  ? ksys_write+0x1ac/0x250
[   92.420024][ T6618]  ? __pfx_ksys_write+0x10/0x10
[   92.420040][ T6618]  __ia32_sys_bpf+0x76/0xe0
[   92.420049][ T6618]  ? lockdep_hardirqs_on+0x7c/0x110
[   92.420064][ T6618]  __do_fast_syscall_32+0xe8/0x680
[   92.420081][ T6618]  do_fast_syscall_32+0x32/0x80
[   92.420090][ T6618]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   92.420103][ T6618] RIP: 0023:0xf7fd1579
[   92.420112][ T6618] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   92.420122][ T6618] RSP: 002b:00000000f54c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[   92.420132][ T6618] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600
[   92.420138][ T6618] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[   92.420143][ T6618] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   92.420149][ T6618] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   92.420154][ T6618] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   92.420167][ T6618]  </TASK>
[   92.496906][ T6610] netlink: 4 bytes leftover after parsing attributes in process `syz.0.120'.
[   92.502192][ T6610] trusted_key: syz.0.120 sent an empty control message without MSG_MORE.
[   92.660600][ T6034] usb 38-1: device descriptor read/8, error -110
[   92.788014][ T6624] overlayfs: missing 'lowerdir'
[   93.052982][ T6034] usb usb38-port1: attempt power cycle
[   93.247945][ T6630] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   93.260175][ T6630] netlink: 40 bytes leftover after parsing attributes in process `syz.3.126'.
[   93.566670][ T6632] Illegal XDP return value 4294967282 on prog  (id 41) dev syz_tun, expect packet loss!
[   93.624151][ T6034] usb usb38-port1: unable to enumerate USB device
[   93.958029][ T6639] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   95.850498][   T54] vhci_hcd vhci_hcd.2: vhci_device speed not set
[   95.860877][ T6671] syz.3.139 uses obsolete (PF_INET,SOCK_PACKET)
[   96.954391][ T6730] netlink: 4 bytes leftover after parsing attributes in process `syz.1.147'.
[   97.050478][ T6730] nbd1: detected capacity change from 0 to 63
[   97.054076][ T6731] block nbd1: NBD_DISCONNECT
[   97.056176][ T6731] block nbd1: Disconnected due to user request.
[   97.059184][ T6731] block nbd1: shutting down sockets
[   97.070647][    C2] blk_print_req_error: 138 callbacks suppressed
[   97.070660][    C2] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   97.076209][    C2] buffer_io_error: 138 callbacks suppressed
[   97.076218][    C2] Buffer I/O error on dev nbd1, logical block 0, async page read
[   97.080554][    T9] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   97.080773][    C2] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   97.087306][    C2] Buffer I/O error on dev nbd1, logical block 1, async page read
[   97.090554][    C2] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   97.094660][    C2] Buffer I/O error on dev nbd1, logical block 2, async page read
[   97.097877][    C2] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   97.101853][    C2] Buffer I/O error on dev nbd1, logical block 3, async page read
[   97.105585][ T5949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   97.109419][ T5949] Buffer I/O error on dev nbd1, logical block 0, async page read
[   97.112569][ T5949] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   97.116744][ T5949] Buffer I/O error on dev nbd1, logical block 1, async page read
[   97.120035][ T5949] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   97.140659][ T5949] Buffer I/O error on dev nbd1, logical block 2, async page read
[   97.143295][ T5949] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   97.146465][ T5949] Buffer I/O error on dev nbd1, logical block 3, async page read
[   97.149162][ T5949] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   97.153175][ T6733] netlink: 20 bytes leftover after parsing attributes in process `syz.1.148'.
[   97.157711][ T6733] openvswitch: netlink: Flow actions attr not present in new flow.
[   97.160143][ T5949] Buffer I/O error on dev nbd1, logical block 0, async page read
[   97.165372][ T5949] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[   97.168452][ T5949] Buffer I/O error on dev nbd1, logical block 1, async page read
[   97.171250][ T5949] ldm_validate_partition_table(): Disk read failed.
[   97.174328][ T5949] Dev nbd1: unable to read RDB block 0
[   97.177308][ T5949]  nbd1: unable to read partition table
[   97.186765][ T5949] ldm_validate_partition_table(): Disk read failed.
[   97.190150][ T5949] Dev nbd1: unable to read RDB block 0
[   97.193209][ T5949]  nbd1: unable to read partition table
[   97.260663][ T6735] faux_driver vgem: [drm] Unknown color mode 65545; guessing buffer size.
[   97.263269][    T9] usb 8-1: config 0 has no interfaces?
[   97.269173][    T9] usb 8-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[   97.272127][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.274681][    T9] usb 8-1: Product: syz
[   97.276145][    T9] usb 8-1: Manufacturer: syz
[   97.277717][    T9] usb 8-1: SerialNumber: syz
[   97.280446][    T9] usb 8-1: config 0 descriptor??
[   98.322730][ T6741] program syz.1.151 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   98.385231][   T40] kauditd_printk_skb: 34 callbacks suppressed
[   98.385243][   T40] audit: type=1800 audit(1766293553.300:47): pid=6703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.143" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[   98.385403][ T6703] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[   98.392249][ T6723] lo speed is unknown, defaulting to 1000
[   98.394990][ T6703] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[   98.404096][ T6703] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[   98.448939][ T6034] usb 8-1: USB disconnect, device number 3
[   99.478944][ T6760] block nbd1: not configured, cannot reconfigure
[   99.485259][ T6372] IPVS: starting estimator thread 0...
[   99.580608][ T6761] IPVS: using max 29 ests per chain, 69600 per kthread
[   99.681907][ T6766] syzkaller0: entered promiscuous mode
[   99.684254][ T6766] syzkaller0: entered allmulticast mode
[   99.698564][ T6766] tipc: Started in network mode
[   99.700483][ T6766] tipc: Node identity 6a2f5a68a8c3, cluster identity 4711
[   99.703775][ T6766] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   99.708484][ T6765] tipc: Resetting bearer <eth:syzkaller0>
[   99.719817][ T6765] tipc: Disabling bearer <eth:syzkaller0>
[  100.096418][ T6778] trusted_key: encrypted_key: keylen parameter is missing
[  100.182014][ T6783] netlink: 24 bytes leftover after parsing attributes in process `syz.3.164'.
[  100.187445][ T6783] program syz.3.164 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  100.410283][ T6792] syzkaller1: entered promiscuous mode
[  100.412659][ T6792] syzkaller1: entered allmulticast mode
[  100.602032][ T1109] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  100.604933][ T1109] ata1: failed to read log page 10h (errno=-5)
[  100.607569][ T1109] ata1.00: exception Emask 0x1 SAct 0x8000 SErr 0x0 action 0x0
[  100.611282][ T1109] ata1.00: irq_stat 0x40000000
[  100.613374][ T1109] ata1.00: failed command: WRITE FPDMA QUEUED
[  100.615950][ T1109] ata1.00: cmd 61/20:78:56:06:10/00:00:00:00:00/40 tag 15 ncq dma 16384 out
[  100.615950][ T1109]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  100.623341][ T1109] ata1.00: status: { DRDY }
[  100.625247][ T1109] ata1.00: error: { ABRT }
[  100.630010][ T1109] ata1.00: configured for UDMA/100
[  100.633085][ T1109] ata1: EH complete
[  100.645372][ T6800] netlink: 60 bytes leftover after parsing attributes in process `syz.2.171'.
[  100.822242][ T6800] /dev/sr0: Can't open blockdev
[  101.383821][ T6826] bridge1: entered allmulticast mode
[  101.520520][ T6827] syz_tun: entered allmulticast mode
[  101.805107][ T6833] netlink: 8 bytes leftover after parsing attributes in process `syz.2.179'.
[  101.806311][ T6834] netlink: 4 bytes leftover after parsing attributes in process `syz.0.180'.
[  101.815744][ T6834] netlink: 4 bytes leftover after parsing attributes in process `syz.0.180'.
[  101.823225][ T6834] netlink: 4 bytes leftover after parsing attributes in process `syz.0.180'.
[  102.560901][   T54] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  102.577569][ T6846] tipc: Started in network mode
[  102.579192][ T6846] tipc: Node identity ac1414aa, cluster identity 4711
[  102.582152][ T6846] tipc: Enabled bearer <udp:s>, priority 10
[  102.630493][ T6372] IPVS: starting estimator thread 0...
[  102.724329][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  102.734222][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  102.737813][   T54] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  102.750491][ T6847] IPVS: using max 44 ests per chain, 105600 per kthread
[  102.753979][   T54] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  102.760558][   T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.781287][   T54] usb 6-1: config 0 descriptor??
[  103.304494][   T54] usbhid 6-1:0.0: can't add hid device: -71
[  103.306456][   T54] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  103.312718][   T54] usb 6-1: USB disconnect, device number 4
[  103.711942][ T6372] tipc: Node number set to 2886997162
[  104.200944][    T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  104.350468][    T9] usb 6-1: Using ep0 maxpacket: 8
[  104.363798][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  104.366457][    T9] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  104.370278][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.390681][    T9] usb 6-1: config 0 descriptor??
[  104.869418][    T9] mcp2221 0003:04D8:00DD.0002: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  104.967128][    T9] usb 6-1: USB disconnect, device number 5
[  105.390514][ T6950] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  105.392697][ T6950] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  105.580482][ T6950] vhci_hcd vhci_hcd.0: Device attached
[  105.711328][ T6372] usb 38-1: SetAddress Request (10) to port 0
[  105.714081][ T6372] usb 38-1: new SuperSpeed USB device number 10 using vhci_hcd
[  105.953275][ T6962] binder: 6961:6962 ioctl 84009422 80001d80 returned -22
[  106.077200][ T6951] vhci_hcd: connection reset by peer
[  106.114574][   T46] vhci_hcd vhci_hcd.0: stop threads
[  106.116385][   T46] vhci_hcd vhci_hcd.0: release socket
[  106.119496][   T46] vhci_hcd vhci_hcd.0: disconnect device
[  106.830528][ T6034] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  106.866956][ T6988] team0: No ports can be present during mode change
[  106.922723][ T6991] netlink: 8 bytes leftover after parsing attributes in process `syz.2.211'.
[  106.939926][ T6992] bridge_slave_0: left allmulticast mode
[  106.943733][ T6992] bridge_slave_0: left promiscuous mode
[  106.946308][ T6992] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.966922][ T6992] bridge_slave_1: left allmulticast mode
[  106.969354][ T6992] bridge_slave_1: left promiscuous mode
[  106.973053][ T6992] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.982626][ T6992] bond0: (slave bond_slave_0): Releasing backup interface
[  106.990199][ T6992] bond0: (slave bond_slave_1): Releasing backup interface
[  106.994195][ T6034] usb 8-1: Using ep0 maxpacket: 16
[  106.998491][ T6034] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  107.008991][ T6034] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  107.015169][ T6034] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.018239][ T6034] usb 8-1: Product: syz
[  107.020303][ T6034] usb 8-1: Manufacturer: syz
[  107.022180][ T6992] team0: Port device team_slave_0 removed
[  107.024226][ T6034] usb 8-1: SerialNumber: syz
[  107.027788][ T6992] team0: Port device team_slave_1 removed
[  107.028603][ T6034] usb 8-1: config 0 descriptor??
[  107.029964][ T6992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  107.033729][ T6992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  107.035744][ T6034] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  107.038978][ T6034] em28xx 8-1:0.0: DVB interface 0 found: bulk
[  107.040009][ T6992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  107.043762][ T6992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  107.047887][ T6992] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  107.125467][ T6994] netlink: 20 bytes leftover after parsing attributes in process `syz.0.214'.
[  107.640755][ T7003] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  107.643612][ T7003] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  107.648243][ T7003] vhci_hcd vhci_hcd.0: Device attached
[  107.689290][   T40] audit: type=1800 audit(1766293562.590:48): pid=7003 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.215" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  107.997147][ T7017] netlink: 4 bytes leftover after parsing attributes in process `syz.2.217'.
[  108.110055][ T7014] FAULT_INJECTION: forcing a failure.
[  108.110055][ T7014] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.120961][ T7014] CPU: 2 UID: 0 PID: 7014 Comm: syz.2.217 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  108.120980][ T7014] Tainted: [L]=SOFTLOCKUP
[  108.120983][ T7014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  108.120989][ T7014] Call Trace:
[  108.120994][ T7014]  <TASK>
[  108.120998][ T7014]  dump_stack_lvl+0x16c/0x1f0
[  108.121018][ T7014]  should_fail_ex+0x512/0x640
[  108.121033][ T7014]  _copy_to_user+0x32/0xd0
[  108.121045][ T7014]  simple_read_from_buffer+0xcb/0x170
[  108.121061][ T7014]  proc_fail_nth_read+0x197/0x240
[  108.121079][ T7014]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  108.121096][ T7014]  ? rw_verify_area+0xcf/0x6c0
[  108.121109][ T7014]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  108.121125][ T7014]  vfs_read+0x1e4/0xcf0
[  108.121140][ T7014]  ? __pfx___mutex_lock+0x10/0x10
[  108.121157][ T7014]  ? __pfx_vfs_read+0x10/0x10
[  108.121170][ T7014]  ? find_held_lock+0x2b/0x80
[  108.121187][ T7014]  ? __fget_files+0x20e/0x3c0
[  108.121206][ T7014]  ksys_read+0x12a/0x250
[  108.121220][ T7014]  ? __pfx_ksys_read+0x10/0x10
[  108.121238][ T7014]  __do_fast_syscall_32+0xe8/0x680
[  108.121256][ T7014]  do_fast_syscall_32+0x32/0x80
[  108.121265][ T7014]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  108.121278][ T7014] RIP: 0023:0xf7fd1579
[  108.121286][ T7014] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  108.121296][ T7014] RSP: 002b:00000000f54a5590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  108.121306][ T7014] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000f54a5620
[  108.121312][ T7014] RDX: 000000000000000f RSI: 00000000f7466ff4 RDI: 0000000000000000
[  108.121318][ T7014] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  108.121323][ T7014] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  108.121329][ T7014] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  108.121342][ T7014]  </TASK>
[  108.160689][ T6034] em28xx 8-1:0.0: unknown em28xx chip ID (0)
[  108.221315][ T7017] hsr_slave_0 (unregistering): left promiscuous mode
[  108.312309][ T6034] em28xx 8-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  108.315499][ T6034] em28xx 8-1:0.0: board has no eeprom
[  108.390783][ T6034] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  108.394102][ T6034] em28xx 8-1:0.0: dvb set to bulk mode.
[  108.399449][ T6054] em28xx 8-1:0.0: Binding DVB extension
[  108.431682][ T7004] vhci_hcd: connection closed
[  108.433281][ T1235] vhci_hcd vhci_hcd.0: stop threads
[  108.440441][ T1235] vhci_hcd vhci_hcd.0: release socket
[  108.443576][ T1235] vhci_hcd vhci_hcd.0: disconnect device
[  108.998011][ T7028] netlink: 4 bytes leftover after parsing attributes in process `syz.1.219'.
[  109.464085][ T7028] hsr_slave_0 (unregistering): left promiscuous mode
[  109.473220][ T7029] warning: `syz.2.220' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  109.482839][ T6054] em28xx 8-1:0.0: Registering input extension
[  109.984907][ T6054] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  110.042756][ T3246] usb 7-1: new low-speed USB device number 5 using dummy_hcd
[  110.132090][ T6054] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 183, setting to 64
[  110.136649][ T6054] usb 6-1: config 0 interface 0 has no altsetting 0
[  110.143505][ T6054] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  110.147362][ T6054] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  110.151055][ T6054] usb 6-1: Product: syz
[  110.152789][ T6054] usb 6-1: Manufacturer: syz
[  110.154312][ T6054] usb 6-1: SerialNumber: syz
[  110.157344][ T6054] usb 6-1: config 0 descriptor??
[  110.163817][ T6054] usb 6-1: selecting invalid altsetting 0
[  110.198176][ T3246] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  110.200667][ T3246] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  110.204096][ T3246] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  110.209149][ T3246] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  110.213737][ T3246] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  110.218754][ T3246] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  110.222234][ T3246] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  110.226533][ T3246] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  110.232097][ T3246] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  110.236556][ T3246] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  110.241837][ T3246] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  110.244784][ T3246] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  110.258229][ T3246] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  110.262140][ T3246] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  110.265629][ T3246] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  110.272140][ T3246] usb 7-1: string descriptor 0 read error: -22
[  110.274894][ T3246] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  110.278541][ T3246] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.288126][ T3246] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  110.518373][ T7042] netlink: 15678 bytes leftover after parsing attributes in process `syz.2.225'.
[  110.740587][ T6372] usb 38-1: device descriptor read/8, error -110
[  110.933358][   T10] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  111.021318][    C3] ata1: illegal qc_active transition (00000000->00004000)
[  111.048546][ T7056] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled
[  111.345516][ T1109] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300)
[  111.349451][ T1109] ata1.00: configured for UDMA/100
[  111.981021][ T6372] usb usb38-port1: attempt power cycle
[  112.261085][ T7060] em28xx 8-1:0.0: reading from i2c device at 0x2 failed (error=-5)
[  112.286814][   T10] usb 8-1: USB disconnect, device number 4
[  112.290064][   T10] em28xx 8-1:0.0: Disconnecting em28xx
[  112.302710][   T10] em28xx 8-1:0.0: Closing input extension
[  112.312874][   T10] em28xx 8-1:0.0: Freeing device
[  112.540495][   T54] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  112.541748][ T6372] usb usb38-port1: unable to enumerate USB device
[  112.692681][   T54] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 183, setting to 64
[  112.697317][   T54] usb 5-1: config 0 interface 0 has no altsetting 0
[  112.702343][   T54] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  112.705795][   T54] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  112.708448][   T54] usb 5-1: Product: syz
[  112.710177][   T54] usb 5-1: Manufacturer: syz
[  112.712395][   T54] usb 5-1: SerialNumber: syz
[  112.715424][   T54] usb 5-1: config 0 descriptor??
[  112.716647][ T1324] usb 6-1: USB disconnect, device number 6
[  112.741193][   T54] usb 5-1: selecting invalid altsetting 0
[  112.820853][ T6372] usb 7-1: USB disconnect, device number 5
[  113.167711][ T7093] FAULT_INJECTION: forcing a failure.
[  113.167711][ T7093] name failslab, interval 1, probability 0, space 0, times 1
[  113.173605][ T7093] CPU: 3 UID: 0 PID: 7093 Comm: syz.3.238 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  113.173629][ T7093] Tainted: [L]=SOFTLOCKUP
[  113.173635][ T7093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.173644][ T7093] Call Trace:
[  113.173650][ T7093]  <TASK>
[  113.173658][ T7093]  dump_stack_lvl+0x16c/0x1f0
[  113.173703][ T7093]  should_fail_ex+0x512/0x640
[  113.173722][ T7093]  ? __kmalloc_noprof+0xca/0x910
[  113.173745][ T7093]  should_failslab+0xc2/0x120
[  113.173771][ T7093]  __kmalloc_noprof+0xeb/0x910
[  113.173789][ T7093]  ? kernfs_fop_write_iter+0x237/0x570
[  113.173819][ T7093]  ? kernfs_fop_write_iter+0x237/0x570
[  113.173842][ T7093]  kernfs_fop_write_iter+0x237/0x570
[  113.173871][ T7093]  vfs_write+0x7d3/0x11d0
[  113.173896][ T7093]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  113.173924][ T7093]  ? __pfx_vfs_write+0x10/0x10
[  113.173945][ T7093]  ? find_held_lock+0x2b/0x80
[  113.173984][ T7093]  ksys_write+0x12a/0x250
[  113.174008][ T7093]  ? __pfx_ksys_write+0x10/0x10
[  113.174061][ T7093]  __do_fast_syscall_32+0xe8/0x680
[  113.174091][ T7093]  do_fast_syscall_32+0x32/0x80
[  113.174106][ T7093]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  113.174127][ T7093] RIP: 0023:0xf704d579
[  113.174140][ T7093] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  113.174155][ T7093] RSP: 002b:00000000f543d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  113.174171][ T7093] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000280
[  113.174181][ T7093] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000000
[  113.174190][ T7093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  113.174199][ T7093] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  113.174209][ T7093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  113.174233][ T7093]  </TASK>
[  113.181101][ T7095] FAULT_INJECTION: forcing a failure.
[  113.181101][ T7095] name failslab, interval 1, probability 0, space 0, times 0
[  113.235798][ T7097] netlink: 4 bytes leftover after parsing attributes in process `syz.1.239'.
[  113.238839][ T7095] CPU: 1 UID: 0 PID: 7095 Comm: syz.2.236 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  113.238868][ T7095] Tainted: [L]=SOFTLOCKUP
[  113.238874][ T7095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.238884][ T7095] Call Trace:
[  113.238892][ T7095]  <TASK>
[  113.238898][ T7095]  dump_stack_lvl+0x16c/0x1f0
[  113.238928][ T7095]  should_fail_ex+0x512/0x640
[  113.238947][ T7095]  ? __kmalloc_cache_noprof+0x5f/0x800
[  113.238967][ T7095]  should_failslab+0xc2/0x120
[  113.238989][ T7095]  __kmalloc_cache_noprof+0x80/0x800
[  113.239007][ T7095]  ? nft_netdev_hook_alloc+0x242/0x450
[  113.239029][ T7095]  ? nft_netdev_hook_alloc+0x242/0x450
[  113.239049][ T7095]  nft_netdev_hook_alloc+0x242/0x450
[  113.239073][ T7095]  nf_tables_parse_netdev_hooks+0x2e2/0x7d0
[  113.239101][ T7095]  nft_chain_parse_hook+0xc55/0x1250
[  113.239128][ T7095]  ? __lock_acquire+0x436/0x2890
[  113.239144][ T7095]  ? __pfx_nft_chain_parse_hook+0x10/0x10
[  113.239166][ T7095]  ? arch_stack_walk+0xa6/0x100
[  113.239195][ T7095]  nf_tables_addchain.constprop.0+0xbfa/0x1c90
[  113.239219][ T7095]  ? nft_obj_lookup+0x625/0xb40
[  113.239239][ T7095]  ? nft_chain_lookup+0x5be/0xaa0
[  113.239262][ T7095]  ? __pfx_nf_tables_addchain.constprop.0+0x10/0x10
[  113.239288][ T7095]  ? __lock_acquire+0x436/0x2890
[  113.239319][ T7095]  ? nla_strcmp+0xff/0x130
[  113.239342][ T7095]  ? nft_table_lookup.part.0+0x1e3/0x230
[  113.239367][ T7095]  nf_tables_newchain+0x206d/0x2da0
[  113.239386][ T7095]  ? __print_lock_name+0x55/0xe0
[  113.239407][ T7095]  ? net_generic+0xea/0x2a0
[  113.239435][ T7095]  ? __nla_validate_parse+0x600/0x2880
[  113.239457][ T7095]  ? __pfx_nf_tables_newchain+0x10/0x10
[  113.239480][ T7095]  ? __pfx___nla_validate_parse+0x10/0x10
[  113.239510][ T7095]  ? __nla_parse+0x40/0x60
[  113.239534][ T7095]  nfnetlink_rcv_batch+0x190d/0x2350
[  113.239564][ T7095]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  113.239587][ T7095]  ? lockdep_hardirqs_on+0x7c/0x110
[  113.239608][ T7095]  ? __dev_queue_xmit+0x782/0x4650
[  113.239624][ T7095]  ? __local_bh_enable_ip+0xa4/0x120
[  113.239676][ T7095]  ? __nla_parse+0x40/0x60
[  113.239700][ T7095]  nfnetlink_rcv+0x3c1/0x430
[  113.239718][ T7095]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  113.239740][ T7095]  netlink_unicast+0x5aa/0x870
[  113.239766][ T7095]  ? __pfx_netlink_unicast+0x10/0x10
[  113.239795][ T7095]  netlink_sendmsg+0x8c8/0xdd0
[  113.239821][ T7095]  ? __pfx_netlink_sendmsg+0x10/0x10
[  113.239845][ T7095]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  113.239873][ T7095]  ____sys_sendmsg+0xa5d/0xc30
[  113.239899][ T7095]  ? __pfx_____sys_sendmsg+0x10/0x10
[  113.239922][ T7095]  ? get_compat_msghdr+0x11a/0x170
[  113.239951][ T7095]  ___sys_sendmsg+0x134/0x1d0
[  113.239972][ T7095]  ? __pfx____sys_sendmsg+0x10/0x10
[  113.240003][ T7095]  ? find_held_lock+0x2b/0x80
[  113.240037][ T7095]  __sys_sendmsg+0x16d/0x220
[  113.240058][ T7095]  ? __pfx___sys_sendmsg+0x10/0x10
[  113.240092][ T7095]  __do_fast_syscall_32+0xe8/0x680
[  113.240118][ T7095]  do_fast_syscall_32+0x32/0x80
[  113.240132][ T7095]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  113.240151][ T7095] RIP: 0023:0xf7fd1579
[  113.240164][ T7095] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  113.240177][ T7095] RSP: 002b:00000000f54c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  113.240193][ T7095] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000008000c2c0
[  113.240203][ T7095] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  113.240212][ T7095] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  113.240221][ T7095] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  113.240229][ T7095] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  113.240250][ T7095]  </TASK>
[  113.574757][ T7115] netlink: 44 bytes leftover after parsing attributes in process `syz.2.241'.
[  113.667958][ T7117] usb 5-1: cannot submit urb 0, error -2: endpoint not enabled
[  113.838533][ T7115] bridge0: port 3(dummy0) entered disabled state
[  113.838709][ T7115] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.839230][ T7115] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.509340][   T29] usb 5-1: USB disconnect, device number 6
[  115.623065][ T7147] lo: entered allmulticast mode
[  115.925770][ T7161] sp0: Synchronizing with TNC
[  116.027793][ T7166] usb 2-1: USB disconnect, device number 2
[  116.283505][ T7168] netlink: 'syz.0.254': attribute type 2 has an invalid length.
[  116.322099][ T7168] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.436518][ T7166] bridge2: entered promiscuous mode
[  116.438857][ T7166] bridge2: entered allmulticast mode
[  116.960525][ T6014] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  117.112114][ T6014] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 183, setting to 64
[  117.116273][ T6014] usb 6-1: config 0 interface 0 has no altsetting 0
[  117.120943][ T6014] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  117.124738][ T6014] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  117.128149][ T6014] usb 6-1: Product: syz
[  117.130176][ T6014] usb 6-1: Manufacturer: syz
[  117.132201][ T6014] usb 6-1: SerialNumber: syz
[  117.142476][ T6014] usb 6-1: config 0 descriptor??
[  117.151044][ T6014] usb 6-1: selecting invalid altsetting 0
[  117.392155][ T7160] [U] �
[  117.559120][ T7192] openvswitch: netlink: Unknown VXLAN extension attribute 0
[  117.595115][ T7188] netlink: 'syz.2.259': attribute type 1 has an invalid length.
[  117.641720][ T7199] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  117.644369][ T7199] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  117.651818][ T7199] vhci_hcd vhci_hcd.0: Device attached
[  117.663243][ T7206] 9p: Bad value for 'wfdno'
[  117.666605][ T7202] vhci_hcd: connection closed
[  117.668076][  T770] vhci_hcd vhci_hcd.3: stop threads
[  117.681582][  T770] vhci_hcd vhci_hcd.3: release socket
[  117.689420][  T770] vhci_hcd vhci_hcd.3: disconnect device
[  117.705129][ T7211] vivid-007: disconnect
[  117.708221][ T7211] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  117.714662][ T7211] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[  117.717851][ T7211] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  117.720459][ T7211] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[  117.733541][ T7210] vivid-007: reconnect
[  117.824629][ T7214] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled
[  118.370639][ T6014] usb 5-1: new low-speed USB device number 7 using dummy_hcd
[  118.521876][ T6014] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  118.524682][ T6014] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  118.528070][ T6014] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  118.532245][ T6014] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  118.535837][ T6014] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  118.540037][ T6014] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  118.542520][ T6014] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  118.546039][ T6014] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  118.549669][ T6014] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  118.553376][ T6014] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  118.559166][ T6014] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  118.562472][ T6014] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  118.566847][ T6014] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  118.573394][ T6014] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  118.577997][ T6014] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  118.587087][ T6014] usb 5-1: string descriptor 0 read error: -22
[  118.589069][ T6014] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  118.592267][ T6014] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.605765][ T6014] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  118.860071][ T6014] usb 5-1: USB disconnect, device number 7
[  119.134456][ T7260] hub 8-0:1.0: USB hub found
[  119.136830][ T7260] hub 8-0:1.0: 1 port detected
[  119.446769][ T7268] tmpfs: Unknown parameter 'grpquota_inod@��z~�<�ȋ�y�e�B�?dlimit'
[  119.458475][ T7268] netlink: 24 bytes leftover after parsing attributes in process `syz.2.274'.
[  119.463783][ T7268] netlink: 24 bytes leftover after parsing attributes in process `syz.2.274'.
[  119.878890][   T29] usb 6-1: USB disconnect, device number 7
[  121.034368][ T6372] hid-generic 0005:16C0:0009.0003: unknown main item tag 0x0
[  121.141300][ T6372] hid-generic 0005:16C0:0009.0003: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  121.185371][ T7295] mmap: syz.2.281 (7295) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  121.535128][ T7302] netlink: 'syz.1.284': attribute type 10 has an invalid length.
[  121.546300][ T7302] 8021q: adding VLAN 0 to HW filter on device team0
[  121.549999][ T7302] bond0: (slave team0): Enslaving as an active interface with an up link
[  121.567253][ T7302] netlink: 'syz.1.284': attribute type 10 has an invalid length.
[  121.667728][ T7303] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  121.735798][ T7302] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  122.816593][ T7325] =======================================================
[  122.816593][ T7325] WARNING: The mand mount option has been deprecated and
[  122.816593][ T7325]          and is ignored by this kernel. Remove the mand
[  122.816593][ T7325]          option from the mount to silence this warning.
[  122.816593][ T7325] =======================================================
[  123.255441][   T10] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  123.500519][   T10] usb 8-1: Using ep0 maxpacket: 32
[  123.604658][   T10] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  123.611299][   T10] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  123.614317][   T10] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  123.616870][   T10] usb 8-1: Product: syz
[  123.619293][   T10] usb 8-1: Manufacturer: syz
[  123.621424][   T10] usb 8-1: SerialNumber: syz
[  123.644260][   T10] usb 8-1: config 0 descriptor??
[  123.651954][ T7327] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  123.655881][   T10] hub 8-1:0.0: bad descriptor, ignoring hub
[  123.658161][   T10] hub 8-1:0.0: probe with driver hub failed with error -5
[  124.513366][ T7356] No source specified
[  125.121537][ T7369] netlink: 4 bytes leftover after parsing attributes in process `syz.2.301'.
[  125.241940][ T7369] nbd2: detected capacity change from 0 to 63
[  125.260785][ T7370] block nbd2: NBD_DISCONNECT
[  125.265585][ T7370] block nbd2: Disconnected due to user request.
[  125.267937][ T7370] block nbd2: shutting down sockets
[  125.271141][    C0] blk_print_req_error: 138 callbacks suppressed
[  125.271151][    C0] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  125.276280][    C0] buffer_io_error: 138 callbacks suppressed
[  125.276288][    C0] Buffer I/O error on dev nbd2, logical block 0, async page read
[  125.320992][    C3] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  125.324888][    C3] Buffer I/O error on dev nbd2, logical block 1, async page read
[  125.330185][    C3] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  125.330492][    C2] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  125.334100][    C3] Buffer I/O error on dev nbd2, logical block 2, async page read
[  125.337096][    C2] Buffer I/O error on dev nbd2, logical block 3, async page read
[  125.343602][ T5949] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  125.347220][ T5949] Buffer I/O error on dev nbd2, logical block 0, async page read
[  125.349996][ T5949] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  125.354320][ T5949] Buffer I/O error on dev nbd2, logical block 1, async page read
[  125.357102][ T5949] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  125.360232][ T5949] Buffer I/O error on dev nbd2, logical block 2, async page read
[  125.363257][ T5949] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  125.366415][ T5949] Buffer I/O error on dev nbd2, logical block 3, async page read
[  125.369153][ T5949] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  125.372584][ T5949] Buffer I/O error on dev nbd2, logical block 0, async page read
[  125.375334][ T5949] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  125.378398][ T5949] Buffer I/O error on dev nbd2, logical block 1, async page read
[  125.382663][ T5949] ldm_validate_partition_table(): Disk read failed.
[  125.385652][ T5949] Dev nbd2: unable to read RDB block 0
[  125.388167][ T5949]  nbd2: unable to read partition table
[  125.432849][ T5949] ldm_validate_partition_table(): Disk read failed.
[  125.435843][ T5949] Dev nbd2: unable to read RDB block 0
[  125.438558][ T5949]  nbd2: unable to read partition table
[  125.803694][ T7378] netlink: 4 bytes leftover after parsing attributes in process `syz.0.304'.
[  125.806677][ T7378] netlink: 20 bytes leftover after parsing attributes in process `syz.0.304'.
[  125.856060][ T7380] netlink: 28 bytes leftover after parsing attributes in process `syz.1.305'.
[  125.859421][ T7380] netlink: 28 bytes leftover after parsing attributes in process `syz.1.305'.
[  126.208096][ T7397] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  126.215680][ T7397] x_tables: ip_tables: icmp match: only valid for protocol 1
[  126.850554][ T6014] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  126.950940][ T7408] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  127.032437][ T6014] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 183, setting to 64
[  127.037092][ T6014] usb 6-1: config 0 interface 0 has no altsetting 0
[  127.043089][ T6014] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  127.046870][ T6014] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  127.050340][ T6014] usb 6-1: Product: syz
[  127.052406][ T6014] usb 6-1: Manufacturer: syz
[  127.054463][ T6014] usb 6-1: SerialNumber: syz
[  127.075177][ T6014] usb 6-1: config 0 descriptor??
[  127.082631][ T6014] usb 6-1: selecting invalid altsetting 0
[  127.228392][ T6035] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  127.390597][ T6035] usb 5-1: Using ep0 maxpacket: 32
[  127.434468][ T6035] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  127.437968][ T6035] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  127.442040][ T6035] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  127.445655][ T6035] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  127.449451][ T6035] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  127.453593][ T6035] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  127.453623][ T7419] netlink: 4 bytes leftover after parsing attributes in process `syz.2.315'.
[  127.457211][ T6035] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  127.457226][ T6035] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  127.457250][ T6035] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  127.473154][ T6035] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.478834][ T6035] usb 5-1: config 0 descriptor??
[  127.630508][ T7419] nbd2: detected capacity change from 0 to 63
[  127.633437][ T7420] block nbd2: NBD_DISCONNECT
[  127.635145][ T7420] block nbd2: Disconnected due to user request.
[  127.637268][ T7420] block nbd2: shutting down sockets
[  127.651764][ T5949] ldm_validate_partition_table(): Disk read failed.
[  127.655563][ T5949] Dev nbd2: unable to read RDB block 0
[  127.658578][ T5949]  nbd2: unable to read partition table
[  127.665036][ T5949] ldm_validate_partition_table(): Disk read failed.
[  127.668263][ T5949] Dev nbd2: unable to read RDB block 0
[  127.671250][ T5949]  nbd2: unable to read partition table
[  127.677769][ T7423] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled
[  127.741375][ T6035] usblp 5-1:0.0: usblp1: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  127.994437][   T54] usb 8-1: USB disconnect, device number 5
[  128.230464][ T7432] sg_write: data in/out 124/12 bytes for SCSI command 0x1c-- guessing data in;
[  128.230464][ T7432]    program syz.3.318 not setting count and/or reply_len properly
[  128.251223][ T7432] lo speed is unknown, defaulting to 1000
[  128.351433][ T7437] syzkaller1: entered promiscuous mode
[  128.353222][ T7437] syzkaller1: entered allmulticast mode
[  129.571259][ T7462] netlink: 4 bytes leftover after parsing attributes in process `syz.3.327'.
[  129.620858][   T29] usb 6-1: USB disconnect, device number 8
[  129.681369][ T7462] nbd3: detected capacity change from 0 to 63
[  129.684458][ T7463] block nbd3: NBD_DISCONNECT
[  129.686389][ T7463] block nbd3: Disconnected due to user request.
[  129.688567][ T7463] block nbd3: shutting down sockets
[  129.692569][ T5949] ldm_validate_partition_table(): Disk read failed.
[  129.694860][ T5949] Dev nbd3: unable to read RDB block 0
[  129.697033][ T5949]  nbd3: unable to read partition table
[  129.703624][ T5949] ldm_validate_partition_table(): Disk read failed.
[  129.705865][ T5949] Dev nbd3: unable to read RDB block 0
[  129.707899][ T5949]  nbd3: unable to read partition table
[  129.720531][   T54] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  129.814172][ T6014] usb 5-1: USB disconnect, device number 8
[  129.819320][ T6014] usblp1: removed
[  129.871794][   T54] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.871812][   T54] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.871823][   T54] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  129.871912][   T54] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  129.871924][   T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.876506][   T54] usb 7-1: config 0 descriptor??
[  129.941601][ T7471] netlink: 'syz.0.329': attribute type 1 has an invalid length.
[  129.955007][ T7471] 8021q: adding VLAN 0 to HW filter on device bond1
[  129.962936][ T7471] netlink: 28 bytes leftover after parsing attributes in process `syz.0.329'.
[  129.962963][ T7471] bond1: entered promiscuous mode
[  129.963033][ T7471] bond1: entered allmulticast mode
[  130.310848][   T54] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  130.669570][ T6372] usb 7-1: USB disconnect, device number 6
[  130.671689][ T7483] plantronics 0003:047F:FFFF.0004: usb_submit_urb(ctrl) failed: -19
[  130.674753][ T7487] input: syz0 as /devices/virtual/input/input11
[  130.690039][ T7453] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  130.692867][ T7453] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  130.702539][ T7453] vhci_hcd vhci_hcd.0: Device attached
[  130.711580][ T7489] vhci_hcd: connection closed
[  130.711970][ T7487] netlink: 28 bytes leftover after parsing attributes in process `syz.1.334'.
[  130.711994][   T46] vhci_hcd vhci_hcd.2: stop threads
[  130.714046][ T7487] netlink: 24 bytes leftover after parsing attributes in process `syz.1.334'.
[  130.716826][   T46] vhci_hcd vhci_hcd.2: release socket
[  130.716838][   T46] vhci_hcd vhci_hcd.2: disconnect device
[  131.130265][ T7501] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  131.132857][ T7501] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  131.137252][ T7501] vhci_hcd vhci_hcd.0: Device attached
[  131.146879][ T7501] netlink: 20 bytes leftover after parsing attributes in process `syz.1.335'.
[  131.164908][ T7505] 9p: Unknown Cache mode or invalid value fscach
[  131.331571][ T7508] netlink: 8 bytes leftover after parsing attributes in process `syz.2.338'.
[  131.334735][ T7508] netlink: 12 bytes leftover after parsing attributes in process `syz.2.338'.
[  131.412380][ T6054] usb 40-1: SetAddress Request (2) to port 0
[  131.414729][ T6054] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  131.508217][ T7511] bridge0: port 4(batadv1) entered blocking state
[  131.511196][ T7511] bridge0: port 4(batadv1) entered disabled state
[  131.513622][ T7511] batadv1: entered allmulticast mode
[  131.517923][ T7511] batadv1: entered promiscuous mode
[  131.651081][ T7502] vhci_hcd: connection reset by peer
[  131.660752][  T770] vhci_hcd vhci_hcd.1: stop threads
[  131.662475][  T770] vhci_hcd vhci_hcd.1: release socket
[  131.664999][  T770] vhci_hcd vhci_hcd.1: disconnect device
[  131.750056][ T7513] netlink: 4 bytes leftover after parsing attributes in process `syz.3.340'.
[  131.850501][ T7513] nbd3: detected capacity change from 0 to 63
[  131.852949][ T7514] block nbd3: NBD_DISCONNECT
[  131.855025][ T7514] block nbd3: Disconnected due to user request.
[  131.857521][ T7514] block nbd3: shutting down sockets
[  131.860941][    C1] blk_print_req_error: 434 callbacks suppressed
[  131.860955][    C1] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  131.867298][    C1] buffer_io_error: 434 callbacks suppressed
[  131.867310][    C1] Buffer I/O error on dev nbd3, logical block 0, async page read
[  131.872995][    C1] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  131.876810][    C1] Buffer I/O error on dev nbd3, logical block 1, async page read
[  131.880242][    C1] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  131.884193][    C1] Buffer I/O error on dev nbd3, logical block 2, async page read
[  131.887346][    C1] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  131.891183][    C1] Buffer I/O error on dev nbd3, logical block 3, async page read
[  131.894364][ T5949] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  131.897421][ T5949] Buffer I/O error on dev nbd3, logical block 0, async page read
[  131.899925][ T5949] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  131.904327][ T5949] Buffer I/O error on dev nbd3, logical block 1, async page read
[  131.907116][ T5949] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  131.910175][ T5949] Buffer I/O error on dev nbd3, logical block 2, async page read
[  131.914733][ T5949] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  131.917808][ T5949] Buffer I/O error on dev nbd3, logical block 3, async page read
[  131.920354][ T5949] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  131.923443][ T5949] Buffer I/O error on dev nbd3, logical block 0, async page read
[  131.926137][ T5949] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  131.929304][ T5949] Buffer I/O error on dev nbd3, logical block 1, async page read
[  131.932211][ T5949] ldm_validate_partition_table(): Disk read failed.
[  131.934735][ T5949] Dev nbd3: unable to read RDB block 0
[  131.936786][ T5949]  nbd3: unable to read partition table
[  131.942515][ T5949] ldm_validate_partition_table(): Disk read failed.
[  131.945237][ T5949] Dev nbd3: unable to read RDB block 0
[  131.947738][ T5949]  nbd3: unable to read partition table
[  132.010515][ T6267] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  132.013621][ T6267] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  132.384804][ T7520] syzkaller0: entered promiscuous mode
[  132.387056][ T7520] syzkaller0: entered allmulticast mode
[  133.150974][ T7533] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0
[  133.804315][ T7570] netlink: 56 bytes leftover after parsing attributes in process `syz.1.352'.
[  134.624209][   T40] audit: type=1326 audit(1766293589.540:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7588 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  134.626067][ T7589] pim6reg1: entered promiscuous mode
[  134.632589][ T7589] pim6reg1: entered allmulticast mode
[  134.712232][   T40] audit: type=1326 audit(1766293589.540:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7588 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  134.718711][   T40] audit: type=1326 audit(1766293589.540:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7588 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=289 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  134.725427][   T40] audit: type=1326 audit(1766293589.540:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7588 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  134.732083][   T40] audit: type=1326 audit(1766293589.540:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7588 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  134.738661][   T40] audit: type=1326 audit(1766293589.540:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7588 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  134.745759][   T40] audit: type=1326 audit(1766293589.550:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7588 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  134.752481][   T40] audit: type=1326 audit(1766293589.550:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7588 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  134.759535][   T40] audit: type=1326 audit(1766293589.550:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7588 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=332 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  134.766348][   T40] audit: type=1326 audit(1766293589.560:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7588 comm="syz.0.363" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000
[  134.907440][ T7593] lo speed is unknown, defaulting to 1000
[  136.500665][ T6054] usb 40-1: device descriptor read/8, error -110
[  136.871962][ T7619] binder: 7618:7619 ioctl 8008662c 80000240 returned -22
[  136.911108][ T6054] usb usb40-port1: attempt power cycle
[  137.019625][ T7620] netlink: 28 bytes leftover after parsing attributes in process `syz.3.370'.
[  137.474345][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  137.480986][ T6054] usb usb40-port1: unable to enumerate USB device
[  137.630590][ T1415] ==================================================================
[  137.633278][ T1415] BUG: KASAN: slab-use-after-free in handle_tx+0x5a5/0x630
[  137.635609][ T1415] Read of size 8 at addr ffff88806cd44020 by task aoe_tx0/1415
[  137.639002][ T1415] 
[  137.640407][ T1415] CPU: 1 UID: 0 PID: 1415 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  137.640423][ T1415] Tainted: [L]=SOFTLOCKUP
[  137.640427][ T1415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.640434][ T1415] Call Trace:
[  137.640438][ T1415]  <TASK>
[  137.640442][ T1415]  dump_stack_lvl+0x116/0x1f0
[  137.640461][ T1415]  print_report+0xcd/0x630
[  137.640477][ T1415]  ? __virt_addr_valid+0x81/0x610
[  137.640493][ T1415]  ? __phys_addr+0xe8/0x180
[  137.640509][ T1415]  ? handle_tx+0x5a5/0x630
[  137.640518][ T1415]  kasan_report+0xe0/0x110
[  137.640534][ T1415]  ? handle_tx+0x5a5/0x630
[  137.640545][ T1415]  handle_tx+0x5a5/0x630
[  137.640557][ T1415]  dev_hard_start_xmit+0x97/0x6e0
[  137.640570][ T1415]  __dev_queue_xmit+0x6d7/0x4650
[  137.640582][ T1415]  ? rcu_is_watching+0x12/0xc0
[  137.640596][ T1415]  ? finish_task_switch.isra.0+0x207/0xbd0
[  137.640611][ T1415]  ? __pfx___dev_queue_xmit+0x10/0x10
[  137.640623][ T1415]  ? __lock_acquire+0x436/0x2890
[  137.640633][ T1415]  ? ref_tracker_free+0x37c/0x830
[  137.640646][ T1415]  ? do_raw_spin_lock+0x12c/0x2b0
[  137.640660][ T1415]  ? rcu_is_watching+0x12/0xc0
[  137.640674][ T1415]  tx+0xcc/0x190
[  137.640682][ T1415]  ? __pfx_tx+0x10/0x10
[  137.640690][ T1415]  kthread+0x1e4/0x3e0
[  137.640704][ T1415]  ? find_held_lock+0x2b/0x80
[  137.640716][ T1415]  ? __pfx_kthread+0x10/0x10
[  137.640730][ T1415]  ? __pfx_default_wake_function+0x10/0x10
[  137.640744][ T1415]  ? lockdep_hardirqs_on+0x7c/0x110
[  137.640759][ T1415]  ? __kthread_parkme+0x19e/0x250
[  137.640774][ T1415]  ? __pfx_kthread+0x10/0x10
[  137.640787][ T1415]  kthread+0x3c5/0x780
[  137.640796][ T1415]  ? __pfx_kthread+0x10/0x10
[  137.640806][ T1415]  ? rcu_is_watching+0x12/0xc0
[  137.640820][ T1415]  ? __pfx_kthread+0x10/0x10
[  137.640829][ T1415]  ret_from_fork+0x983/0xb10
[  137.640840][ T1415]  ? __pfx_ret_from_fork+0x10/0x10
[  137.640850][ T1415]  ? __switch_to+0x7af/0x10d0
[  137.640863][ T1415]  ? __pfx_kthread+0x10/0x10
[  137.640872][ T1415]  ret_from_fork_asm+0x1a/0x30
[  137.640891][ T1415]  </TASK>
[  137.640895][ T1415] 
[  137.710397][ T1415] Allocated by task 7603:
[  137.711754][ T1415]  kasan_save_stack+0x33/0x60
[  137.713288][ T1415]  kasan_save_track+0x14/0x30
[  137.714785][ T1415]  __kasan_kmalloc+0xaa/0xb0
[  137.716248][ T1415]  alloc_tty_struct+0x96/0x8c0
[  137.717772][ T1415]  tty_init_dev.part.0+0x1e/0x500
[  137.719366][ T1415]  tty_open+0xa4f/0xf90
[  137.720679][ T1415]  chrdev_open+0x234/0x6a0
[  137.722141][ T1415]  do_dentry_open+0x748/0x1590
[  137.723654][ T1415]  vfs_open+0x82/0x3f0
[  137.724943][ T1415]  path_openat+0x2078/0x3140
[  137.726451][ T1415]  do_filp_open+0x20b/0x470
[  137.727897][ T1415]  do_sys_openat2+0x121/0x290
[  137.729381][ T1415]  __ia32_compat_sys_openat+0x16d/0x210
[  137.731125][ T1415]  __do_fast_syscall_32+0xe8/0x680
[  137.732793][ T1415]  do_fast_syscall_32+0x32/0x80
[  137.734330][ T1415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  137.736328][ T1415] 
[  137.737097][ T1415] Freed by task 6054:
[  137.738376][ T1415]  kasan_save_stack+0x33/0x60
[  137.739855][ T1415]  kasan_save_track+0x14/0x30
[  137.741345][ T1415]  kasan_save_free_info+0x3b/0x60
[  137.742977][ T1415]  __kasan_slab_free+0x5f/0x80
[  137.744489][ T1415]  kfree+0x2f8/0x6e0
[  137.745735][ T1415]  process_one_work+0x9ba/0x1b20
[  137.747295][ T1415]  worker_thread+0x6c8/0xf10
[  137.748750][ T1415]  kthread+0x3c5/0x780
[  137.750050][ T1415]  ret_from_fork+0x983/0xb10
[  137.751528][ T1415]  ret_from_fork_asm+0x1a/0x30
[  137.753039][ T1415] 
[  137.753780][ T1415] Last potentially related work creation:
[  137.755499][ T1415]  kasan_save_stack+0x33/0x60
[  137.756983][ T1415]  kasan_record_aux_stack+0xa7/0xc0
[  137.758631][ T1415]  insert_work+0x36/0x230
[  137.759988][ T1415]  __queue_work+0x94f/0x10e0
[  137.761459][ T1415]  queue_work_on+0x1a4/0x1f0
[  137.762953][ T1415]  release_tty+0x4de/0x5d0
[  137.764367][ T1415]  tty_release_struct+0xb7/0xe0
[  137.765916][ T1415]  tty_release+0xe2d/0x1470
[  137.767356][ T1415]  __fput+0x402/0xb70
[  137.768623][ T1415]  task_work_run+0x150/0x240
[  137.770094][ T1415]  exit_to_user_mode_loop+0xfb/0x540
[  137.771734][ T1415]  __do_fast_syscall_32+0x4a4/0x680
[  137.773367][ T1415]  do_fast_syscall_32+0x32/0x80
[  137.774902][ T1415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  137.776882][ T1415] 
[  137.777656][ T1415] The buggy address belongs to the object at ffff88806cd44000
[  137.777656][ T1415]  which belongs to the cache kmalloc-cg-2k of size 2048
[  137.782065][ T1415] The buggy address is located 32 bytes inside of
[  137.782065][ T1415]  freed 2048-byte region [ffff88806cd44000, ffff88806cd44800)
[  137.786311][ T1415] 
[  137.787084][ T1415] The buggy address belongs to the physical page:
[  137.789089][ T1415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88806cd43000 pfn:0x6cd40
[  137.792244][ T1415] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  137.794866][ T1415] memcg:ffff88804dbb5581
[  137.796203][ T1415] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  137.798457][ T1415] page_type: f5(slab)
[  137.799742][ T1415] raw: 04fff00000000040 ffff88801b44c140 0000000000000000 dead000000000001
[  137.802462][ T1415] raw: ffff88806cd43000 0000000000080007 00000000f5000000 ffff88804dbb5581
[  137.805107][ T1415] head: 04fff00000000040 ffff88801b44c140 0000000000000000 dead000000000001
[  137.807799][ T1415] head: ffff88806cd43000 0000000000080007 00000000f5000000 ffff88804dbb5581
[  137.810491][ T1415] head: 04fff00000000003 ffffea0001b35001 00000000ffffffff 00000000ffffffff
[  137.813195][ T1415] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  137.815879][ T1415] page dumped because: kasan: bad access detected
[  137.817893][ T1415] page_owner tracks the page as allocated
[  137.819661][ T1415] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5946, tgid 5946 (syz-executor), ts 98473327436, free_ts 98415337169
[  137.826237][ T1415]  post_alloc_hook+0x1af/0x220
[  137.827754][ T1415]  get_page_from_freelist+0xd0b/0x31a0
[  137.829479][ T1415]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  137.831344][ T1415]  alloc_pages_mpol+0x1fb/0x550
[  137.832929][ T1415]  new_slab+0x2c3/0x430
[  137.834250][ T1415]  ___slab_alloc+0xe18/0x1c90
[  137.835727][ T1415]  __slab_alloc.constprop.0+0x63/0x110
[  137.837439][ T1415]  __kvmalloc_node_noprof+0x592/0xa40
[  137.839151][ T1415]  xt_alloc_table_info+0x43/0xa0
[  137.840704][ T1415]  compat_do_replace+0x1ea/0x520
[  137.842286][ T1415]  do_ip6t_set_ctl+0x5ed/0xbc0
[  137.843800][ T1415]  nf_setsockopt+0x8d/0xf0
[  137.845220][ T1415]  ipv6_setsockopt+0x135/0x170
[  137.846740][ T1415]  tcp_setsockopt+0xa7/0x100
[  137.848218][ T1415]  do_sock_setsockopt+0xf3/0x1d0
[  137.849770][ T1415]  __sys_setsockopt+0x120/0x1a0
[  137.851321][ T1415] page last free pid 5350 tgid 5350 stack trace:
[  137.853354][ T1415]  __free_frozen_pages+0x7df/0x1170
[  137.854975][ T1415]  __put_partials+0x130/0x170
[  137.856442][ T1415]  qlist_free_all+0x4c/0xf0
[  137.857900][ T1415]  kasan_quarantine_reduce+0x195/0x1e0
[  137.859614][ T1415]  __kasan_slab_alloc+0x69/0x90
[  137.861153][ T1415]  kmem_cache_alloc_lru_noprof+0x262/0x770
[  137.863029][ T1415]  alloc_inode+0xc3/0x240
[  137.864400][ T1415]  iget_locked+0x1d9/0x6d0
[  137.865817][ T1415]  kernfs_get_inode+0x46/0x470
[  137.867347][ T1415]  kernfs_iop_lookup+0x1a7/0x2d0
[  137.868904][ T1415]  __lookup_slow+0x251/0x460
[  137.870373][ T1415]  lookup_slow+0x50/0x70
[  137.871723][ T1415]  link_path_walk+0x12d8/0x1c70
[  137.873288][ T1415]  path_openat+0x1bd/0x3140
[  137.874724][ T1415]  do_filp_open+0x20b/0x470
[  137.876161][ T1415]  do_sys_openat2+0x121/0x290
[  137.877685][ T1415] 
[  137.878464][ T1415] Memory state around the buggy address:
[  137.880217][ T1415]  ffff88806cd43f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  137.882729][ T1415]  ffff88806cd43f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  137.885229][ T1415] >ffff88806cd44000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  137.887719][ T1415]                                ^
[  137.889326][ T1415]  ffff88806cd44080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  137.891855][ T1415]  ffff88806cd44100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  137.894372][ T1415] ==================================================================
[  137.897382][ T1415] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  137.899654][ T1415] CPU: 1 UID: 0 PID: 1415 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  137.902960][ T1415] Tainted: [L]=SOFTLOCKUP
[  137.904309][ T1415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.907723][ T1415] Call Trace:
[  137.908786][ T1415]  <TASK>
[  137.909739][ T1415]  dump_stack_lvl+0x3d/0x1f0
[  137.911216][ T1415]  vpanic+0x640/0x6f0
[  137.912518][ T1415]  panic+0xca/0xd0
[  137.913714][ T1415]  ? __pfx_panic+0x10/0x10
[  137.915148][ T1415]  ? check_panic_on_warn+0x1f/0xb0
[  137.916767][ T1415]  check_panic_on_warn+0xab/0xb0
[  137.918396][ T1415]  end_report+0x107/0x160
[  137.919769][ T1415]  kasan_report+0xee/0x110
[  137.921184][ T1415]  ? handle_tx+0x5a5/0x630
[  137.922640][ T1415]  handle_tx+0x5a5/0x630
[  137.923945][ T1415]  dev_hard_start_xmit+0x97/0x6e0
[  137.925497][ T1415]  __dev_queue_xmit+0x6d7/0x4650
[  137.927043][ T1415]  ? rcu_is_watching+0x12/0xc0
[  137.928557][ T1415]  ? finish_task_switch.isra.0+0x207/0xbd0
[  137.930404][ T1415]  ? __pfx___dev_queue_xmit+0x10/0x10
[  137.932114][ T1415]  ? __lock_acquire+0x436/0x2890
[  137.933690][ T1415]  ? ref_tracker_free+0x37c/0x830
[  137.935283][ T1415]  ? do_raw_spin_lock+0x12c/0x2b0
[  137.936865][ T1415]  ? rcu_is_watching+0x12/0xc0
[  137.938399][ T1415]  tx+0xcc/0x190
[  137.939539][ T1415]  ? __pfx_tx+0x10/0x10
[  137.940849][ T1415]  kthread+0x1e4/0x3e0
[  137.942197][ T1415]  ? find_held_lock+0x2b/0x80
[  137.943679][ T1415]  ? __pfx_kthread+0x10/0x10
[  137.945161][ T1415]  ? __pfx_default_wake_function+0x10/0x10
[  137.947002][ T1415]  ? lockdep_hardirqs_on+0x7c/0x110
[  137.948642][ T1415]  ? __kthread_parkme+0x19e/0x250
[  137.950260][ T1415]  ? __pfx_kthread+0x10/0x10
[  137.951729][ T1415]  kthread+0x3c5/0x780
[  137.953053][ T1415]  ? __pfx_kthread+0x10/0x10
[  137.954517][ T1415]  ? rcu_is_watching+0x12/0xc0
[  137.956020][ T1415]  ? __pfx_kthread+0x10/0x10
[  137.957472][ T1415]  ret_from_fork+0x983/0xb10
[  137.958939][ T1415]  ? __pfx_ret_from_fork+0x10/0x10
[  137.960540][ T1415]  ? __switch_to+0x7af/0x10d0
[  137.962069][ T1415]  ? __pfx_kthread+0x10/0x10
[  137.963519][ T1415]  ret_from_fork_asm+0x1a/0x30
[  137.965027][ T1415]  </TASK>
[  137.966661][ T1415] Kernel Offset: disabled
[  137.968015][ T1415] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:06:32  Registers:
info registers vcpu 0

CPU#0
RAX=0000000040000002 RBX=0000000000000063 RCX=ffffffff815e32ab RDX=ffff888048338000
RSI=ffffffff815e11f5 RDI=0000000000000063 RBP=0000000000000006 RSP=ffffc90002eb78f0
R8 =0000000000000003 R9 =0000000000000000 R10=0000000000000063 R11=0000000000000001
R12=0000000000000063 R13=0000000000000063 R14=0000000000000000 R15=000000000000002b
RIP=ffffffff815e11f7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880976fc000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080069000 CR3=000000006c285000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff853011a5 RDI=ffffffff9aed9260 RBP=ffffffff9aed9220 RSP=ffffc900079df3d8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000030 R14=ffffffff9aed9220 R15=ffffffff85301140
RIP=ffffffff853011cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f747c208 CR3=000000000e184000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000600000320 0000025800000190
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000003 RCX=0000000000000002 RDX=ffff8880205ac980
RSI=ffffffff816b9c71 RDI=ffffffff8bf2b500 RBP=ffff888024cb0540 RSP=ffffc9000075f628
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff9088e6d7 R11=ffff8880205ad4b0
R12=0000000000000003 R13=0000000000000003 R14=ffff88802b43bd00 R15=ffffed10049960a8
RIP=ffffffff8b755dcf RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000005670a4c0 CR3=00000000735c4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000001e4aeb RBX=0000000000000003 RCX=ffffffff8b7576d9 RDX=0000000000000000
RSI=ffffffff8daca488 RDI=ffffffff8bf2b500 RBP=ffffed1003b54000 RSP=ffffc9000048fde8
R8 =0000000000000001 R9 =ffffed10056a673d R10=ffff88802b5339eb R11=ffff88801daa0b30
R12=0000000000000003 R13=ffff88801daa0000 R14=ffffffff9088e6d0 R15=0000000000000000
RIP=ffffffff8b755dcf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f54b5da4 CR3=0000000024105000 CR4=00352ef0
DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000