last executing test programs:

20.740174309s ago: executing program 3 (id=2389):
creat(&(0x7f0000000000)='./file0\x00', 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_NMI(r2, 0xae9a) (async)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x0, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r3, 0x40086603, &(0x7f0000000040)) (async)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000040)={[{0xc9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, {0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x2, 0xff, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x8}], 0x9}) (async)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x10001, 0x0, 0x0, 0x0, 0x7, 0x2004ca, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe]}) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

20.526378964s ago: executing program 3 (id=2392):
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x101, 0x0)
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
openat(0xffffffffffffff9c, 0x0, 0x24c01, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioprio_set$pid(0x2, 0x0, 0x6000)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000040)={'team0\x00', 0x4000})
ioctl$FS_IOC_GETVERSION(r3, 0x80047601, &(0x7f0000000000))
r4 = socket(0x11, 0x800000003, 0x0)
r5 = syz_clone(0x4000000, &(0x7f0000000140)="17752b91573e225344f9075e0a6f97fe2c8167ec9737df674390df8e9decfcc2fc401cdd7aa5fefa0b72d118ea35723683e67779d970b098e0400cef0556dbd7ce2f30a1e974ed073ec7a6a04e054dd5b79621f676f2cb144eff7477f40c7d0a7b4f294a4f0227714b3213b9353b1de0de47a12b573e8cbff601ba3d0faf603692d46a161dc4b2d91509483b38336d0f63e0c84401d68dbb862b9ec95b4ddd1acde2b4a0f7", 0xa5, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)="fcfd1ce6de8a3af5da3ad93accba3880077eb1bf70d4ee65d359f8f91d2060fc0a327f80a7fe6436220429a5a10345fea5ed62412c3df985a2902eb58fe93cbec4192c8c5f140d401c654f86f0e4a293ac5dbb8d57961f9d6c523367138b393b8c5da29e29475460626b8ce5e9e65dd72a750b5a05c5efede8b2a7c08d1e8fd3f01439bf5cbca6ac15bb652a2be6d7152534ce33e576f55c024f1ba2fb1c00b923022bde284e0f79c8749a1e7073c775a3edc7902b949d07dd4a087ead872f35175748e19c63bd7835")
move_pages(r5, 0x5, &(0x7f0000000380)=[&(0x7f0000bde000/0x2000)=nil, &(0x7f0000bdd000/0x2000)=nil, &(0x7f0000bdc000/0x1000)=nil, &(0x7f0000bdd000/0x4000)=nil, &(0x7f0000bdd000/0x3000)=nil], &(0x7f00000003c0)=[0x0, 0x9700], 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600))
sendmmsg(r4, &(0x7f0000002800)=[{{&(0x7f0000000080)=@rc={0x1f, @any, 0x12}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000100)="5472e330edeb780f6f04e2ad823a", 0xe}], 0x1}}], 0x1, 0x80)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x4}, 0x38)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

20.331529938s ago: executing program 3 (id=2395):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040)=0x1df67, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYBLOB="0000000000000000b70500000800000085000000a500000095000000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x7fff, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x3, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x1, 0x5, 0x9}], 0x10, 0x35, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000500)={0x0, 0x40000, 0x0, 0xfffffffc, 0x356}, &(0x7f0000000380)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r4, &(0x7f00000004c0)})
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r8 = socket(0x2000000015, 0x80005, 0x0)
bind$inet6(r8, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r8, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
io_uring_enter(r5, 0x3f70, 0x0, 0x0, 0x0, 0x0)

19.409755458s ago: executing program 3 (id=2397):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x94}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xd4)
syz_open_dev$usbfs(&(0x7f0000000080), 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udp(0x2, 0x2, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x4040083)
openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
ioctl$VT_RELDISP(r3, 0x5605)
pipe(0x0)
openat$sndtimer(0xffffff9c, &(0x7f0000000380), 0x80000)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000080)={'syz0\x00', {}, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x80000001, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x76, 0x0, 0x20000, 0x0, 0x0, 0x4, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd3b], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x3000000]}, 0x45c)
ioctl$UI_SET_PROPBIT(r4, 0x5501, 0x0)
write$input_event(r4, &(0x7f00000005c0), 0x200005d8)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000100)={0x0, 0x0, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000440)={r6, 0x0, 0x0, 0x0, 0x0, [<r7=>0x0]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r7, 0x0, <r8=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x13, r8, 0x0)

16.208613769s ago: executing program 3 (id=2408):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = syz_open_dev$loop(&(0x7f0000000180), 0x80000, 0x2480)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}})
ioctl$LOOP_GET_STATUS64(r1, 0x4c05, &(0x7f0000000400))
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x3, 0x40c, 0x0, 0xc8, 0x8, 0x0, 0x5803, 0x344, 0x2e8, 0x2e8, 0x344, 0x2e8, 0x3, 0x0, {[{{@ipv6={@empty, @mcast1, [], [0xff], 'geneve0\x00', 'dvmrp0\x00', {0x80}}, 0x0, 0x188, 0x1f0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5df11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f35a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}, @common=@inet=@socket1={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x81, 0x8, 0x6, 'syz0\x00', 'syz1\x00', {0x33}}}}, {{@ipv6={@private0, @local, [0x0, 0xff000000], [0x0, 0xff, 0xffffff00, 0xffffff00], 'nr0\x00', 'macvlan0\x00', {0xff}, {}, 0x6, 0x6, 0x4, 0x4}, 0x0, 0xec, 0x154, 0x0, {}, [@common=@ipv6header={{0x24}}, @inet=@rpfilter={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x468)

16.041690256s ago: executing program 3 (id=2411):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000200)=0x1, 0x12)

4.488760216s ago: executing program 2 (id=2452):
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x101, 0x0)
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
openat(0xffffffffffffff9c, 0x0, 0x24c01, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioprio_set$pid(0x2, 0x0, 0x6000)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000040)={'team0\x00', 0x4000})
ioctl$FS_IOC_GETVERSION(r3, 0x80047601, &(0x7f0000000000))
r4 = socket(0x11, 0x800000003, 0x0)
r5 = syz_clone(0x4000000, &(0x7f0000000140)="17752b91573e225344f9075e0a6f97fe2c8167ec9737df674390df8e9decfcc2fc401cdd7aa5fefa0b72d118ea35723683e67779d970b098e0400cef0556dbd7ce2f30a1e974ed073ec7a6a04e054dd5b79621f676f2cb144eff7477f40c7d0a7b4f294a4f0227714b3213b9353b1de0de47a12b573e8cbff601ba3d0faf603692d46a161dc4b2d91509483b38336d0f63e0c84401d68dbb862b9ec95b4ddd1acde2b4a0f7", 0xa5, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)="fcfd1ce6de8a3af5da3ad93accba3880077eb1bf70d4ee65d359f8f91d2060fc0a327f80a7fe6436220429a5a10345fea5ed62412c3df985a2902eb58fe93cbec4192c8c5f140d401c654f86f0e4a293ac5dbb8d57961f9d6c523367138b393b8c5da29e29475460626b8ce5e9e65dd72a750b5a05c5efede8b2a7c08d1e8fd3f01439bf5cbca6ac15bb652a2be6d7152534ce33e576f55c024f1ba2fb1c00b923022bde284e0f79c8749a1e7073c775a3edc7902b949d07dd4a087ead872f35175748e19c63bd7835")
move_pages(r5, 0x5, &(0x7f0000000380)=[&(0x7f0000bde000/0x2000)=nil, &(0x7f0000bdd000/0x2000)=nil, &(0x7f0000bdc000/0x1000)=nil, &(0x7f0000bdd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil], &(0x7f00000003c0)=[0x0, 0x9700], 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600))
sendmmsg(r4, &(0x7f0000002800)=[{{&(0x7f0000000080)=@rc={0x1f, @any, 0x12}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000100)="5472e330edeb780f6f04e2ad823a", 0xe}], 0x1}}], 0x1, 0x80)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x4}, 0x38)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

4.059910821s ago: executing program 2 (id=2453):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x500, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="60000000020601010000000000000000000000001c0007800500140007000000080012400005000008000840000000000900020073797a30000000000500010007"], 0x60}}, 0x0)

3.879749951s ago: executing program 2 (id=2454):
syz_open_dev$char_usb(0xc, 0xb4, 0x8002)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a00), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x38, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}]}, 0x38}}, 0x0)
pipe2(&(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x80)
pread64(r3, &(0x7f0000000040)=""/77, 0x4d, 0x1)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r4, 0x5b03, 0x0)
r5 = gettid()
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), 0xffffffffffffffff)
r8 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r9, &(0x7f0000000000), 0x6)
close_range(r8, 0xffffffffffffffff, 0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r11=>0x0})
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000001080)={0xffffffffffffffff, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4c)
unshare(0x62040200)
socket$igmp(0x2, 0x3, 0x2)
r12 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_ENTRIES(r12, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r10, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_SEC_DEVKEY={0x1c, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4001}, 0x880)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r6, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x41400088}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, r7, 0x2, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r11}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa2}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x20000000)
syz_open_procfs(r5, &(0x7f00000000c0)='uid_map\x00')
syz_usb_connect(0x0, 0x304, &(0x7f0000000500)={{0x12, 0x1, 0x201, 0x26, 0x58, 0x42, 0x8, 0x582, 0x2f, 0x5ef8, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2f2, 0x1, 0x8, 0xce, 0x10, 0x7, [{{0x9, 0x4, 0xd8, 0x10, 0xa, 0x2, 0xe6, 0x4, 0xe, [@cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, "a7"}, {0x5, 0x24, 0x0, 0xda9}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x1ff, 0x3, 0x5}, {0x6, 0x24, 0x1a, 0x37, 0x20}, [@network_terminal={0x7, 0x24, 0xa, 0x48, 0xe, 0x4, 0x6}, @mbim={0xc, 0x24, 0x1b, 0x6, 0x8, 0x81, 0x0, 0x2, 0x6}, @dmm={0x7, 0x24, 0x14, 0xd5, 0xff}, @mdlm={0x15, 0x24, 0x12, 0x5}]}], [{{0x9, 0x5, 0x4, 0x1, 0x3ff, 0x1, 0xc, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x9, 0x5}]}}, {{0x9, 0x5, 0xa, 0xc, 0x20, 0x7, 0xc, 0x3, [@generic={0xc8, 0xa, "3a6b8142ce570592e245ffd4c0bf46e8da7d270a5dc7b4f05c6ad70c45b397a32f2e67e66607e6b437626463623997462602e33d622f34084ff9ec3cd826946d84bf6c94c5eeb32e2674d99f38d4631114ee8b08820f01789e2f840a70e8197abcaf440856d42b03e28989c4374dd8da1c4aef0881f6e748d2a7f93c8bbdadaa6e7575eaa4db415475bfb97a9191c6947c7a80bc1e73f9e3c19c0ae318f1ed92540f2219b9a635f969a4560bc01c15853b405bee9b3d330f73703066969702ccf8e3df7f4fb3"}]}}, {{0x9, 0x5, 0xf, 0x4, 0x200, 0x10, 0x9, 0x6, [@generic={0x60, 0xb, "5709314446151d92f29f5eaa02bd3e6e7078194eb34caa6447bc529a044ffc682b790801d782b8785fb4962f2a7e348ab4a75aad98611078ed402ef4df8da52fb7ab707eb0315b85a91517424e6d7f01348d391229024f6df974f4b8918f"}]}}, {{0x9, 0x5, 0x9, 0x0, 0x3c7, 0x58, 0x9, 0xf2}}, {{0x9, 0x5, 0xc, 0x0, 0x20, 0x6, 0x5, 0x1, [@generic={0x20, 0x24, "ca8b9367ed017d63f5f0e010db0f02d652393d94d9ed9e37094b1b81c039"}]}}, {{0x9, 0x5, 0x7, 0xc, 0x10, 0x10, 0x9, 0x2, [@generic={0x5e, 0xc, "1314cf54a86d978508bf29b96f1431f6d4c416c30ed5bea00fba967f21e300c0cc88edc5cbb0a1f3d28d8a924813b877d289db30d0093f896bf56d1e2eb67eac3f5c21b68186a0abffbc9fcb836070f2f47fab551ffe3ab121bff4b0"}]}}, {{0x9, 0x5, 0xf, 0x8, 0x8, 0x45, 0xe1, 0x10, [@uac_iso={0x7, 0x25, 0x1, 0x5, 0x4, 0x676}, @generic={0x4d, 0x30, "5bfad01b3fedbf13b59cc090cf018a94265adfcd2d360c640ee80f0aebb587090b54c6b6ff283229a6f9640df1a64e95044f067b3a1339f837e50712e560dbfe75e1b1c7bb82f9549d77a8"}]}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x2, 0x1, 0x7, [@generic={0x23, 0x14, "33f72dc1423ac2a6a82278cfef697ed54ce08532d89411fefcfd55d3b2315671f1"}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0x8}]}}, {{0x9, 0x5, 0x7, 0x3, 0x8, 0x4f, 0x2, 0xd5, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x8, 0x6}]}}, {{0x9, 0x5, 0x8, 0x1, 0xbcf, 0x3, 0xe, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x4, 0xb1b}]}}]}}]}}]}}, &(0x7f00000002c0)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x250, 0x9, 0x5, 0x9, 0x8, 0x1}, 0x118, &(0x7f0000000b40)=ANY=[@ANYBLOB="050f1801050710021eb900ff0b10010801000003000009f7100372d1109d5d1a7dbd8f5229cec2666b4e090dae9c5c69d9c51d6a569ff7e96a369a1578403901b189902883c5956548dd92ecc669166f4b46d08dcf9a6f9c0e0f98b258062312da9381355bc4ef262da5b5b479c76279f0b321b05f6ea304dcfff185c7fe405163326c474cd7795c6c30a9e2d0a044c4224af0c8e548c84042e49010b4afb5b358e300c1ec6c20292dfb0bd84efbf8aba5c57b2ad4ebc3e36c92e0ca686fb4ff5df15ff19c4a9718f7cd7ee9695db24d3e696243d5c9e66fa29298255095272735c5ad081e25293db49608653a8963a38902a1b4c6b2ab3d9224d2ad0c75412db35b096f92acca149e54c891f56ee353e017c8fb94c64395535b03100b07100210399c07a6cbb450cda4f90142ea36cd147335017caa70c200ded6a35a71c3c2466ff7513e26523eb5d9fe95963422f1fd7c768ae2a65d2bde97e6164960d5"], 0x2, [{0x35, &(0x7f0000000280)=@string={0x35, 0x3, "e81a35390ba5e64f2241e82cc456022067ad46b28cccb62245b26d4e5dff9ab3562e148708a001a6b311df01c8e5524e67f70e"}}, {0xe3, &(0x7f0000000380)=@string={0xe3, 0x3, "46ec5f8def81c3d1259ae99463bd4014ca207ef6240cf3c913aa3e04e48bacff1331d3df683a601984436c72fb4fec9204e81b559fc565c83eeebf892b9d95114053fc732e71df31baa7ddb816966076e0b30d97b943f95a26915248b9d5689b2849a30284cae41c2b3357f3d402aab6800ae8c3ac82d7948ce92c93402aa315359a3897b574604393da4cdeb5bd940ec1a0a2a347b7aae50a8483ea85977f32edd2be07dd1d67fd92dcec16314cb32f5dc68256d3cdaf8af5586271f51894038e01286341f0c38b039da3ea185fa29273c049c5fc61f4cb366fecfcf4c3b8c809"}}]})

3.322057526s ago: executing program 2 (id=2457):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x0)
readv(r0, &(0x7f0000001640)=[{&(0x7f0000000080)=""/61, 0x3d}], 0x1)
syz_open_dev$MSR(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000000d000)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
gettid()
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x40000000, 0x0, 0x0, 0x0, 0x0, 0x1000002)
getsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140), &(0x7f0000000180)=0x4)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r2 = getpid()
rt_tgsigqueueinfo(r2, 0x0, 0x1f, &(0x7f0000000000)={0x0, 0x0, 0x1})
socket$packet(0x11, 0x2, 0x300)

2.839954655s ago: executing program 0 (id=2458):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0x4, 0x4, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000340)=ANY=[@ANYBLOB="e90c230faca2aaaaaa06aabb88060001080006040003aaaaaaaaaa0aac1414130180c200000f7f000001"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r2, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r2, 0x894b, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'ip6gretap0\x00', <r4=>0x0})
unshare(0x62040200)
r5 = gettid()
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r4, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r5], 0x28}}, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r6=>0x0})
fcntl$setown(r1, 0x8, r6)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r7 = open$dir(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f00000000c0)={0x30000009})
epoll_pwait2(r8, &(0x7f0000000180)=[{}], 0x1, 0x0, 0x0, 0x0)
r9 = open$dir(&(0x7f0000000080)='./file0\x00', 0x7e, 0x0)
writev(r9, &(0x7f0000000280)=[{&(0x7f0000000300)="e7", 0x1}], 0x1)
socket(0x10, 0x3, 0x6000000)

2.700002215s ago: executing program 0 (id=2460):
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x101, 0x0)
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
openat(0xffffffffffffff9c, 0x0, 0x24c01, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioprio_set$pid(0x2, 0x0, 0x6000)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000040)={'team0\x00', 0x4000})
ioctl$FS_IOC_GETVERSION(r3, 0x80047601, &(0x7f0000000000))
r4 = socket(0x11, 0x800000003, 0x0)
r5 = syz_clone(0x4000000, &(0x7f0000000140)="17752b91573e225344f9075e0a6f97fe2c8167ec9737df674390df8e9decfcc2fc401cdd7aa5fefa0b72d118ea35723683e67779d970b098e0400cef0556dbd7ce2f30a1e974ed073ec7a6a04e054dd5b79621f676f2cb144eff7477f40c7d0a7b4f294a4f0227714b3213b9353b1de0de47a12b573e8cbff601ba3d0faf603692d46a161dc4b2d91509483b38336d0f63e0c84401d68dbb862b9ec95b4ddd1acde2b4a0f7", 0xa5, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)="fcfd1ce6de8a3af5da3ad93accba3880077eb1bf70d4ee65d359f8f91d2060fc0a327f80a7fe6436220429a5a10345fea5ed62412c3df985a2902eb58fe93cbec4192c8c5f140d401c654f86f0e4a293ac5dbb8d57961f9d6c523367138b393b8c5da29e29475460626b8ce5e9e65dd72a750b5a05c5efede8b2a7c08d1e8fd3f01439bf5cbca6ac15bb652a2be6d7152534ce33e576f55c024f1ba2fb1c00b923022bde284e0f79c8749a1e7073c775a3edc7902b949d07dd4a087ead872f35175748e19c63bd7835")
move_pages(r5, 0x5, &(0x7f0000000380)=[&(0x7f0000bde000/0x2000)=nil, &(0x7f0000bdd000/0x2000)=nil, &(0x7f0000bdd000/0x4000)=nil, &(0x7f0000bdd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil], &(0x7f00000003c0)=[0x0, 0x9700], 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600))
sendmmsg(r4, &(0x7f0000002800)=[{{&(0x7f0000000080)=@rc={0x1f, @any, 0x12}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000100)="5472e330edeb780f6f04e2ad823a", 0xe}], 0x1}}], 0x1, 0x80)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x4}, 0x38)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

2.459954549s ago: executing program 0 (id=2461):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, 0x0, 0x0)
r3 = socket(0x2, 0x3, 0x9)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000004780)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0}}, {{&(0x7f00000031c0)={0x2, 0x0, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x10}}], 0x10}}], 0x2, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = eventfd(0x0)
r7 = eventfd(0x0)
ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000000280)={r6})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
accept4(r8, 0x0, &(0x7f0000000140), 0x80000)
ioctl$KVM_IRQFD(r5, 0x4020ae76, &(0x7f0000000080)={r7})
r9 = syz_open_dev$amidi(&(0x7f00000001c0), 0x1, 0x40040)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r9, 0x810c5701, &(0x7f00000002c0))
ioctl$FIBMAP(r5, 0x1, &(0x7f0000000180)=0x1)
r10 = openat$vmci(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r10, 0x7a6, &(0x7f0000000100)={0x1, 0x1400, 0x7, 0x2, 0x0, 0x3})
close(r0)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
close_range(r11, r5, 0x0)

2.222760766s ago: executing program 0 (id=2462):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040)=0x1df67, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x7fff, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x3, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x1, 0x5, 0x9}], 0x10, 0x35, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r1, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000500)={0x0, 0x40000, 0x0, 0xfffffffc, 0x356}, &(0x7f0000000380)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r5, &(0x7f00000004c0)})
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r9 = socket(0x2000000015, 0x80005, 0x0)
bind$inet6(r9, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r9, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
recvfrom$inet6(r9, 0x0, 0x0, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2}, 0x20000000)
io_uring_enter(r6, 0x3f70, 0x0, 0x0, 0x0, 0x0)

2.139771088s ago: executing program 1 (id=2464):
syz_open_dev$char_usb(0xc, 0xb4, 0x8002)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a00), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x38, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}]}, 0x38}}, 0x0)
pipe2(&(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x80)
pread64(r3, &(0x7f0000000040)=""/77, 0x4d, 0x1)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r4, 0x5b03, 0x0)
r5 = gettid()
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), 0xffffffffffffffff)
r8 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r9, &(0x7f0000000000), 0x6)
close_range(r8, 0xffffffffffffffff, 0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r11=>0x0})
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000001080)={0xffffffffffffffff, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4c)
unshare(0x62040200)
socket$igmp(0x2, 0x3, 0x2)
r12 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_ENTRIES(r12, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r10, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_SEC_DEVKEY={0x1c, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4001}, 0x880)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r6, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x41400088}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, r7, 0x2, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r11}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa2}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x20000000)
syz_open_procfs(r5, &(0x7f00000000c0)='uid_map\x00')
syz_usb_connect(0x0, 0x304, &(0x7f0000000500)={{0x12, 0x1, 0x201, 0x26, 0x58, 0x42, 0x8, 0x582, 0x2f, 0x5ef8, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2f2, 0x1, 0x8, 0xce, 0x10, 0x7, [{{0x9, 0x4, 0xd8, 0x10, 0xa, 0x2, 0xe6, 0x4, 0xe, [@cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, "a7"}, {0x5, 0x24, 0x0, 0xda9}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x1ff, 0x3, 0x5}, {0x6, 0x24, 0x1a, 0x37, 0x20}, [@network_terminal={0x7, 0x24, 0xa, 0x48, 0xe, 0x4, 0x6}, @mbim={0xc, 0x24, 0x1b, 0x6, 0x8, 0x81, 0x0, 0x2, 0x6}, @dmm={0x7, 0x24, 0x14, 0xd5, 0xff}, @mdlm={0x15, 0x24, 0x12, 0x5}]}], [{{0x9, 0x5, 0x4, 0x1, 0x3ff, 0x1, 0xc, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x9, 0x5}]}}, {{0x9, 0x5, 0xa, 0xc, 0x20, 0x7, 0xc, 0x3, [@generic={0xc8, 0xa, "3a6b8142ce570592e245ffd4c0bf46e8da7d270a5dc7b4f05c6ad70c45b397a32f2e67e66607e6b437626463623997462602e33d622f34084ff9ec3cd826946d84bf6c94c5eeb32e2674d99f38d4631114ee8b08820f01789e2f840a70e8197abcaf440856d42b03e28989c4374dd8da1c4aef0881f6e748d2a7f93c8bbdadaa6e7575eaa4db415475bfb97a9191c6947c7a80bc1e73f9e3c19c0ae318f1ed92540f2219b9a635f969a4560bc01c15853b405bee9b3d330f73703066969702ccf8e3df7f4fb3"}]}}, {{0x9, 0x5, 0xf, 0x4, 0x200, 0x10, 0x9, 0x6, [@generic={0x60, 0xb, "5709314446151d92f29f5eaa02bd3e6e7078194eb34caa6447bc529a044ffc682b790801d782b8785fb4962f2a7e348ab4a75aad98611078ed402ef4df8da52fb7ab707eb0315b85a91517424e6d7f01348d391229024f6df974f4b8918f"}]}}, {{0x9, 0x5, 0x9, 0x0, 0x3c7, 0x58, 0x9, 0xf2}}, {{0x9, 0x5, 0xc, 0x0, 0x20, 0x6, 0x5, 0x1, [@generic={0x20, 0x24, "ca8b9367ed017d63f5f0e010db0f02d652393d94d9ed9e37094b1b81c039"}]}}, {{0x9, 0x5, 0x7, 0xc, 0x10, 0x10, 0x9, 0x2, [@generic={0x5e, 0xc, "1314cf54a86d978508bf29b96f1431f6d4c416c30ed5bea00fba967f21e300c0cc88edc5cbb0a1f3d28d8a924813b877d289db30d0093f896bf56d1e2eb67eac3f5c21b68186a0abffbc9fcb836070f2f47fab551ffe3ab121bff4b0"}]}}, {{0x9, 0x5, 0xf, 0x8, 0x8, 0x45, 0xe1, 0x10, [@uac_iso={0x7, 0x25, 0x1, 0x5, 0x4, 0x676}, @generic={0x4d, 0x30, "5bfad01b3fedbf13b59cc090cf018a94265adfcd2d360c640ee80f0aebb587090b54c6b6ff283229a6f9640df1a64e95044f067b3a1339f837e50712e560dbfe75e1b1c7bb82f9549d77a8"}]}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x2, 0x1, 0x7, [@generic={0x23, 0x14, "33f72dc1423ac2a6a82278cfef697ed54ce08532d89411fefcfd55d3b2315671f1"}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0x8}]}}, {{0x9, 0x5, 0x7, 0x3, 0x8, 0x4f, 0x2, 0xd5, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x8, 0x6}]}}, {{0x9, 0x5, 0x8, 0x1, 0xbcf, 0x3, 0xe, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x4, 0xb1b}]}}]}}]}}]}}, &(0x7f00000002c0)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x250, 0x9, 0x5, 0x9, 0x8, 0x1}, 0x118, &(0x7f0000000b40)=ANY=[@ANYBLOB="050f1801050710021eb900ff0b10010801000003000009f7100372d1109d5d1a7dbd8f5229cec2666b4e090dae9c5c69d9c51d6a569ff7e96a369a1578403901b189902883c5956548dd92ecc669166f4b46d08dcf9a6f9c0e0f98b258062312da9381355bc4ef262da5b5b479c76279f0b321b05f6ea304dcfff185c7fe405163326c474cd7795c6c30a9e2d0a044c4224af0c8e548c84042e49010b4afb5b358e300c1ec6c20292dfb0bd84efbf8aba5c57b2ad4ebc3e36c92e0ca686fb4ff5df15ff19c4a9718f7cd7ee9695db24d3e696243d5c9e66fa29298255095272735c5ad081e25293db49608653a8963a38902a1b4c6b2ab3d9224d2ad0c75412db35b096f92acca149e54c891f56ee353e017c8fb94c64395535b03100b07100210399c07a6cbb450cda4f90142ea36cd147335017caa70c200ded6a35a71c3c2466ff7513e26523eb5d9fe95963422f1fd7c768ae2a65d2bde97e6164960d5"], 0x2, [{0x35, &(0x7f0000000280)=@string={0x35, 0x3, "e81a35390ba5e64f2241e82cc456022067ad46b28cccb62245b26d4e5dff9ab3562e148708a001a6b311df01c8e5524e67f70e"}}, {0xe3, &(0x7f0000000380)=@string={0xe3, 0x3, "46ec5f8def81c3d1259ae99463bd4014ca207ef6240cf3c913aa3e04e48bacff1331d3df683a601984436c72fb4fec9204e81b559fc565c83eeebf892b9d95114053fc732e71df31baa7ddb816966076e0b30d97b943f95a26915248b9d5689b2849a30284cae41c2b3357f3d402aab6800ae8c3ac82d7948ce92c93402aa315359a3897b574604393da4cdeb5bd940ec1a0a2a347b7aae50a8483ea85977f32edd2be07dd1d67fd92dcec16314cb32f5dc68256d3cdaf8af5586271f51894038e01286341f0c38b039da3ea185fa29273c049c5fc61f4cb366fecfcf4c3b8c809"}}]})

1.679844735s ago: executing program 1 (id=2465):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040)=0x1df67, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x7fff, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x3, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x1, 0x5, 0x9}], 0x10, 0x35, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r1, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000500)={0x0, 0x40000, 0x0, 0xfffffffc, 0x356}, &(0x7f0000000380)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r5, &(0x7f00000004c0)})
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r9 = socket(0x2000000015, 0x80005, 0x0)
bind$inet6(r9, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r9, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
io_uring_enter(r6, 0x3f70, 0x0, 0x0, 0x0, 0x0)

1.299985552s ago: executing program 0 (id=2466):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040)=0x1df67, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYBLOB="0000000000000000b70500000800000085000000a500000095000000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x7fff, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x3, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x1, 0x5, 0x9}], 0x10, 0x35, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
kcmp(r1, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000500)={0x0, 0x40000, 0x0, 0xfffffffc, 0x356}, &(0x7f0000000380)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r5, &(0x7f00000004c0)})
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r9 = socket(0x2000000015, 0x80005, 0x0)
bind$inet6(r9, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r9, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
io_uring_enter(r6, 0x3f70, 0x0, 0x0, 0x0, 0x0)

799.639379ms ago: executing program 1 (id=2467):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x5}, 0x20, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0x4, 0x4, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000340)=ANY=[@ANYBLOB="e90c230faca2aaaaaa06aabb88060001080006040003aaaaaaaaaa0aac1414130180c200000f7f000001"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r2, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r2, 0x894b, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'ip6gretap0\x00', <r4=>0x0})
unshare(0x62040200)
r5 = gettid()
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r4, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r5], 0x28}}, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r6=>0x0})
fcntl$setown(r1, 0x8, r6)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r7 = open$dir(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f00000000c0)={0x30000009})
epoll_pwait2(r8, &(0x7f0000000180)=[{}], 0x1, 0x0, 0x0, 0x0)
r9 = open$dir(&(0x7f0000000080)='./file0\x00', 0x7e, 0x0)
writev(r9, &(0x7f0000000280)=[{&(0x7f0000000300)="e7", 0x1}], 0x1)
socket(0x10, 0x3, 0x6000000)

659.722664ms ago: executing program 1 (id=2468):
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x101, 0x0)
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
openat(0xffffffffffffff9c, 0x0, 0x24c01, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioprio_set$pid(0x2, 0x0, 0x6000)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000040)={'team0\x00', 0x4000})
ioctl$FS_IOC_GETVERSION(r3, 0x80047601, &(0x7f0000000000))
r4 = socket(0x11, 0x800000003, 0x0)
r5 = syz_clone(0x4000000, &(0x7f0000000140)="17752b91573e225344f9075e0a6f97fe2c8167ec9737df674390df8e9decfcc2fc401cdd7aa5fefa0b72d118ea35723683e67779d970b098e0400cef0556dbd7ce2f30a1e974ed073ec7a6a04e054dd5b79621f676f2cb144eff7477f40c7d0a7b4f294a4f0227714b3213b9353b1de0de47a12b573e8cbff601ba3d0faf603692d46a161dc4b2d91509483b38336d0f63e0c84401d68dbb862b9ec95b4ddd1acde2b4a0f7", 0xa5, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)="fcfd1ce6de8a3af5da3ad93accba3880077eb1bf70d4ee65d359f8f91d2060fc0a327f80a7fe6436220429a5a10345fea5ed62412c3df985a2902eb58fe93cbec4192c8c5f140d401c654f86f0e4a293ac5dbb8d57961f9d6c523367138b393b8c5da29e29475460626b8ce5e9e65dd72a750b5a05c5efede8b2a7c08d1e8fd3f01439bf5cbca6ac15bb652a2be6d7152534ce33e576f55c024f1ba2fb1c00b923022bde284e0f79c8749a1e7073c775a3edc7902b949d07dd4a087ead872f35175748e19c63bd7835")
move_pages(r5, 0x5, &(0x7f0000000380)=[&(0x7f0000bde000/0x2000)=nil, &(0x7f0000bdd000/0x2000)=nil, &(0x7f0000bdd000/0x4000)=nil, &(0x7f0000bdd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil], &(0x7f00000003c0)=[0x0, 0x9700], 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600))
sendmmsg(r4, &(0x7f0000002800)=[{{&(0x7f0000000080)=@rc={0x1f, @any, 0x12}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000100)="5472e330edeb780f6f04e2ad823a", 0xe}], 0x1}}], 0x1, 0x80)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x4}, 0x38)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

389.356259ms ago: executing program 1 (id=2469):
r0 = syz_open_dev$usbfs(0x0, 0x206, 0x8541)
ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, 0x0)
shmget$private(0x0, 0x6000, 0x108, &(0x7f00001b3000/0x6000)=nil)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newtaction={0x22b8, 0x30, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [{0x3c8, 0x1, [@m_skbedit={0xfc, 0x3, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x0, 0x1}}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x6}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x6, 0x5}}]}, {0xb8, 0x6, "f58b726de48fe86f6a19f938359d12cb375612e55558a748d129fec600086ea4f7912a02a8556a5dfeb628b2dbdb4326a8306f557f632a36a056df4996545483d463eab5e96a0c036f00f76d130c1278bf4aa65e2c7cdd1bc9503449fd853cfb444cef77a0c448b01056278d35114ad51c2c82784bdac059965918f78cb185b71f75e461b03e4769a30b1b58dc8511f1dee2ad9767ef539e22f3104001d8b1f1b700ede5cc3432a13bc26bcbeb6bae3dd145a71c"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_gact={0xec, 0x18, 0x0, 0x0, {{0x9}, {0x7c, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1a5d, 0x1}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0xe9d, 0x4}}, @TCA_GACT_PROB={0xc, 0x3, {0x5, 0x25e3, 0x4}}, @TCA_GACT_PARMS={0x18, 0x2, {0x4, 0x9, 0x0, 0x1, 0x6}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x17e4, 0x20000002}}, @TCA_GACT_PARMS={0x18, 0x2, {0xff, 0xf, 0x0, 0x3, 0x101}}, @TCA_GACT_PARMS={0x18, 0x2, {0x5, 0x4, 0x2, 0x1d, 0x7}}]}, {0x45, 0x6, "4e085af9094fb7a93a12e4215f93636bf3bbf694d41bbd8bfd1e4d9f49cb5c97844de04bf6f7b8932c78b6b960d85c8ede213fd0da058c6fe4f965ec4d8a981918"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_connmark={0xcc, 0x16, 0x0, 0x0, {{0xd}, {0x58, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x3, 0x7, 0x0, 0x829}, 0x6}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x8dc, 0xffffffffffffffff, 0x10000, 0x6}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x6, 0x2, 0x5, 0x9}, 0x9}}]}, {0x47, 0x6, "579de77a7d307b802591638b7009cd599d4233f7efd757bdd41c8088fa571bb585d1e8089e6c4d8a97bb993ccc73d4f8b9a62a1dba0e53005736cc95c40463196b5c18"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3}}}}, @m_ct={0x110, 0x1d, 0x0, 0x0, {{0x7}, {0x6c, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x9}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @private2={0xfc, 0x2, '\x00', 0x1}}, @TCA_CT_PARMS={0x18, 0x1, {0x6, 0x1000, 0x8, 0x2, 0x1}}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @loopback}, @TCA_CT_LABELS_MASK={0x14, 0x8, "8e1d097e0b18ee7e87f2ce5e897b6029"}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @empty}, @TCA_CT_MARK={0x8, 0x5, 0x80000001}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @local}]}, {0x7d, 0x6, "3220f2b3093e221d987ea7b69e839564b92a45b6860a5b7834174ac015f85fb4e69fd0140e6928aea6af23c094608bdcd5518602902ddb84a732439c0ece15981fdb522f4f91191cd59a102ae8db941e7bb80479ce0095a86c9cea2322ae43e37eeb76a6e7d79b4ae2a13a1be7167265ca0e1629610e450895"}, {0xc}, {0xc, 0x8, {0x3}}}}]}, {0x1edc, 0x1, [@m_pedit={0x1d20, 0x1e, 0x0, 0x0, {{0xa}, {0x1ce8, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x2, 0x1, 0x4, 0x4, 0xa}, 0xd8}, [{0x7, 0x1, 0x1ff, 0x4, 0x4, 0x8001}, {0x5, 0x25b9ce3e, 0x6, 0x401, 0x5, 0x40}, {0xe6d, 0x2, 0xf41, 0x5, 0x417, 0x44}, {0x7, 0x5, 0x0, 0x7fff, 0x4, 0x6}, {0x9, 0x3, 0x5, 0x7, 0xffff, 0x2}, {0x800, 0x5, 0xffffff54, 0xf, 0x81, 0x500}, {0xfffff76c, 0x3, 0x3, 0x4, 0xd}, {0x10001, 0xe00, 0x86da, 0x400, 0x7, 0x3}, {0x5, 0x1, 0x800, 0x6, 0x4, 0x9}, {0xfffffffc, 0x7f, 0xa, 0x7, 0x3, 0xcd}, {0x1, 0x2c0000, 0xa236, 0x2, 0x2, 0xd60}, {0x2, 0x0, 0x4, 0x6, 0x351, 0x6}, {0xb25, 0x518f, 0x9, 0xffff, 0x7, 0xae3d}, {0x5, 0xffffffff, 0x0, 0x4, 0x7, 0x5}, {0x4, 0xa, 0x150, 0xb4, 0x4}, {0x2, 0x27dc, 0x26f, 0x40, 0x1, 0x1}, {0x972, 0x1, 0x3ff, 0xf, 0x6, 0xbfbd}, {0x9, 0x7, 0xd491, 0x0, 0x189c, 0x5}, {0x0, 0x5, 0xc0a6, 0x8, 0xb, 0x9}, {0x3, 0x4, 0x6, 0x5, 0x3, 0x1}, {0x5, 0x48, 0x4, 0x5cb13f97, 0x1, 0x400}, {0x0, 0x1, 0x5, 0x5, 0xfffffffa, 0xfffffff1}, {0x7, 0xe23a, 0x6, 0x6, 0x5, 0x4}, {0x1000, 0x3, 0x8, 0x8, 0x8, 0x1000}, {0x8, 0xd, 0x4, 0x3d, 0x3, 0x8}, {0x0, 0x72d, 0x0, 0x8, 0x3, 0x6}, {0x3, 0x8, 0x9, 0x4, 0x10001, 0x6}, {0x3, 0x9, 0x1, 0x0, 0x100, 0x9}, {0x1, 0xa, 0x3, 0x1, 0x8, 0x4}, {0x3, 0x2e5, 0x0, 0x4, 0x3, 0x6}, {0x7f, 0xffffffff, 0xb276, 0xa70e, 0xa, 0x5}, {0x4, 0x6, 0x80000000, 0x80000000, 0x346, 0x1}, {0x6, 0xb014, 0x75, 0x4, 0x7ff, 0x25d9e0cf}, {0x3, 0x7f, 0x0, 0x6, 0x7, 0x10000}, {0xa000, 0x5, 0x8, 0x4, 0x1, 0x8}, {0xf3c, 0x10001, 0x3, 0x1, 0x1, 0x5}, {0xc5e1, 0xffff0000, 0xffffffff, 0x2, 0x1, 0xd}, {0x2, 0x3, 0x8, 0x3, 0xd, 0x3}, {0xffffffff, 0x9, 0x9, 0x5, 0x7, 0x5}, {0x7, 0x4, 0x1, 0x3, 0x5, 0x2}, {0x7, 0x6, 0x931, 0x5, 0x8, 0x7}, {0xd, 0x9, 0x5, 0x9, 0x3, 0x1}, {0x435, 0x2, 0x2, 0x3ff, 0x9, 0x7}, {0x7, 0xf9, 0x400, 0x3, 0x0, 0x80000000}, {0x5, 0x4, 0xad, 0x5ef, 0x1, 0xffff8000}, {0x2000000, 0xd, 0x8000, 0xd02, 0x8000, 0x77f5}, {0x2, 0x7, 0x3ff, 0x4441, 0x5, 0x1}, {0x7955, 0x3, 0x1, 0x4, 0x4, 0x3}, {0x6, 0x4, 0x0, 0x3ff, 0x7, 0xb53}, {0x0, 0x9e, 0x10, 0x84dd, 0xe2d, 0xf50}, {0x99b2, 0x6, 0x1, 0x9, 0x8, 0x5}, {0x3, 0x6, 0x800, 0x8, 0x80000000, 0x80000000}, {0xfffffc01, 0x10000, 0x5, 0xf, 0xc, 0x1}, {0xffff, 0x1f, 0xffffffff, 0x7, 0x3, 0xfe}, {0x3, 0x2, 0x17d0, 0x0, 0x6, 0x3}, {0x5, 0x7f, 0x1, 0x7f, 0x101, 0x11e}, {0x40, 0x0, 0x9, 0x0, 0xe3b, 0xe000}, {0x4, 0x2e, 0x0, 0xfffffbff, 0x7, 0x230e}, {0x81, 0x1, 0x400, 0x10, 0x0, 0xfffffff7}, {0x80000000, 0x7, 0xb43, 0x5, 0x5, 0x8}, {0x1000, 0x6, 0x6d268707, 0x8, 0x6, 0x1}, {0x3, 0x7fffffff, 0x224, 0x2, 0x7, 0x40}, {0x6, 0x1ff, 0x400, 0xfffffff9, 0x3, 0xd1}, {0xf7f, 0xff, 0x8, 0xbb, 0x5bc, 0x7fffffff}, {0x6eed0000, 0x4, 0x2, 0x4, 0x4, 0x19f6}, {0x4, 0xff, 0x7d4c, 0x3ff, 0x1ff, 0x6}, {0x5, 0x6, 0x4, 0x4, 0x6, 0x17}, {0x401, 0xa, 0x0, 0x10, 0xfffffffb, 0x9}, {0x20, 0x7, 0xc79, 0xd, 0x81, 0x2}, {0x400, 0x7, 0x7fffffff, 0x9, 0x10, 0x7}, {0x7, 0xe27, 0x7, 0x7, 0xb0, 0xb}, {0x4, 0x8, 0xf7, 0x4, 0xa, 0xbb12}, {0x1, 0x5, 0xfffffff3, 0x1000, 0x4, 0x5}, {0x0, 0x9, 0x3, 0x2, 0x5, 0x5}, {0x5, 0x5, 0x1c84, 0x1, 0x1, 0xb177}, {0x41f, 0x1ff, 0x42, 0x1, 0x7fff, 0x5}, {0xc8e, 0xe0, 0x9, 0x6f, 0xc00}, {0x6a2d9459, 0xffff3e9c, 0x400, 0xf652, 0x1}, {0x3, 0x4, 0x9b, 0x1, 0x7f, 0xfffffffe}, {0x1000, 0x4, 0x1, 0x80, 0x10001, 0x9}, {0xa6d4, 0x8e, 0x8, 0x6, 0xb, 0x1}, {0x4, 0x2f2, 0x10001, 0x96, 0x1}, {0x80000000, 0xffffffff, 0x3, 0x2, 0x6, 0x8}, {0xa17f, 0x1, 0x0, 0x1000, 0x3da, 0xd6}, {0x8, 0x9, 0x7, 0x0, 0xd, 0x5}, {0x3, 0x3, 0xfffffffa, 0x1000, 0x0, 0x5}, {0x3, 0xee9, 0x7, 0xfff, 0x9, 0x1}, {0xffff, 0x7, 0x7fff, 0xfffffffc, 0x9, 0x7}, {0x4, 0xf3, 0x6, 0x0, 0x6, 0xc7aa}, {0x2, 0x7f, 0x4, 0x9, 0x5817, 0xf5}, {0xb9c, 0x80, 0x401, 0x9, 0x9, 0x10000}, {0x0, 0x9, 0x9, 0x6, 0x1ff, 0xffffffff}, {0x776, 0x2, 0x5, 0x8001, 0x61, 0x3}, {0x8, 0xc19, 0x4, 0xff, 0x8b96, 0xa}, {0x5, 0xd6, 0x6, 0x80000000, 0x3, 0xffffffff}, {0x4, 0x0, 0x81, 0x100, 0x7, 0x10}, {0x8001, 0x91c, 0x4100, 0x6, 0x9, 0x5}, {0x3, 0xa8, 0x40, 0x6, 0x9, 0x3}, {0x7f, 0x6, 0x9, 0x80, 0xfffff938, 0x5}, {0xa, 0x8, 0x8000, 0x4, 0x9, 0x80}, {0x9a, 0x57, 0xfffffffd, 0x1, 0x4, 0x7}, {0x1000, 0x9, 0x7, 0xfffffffa, 0x10000, 0x6}, {0x3, 0x10, 0x6, 0x8, 0x5b, 0xcb70}, {0x0, 0x4, 0x6, 0x5, 0x6, 0x6}, {0xffff0000, 0x9, 0x1, 0x5, 0x200, 0x1}, {0x7c, 0xffff, 0x5, 0x8001, 0x6d0, 0x6}, {0x6, 0x4, 0x169c, 0xffffffff, 0xf5, 0x8001}, {0xff, 0x7f, 0x8c0f, 0x8000, 0x3d, 0x7ff}, {0x2, 0x9, 0x200, 0x4fa, 0x10, 0x8001}, {0x100, 0xc2, 0x68, 0x8, 0x16e, 0x3}, {0x3, 0x2, 0x400, 0x5, 0x101, 0x8}, {0x6, 0x7, 0x3, 0x1, 0x482, 0xf}, {0x100, 0x3, 0xfff, 0x8, 0x4, 0x9}, {0x8, 0x7, 0x100, 0x7, 0x7f, 0x8}, {0x8, 0x6, 0x1, 0x4, 0x7, 0x199700}, {0xa0, 0xfe, 0x2, 0x0, 0x3, 0x8}, {0x7, 0x6, 0x4ea, 0x5, 0x1, 0x6}, {0x5, 0x0, 0x1, 0x2, 0x2, 0x1}, {0xf, 0x1, 0xa6, 0x0, 0xffffffff, 0xed44}, {0x9, 0xe, 0x4, 0x9, 0xe6a, 0x5}, {0x3ff, 0x5, 0x3, 0x4, 0xffff, 0x7}, {0xcb5, 0x3, 0xafe, 0x401, 0x401, 0x7}, {0x7, 0x4, 0xef6f, 0xa627, 0x9, 0x81}, {0x80000000, 0x10, 0x0, 0x1d, 0xd3, 0x3}, {0x3, 0x7, 0xdb33, 0x3c3a, 0x158, 0x8}, {0xf, 0x0, 0x7ff, 0x2f2, 0xffffffff, 0xf5}, {0x3, 0x9, 0x0, 0x10000, 0x9, 0x7}, {0x4, 0x7fff, 0x3ff, 0x57, 0xa, 0x8}], [{0x5, 0x1}, {0x1, 0x1}, {0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x1}, {0x2, 0x1}, {0x5}, {}, {0x3, 0x1}, {0x0, 0x1}, {0x3}, {0x2, 0x1}, {0x4}, {0x5, 0x1}, {0x4, 0xdcdc0b73aee77c10}, {}, {0x4}, {0x5, 0x1}, {0x4}, {0x5, 0x1}, {0x4, 0x1}, {0x5}, {0x3}, {0x2}, {0x2}, {0x5}, {0x5}, {0x5, 0x1}, {0x3, 0x1}, {}, {}, {0x0, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x49cf8bba16fd9238, 0x1}, {0x5, 0x1}, {0x4}, {0x3, 0x1}, {0x1}, {0x3}, {0x4}, {0x0, 0x1}, {0x3, 0x1}, {0x2}, {0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x3}, {0x3, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x2}, {0x5, 0x1}, {0x2}, {0x3}, {0x5, 0x1}, {0x5, 0x1}, {0x4}, {0x4, 0x1}, {}, {0x0, 0x1}, {0x5, 0x1}, {0x7}, {0x4}, {0x4, 0x1}, {0x4, 0x1}, {0x2}, {0x4, 0x1}, {0x4, 0x1}, {0x8dcc43c5ba1484ae, 0x1}, {0x0, 0x1}, {0x2}, {0x1}, {0x2}, {0x0, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x5}, {0x4, 0x1}, {0x3, 0x1}, {0x5}, {0x1, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x1}, {0x82083b1d1be0dccf}, {0x3}, {}, {0x4, 0x1}, {0x1}, {0x2, 0x1}, {0x2}, {0x4, 0x1}, {0x1}, {0x7, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {}, {0x4, 0x1}, {0x1}, {0x3}, {0x2}, {0x1, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x5, 0x1}]}}, @TCA_PEDIT_PARMS_EX={0xe38, 0x4, {{{0xff, 0x7, 0x20000000, 0x80000001, 0x4}, 0x1, 0x1, [{0x8, 0x6, 0x4, 0x8, 0x9, 0x9}]}, [{0x8e20, 0x0, 0x3, 0x80000001, 0x4, 0x6}, {0x6, 0x6, 0x5, 0x2d, 0x5, 0x1}, {0x7, 0x7, 0x0, 0x93, 0x2, 0x6}, {0x864, 0x8, 0x5, 0x400, 0x1, 0x200}, {0x7, 0x7ff, 0x7f, 0xfffffffe, 0x401}, {0x1, 0x3, 0x6, 0x525, 0x7, 0x1}, {0x2, 0x200, 0x3, 0x838b, 0x4, 0x8}, {0x1ffe00, 0x6c6, 0x2, 0x2, 0x29, 0xfffffff7}, {0x103c, 0x6, 0x8000, 0x0, 0xe0000000, 0xd}, {0x9, 0x9, 0x7, 0x800, 0x1000, 0x4}, {0x7, 0x9, 0x476, 0x200, 0x1ac21f32, 0x7}, {0x4, 0x5, 0x1, 0xe0000000, 0x1, 0x80000000}, {0x3, 0x1, 0x6, 0x9, 0x6, 0x7}, {0xdd, 0x1ee7, 0x6304, 0x6, 0x5, 0xfff}, {0x6, 0x5, 0x5bf, 0x1, 0x6, 0x6}, {0x4, 0x57, 0x6160, 0x4, 0x87, 0xe0}, {0x0, 0x40, 0x400, 0x2, 0xa926, 0x3}, {0x2, 0x4524, 0x8000, 0xfa, 0xfffffffd, 0x9f8}, {0x2, 0xa62, 0x10001, 0x6, 0x3, 0x2}, {0x8, 0x8, 0x100, 0x5, 0x3}, {0x401, 0x5, 0x7fffffff, 0x1, 0x4, 0x710c}, {0x2, 0x5e2, 0x80000000, 0x6, 0x2, 0xeae}, {0x0, 0x0, 0x2, 0x31, 0x1, 0x7}, {0x6, 0x401, 0x7f, 0x1, 0x0, 0x8}, {0x3ff, 0x4, 0x7, 0x7, 0x4, 0x10000}, {0x1, 0xf84, 0x8, 0xd3ef, 0x9, 0xf5}, {0x40, 0x5, 0x80, 0x6, 0xfffffff6, 0x8}, {0x5, 0xfffffffc, 0x7, 0xc0, 0x8000, 0x1}, {0x4, 0x9, 0xceb, 0xc8, 0x8, 0x40}, {0x3d, 0x6, 0x7fffffff, 0xfffffeff, 0xa, 0x8}, {0xa1ea, 0x9, 0x9, 0xa, 0x80000, 0x1000}, {0x6ca, 0x6, 0x3, 0x600, 0x2, 0xfffffff8}, {0x8000000, 0x10, 0x7, 0x0, 0x4, 0x5}, {0x8, 0xffffffff, 0x1000, 0x7fffffff, 0x0, 0xfffffff7}, {0x4, 0x80000000, 0x6, 0x7f, 0x2, 0x2}, {0xe, 0x0, 0x1, 0x4, 0x80000001, 0x5}, {0xffff, 0x5, 0xbd0c, 0xffff, 0x5494, 0x8}, {0x7, 0x4, 0x3, 0x6, 0x3, 0x8}, {0x1, 0x7, 0x9, 0x8, 0x5, 0x5}, {0x7, 0x3, 0x7, 0x3, 0x1, 0x10001}, {0x4, 0xc791, 0x1, 0x2, 0x34}, {0x8, 0x3, 0x6, 0x0, 0x7, 0xfe}, {0x200, 0xfffffffc, 0x4, 0x7, 0x9, 0x6}, {0x81, 0x0, 0x8000, 0x1, 0x142, 0x3}, {0x8, 0x305, 0x6, 0x40, 0x6, 0x7}, {0x0, 0xffffff17, 0x8, 0x4, 0x7, 0xc}, {0x4, 0x2e1, 0x8, 0x4, 0x8, 0x4}, {0x0, 0x10001, 0x9, 0x200, 0x0, 0x8000}, {0x3, 0x40, 0x7, 0x3, 0x5, 0xfffff699}, {0x10000, 0x2, 0x8, 0x2, 0xffffffff}, {0x7, 0x8c, 0x8, 0x9, 0x7ff, 0x5d0}, {0x3, 0x76b, 0x8, 0x2, 0x877, 0x6}, {0x0, 0x2, 0x1, 0x7, 0xd8, 0xef}, {0x14, 0x8, 0x8, 0x1, 0x4, 0x8}, {0x8, 0x0, 0x10, 0xfffffbf7, 0x389c, 0x1}, {0xc, 0x77a1, 0x1000, 0xfffffe00, 0x1000, 0xc582}, {0x9, 0x2, 0xfffffffd, 0x2, 0x707, 0x4}, {0x3000, 0x7f, 0x60b, 0x1, 0xdd7c}, {0x0, 0x9, 0x7, 0x4005, 0xf}, {0x2cf90363, 0x2, 0x9, 0xa0, 0x7}, {0xf, 0x10, 0x1, 0x7, 0x7, 0x1}, {0x6, 0x3, 0xa, 0x5, 0x7, 0xfe}, {0x7, 0x3, 0x8, 0x4, 0x7, 0x6}, {0x1, 0x9, 0x9b0, 0x3, 0x5, 0x1}, {0x3, 0x6ac, 0x2, 0x9, 0x9, 0x7}, {0xbed, 0xa, 0x5, 0x5, 0x80000000, 0x4}, {0x1ff, 0x9, 0x2, 0x5, 0x5, 0x9}, {0x6, 0x9, 0x4, 0x401, 0x200, 0x7}, {0x8, 0xff, 0x8, 0x1, 0x86, 0xb}, {0x8, 0x7ed33b69, 0x7, 0xa8, 0x8, 0x8}, {0x100, 0x6, 0x1e, 0x5f, 0x6, 0x2}, {0x8, 0x40, 0xa, 0x9, 0x8, 0xea66}, {0x6, 0x6, 0x1, 0x2, 0x10001, 0xff}, {0x3cf, 0x1, 0x4, 0xbdc8, 0x5, 0x8}, {0xc4, 0x41bd, 0x9, 0x7, 0x80000001, 0xfff}, {0x65, 0xa3c5, 0x7ab0d7, 0x3, 0x5}, {0x3, 0x8, 0x3, 0x6, 0x3, 0x2}, {0x1, 0x0, 0x81, 0x100, 0x5, 0x6}, {0x101, 0x1, 0x4, 0x6, 0x2, 0x3}, {0x61c4, 0x0, 0x1, 0x2912, 0x5, 0x1}, {0x3, 0x7d, 0x10, 0x0, 0x1, 0x9}, {0x1000, 0x3, 0x0, 0xcf, 0x0, 0x9}, {0x741, 0xfffffff7, 0x1, 0x1ff, 0x7ff}, {0x4, 0x6, 0x1, 0x2, 0x8, 0x1}, {0x9, 0x180000, 0x2, 0x6, 0xb1, 0x2}, {0x10, 0x1, 0x6, 0x10001, 0xdf, 0x2}, {0x0, 0x2, 0x5, 0x400, 0x5, 0x2}, {0x2a4, 0xc, 0x7, 0x291, 0x4, 0x3}, {0xffff, 0x449, 0x7, 0x8, 0x2, 0x54e}, {0xa, 0x7, 0x5, 0x8, 0xffff, 0xf1}, {0x4, 0x783, 0x1, 0xf56, 0x5, 0x1}, {0x7544, 0x9, 0x545, 0x1000, 0x3, 0x8}, {0x4, 0x10, 0x7, 0x7, 0x5, 0x229f0118}, {0x7, 0x3, 0x101, 0x1, 0x25670c65, 0x4}, {0x8, 0x5, 0x3ff, 0xff, 0x2, 0x3b}, {0x0, 0x4, 0x5, 0x0, 0x7, 0xdb6}, {0x8, 0x8, 0x6da, 0x3e, 0x0, 0x10100}, {0x5, 0x1ff, 0x3ccd, 0x9, 0x4, 0x1}, {0xfffffffd, 0x4, 0x6, 0x2, 0x6, 0xfffffff9}, {0xfffffff8, 0x9, 0x6, 0x2, 0x57874f82, 0x8}, {0x400, 0xffffffff, 0x800, 0x100, 0x8}, {0x4, 0x6, 0x75f2, 0x200, 0x7, 0xc}, {0x1, 0x1, 0x20f5, 0x6, 0x8}, {0x8001, 0xcb, 0x1, 0x5, 0x7, 0x2}, {0x8, 0x7, 0x1, 0x0, 0x52b0, 0x3}, {0xffffff11, 0x3, 0xe61a, 0x8000, 0x6, 0x5}, {0x8, 0x6, 0x2, 0x3, 0x622, 0xe21}, {0x5, 0xffffffff, 0x2, 0xfffffc78, 0x56, 0x80}, {0x3, 0x1, 0x4, 0x2f4f, 0x80000001, 0x401}, {0x2, 0x7, 0x3fe, 0x9, 0x3, 0x2}, {0x80000000, 0x8, 0x3, 0x8, 0x2, 0x9}, {0x8, 0x4148, 0x9, 0x4, 0x2a3b9e8c, 0x5}, {0x10, 0x0, 0x2, 0xb, 0x1}, {0x4, 0x80000000, 0x6706, 0xa, 0x0, 0x80000001}, {0xf6a, 0x1, 0x1, 0x8000, 0x8, 0x277}, {0x7, 0x6, 0xa553, 0x3538000, 0x3f2, 0x3}, {0x3, 0x734d, 0x4, 0xa, 0x6, 0xfffff1a7}, {0x0, 0x10000, 0x0, 0x81, 0x7, 0x5}, {0x100, 0x6, 0x2, 0x3, 0x1, 0x2d0}, {0x10, 0x7, 0x5, 0x24, 0x8, 0x1}, {0x8, 0x101, 0x2, 0xb73f, 0x2, 0xade0}, {0x2, 0x1, 0xdc, 0x1, 0x134f}, {0x9, 0x10, 0x4, 0x10001, 0x4, 0xfffffffb}, {0x7, 0xc0fc, 0x1, 0x4, 0x9, 0xfffffff9}, {0x7, 0x3, 0x2, 0x1000, 0x0, 0x80000000}, {0x2da39963, 0x8, 0x1ff, 0x40, 0x1, 0x100}, {0x10000, 0x3181, 0x8, 0x5, 0x6, 0x8001}, {0x9, 0x953a, 0xc4f9, 0x8, 0x6, 0x3}], [{0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {}, {0x1, 0x1}, {0x4}, {0x5}, {0x4, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x2}, {0x5, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x1}, {0x2, 0x1}, {0x3}, {0x1, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {}, {0x2, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {}, {}, {0x0, 0x1}, {0x1, 0x1}, {0x1}, {0x5}, {0x1}, {0x1, 0x1}, {0x2}, {0x2}, {0x2}, {0x1}, {0x0, 0x1}, {0x2}, {0x1, 0x1}, {0x2, 0x1}, {}, {0x5, 0x1}, {}, {0x1}, {0x2}, {0x6}, {0x2, 0x1}, {0x5}, {0x2}, {0x0, 0x1}, {0x2}, {}, {0x1, 0x1}, {0x2}, {0x1}, {0x5, 0x1}, {0x5, 0x30901378c75695ce}, {0x2, 0x1}, {0x6}, {0x4}, {0x5}, {0x9, 0x1}, {0x2}, {0x5}, {0x6, 0x1}, {0x1}, {0x2}, {0x4}, {0x1, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x4}, {0x3}, {0x3}, {0x4}, {0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x3, 0x338f098e5f67093f}, {0x2, 0x1}, {0x5}, {0x1}, {0x3}, {0x4}, {0x1}, {0x1}, {0x2}, {0x2, 0x1}, {0x2, 0x1}, {0x5}, {0x1, 0x1}, {0x1, 0x1}, {0x2}, {0x4, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x5}, {0x4, 0x1}, {0x3}, {0x4, 0x1}, {}, {0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {}, {0x4, 0x1}, {0x4}, {0x2}, {0x2, 0x1}, {0x4, 0x1}, {0x2}, {0x1}, {0x5}, {0x5, 0x1}, {0x4, 0x1}, {0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x1}, {0x1, 0x1}, {}, {0x3, 0x1}]}}, @TCA_PEDIT_KEYS_EX={0x8c, 0x5, 0x0, 0x1, [{0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}, {0x44, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}]}, {0xd, 0x6, "6bcfcaf1459677426c"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3}}}}, @m_gact={0xc4, 0x18, 0x0, 0x0, {{0x9}, {0x7c, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x0, 0x26e1, 0x7}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x5e3, 0x5}}, @TCA_GACT_PARMS={0x18, 0x2, {0x9, 0x4, 0x5, 0x3, 0x3}}, @TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x1, 0x6, 0x8a, 0x6}}, @TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x7fff, 0x5, 0x100, 0x7ff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x9, 0x0, 0x6, 0xc, 0x9}}]}, {0x1e, 0x6, "ff0bb5f93653fa7da1afbbefc4c30ebe69b3fcc4a937789c96f3"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_nat={0xf4, 0x1, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x2, 0x6, 0x5, 0x6, 0xc92}, @rand_addr=0x64010101, @rand_addr=0x64010102, 0xff000000}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x1, 0x6, 0x1, 0x101, 0x4}, @multicast1, @broadcast, 0xffffffff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x7ff, 0x1, 0x4, 0x1}, @loopback, @rand_addr=0x64010102, 0xff, 0x1}}]}, {0x54, 0x6, "066d34911891c7cfc21dddfabb54da3f82822f838b8d1649c57f7df4f51a8e86dec1052949c60eae15c6c942433ba574735274194b11bb21a2e1dfa89e95890617f403bdb1f785d449dd0ec8bb5ec81f"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x22b8}}, 0x4840)
r1 = shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
shmctl$IPC_RMID(0x0, 0x0)
syz_clone(0x6a000100, 0x0, 0x0, 0x0, 0x0, 0x0)
mlockall(0x1)
shmdt(r1)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000000)={<r2=>0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @multicast1}, 0x10)
r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x90f, 0x0)
mmap(&(0x7f0000c92000/0x3000)=nil, 0x3000, 0x2, 0x12, r4, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000100)=ANY=[@ANYBLOB="0180c2000000ffffffffffff0800450000240067000000119078ac1408000000000000004e20001090780200000000000000"], 0x0)
ioctl$DRM_IOCTL_UNLOCK(0xffffffffffffffff, 0x4008642b, &(0x7f0000000080)={r2, 0x20})

388.738152ms ago: executing program 0 (id=2470):
socket$inet_sctp(0x2, 0x400000000001, 0x84)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000020000000000018110000648718ef5b8af795a92bc0c1acaa470e85cd1e9a677d1a27ee6848e0da623bb5fcfe979807ac75627cb2d488892b8b2965a40d37b77e9110a7c563da1929d67563e508c449fedbdd8d0371fe11c23b7a39e046a6aaaf5cedf7cd8c74f61b6746de51", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = syz_io_uring_setup(0x2ddd, &(0x7f0000000100)={0x0, 0x0, 0x10100}, &(0x7f0000000240), &(0x7f00000000c0)=<r3=>0x0)
syz_io_uring_setup(0x5e2, &(0x7f0000000280), &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(r2, 0xa3d, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
readv(r5, &(0x7f0000000480)=[{&(0x7f0000000180)=""/19, 0x13}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)

239.238163ms ago: executing program 2 (id=2471):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newtaction={0x74, 0x30, 0x9, 0x0, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x2}}, @TCA_MPLS_PROTO={0x6}, @TCA_MPLS_LABEL={0x8}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)

238.624653ms ago: executing program 2 (id=2472):
syz_open_dev$char_usb(0xc, 0xb4, 0x8002)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000a00), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x38, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}]}, 0x38}}, 0x0)
pipe2(&(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x80)
pread64(r3, &(0x7f0000000040)=""/77, 0x4d, 0x1)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r4, 0x5b03, 0x0)
r5 = gettid()
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), 0xffffffffffffffff)
r8 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r9, &(0x7f0000000000), 0x6)
close_range(r8, 0xffffffffffffffff, 0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r11=>0x0})
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000001080)={0xffffffffffffffff, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4c)
unshare(0x62040200)
socket$igmp(0x2, 0x3, 0x2)
r12 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$EBT_SO_GET_ENTRIES(r12, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r10, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)={0x38, 0x0, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r11}, @NL802154_ATTR_SEC_DEVKEY={0x1c, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4001}, 0x880)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r6, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x41400088}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, r7, 0x2, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r11}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa2}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x8010}, 0x20000000)
syz_open_procfs(r5, &(0x7f00000000c0)='uid_map\x00')
syz_usb_connect(0x0, 0x2fb, &(0x7f0000000500)={{0x12, 0x1, 0x201, 0x26, 0x58, 0x42, 0x8, 0x582, 0x2f, 0x5ef8, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2e9, 0x1, 0x8, 0xce, 0x10, 0x7, [{{0x9, 0x4, 0xd8, 0x10, 0x9, 0x2, 0xe6, 0x4, 0xe, [@cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, "a7"}, {0x5, 0x24, 0x0, 0xda9}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x1ff, 0x3, 0x5}, {0x6, 0x24, 0x1a, 0x37, 0x20}, [@network_terminal={0x7, 0x24, 0xa, 0x48, 0xe, 0x4, 0x6}, @mbim={0xc, 0x24, 0x1b, 0x6, 0x8, 0x81, 0x0, 0x2, 0x6}, @dmm={0x7, 0x24, 0x14, 0xd5, 0xff}, @mdlm={0x15, 0x24, 0x12, 0x5}]}], [{{0x9, 0x5, 0xa, 0xc, 0x20, 0x7, 0xc, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x6, 0x1}, @generic={0xc8, 0xa, "3a6b8142ce570592e245ffd4c0bf46e8da7d270a5dc7b4f05c6ad70c45b397a32f2e67e66607e6b437626463623997462602e33d622f34084ff9ec3cd826946d84bf6c94c5eeb32e2674d99f38d4631114ee8b08820f01789e2f840a70e8197abcaf440856d42b03e28989c4374dd8da1c4aef0881f6e748d2a7f93c8bbdadaa6e7575eaa4db415475bfb97a9191c6947c7a80bc1e73f9e3c19c0ae318f1ed92540f2219b9a635f969a4560bc01c15853b405bee9b3d330f73703066969702ccf8e3df7f4fb3"}]}}, {{0x9, 0x5, 0xf, 0x4, 0x200, 0x10, 0x9, 0x6, [@generic={0x60, 0xb, "5709314446151d92f29f5eaa02bd3e6e7078194eb34caa6447bc529a044ffc682b790801d782b8785fb4962f2a7e348ab4a75aad98611078ed402ef4df8da52fb7ab707eb0315b85a91517424e6d7f01348d391229024f6df974f4b8918f"}]}}, {{0x9, 0x5, 0x9, 0x0, 0x3c7, 0x58, 0x9, 0xf2}}, {{0x9, 0x5, 0xc, 0x0, 0x20, 0x6, 0x5, 0x1, [@generic={0x20, 0x24, "ca8b9367ed017d63f5f0e010db0f02d652393d94d9ed9e37094b1b81c039"}]}}, {{0x9, 0x5, 0x7, 0xc, 0x10, 0x10, 0x9, 0x2, [@generic={0x5e, 0xc, "1314cf54a86d978508bf29b96f1431f6d4c416c30ed5bea00fba967f21e300c0cc88edc5cbb0a1f3d28d8a924813b877d289db30d0093f896bf56d1e2eb67eac3f5c21b68186a0abffbc9fcb836070f2f47fab551ffe3ab121bff4b0"}]}}, {{0x9, 0x5, 0xf, 0x8, 0x8, 0x45, 0xe1, 0x10, [@uac_iso={0x7, 0x25, 0x1, 0x5, 0x4, 0x676}, @generic={0x4d, 0x30, "5bfad01b3fedbf13b59cc090cf018a94265adfcd2d360c640ee80f0aebb587090b54c6b6ff283229a6f9640df1a64e95044f067b3a1339f837e50712e560dbfe75e1b1c7bb82f9549d77a8"}]}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x2, 0x1, 0x7, [@generic={0x23, 0x14, "33f72dc1423ac2a6a82278cfef697ed54ce08532d89411fefcfd55d3b2315671f1"}, @uac_iso={0x7, 0x25, 0x1, 0x3, 0x8}]}}, {{0x9, 0x5, 0x7, 0x3, 0x8, 0x4f, 0x2, 0xd5, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x8, 0x6}]}}, {{0x9, 0x5, 0x8, 0x1, 0xbcf, 0x3, 0xe, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x4, 0xb1b}]}}]}}]}}]}}, &(0x7f00000002c0)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x250, 0x9, 0x5, 0x9, 0x8, 0x1}, 0x118, &(0x7f0000000b40)=ANY=[@ANYBLOB="050f1801050710021eb900ff0b10010801000003000009f7100372d1109d5d1a7dbd8f5229cec2666b4e090dae9c5c69d9c51d6a569ff7e96a369a1578403901b189902883c5956548dd92ecc669166f4b46d08dcf9a6f9c0e0f98b258062312da9381355bc4ef262da5b5b479c76279f0b321b05f6ea304dcfff185c7fe405163326c474cd7795c6c30a9e2d0a044c4224af0c8e548c84042e49010b4afb5b358e300c1ec6c20292dfb0bd84efbf8aba5c57b2ad4ebc3e36c92e0ca686fb4ff5df15ff19c4a9718f7cd7ee9695db24d3e696243d5c9e66fa29298255095272735c5ad081e25293db49608653a8963a38902a1b4c6b2ab3d9224d2ad0c75412db35b096f92acca149e54c891f56ee353e017c8fb94c64395535b03100b07100210399c07a6cbb450cda4f90142ea36cd147335017caa70c200ded6a35a71c3c2466ff7513e26523eb5d9fe95963422f1fd7c768ae2a65d2bde97e6164960d5"], 0x2, [{0x35, &(0x7f0000000280)=@string={0x35, 0x3, "e81a35390ba5e64f2241e82cc456022067ad46b28cccb62245b26d4e5dff9ab3562e148708a001a6b311df01c8e5524e67f70e"}}, {0xe3, &(0x7f0000000380)=@string={0xe3, 0x3, "46ec5f8def81c3d1259ae99463bd4014ca207ef6240cf3c913aa3e04e48bacff1331d3df683a601984436c72fb4fec9204e81b559fc565c83eeebf892b9d95114053fc732e71df31baa7ddb816966076e0b30d97b943f95a26915248b9d5689b2849a30284cae41c2b3357f3d402aab6800ae8c3ac82d7948ce92c93402aa315359a3897b574604393da4cdeb5bd940ec1a0a2a347b7aae50a8483ea85977f32edd2be07dd1d67fd92dcec16314cb32f5dc68256d3cdaf8af5586271f51894038e01286341f0c38b039da3ea185fa29273c049c5fc61f4cb366fecfcf4c3b8c809"}}]})

0s ago: executing program 1 (id=2473):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="180200001000000000000000000000008500000020000000850000007d00000095001000000000000099a0"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0xbccc9594963a389f, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000380)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x80000)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
quotactl_fd$Q_GETNEXTQUOTA(r4, 0xffffffff80000902, 0x0, 0x0)
r5 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
readv(r5, &(0x7f0000001100)=[{&(0x7f0000000880)=""/1, 0x1}, {0x0, 0x2}], 0x2)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000240)="e02742e8680d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
pipe(&(0x7f0000000500)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
splice(r10, 0x0, r8, 0x0, 0xf3a, 0x0)
vmsplice(r7, &(0x7f0000000840)=[{&(0x7f00000004c0)="cf", 0x1}], 0x1, 0x0)
write$binfmt_elf64(r9, &(0x7f0000000380)=ANY=[], 0x18c6)
r11 = dup(r6)
write$UHID_INPUT(r4, &(0x7f0000000080)={0xc, {"a2e3ad214fc752f91b25470987f70e06d038e7ff7fc6e5539b3245078b089b3b083868060890e0878f0e1ac6e70a9b3368959b6c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31350d095d0936cd3b78130daa61f8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874cf2a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d16993428807789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e17f907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c330600d87341432750861ebfbc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33ee75964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfd62eaff19d124fcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a9740600000000f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ce356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f6152f5490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b303db4d7bec6b6a97dbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1055}}, 0x1006)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0xffffffffffffffa6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, r11, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7020000140000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000003d7b86b7124432b10000b700deffffff000095000000000000"], &(0x7f00000011c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r13 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r13, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
getsockname$packet(r11, &(0x7f00000010c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001140)=0x14)
r14 = syz_open_dev$dri(&(0x7f00000008c0), 0x0, 0x0)
ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(r14, 0xf505, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

kernel console output (not intermixed with test programs):

has invalid maxpacket 512, setting to 64
[  442.882570][T11845] usb 5-1: config 8 interface 216 altsetting 16 endpoint 0x9 has invalid maxpacket 967, setting to 64
[  442.885423][T11845] usb 5-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0xF, skipping
[  442.892597][T11845] usb 5-1: config 8 interface 216 altsetting 16 bulk endpoint 0x3 has invalid maxpacket 8
[  442.895221][T11845] usb 5-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0x7, skipping
[  442.898611][T11845] usb 5-1: config 8 interface 216 has no altsetting 0
[  442.902036][T11845] usb 5-1: New USB device found, idVendor=0582, idProduct=002f, bcdDevice=5e.f8
[  442.904487][T11845] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  442.907430][T11845] usb 5-1: Product: syz
[  442.908654][T11845] usb 5-1: Manufacturer: 赟臯퇃騥铩뵣ᑀ⃊త짳ꨓо诤ﾬㄓ㩨ᥠ䎄牬俻鋬唛얟졥覿鴫ᆕ區珼焮㇟Ꞻ룝阖癠돠霍䎹嫹鄦䡒햹魨䤨ʣ쪄᳤㌫˔뚪઀쏨芬铗錬⩀ᖣ騵霸璵䍠򴹌붵ດꃁꎢ띇萊鞅㉿틭޾ᷝﵧ᛬䰱⾳왝嚂췓誯壵煢ᣵΔƎ挨诃鴃弘銢쁳앉懼쯴漶ﳬ쏴좸
[  442.917540][T11845] usb 5-1: SerialNumber: syz
[  442.920709][T12768] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  443.142187][T11845] usb 5-1: USB disconnect, device number 27
[  443.316942][T12791] chnl_net:caif_netlink_parms(): no params data found
[  443.650507][T12791] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.655609][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.661801][T12791] bridge_slave_0: entered allmulticast mode
[  443.675926][T12791] bridge_slave_0: entered promiscuous mode
[  443.707504][T12791] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.709889][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[  443.712375][T12791] bridge_slave_1: entered allmulticast mode
[  443.715088][T12791] bridge_slave_1: entered promiscuous mode
[  443.737947][T12817] bridge0: port 2(bridge_slave_1) entered disabled state
[  443.740985][T12817] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.773860][T12818] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  443.776145][T12818] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  443.778952][T12818] vhci_hcd vhci_hcd.0: Device attached
[  443.782346][T12819] vhci_hcd: cannot find the pending unlink 5
[  443.830505][T12817] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  443.837402][T12817] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  443.882852][T12817] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  443.885529][T12817] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  443.888766][T12817] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  443.891119][T12817] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  443.948573][   T11] bridge_slave_1: left allmulticast mode
[  443.950709][   T11] bridge_slave_1: left promiscuous mode
[  443.952610][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  443.959985][   T11] bridge_slave_0: left allmulticast mode
[  443.961499][   T11] bridge_slave_0: left promiscuous mode
[  443.963176][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.016665][T11843] usb 15-1: new high-speed USB device number 11 using vhci_hcd
[  444.330884][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  444.334718][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  444.338181][   T11] bond0 (unregistering): Released all slaves
[  444.371139][T12819] vhci_hcd: connection reset by peer
[  444.375019][ T1104] vhci_hcd: stop threads
[  444.376143][T12791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  444.376289][ T1104] vhci_hcd: release socket
[  444.380818][ T1104] vhci_hcd: disconnect device
[  444.396033][T12791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  444.478627][T12791] team0: Port device team_slave_0 added
[  444.488607][T12791] team0: Port device team_slave_1 added
[  444.510424][T12791] batman_adv: batadv0: Adding interface: batadv_slave_0
[  444.512304][T12791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  444.519363][T12791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  444.534197][T12791] batman_adv: batadv0: Adding interface: batadv_slave_1
[  444.536067][T12791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  444.545207][T12791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  444.636345][T12791] hsr_slave_0: entered promiscuous mode
[  444.640582][T12791] hsr_slave_1: entered promiscuous mode
[  444.642801][T12791] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  444.645045][T12791] Cannot create hsr debugfs directory
[  444.690507][   T11] hsr_slave_0: left promiscuous mode
[  444.692508][   T11] hsr_slave_1: left promiscuous mode
[  444.694322][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  444.697011][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  444.749362][ T5355] Bluetooth: hci0: command tx timeout
[  444.828731][ T5355] Bluetooth: hci2: command tx timeout
[  444.935747][T12845] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1833'.
[  445.173261][T12850] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  445.175101][T12850] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  445.178549][T12850] vhci_hcd vhci_hcd.0: Device attached
[  445.724580][   T11] team0 (unregistering): Port device team_slave_1 removed
[  445.835254][   T11] team0 (unregistering): Port device team_slave_0 removed
[  445.845733][T12851] vhci_hcd: connection closed
[  445.845906][  T999] vhci_hcd: stop threads
[  445.850436][  T999] vhci_hcd: release socket
[  445.851818][  T999] vhci_hcd: disconnect device
[  446.324607][T12866] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  446.326875][T12866] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  446.330257][T12866] vhci_hcd vhci_hcd.0: Device attached
[  446.335642][T12867] vhci_hcd: cannot find the pending unlink 5
[  446.566579][ T5388] usb 13-1: new high-speed USB device number 9 using vhci_hcd
[  446.654370][T12860] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1836'.
[  446.687316][T12867] vhci_hcd: connection reset by peer
[  446.690141][   T45] vhci_hcd: stop threads
[  446.691739][   T45] vhci_hcd: release socket
[  446.716675][   T45] vhci_hcd: disconnect device
[  446.826559][ T5355] Bluetooth: hci0: command tx timeout
[  446.906753][ T5355] Bluetooth: hci2: command tx timeout
[  447.233580][T12890] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1841'.
[  447.693031][T12791] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  447.697520][T12791] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  447.703061][T12791] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  447.707520][T12791] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  447.773286][T12791] 8021q: adding VLAN 0 to HW filter on device bond0
[  447.780745][T12791] 8021q: adding VLAN 0 to HW filter on device team0
[  447.785410][ T1096] bridge0: port 1(bridge_slave_0) entered blocking state
[  447.787440][ T1096] bridge0: port 1(bridge_slave_0) entered forwarding state
[  447.800722][ T1096] bridge0: port 2(bridge_slave_1) entered blocking state
[  447.802584][ T1096] bridge0: port 2(bridge_slave_1) entered forwarding state
[  447.929974][T12791] 8021q: adding VLAN 0 to HW filter on device batadv0
[  447.963782][T12791] veth0_vlan: entered promiscuous mode
[  447.970535][T12791] veth1_vlan: entered promiscuous mode
[  447.993640][T12791] veth0_macvtap: entered promiscuous mode
[  448.000583][T12791] veth1_macvtap: entered promiscuous mode
[  448.011012][T12791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  448.013711][T12791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  448.016851][T12791] batman_adv: batadv0: Interface activated: batadv_slave_0
[  448.019594][T12791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  448.022298][T12791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  448.025276][T12791] batman_adv: batadv0: Interface activated: batadv_slave_1
[  448.029568][T12791] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  448.031848][T12791] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  448.034113][T12791] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  448.036358][T12791] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  448.078362][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.084845][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.118382][T11828] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.130716][T11828] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.986696][ T5355] Bluetooth: hci2: command tx timeout
[  449.013511][T12959] input: syz0 as /devices/virtual/input/input19
[  449.051639][T12959] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1853'.
[  449.526560][T11843] vhci_hcd: vhci_device speed not set
[  449.664637][T12968] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  449.666363][T12968] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  449.675759][T12968] vhci_hcd vhci_hcd.0: Device attached
[  449.689361][T12970] vhci_hcd: cannot find the pending unlink 5
[  449.725388][T12970] vhci_hcd: connection closed
[  449.725469][   T11] vhci_hcd: stop threads
[  449.728272][   T11] vhci_hcd: release socket
[  449.729843][   T11] vhci_hcd: disconnect device
[  451.077390][ T5355] Bluetooth: hci2: command tx timeout
[  451.696639][ T5388] vhci_hcd: vhci_device speed not set
[  451.721144][T13031] netlink: 'syz.1.1873': attribute type 10 has an invalid length.
[  451.723431][T13031] bridge0: port 3(team0) entered blocking state
[  451.725248][T13031] bridge0: port 3(team0) entered disabled state
[  451.729313][T13031] team0: entered allmulticast mode
[  451.730821][T13031] team_slave_0: entered allmulticast mode
[  451.732998][T13031] team_slave_1: entered allmulticast mode
[  451.735493][T13031] team0: entered promiscuous mode
[  451.737330][T13031] team_slave_0: entered promiscuous mode
[  451.739059][T13031] team_slave_1: entered promiscuous mode
[  451.885561][   T39] audit: type=1800 audit(1728706353.716:568): pid=13036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1873" name="/" dev="fuse" ino=1 res=0 errno=0
[  451.983108][T13042] FAULT_INJECTION: forcing a failure.
[  451.983108][T13042] name failslab, interval 1, probability 0, space 0, times 0
[  451.986409][T13042] CPU: 1 UID: 0 PID: 13042 Comm: syz.2.1876 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  451.989338][T13042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  451.992027][T13042] Call Trace:
[  451.993124][T13042]  <TASK>
[  451.994052][T13042]  dump_stack_lvl+0x16c/0x1f0
[  451.995405][T13042]  should_fail_ex+0x497/0x5b0
[  451.996600][T13042]  ? fs_reclaim_acquire+0xae/0x150
[  451.997865][T13042]  should_failslab+0xc2/0x120
[  451.999055][T13042]  __kmalloc_noprof+0xcb/0x410
[  452.000271][T13042]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  452.001719][T13042]  tomoyo_realpath_from_path+0xbf/0x710
[  452.003174][T13042]  ? tomoyo_path_number_perm+0x232/0x5b0
[  452.004589][T13042]  tomoyo_path_number_perm+0x245/0x5b0
[  452.005983][T13042]  ? tomoyo_path_number_perm+0x232/0x5b0
[  452.007376][T13042]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  452.008903][T13042]  ? trace_lock_acquire+0x14a/0x1d0
[  452.010183][T13042]  ? lock_acquire+0x2f/0xb0
[  452.011333][T13042]  ? __fget_files+0x40/0x3f0
[  452.012503][T13042]  ? __fget_files+0x244/0x3f0
[  452.013707][T13042]  security_file_ioctl_compat+0x9b/0x240
[  452.015112][T13042]  __do_compat_sys_ioctl+0x52/0x2b0
[  452.016406][T13042]  __do_fast_syscall_32+0x73/0x120
[  452.017691][T13042]  do_fast_syscall_32+0x32/0x80
[  452.019068][T13042]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  452.021297][T13042] RIP: 0023:0xf7f01579
[  452.022669][T13042] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  452.027643][T13042] RSP: 002b:00000000f568656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  452.029767][T13042] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845657
[  452.031953][T13042] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  452.034047][T13042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  452.036009][T13042] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  452.037975][T13042] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  452.040481][T13042]  </TASK>
[  452.046336][T13042] ERROR: Out of memory at tomoyo_realpath_from_path.
[  453.296600][T11843] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  453.457686][T11843] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  453.460456][T11843] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  453.463073][T11843] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  453.466276][T11843] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.470231][T13070] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  453.473676][T11843] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  453.725968][ T5170] usb 5-1: USB disconnect, device number 28
[  454.886239][T13105] bridge0: port 2(bridge_slave_1) entered disabled state
[  454.888204][T13105] bridge0: port 1(bridge_slave_0) entered disabled state
[  454.913719][T13106] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  454.915478][T13106] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  454.918492][T13106] vhci_hcd vhci_hcd.0: Device attached
[  454.922857][T13107] vhci_hcd: cannot find the pending unlink 5
[  454.973909][T13105] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  454.981946][T13105] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  455.032453][T13105] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  455.034829][T13105] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  455.037464][T13105] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  455.040028][T13105] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  455.108981][T13107] vhci_hcd: connection closed
[  455.109213][ T1096] vhci_hcd: stop threads
[  455.111054][T13118] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1894'.
[  455.116633][ T1096] vhci_hcd: release socket
[  455.118188][ T1096] vhci_hcd: disconnect device
[  455.306708][ T5709] usb 19-1: new high-speed USB device number 13 using vhci_hcd
[  455.309155][ T5709] usb 19-1: enqueue for inactive port 0
[  455.388832][ T5709] vhci_hcd: vhci_device speed not set
[  456.243480][T13154] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  456.486553][T11843] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  456.646563][T11843] usb 5-1: Using ep0 maxpacket: 8
[  456.658430][T11843] usb 5-1: config 8 has an invalid interface number: 216 but max is 0
[  456.660565][T11843] usb 5-1: config 8 has no interface number 0
[  456.662113][T11843] usb 5-1: config 8 interface 216 altsetting 16 endpoint 0xF has invalid maxpacket 512, setting to 64
[  456.668545][T11843] usb 5-1: config 8 interface 216 altsetting 16 endpoint 0x9 has invalid maxpacket 967, setting to 64
[  456.671320][T11843] usb 5-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0xF, skipping
[  456.696848][T11843] usb 5-1: config 8 interface 216 altsetting 16 bulk endpoint 0x3 has invalid maxpacket 8
[  456.699544][T11843] usb 5-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0x7, skipping
[  456.702629][T11843] usb 5-1: config 8 interface 216 has no altsetting 0
[  456.715930][T11843] usb 5-1: New USB device found, idVendor=0582, idProduct=002f, bcdDevice=5e.f8
[  456.718277][T11843] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  456.720633][T11843] usb 5-1: Product: syz
[  456.725895][T11843] usb 5-1: Manufacturer: 赟臯퇃騥铩뵣ᑀ⃊త짳ꨓо诤ﾬㄓ㩨ᥠ䎄牬俻鋬唛얟졥覿鴫ᆕ區珼焮㇟Ꞻ룝阖癠돠霍䎹嫹鄦䡒햹魨䤨ʣ쪄᳤㌫˔뚪઀쏨芬铗錬⩀ᖣ騵霸璵䍠򴹌붵ດꃁꎢ띇萊鞅㉿틭޾ᷝﵧ᛬䰱⾳왝嚂췓誯壵煢ᣵΔƎ挨诃鴃弘銢쁳앉懼쯴漶ﳬ쏴좸
[  456.734721][T11843] usb 5-1: SerialNumber: syz
[  456.746004][T13154] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  457.151101][T11843] usb 5-1: USB disconnect, device number 29
[  457.406613][ T5388] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  457.439014][T13173] IPVS: set_ctl: invalid protocol: 255 224.0.0.1:4
[  457.446193][T13173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1909'.
[  457.568661][ T5388] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  457.571375][ T5388] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  457.574060][ T5388] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  457.576385][ T5388] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  457.583221][ T5388] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  457.585573][ T5388] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  457.587820][ T5388] usb 7-1: Product: syz
[  457.588974][ T5388] usb 7-1: Manufacturer: syz
[  457.594761][ T5388] cdc_wdm 7-1:1.0: skipping garbage
[  457.596152][ T5388] cdc_wdm 7-1:1.0: skipping garbage
[  457.604295][ T5388] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  457.605874][ T5388] cdc_wdm 7-1:1.0: Unknown control protocol
[  457.852535][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  457.854789][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  457.857200][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  457.859411][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  457.861626][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  457.863847][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  457.866090][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  457.868323][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  457.870602][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  457.872682][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  457.874445][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  457.876038][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  457.877674][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  457.879267][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  457.880945][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  457.882649][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  457.884455][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  457.886169][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  457.887925][    C3] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  457.889646][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  457.892775][ T5388] usb 7-1: USB disconnect, device number 24
[  457.894345][    C3] cdc_wdm 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  458.454647][T13214] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  458.696719][ T5170] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  458.846603][ T5170] usb 5-1: Using ep0 maxpacket: 8
[  458.850578][ T5170] usb 5-1: config 8 has an invalid interface number: 216 but max is 0
[  458.852752][ T5170] usb 5-1: config 8 has no interface number 0
[  458.854340][ T5170] usb 5-1: config 8 interface 216 altsetting 16 endpoint 0xF has invalid maxpacket 512, setting to 64
[  458.857530][ T5170] usb 5-1: config 8 interface 216 altsetting 16 endpoint 0x9 has invalid maxpacket 967, setting to 64
[  458.860357][ T5170] usb 5-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0xF, skipping
[  458.863415][ T5170] usb 5-1: config 8 interface 216 altsetting 16 bulk endpoint 0x3 has invalid maxpacket 8
[  458.866011][ T5170] usb 5-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0x7, skipping
[  458.870050][ T5170] usb 5-1: config 8 interface 216 has no altsetting 0
[  458.873258][ T5170] usb 5-1: New USB device found, idVendor=0582, idProduct=002f, bcdDevice=5e.f8
[  458.875793][ T5170] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.878175][T11845] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  458.880193][ T5170] usb 5-1: Product: syz
[  458.881490][ T5170] usb 5-1: Manufacturer: 赟臯퇃騥铩뵣ᑀ⃊త짳ꨓо诤ﾬㄓ㩨ᥠ䎄牬俻鋬唛얟졥覿鴫ᆕ區珼焮㇟Ꞻ룝阖癠돠霍䎹嫹鄦䡒햹魨䤨ʣ쪄᳤㌫˔뚪઀쏨芬铗錬⩀ᖣ騵霸璵䍠򴹌붵ດꃁꎢ띇萊鞅㉿틭޾ᷝﵧ᛬䰱⾳왝嚂췓誯壵煢ᣵΔƎ挨诃鴃弘銢쁳앉懼쯴漶ﳬ쏴좸
[  458.890330][ T5170] usb 5-1: SerialNumber: syz
[  458.893484][T13214] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  458.977141][ T5419] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  459.048188][T11845] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  459.050481][T11845] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  459.053280][T11845] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  459.055630][T11845] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  459.060783][T11845] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  459.063174][T11845] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  459.065388][T11845] usb 7-1: Product: syz
[  459.066575][T11845] usb 7-1: Manufacturer: syz
[  459.073958][T11845] cdc_wdm 7-1:1.0: skipping garbage
[  459.075350][T11845] cdc_wdm 7-1:1.0: skipping garbage
[  459.080114][T11845] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  459.081702][T11845] cdc_wdm 7-1:1.0: Unknown control protocol
[  459.112861][ T5170] usb 5-1: USB disconnect, device number 30
[  459.137877][ T5419] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  459.140739][ T5419] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  459.143268][ T5419] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  459.146671][ T5419] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  459.149032][ T5419] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.154840][ T5419] usb 6-1: config 0 descriptor??
[  459.324977][ T5388] usb 7-1: USB disconnect, device number 25
[  459.325025][    C2] cdc_wdm 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  459.561942][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.564087][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.566114][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.572602][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.574627][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.576748][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.578741][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.580738][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.582911][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.584924][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.587000][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.589127][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.591126][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.593115][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.595086][ T5419] plantronics 0003:047F:FFFF.0009: unknown main item tag 0x0
[  459.597345][ T5419] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving
[  459.603877][ T5419] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  459.783108][T13248] ipvlan2: entered promiscuous mode
[  459.785497][T13248] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  459.789072][T13248] team0: Device ipvlan2 is already an upper device of the team interface
[  459.828325][T13229] FAULT_INJECTION: forcing a failure.
[  459.828325][T13229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  459.832135][T13229] CPU: 2 UID: 0 PID: 13229 Comm: syz.1.1925 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  459.834953][T13229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  459.837718][T13229] Call Trace:
[  459.838593][T13229]  <TASK>
[  459.839428][T13229]  dump_stack_lvl+0x16c/0x1f0
[  459.840675][T13229]  should_fail_ex+0x497/0x5b0
[  459.841917][T13229]  _copy_to_user+0x30/0xc0
[  459.843090][T13229]  simple_read_from_buffer+0xd0/0x160
[  459.844521][T13229]  proc_fail_nth_read+0x198/0x270
[  459.845832][T13229]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  459.847269][T13229]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  459.848759][T13229]  vfs_read+0x1ce/0xbd0
[  459.849896][T13229]  ? __fget_files+0x23a/0x3f0
[  459.851124][T13229]  ? fdget_pos+0x24c/0x360
[  459.852311][T13229]  ? __pfx_lock_release+0x10/0x10
[  459.853618][T13229]  ? trace_lock_acquire+0x14a/0x1d0
[  459.854967][T13229]  ? __pfx_vfs_read+0x10/0x10
[  459.856209][T13229]  ? __pfx___mutex_lock+0x10/0x10
[  459.857824][T13229]  ? __fget_files+0x244/0x3f0
[  459.859050][T13229]  ksys_read+0x12f/0x260
[  459.860172][T13229]  ? __pfx_ksys_read+0x10/0x10
[  459.861414][T13229]  __do_fast_syscall_32+0x73/0x120
[  459.862743][T13229]  do_fast_syscall_32+0x32/0x80
[  459.864008][T13229]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  459.865649][T13229] RIP: 0023:0xf73ee579
[  459.866719][T13229] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  459.871655][T13229] RSP: 002b:00000000f56d65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  459.873800][T13229] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f56d6620
[  459.875814][T13229] RDX: 000000000000000f RSI: 00000000f73dbff4 RDI: 0000000000000000
[  459.877850][T13229] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  459.879875][T13229] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  459.881935][T13229] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  459.883970][T13229]  </TASK>
[  459.884827][    C2] vkms_vblank_simulate: vblank timer overrun
[  459.922692][ T5419] usb 6-1: USB disconnect, device number 23
[  459.961435][T13254] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  459.963134][T13254] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  459.966104][T13254] vhci_hcd vhci_hcd.0: Device attached
[  459.972092][T13255] vhci_hcd: cannot find the pending unlink 5
[  460.053167][T13255] vhci_hcd: connection closed
[  460.053385][ T1104] vhci_hcd: stop threads
[  460.060976][ T1104] vhci_hcd: release socket
[  460.062155][ T1104] vhci_hcd: disconnect device
[  460.252615][   T39] audit: type=1326 audit(1728706362.086:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13266 comm="syz.2.1935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  460.260055][   T39] audit: type=1326 audit(1728706362.096:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13266 comm="syz.2.1935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  460.266191][   T39] audit: type=1326 audit(1728706362.096:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13266 comm="syz.2.1935" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  460.273715][   T39] audit: type=1326 audit(1728706362.106:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13266 comm="syz.2.1935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  460.281389][   T39] audit: type=1326 audit(1728706362.116:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13266 comm="syz.2.1935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  460.289494][   T39] audit: type=1326 audit(1728706362.126:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13266 comm="syz.2.1935" exe="/syz-executor" sig=0 arch=40000003 syscall=85 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  460.300574][   T39] audit: type=1326 audit(1728706362.126:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13266 comm="syz.2.1935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  460.306305][   T39] audit: type=1326 audit(1728706362.126:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13266 comm="syz.2.1935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  460.312151][   T39] audit: type=1326 audit(1728706362.136:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13266 comm="syz.2.1935" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  460.317976][   T39] audit: type=1326 audit(1728706362.136:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13266 comm="syz.2.1935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  460.917714][T13284] block device autoloading is deprecated and will be removed.
[  461.153066][T13295] netlink: 'syz.2.1942': attribute type 2 has an invalid length.
[  461.286715][    T9] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  461.439842][T13303] bridge0: port 2(bridge_slave_1) entered disabled state
[  461.441862][T13303] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.448207][    T9] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  461.450884][    T9] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  461.453685][    T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  461.456324][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  461.462759][    T9] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  461.465262][    T9] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  461.467869][    T9] usb 6-1: Product: syz
[  461.469461][    T9] usb 6-1: Manufacturer: syz
[  461.480099][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  461.481559][T13304] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  461.481670][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  461.483123][T13304] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  461.487292][T13304] vhci_hcd vhci_hcd.0: Device attached
[  461.490413][    T9] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  461.492295][    T9] cdc_wdm 6-1:1.0: Unknown control protocol
[  461.510242][T13305] vhci_hcd: cannot find the pending unlink 5
[  461.534099][T13303] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  461.543207][T13303] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  461.591633][T13303] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  461.593967][T13303] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  461.596247][T13303] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  461.599029][T13303] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  461.632948][ T5355] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  461.636018][ T5355] Bluetooth: hci0: Injecting HCI hardware error event
[  461.636595][T13305] vhci_hcd: connection closed
[  461.639607][   T66] Bluetooth: hci0: hardware error 0x00
[  461.641485][ T1104] vhci_hcd: stop threads
[  461.643740][ T1104] vhci_hcd: release socket
[  461.644946][ T1104] vhci_hcd: disconnect device
[  461.686651][ T5388] vhci_hcd: vhci_device speed not set
[  461.730766][T11845] usb 6-1: USB disconnect, device number 24
[  461.732415][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  462.305136][T13323] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1948'.
[  463.091579][T13336] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  463.093339][T13336] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  463.116602][T13336] vhci_hcd vhci_hcd.0: Device attached
[  463.118741][T13337] vhci_hcd: cannot find the pending unlink 5
[  463.143091][T13337] vhci_hcd: connection closed
[  463.143589][  T999] vhci_hcd: stop threads
[  463.159473][  T999] vhci_hcd: release socket
[  463.160695][  T999] vhci_hcd: disconnect device
[  463.636589][T11521] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  463.706567][   T66] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  463.711695][T13366] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  463.787701][T11521] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  463.789970][T11521] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  463.792533][T11521] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  463.794925][T11521] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  463.799053][T11521] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  463.801422][T11521] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  463.803460][T11521] usb 6-1: Product: syz
[  463.804546][T11521] usb 6-1: Manufacturer: syz
[  463.807907][T11521] cdc_wdm 6-1:1.0: skipping garbage
[  463.809282][T11521] cdc_wdm 6-1:1.0: skipping garbage
[  463.811065][T11521] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  463.812709][T11521] cdc_wdm 6-1:1.0: Unknown control protocol
[  463.956629][T11845] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  464.060416][    C1] wdm_int_callback: 16 callbacks suppressed
[  464.060430][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  464.060490][T11521] usb 6-1: USB disconnect, device number 25
[  464.062003][    C1] wdm_int_callback: 16 callbacks suppressed
[  464.062012][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  464.068348][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  464.116846][T11845] usb 7-1: Using ep0 maxpacket: 8
[  464.120144][T11845] usb 7-1: config 8 has an invalid interface number: 216 but max is 0
[  464.122294][T11845] usb 7-1: config 8 has no interface number 0
[  464.123876][T11845] usb 7-1: config 8 interface 216 altsetting 16 endpoint 0xF has invalid maxpacket 512, setting to 64
[  464.127678][T11845] usb 7-1: config 8 interface 216 altsetting 16 endpoint 0x9 has invalid maxpacket 967, setting to 64
[  464.130932][T11845] usb 7-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0xF, skipping
[  464.133770][T11845] usb 7-1: config 8 interface 216 altsetting 16 bulk endpoint 0x3 has invalid maxpacket 8
[  464.136292][T11845] usb 7-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0x7, skipping
[  464.139727][T11845] usb 7-1: config 8 interface 216 has no altsetting 0
[  464.142998][T11845] usb 7-1: New USB device found, idVendor=0582, idProduct=002f, bcdDevice=5e.f8
[  464.145317][T11845] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.147740][T11845] usb 7-1: Product: syz
[  464.148173][T13371] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  464.148838][T11845] usb 7-1: Manufacturer: 赟臯퇃騥铩뵣ᑀ⃊త짳ꨓо诤ﾬㄓ㩨ᥠ䎄牬俻鋬唛얟졥覿鴫ᆕ區珼焮㇟Ꞻ룝阖癠돠霍䎹嫹鄦䡒햹魨䤨ʣ쪄᳤㌫˔뚪઀쏨芬铗錬⩀ᖣ騵霸璵䍠򴹌붵ດꃁꎢ띇萊鞅㉿틭޾ᷝﵧ᛬䰱⾳왝嚂췓誯壵煢ᣵΔƎ挨诃鴃弘銢쁳앉懼쯴漶ﳬ쏴좸
[  464.160595][T11845] usb 7-1: SerialNumber: syz
[  464.164321][T13366] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  464.373763][T11845] usb 7-1: USB disconnect, device number 26
[  465.716157][T13401] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  465.717892][T13401] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  465.720402][T13401] vhci_hcd vhci_hcd.0: Device attached
[  465.723182][T13402] vhci_hcd: cannot find the pending unlink 5
[  465.849061][T13402] vhci_hcd: connection closed
[  465.849695][ T1096] vhci_hcd: stop threads
[  465.852178][ T1096] vhci_hcd: release socket
[  465.853998][ T1096] vhci_hcd: disconnect device
[  465.897676][ T5388] vhci_hcd: vhci_device speed not set
[  466.160862][T13415] FAULT_INJECTION: forcing a failure.
[  466.160862][T13415] name failslab, interval 1, probability 0, space 0, times 0
[  466.164541][T13415] CPU: 0 UID: 0 PID: 13415 Comm: syz.2.1972 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  466.167185][T13415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  466.170048][T13415] Call Trace:
[  466.170917][T13415]  <TASK>
[  466.171685][T13415]  dump_stack_lvl+0x16c/0x1f0
[  466.172933][T13415]  should_fail_ex+0x497/0x5b0
[  466.174155][T13415]  ? fs_reclaim_acquire+0xae/0x150
[  466.175439][T13415]  should_failslab+0xc2/0x120
[  466.176656][T13415]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  466.178045][T13415]  ? radix_tree_node_alloc.constprop.0+0x7c/0x350
[  466.179695][T13415]  radix_tree_node_alloc.constprop.0+0x7c/0x350
[  466.181334][T13415]  idr_get_free+0x528/0xa40
[  466.182522][T13415]  idr_alloc_u32+0x191/0x2f0
[  466.183733][T13415]  ? __pfx_idr_alloc_u32+0x10/0x10
[  466.185061][T13415]  ? __radix_tree_lookup+0x21f/0x2c0
[  466.186365][T13415]  tcf_idr_check_alloc+0x137/0x770
[  466.187698][T13415]  ? __pfx_tcf_idr_check_alloc+0x10/0x10
[  466.189206][T13415]  tcf_ife_init+0x56b/0x14f0
[  466.190419][T13415]  ? __pfx_tcf_ife_init+0x10/0x10
[  466.191744][T13415]  ? tcf_action_init_1+0x2d4/0x6c0
[  466.193084][T13415]  tcf_action_init_1+0x45f/0x6c0
[  466.194375][T13415]  ? __pfx_tcf_action_init_1+0x10/0x10
[  466.195793][T13415]  ? tc_action_load_ops+0x187/0x430
[  466.197162][T13415]  ? __nla_parse+0x40/0x60
[  466.198325][T13415]  tcf_action_init+0x501/0x810
[  466.199579][T13415]  ? __pfx_tcf_action_init+0x10/0x10
[  466.201038][T13415]  ? __pfx_mark_lock+0x10/0x10
[  466.202302][T13415]  ? mark_lock+0xb5/0xc60
[  466.203428][T13415]  ? hlock_class+0x4e/0x130
[  466.204619][T13415]  ? hlock_class+0x4e/0x130
[  466.205814][T13415]  ? __lock_acquire+0xbdd/0x3ce0
[  466.207114][T13415]  tcf_action_add+0xfd/0x5d0
[  466.208345][T13415]  ? __pfx_tcf_action_add+0x10/0x10
[  466.209747][T13415]  ? trace_lock_acquire+0x14a/0x1d0
[  466.211114][T13415]  ? __nla_parse+0x40/0x60
[  466.212303][T13415]  tc_ctl_action+0x35d/0x470
[  466.213509][T13415]  ? __pfx_tc_ctl_action+0x10/0x10
[  466.214843][T13415]  ? rtnetlink_rcv_msg+0x35a/0xea0
[  466.216188][T13415]  ? __pfx_tc_ctl_action+0x10/0x10
[  466.217519][T13415]  rtnetlink_rcv_msg+0x3c7/0xea0
[  466.218821][T13415]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  466.220243][T13415]  ? __pfx___lock_acquire+0x10/0x10
[  466.221598][T13415]  netlink_rcv_skb+0x165/0x410
[  466.222839][T13415]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  466.224253][T13415]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  466.225625][T13415]  ? netlink_deliver_tap+0x1ae/0xcf0
[  466.227003][T13415]  netlink_unicast+0x53c/0x7f0
[  466.228258][T13415]  ? __pfx_netlink_unicast+0x10/0x10
[  466.229662][T13415]  ? __phys_addr_symbol+0x30/0x80
[  466.230970][T13415]  ? __check_object_size+0x488/0x710
[  466.232356][T13415]  netlink_sendmsg+0x8b8/0xd70
[  466.233601][T13415]  ? __pfx_netlink_sendmsg+0x10/0x10
[  466.234975][T13415]  ? lock_acquire+0x2f/0xb0
[  466.236183][T13415]  ____sys_sendmsg+0x9ae/0xb40
[  466.237433][T13415]  ? __pfx_____sys_sendmsg+0x10/0x10
[  466.238804][T13415]  ? get_compat_msghdr+0x11b/0x170
[  466.240138][T13415]  ? __pfx___lock_acquire+0x10/0x10
[  466.241482][T13415]  ___sys_sendmsg+0x135/0x1e0
[  466.242705][T13415]  ? __pfx____sys_sendmsg+0x10/0x10
[  466.244075][T13415]  ? lock_acquire+0x2f/0xb0
[  466.245261][T13415]  ? __fget_files+0x40/0x3f0
[  466.246478][T13415]  ? fdget+0x176/0x210
[  466.247545][T13415]  __sys_sendmsg+0x117/0x1f0
[  466.248800][T13415]  ? __pfx___sys_sendmsg+0x10/0x10
[  466.250132][T13415]  ? __fget_files+0x244/0x3f0
[  466.251365][T13415]  __do_fast_syscall_32+0x73/0x120
[  466.252716][T13415]  do_fast_syscall_32+0x32/0x80
[  466.253987][T13415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  466.255625][T13415] RIP: 0023:0xf7f01579
[  466.256703][T13415] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  466.261634][T13415] RSP: 002b:00000000f568656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  466.263779][T13415] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  466.265820][T13415] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  466.267859][T13415] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  466.269943][T13415] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  466.271999][T13415] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  466.274043][T13415]  </TASK>
[  466.400777][T13421] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  466.528784][T13428] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1975'.
[  466.656607][T11521] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  466.816764][T11521] usb 5-1: Using ep0 maxpacket: 8
[  466.827544][T11521] usb 5-1: config 8 has an invalid interface number: 216 but max is 0
[  466.829907][T11521] usb 5-1: config 8 has no interface number 0
[  466.831580][T11521] usb 5-1: config 8 interface 216 altsetting 16 endpoint 0xF has invalid maxpacket 512, setting to 64
[  466.835924][T11521] usb 5-1: config 8 interface 216 altsetting 16 endpoint 0x9 has invalid maxpacket 967, setting to 64
[  466.839770][T11521] usb 5-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0xF, skipping
[  466.842826][T11521] usb 5-1: config 8 interface 216 altsetting 16 bulk endpoint 0x3 has invalid maxpacket 8
[  466.846534][T11521] usb 5-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0x7, skipping
[  466.849738][T11521] usb 5-1: config 8 interface 216 has no altsetting 0
[  466.857864][T11521] usb 5-1: New USB device found, idVendor=0582, idProduct=002f, bcdDevice=5e.f8
[  466.861168][T11521] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  466.864338][T11521] usb 5-1: Product: syz
[  466.866234][T11521] usb 5-1: Manufacturer: 赟臯퇃騥铩뵣ᑀ⃊త짳ꨓо诤ﾬㄓ㩨ᥠ䎄牬俻鋬唛얟졥覿鴫ᆕ區珼焮㇟Ꞻ룝阖癠돠霍䎹嫹鄦䡒햹魨䤨ʣ쪄᳤㌫˔뚪઀쏨芬铗錬⩀ᖣ騵霸璵䍠򴹌붵ດꃁꎢ띇萊鞅㉿틭޾ᷝﵧ᛬䰱⾳왝嚂췓誯壵煢ᣵΔƎ挨诃鴃弘銢쁳앉懼쯴漶ﳬ쏴좸
[  466.876347][T11521] usb 5-1: SerialNumber: syz
[  466.887569][T13421] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  467.095732][T11521] usb 5-1: USB disconnect, device number 31
[  467.395955][T13443] loop0: detected capacity change from 0 to 7
[  467.401294][T13443] Dev loop0: unable to read RDB block 7
[  467.402685][T13443]  loop0: AHDI p2
[  467.403650][T13443] loop0: partition table partially beyond EOD, truncated
[  467.411241][   T39] kauditd_printk_skb: 4 callbacks suppressed
[  467.411250][   T39] audit: type=1326 audit(1728706369.246:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13442 comm="syz.1.1980" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73ee579 code=0x0
[  467.626104][ T4840] Dev loop0: unable to read RDB block 7
[  467.627761][ T4840]  loop0: AHDI p2
[  467.628647][ T4840] loop0: partition table partially beyond EOD, truncated
[  467.669246][   T39] audit: type=1326 audit(1728706369.506:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13447 comm="syz.0.1981" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f58579 code=0x0
[  468.781411][T13482] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  470.116679][T11521] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  470.274034][T11521] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  470.278376][T11521] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  470.280615][T11521] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  470.282684][T11521] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.290799][T13513] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  470.294029][T11521] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  470.413236][   T39] audit: type=1326 audit(1728706372.246:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13524 comm="syz.2.2001" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  470.419062][   T39] audit: type=1326 audit(1728706372.246:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13524 comm="syz.2.2001" exe="/syz-executor" sig=0 arch=40000003 syscall=40 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  470.424599][   T39] audit: type=1326 audit(1728706372.246:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13524 comm="syz.2.2001" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  470.430278][   T39] audit: type=1326 audit(1728706372.246:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13524 comm="syz.2.2001" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  470.435853][   T39] audit: type=1326 audit(1728706372.246:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13524 comm="syz.2.2001" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  470.442185][   T39] audit: type=1326 audit(1728706372.246:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13524 comm="syz.2.2001" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  470.447911][   T39] audit: type=1326 audit(1728706372.246:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13524 comm="syz.2.2001" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  470.453465][   T39] audit: type=1326 audit(1728706372.246:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13524 comm="syz.2.2001" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  470.569286][   T57] usb 5-1: USB disconnect, device number 32
[  471.936424][T13547] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  471.938162][T13547] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  471.944376][T13547] vhci_hcd vhci_hcd.0: Device attached
[  471.949715][T13548] vhci_hcd: cannot find the pending unlink 5
[  471.997945][T13548] vhci_hcd: connection closed
[  471.998142][  T999] vhci_hcd: stop threads
[  472.001315][  T999] vhci_hcd: release socket
[  472.008250][  T999] vhci_hcd: disconnect device
[  472.053902][T13554] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  472.055421][T13554] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  472.058011][T13554] vhci_hcd vhci_hcd.0: Device attached
[  472.059864][T13555] vhci_hcd: cannot find the pending unlink 5
[  472.086733][T13555] vhci_hcd: connection closed
[  472.088878][   T45] vhci_hcd: stop threads
[  472.116735][   T45] vhci_hcd: release socket
[  472.117819][   T45] vhci_hcd: disconnect device
[  472.406651][ T5170] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  472.558301][ T5170] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  472.561058][ T5170] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  472.564406][ T5170] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  472.568858][ T5170] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  472.575017][ T5170] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  472.578021][ T5170] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  472.581157][ T5170] usb 6-1: Product: syz
[  472.583355][ T5170] usb 6-1: Manufacturer: syz
[  472.593884][ T5170] cdc_wdm 6-1:1.0: skipping garbage
[  472.595806][ T5170] cdc_wdm 6-1:1.0: skipping garbage
[  472.604474][ T5170] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  472.606032][ T5170] cdc_wdm 6-1:1.0: Unknown control protocol
[  472.927256][    C1] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  472.929001][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  472.929006][   T57] usb 6-1: USB disconnect, device number 26
[  472.930538][    C1] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  473.159962][T13577] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  473.314939][T13564] Process accounting resumed
[  473.396606][T11521] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  473.438843][T13583] loop0: detected capacity change from 0 to 7
[  473.441804][T13583] Dev loop0: unable to read RDB block 7
[  473.443258][T13583]  loop0: AHDI p2
[  473.444300][T13583] loop0: partition table partially beyond EOD, truncated
[  473.453066][   T39] kauditd_printk_skb: 8 callbacks suppressed
[  473.453075][   T39] audit: type=1326 audit(1728706375.286:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13582 comm="syz.3.2014" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f30579 code=0x0
[  473.547179][T11521] usb 5-1: Using ep0 maxpacket: 8
[  473.552069][T11521] usb 5-1: config 8 has an invalid interface number: 216 but max is 0
[  473.554273][T11521] usb 5-1: config 8 has no interface number 0
[  473.556093][T11521] usb 5-1: config 8 interface 216 altsetting 16 endpoint 0xF has invalid maxpacket 512, setting to 64
[  473.559111][T11521] usb 5-1: config 8 interface 216 altsetting 16 endpoint 0x9 has invalid maxpacket 967, setting to 64
[  473.561913][T11521] usb 5-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0xF, skipping
[  473.564668][T11521] usb 5-1: config 8 interface 216 altsetting 16 bulk endpoint 0x3 has invalid maxpacket 8
[  473.568064][T11521] usb 5-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0x7, skipping
[  473.570829][T11521] usb 5-1: config 8 interface 216 has no altsetting 0
[  473.574553][T11521] usb 5-1: New USB device found, idVendor=0582, idProduct=002f, bcdDevice=5e.f8
[  473.578636][T11521] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  473.580728][T11521] usb 5-1: Product: syz
[  473.581844][T11521] usb 5-1: Manufacturer: 赟臯퇃騥铩뵣ᑀ⃊త짳ꨓо诤ﾬㄓ㩨ᥠ䎄牬俻鋬唛얟졥覿鴫ᆕ區珼焮㇟Ꞻ룝阖癠돠霍䎹嫹鄦䡒햹魨䤨ʣ쪄᳤㌫˔뚪઀쏨芬铗錬⩀ᖣ騵霸璵䍠򴹌붵ດꃁꎢ띇萊鞅㉿틭޾ᷝﵧ᛬䰱⾳왝嚂췓誯壵煢ᣵΔƎ挨诃鴃弘銢쁳앉懼쯴漶ﳬ쏴좸
[  473.590867][T11521] usb 5-1: SerialNumber: syz
[  473.802821][T11521] usb 5-1: USB disconnect, device number 33
[  474.111564][T13606] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  474.113307][T13606] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  474.115604][T13606] vhci_hcd vhci_hcd.0: Device attached
[  474.120690][T13607] vhci_hcd: cannot find the pending unlink 5
[  474.152769][T13607] vhci_hcd: connection closed
[  474.153165][   T11] vhci_hcd: stop threads
[  474.155755][   T11] vhci_hcd: release socket
[  474.158988][   T11] vhci_hcd: disconnect device
[  475.016561][   T57] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  475.188681][   T57] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  475.191741][   T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  475.194677][   T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  475.197541][   T57] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  475.200743][   T57] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  475.203035][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.208685][   T57] usb 7-1: config 0 descriptor??
[  475.210443][T13634] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  475.228698][T13635] Process accounting resumed
[  475.617789][   T57] plantronics 0003:047F:FFFF.000A: unknown main item tag 0xd
[  475.620386][   T57] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  475.624545][   T57] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  475.823626][T13633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  475.831024][T13633] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  477.016667][ T5388] usb 7-1: reset high-speed USB device number 27 using dummy_hcd
[  477.166690][ T5388] usb 7-1: device descriptor read/64, error -32
[  477.686746][ T5388] usb 7-1: reset high-speed USB device number 27 using dummy_hcd
[  477.826557][ T5388] usb 7-1: device descriptor read/64, error -32
[  478.066625][ T5388] usb 7-1: reset high-speed USB device number 27 using dummy_hcd
[  478.106778][ T5388] usb 7-1: device descriptor read/8, error -32
[  478.324576][ T5170] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  478.487760][ T5170] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  478.491058][ T5170] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 109, changing to 10
[  478.494664][ T5170] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 42584, setting to 1024
[  478.498431][ T5170] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  478.501337][ T5170] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.505157][T13704] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  478.509842][ T5170] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  478.538480][ T5388] usb 7-1: reset high-speed USB device number 27 using dummy_hcd
[  478.556994][ T5388] usb 7-1: device descriptor read/8, error -32
[  478.666869][ T5388] raw-gadget.0 gadget.2: failed to queue suspend event
[  478.672040][   T57] usb 7-1: USB disconnect, device number 27
[  478.678996][   T57] raw-gadget.0 gadget.2: failed to queue reset event
[  478.711725][ T5170] usb 6-1: USB disconnect, device number 27
[  478.746654][   T57] raw-gadget.0 gadget.2: failed to queue resume event
[  478.806695][   T57] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  478.809645][    C3] raw-gadget.0 gadget.2: ignoring, device is not running
[  478.812255][   T57] raw-gadget.0 gadget.2: failed to queue reset event
[  478.887030][   T57] raw-gadget.0 gadget.2: failed to queue resume event
[  478.946640][   T57] usb 7-1: device descriptor read/64, error -32
[  479.071820][   T57] raw-gadget.0 gadget.2: failed to queue suspend event
[  479.074706][   T57] raw-gadget.0 gadget.2: failed to queue reset event
[  479.138098][   T66] Bluetooth: hci2: SCO packet for unknown connection handle 1
[  479.147097][   T57] raw-gadget.0 gadget.2: failed to queue resume event
[  479.219163][   T57] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[  479.221680][    C3] raw-gadget.0 gadget.2: ignoring, device is not running
[  479.234684][   T57] raw-gadget.0 gadget.2: failed to queue reset event
[  479.306707][   T57] raw-gadget.0 gadget.2: failed to queue resume event
[  479.376703][   T57] usb 7-1: device descriptor read/64, error -32
[  479.489970][   T57] raw-gadget.0 gadget.2: failed to queue suspend event
[  479.493186][   T57] usb usb7-port1: attempt power cycle
[  479.494568][   T57] raw-gadget.0 gadget.2: failed to queue disconnect event
[  479.498951][   T57] raw-gadget.0 gadget.2: failed to queue reset event
[  479.566624][   T57] raw-gadget.0 gadget.2: failed to queue resume event
[  479.568660][   T57] raw-gadget.0 gadget.2: failed to queue reset event
[  479.746619][ T5388] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  479.776643][   T57] raw-gadget.0 gadget.2: failed to queue resume event
[  479.846561][   T57] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[  479.876843][    C3] raw-gadget.0 gadget.2: ignoring, device is not running
[  479.878712][   T57] usb 7-1: device descriptor read/8, error -32
[  479.897865][ T5388] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  479.900205][ T5388] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  479.902769][ T5388] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  479.956573][ T5388] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  479.974200][ T5388] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  479.976716][ T5388] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  479.978795][ T5388] usb 6-1: Product: syz
[  479.981497][ T5388] usb 6-1: Manufacturer: syz
[  479.986567][   T57] raw-gadget.0 gadget.2: failed to queue suspend event
[  479.988546][   T57] raw-gadget.0 gadget.2: failed to queue reset event
[  479.990388][ T5388] cdc_wdm 6-1:1.0: skipping garbage
[  479.992050][ T5388] cdc_wdm 6-1:1.0: skipping garbage
[  479.994121][ T5388] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  479.995711][ T5388] cdc_wdm 6-1:1.0: Unknown control protocol
[  480.056780][   T57] raw-gadget.0 gadget.2: failed to queue resume event
[  480.116587][   T57] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  480.138048][    C3] raw-gadget.0 gadget.2: ignoring, device is not running
[  480.144297][   T57] usb 7-1: device descriptor read/8, error -32
[  480.167805][T13758] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2058'.
[  480.170103][T13758] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2058'.
[  480.172297][T13758] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2058'.
[  480.174454][T13758] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2058'.
[  480.238640][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  480.240375][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  480.242105][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  480.243800][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  480.245540][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  480.247224][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  480.248913][ T5388] usb 6-1: USB disconnect, device number 28
[  480.248967][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  480.252149][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  480.253672][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  480.258241][T13770] netlink: 'syz.3.2060': attribute type 9 has an invalid length.
[  480.259102][   T57] raw-gadget.0 gadget.2: failed to queue suspend event
[  480.260252][T13770] netlink: 399 bytes leftover after parsing attributes in process `syz.3.2060'.
[  480.262047][   T57] usb usb7-port1: unable to enumerate USB device
[  480.369799][T13776] netlink: 5296 bytes leftover after parsing attributes in process `syz.2.2062'.
[  480.454245][T13778] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  480.858517][T13783] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  481.097604][ T5388] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  481.126574][T13794] FAULT_INJECTION: forcing a failure.
[  481.126574][T13794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  481.129924][T13794] CPU: 0 UID: 0 PID: 13794 Comm: syz.2.2067 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  481.132600][T13794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  481.135213][T13794] Call Trace:
[  481.136060][T13794]  <TASK>
[  481.136797][T13794]  dump_stack_lvl+0x16c/0x1f0
[  481.137982][T13794]  should_fail_ex+0x497/0x5b0
[  481.139164][T13794]  _copy_to_user+0x30/0xc0
[  481.140282][T13794]  simple_read_from_buffer+0xd0/0x160
[  481.141600][T13794]  proc_fail_nth_read+0x198/0x270
[  481.142986][T13794]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  481.144798][T13794]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  481.146723][T13794]  vfs_read+0x1ce/0xbd0
[  481.147933][T13794]  ? __fget_files+0x23a/0x3f0
[  481.149101][T13794]  ? fdget_pos+0x24c/0x360
[  481.150199][T13794]  ? __pfx_lock_release+0x10/0x10
[  481.151458][T13794]  ? trace_lock_acquire+0x14a/0x1d0
[  481.152865][T13794]  ? __pfx_vfs_read+0x10/0x10
[  481.154542][T13794]  ? __pfx___mutex_lock+0x10/0x10
[  481.155903][T13794]  ? __fget_files+0x244/0x3f0
[  481.157100][T13794]  ksys_read+0x12f/0x260
[  481.158140][T13794]  ? __pfx_ksys_read+0x10/0x10
[  481.159336][T13794]  __do_fast_syscall_32+0x73/0x120
[  481.160585][T13794]  do_fast_syscall_32+0x32/0x80
[  481.161798][T13794]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  481.163763][T13794] RIP: 0023:0xf7f01579
[  481.165216][T13794] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  481.170009][T13794] RSP: 002b:00000000f56655a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  481.172113][T13794] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00000000f5665620
[  481.174129][T13794] RDX: 000000000000000f RSI: 00000000f738bff4 RDI: 0000000000000000
[  481.176098][T13794] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  481.178085][T13794] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  481.180091][T13794] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  481.182106][T13794]  </TASK>
[  481.330203][ T5388] usb 6-1: Using ep0 maxpacket: 8
[  481.334060][ T5388] usb 6-1: config 8 has an invalid interface number: 216 but max is 0
[  481.336131][ T5388] usb 6-1: config 8 has no interface number 0
[  481.337719][ T5388] usb 6-1: config 8 interface 216 altsetting 16 endpoint 0xF has invalid maxpacket 512, setting to 64
[  481.340403][ T5388] usb 6-1: config 8 interface 216 altsetting 16 endpoint 0x9 has invalid maxpacket 967, setting to 64
[  481.343072][ T5388] usb 6-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0xF, skipping
[  481.345987][ T5388] usb 6-1: config 8 interface 216 altsetting 16 bulk endpoint 0x3 has invalid maxpacket 8
[  481.348546][ T5388] usb 6-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0x7, skipping
[  481.351109][ T5388] usb 6-1: config 8 interface 216 has no altsetting 0
[  481.364042][ T5388] usb 6-1: New USB device found, idVendor=0582, idProduct=002f, bcdDevice=5e.f8
[  481.366382][ T5388] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  481.368612][ T5388] usb 6-1: Product: syz
[  481.369687][ T5388] usb 6-1: Manufacturer: 赟臯퇃騥铩뵣ᑀ⃊త짳ꨓо诤ﾬㄓ㩨ᥠ䎄牬俻鋬唛얟졥覿鴫ᆕ區珼焮㇟Ꞻ룝阖癠돠霍䎹嫹鄦䡒햹魨䤨ʣ쪄᳤㌫˔뚪઀쏨芬铗錬⩀ᖣ騵霸璵䍠򴹌붵ດꃁꎢ띇萊鞅㉿틭޾ᷝﵧ᛬䰱⾳왝嚂췓誯壵煢ᣵΔƎ挨诃鴃弘銢쁳앉懼쯴漶ﳬ쏴좸
[  481.377677][ T5388] usb 6-1: SerialNumber: syz
[  481.626954][T11521] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  481.659704][ T5388] usb 6-1: USB disconnect, device number 29
[  481.980712][T11521] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  481.982905][T11521] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  481.985366][T11521] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  481.987662][T11521] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  481.991468][T11521] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  481.993762][T11521] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  481.995758][T11521] usb 5-1: Product: syz
[  481.997074][T11521] usb 5-1: Manufacturer: syz
[  482.004389][T11521] cdc_wdm 5-1:1.0: skipping garbage
[  482.005739][T11521] cdc_wdm 5-1:1.0: skipping garbage
[  482.007614][T11521] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  482.009185][T11521] cdc_wdm 5-1:1.0: Unknown control protocol
[  482.150509][T13827] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2077'.
[  482.152931][T13827] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2077'.
[  482.155290][T13827] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2077'.
[  482.158000][T13827] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2077'.
[  482.175672][T13830] netlink: 'syz.3.2078': attribute type 1 has an invalid length.
[  482.266712][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  482.266822][T11521] usb 5-1: USB disconnect, device number 34
[  482.268228][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  482.271153][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  483.164123][T13859] FAULT_INJECTION: forcing a failure.
[  483.164123][T13859] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  483.173909][T13859] CPU: 3 UID: 0 PID: 13859 Comm: syz.1.2085 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  483.176721][T13859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  483.179509][T13859] Call Trace:
[  483.180399][T13859]  <TASK>
[  483.181156][T13859]  dump_stack_lvl+0x16c/0x1f0
[  483.182317][T13859]  should_fail_ex+0x497/0x5b0
[  483.183495][T13859]  _copy_from_user+0x30/0xf0
[  483.184709][T13859]  __do_sys_add_key+0x22d/0x460
[  483.185910][T13859]  ? __pfx___do_sys_add_key+0x10/0x10
[  483.187238][T13859]  ? ksys_write+0x1ad/0x260
[  483.188544][T13859]  __do_fast_syscall_32+0x73/0x120
[  483.189959][T13859]  do_fast_syscall_32+0x32/0x80
[  483.191222][T13859]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  483.192874][T13859] RIP: 0023:0xf73ee579
[  483.193919][T13859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  483.198619][T13859] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 000000000000011e
[  483.201368][T13859] RAX: ffffffffffffffda RBX: 0000000020000140 RCX: 0000000000000000
[  483.203321][T13859] RDX: 0000000020000380 RSI: 000000000000001d RDI: 00000000fffffffe
[  483.205277][T13859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  483.207186][T13859] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  483.209099][T13859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  483.210959][T13859]  </TASK>
[  484.215321][T13900] netlink: 'syz.0.2096': attribute type 2 has an invalid length.
[  484.582342][T13908] syz.2.2098 (13908): drop_caches: 2
[  484.877930][T13915] hugetlbfs: Bad value 'p' for mount option 'size'
[  484.877930][T13915] 
[  486.001072][T13936] netlink: 'syz.2.2105': attribute type 1 has an invalid length.
[  486.004670][T13936] __nla_validate_parse: 3 callbacks suppressed
[  486.004678][T13936] netlink: 636 bytes leftover after parsing attributes in process `syz.2.2105'.
[  486.929168][T13962] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2110'.
[  487.016874][T13976] vivid-007: disconnect
[  487.163595][T13979] random: crng reseeded on system resumption
[  487.219892][T13985] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  487.221649][T13985] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  487.224091][T13979] Restarting kernel threads ... 
[  487.225082][T13985] vhci_hcd vhci_hcd.0: Device attached
[  487.225716][T13979] done.
[  487.227879][T13986] vhci_hcd: cannot find the pending unlink 5
[  487.431365][T13986] vhci_hcd: connection closed
[  487.431673][  T999] vhci_hcd: stop threads
[  487.434223][  T999] vhci_hcd: release socket
[  487.435502][  T999] vhci_hcd: disconnect device
[  487.478204][T11521] usb 13-1: new high-speed USB device number 11 using vhci_hcd
[  487.480304][T11521] usb 13-1: enqueue for inactive port 0
[  487.546714][T11521] vhci_hcd: vhci_device speed not set
[  487.882389][T13975] vivid-007: reconnect
[  488.069171][T14011] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.2122'.
[  489.162592][T14043] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  489.164339][T14043] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  489.166379][T14043] vhci_hcd vhci_hcd.0: Device attached
[  489.168961][T14044] vhci_hcd: cannot find the pending unlink 5
[  489.213851][T14044] vhci_hcd: connection closed
[  489.214096][ T1104] vhci_hcd: stop threads
[  489.218049][ T1104] vhci_hcd: release socket
[  489.219552][ T1104] vhci_hcd: disconnect device
[  490.477085][T14098] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  490.481678][T14098] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  490.683180][T14104] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  490.684929][T14104] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  490.688299][T14104] vhci_hcd vhci_hcd.0: Device attached
[  490.692961][T14105] vhci_hcd: cannot find the pending unlink 5
[  490.734853][T14105] vhci_hcd: connection closed
[  490.735204][   T45] vhci_hcd: stop threads
[  490.738851][   T45] vhci_hcd: release socket
[  490.740485][   T45] vhci_hcd: disconnect device
[  492.362733][T14126] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  493.329643][T14141] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  493.331378][T14141] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  493.334363][T14141] vhci_hcd vhci_hcd.0: Device attached
[  493.337270][T14142] vhci_hcd: cannot find the pending unlink 5
[  493.369043][T14142] vhci_hcd: connection closed
[  493.369194][ T1104] vhci_hcd: stop threads
[  493.371553][ T1104] vhci_hcd: release socket
[  493.372722][ T1104] vhci_hcd: disconnect device
[  494.174863][T14173] FAULT_INJECTION: forcing a failure.
[  494.174863][T14173] name failslab, interval 1, probability 0, space 0, times 0
[  494.184177][T14173] CPU: 3 UID: 0 PID: 14173 Comm: syz.1.2161 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  494.186995][T14173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  494.189759][T14173] Call Trace:
[  494.190629][T14173]  <TASK>
[  494.191402][T14173]  dump_stack_lvl+0x16c/0x1f0
[  494.192662][T14173]  should_fail_ex+0x497/0x5b0
[  494.193894][T14173]  ? fs_reclaim_acquire+0xae/0x150
[  494.195239][T14173]  should_failslab+0xc2/0x120
[  494.196487][T14173]  __kmalloc_cache_noprof+0x6b/0x310
[  494.197869][T14173]  ? alloc_fs_context+0x57/0x9c0
[  494.199167][T14173]  alloc_fs_context+0x57/0x9c0
[  494.200419][T14173]  path_mount+0xbfb/0x1f10
[  494.201598][T14173]  ? kmem_cache_free+0x152/0x4b0
[  494.202883][T14173]  ? __pfx_path_mount+0x10/0x10
[  494.204156][T14173]  ? putname+0x12e/0x170
[  494.205317][T14173]  __ia32_sys_mount+0x292/0x310
[  494.206772][T14173]  ? __pfx___ia32_sys_mount+0x10/0x10
[  494.208506][T14173]  __do_fast_syscall_32+0x73/0x120
[  494.209977][T14173]  do_fast_syscall_32+0x32/0x80
[  494.211372][T14173]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  494.213066][T14173] RIP: 0023:0xf73ee579
[  494.214138][T14173] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  494.219146][T14173] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  494.221321][T14173] RAX: ffffffffffffffda RBX: 0000000020000340 RCX: 0000000020000080
[  494.223470][T14173] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000020000040
[  494.225660][T14173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  494.227978][T14173] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  494.230134][T14173] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  494.232202][T14173]  </TASK>
[  494.352549][T14177] syz.1.2162 (14177): drop_caches: 2
[  494.405623][T14179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  494.409442][T14179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  494.586673][ T5355] Bluetooth: hci2: command 0x0405 tx timeout
[  495.317696][T14183] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  495.319815][T14183] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  495.322437][T14183] vhci_hcd vhci_hcd.0: Device attached
[  495.324675][T14184] vhci_hcd: cannot find the pending unlink 5
[  495.365024][T14184] vhci_hcd: connection closed
[  495.365249][ T1104] vhci_hcd: stop threads
[  495.368808][ T1104] vhci_hcd: release socket
[  495.370083][ T1104] vhci_hcd: disconnect device
[  496.161170][T14208] overlayfs: overlapping lowerdir path
[  496.853676][T14224] hugetlbfs: Bad value 'p' for mount option 'size'
[  496.853676][T14224] 
[  497.196223][T14231] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  497.198013][T14231] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  497.202703][T14231] vhci_hcd vhci_hcd.0: Device attached
[  497.204842][T14232] vhci_hcd: cannot find the pending unlink 5
[  497.266230][T14232] vhci_hcd: connection closed
[  497.268251][  T999] vhci_hcd: stop threads
[  497.270617][  T999] vhci_hcd: release socket
[  497.271805][  T999] vhci_hcd: disconnect device
[  497.648252][T14245] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  497.896647][T11845] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  498.056618][T11845] usb 6-1: Using ep0 maxpacket: 8
[  498.062029][T11845] usb 6-1: config 8 has an invalid interface number: 216 but max is 0
[  498.065145][T11845] usb 6-1: config 8 has no interface number 0
[  498.068276][T11845] usb 6-1: config 8 interface 216 altsetting 16 endpoint 0xF has invalid maxpacket 512, setting to 64
[  498.072265][T11845] usb 6-1: config 8 interface 216 altsetting 16 endpoint 0x9 has invalid maxpacket 967, setting to 64
[  498.076117][T11845] usb 6-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0xF, skipping
[  498.080193][T11845] usb 6-1: config 8 interface 216 altsetting 16 bulk endpoint 0x3 has invalid maxpacket 8
[  498.082779][T11845] usb 6-1: config 8 interface 216 altsetting 16 has a duplicate endpoint with address 0x7, skipping
[  498.085616][T11845] usb 6-1: config 8 interface 216 has no altsetting 0
[  498.089486][T11845] usb 6-1: New USB device found, idVendor=0582, idProduct=002f, bcdDevice=5e.f8
[  498.092003][T11845] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.094057][T11845] usb 6-1: Product: syz
[  498.095148][T11845] usb 6-1: Manufacturer: 赟臯퇃騥铩뵣ᑀ⃊త짳ꨓо诤ﾬㄓ㩨ᥠ䎄牬俻鋬唛얟졥覿鴫ᆕ區珼焮㇟Ꞻ룝阖癠돠霍䎹嫹鄦䡒햹魨䤨ʣ쪄᳤㌫˔뚪઀쏨芬铗錬⩀ᖣ騵霸璵䍠򴹌붵ດꃁꎢ띇萊鞅㉿틭޾ᷝﵧ᛬䰱⾳왝嚂췓誯壵煢ᣵΔƎ挨诃鴃弘銢쁳앉懼쯴漶ﳬ쏴좸
[  498.103539][T11845] usb 6-1: SerialNumber: syz
[  498.107874][T14245] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  498.317861][T11845] usb 6-1: USB disconnect, device number 30
[  498.894166][T14253] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  498.895902][T14253] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  498.898795][T14253] vhci_hcd vhci_hcd.0: Device attached
[  498.903176][T14254] vhci_hcd: cannot find the pending unlink 5
[  498.952001][T14254] vhci_hcd: connection closed
[  498.952822][  T999] vhci_hcd: stop threads
[  498.955243][  T999] vhci_hcd: release socket
[  498.956467][  T999] vhci_hcd: disconnect device
[  499.105215][T14260] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2181'.
[  499.111835][T14260] batman_adv: batadv1: Adding interface: netdevsim0
[  499.113556][T14260] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  499.120308][T14260] batman_adv: batadv1: Not using interface netdevsim0 (retrying later): interface not active
[  499.911508][ T5355] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  499.916805][ T5355] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  499.920105][ T5355] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  499.925469][ T5355] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  499.928623][ T5355] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  499.930583][ T5355] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  499.939854][T14274] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  500.017912][T14276] chnl_net:caif_netlink_parms(): no params data found
[  500.056796][T14282] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  500.058567][T14282] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  500.061203][T14282] vhci_hcd vhci_hcd.0: Device attached
[  500.063277][T14283] vhci_hcd: cannot find the pending unlink 5
[  500.110251][T14283] vhci_hcd: connection closed
[  500.110385][ T1104] vhci_hcd: stop threads
[  500.112883][ T1104] vhci_hcd: release socket
[  500.114061][ T1104] vhci_hcd: disconnect device
[  500.138056][T14276] bridge0: port 1(bridge_slave_0) entered blocking state
[  500.140017][T14276] bridge0: port 1(bridge_slave_0) entered disabled state
[  500.141948][T14276] bridge_slave_0: entered allmulticast mode
[  500.144010][T14276] bridge_slave_0: entered promiscuous mode
[  500.146727][T14276] bridge0: port 2(bridge_slave_1) entered blocking state
[  500.148623][T14276] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.150668][T14276] bridge_slave_1: entered allmulticast mode
[  500.152701][T14276] bridge_slave_1: entered promiscuous mode
[  500.170090][T14292] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2187'.
[  500.174923][T14276] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  500.179923][T14276] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  500.213309][T14276] team0: Port device team_slave_0 added
[  500.216441][T14276] team0: Port device team_slave_1 added
[  500.242400][T14276] batman_adv: batadv0: Adding interface: batadv_slave_0
[  500.244805][T14276] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  500.254032][T14276] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  500.261521][T14276] batman_adv: batadv0: Adding interface: batadv_slave_1
[  500.263953][T14276] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  500.272879][T14276] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  500.299505][T14276] hsr_slave_0: entered promiscuous mode
[  500.301895][T14276] hsr_slave_1: entered promiscuous mode
[  500.304406][T14276] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  500.313066][T14276] Cannot create hsr debugfs directory
[  500.747975][ T1373] ieee802154 phy0 wpan0: encryption failed: -22
[  500.749717][ T1373] ieee802154 phy1 wpan1: encryption failed: -22
[  500.806953][T14276] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  500.812971][T14276] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  500.819678][T14276] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  500.830455][T14276] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  500.841061][T14276] bridge0: port 2(bridge_slave_1) entered blocking state
[  500.843023][T14276] bridge0: port 2(bridge_slave_1) entered forwarding state
[  500.845963][T14276] bridge0: port 1(bridge_slave_0) entered blocking state
[  500.847940][T14276] bridge0: port 1(bridge_slave_0) entered forwarding state
[  500.869502][T14276] 8021q: adding VLAN 0 to HW filter on device bond0
[  500.883901][  T999] bridge0: port 1(bridge_slave_0) entered disabled state
[  500.889000][  T999] bridge0: port 2(bridge_slave_1) entered disabled state
[  500.912517][T14276] 8021q: adding VLAN 0 to HW filter on device team0
[  500.917107][  T999] bridge0: port 1(bridge_slave_0) entered blocking state
[  500.918877][  T999] bridge0: port 1(bridge_slave_0) entered forwarding state
[  500.923521][  T999] bridge0: port 2(bridge_slave_1) entered blocking state
[  500.925244][  T999] bridge0: port 2(bridge_slave_1) entered forwarding state
[  501.025004][T14276] 8021q: adding VLAN 0 to HW filter on device batadv0
[  501.059420][T14276] veth0_vlan: entered promiscuous mode
[  501.063243][T14276] veth1_vlan: entered promiscuous mode
[  501.073313][T14276] veth0_macvtap: entered promiscuous mode
[  501.080666][T14276] veth1_macvtap: entered promiscuous mode
[  501.090730][T14276] batman_adv: batadv0: Interface activated: batadv_slave_0
[  501.096711][T14276] batman_adv: batadv0: Interface activated: batadv_slave_1
[  501.100375][T14276] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  501.102633][T14276] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  501.104892][T14276] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  501.111295][T14276] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  501.146376][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.150074][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.159587][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.162876][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.956634][   T66] Bluetooth: hci3: command tx timeout
[  502.639007][T14323] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2193'.
[  502.644393][T14323] ip6gretap0: entered promiscuous mode
[  502.647519][T14322] vivid-007: disconnect
[  502.724691][T14324] random: crng reseeded on system resumption
[  502.764826][T14324] Restarting kernel threads ... done.
[  503.492397][T14321] vivid-007: reconnect
[  504.036648][   T66] Bluetooth: hci3: command 0x041b tx timeout
[  504.136144][T14339] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  504.137889][T14339] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  504.141163][T14339] vhci_hcd vhci_hcd.0: Device attached
[  504.143424][T14340] vhci_hcd: cannot find the pending unlink 5
[  504.167369][T14346] 9pnet_fd: Insufficient options for proto=fd
[  504.189282][T14340] vhci_hcd: connection closed
[  504.191392][   T45] vhci_hcd: stop threads
[  504.193885][   T45] vhci_hcd: release socket
[  504.195046][   T45] vhci_hcd: disconnect device
[  504.650488][T14357] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  506.106643][ T5355] Bluetooth: hci3: command 0x041b tx timeout
[  506.396626][T11518] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  506.558685][T14386] netlink: 'syz.2.2210': attribute type 9 has an invalid length.
[  506.561421][T14386] netlink: 399 bytes leftover after parsing attributes in process `syz.2.2210'.
[  507.256744][T11518] usb 6-1: unable to get BOS descriptor or descriptor too short
[  507.258820][T11518] usb 6-1: too many configurations: 116, using maximum allowed: 8
[  507.261980][T11518] usb 6-1: unable to read config index 0 descriptor/start: -71
[  507.264031][T11518] usb 6-1: can't read configurations, error -71
[  507.337612][T14394] vlan2: entered promiscuous mode
[  507.339823][T14394] erspan0: entered promiscuous mode
[  507.341257][T14394] vlan2: entered allmulticast mode
[  507.342616][T14394] erspan0: entered allmulticast mode
[  507.499556][T14401] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  507.503022][T14401] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  508.196560][ T5355] Bluetooth: hci3: command 0x041b tx timeout
[  509.007817][T14438] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  509.786564][    T9] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  509.957028][    T8] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  510.137922][    T8] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  510.140896][    T8] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  510.143496][    T8] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  510.146717][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.150447][T14450] raw-gadget.4 gadget.1: fail, usb_ep_enable returned -22
[  510.155060][    T8] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  510.266762][ T5355] Bluetooth: hci3: command 0x041b tx timeout
[  510.406993][ T5170] usb 6-1: USB disconnect, device number 33
[  510.669808][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  510.681060][    T9] usb 5-1: too many configurations: 116, using maximum allowed: 8
[  510.685371][    T9] usb 5-1: unable to read config index 0 descriptor/start: -71
[  510.688027][    T9] usb 5-1: can't read configurations, error -71
[  513.096667][ T5170] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  513.277811][ T5170] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  513.280092][ T5170] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  513.282732][ T5170] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  513.285018][ T5170] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  513.290106][ T5170] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  513.292725][ T5170] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  513.294896][ T5170] usb 6-1: Product: syz
[  513.296022][ T5170] usb 6-1: Manufacturer: syz
[  513.306762][ T5170] cdc_wdm 6-1:1.0: skipping garbage
[  513.308152][ T5170] cdc_wdm 6-1:1.0: skipping garbage
[  513.314010][ T5170] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  513.315713][ T5170] cdc_wdm 6-1:1.0: Unknown control protocol
[  513.576109][    C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  513.576706][ T5419] usb 6-1: USB disconnect, device number 34
[  513.577957][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  513.577969][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  513.639926][T14517] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  513.644135][T14517] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  515.553276][T14555] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2256'.
[  515.561085][T14555] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2256'.
[  515.634418][T14559] netlink: 'syz.0.2257': attribute type 3 has an invalid length.
[  515.638393][T14559] netlink: 'syz.0.2257': attribute type 1 has an invalid length.
[  515.641126][T14559] netlink: 220 bytes leftover after parsing attributes in process `syz.0.2257'.
[  515.831105][T14564] netlink: 'syz.0.2259': attribute type 1 has an invalid length.
[  515.849287][T14564] bond1 (unregistering): Released all slaves
[  516.017981][T14575] erspan0: left allmulticast mode
[  516.019346][T14575] erspan0: left promiscuous mode
[  516.041093][T14575] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.043129][T14575] bridge0: port 1(bridge_slave_0) entered disabled state
[  516.069928][T14577] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  516.071672][T14577] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  516.074143][T14577] vhci_hcd vhci_hcd.0: Device attached
[  516.078297][T14578] vhci_hcd: cannot find the pending unlink 5
[  516.243914][T14575] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  516.271242][T14575] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  516.306619][   T57] usb 13-1: new high-speed USB device number 12 using vhci_hcd
[  516.372704][T14575] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  516.374927][T14575] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  516.378109][T14575] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  516.381122][T14575] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  516.440098][T14578] vhci_hcd: connection reset by peer
[  516.441659][ T1096] vhci_hcd: stop threads
[  516.442782][ T1096] vhci_hcd: release socket
[  516.444087][ T1096] vhci_hcd: disconnect device
[  518.081007][T14653] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2283'.
[  518.084772][T14653] netem: invalid attributes len -1
[  518.086107][T14653] netem: change failed
[  520.856227][T14713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  520.861090][T14713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  521.134595][T14726] netlink: 'syz.1.2301': attribute type 21 has an invalid length.
[  521.456623][   T57] vhci_hcd: vhci_device speed not set
[  523.428127][T14762] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2309'.
[  525.157080][   T57] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  525.328315][   T57] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  525.519406][   T57] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  525.522024][   T57] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  525.524305][   T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  525.528223][   T57] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  525.530570][   T57] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  525.532592][   T57] usb 6-1: Product: syz
[  525.533661][   T57] usb 6-1: Manufacturer: syz
[  525.541447][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  525.542822][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  525.546759][   T57] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  525.548305][   T57] cdc_wdm 6-1:1.0: Unknown control protocol
[  525.795982][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  525.796365][ T5170] usb 6-1: USB disconnect, device number 35
[  525.798130][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  525.798142][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  525.980327][T14823] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  525.983936][T14823] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  526.727895][T14854] FAULT_INJECTION: forcing a failure.
[  526.727895][T14854] name failslab, interval 1, probability 0, space 0, times 0
[  526.731253][T14854] CPU: 0 UID: 0 PID: 14854 Comm: syz.2.2338 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  526.734059][T14854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  526.736878][T14854] Call Trace:
[  526.737762][T14854]  <TASK>
[  526.738548][T14854]  dump_stack_lvl+0x16c/0x1f0
[  526.739819][T14854]  should_fail_ex+0x497/0x5b0
[  526.741066][T14854]  ? fs_reclaim_acquire+0xae/0x150
[  526.742417][T14854]  should_failslab+0xc2/0x120
[  526.743680][T14854]  __kmalloc_noprof+0xcb/0x410
[  526.744951][T14854]  ? __pfx_d_absolute_path+0x10/0x10
[  526.746350][T14854]  tomoyo_encode2+0x100/0x3e0
[  526.747614][T14854]  tomoyo_realpath_from_path+0x1a7/0x710
[  526.749055][T14854]  tomoyo_path_number_perm+0x245/0x5b0
[  526.750442][T14854]  ? tomoyo_path_number_perm+0x232/0x5b0
[  526.751923][T14854]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  526.753475][T14854]  ? trace_lock_acquire+0x14a/0x1d0
[  526.754847][T14854]  ? lock_acquire+0x2f/0xb0
[  526.756043][T14854]  ? __fget_files+0x40/0x3f0
[  526.757258][T14854]  ? __fget_files+0x244/0x3f0
[  526.758499][T14854]  security_file_ioctl_compat+0x9b/0x240
[  526.759960][T14854]  __do_compat_sys_ioctl+0x52/0x2b0
[  526.761292][T14854]  __do_fast_syscall_32+0x73/0x120
[  526.762602][T14854]  do_fast_syscall_32+0x32/0x80
[  526.763852][T14854]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  526.765486][T14854] RIP: 0023:0xf7f01579
[  526.766553][T14854] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  526.771383][T14854] RSP: 002b:00000000f568656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  526.773484][T14854] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004610
[  526.775513][T14854] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000
[  526.777539][T14854] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  526.779589][T14854] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  526.781630][T14854] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  526.783665][T14854]  </TASK>
[  526.784605][    C0] vkms_vblank_simulate: vblank timer overrun
[  526.787269][T14854] ERROR: Out of memory at tomoyo_realpath_from_path.
[  528.224965][T14888] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  528.454054][T14901] netlink: 'syz.2.2352': attribute type 10 has an invalid length.
[  528.456179][T14901] bridge0: port 3(team0) entered blocking state
[  528.457985][T14901] bridge0: port 3(team0) entered disabled state
[  528.459689][T14901] team0: entered allmulticast mode
[  528.461026][T14901] team_slave_0: entered allmulticast mode
[  528.462504][T14901] team_slave_1: entered allmulticast mode
[  528.464827][T14901] team0: entered promiscuous mode
[  528.466181][T14901] team_slave_0: entered promiscuous mode
[  528.470427][T14901] team_slave_1: entered promiscuous mode
[  528.558994][ T5709] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  528.615022][   T39] audit: type=1800 audit(1728706430.446:602): pid=14899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2352" name="/" dev="fuse" ino=1 res=0 errno=0
[  529.434791][ T5709] usb 6-1: unable to get BOS descriptor or descriptor too short
[  529.439666][ T5709] usb 6-1: too many configurations: 116, using maximum allowed: 8
[  529.446042][ T5709] usb 6-1: unable to read config index 0 descriptor/start: -71
[  529.448716][ T5709] usb 6-1: can't read configurations, error -71
[  530.722131][T14931] FAULT_INJECTION: forcing a failure.
[  530.722131][T14931] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  530.727406][T14931] CPU: 1 UID: 0 PID: 14931 Comm: syz.0.2359 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  530.731021][T14931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  530.734789][T14931] Call Trace:
[  530.735938][T14931]  <TASK>
[  530.736955][T14931]  dump_stack_lvl+0x16c/0x1f0
[  530.738584][T14931]  should_fail_ex+0x497/0x5b0
[  530.740281][T14931]  ? fs_reclaim_acquire+0xae/0x150
[  530.742056][T14931]  should_fail_alloc_page+0xe7/0x130
[  530.743888][T14931]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  530.746009][T14931]  ? mark_lock+0xb5/0xc60
[  530.747502][T14931]  __alloc_pages_noprof+0x190/0x25a0
[  530.749302][T14931]  ? __pfx_mark_lock+0x10/0x10
[  530.750957][T14931]  ? hlock_class+0x4e/0x130
[  530.752528][T14931]  ? __lock_acquire+0xbdd/0x3ce0
[  530.754209][T14931]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  530.756159][T14931]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  530.758187][T14931]  ? policy_nodemask+0xea/0x4e0
[  530.759851][T14931]  alloc_pages_mpol_noprof+0x2c9/0x610
[  530.761767][T14931]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  530.763868][T14931]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  530.765785][T14931]  folio_alloc_mpol_noprof+0x36/0xd0
[  530.767593][T14931]  vma_alloc_folio_noprof+0xee/0x1b0
[  530.769381][T14931]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  530.771396][T14931]  ? find_held_lock+0x2d/0x110
[  530.772658][T14931]  do_pte_missing+0x2010/0x3e50
[  530.773918][T14931]  ? rcu_is_watching+0x12/0xc0
[  530.775158][T14931]  __handle_mm_fault+0x100a/0x2a10
[  530.776487][T14931]  ? __pfx___handle_mm_fault+0x10/0x10
[  530.777883][T14931]  ? __pfx_lock_release+0x10/0x10
[  530.779191][T14931]  ? follow_page_pte+0x50d/0x1eb0
[  530.780500][T14931]  handle_mm_fault+0x3fa/0xaa0
[  530.781737][T14931]  __get_user_pages+0x90f/0x3b90
[  530.783010][T14931]  ? __pfx___get_user_pages+0x10/0x10
[  530.784402][T14931]  ? down_read_killable+0xcc/0x380
[  530.785719][T14931]  ? __pfx_down_read_killable+0x10/0x10
[  530.787145][T14931]  __gup_longterm_locked+0x22e/0x1b30
[  530.788536][T14931]  ? __pfx_lock_release+0x10/0x10
[  530.789834][T14931]  ? __pfx___gup_longterm_locked+0x10/0x10
[  530.791339][T14931]  ? sanity_check_pinned_pages+0x23/0x11c0
[  530.792834][T14931]  gup_fast_fallback+0x180b/0x2690
[  530.794156][T14931]  ? __pfx_gup_fast_fallback+0x10/0x10
[  530.795560][T14931]  pin_user_pages_fast+0xa8/0x100
[  530.796855][T14931]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  530.798289][T14931]  ? __kmalloc_noprof+0x207/0x410
[  530.799584][T14931]  ? __might_fault+0xe3/0x190
[  530.800788][T14931]  rds_info_getsockopt+0x39a/0x4f0
[  530.802096][T14931]  ? __might_fault+0x13b/0x190
[  530.803320][T14931]  ? __pfx_rds_info_getsockopt+0x10/0x10
[  530.804763][T14931]  ? lock_acquire+0x2f/0xb0
[  530.805938][T14931]  ? __might_fault+0xe3/0x190
[  530.807142][T14931]  ? __might_fault+0xe3/0x190
[  530.808364][T14931]  rds_getsockopt+0x173/0x2d0
[  530.809577][T14931]  ? __pfx_rds_getsockopt+0x10/0x10
[  530.810913][T14931]  do_sock_getsockopt+0x3fe/0x870
[  530.812228][T14931]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  530.813640][T14931]  ? __fget_files+0x244/0x3f0
[  530.814855][T14931]  __sys_getsockopt+0x1a1/0x270
[  530.816113][T14931]  ? __pfx___sys_getsockopt+0x10/0x10
[  530.817487][T14931]  ? fput+0x30/0x390
[  530.818495][T14931]  ? ksys_write+0x1ad/0x260
[  530.819669][T14931]  ? __pfx_ksys_write+0x10/0x10
[  530.820923][T14931]  __ia32_sys_getsockopt+0xbc/0x160
[  530.822255][T14931]  ? lockdep_hardirqs_on+0x7c/0x110
[  530.823594][T14931]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  530.825270][T14931]  __do_fast_syscall_32+0x73/0x120
[  530.826576][T14931]  do_fast_syscall_32+0x32/0x80
[  530.827829][T14931]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  530.829438][T14931] RIP: 0023:0xf73be579
[  530.830488][T14931] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  530.835378][T14931] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  530.837511][T14931] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000000000114
[  530.839542][T14931] RDX: 000000000000271d RSI: 0000000020005ec0 RDI: 0000000020000040
[  530.841568][T14931] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  530.843589][T14931] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  530.845602][T14931] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  530.847625][T14931]  </TASK>
[  531.386657][   T57] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  532.303984][   T57] usb 5-1: unable to get BOS descriptor or descriptor too short
[  532.306030][   T57] usb 5-1: too many configurations: 116, using maximum allowed: 8
[  532.308771][   T57] usb 5-1: unable to read config index 0 descriptor/start: -71
[  532.310975][   T57] usb 5-1: can't read configurations, error -71
[  533.268371][   T66] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  533.271237][   T66] CPU: 2 UID: 0 PID: 66 Comm: kworker/u33:0 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  533.274035][   T66] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  533.276816][   T66] Workqueue: hci2 hci_rx_work
[  533.278060][   T66] Call Trace:
[  533.278942][   T66]  <TASK>
[  533.279739][   T66]  dump_stack_lvl+0x16c/0x1f0
[  533.280980][   T66]  sysfs_warn_dup+0x7f/0xa0
[  533.282173][   T66]  sysfs_create_dir_ns+0x24d/0x2b0
[  533.283524][   T66]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  533.284986][   T66]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  533.286377][   T66]  ? kobject_add_internal+0x12d/0x990
[  533.287780][   T66]  ? do_raw_spin_unlock+0x172/0x230
[  533.289137][   T66]  kobject_add_internal+0x2c8/0x990
[  533.290493][   T66]  kobject_add+0x16f/0x240
[  533.291777][   T66]  ? __pfx_kobject_add+0x10/0x10
[  533.293076][   T66]  ? class_to_subsys+0x3e/0x160
[  533.294351][   T66]  ? do_raw_spin_unlock+0x172/0x230
[  533.295717][   T66]  ? kobject_put+0xab/0x5a0
[  533.296916][   T66]  device_add+0x289/0x1a70
[  533.298087][   T66]  ? __pfx_dev_set_name+0x10/0x10
[  533.299415][   T66]  ? __pfx_device_add+0x10/0x10
[  533.300680][   T66]  ? mgmt_send_event_skb+0x2f2/0x460
[  533.302062][   T66]  hci_conn_add_sysfs+0x17e/0x230
[  533.303387][   T66]  le_conn_complete_evt+0xfc7/0x1cf0
[  533.304776][   T66]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  533.306256][   T66]  ? trace_contention_end+0xea/0x140
[  533.307796][   T66]  ? __mutex_lock+0x1a6/0x9c0
[  533.309038][   T66]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  533.310573][   T66]  ? skb_pull_data+0x166/0x210
[  533.311850][   T66]  hci_le_meta_evt+0x2e2/0x5d0
[  533.313106][   T66]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  533.314777][   T66]  hci_event_packet+0x666/0x1190
[  533.316088][   T66]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  533.317470][   T66]  ? __pfx_hci_event_packet+0x10/0x10
[  533.318853][   T66]  ? mark_held_locks+0x9f/0xe0
[  533.320123][   T66]  ? kcov_remote_start+0x3cf/0x6e0
[  533.321460][   T66]  ? lockdep_hardirqs_on+0x7c/0x110
[  533.322819][   T66]  hci_rx_work+0x2c6/0x16c0
[  533.324011][   T66]  ? lock_acquire+0x2f/0xb0
[  533.325209][   T66]  ? process_one_work+0x8bb/0x1b30
[  533.326562][   T66]  process_one_work+0x958/0x1b30
[  533.327847][   T66]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  533.329324][   T66]  ? __pfx_process_one_work+0x10/0x10
[  533.330729][   T66]  ? assign_work+0x1a0/0x250
[  533.331963][   T66]  worker_thread+0x6c8/0xf00
[  533.333175][   T66]  ? __pfx_worker_thread+0x10/0x10
[  533.334512][   T66]  kthread+0x2c1/0x3a0
[  533.335584][   T66]  ? _raw_spin_unlock_irq+0x23/0x50
[  533.336931][   T66]  ? __pfx_kthread+0x10/0x10
[  533.338242][   T66]  ret_from_fork+0x45/0x80
[  533.339436][   T66]  ? __pfx_kthread+0x10/0x10
[  533.340659][   T66]  ret_from_fork_asm+0x1a/0x30
[  533.341936][   T66]  </TASK>
[  533.345463][   T66] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  533.349242][   T66] Bluetooth: hci2: failed to register connection device
[  534.033375][T14993] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  534.035086][T14993] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  534.038272][T14993] vhci_hcd vhci_hcd.0: Device attached
[  534.044986][T14994] vhci_hcd: cannot find the pending unlink 5
[  534.164189][T14994] vhci_hcd: connection closed
[  534.164594][   T11] vhci_hcd: stop threads
[  534.169782][   T11] vhci_hcd: release socket
[  534.171210][   T11] vhci_hcd: disconnect device
[  534.216611][   T57] vhci_hcd: vhci_device speed not set
[  535.086624][    T9] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  535.257756][    T9] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  535.260022][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  535.262650][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  535.264949][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  535.269604][    T9] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  535.272082][    T9] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  535.274125][    T9] usb 5-1: Product: syz
[  535.275211][    T9] usb 5-1: Manufacturer: syz
[  535.280565][    T9] cdc_wdm 5-1:1.0: skipping garbage
[  535.281999][    T9] cdc_wdm 5-1:1.0: skipping garbage
[  535.284953][    T9] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  535.286617][    T9] cdc_wdm 5-1:1.0: Unknown control protocol
[  535.386620][   T66] Bluetooth: hci2: command 0x0405 tx timeout
[  535.545501][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  535.547248][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  535.549064][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  535.550764][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  535.552515][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  535.554222][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  535.555962][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  535.557823][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  535.559630][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  535.561326][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  535.563051][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  535.564745][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  535.566485][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  535.568180][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  535.569913][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  535.571683][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  535.573516][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  535.575194][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  535.577054][    C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  535.578762][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  535.584096][   T57] usb 5-1: USB disconnect, device number 39
[  535.585665][    C3] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  536.040956][T15034] binder: 15033:15034 ioctl 2275 20000200 returned -22
[  536.255801][T15043] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  536.269705][T15043] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  537.118995][T15058] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2386'.
[  537.879031][T15082] netlink: 'syz.1.2391': attribute type 1 has an invalid length.
[  537.907841][T15082] FAULT_INJECTION: forcing a failure.
[  537.907841][T15082] name failslab, interval 1, probability 0, space 0, times 0
[  537.911186][T15082] CPU: 1 UID: 0 PID: 15082 Comm: syz.1.2391 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  537.914247][T15082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  537.917994][T15082] Call Trace:
[  537.919205][T15082]  <TASK>
[  537.920070][T15082]  dump_stack_lvl+0x16c/0x1f0
[  537.921325][T15082]  should_fail_ex+0x497/0x5b0
[  537.922583][T15082]  ? netlink_sendmsg+0x8b8/0xd70
[  537.923970][T15082]  ? ____sys_sendmsg+0x9ae/0xb40
[  537.925284][T15082]  should_failslab+0xc2/0x120
[  537.926531][T15082]  __kmalloc_noprof+0xcb/0x410
[  537.927903][T15082]  dev_prep_valid_name.constprop.0+0x170/0x630
[  537.930061][T15082]  ? __pfx_dev_prep_valid_name.constprop.0+0x10/0x10
[  537.932466][T15082]  ? lockdep_init_map_type+0x16d/0x7d0
[  537.934037][T15082]  ? lockdep_init_map_type+0x16d/0x7d0
[  537.935507][T15082]  register_netdevice+0x4b6/0x1e20
[  537.936860][T15082]  ? __pfx_register_netdevice+0x10/0x10
[  537.938333][T15082]  ? validate_linkmsg+0x6d2/0x9a0
[  537.939711][T15082]  ? __pfx_bond_newlink+0x10/0x10
[  537.941047][T15082]  bond_newlink+0x48/0xa0
[  537.942204][T15082]  __rtnl_newlink+0x119c/0x1920
[  537.943519][T15082]  ? __pfx___rtnl_newlink+0x10/0x10
[  537.944967][T15082]  rtnl_newlink+0x67/0xa0
[  537.946130][T15082]  ? __pfx_rtnl_newlink+0x10/0x10
[  537.947485][T15082]  rtnetlink_rcv_msg+0x3c7/0xea0
[  537.948824][T15082]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  537.950291][T15082]  ? __pfx___lock_acquire+0x10/0x10
[  537.951691][T15082]  netlink_rcv_skb+0x165/0x410
[  537.952962][T15082]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  537.954453][T15082]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  537.955863][T15082]  ? netlink_deliver_tap+0x1ae/0xcf0
[  537.957258][T15082]  netlink_unicast+0x53c/0x7f0
[  537.958685][T15082]  ? __pfx_netlink_unicast+0x10/0x10
[  537.960111][T15082]  ? __phys_addr_symbol+0x30/0x80
[  537.961445][T15082]  ? __check_object_size+0x488/0x710
[  537.962872][T15082]  netlink_sendmsg+0x8b8/0xd70
[  537.964200][T15082]  ? __pfx_netlink_sendmsg+0x10/0x10
[  537.965597][T15082]  ? lock_acquire+0x2f/0xb0
[  537.966816][T15082]  ____sys_sendmsg+0x9ae/0xb40
[  537.968145][T15082]  ? __pfx_____sys_sendmsg+0x10/0x10
[  537.969565][T15082]  ? get_compat_msghdr+0x11b/0x170
[  537.970920][T15082]  ? __pfx___lock_acquire+0x10/0x10
[  537.972352][T15082]  ___sys_sendmsg+0x135/0x1e0
[  537.973617][T15082]  ? __pfx____sys_sendmsg+0x10/0x10
[  537.975040][T15082]  ? lock_acquire+0x2f/0xb0
[  537.976276][T15082]  ? __fget_files+0x40/0x3f0
[  537.977515][T15082]  ? fdget+0x176/0x210
[  537.978604][T15082]  __sys_sendmsg+0x117/0x1f0
[  537.979880][T15082]  ? __pfx___sys_sendmsg+0x10/0x10
[  537.981230][T15082]  ? __fget_files+0x244/0x3f0
[  537.982486][T15082]  __do_fast_syscall_32+0x73/0x120
[  537.983853][T15082]  do_fast_syscall_32+0x32/0x80
[  537.985216][T15082]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  537.986874][T15082] RIP: 0023:0xf73ee579
[  537.987974][T15082] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  537.993137][T15082] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  537.995372][T15082] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000280
[  537.997455][T15082] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000
[  537.999551][T15082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  538.001639][T15082] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  538.003747][T15082] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  538.005881][T15082]  </TASK>
[  538.006782][    C1] vkms_vblank_simulate: vblank timer overrun
[  539.304323][T15109] input: syz0 as /devices/virtual/input/input21
[  539.996609][   T57] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  540.148875][   T57] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  540.150905][   T57] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  540.153226][   T57] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  540.155373][   T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  540.164214][   T57] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  540.166327][   T57] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  540.168441][   T57] usb 6-1: Product: syz
[  540.169429][   T57] usb 6-1: Manufacturer: syz
[  540.172515][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  540.173802][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  540.175421][   T57] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  540.177329][   T57] cdc_wdm 6-1:1.0: Unknown control protocol
[  540.428694][ T5419] usb 6-1: USB disconnect, device number 38
[  540.428718][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  541.266707][ T5419] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  541.418121][ T5419] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  541.421081][ T5419] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  541.423602][ T5419] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  541.436567][ T5419] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.439945][T15139] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  541.445109][ T5419] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  541.697597][T11518] usb 6-1: USB disconnect, device number 39
[  542.403876][T15148] xt_CT: No such helper "netbios-ns"
[  543.865691][ T5170] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  544.744055][ T5170] usb 5-1: unable to get BOS descriptor or descriptor too short
[  544.746151][ T5170] usb 5-1: too many configurations: 116, using maximum allowed: 8
[  544.750038][ T5170] usb 5-1: unable to read config index 0 descriptor/start: -71
[  544.752098][ T5170] usb 5-1: can't read configurations, error -71
[  544.777598][T15200] FAULT_INJECTION: forcing a failure.
[  544.777598][T15200] name failslab, interval 1, probability 0, space 0, times 0
[  544.780702][T15200] CPU: 1 UID: 0 PID: 15200 Comm: syz.0.2422 Not tainted 6.12.0-rc2-syzkaller-00260-g9e4c6c1ad9a1 #0
[  544.783431][T15200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  544.786115][T15200] Call Trace:
[  544.786937][T15200]  <TASK>
[  544.787689][T15200]  dump_stack_lvl+0x16c/0x1f0
[  544.788883][T15200]  should_fail_ex+0x497/0x5b0
[  544.790116][T15200]  should_failslab+0xc2/0x120
[  544.791366][T15200]  kmem_cache_alloc_node_noprof+0x71/0x310
[  544.792807][T15200]  ? __alloc_skb+0x2b3/0x380
[  544.793960][T15200]  __alloc_skb+0x2b3/0x380
[  544.795038][T15200]  ? __pfx___alloc_skb+0x10/0x10
[  544.796330][T15200]  ? __mutex_unlock_slowpath+0x164/0x650
[  544.797773][T15200]  wireless_send_event+0x3c2/0xc00
[  544.799143][T15200]  ? __pfx_wireless_send_event+0x10/0x10
[  544.800601][T15200]  ioctl_standard_iw_point+0xa68/0xc10
[  544.802010][T15200]  ? __pfx_cfg80211_wext_siwessid+0x10/0x10
[  544.803547][T15200]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  544.805038][T15200]  ? __pfx___mutex_trylock_common+0x10/0x10
[  544.806541][T15200]  ? compat_wext_handle_ioctl+0x26a/0x310
[  544.807989][T15200]  ? rcu_is_watching+0x12/0xc0
[  544.809166][T15200]  ? trace_contention_end+0xea/0x140
[  544.810426][T15200]  compat_standard_call+0x21d/0x360
[  544.811757][T15200]  ? __pfx_cfg80211_wext_siwessid+0x10/0x10
[  544.813282][T15200]  ? __pfx_compat_standard_call+0x10/0x10
[  544.814736][T15200]  ? wireless_warn_cfg80211_wext+0x82/0xf0
[  544.816188][T15200]  ? __pfx_wireless_warn_cfg80211_wext+0x10/0x10
[  544.817888][T15200]  ? __pfx_compat_private_call+0x10/0x10
[  544.819321][T15200]  ? __pfx_compat_standard_call+0x10/0x10
[  544.820805][T15200]  ? __pfx_cfg80211_wext_siwessid+0x10/0x10
[  544.822327][T15200]  wireless_process_ioctl+0x4e3/0x5e0
[  544.823699][T15200]  compat_wext_handle_ioctl+0x28c/0x310
[  544.825082][T15200]  ? __pfx_compat_wext_handle_ioctl+0x10/0x10
[  544.826655][T15200]  ? unix_ioctl+0x2c6/0x5c0
[  544.827856][T15200]  compat_sock_ioctl+0x337/0x7e0
[  544.829154][T15200]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  544.830507][T15200]  ? __fget_files+0x244/0x3f0
[  544.831699][T15200]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  544.833119][T15200]  __do_compat_sys_ioctl+0x259/0x2b0
[  544.834497][T15200]  __do_fast_syscall_32+0x73/0x120
[  544.835842][T15200]  do_fast_syscall_32+0x32/0x80
[  544.837129][T15200]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  544.838736][T15200] RIP: 0023:0xf73be579
[  544.839782][T15200] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  544.844454][T15200] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  544.846559][T15200] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008b1a
[  544.848481][T15200] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[  544.850494][T15200] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  544.852448][T15200] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  544.854456][T15200] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  544.856358][T15200]  </TASK>
[  544.857184][    C1] vkms_vblank_simulate: vblank timer overrun
[  545.416581][ T5170] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  545.568126][ T5170] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  545.571115][ T5170] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  545.574682][ T5170] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  545.577515][ T5170] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  545.582520][ T5170] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  545.584841][ T5170] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  545.587178][ T5170] usb 5-1: Product: syz
[  545.588298][ T5170] usb 5-1: Manufacturer: syz
[  545.596159][ T5170] cdc_wdm 5-1:1.0: skipping garbage
[  545.596585][    T9] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  545.597855][ T5170] cdc_wdm 5-1:1.0: skipping garbage
[  545.603655][ T5170] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  545.605195][ T5170] cdc_wdm 5-1:1.0: Unknown control protocol
[  545.747871][    T9] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  545.750717][    T9] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  545.753177][    T9] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  545.755417][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.761531][T15211] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  545.764565][    T9] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  546.020565][   T57] usb 6-1: USB disconnect, device number 40
[  548.025437][T11518] usb 5-1: USB disconnect, device number 41
[  548.311452][T15243] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2432'.
[  550.375205][T15281] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  550.378430][T15281] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  550.556696][   T57] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  550.614479][T15288] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2441'.
[  551.437392][   T57] usb 6-1: unable to get BOS descriptor or descriptor too short
[  551.441613][   T57] usb 6-1: too many configurations: 116, using maximum allowed: 8
[  551.445430][   T57] usb 6-1: unable to read config index 0 descriptor/start: -71
[  551.447832][   T57] usb 6-1: can't read configurations, error -71
[  552.664991][ T5355] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  552.686791][ T5355] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  552.691666][ T5355] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  552.695852][ T5355] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  552.698768][ T5355] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  552.701411][ T5355] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  552.871070][T15312] chnl_net:caif_netlink_parms(): no params data found
[  552.948961][T15312] bridge0: port 1(bridge_slave_0) entered blocking state
[  552.950951][T15312] bridge0: port 1(bridge_slave_0) entered disabled state
[  552.952886][T15312] bridge_slave_0: entered allmulticast mode
[  552.954955][T15312] bridge_slave_0: entered promiscuous mode
[  552.958404][T15312] bridge0: port 2(bridge_slave_1) entered blocking state
[  552.960325][T15312] bridge0: port 2(bridge_slave_1) entered disabled state
[  552.962234][T15312] bridge_slave_1: entered allmulticast mode
[  552.964258][T15312] bridge_slave_1: entered promiscuous mode
[  552.984124][T15312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  552.987765][T15312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  553.011898][T15312] team0: Port device team_slave_0 added
[  553.015759][T15312] team0: Port device team_slave_1 added
[  553.037242][T15312] batman_adv: batadv0: Adding interface: batadv_slave_0
[  553.039497][T15312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  553.048563][T15312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  553.052515][T15312] batman_adv: batadv0: Adding interface: batadv_slave_1
[  553.054404][T15312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  553.061841][T15312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  553.091408][T15312] hsr_slave_0: entered promiscuous mode
[  553.093651][T15312] hsr_slave_1: entered promiscuous mode
[  553.095566][T15312] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  553.098678][T15312] Cannot create hsr debugfs directory
[  553.605081][T15312] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  553.612764][T15312] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  553.615985][T15312] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  553.619826][T15312] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  553.633465][T15312] bridge0: port 2(bridge_slave_1) entered blocking state
[  553.635103][T15312] bridge0: port 2(bridge_slave_1) entered forwarding state
[  553.636863][T15312] bridge0: port 1(bridge_slave_0) entered blocking state
[  553.638514][T15312] bridge0: port 1(bridge_slave_0) entered forwarding state
[  553.665179][T15312] 8021q: adding VLAN 0 to HW filter on device bond0
[  553.672448][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[  553.675641][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[  553.701854][T15312] 8021q: adding VLAN 0 to HW filter on device team0
[  553.707552][ T1104] bridge0: port 1(bridge_slave_0) entered blocking state
[  553.709325][ T1104] bridge0: port 1(bridge_slave_0) entered forwarding state
[  553.712043][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state
[  553.713929][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state
[  553.866798][ T5388] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  553.893863][T15312] 8021q: adding VLAN 0 to HW filter on device batadv0
[  553.928523][T15312] veth0_vlan: entered promiscuous mode
[  553.932645][T15312] veth1_vlan: entered promiscuous mode
[  553.946269][T15312] veth0_macvtap: entered promiscuous mode
[  553.950327][T15312] veth1_macvtap: entered promiscuous mode
[  553.956462][T15312] batman_adv: batadv0: Interface activated: batadv_slave_0
[  553.961384][T15312] batman_adv: batadv0: Interface activated: batadv_slave_1
[  553.965238][T15312] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  553.971365][T15312] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  553.973605][T15312] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  553.975820][T15312] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  554.044808][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  554.048603][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  554.057686][ T1096] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  554.060033][ T1096] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  554.581405][T15346] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2453'.
[  554.673135][T15348] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  554.681207][T15348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  554.683684][T15348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  554.752898][   T66] Bluetooth: hci2: command tx timeout
[  554.761463][ T5388] usb 6-1: unable to get BOS descriptor or descriptor too short
[  554.763673][ T5388] usb 6-1: too many configurations: 116, using maximum allowed: 8
[  554.767008][ T5388] usb 6-1: unable to read config index 0 descriptor/start: -71
[  554.769488][ T5388] usb 6-1: can't read configurations, error -71
[  555.257021][T15362] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  555.260275][T15362] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  556.835565][   T66] Bluetooth: hci2: command tx timeout
[  558.350802][T15426] ebtables: wrong size: *len 120, entries_size 144, replsz 144
[  558.354310][T15426] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  558.366725][T15426] misc raw-gadget: fail, usb_gadget_register_driver returned -16
SYZFAIL: bad allocate request
allocated=0 size=4294966780/4294966784 (errno 9: Bad file descriptor)
[  559.146741][   T66] Bluetooth: hci1: command 0x0406 tx timeout
[  559.267789][T13664] raw-gadget.0 gadget.2: failed to queue disconnect event
[  559.669123][ T1096] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.724488][ T1096] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.812226][ T1096] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.884229][ T1096] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.987121][ T1096] bridge_slave_1: left allmulticast mode
[  559.989077][ T1096] bridge_slave_1: left promiscuous mode
[  559.991711][ T1096] bridge0: port 2(bridge_slave_1) entered disabled state
[  559.995515][ T1096] bridge_slave_0: left allmulticast mode
[  559.998669][ T1096] bridge_slave_0: left promiscuous mode
[  560.000694][ T1096] bridge0: port 1(bridge_slave_0) entered disabled state
[  560.005088][ T1096] bridge_slave_1: left allmulticast mode
[  560.007205][ T1096] bridge_slave_1: left promiscuous mode
[  560.009225][ T1096] bridge0: port 2(bridge_slave_1) entered disabled state
[  560.015255][ T1096] bridge_slave_0: left allmulticast mode
[  560.018397][ T1096] bridge_slave_0: left promiscuous mode
[  560.020369][ T1096] bridge0: port 1(bridge_slave_0) entered disabled state
[  560.511290][ T1096] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  560.514192][ T1096] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  560.516870][ T1096] bond0 (unregistering): Released all slaves
[  560.604536][ T1096] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  560.608559][ T1096] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  560.611959][ T1096] bond0 (unregistering): Released all slaves
[  561.090612][ T1096] hsr_slave_0: left promiscuous mode
[  561.092558][ T1096] hsr_slave_1: left promiscuous mode
[  561.094407][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_0
[  561.096667][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_1
[  561.102258][ T1096] hsr_slave_0: left promiscuous mode
[  561.104246][ T1096] hsr_slave_1: left promiscuous mode
[  561.106212][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  561.108215][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_0
[  561.110603][ T1096] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  561.112559][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_1
[  561.147572][ T1096] veth1_macvtap: left promiscuous mode
[  561.149081][ T1096] veth0_macvtap: left promiscuous mode
[  561.150561][ T1096] veth1_vlan: left promiscuous mode
[  561.152017][ T1096] veth0_vlan: left promiscuous mode
[  561.937701][ T1096] team0 (unregistering): Port device team_slave_1 removed
[  562.032949][ T1096] team0 (unregistering): Port device team_slave_0 removed
[  562.190701][ T1373] ieee802154 phy0 wpan0: encryption failed: -22
[  562.192945][ T1373] ieee802154 phy1 wpan1: encryption failed: -22
[  563.414465][ T1096] team0 (unregistering): Port device team_slave_1 removed
[  563.511767][ T1096] team0 (unregistering): Port device team_slave_0 removed
[  565.070186][ T1096] batman_adv: batadv1: Removing interface: netdevsim0
[  565.165774][ T1096] team0: left allmulticast mode
[  565.167299][ T1096] team_slave_0: left allmulticast mode
[  565.169006][ T1096] team_slave_1: left allmulticast mode
[  565.170452][ T1096] team0: left promiscuous mode
[  565.171738][ T1096] team_slave_0: left promiscuous mode
[  565.173265][ T1096] team_slave_1: left promiscuous mode
[  565.174793][ T1096] bridge0: port 3(team0) entered disabled state
[  565.177811][ T1096] bridge_slave_1: left allmulticast mode
[  565.179325][ T1096] bridge_slave_1: left promiscuous mode
[  565.180854][ T1096] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.183714][ T1096] bridge_slave_0: left allmulticast mode
[  565.185192][ T1096] bridge_slave_0: left promiscuous mode
[  565.188102][ T1096] bridge0: port 1(bridge_slave_0) entered disabled state
[  565.452627][ T1096] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  565.455748][ T1096] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  565.458852][ T1096] bond0 (unregistering): Released all slaves
[  565.731605][ T1096] hsr_slave_0: left promiscuous mode
[  565.733519][ T1096] hsr_slave_1: left promiscuous mode
[  565.735588][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_0
[  565.742819][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_1
[  566.411919][ T1096] team0 (unregistering): Port device team_slave_1 removed
[  566.503857][ T1096] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
04:14:20  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000003 RBX=0000000000000000 RCX=0000000000000001 RDX=0000000000000000
RSI=1ffff92000632e51 RDI=ffffffff8df69ae0 RBP=0000000000000001 RSP=ffffc900031971f8
R8 =0000000000000001 R9 =0000000000000000 R10=ffffffff901cd74f R11=0000000000000000
R12=ffffffff8df69ae0 R13=ffffffff8df69ae0 R14=0000000000000000 R15=ffff888025dfa440
RIP=ffffffff8169f3e0 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3f835c6d00 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000556da57cf000 CR3=0000000000e4a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=803409b8803409b8 803409b8803409b8 803409b8803409b8 803409b8803409b8 803409b8803409b8 803409b8803409b8 803409b8803409b8 803409b8803409b8
ZMM22=8b18c3288b18c328 8b18c3288b18c328 8b18c3288b18c328 8b18c3288b18c328 8b18c3288b18c328 8b18c3288b18c328 8b18c3288b18c328 8b18c3288b18c328
ZMM23=3f9324eb3f9324eb 3f9324eb3f9324eb 3f9324eb3f9324eb 3f9324eb3f9324eb 3f9324eb3f9324eb 3f9324eb3f9324eb 3f9324eb3f9324eb 3f9324eb3f9324eb
ZMM24=181d925c181d925c 181d925c181d925c 181d925c181d925c 181d925c181d925c 181d925c181d925c 181d925c181d925c 181d925c181d925c 181d925c181d925c
ZMM25=160c0f57160c0f57 160c0f57160c0f57 160c0f57160c0f57 160c0f57160c0f57 160c0f57160c0f57 160c0f57160c0f57 160c0f57160c0f57 160c0f57160c0f57
ZMM26=453a4960453a4960 453a4960453a4960 453a4960453a4960 453a4960453a4960 453a4960453a4960 453a4960453a4960 453a4960453a4960 453a4960453a4960
ZMM27=b36eb691b36eb691 b36eb691b36eb691 b36eb691b36eb691 b36eb691b36eb691 b36eb691b36eb691 b36eb691b36eb691 b36eb691b36eb691 b36eb691b36eb691
ZMM28=000001200000011f 0000011e0000011d 0000011c0000011b 0000011a00000119 0000011800000117 0000011600000115 0000011400000113 0000011200000111
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=6b1200006b120000 6b1200006b120000 6b1200006b120000 6b1200006b120000 6b1200006b120000 6b1200006b120000 6b1200006b120000 6b1200006b120000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff81cb03ea RDX=ffff888020460000
RSI=ffffffff81cb04d7 RDI=0000000000000005 RBP=ffff888044976720 RSP=ffffc90000e9f7b0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffff888044976700 R13=dffffc0000000000 R14=0000000000000002 R15=ffff88801ceb6000
RIP=ffffffff817309a0 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f54d1da4 CR3=000000005a9ce000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=1ffff92000147f7a RCX=ffffffff81570dad RDX=0000000000000000
RSI=00000000ffffffff RDI=ffffffff8b4bb560 RBP=0000000000000000 RSP=ffffc90000a3fbc0
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffffffff8b4bb560 R13=00000000000010ea R14=0000000000000001 R15=0000000000000001
RIP=ffffffff815bc697 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f36e40 CR3=000000006e638000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000004 RBX=ffff8880418aa2c8 RCX=ffffffff81f9ecc5 RDX=ffffed100831545a
RSI=0000000000000004 RDI=ffff8880418aa2cc RBP=ffff8880418aa280 RSP=ffffc90003897590
R8 =0000000000000001 R9 =ffffed1008315459 R10=ffff8880418aa2cf R11=0000000000000000
R12=0000000000000000 R13=0000000000000001 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff81f9eccf RFL=00000217 [----APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ffb6203c CR3=000000005c686000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000