last executing test programs:

7m8.822475972s ago: executing program 1 (id=1035):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x10e, 0x3, &(0x7f0000000080)=0x6, 0x4)
ioctl$CDROMVOLCTRL(r0, 0x31f, &(0x7f0000000000)={0x23, 0x1, 0x8, 0x7})

7m8.744884676s ago: executing program 1 (id=1039):
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r1, &(0x7f0000000380)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d000000080005", @ANYRES64=r0], 0x50}, 0x1, 0x0, 0x0, 0x880}, 0x8000)
r3 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r3, 0x0, 0x0, 0x4040810, &(0x7f0000000040)={0x11, 0x88a8, r2, 0x1, 0x7}, 0x14)

7m8.74391985s ago: executing program 1 (id=1041):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r2, 0x800455cc, 0x0)
dup(r0)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000003e0007010000000000000000017c00000400fc800c000180060020006558000008000280040011"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRESDEC=r1], &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8983, 0x0)
add_key(&(0x7f0000000140)='keyring\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="c69c41e7f6aa152c31675fb51f794ca6ab15165e6b497a5add199b906083db6d0a117ae5dc524ef66d0b0ee0f2e1c4c22c816d1d1a6d1f89e67b", 0x3a, 0xfffffffffffffffc)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r3, &(0x7f0000000000)="a9", 0x1)
r4 = openat$tcp_congestion(0xffffff9c, &(0x7f0000000480), 0x1, 0x0)
fcntl$getflags(r4, 0x40a)
close_range(r0, 0xffffffffffffffff, 0x0)

7m7.473895412s ago: executing program 1 (id=1047):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x10b000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x891018, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001500)={0x34, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0xa000000}]}, 0x34}}, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x800448d5, &(0x7f0000000000)="6b5c8b3d")

7m7.473575061s ago: executing program 1 (id=1048):
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
r1 = socket(0x11, 0x2, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000080)={0xa0179e08})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000140))
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000240)=ANY=[@ANYBLOB="00000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a3070000050000000b0000000000000002000000000000002d000000000000000d000000000000000000000000000000000000380000000200000003000000000000007f4400000000000000000000000000000700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055078dd2e74784d37271ddb8036ce22e04a1a2e26d022a407cbfcaf0c60ba59e5f26aeeeff5036c81592e1bb3b9f61e98b972540d80e8b327d33627e90df8e4174c80d2882cb335b2d3988e37ef18eaabf22f0b7bd7453867add0f1d4148ff5f1176f9a2e8157620475caa15f643fdb102fde9a8460995fcd8aa5b2adfb042e3ab13e10ba1458472d923d7f0291de1bb98dac5988a5d8ba6b9d58ae8beb99ede89fe7b4ab80254af134e7bd472f69372593468d8bcb55272061ec30faf683fb4883cfe8acc5e142ae2c95d4c00a2c99cfb8efa8bab8072a3911c607b31d13464316a52cadb4bff9e2ec5027c137bddd3294f9cf9ede535a79870335c88e75bc36cfe06a1a79bc78124c758719fb81def828ba1c7a2551156c7b6729adf2c45f404767cefd3"])
ioctl$I2C_PEC(r0, 0x708, 0xffffffffffffffff)
ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000900)={0x0, 0x0, 0x7, &(0x7f00000008c0)={0x0, "cc3df0b97c31c635d41f1db17008852daad3915d105cea6345c0bd492ca56f24ee"}})

7m7.182193293s ago: executing program 1 (id=1051):
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r1, &(0x7f0000000380)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d000000080005", @ANYRES64=r0], 0x50}, 0x1, 0x0, 0x0, 0x880}, 0x8000)
r3 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r3, 0x0, 0x0, 0x4040810, &(0x7f0000000040)={0x11, 0x88a8, r2, 0x1, 0x7}, 0x14)

7m7.124760895s ago: executing program 32 (id=1051):
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r1, &(0x7f0000000380)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r2, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d000000080005", @ANYRES64=r0], 0x50}, 0x1, 0x0, 0x0, 0x880}, 0x8000)
r3 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r3, 0x0, 0x0, 0x4040810, &(0x7f0000000040)={0x11, 0x88a8, r2, 0x1, 0x7}, 0x14)

6.566475041s ago: executing program 0 (id=4006):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x105, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

6.429772047s ago: executing program 0 (id=4007):
r0 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000001340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001300)={&(0x7f00000000c0)={0x1240, r1, 0x110, 0x70bd2b, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_OURS={0x1224, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "a3a1076e5425e5fe540837c84884fe395f5298209f52f59e8c1d21d7bc936c61acf6520fd4fa330ac26e61b9aad59cfd8d4b8f90e06813c378e351dbbddb8f2e0e047b6408f7b09c22815a7f9acc9acb7e12637a69c67e07bc4e9d2d203e8257cf41361a8eed3db599df556f791dd7fe35def21308ef04082677f3977d74b92f1a107fe032a33ee0f363269046bbd842c02fdf8c55885a786822a7fd4b20c68c165f89ff43e9e3dbe80895a5d8a22c18e44ef4993b961a94ed5d40c802b9581b26fdbf60a7767e6b4302f9297f9c5d0db747d2f8dbff5d4aad105e6a7c3a042ba36cb6d2f41391b53edb1ba4255c7d048354e6c8b1d0388a9269edb078ab278fc6dc9e8858fabad033c437a1ae0d4c34fc54451f306dd3d9d69e0f4cf04880be97f18b11efabe8e9d2566ef548cfadf9658b7604a9c3b4b50c968bf7877bf99ec16deacde16f7ae867d4b490b606a7303518a6bb348ae5b58d4c4024acf0f2215f70c939175ff888ede36d332dad26e503c54b0b05eb63eecc6097c7df51c0338ac71e098c7bbf18fee47d753b790ef2c0885c5f147e17d421eeec69e48ad8b4bbf5ca4c0fcfc551b817db0f467eca634351eaca5eb445b24ba324837698e8d52aeda0eb90ef8239eccd1a4e0fe517928022da344e2c503825002a8c8975c3da622a8d4e64169553f009c544578b23bc158c03e443440f4c2c272a5f0a303be32321198de47ee10064c6ad84d10d6a839d3dc7c7e9266f4e1ef023412e58df87c44bb3c3dfff6b036db7d2320bad8a11c92ce5abdbf1feac7ab4a334def4c41596b9fca40e6c44abfece62dd63664cfc9983c976d19165b650e17ecf4943ff4ad13d87fae019893abdc51588a8ab295174f791698b0dfd85a50eba2ac69a0ed2db55d4200639f6255c2e19429d7c4e4e7f1a58ff729f3e37fb4fbf3b50caa81cf73bec6556c51a39557c6d87367f5657c71f7034138ed6819f5644fb4ec8d599a4796b79b79b69de92a0139ea14e961eb31c00a9da94f8a8b0df6598c3c81532a200030dd78c0c439b4c90704862b8830a42b7e3d7bf8efd76970710641d18391c9f8b46ce271ff754c1cd03023748203217ba5523fe12ce5da58fb03d2a2991815d9e6e3e6891b3511719a3dd8c6696cf96448ec23d491813cc224e6c0fd82d7d7fffd9be6ca63c879559c9905bf9476a7c82ad7546f6d615eb7fdb888bf612d8380c22708b62997b87832cdc9678fb9e175cb867b3f360d8cd1206d12869c142ff09801474f7d0db130402f97393735e52597ee3baee02bce826a1bd961a0fbc69e73a6eec88a50cb0e07542f8fade359df721ef3c7aa88696a01a7828a0b5c8915888940c17c3640d8972a874aed85ef08571641a89363e2968f2ef628220e6d2268d249aadf68c2e54a011d1bbd5bbfe5f188cef602e3188b675fb20167478d58fc7b29d10471451a74d8f2e815b8a066aeafb13da6b9a7844439beb0c720dd2034a45a638ff9c78f39e9555bca9b45c91ec9a8ea0b7b37ba4a318a067c9c15de4a8a557913a21d9107ada90cceeba8164431dceb9d364b2f563f9cb3f1c68830a662c57475b9dc36f50e9f30f93509f00f648e0da808a9ec9b185bb1d3c4751db3cb7d2b76117aaff1db35c3a32ee28aae472132071847f47e2f7bd892a2d5bf667ea2766ecd11fc589070a92b49385e0b8cbd4a3d8878a7f2ab94142cc1bbc98d73b7976386e9b1f49c5a27a14ad59fae3959291bcd21f37500cb747892e33118baa5a40e664576b066f3db0013b3fd2982d62d2a9464c6aa56bbaeeb211a864b6dda629b6ab9f10ecf45177dd93e90aa256881eaf9d594cf51665c726d5f67f218565f16c0bad16e6923109bf8e0e7bdedf3d4ee9df0210b667aa875eaab76a6979a7d23c0343ecec05d024720c7840bc67335507d228ea7498f2c9e98e45c7326a3dc60d9431b5f79a41ec723423d82e653e26a4002c73ac7b128490f0ee0e3f5eda932b98a441a63eeb52edd28be09e7901ebca2d3af86c2d8c89b7b2ed026951194fa707dd48d73ef004f3a6af096caee0fe7bd850fb4e14fd1d6beca0a851442d6e1e600ab65cc0313de0e37775008b2ed94f0580a1f0722f63bd14b6d90f588d626ccfd62230c4a02ba5db87b1f545995dfdce8af8299c8a4d6c6b22794184b508de5926c2ac9d6598235008c954f3574faf4c4cb9881595073f6feb719eae6d4c83bd27cbf56ac43e26165a67e43c0f9b2f9674a005481452f092b49ca0798c33db1833a322872280425d09cff658d9d604c5b9b9e80d1c449c489b40f259787b6a5879767aa3194e54eff830c34544a86085d97550e3a6b4f945376d1dd49e3dc21df3cb090137bc38ed82dba8ceff9246a73c475947a6b5144ab73385f60a3b0da43db4d2fdfa7a433816301f380aecb45afc4142a37e0d6d77b11635c3f53b9b3e47a1e44123916d0aed96f1311faef8bd29bc3c18de6e8432bfb42cd3428ff1f9059e554cac6151e5bf9b4c2278fee7ec17b919ed4eca5901d2ef9b1cab862f1d941300342f3ee1f24bdb4515278e8f69d9517ceee031b3e0e8e004cd698fbe4b6b957e2a90aab59969cf073040291ea3f477d8adb14d6c5927e5123f7df5ff87027a1043f8158e2f644cc9024b35792782d90edd75d592ebc1c0ac9d829081a3d5a6ad3985f9d785523e967a782818c3a56f8cdf6b3f244a6f1ab52837b1b40e9cbf0782ed664308c1164d5b23871cc52daa32b3899566ef58eb5450a03c958a94284d296b18c28d8a749bb94b110d368fb24cc5c6e3088900499b5dfe1780e60ff4db848ff1419150df7c73ea9a3bc8b2f41cf6c6b4825b182cf5cbc44b469cfed0fa286bcb410f135d2d2dbf0dbc2bf272cbe1d664143fe728ec65722005c534eff80af24171090a3f9d7b1b275e8018e228fe519a2b819b9d20738346ee99203612ae2bc0152b55e96b32a7b9953eec5c07ad8e4dbe6c7279279493adf9f5c5253c78d85728f40b1c2bab9d7bc38a7f2b179b916580b1a9a5d17e0b2a8fa0ea2f77737599259bb415b304ed32ddcd5d5ebb4341c469c2f7f0ec03c6fbe53f8f9bd9501e91567eb25457c4c3664729afa1071cd5ddf9f7a4618fd98efe9f506850325534ccf370bf4e442e26a5014f437c36696e08605dcd7dcd1434b56a87ac095566141bd301bac48fe0065e9d595b60d78238893779ff6eb31ab1adb72f94bbf654b3fea10537c1faf45e0bf282e35817a1dd7f15f94398533869ccb1fae0c56fc55c1a9d2b700760f752267a02067792761760b9221f3f0393b6b666a622fc234b90bea519188cce3f217c0317565c4ef11cb0f3d4df82bcadc298b29bdd41a8b40fdf337e07be9b9f927a9910aedf128a433258fbe4a639d732cc98579d806046da7258cc8ceebbf90c9a9468f1661d57a5297a0e7bb9e31d94ab7d4862dc894beef65dd291fe212d2de59edab768488b9d8beb7e64c493d4b9c3ed49a3c0e50031630d5d446d64da0e0726222a772da82ac7b7b4306becc6bea749d7f5f1b6bb63458eb29b63f7453c4d790ff638e9c1a53866421b6fecc692ba6d391963e2c4e97b92f88f4cc9d6a2ce72e5d9c76e80e919eef9f18b129b30f39586ab308283b99f0ca06ddf519f4a760240ad2d8b36a965a49e740b655e0fd30c8af7e2fb226859f109019cb3ed2ef27f189b3ff3eaff131abe450d58938a671802e85185b9bc5dc006320daf7bba7fc4a50ea8237f18241f1ba6f4240ebf983fceffa6ea04ccb43b623a822255fe904cb03ac67eb1e106f4f369ad613e40fb34b49e04144918ba54cff7e6eb8ad62aea69a46a8a1799ac63d04bb992b4da26da64fff3e021e2c67ff69b906f304f7d4d6d75bb5b7666b214b60316ec6f059ea81052a2eaa2414f626ccae470d9f89b74a636b134f780cc0885a38866be41228c08aad0880752fcb718977234af2cd9e41ddb207fb8a2e273365a1f2557d5411fdb350b1ca34cdd89ad4835b938413243d803e199f08b1afdd91d3af48654b4feaf4a0393a0527c665e6203ec6bbdac2d68eacf6533ac9fd2f077b5b6649ae52113d39193a6e8a118527f4001b69e7deafc5afff26239d257039f864518486c79a46b7e6e7f99b54f8f2307eb77353a9b4645921d026585d65ba13d15d90b65376ead5d110f70861f0c8038ed82bb43128a11edf531f90c8f3451b494ae2289c6c7ab4d1e99f6cc2b6b8fe758252e73368943117e24533bc1639dd567a1fde8d5ebeed50235e8be7fa1a5be10f90a99079a7770fa8fccbb5edd25ad01048476e4d782bffc22eede9e9a84c4b593a4e0fc4470f35c26923e7a1cdc2a46ee731a2387dec020b11caf40b8a4bffa345ffb644a5262b3466a0491ba1934fc78e08a0a38cab99dfc361acc993c158031d3cdc3f5e733c438d8b8bf81ce4ec97e262be646cbcd934faf3e98623c418c58330ccbfada42117dc0d79b09dd91dc32aa3304962ddc83ab024673c4e3f0258f8f4bac27d1f6b517e43e54c49b8866fb4a41c4922840b5855b568fd8f7542a43cb8b7dd2ada14811228b446419d8cb78ead345fadc96a7b28fb912c14101304e2de62ed470cecd36be15e7d15fb4f618be6e41352f2d164ad88e9efce5bf2a663249990fb16d86e33cddb2e84e06fd50f43f4ea59e8bb9124a218b55c41137d72e6edf89410dd695cf52aeea53177890ba7e45fc3851143eed123415ac4c5b966bc088984339368664306643ce902effd2070bb6ec3d05f596cd705c9e890ef514543140e9feb11dc93e9f7021a3d4c25360d66ec5703b173490d056f302fef6580a49c2664b8536312375f2816298619a53e80006f6e55e5a4a84e43f97ca1d64ed0c0777c7cc0fc5001f91ffd77779438dfaf62a649607944a9cb6c887f324a777aaae618e7461242e47068daeb9c429ed9e5064414830b33addc4a51b8e6af5d5cfa0facef9e084e6bdb147861978baa78b9a52df4e67ec0da50ad94b2b2b5359b487c84d2f7cd0afea4039fb9936cb69b8466dc37cf76a5be932203c89b89407ca5f9393bcb31ed955dc0a58bf5a61f5368bd75fa6cd62fabd3ed2ac3ca703f007890eb675677aae76d2ea13ee587f40ac766e456f1f45e3d20b01de893999d9a18227e6ccd2b0f4aa95099f8e936bf82bb3ffe6219ffb67d92435d73779a350a447612197ce55afacad813af072107b92278286fca1e672db19b27b96f85cff9d3a63b93d5062ec059d183b10aaa86f25d6c115c3022992995ca680084a470782e229ee9d6fbf53cc6a0491061a508ebd767bf5dd24a0bc9084471a07edd1f4e7799275be08074e44ba56824d389efa6bfc7c7e79fc27f8aaa1a26d16a9c467ce5d9007f732a540d140934046756d17ecddc77dd28bd25f87e195643f65c1483c66e7b5d49e82afc0030aecb4748bd902a6f63b454c6d319b97de3aa6ed4190c9a65aa49664e24acc1cf3c8c5fb15452637b725014ef618ab5c92157920a218505ee3f529abfdf7cb2111ff2f7e78e77f400ee0f917f33c4a6fa64177bd024b826dc0d57cf1f1aa522c3bad68f1f8e84cdc99766084e08ac558f9ddd15c329914d561b90d60d24cb5aaaae07b690068b68a7769aed41dd248a327273124ffd9af0fd572328d41c803bb007b425caa1e7648526505d20090aac06d03885e24995023c1012c0f4715af12e6e07ba240b9f5ed7078d418538c328352219fb225aa02e3c3488d3ffc4689a97919e75936be5df8c1270f8b7d42f799c88764eeec17c64e6b3cdff7b91a66"}, @ETHTOOL_A_BITSET_VALUE={0x56, 0x4, "5f99a0a730e688d95f74651e9956aa495b79fc74f01bca322ae3e31ef7b36194cc2a1c86a80b83728755a6681ef31855c9ccee84e7a1d1fde058e4572b4b458a5a5ebd215fec9307e62aec5d9bb7c3854247"}, @ETHTOOL_A_BITSET_BITS={0xe4, 0x3, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '@*\xe2\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, ',)%\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x81}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffffff59}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xb}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10000}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7ff}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '^\x00'}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8000}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '[\'\xc2+]\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '&o\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}]}, @ETHTOOL_A_BITSET_BITS={0xe0, 0x3, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '(\'\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '}\\\xfaM\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '@+R/\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x200}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '&+%$\'\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, ',,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '}\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x8cce}]}, 0x1240}, 0x1, 0x0, 0x0, 0x20000810}, 0x80)
writev(r0, &(0x7f0000001440)=[{&(0x7f0000001380)="78b468ff742f9425f5bff965b52651d5b2c26b20a03a670cec4055bf0e2ba6a16b41f6711e3e1d56884171a7f3670a621bb6ee560e5d1c2a7b2d34dab1feb64baf729e3f082d8da4f7ae80514d", 0x4d}, {&(0x7f0000001400)="a76c0de5dca0528b5e", 0x9}], 0x2)
r2 = openat$rdma_cm(0xffffff9c, &(0x7f0000001480), 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f00000015c0)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001580)={&(0x7f0000001500)={0x44, r1, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x4c001)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001700)={&(0x7f0000001600)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000016c0)={&(0x7f0000001640)={0x44, 0x2, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x9}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}]}, 0x44}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000000)
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f0000001800)={&(0x7f0000001740)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000017c0)={&(0x7f0000001780)={0x28, 0x0, 0x800, 0x70bd2d, 0x25dfdbff, {}, [@SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x11}}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x18)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000001840)={0x4, 0x3})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000018c0)=[@text16={0x10, &(0x7f0000001880)="0f1ddc66b96803000066b864e7b66866ba000000000f30f20f30f2adb8bf008ee00f06d897df00b833018ec066b9800000c00f326635008000000f300f015dd1", 0x40}], 0x1, 0xf, &(0x7f0000001900), 0x0)
r4 = openat2(0xffffffffffffff9c, &(0x7f0000001940)='./file0\x00', &(0x7f0000001980)={0x628000, 0x166, 0x12}, 0x18)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f00000019c0)=0x4)
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000001ac0)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001a80)={&(0x7f0000001a40)={0x2c, 0x0, 0x200, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x40, 0x2}}}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000010)
write(r2, &(0x7f0000001b00)="2b150cfef3bb0f352e48137a62db4ac029deec9f6ef2b9f4fef089a5c267b024963a8f7797feedad650f13bcf1689fc66ddcc4039c6e21fef4dffb7b9f92f0c5e613c2bea9e3b7adc86e31706777fea7bb7732540029b3352c0c94535d8a726361c58aa5272dbdb53af60151ca5e14856489ce2265b2f926266cd5dbe37235b6d6c57983646e5c05545fb2f8c86cea0aaaf2d4b2521e6bc5e6929c3cbe146e46157b6525517142b6f1ea01aace313f2935bc", 0xb2)
r5 = getpid()
mkdir(&(0x7f0000001bc0)='./file0/file0\x00', 0x26)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001c40), r0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r3, &(0x7f0000001d40)={&(0x7f0000001c00)={0x10, 0x0, 0x0, 0x10008}, 0xc, &(0x7f0000001d00)={&(0x7f0000001c80)={0x48, r6, 0x200, 0x70bd26, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x87, 0x23}}}}, [@NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x2}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x3}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0xfb2}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x3}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0xeab}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000001d80)={<r7=>0x0, 0x100, 0x30}, &(0x7f0000001dc0)=0xc)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000001e00)={r7, @in6={{0xa, 0x4e22, 0x9, @mcast1, 0xfffffff8}}, 0x4, 0x9, 0xffffffff, 0x3, 0xc, 0x0, 0x2}, 0x9c)
process_mrelease(r4, 0x0)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000001f00), r3)
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r4, &(0x7f0000001fc0)={&(0x7f0000001ec0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001f80)={&(0x7f0000001f40)={0x1c, r8, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040}, 0x840)
r9 = memfd_create(&(0x7f0000002000)='^\x00', 0x406d6b2ee9654011)
sendfile(r4, r9, &(0x7f0000002040)=0x3, 0xfffffff7)
sendmsg$nl_generic(r0, &(0x7f0000002140)={&(0x7f0000002080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000002100)={&(0x7f00000020c0)={0x1c, 0x3f, 0x1, 0x70bd29, 0x25dfdbfd, {0x12}, [@typed={0x8, 0x126, 0x0, 0x0, @pid=r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xffff, 0x3ff, &(0x7f0000002180))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r4, 0x660c)

6.429466288s ago: executing program 0 (id=4008):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x47f, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x29}}}}]}}]}}, 0x0)

4.485393381s ago: executing program 2 (id=4014):
r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r4, 0x3)
setsockopt$inet6_int(r4, 0x29, 0xb, &(0x7f0000000100)=0x400, 0x4)
r5 = socket(0x10, 0x3, 0x0)
syz_open_dev$evdev(&(0x7f00000023c0), 0x6, 0x14480)
recvmmsg(r5, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
write(r5, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000001d00000000000000050009000d000000", 0x24)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f0000001fc0)=""/184, 0x20002078)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000300), 0x106, 0x8}}, 0x20)

3.58652772s ago: executing program 2 (id=4016):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x105, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

3.468644994s ago: executing program 2 (id=4017):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000040)={0x361, 0x4000, 0x4, r0})
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'geneve0\x00'})
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000340)={{0x2, 0x0, @broadcast}, {0x0, @link_local}, 0xa, {0x2, 0x800, @multicast2}, 'wg0\x00'})
r6 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="e00000001300015f9f6f70725f6374725f61657332353600ffffffa600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e6ffffffffffffff00"/171], 0xe0}}, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e2a, @broadcast}, {0x0, @remote}, 0x4a, {}, 'veth1_to_bridge\x00'})
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0xc1105511, 0x0)
madvise(&(0x7f0000cd0000/0x4000)=nil, 0xffffffffdf32ffff, 0x16)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000200)={"6080d517", 0xb, 0x9, 0x1, 0x2, 0xfffffffc, "f9a927627a359827fdc4ed7cb20708", "ae6c49d8", "1c4393b3", "aa04df4e", ["e4e7d0b3748a08eb4117a58f", "a42a5eb8b97b66092e22038e", "00284dc8b857e17ccdef2efa", "d89c67314b6a13a76640b81a"]})

3.309961973s ago: executing program 0 (id=4018):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r4, 0x3)
setsockopt$inet6_int(r4, 0x29, 0xb, &(0x7f0000000100)=0x400, 0x4)
r5 = socket(0x10, 0x3, 0x0)
syz_open_dev$evdev(&(0x7f00000023c0), 0x6, 0x14480)
recvmmsg(r5, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
write(r5, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000001d00000000000000050009000d000000", 0x24)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f0000001fc0)=""/184, 0x20002078)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000300), 0x106, 0x8}}, 0x20)

3.209949688s ago: executing program 2 (id=4019):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000f00)=[{{&(0x7f0000000300)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000100)='k', 0x1}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x4e23, 0x4, @local, 0x6}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000080)="b6", 0x1}], 0x1}}], 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
setsockopt$PNPIPE_ENCAP(r2, 0x113, 0x1, &(0x7f0000000240), 0x4)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = fsopen(&(0x7f0000000180)='virtiofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000bc7ef9642d29ba564165605dca29708efdf9b15a5c10a126121b2751f642635bcd9a8bf7a928a5d054b0d2c54d519ea75c52f41ed6f2886973626b684c8bd9108c0b0b2ea7e556948f0367aff4fbcede3294f6e73d06ad16dc2d26725ff833b5f83b499918e6a6ec245b781d41aee9624c847e2f2312d6b9db45bad354fc1a3f20407ffe406483a0524937ee7559e4bf70136746b37fdfbbb152758d37ed8bcac41fb7243bdcd536249c7996e898b61927eaa5a8790054ba13d3ade593220f96027090a34aaf7ea92f41aab73e7a85eef87e956bb7c5c76a347264fd99359f4e57b0dcc2bcc188ea880a4b11a8bb81eb22b0ddfc689e3218cf310dcc61cab354149d9107d8a88b0aa5b5661555f00443aee5e714009e52cee5e88f008148ddbc0fa81bf938bed4a1ac778d5337cc0311d0772eeac3eab38426e8d1472ff514aa5379ed21551790cc10148410b4fc27582fd7106a8887a9a0b613dfe10aee77542d887208f5534f5dce4d43f258fc9ef975834e1917666e2aff1cebfc3ce2c1e8ff66bba1d9050000000000000078db7024bf321636bede8651e672ed4f01ba5da2c3f9042a8552bd3f2c9ad546ad0ea20b4d35fb0a15c6239f67c7747a40fe26a88adf727fd1b801b4e56fbffcad99ce68fe2af0d94fdc78d27268de435021dca51acaa7a9e0944bdf579c170db6405944b6791a7713ee54f650fdf71b57c3629fb185efce700620ef5744623be08ec935dd563e6ba0b461bda98b364acf3dcdafa9b0e68c21ea509212c2938aa09cc31aa4ee5bfb8e507181909f5854b13997af4888cd61c8aab5fdfd701a16d546e5a533cd9b985dcc582b67979551dcc750fc51f2c9b6814edeffc76a86ea9f58b7c66fa24540daf14c2163d064f8cf0b4878f81e6b8bc4dabc10dac82b39e033963a6d02434cb783a198829d1373790a85c0e01a362d89e80165d280283af3c2060000000000000034b12a73b0c53bfae5d2f6e55728052247adfe0966c6c5eca57918c4540c979a70a281ba00e408c9fe1b20fa208976dd6a56f9bd9a74d81447c9b265d8c23f0e983e0b1d2d62d1e57c9188e4882634476e62ab1b7415a58208eaaf166d14720092f79a6197fe8b4ea7d5485cc6b3630afed8d3403cfa4d7bf48efb371706e0e65901eea3743c98261cbb7a246cf62f99bbc918741d32539ec0754e7d7f08dd45aaf49623342eabf466e54d8da4346e73da54ba2e4b5e2ae2823864d4147b490e55c9509f75c8828500ac32cab11b0262e75fa9e39e3792d01e0b210fdfb686bfffdc677432f6332c1a27502b43997060acdf7784c79fed0325e06f6b64b6434ebf4730509bcf95b9a1d0ba7c469d55351cc1dce6c90f5872e7ad5eed5f850d9d1f928b4e0263b241e8fe03e5e66252c8a3bd320e8deee5b91c653b8f22f58cff36c2ba4d6774f14229939595d2beb998c9312212de00468fc488591aca07ab75fba4a318d3ee4581711927b77a7f14dbcd639892f8cb0000000000000080411736eb1ee86eec338197a56293c9cdb72e84155681553b896d58b62a96852320e74dc4c9b41d6f90d2353dc573a94a092a84209c12da57f8c78e161b0899eb1c8b694d26c5fbf7f65fefacdbf39151f335dddc3b179a13f6de93ffb338e94738c86e35e9fcc654e4d6618dc1201cbd16e1281df911e6c699da16fbbb7a2e5c77966c98d3e7edd58cabfe6bf1bb7f6329084e3e4a2a36da07bbac3ebc00472f55b7966f250109fcce0ad5d4526d20ef74d1a634d724"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x0, <r6=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000002ff0100000000000000000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r6, r5, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1f, 0x6, &(0x7f0000000cc0)=ANY=[@ANYRES32=r1], &(0x7f0000000080)='GPL\x00', 0x5, 0xb8, &(0x7f00000005c0)=""/184, 0x0, 0x41, '\x00', 0x0, @fallback=0x1c, r2, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, r6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000280)='sched_switch\x00', r7, 0x0, 0x20000000000}, 0x18)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000380)='source\xcf\x87\x86\x1bY\x0f\xde\xd6\xcd\xc0\x01\xd3\x19>K\x04\xfe\x86YG\xa5\x0f\xed\xa0\x9f\x1e\x14R\x9e\x04\xfa\xed\xd0TG&\x88\xeaz\x9aD\xf8Tt\x8c\x00{\x1fm\xfe\x9c\xf6_h\x9e\xfc\'', &(0x7f00000001c0)='sou\x01ce', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000440)={'team_slave_1\x00', &(0x7f0000000340)=@ethtool_eeprom={0x18, 0x2, 0x80000001}})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x9, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r9=>0x0})
sendto$packet(0xffffffffffffffff, &(0x7f00000003c0)="0b036800e0ff64000200475400f6a13bb10000000800884848", 0x19, 0x0, &(0x7f0000000140)={0x11, 0x0, r9}, 0x14)
r10 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(r10, 0x8955, &(0x7f0000000340)={{0x2, 0x0, @broadcast}, {0x0, @link_local}, 0xa, {0x2, 0x800, @multicast2}, 'wg0\x00'})
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e2a, @broadcast}, {0x0, @random="10414c9854c6"}, 0x4a, {}, 'veth1_to_bridge\x00'})
gettid()
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)

3.054202308s ago: executing program 2 (id=4020):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f00000000c0)=ANY=[], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write(0xffffffffffffffff, &(0x7f0000000140), 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x6a040000)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000003, 0x8008071, 0xffffffffffffffff, 0x2000)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x2404c000)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r6, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x4e22, 0x4, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000140)='batadv0\x00', 0x10)
sendmmsg$inet6(r6, &(0x7f0000000240), 0x0, 0x4000c000)
sendto$inet6(r6, &(0x7f0000000300), 0x16, 0x0, 0x0, 0xfffffffffffffdfd)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0xa, 0x3, 0x3a)

3.048112135s ago: executing program 3 (id=4021):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0a00000001000000e27f00000100000012000000", @ANYRES32, @ANYBLOB="000009005f1918d07b9df3d38751a229d0351917ecd1ca78594fa9d7c84f06b9d3c2a82e1e8ad6b60c3cd5a7cf6f88886a9d13988ff551eb57f22bec8cb06b36974da91a0a8ff125f46ccbaa86b5baaa96340fa469fa7f680df7e9a0d57ea0ef6176c692ecb8d46b56467c786d391c9b955b9344dcd2547f52a196bf0034a41a9f114835e45575df5f86a6d58706d314c8a3479c4c2ddb4882070ea7800e04df04c5978827be2048a4f9ca36cb9d4c5a1a209f1542", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r3 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
pwritev(r3, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3)
sendfile(r2, r2, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0xffffffff, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x7]})
ioctl$LOOP_SET_STATUS(r2, 0x4c02, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r2)
connect$inet6(r1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x7, 0xf, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffff9}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x1, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x14718, 0x40000}, [@IFLA_IFNAME={0x14, 0x3, 'batadv_slave_0\x00'}, @IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x4, 0x7, 0x0, 0x0, 0x6}, {0x8, 0x1c, 0x0, 0x0, 0xf}]}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000884}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@verity_on}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})

2.916885374s ago: executing program 4 (id=4022):
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0xee00, 0xffffffffffffffff}}, './file0\x00'}) (async)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r1, 0x4, 0x70bd28, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x6}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0xc000)
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r2, 0x4068aea3, &(0x7f0000000280)={0xbc, 0x0, 0x2}) (async, rerun: 32)
modify_ldt$write(0x1, &(0x7f0000000300)={0x0, 0x20000000, 0x400, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1}, 0x10) (async, rerun: 32)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4014f50b, &(0x7f0000000340)={0x0, 0x9615, 0xffffffffffffffff}) (async, rerun: 64)
r3 = shmget(0x0, 0x3000, 0x54000000, &(0x7f0000ffa000/0x3000)=nil) (rerun: 64)
shmat(r3, &(0x7f0000ffb000/0x1000)=nil, 0x4000) (async)
syz_genetlink_get_family_id$gtp(&(0x7f0000000380), r0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000400)={0xffffffffffffffff}, 0x1, 0x0, 0x0, 0x10}, 0x80000) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000004c0)=@generic={&(0x7f0000000480)='./file0\x00', r0}, 0x14) (async, rerun: 64)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000500)="3b0fd16f8135453ba9f5ee43036fe46fc7d1c3d01e0316495a20b670c4e89027af5722db3c308c3c2e5a620b8f95a15f6c43589c6ef79bbd09dd04dcf5f41c61164ba65c4edf2405f86a4a7d9a5acc237a9e4fdbff02340b3cc67108106729038d1b66893eb3a4b5e406e7e26873ed7a238968d5a49f59da7c86cf5aeba8b1ef34ab7b", 0x83) (async, rerun: 64)
socketpair(0xb, 0x2, 0x3783, &(0x7f00000005c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600)={<r7=>0x0}, &(0x7f0000000640)=0xc)
ioprio_set$pid(0x2, r7, 0x2007)
syz_emit_vhci(&(0x7f0000000680)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xdf}, "176baa6703073f27c07d539055825e3bf43843fa4d4c821384b88c43242466bc6170c083b4e33fa588feccd44ebfda0e828b07f6780f8689bf238f098f88749174d093d9e0bd2bc4f9591aa55a99fc37ef89c3005970f6fcba8bc77b880c83f88bb8f5aad4b2237eea815fdb43f81d7ddae3b280df393baabd58b5d68054ea8e4addc84cba9bbf9982ca8ca415f91a5b96cb2373344a24337cf289b6963a460750be78c0dcb3502ef1a1b16f1bdebf0ba1ed99f2a9f7e4fbe2a35f75b8060fd6b8441bcadd0c7e5109ba729284f1d6fa40eeea024cabdf8f20326952d1c9fd"}, 0xe3) (async)
syz_open_dev$hidraw(&(0x7f0000000780), 0x10001, 0x0)
mkdirat$cgroup_root(0xffffff9c, &(0x7f00000007c0)='./cgroup.net/syz1\x00', 0x1ff) (async)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r6, 0x84, 0xf, &(0x7f0000000800)={<r8=>0x0, @in6={{0xa, 0x4e21, 0x4, @private2, 0x9}}, 0x200, 0x7f4, 0xa084, 0x1, 0x3}, &(0x7f00000008c0)=0x98)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000900)={0x0, 0x6d7, 0x2800000, 0x4, 0x5, 0xd8b8, 0x7f, 0x3, {r8, @in={{0x2, 0x4e21, @remote}}, 0x17e, 0xfffffffe, 0x5, 0x8000, 0x4}}, &(0x7f00000009c0)=0xb0) (async)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r5, 0x84, 0x1b, &(0x7f0000000a00)={r8, 0xbe, "814552d4fd091e2bbd50376c6edd5ff918e58fe92046170d140b1cd82134e808dbda7f606bcba97848e198a8ff0cb0198046f3f18920ac2e12cde0af34b43151e2a841f5e100388aae89dc669c1ea7d2a3d09eebe914a22f99ac5ad8d913e0259c74e5d18e09ad8514497dbaa9ab82ec66cff7379e966b828f17a2d0b51a434972710c9593188599a2ec90ba87c7bc8a679c382d319640c24951fc8653bf21cedb8833e6755f5d7f8a7cde5501ece9121b24525c8a1e4b89de4bcf5980ed"}, &(0x7f0000000b00)=0xc6)
set_thread_area(&(0x7f0000000b40)={0x2000, 0xffffffffffffffff, 0x1000, 0x0, 0x2, 0x0, 0x0, 0x1}) (async)
r9 = openat$mice(0xffffff9c, &(0x7f0000000b80), 0x48402)
mknodat$loop(r9, &(0x7f0000000bc0)='./file0\x00', 0x2, 0x0) (async, rerun: 64)
mprotect(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x9) (async, rerun: 64)
r10 = openat$ttyS3(0xffffff9c, &(0x7f0000000c00), 0x2000, 0x0)
ioctl$TIOCGWINSZ(r10, 0x5413, &(0x7f0000000c40))

2.91654032s ago: executing program 3 (id=4023):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
socket(0x1, 0x803, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="90000000210000082bbd7000f8dbdf250500000008", @ANYRES32=0x0, @ANYBLOB], 0x90}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c880)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0xffff}}]}, {0x4}, {0xc}, {0xc}}}, @m_ct={0x44, 0x4, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x3, 0x0, 0x7}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x24008800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$kcm(0x2, 0x922000000001, 0x106)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
r7 = socket$inet(0x2, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f0000000000)={'ipvlan1\x00', {0x2, 0x0, @broadcast=0xac141436}})
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0xc102, 0x0)
sendfile(r8, r8, 0x0, 0x40008)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newtaction={0x14, 0x30, 0x400, 0x0, 0x0, {0x0, 0x0, 0x6a00}}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, 0x0)

2.91613084s ago: executing program 4 (id=4024):
syz_open_dev$sndpcmp(&(0x7f0000000300), 0x0, 0x28002)
r0 = syz_io_uring_setup(0x110, &(0x7f0000000380)={0x0, 0x5885, 0x80, 0xfffffffd, 0x216}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_emit_ethernet(0x22, &(0x7f0000000840)=ANY=[@ANYBLOB="aaaaaaaaaaaa429e82211cf8080045020014006700000267907844010100ffffffff"], 0x0)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/igmp\x00')
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000051c0)=[{{&(0x7f0000000540)=@rc={0x1f, @fixed}, 0x80, 0x0}, 0xd}, {{&(0x7f0000000980)=@l2={0x1f, 0x0, @none}, 0x80, 0x0}, 0x1}], 0x2, 0x40012162, 0x0)
io_uring_enter(r2, 0x5606, 0x9e76, 0x10, &(0x7f0000000400)={[0x62, 0x7ff]}, 0x8)
connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r5=>0x0})
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
recvmmsg(r6, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendto$packet(r4, &(0x7f00000000c0)="3f03fe7f0300140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f00000005c0)={0x60c4})
sendmsg$TIPC_CMD_GET_LINKS(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r8, 0x1, 0x0, 0x0, {{}, {}, {0x8}}}, 0x24}}, 0x0)
sendmsg$TIPC_CMD_DISABLE_BEARER(r2, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r8, 0x400, 0x70bd2d, 0x25dfdbfe, {{}, {}, {0x18, 0x13, @l2={'eth', 0x3a, 'batadv_slave_1\x00'}}}, ["", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x4000005}, 0x40084)
sendmmsg$sock(r3, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0)
pread64(r2, &(0x7f0000000180)=""/15, 0xfffffe9c, 0xb6)

2.41008949s ago: executing program 0 (id=4025):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

2.179825749s ago: executing program 0 (id=4026):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x47f, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x29}}}}]}}]}}, 0x0)

2.009485942s ago: executing program 4 (id=4027):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f00000001c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000700)='d\x9f\xcc\'K\x97s\xd6\x1b\x94\xc5\xc8\xee\xedS\x9a\x9a\xec\xf6W-\x0e\xfa\xd48`_\'\x00\x80\xb4\xb2\xe1\x9a\\!\x86\x10R\xf3oz\\\xb3+m\xb47\x14\x99\x0f\xd6\x9cYn*~\xdf~\x99x\x98\x9f\x89\x8c\x86\x13\xf7\xc6\xa4\xa9\xfe\x06d+\xd57\x1a\x8e\xc3GM\x11\x8c4w\x1e\xc5\xea\xf2\xc7#\xffuq\x82\xebr\xc6\x16\x99\xc35_\xbe29K\xad\xc2\xb5+2\xfe\x88\xb0\x9e\xc6P\xc5\xd9\xb5M^\x81\xdf\x00\x00\xf8\xb3@p\xa3y\xbd\'\xd5\xea\xed\xdc\xc2\x12Zu\f\x98=\xc3\n\x93\xf3Y\xc0\x02\x98\xe4Y\x91t\xf4\xf2\xae|\xb7\xb8\x81o\xd5\xb2^\xdf+m\xddJ\xc8\xac\xbe\xd6\x02\xb7|]\x9a\\ \xa0a=\x92X\a\x99\xc0l\x17I\x02i\xa4A\x8a\x1d\xb5Xt\xbck\xc1nU\x9f\xd3\\_\x80\xa7\xc7\xa2\xae\xe3\x95l]\x91\n}\x12\x93k\xf8DN\x0fGeN\x00\xb8\xc9\xabO\xd7\xfc\xa5u\xcf\x1c\x87\x06\x03\xc2\x9a2\x83\xaf\xd5\xee\xc8_\xbe\xfb\xb6\xa2\xe6\xad;\xfbC\x11\xb9\x84{\x9fr\x9b\x14\xf9\x00\x10\x1e\xcd\'%\x1d\x06\xdbe\xcd\xb8\xb1\x7f\xd2r\x1b\x84\xd6\'\x13\x9e>\x938\x0ef7\x8btv\bO\xe0$C\x95\x02\xb0\x91\xfewY\x1b\x05^\x85L\v\xd7]\xc8\xb3\x9d2g\xfc\x1b*\x02\x8d\xde\xeb\x06H\x1f/\xd2,\rR\x83L\xf3\x99\xc0\x11\x00\xd4\xbf*\xe6q\xa8\x9c\xf7\x1dh\x88\xf9\xb7\xf8x\x1bG\x90\x91rPK\xdeOX\x87', &(0x7f0000000440)='+\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
r5 = creat(&(0x7f00000001c0)='./file0\x00', 0x8)
read$FUSE(r5, &(0x7f000000c400)={0x2020}, 0xfffffffffffffce1)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18001000000000000080006c55ffffff9500"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
read$FUSE(r6, &(0x7f0000000980)={0x2020}, 0x2020)
syz_emit_ethernet(0x3a, &(0x7f0000000080)=ANY=[], 0x0)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000300)='mmap_lock_acquire_returned\x00', r0}, 0x18)
ioctl(r7, 0x86c8, &(0x7f0000000240)="b42f84648419f9f233dfd60e86746ac9cddd59a6c71f3d96cd37421cb7fb2ab9833d6d875cdb8dff54be558149485b3f10a0063530d260b60bbc57e87bec059649f65aefdf78")

1.90995095s ago: executing program 3 (id=4028):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000f00)=[{{&(0x7f0000000300)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000100)='k', 0x1}], 0x1}}, {{&(0x7f0000000040)={0xa, 0x4e23, 0x4, @local, 0x6}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000080)="b6", 0x1}], 0x1}}], 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
setsockopt$PNPIPE_ENCAP(r2, 0x113, 0x1, &(0x7f0000000240), 0x4)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = fsopen(&(0x7f0000000180)='virtiofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000bc7ef9642d29ba564165605dca29708efdf9b15a5c10a126121b2751f642635bcd9a8bf7a928a5d054b0d2c54d519ea75c52f41ed6f2886973626b684c8bd9108c0b0b2ea7e556948f0367aff4fbcede3294f6e73d06ad16dc2d26725ff833b5f83b499918e6a6ec245b781d41aee9624c847e2f2312d6b9db45bad354fc1a3f20407ffe406483a0524937ee7559e4bf70136746b37fdfbbb152758d37ed8bcac41fb7243bdcd536249c7996e898b61927eaa5a8790054ba13d3ade593220f96027090a34aaf7ea92f41aab73e7a85eef87e956bb7c5c76a347264fd99359f4e57b0dcc2bcc188ea880a4b11a8bb81eb22b0ddfc689e3218cf310dcc61cab354149d9107d8a88b0aa5b5661555f00443aee5e714009e52cee5e88f008148ddbc0fa81bf938bed4a1ac778d5337cc0311d0772eeac3eab38426e8d1472ff514aa5379ed21551790cc10148410b4fc27582fd7106a8887a9a0b613dfe10aee77542d887208f5534f5dce4d43f258fc9ef975834e1917666e2aff1cebfc3ce2c1e8ff66bba1d9050000000000000078db7024bf321636bede8651e672ed4f01ba5da2c3f9042a8552bd3f2c9ad546ad0ea20b4d35fb0a15c6239f67c7747a40fe26a88adf727fd1b801b4e56fbffcad99ce68fe2af0d94fdc78d27268de435021dca51acaa7a9e0944bdf579c170db6405944b6791a7713ee54f650fdf71b57c3629fb185efce700620ef5744623be08ec935dd563e6ba0b461bda98b364acf3dcdafa9b0e68c21ea509212c2938aa09cc31aa4ee5bfb8e507181909f5854b13997af4888cd61c8aab5fdfd701a16d546e5a533cd9b985dcc582b67979551dcc750fc51f2c9b6814edeffc76a86ea9f58b7c66fa24540daf14c2163d064f8cf0b4878f81e6b8bc4dabc10dac82b39e033963a6d02434cb783a198829d1373790a85c0e01a362d89e80165d280283af3c2060000000000000034b12a73b0c53bfae5d2f6e55728052247adfe0966c6c5eca57918c4540c979a70a281ba00e408c9fe1b20fa208976dd6a56f9bd9a74d81447c9b265d8c23f0e983e0b1d2d62d1e57c9188e4882634476e62ab1b7415a58208eaaf166d14720092f79a6197fe8b4ea7d5485cc6b3630afed8d3403cfa4d7bf48efb371706e0e65901eea3743c98261cbb7a246cf62f99bbc918741d32539ec0754e7d7f08dd45aaf49623342eabf466e54d8da4346e73da54ba2e4b5e2ae2823864d4147b490e55c9509f75c8828500ac32cab11b0262e75fa9e39e3792d01e0b210fdfb686bfffdc677432f6332c1a27502b43997060acdf7784c79fed0325e06f6b64b6434ebf4730509bcf95b9a1d0ba7c469d55351cc1dce6c90f5872e7ad5eed5f850d9d1f928b4e0263b241e8fe03e5e66252c8a3bd320e8deee5b91c653b8f22f58cff36c2ba4d6774f14229939595d2beb998c9312212de00468fc488591aca07ab75fba4a318d3ee4581711927b77a7f14dbcd639892f8cb0000000000000080411736eb1ee86eec338197a56293c9cdb72e84155681553b896d58b62a96852320e74dc4c9b41d6f90d2353dc573a94a092a84209c12da57f8c78e161b0899eb1c8b694d26c5fbf7f65fefacdbf39151f335dddc3b179a13f6de93ffb338e94738c86e35e9fcc654e4d6618dc1201cbd16e1281df911e6c699da16fbbb7a2e5c77966c98d3e7edd58cabfe6bf1bb7f6329084e3e4a2a36da07bbac3ebc00472f55b7966f250109fcce0ad5d4526d20ef74d1a634d724"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0x0, <r6=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1c, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000002ff0100000000000000000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r6, r5, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1f, 0x6, &(0x7f0000000cc0)=ANY=[@ANYRES32=r1], &(0x7f0000000080)='GPL\x00', 0x5, 0xb8, &(0x7f00000005c0)=""/184, 0x0, 0x41, '\x00', 0x0, @fallback=0x1c, r2, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, r6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000280)='sched_switch\x00', r7, 0x0, 0x20000000000}, 0x18)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000380)='source\xcf\x87\x86\x1bY\x0f\xde\xd6\xcd\xc0\x01\xd3\x19>K\x04\xfe\x86YG\xa5\x0f\xed\xa0\x9f\x1e\x14R\x9e\x04\xfa\xed\xd0TG&\x88\xeaz\x9aD\xf8Tt\x8c\x00{\x1fm\xfe\x9c\xf6_h\x9e\xfc\'', &(0x7f00000001c0)='sou\x01ce', 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r8, 0x107, 0x9, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r9=>0x0})
sendto$packet(r8, &(0x7f00000003c0)="0b036800e0ff64000200475400f6a13bb10000000800884848", 0x19, 0x0, &(0x7f0000000140)={0x11, 0x0, r9}, 0x14)
r10 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(r10, 0x8955, &(0x7f0000000340)={{0x2, 0x0, @broadcast}, {0x0, @link_local}, 0xa, {0x2, 0x800, @multicast2}, 'wg0\x00'})
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e2a, @broadcast}, {0x0, @random="10414c9854c6"}, 0x4a, {}, 'veth1_to_bridge\x00'})
gettid()
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)

1.399263735s ago: executing program 3 (id=4029):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x2, 0x80805, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtclass={0x70, 0x28, 0x400, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x10, 0xfff3}, {0x1, 0x9}, {0xf, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x3, 0x1}}, @tclass_kind_options=@c_cake={0x9}, @tclass_kind_options=@c_multiq={0xb}, @tclass_kind_options=@c_cbs={0x8}, @tclass_kind_options=@c_prio={0x9}, @TCA_RATE={0x6, 0x5, {0x1, 0x5f}}, @TCA_RATE={0x6, 0x5, {0x3, 0x5}}, @TCA_RATE={0x6, 0x5, {0x40, 0xcd}}]}, 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
write$dsp(0xffffffffffffffff, &(0x7f0000002000)='`', 0x88020)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x24000040)
mount$9p_virtio(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000440), 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r0)
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r5, 0x0, 0x4810)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, r5}, './file0\x00'})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4ed8ee5a90e2bf26, 0x4c831, 0xffffffffffffffff, 0x0)

1.11998975s ago: executing program 4 (id=4030):
syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x0)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000), &(0x7f0000000280))
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r1, 0x0)
fsetxattr$security_evm(r0, &(0x7f0000000080), &(0x7f00000001c0)=@ng={0x4, 0x11, "9240379730fe7cd835431e"}, 0xd, 0x2)
userfaultfd(0x80001)
setrlimit(0x40000000000008, &(0x7f0000000000)={0x4848, 0xfffffffffffff006})
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_dev$video(&(0x7f0000000180), 0x3ff, 0x2000)
r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioperm(0x0, 0x9, 0x5)
inotify_init1(0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x3, "ee0700000000000000000200"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
ioctl$TCSETAF(r3, 0x5408, &(0x7f00000000c0)={0x1, 0xff, 0x5, 0xfffc, 0x0, "f682756c98cc948c"})
ioctl$VIDIOC_STREAMOFF(r2, 0x40045613, &(0x7f0000000200)=0x1)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c0000000706010100000000000000000000000005000100070000007926835efff460be34c2e847066b27afb51f00e4cc7e73a1f5085ffdc7075c8e18ae907a71a94ee5e40d1b21036803b8d9d37623c09dd05572fb895c6f05074168d69e7a81dbcb9429940f71e19510033b7d206e1b4cfaa9d33d7e7b5cd5e3a4d0c837d7aafaf29861146b76dcfbf6d17a416aca"], 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x24044894)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="5001180010000100ff80000000020000ac1414bb000000000000000000000000000000000000000000000000000000004e2400004e2000"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000032000000ac1414aa0000000000000000000000000300000000000000060000000000000004ef00000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000a000000cd0000004800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c001700000000000000000000000000000000000000000000000000ee6d"], 0x150}}, 0x0)
mmap(&(0x7f000085e000/0x3000)=nil, 0x3000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)

329.106054ms ago: executing program 3 (id=4031):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0a00000001000000e27f00000100000012000000", @ANYRES32, @ANYBLOB="000009005f1918d07b9df3d38751a229d0351917ecd1ca78594fa9d7c84f06b9d3c2a82e1e8ad6b60c3cd5a7cf6f88886a9d13988ff551eb57f22bec8cb06b36974da91a0a8ff125f46ccbaa86b5baaa96340fa469fa7f680df7e9a0d57ea0ef6176c692ecb8d46b56467c786d391c9b955b9344dcd2547f52a196bf0034a41a9f114835e45575df5f86a6d58706d314c8a3479c4c2ddb4882070ea7800e04df04c5978827be2048a4f9ca36cb9d4c5a1a209f1542", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r3 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
pwritev(r3, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3)
sendfile(r2, r2, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0xffffffff, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x7]})
ioctl$LOOP_SET_STATUS(r2, 0x4c02, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r2)
connect$inet6(r1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x7, 0xf, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffff9}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x1, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x14718, 0x40000}, [@IFLA_IFNAME={0x14, 0x3, 'batadv_slave_0\x00'}, @IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x4, 0x7, 0x0, 0x0, 0x6}, {0x8, 0x1c, 0x0, 0x0, 0xf}]}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000884}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@verity_on}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})

200.133217ms ago: executing program 4 (id=4032):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, 0x0, r4, 0x0, 0x276)
ioctl$SNDCTL_DSP_STEREO(r3, 0xc0045003, &(0x7f0000000000)=0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f00000000c0)={0xd000})
copy_file_range(r4, &(0x7f0000000040)=0x5, r0, &(0x7f0000000080)=0x5, 0x6, 0x0)

199.136908ms ago: executing program 3 (id=4033):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x9}, 0x1c)
listen(r4, 0x3)
setsockopt$inet6_int(r4, 0x29, 0xb, &(0x7f0000000100)=0x400, 0x4)
r5 = socket(0x10, 0x3, 0x0)
syz_open_dev$evdev(&(0x7f00000023c0), 0x6, 0x14480)
recvmmsg(r5, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
write(r5, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000001d00000000000000050009000d000000", 0x24)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f0000001fc0)=""/184, 0x20002078)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000300), 0x106, 0x8}}, 0x20)

119.919093ms ago: executing program 4 (id=4034):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=@newtaction={0x148, 0x30, 0x8, 0x70bd2c, 0x25dfdbfb, {}, [{0x134, 0x1, [@m_mpls={0x130, 0x10, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_MPLS_BOS={0x5, 0x8, 0xff}]}, {0xfc, 0x6, "251b5a91f66ac8a7690d134fed059aabdb397977a4d755dcb4b8fc84af8072da0fdc9a8d2309c577db2d854e8aaf3f75fb26d7c4c0000dc8f555c43a524b7b2bfc349537771eb4859895adf81856220b29533145e93a7719e6c65ed82edad6ca31f5c5ce3c6b2db69aab54c6b33460b2852d5bb9ebda4eab5f2a940a793a61020d9da0eddce55e1fe74c6e3cf037f4e0311ff264aa9a0f3dfdced92684780ee9908acbd116b99de749d737ce83f93d156af93541450e535eef4f1e8d5a04d3a0019879b93e1ebbae66dc8fdaf27bddea54f01096d9249d128e6e5c6dd383f6ca388a72d59f1802d582e06774c8f937da68b45878d0e1bf3e"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
listen(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f0000000400)='_', 0x1, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r6 = add_key$user(&(0x7f0000006400), &(0x7f0000000340)={'syz', 0x3}, &(0x7f0000000680)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b0204dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc77a9b3df93199c796fa597f452bed6b6fbcc812df9be8e35d8d15086609c033a5d2a42d5dcb0d103098fa302c5b1913f8b22a30a47d9ae02000000e2b855845f39806305f56d918cc5b4023fdbe9cae4147c84583ec9dd37503131f237397e5fe3ce372297ec48108dcaba5ae65e31f00e641832d29ed658b91fed83e6fd480be0e3100965f081190bbb39a5965ceaa76975b88885041ff4e66e618d6c37c787f014eadb6c9f659ae43f57608e09d620830a3a9189603da1d8f0b721343051ada4dcfdf8af5d0ae8f263d2b210619783173488fa07dde59cc90e0e72167125bf0d4957223724f2f2286d4c405931db3e7b75e88a784b7454d2", 0x189, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r4, r5, r6}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)={{0x14}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

0s ago: executing program 2 (id=4035):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_buf(r0, 0x1, 0x49, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

kernel console output (not intermixed with test programs):

 USB disconnect, device number 45
[  484.417680][T18863] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  484.483241][T18838] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  484.488507][T18838] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  484.495287][T18838] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  484.500873][T18838] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  484.558335][T18838] 8021q: adding VLAN 0 to HW filter on device bond0
[  484.569168][T18838] 8021q: adding VLAN 0 to HW filter on device team0
[  484.575069][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[  484.577361][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  484.583575][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[  484.585822][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  484.713587][T18838] 8021q: adding VLAN 0 to HW filter on device batadv0
[  484.797206][ T5992] usb 7-1: new high-speed USB device number 49 using dummy_hcd
[  484.830033][T18838] veth0_vlan: entered promiscuous mode
[  484.835435][T18880] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  484.835604][T18838] veth1_vlan: entered promiscuous mode
[  484.856059][T18838] veth0_macvtap: entered promiscuous mode
[  484.862452][T18838] veth1_macvtap: entered promiscuous mode
[  484.873424][T18838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  484.876698][T18838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.880899][T18838] batman_adv: batadv0: Interface activated: batadv_slave_0
[  484.886355][T18838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.890238][T18838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.894539][T18838] batman_adv: batadv0: Interface activated: batadv_slave_1
[  484.910404][T18838] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  484.913356][T18838] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  484.916056][T18838] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  484.919978][T18838] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  484.955405][ T5992] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  484.960619][ T5992] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  484.964492][ T5992] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  484.968455][ T9028] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  484.969551][ T5992] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  484.972305][ T9028] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  484.975846][ T5992] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.983782][ T5992] usb 7-1: config 0 descriptor??
[  484.989564][ T9028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  484.992432][ T9028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  485.196399][T18899] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3384'.
[  485.257151][T17063] Bluetooth: hci0: command tx timeout
[  485.847026][   T10] usb 8-1: new high-speed USB device number 46 using dummy_hcd
[  486.001972][   T10] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  486.004788][   T10] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  486.008318][   T10] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  486.011254][   T10] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  486.014753][   T10] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  486.020576][   T10] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  486.023385][   T10] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  486.025833][   T10] usb 8-1: Product: syz
[  486.027618][   T10] usb 8-1: Manufacturer: syz
[  486.033386][   T10] cdc_wdm 8-1:1.0: skipping garbage
[  486.035038][   T10] cdc_wdm 8-1:1.0: skipping garbage
[  486.039152][   T10] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  486.041104][   T10] cdc_wdm 8-1:1.0: Unknown control protocol
[  486.466274][T18917] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  486.750902][ T2149] usb 8-1: USB disconnect, device number 46
[  487.337204][T17063] Bluetooth: hci0: command tx timeout
[  487.386273][ T5992] usbhid 7-1:0.0: can't add hid device: -71
[  487.391807][ T5992] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  487.405142][ T5992] usb 7-1: USB disconnect, device number 49
[  487.805296][T18939] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  488.868825][T18965] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  489.066991][  T835] usb 9-1: new high-speed USB device number 32 using dummy_hcd
[  489.223812][  T835] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  489.227696][  T835] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  489.230721][  T835] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  489.243517][  T835] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  489.247425][  T835] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.257951][  T835] usb 9-1: config 0 descriptor??
[  489.417264][T17063] Bluetooth: hci0: command tx timeout
[  489.812079][T18981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3403'.
[  490.252584][T18994] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  490.565652][T19005] Cannot find del_set index 3 as target
[  490.593175][T19005] netlink: 'syz.3.3409': attribute type 11 has an invalid length.
[  490.596495][T19005] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3409'.
[  491.025522][T19017] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  491.427105][ T6037] usb 7-1: new high-speed USB device number 50 using dummy_hcd
[  491.487057][T17063] Bluetooth: hci0: command tx timeout
[  491.588635][ T6037] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  491.593855][ T6037] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  491.597203][ T6037] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.599943][ T6037] usb 7-1: Product: syz
[  491.601336][ T6037] usb 7-1: Manufacturer: syz
[  491.602875][ T6037] usb 7-1: SerialNumber: syz
[  491.642059][  T835] usbhid 9-1:0.0: can't add hid device: -71
[  491.644190][  T835] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  491.652323][  T835] usb 9-1: USB disconnect, device number 32
[  491.918562][ T6037] cdc_ncm 7-1:1.0: skipping garbage
[  491.920171][ T6037] cdc_ncm 7-1:1.0: NCM or ECM functional descriptors missing
[  491.922437][ T6037] cdc_ncm 7-1:1.0: bind() failure
[  491.925739][ T6037] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found
[  491.930844][ T6037] cdc_ncm 7-1:1.1: bind() failure
[  491.936264][ T6037] usb 7-1: USB disconnect, device number 50
[  492.511337][T19061] syz_tun: entered allmulticast mode
[  492.519097][T19061] loop2: detected capacity change from 0 to 7
[  492.522111][T13057] Dev loop2: unable to read RDB block 7
[  492.524522][T13057]  loop2: unable to read partition table
[  492.527903][T13057] loop2: partition table beyond EOD, truncated
[  492.532904][T19061] Dev loop2: unable to read RDB block 7
[  492.534704][T19061]  loop2: unable to read partition table
[  492.536555][T19061] loop2: partition table beyond EOD, truncated
[  492.553010][T19061] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  492.560397][T19057] Cannot find del_set index 3 as target
[  492.569261][T19057] netlink: 'syz.4.3423': attribute type 11 has an invalid length.
[  492.570725][T19060] syz_tun: left allmulticast mode
[  492.571810][T19057] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3423'.
[  492.577508][   T40] audit: type=1326 audit(1745971076.216:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19062 comm="syz.3.3425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7ffc0000
[  492.586317][   T40] audit: type=1326 audit(1745971076.216:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19062 comm="syz.3.3425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7ffc0000
[  492.606355][   T40] audit: type=1326 audit(1745971076.246:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19062 comm="syz.3.3425" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7f68579 code=0x7ffc0000
[  492.622555][T19063] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  492.657431][   T40] audit: type=1326 audit(1745971076.246:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19062 comm="syz.3.3425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7ffc0000
[  492.678629][   T40] audit: type=1326 audit(1745971076.246:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19062 comm="syz.3.3425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7ffc0000
[  492.685271][   T40] audit: type=1326 audit(1745971076.246:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19062 comm="syz.3.3425" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f68579 code=0x7ffc0000
[  492.723650][   T40] audit: type=1326 audit(1745971076.246:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19062 comm="syz.3.3425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7ffc0000
[  492.732227][   T40] audit: type=1326 audit(1745971076.246:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19062 comm="syz.3.3425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7ffc0000
[  492.739388][   T40] audit: type=1326 audit(1745971076.246:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19062 comm="syz.3.3425" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f68579 code=0x7ffc0000
[  492.746456][   T40] audit: type=1326 audit(1745971076.246:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19062 comm="syz.3.3425" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7ffc0000
[  493.109877][T19083] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  493.397157][ T6007] usb 8-1: new high-speed USB device number 47 using dummy_hcd
[  493.548184][ T6007] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  493.548203][ T6007] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  493.548214][ T6007] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  493.548233][ T6007] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  493.548244][ T6007] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  493.549483][ T6007] usb 8-1: config 0 descriptor??
[  494.230724][T19109] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3781544950 (3781544950 ns) > initial count (699260337 ns). Using initial count to start timer.
[  494.857707][T19112] Cannot find del_set index 3 as target
[  494.861990][T19112] netlink: 'syz.2.3439': attribute type 11 has an invalid length.
[  494.864534][T19112] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3439'.
[  494.978100][T19117] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  495.267110][  T835] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  495.295651][T19124] overlayfs: failed to resolve './file0': -2
[  495.427000][  T835] usb 5-1: Using ep0 maxpacket: 8
[  495.432075][  T835] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  495.438112][  T835] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  495.441892][  T835] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  495.445218][  T835] usb 5-1: Product: ᆾ幖Ⳁ磬∔䐉鞨穌詹㲻允歬
[  495.448203][  T835] usb 5-1: Manufacturer: 《
[  495.450110][  T835] usb 5-1: SerialNumber: syz
[  495.900319][  T835] cdc_ncm 5-1:1.0: bind() failure
[  495.904305][  T835] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  495.906507][  T835] cdc_ncm 5-1:1.1: bind() failure
[  495.911643][  T835] usb 5-1: USB disconnect, device number 33
[  495.970440][ T6007] usbhid 8-1:0.0: can't add hid device: -71
[  495.972936][ T6007] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  495.987101][ T6007] usb 8-1: USB disconnect, device number 47
[  496.121648][T19135] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3446'.
[  496.667056][  T835] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  496.831044][  T835] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  496.834496][  T835] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  496.838262][  T835] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  496.841503][  T835] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  496.845219][  T835] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  496.852899][  T835] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  496.856139][  T835] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  496.859335][  T835] usb 5-1: Product: syz
[  496.860955][  T835] usb 5-1: Manufacturer: syz
[  496.866886][  T835] cdc_wdm 5-1:1.0: skipping garbage
[  496.869220][  T835] cdc_wdm 5-1:1.0: skipping garbage
[  496.872479][  T835] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  496.874931][  T835] cdc_wdm 5-1:1.0: Unknown control protocol
[  496.950695][T19145] Cannot find del_set index 3 as target
[  496.958202][T19145] netlink: 'syz.2.3449': attribute type 11 has an invalid length.
[  496.960681][T19145] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3449'.
[  497.617105][ T5980] usb 7-1: new high-speed USB device number 51 using dummy_hcd
[  497.693911][ T6037] usb 5-1: USB disconnect, device number 34
[  497.760910][T19172] overlayfs: failed to resolve './file0': -2
[  497.778371][ T5980] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  497.781023][ T5980] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  497.784212][ T5980] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  497.787452][ T5980] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  497.790908][ T5980] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  497.795995][ T5980] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  497.799245][ T5980] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  497.801588][ T5980] usb 7-1: Product: syz
[  497.802902][ T5980] usb 7-1: Manufacturer: syz
[  497.809055][ T5980] cdc_wdm 7-1:1.0: skipping garbage
[  497.810740][ T5980] cdc_wdm 7-1:1.0: skipping garbage
[  497.813207][ T5980] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  497.815124][ T5980] cdc_wdm 7-1:1.0: Unknown control protocol
[  497.937045][ T2149] usb 8-1: new high-speed USB device number 48 using dummy_hcd
[  498.099896][ T2149] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  498.103476][ T2149] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  498.107963][ T2149] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  498.111650][ T2149] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  498.116091][ T2149] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  498.121394][ T2149] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  498.124191][ T2149] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  498.126650][ T2149] usb 8-1: Product: syz
[  498.128253][ T2149] usb 8-1: Manufacturer: syz
[  498.134347][ T2149] cdc_wdm 8-1:1.0: skipping garbage
[  498.136009][ T2149] cdc_wdm 8-1:1.0: skipping garbage
[  498.138595][ T2149] cdc_wdm 8-1:1.0: cdc-wdm1: USB WDM device
[  498.140426][ T2149] cdc_wdm 8-1:1.0: Unknown control protocol
[  498.357278][ T6007] usb 8-1: USB disconnect, device number 48
[  498.539922][T19188] Cannot find del_set index 3 as target
[  498.542940][T19188] netlink: 'syz.4.3458': attribute type 11 has an invalid length.
[  498.545733][T19188] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3458'.
[  498.584915][ T5980] usb 7-1: USB disconnect, device number 51
[  498.992527][T19195] overlayfs: failed to resolve './file0': -2
[  499.387026][ T5980] usb 7-1: new high-speed USB device number 52 using dummy_hcd
[  499.539369][ T5980] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  499.740446][T19212] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  499.861309][ T5980] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  499.865518][ T5980] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  499.870240][ T5980] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  499.874816][ T5980] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  499.885731][ T5980] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  499.889794][ T5980] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  499.893170][ T5980] usb 7-1: Product: syz
[  499.895049][ T5980] usb 7-1: Manufacturer: syz
[  499.909166][ T5980] cdc_wdm 7-1:1.0: skipping garbage
[  499.911430][ T5980] cdc_wdm 7-1:1.0: skipping garbage
[  499.914898][ T5980] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  499.917792][ T5980] cdc_wdm 7-1:1.0: Unknown control protocol
[  500.022737][T19219] overlayfs: failed to resolve './file0': -2
[  500.103697][T19222] overlayfs: disabling nfs_export due to verity=on
[  500.105774][T19222] overlayfs: missing 'lowerdir'
[  500.329209][T19224] Cannot find del_set index 3 as target
[  500.331876][T19224] netlink: 'syz.0.3468': attribute type 11 has an invalid length.
[  500.334337][T19224] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3468'.
[  500.590690][ T6037] usb 7-1: USB disconnect, device number 52
[  500.647059][ T5980] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  500.776616][T19238] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3471'.
[  500.813507][ T5980] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  500.820768][ T5980] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  500.825095][ T5980] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  500.829047][ T5980] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  500.833331][ T5980] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  500.841725][ T5980] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  500.845399][ T5980] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  500.848717][ T5980] usb 5-1: Product: syz
[  500.850015][ T5980] usb 5-1: Manufacturer: syz
[  500.854084][ T5980] cdc_wdm 5-1:1.0: skipping garbage
[  500.855859][ T5980] cdc_wdm 5-1:1.0: skipping garbage
[  500.858449][ T5980] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  500.860599][ T5980] cdc_wdm 5-1:1.0: Unknown control protocol
[  501.056566][ T5980] usb 5-1: USB disconnect, device number 35
[  501.264123][T19247] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3474'.
[  501.520388][T19254] overlayfs: disabling nfs_export due to verity=on
[  501.522486][T19254] overlayfs: missing 'lowerdir'
[  501.840823][T19261] Cannot find del_set index 3 as target
[  501.843563][T19261] netlink: 'syz.4.3477': attribute type 11 has an invalid length.
[  501.845986][T19261] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3477'.
[  501.970209][T19272] lo speed is unknown, defaulting to 1000
[  501.979254][T19272] lo speed is unknown, defaulting to 1000
[  501.986500][T19266] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  501.988315][T19272] lo speed is unknown, defaulting to 1000
[  502.272162][ T5992] lo speed is unknown, defaulting to 1000
[  502.274688][T19272] infiniband s
z1: set active
[  502.276650][T19272] infiniband s
z1: added lo
[  502.313090][T19290] Bluetooth: MGMT ver 1.23
[  502.319019][T19272] RDS/IB: s
z1: added
[  502.332203][T19272] smc: adding ib device s
z1 with port count 1
[  502.334701][T19272] smc:    ib device s
z1 port 1 has pnetid 
[  502.338626][ T6007] lo speed is unknown, defaulting to 1000
[  502.344445][T19272] lo speed is unknown, defaulting to 1000
[  502.435928][T19296] overlayfs: disabling nfs_export due to verity=on
[  502.438685][T19296] overlayfs: missing 'lowerdir'
[  502.742720][T19299] Cannot find del_set index 3 as target
[  502.746367][T19299] netlink: 'syz.2.3489': attribute type 11 has an invalid length.
[  502.748956][T19299] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3489'.
[  502.812659][ T5992] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  502.917173][T19272] lo speed is unknown, defaulting to 1000
[  502.988891][ T5992] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  503.004317][ T5992] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  503.046823][ T5992] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  503.082562][ T5992] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  503.092298][ T5992] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  503.104861][ T5992] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  503.113994][ T5992] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  503.121751][ T5992] usb 5-1: Product: syz
[  503.125174][ T5992] usb 5-1: Manufacturer: syz
[  503.142730][ T5992] cdc_wdm 5-1:1.0: skipping garbage
[  503.148646][ T5992] cdc_wdm 5-1:1.0: skipping garbage
[  503.164117][ T5992] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  503.170239][ T5992] cdc_wdm 5-1:1.0: Unknown control protocol
[  503.246227][T19272] lo speed is unknown, defaulting to 1000
[  503.336453][T19272] lo speed is unknown, defaulting to 1000
[  503.342343][ T6037] usb 5-1: USB disconnect, device number 36
[  503.445530][T19309] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  503.603915][T19272] lo speed is unknown, defaulting to 1000
[  503.774792][T19272] lo speed is unknown, defaulting to 1000
[  503.905887][T19272] lo speed is unknown, defaulting to 1000
[  503.993216][T19324] overlayfs: disabling nfs_export due to verity=on
[  503.995860][T19324] overlayfs: missing 'lowerdir'
[  503.997273][T19313] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  504.106536][T19328] mkiss: ax0: crc mode is auto.
[  504.186438][T19272] lo speed is unknown, defaulting to 1000
[  504.357980][T19334] Cannot find del_set index 3 as target
[  504.360901][T19334] netlink: 'syz.0.3499': attribute type 11 has an invalid length.
[  504.363490][T19334] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3499'.
[  505.278483][T19349] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3504'.
[  505.282662][T19349] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3504'.
[  505.426886][T19351] overlayfs: disabling nfs_export due to verity=on
[  505.429944][T19351] overlayfs: missing 'lowerdir'
[  505.930237][T19361] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  505.931831][T19364] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  506.127772][T19373] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  506.586584][T19396] overlayfs: disabling nfs_export due to verity=on
[  506.589296][T19396] overlayfs: missing 'lowerdir'
[  506.730550][T19404] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3519'.
[  506.763069][T19404] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3519'.
[  507.690105][T19425] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  507.722511][T19428] FAULT_INJECTION: forcing a failure.
[  507.722511][T19428] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  507.731889][T19428] CPU: 1 UID: 0 PID: 19428 Comm: syz.4.3524 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  507.731915][T19428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  507.731922][T19428] Call Trace:
[  507.731927][T19428]  <TASK>
[  507.731931][T19428]  dump_stack_lvl+0x16c/0x1f0
[  507.731947][T19428]  should_fail_ex+0x512/0x640
[  507.731963][T19428]  _copy_from_user+0x2e/0xd0
[  507.731978][T19428]  get_compat_msghdr+0xa7/0x170
[  507.731994][T19428]  ? __pfx_get_compat_msghdr+0x10/0x10
[  507.732014][T19428]  ___sys_sendmsg+0x1ae/0x1d0
[  507.732024][T19428]  ? __pfx____sys_sendmsg+0x10/0x10
[  507.732049][T19428]  __sys_sendmsg+0x16d/0x220
[  507.732059][T19428]  ? __pfx___sys_sendmsg+0x10/0x10
[  507.732072][T19428]  ? rcu_is_watching+0x12/0xc0
[  507.732083][T19428]  ? rcu_is_watching+0x12/0xc0
[  507.732093][T19428]  __do_fast_syscall_32+0x73/0x120
[  507.732106][T19428]  do_fast_syscall_32+0x32/0x80
[  507.732118][T19428]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  507.732131][T19428] RIP: 0023:0xf7fd7579
[  507.732139][T19428] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  507.732149][T19428] RSP: 002b:00000000f50b455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  507.732158][T19428] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800000c0
[  507.732165][T19428] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  507.732170][T19428] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  507.732176][T19428] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  507.732181][T19428] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  507.732193][T19428]  </TASK>
[  508.117396][T19437] overlayfs: disabling nfs_export due to verity=on
[  508.119701][T19437] overlayfs: missing 'lowerdir'
[  508.824014][T19459] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  509.286168][T19468] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  509.409140][ T2149] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  509.598259][T19474] Cannot find del_set index 3 as target
[  509.602577][T19474] netlink: 'syz.2.3536': attribute type 11 has an invalid length.
[  509.605076][T19474] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3536'.
[  509.640281][ T2149] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  509.643647][ T2149] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  509.647582][ T2149] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  509.652357][ T2149] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  509.656278][ T2149] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.665443][ T2149] usb 5-1: config 0 descriptor??
[  509.830284][ T5979] usb 9-1: new high-speed USB device number 33 using dummy_hcd
[  509.978392][ T5979] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  509.981182][ T5979] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  509.984358][ T5979] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  509.987232][ T5979] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  509.990606][ T5979] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  509.995927][ T5979] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  509.998885][ T5979] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  510.001413][ T5979] usb 9-1: Product: syz
[  510.002771][ T5979] usb 9-1: Manufacturer: syz
[  510.009784][ T5979] cdc_wdm 9-1:1.0: skipping garbage
[  510.011519][ T5979] cdc_wdm 9-1:1.0: skipping garbage
[  510.014571][ T5979] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  510.016426][ T5979] cdc_wdm 9-1:1.0: Unknown control protocol
[  510.022286][T19478] overlayfs: disabling nfs_export due to verity=on
[  510.024487][T19478] overlayfs: missing 'lowerdir'
[  510.544955][T19476] lo speed is unknown, defaulting to 1000
[  510.740817][   T10] usb 9-1: USB disconnect, device number 33
[  510.767227][T19492] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  511.621417][T19511] overlayfs: disabling nfs_export due to verity=on
[  511.623515][T19511] overlayfs: missing 'lowerdir'
[  511.651683][T19513] vivid-007: disconnect
[  511.802551][T19516] Cannot find del_set index 3 as target
[  511.806557][T19516] netlink: 'syz.4.3548': attribute type 11 has an invalid length.
[  511.809918][T19516] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3548'.
[  511.853111][T19517] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  511.933304][ T2149] usbhid 5-1:0.0: can't add hid device: -71
[  511.935138][ T2149] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  511.949636][ T2149] usb 5-1: USB disconnect, device number 37
[  512.354130][T19504] vivid-007: reconnect
[  512.652746][T19527] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  512.883722][ T3314] usb 9-1: new high-speed USB device number 34 using dummy_hcd
[  513.004455][T19536] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  513.029042][ T3314] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  513.032699][ T3314] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  513.037666][ T3314] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  513.041588][ T3314] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  513.045527][ T3314] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  513.051268][ T3314] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  513.054080][ T3314] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  513.056779][ T3314] usb 9-1: Product: syz
[  513.058384][ T3314] usb 9-1: Manufacturer: syz
[  513.067440][ T3314] cdc_wdm 9-1:1.0: skipping garbage
[  513.069314][ T3314] cdc_wdm 9-1:1.0: skipping garbage
[  513.073928][ T3314] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  513.075868][ T3314] cdc_wdm 9-1:1.0: Unknown control protocol
[  513.147084][ T5979] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  513.277184][ T5979] usb 5-1: device descriptor read/64, error -71
[  513.527067][ T5979] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  513.605971][T19540] lo speed is unknown, defaulting to 1000
[  513.623865][T19542] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  513.657029][ T5979] usb 5-1: device descriptor read/64, error -71
[  513.788856][ T5979] usb usb5-port1: attempt power cycle
[  513.845583][T19548] overlayfs: disabling nfs_export due to verity=on
[  513.853376][T19548] overlayfs: missing 'lowerdir'
[  514.010646][ T5980] usb 9-1: USB disconnect, device number 34
[  514.177196][ T5979] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  514.197498][ T5979] usb 5-1: device descriptor read/8, error -71
[  514.397051][ T6007] usb 7-1: new high-speed USB device number 53 using dummy_hcd
[  514.466994][ T5979] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  514.497572][ T5979] usb 5-1: device descriptor read/8, error -71
[  514.548731][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  514.553054][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  514.556897][ T6007] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  514.564625][ T6007] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  514.568589][ T6007] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.587448][ T6007] usb 7-1: config 0 descriptor??
[  514.617368][ T5979] usb usb5-port1: unable to enumerate USB device
[  514.625813][T19560] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  515.437835][T19572] Cannot find del_set index 3 as target
[  515.440821][T19572] netlink: 'syz.3.3562': attribute type 11 has an invalid length.
[  515.443210][T19572] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3562'.
[  515.889222][T19576] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  516.255234][T19581] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  516.284994][T19585] overlayfs: disabling nfs_export due to verity=on
[  516.287551][T19585] overlayfs: missing 'lowerdir'
[  516.316300][T19589] virtio-fs: tag <c:::> not found
[  516.597022][ T5980] usb 8-1: new high-speed USB device number 49 using dummy_hcd
[  516.749638][ T5980] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  516.752979][ T5980] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  516.756820][ T5980] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  516.760144][ T5980] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  516.763933][ T5980] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  516.769788][ T5980] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  516.773102][ T5980] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  516.775850][ T5980] usb 8-1: Product: syz
[  516.805550][T19597] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  516.824090][ T5980] usb 8-1: Manufacturer: syz
[  516.840967][ T5980] cdc_wdm 8-1:1.0: skipping garbage
[  516.842870][ T5980] cdc_wdm 8-1:1.0: skipping garbage
[  516.845499][ T5980] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  516.847954][ T5980] cdc_wdm 8-1:1.0: Unknown control protocol
[  516.993110][ T6007] usbhid 7-1:0.0: can't add hid device: -71
[  516.995703][ T6007] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  517.015179][ T6007] usb 7-1: USB disconnect, device number 53
[  517.391112][T19605] lo speed is unknown, defaulting to 1000
[  517.757922][ T5979] usb 8-1: USB disconnect, device number 49
[  517.898461][T19615] overlayfs: disabling nfs_export due to verity=on
[  517.900588][T19615] overlayfs: missing 'lowerdir'
[  518.029160][T19623] Cannot find del_set index 3 as target
[  518.032863][T19623] netlink: 'syz.0.3573': attribute type 11 has an invalid length.
[  518.035281][T19623] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3573'.
[  518.150574][T19626] virtio-fs: tag <c:::> not found
[  518.539768][T19631] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  518.627808][T19636] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  519.167063][ T5979] usb 7-1: new high-speed USB device number 54 using dummy_hcd
[  519.318947][ T5979] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  519.322866][ T5979] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  519.325917][ T5979] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  519.329973][ T5979] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  519.332684][ T5979] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.336420][ T5979] usb 7-1: config 0 descriptor??
[  519.349813][T19650] overlayfs: disabling nfs_export due to verity=on
[  519.352746][T19650] overlayfs: missing 'lowerdir'
[  519.408162][T19654] virtio-fs: tag <c:::> not found
[  519.444385][T19657] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.512796][T19657] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.593497][T19657] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.643607][T19655] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  519.664327][T19657] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.739276][T19657] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  519.747302][T19657] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  519.754472][T19657] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  519.763151][T19657] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  519.933405][ T2149] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  520.113595][T19665] Cannot find del_set index 3 as target
[  520.118604][T19665] netlink: 'syz.3.3589': attribute type 11 has an invalid length.
[  520.121662][T19665] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3589'.
[  520.509283][ T2149] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  520.512196][ T2149] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  520.515382][ T2149] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  520.518267][ T2149] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  520.521953][ T2149] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  520.528068][ T2149] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  520.531093][ T2149] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  520.533835][ T2149] usb 5-1: Product: syz
[  520.535267][ T2149] usb 5-1: Manufacturer: syz
[  520.541747][ T2149] cdc_wdm 5-1:1.0: skipping garbage
[  520.543776][ T2149] cdc_wdm 5-1:1.0: skipping garbage
[  520.546757][ T2149] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  520.548774][ T2149] cdc_wdm 5-1:1.0: Unknown control protocol
[  520.589768][T19669] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  520.899752][T19673] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  521.064055][T19660] lo speed is unknown, defaulting to 1000
[  521.222035][T16650] usb 5-1: USB disconnect, device number 42
[  521.271234][T19682] overlayfs: disabling nfs_export due to verity=on
[  521.273729][T19682] overlayfs: missing 'lowerdir'
[  521.604011][ T5979] usbhid 7-1:0.0: can't add hid device: -71
[  521.606441][ T5979] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  521.628648][ T5979] usb 7-1: USB disconnect, device number 54
[  521.888758][T19694] virtio-fs: tag <c:::> not found
[  522.312066][T19697] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  522.538599][T19701] Cannot find del_set index 3 as target
[  522.542376][T19701] netlink: 'syz.3.3599': attribute type 11 has an invalid length.
[  522.545447][T19701] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3599'.
[  522.770937][T19713] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3603'.
[  522.834047][T19714] overlayfs: disabling nfs_export due to verity=on
[  522.836136][T19714] overlayfs: missing 'lowerdir'
[  522.839278][T19715] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  522.879767][T19722] input: syz0 as /devices/virtual/input/input30
[  523.113590][T19729] netlink: 'syz.2.3607': attribute type 3 has an invalid length.
[  523.186844][T19732] netlink: 292 bytes leftover after parsing attributes in process `syz.2.3608'.
[  523.664273][T16650] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  523.818500][T16650] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  523.822671][T16650] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  523.826075][T16650] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  523.831915][T16650] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  523.835541][T16650] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.841600][T16650] usb 5-1: config 0 descriptor??
[  523.897062][T19745] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  524.001506][T19750] overlayfs: disabling nfs_export due to verity=on
[  524.004299][T19750] overlayfs: missing 'lowerdir'
[  524.116858][T19757] netfs: Couldn't get user pages (rc=-14)
[  524.458049][T19764] Cannot find del_set index 3 as target
[  524.460900][T19764] netlink: 'syz.3.3618': attribute type 11 has an invalid length.
[  524.463381][T19764] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3618'.
[  525.335202][T19780] overlayfs: disabling nfs_export due to verity=on
[  525.337881][T19780] overlayfs: missing 'lowerdir'
[  525.448682][T19787] virtio-fs: tag <c:::> not found
[  525.527323][T19782] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  525.635817][T19789] cgroup: Unknown subsys name 'fowner>00000000000000000000'
[  525.931974][T16650] usbhid 5-1:0.0: can't add hid device: -71
[  525.947366][T16650] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  525.952548][T16650] usb 5-1: USB disconnect, device number 43
[  526.095764][T19809] overlayfs: disabling nfs_export due to verity=on
[  526.099787][T19809] overlayfs: missing 'lowerdir'
[  526.109529][T19805] Cannot find del_set index 3 as target
[  526.112602][T19805] netlink: 'syz.3.3629': attribute type 11 has an invalid length.
[  526.114920][T19805] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3629'.
[  526.331641][T19812] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  526.340037][T19816] virtio-fs: tag <c:::> not found
[  526.348084][T16650] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  526.518703][T16650] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  526.521447][T16650] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  526.524475][T16650] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  526.527423][T16650] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  526.530927][T16650] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  526.557186][T16650] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  526.560010][T16650] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  526.562493][T16650] usb 5-1: Product: syz
[  526.563804][T16650] usb 5-1: Manufacturer: syz
[  526.597239][T16650] cdc_wdm 5-1:1.0: skipping garbage
[  526.599018][T16650] cdc_wdm 5-1:1.0: skipping garbage
[  526.601817][T16650] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  526.612346][T16650] cdc_wdm 5-1:1.0: Unknown control protocol
[  527.064351][T19831] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3636'.
[  527.124617][T19803] lo speed is unknown, defaulting to 1000
[  527.260938][T19830] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  527.445624][ T6037] usb 5-1: USB disconnect, device number 44
[  527.747249][T16650] usb 7-1: new high-speed USB device number 55 using dummy_hcd
[  527.909163][T16650] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  527.912708][T16650] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  527.915764][T16650] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  527.919990][T16650] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  527.922948][T16650] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  527.926545][T16650] usb 7-1: config 0 descriptor??
[  528.286236][T19852] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  529.239228][T19868] netlink: 'syz.4.3644': attribute type 1 has an invalid length.
[  529.335437][T19872] Cannot find del_set index 3 as target
[  529.341000][T19872] netlink: 'syz.0.3645': attribute type 11 has an invalid length.
[  529.343493][T19872] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3645'.
[  529.383724][T19868] 8021q: adding VLAN 0 to HW filter on device bond1
[  530.084071][T19879] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  530.088167][T16650] usbhid 7-1:0.0: can't add hid device: -71
[  530.093617][T16650] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  530.100907][T16650] usb 7-1: USB disconnect, device number 55
[  530.349057][T19887] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  530.366370][T19888] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  530.527212][T16650] usb 7-1: new high-speed USB device number 56 using dummy_hcd
[  530.670515][T19892] overlayfs: disabling nfs_export due to verity=on
[  530.672595][T19892] overlayfs: missing 'lowerdir'
[  530.690825][T16650] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  530.693585][T16650] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  530.702923][T16650] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  530.705695][T16650] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  530.710706][T16650] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  530.715518][T16650] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  530.719722][T16650] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  530.722574][T16650] usb 7-1: Product: syz
[  530.723887][T16650] usb 7-1: Manufacturer: syz
[  530.729574][T16650] cdc_wdm 7-1:1.0: skipping garbage
[  530.731292][T16650] cdc_wdm 7-1:1.0: skipping garbage
[  530.733671][T16650] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  530.735542][T16650] cdc_wdm 7-1:1.0: Unknown control protocol
[  530.975640][T19899] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  531.178476][T19886] lo speed is unknown, defaulting to 1000
[  531.373294][T19907] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  531.380991][T17063] Bluetooth: hci4: unexpected event for opcode 0x0c22
[  531.390977][   T10] usb 7-1: USB disconnect, device number 56
[  531.489464][T19911] overlayfs: disabling nfs_export due to verity=on
[  531.491456][T19911] overlayfs: missing 'lowerdir'
[  531.593532][T19914] overlayfs: disabling nfs_export due to verity=on
[  531.595563][T19914] overlayfs: missing 'lowerdir'
[  531.827963][T19922] Cannot find del_set index 3 as target
[  531.833606][T19922] netlink: 'syz.4.3657': attribute type 11 has an invalid length.
[  531.836170][T19922] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3657'.
[  532.009752][T19920] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  532.792798][T19931] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3660'.
[  533.344856][T19938] FAULT_INJECTION: forcing a failure.
[  533.344856][T19938] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  533.353514][T19938] CPU: 3 UID: 0 PID: 19938 Comm: syz.3.3663 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  533.353530][T19938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  533.353537][T19938] Call Trace:
[  533.353541][T19938]  <TASK>
[  533.353545][T19938]  dump_stack_lvl+0x16c/0x1f0
[  533.353561][T19938]  should_fail_ex+0x512/0x640
[  533.353577][T19938]  _copy_to_user+0x32/0xd0
[  533.353592][T19938]  do_pagemap_scan+0xb93/0xd00
[  533.353610][T19938]  ? __pfx_do_pagemap_scan+0x10/0x10
[  533.353646][T19938]  ? __fget_files+0x20e/0x3c0
[  533.353662][T19938]  ? fput+0x60/0xf0
[  533.353676][T19938]  do_pagemap_cmd+0x58/0x80
[  533.353690][T19938]  ? __pfx_do_pagemap_cmd+0x10/0x10
[  533.353703][T19938]  __ia32_compat_sys_ioctl+0x24c/0x360
[  533.353718][T19938]  __do_fast_syscall_32+0x73/0x120
[  533.353732][T19938]  do_fast_syscall_32+0x32/0x80
[  533.353744][T19938]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  533.353757][T19938] RIP: 0023:0xf7f68579
[  533.353765][T19938] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  533.353775][T19938] RSP: 002b:00000000f506555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  533.353785][T19938] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0606610
[  533.353791][T19938] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  533.353797][T19938] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  533.353803][T19938] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  533.353808][T19938] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  533.353820][T19938]  </TASK>
[  533.464480][T19939] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  533.999924][T19955] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  534.107095][T17277] usb 7-1: new high-speed USB device number 57 using dummy_hcd
[  534.237038][T17277] usb 7-1: device descriptor read/64, error -71
[  534.393836][T19966] input: syz0 as /devices/virtual/input/input31
[  534.497208][T17277] usb 7-1: new high-speed USB device number 58 using dummy_hcd
[  534.637886][T17277] usb 7-1: device descriptor read/64, error -71
[  534.757216][T17277] usb usb7-port1: attempt power cycle
[  534.942558][T19974] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  535.107031][T17277] usb 7-1: new high-speed USB device number 59 using dummy_hcd
[  535.132419][T17277] usb 7-1: device descriptor read/8, error -71
[  535.329979][T19984] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  535.377053][T17277] usb 7-1: new high-speed USB device number 60 using dummy_hcd
[  535.397448][T17277] usb 7-1: device descriptor read/8, error -71
[  535.507264][T17277] usb usb7-port1: unable to enumerate USB device
[  536.130593][T19995] overlayfs: disabling nfs_export due to verity=on
[  536.132657][T19995] overlayfs: missing 'lowerdir'
[  536.705710][T20013] Cannot find del_set index 3 as target
[  536.714999][T20013] netlink: 'syz.0.3681': attribute type 11 has an invalid length.
[  536.717552][T20013] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3681'.
[  537.299948][T20029] overlayfs: disabling nfs_export due to verity=on
[  537.302255][T20029] overlayfs: missing 'lowerdir'
[  537.502691][T20028] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  537.552756][T20038] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  537.857054][T17277] usb 8-1: new high-speed USB device number 50 using dummy_hcd
[  537.999763][T17277] usb 8-1: device descriptor read/64, error -71
[  538.260070][T17277] usb 8-1: new high-speed USB device number 51 using dummy_hcd
[  538.397366][T17277] usb 8-1: device descriptor read/64, error -71
[  538.425293][T20052] Cannot find del_set index 3 as target
[  538.436582][T20052] netlink: 'syz.4.3691': attribute type 11 has an invalid length.
[  538.439127][T20052] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3691'.
[  538.537336][T17277] usb usb8-port1: attempt power cycle
[  538.889605][T17277] usb 8-1: new high-speed USB device number 52 using dummy_hcd
[  538.907472][T17277] usb 8-1: device descriptor read/8, error -71
[  539.067383][T20062] overlayfs: disabling nfs_export due to verity=on
[  539.070221][T20062] overlayfs: missing 'lowerdir'
[  539.147108][T17277] usb 8-1: new high-speed USB device number 53 using dummy_hcd
[  539.167833][T17277] usb 8-1: device descriptor read/8, error -71
[  539.249736][T20068] FAULT_INJECTION: forcing a failure.
[  539.249736][T20068] name failslab, interval 1, probability 0, space 0, times 0
[  539.254305][T20068] CPU: 1 UID: 0 PID: 20068 Comm: syz.4.3698 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  539.254320][T20068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  539.254326][T20068] Call Trace:
[  539.254330][T20068]  <TASK>
[  539.254335][T20068]  dump_stack_lvl+0x16c/0x1f0
[  539.254350][T20068]  should_fail_ex+0x512/0x640
[  539.254364][T20068]  ? fs_reclaim_acquire+0xae/0x150
[  539.254380][T20068]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  539.254394][T20068]  should_failslab+0xc2/0x120
[  539.254407][T20068]  __kmalloc_noprof+0xd2/0x510
[  539.254420][T20068]  tomoyo_realpath_from_path+0xc2/0x6e0
[  539.254435][T20068]  ? tomoyo_profile+0x47/0x60
[  539.254450][T20068]  tomoyo_path_number_perm+0x245/0x580
[  539.254461][T20068]  ? tomoyo_path_number_perm+0x237/0x580
[  539.254473][T20068]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  539.254497][T20068]  ? find_held_lock+0x2b/0x80
[  539.254506][T20068]  ? hook_file_ioctl_common+0x145/0x410
[  539.254517][T20068]  ? __fget_files+0x204/0x3c0
[  539.254534][T20068]  ? __fget_files+0x20e/0x3c0
[  539.254547][T20068]  ? fput+0x60/0xf0
[  539.254560][T20068]  security_file_ioctl_compat+0x9b/0x240
[  539.254573][T20068]  __ia32_compat_sys_ioctl+0xc3/0x360
[  539.254588][T20068]  __do_fast_syscall_32+0x73/0x120
[  539.254602][T20068]  do_fast_syscall_32+0x32/0x80
[  539.254614][T20068]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  539.254627][T20068] RIP: 0023:0xf7fd7579
[  539.254635][T20068] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  539.254645][T20068] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  539.254654][T20068] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 000000000000ae80
[  539.254660][T20068] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  539.254666][T20068] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  539.254672][T20068] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  539.254677][T20068] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  539.254689][T20068]  </TASK>
[  539.254693][T20068] ERROR: Out of memory at tomoyo_realpath_from_path.
[  539.287265][T17277] usb usb8-port1: unable to enumerate USB device
[  539.527041][ T6037] usb 7-1: new high-speed USB device number 61 using dummy_hcd
[  539.678315][ T6037] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  539.680998][ T6037] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  539.684162][ T6037] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  539.687003][ T6037] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  539.690372][ T6037] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  539.699976][ T6037] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  539.702805][ T6037] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  539.715482][ T6037] usb 7-1: Product: syz
[  539.716820][ T6037] usb 7-1: Manufacturer: syz
[  539.726045][ T6037] cdc_wdm 7-1:1.0: skipping garbage
[  539.728155][ T6037] cdc_wdm 7-1:1.0: skipping garbage
[  539.735912][ T6037] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  539.739270][ T6037] cdc_wdm 7-1:1.0: Unknown control protocol
[  539.907074][   T10] usb 9-1: new high-speed USB device number 35 using dummy_hcd
[  540.070361][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  540.073821][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  540.077217][   T10] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  540.081199][   T10] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  540.084034][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.088563][   T10] usb 9-1: config 0 descriptor??
[  540.149295][T20074] lo speed is unknown, defaulting to 1000
[  540.269218][    T9] usb 7-1: USB disconnect, device number 61
[  540.701773][T20092] overlayfs: disabling nfs_export due to verity=on
[  540.703857][T20092] overlayfs: missing 'lowerdir'
[  540.866592][T20097] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[  540.926253][T20101] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3708'.
[  541.040289][T20110] Cannot find del_set index 3 as target
[  541.047670][T20110] netlink: 'syz.3.3705': attribute type 11 has an invalid length.
[  541.050194][T20110] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3705'.
[  541.231029][T20116] virtio-fs: tag <c:::> not found
[  541.768921][T20127] virtio-fs: tag <c:::> not found
[  541.775105][T20124] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  542.286986][   T60] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[  542.445526][   T10] usbhid 9-1:0.0: can't add hid device: -71
[  542.447569][   T10] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  542.453626][   T10] usb 9-1: USB disconnect, device number 35
[  542.465630][   T60] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  542.470882][   T60] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  542.484559][   T60] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  542.489754][   T60] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  542.494230][   T60] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  542.499355][   T60] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  542.504138][   T60] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  542.506522][   T60] usb 5-1: Product: syz
[  542.508157][   T60] usb 5-1: Manufacturer: syz
[  542.516292][   T60] cdc_wdm 5-1:1.0: skipping garbage
[  542.519729][   T60] cdc_wdm 5-1:1.0: skipping garbage
[  542.524895][   T60] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  542.526765][   T60] cdc_wdm 5-1:1.0: Unknown control protocol
[  542.563292][T20139] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3718'.
[  542.566266][T20139] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3718'.
[  542.569363][T20139] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3718'.
[  542.572090][T20139] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3718'.
[  543.038650][T20131] lo speed is unknown, defaulting to 1000
[  543.167400][T20157] overlayfs: disabling nfs_export due to verity=on
[  543.170182][T20157] overlayfs: missing 'lowerdir'
[  543.213663][T20160] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  543.294460][   T10] usb 5-1: USB disconnect, device number 45
[  543.575402][T20167] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  543.894449][T20172] overlayfs: disabling nfs_export due to verity=on
[  543.896628][T20172] overlayfs: missing 'lowerdir'
[  544.025645][   T10] usb 8-1: new high-speed USB device number 54 using dummy_hcd
[  544.232418][T20179] lo speed is unknown, defaulting to 1000
[  544.581936][T17063] Bluetooth: hci0: Invalid handle: 0x6cc9 > 0x0eff
[  544.609245][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  544.613932][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  544.618355][   T10] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  544.623718][   T10] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  544.627679][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.631456][T20185] can: request_module (can-proto-4) failed.
[  544.631687][   T10] usb 8-1: config 0 descriptor??
[  544.737362][T20187] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  545.237266][    T9] usb 7-1: new high-speed USB device number 62 using dummy_hcd
[  545.247016][ T6037] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  545.270667][T20202] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  545.398699][    T9] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  545.398973][ T6037] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  545.401467][    T9] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  545.405206][ T6037] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  545.405229][ T6037] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  545.405267][ T6037] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  545.408442][    T9] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  545.411894][ T6037] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.413346][ T6037] usb 5-1: config 0 descriptor??
[  545.415766][    T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  545.429194][    T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  545.433976][    T9] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  545.436783][    T9] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  545.439289][    T9] usb 7-1: Product: syz
[  545.440596][    T9] usb 7-1: Manufacturer: syz
[  545.445747][    T9] cdc_wdm 7-1:1.0: skipping garbage
[  545.451715][    T9] cdc_wdm 7-1:1.0: skipping garbage
[  545.454793][    T9] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  545.456653][    T9] cdc_wdm 7-1:1.0: Unknown control protocol
[  545.825971][ T6037] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  545.828442][ T6037] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  545.830754][ T6037] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  545.834300][ T6037] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  545.836570][ T6037] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  545.838915][ T6037] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  545.841186][ T6037] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  545.843413][ T6037] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  545.845701][ T6037] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  545.848684][ T6037] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  545.851595][ T6037] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  545.858179][ T6037] plantronics 0003:047F:FFFF.000E: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  545.969720][T20204] lo speed is unknown, defaulting to 1000
[  546.026809][    T9] usb 5-1: USB disconnect, device number 46
[  546.167621][   T60] usb 7-1: USB disconnect, device number 62
[  546.291679][T20214] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  546.475717][   T10] usbhid 8-1:0.0: can't add hid device: -71
[  546.477682][   T10] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  546.485100][   T10] usb 8-1: USB disconnect, device number 54
[  547.307954][T20253] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  547.899125][T20250] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  547.901833][T20250] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  547.903873][T20250] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  547.905874][T20250] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  547.908691][T20250] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  547.912446][T20250] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  547.950353][T20259] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  547.952898][T20259] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  547.955928][T20259] vhci_hcd vhci_hcd.0: Device attached
[  548.177674][ T6037] usb 9-1: new high-speed USB device number 36 using dummy_hcd
[  548.227052][ T3314] usb 41-1: new low-speed USB device number 3 using vhci_hcd
[  548.229965][ T5992] usb 7-1: new high-speed USB device number 63 using dummy_hcd
[  548.338555][ T6037] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  548.341818][ T6037] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  548.344770][ T6037] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  548.348645][ T6037] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  548.351362][ T6037] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.355371][ T6037] usb 9-1: config 0 descriptor??
[  548.386989][ T6007] usb 8-1: new high-speed USB device number 55 using dummy_hcd
[  548.389430][ T5992] usb 7-1: Using ep0 maxpacket: 16
[  548.394094][ T5992] usb 7-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  548.396877][ T5992] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  548.407069][ T5992] usb 7-1: Product: syz
[  548.408360][ T5992] usb 7-1: Manufacturer: syz
[  548.409774][ T5992] usb 7-1: SerialNumber: syz
[  548.412467][ T5992] usb 7-1: config 0 descriptor??
[  548.417700][ T5992] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected
[  548.420401][ T5992] usb 7-1: Detected FT232H
[  548.541419][ T6007] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  548.544130][ T6007] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  548.547211][ T6007] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  548.549962][ T6007] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  548.553293][ T6007] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  548.558393][ T6007] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  548.561381][ T6007] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  548.567363][ T6007] usb 8-1: Product: syz
[  548.570010][ T6007] usb 8-1: Manufacturer: syz
[  548.579455][ T6007] cdc_wdm 8-1:1.0: skipping garbage
[  548.581289][ T6007] cdc_wdm 8-1:1.0: skipping garbage
[  548.585872][ T6007] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  548.587822][ T6007] cdc_wdm 8-1:1.0: Unknown control protocol
[  548.617404][T20260] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2
[  548.622792][ T9003] vhci_hcd: stop threads
[  548.623756][ T5992] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  548.624614][ T9003] vhci_hcd: release socket
[  548.627039][ T5992] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  548.631100][ T9003] vhci_hcd: disconnect device
[  548.631208][ T5992] ftdi_sio 7-1:0.0: GPIO initialisation failed: -71
[  548.642266][ T5992] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  548.649470][ T5992] usb 7-1: USB disconnect, device number 63
[  548.655734][ T5992] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  548.661541][ T5992] ftdi_sio 7-1:0.0: device disconnected
[  548.674984][T20271] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  549.071385][T20267] lo speed is unknown, defaulting to 1000
[  549.247037][   T68] Bluetooth: hci4: command 0x0c1a tx timeout
[  549.301441][   T60] usb 8-1: USB disconnect, device number 55
[  549.334124][T20290] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3757'.
[  549.615743][T20294] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  549.967660][   T68] Bluetooth: hci0: command 0x0c1a tx timeout
[  549.967694][T17063] Bluetooth: hci2: command 0x0c1a tx timeout
[  549.970248][   T68] Bluetooth: hci1: command 0x041b tx timeout
[  549.979098][ T6037] usbhid 9-1:0.0: can't add hid device: -71
[  549.981800][ T6037] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  550.000143][ T6037] usb 9-1: USB disconnect, device number 36
[  550.131348][T20304] overlayfs: disabling nfs_export due to verity=on
[  550.133903][T20304] overlayfs: missing 'lowerdir'
[  550.582445][T20324] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  550.666996][    T9] usb 9-1: new high-speed USB device number 37 using dummy_hcd
[  550.818341][    T9] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  550.821420][    T9] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  550.824607][    T9] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  550.827503][    T9] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  550.830771][    T9] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  550.835397][    T9] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  550.838320][    T9] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  550.840732][    T9] usb 9-1: Product: syz
[  550.842031][    T9] usb 9-1: Manufacturer: syz
[  550.846441][    T9] cdc_wdm 9-1:1.0: skipping garbage
[  550.848331][    T9] cdc_wdm 9-1:1.0: skipping garbage
[  550.850901][    T9] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  550.852763][    T9] cdc_wdm 9-1:1.0: Unknown control protocol
[  551.221177][T20335] netlink: 136 bytes leftover after parsing attributes in process `syz.0.3771'.
[  551.276668][T20323] lo speed is unknown, defaulting to 1000
[  551.302026][T20338] overlayfs: disabling nfs_export due to verity=on
[  551.304066][T20338] overlayfs: missing 'lowerdir'
[  551.333414][    T9] usb 7-1: new high-speed USB device number 64 using dummy_hcd
[  551.423736][T16650] usb 9-1: USB disconnect, device number 37
[  551.477156][   T60] usb 8-1: new high-speed USB device number 56 using dummy_hcd
[  551.488697][    T9] usb 7-1: device descriptor read/64, error -71
[  551.630131][   T60] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  551.637186][   T60] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  551.637250][T20344] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  551.640122][   T60] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  551.640148][   T60] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  551.640159][   T60] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  551.641438][   T60] usb 8-1: config 0 descriptor??
[  551.749478][    T9] usb 7-1: new high-speed USB device number 65 using dummy_hcd
[  551.877131][    T9] usb 7-1: device descriptor read/64, error -71
[  551.982474][T20347] lo speed is unknown, defaulting to 1000
[  551.989983][    T9] usb usb7-port1: attempt power cycle
[  552.047010][ T5949] Bluetooth: hci0: command 0x0c1a tx timeout
[  552.327031][    T9] usb 7-1: new high-speed USB device number 66 using dummy_hcd
[  552.347471][    T9] usb 7-1: device descriptor read/8, error -71
[  552.457003][ T6007] usb 9-1: new full-speed USB device number 38 using dummy_hcd
[  552.596992][    T9] usb 7-1: new high-speed USB device number 67 using dummy_hcd
[  552.607799][T20362] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  552.610692][ T6007] usb 9-1: device descriptor read/64, error -71
[  552.617483][    T9] usb 7-1: device descriptor read/8, error -71
[  552.727233][    T9] usb usb7-port1: unable to enumerate USB device
[  552.847122][ T6007] usb 9-1: new full-speed USB device number 39 using dummy_hcd
[  552.979658][ T6007] usb 9-1: device descriptor read/64, error -71
[  553.087448][ T6007] usb usb9-port1: attempt power cycle
[  553.275656][T20365] input: syz0 as /devices/virtual/input/input32
[  553.327323][ T3314] vhci_hcd: vhci_device speed not set
[  553.390301][T20367] overlayfs: disabling nfs_export due to verity=on
[  553.392484][T20367] overlayfs: missing 'lowerdir'
[  553.439351][ T6007] usb 9-1: new full-speed USB device number 40 using dummy_hcd
[  553.467612][ T6007] usb 9-1: device descriptor read/8, error -71
[  553.707054][ T6007] usb 9-1: new full-speed USB device number 41 using dummy_hcd
[  553.727488][ T6007] usb 9-1: device descriptor read/8, error -71
[  553.817100][ T5980] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  553.837173][ T6007] usb usb9-port1: unable to enumerate USB device
[  553.978858][ T5980] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  553.981650][ T5980] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  553.985134][ T5980] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  553.988026][ T5980] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  553.991486][ T5980] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  553.996497][ T5980] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  553.999400][ T5980] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  554.001939][ T5980] usb 5-1: Product: syz
[  554.003330][ T5980] usb 5-1: Manufacturer: syz
[  554.011506][ T5980] cdc_wdm 5-1:1.0: skipping garbage
[  554.013248][ T5980] cdc_wdm 5-1:1.0: skipping garbage
[  554.017641][ T5980] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  554.020904][ T5980] cdc_wdm 5-1:1.0: Unknown control protocol
[  554.023329][   T60] usbhid 8-1:0.0: can't add hid device: -71
[  554.025334][   T60] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  554.033578][   T60] usb 8-1: USB disconnect, device number 56
[  554.137161][ T5949] Bluetooth: hci0: command 0x0c1a tx timeout
[  554.349205][T20384] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  554.429718][T20373] lo speed is unknown, defaulting to 1000
[  554.551487][ T6037] usb 5-1: USB disconnect, device number 47
[  555.115615][T20399] overlayfs: disabling nfs_export due to verity=on
[  555.119245][T20399] overlayfs: missing 'lowerdir'
[  555.268711][T20406] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3793'.
[  555.306448][T20407] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  555.347246][   T10] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  555.521387][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  555.524785][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  555.528410][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  555.532829][   T10] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  555.535677][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  555.542413][   T10] usb 5-1: config 0 descriptor??
[  555.676994][ T5980] usb 8-1: new high-speed USB device number 57 using dummy_hcd
[  555.838434][ T5980] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  555.841857][ T5980] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  555.844859][ T5980] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  555.849103][ T5980] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  555.851966][ T5980] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  555.855598][ T5980] usb 8-1: config 0 descriptor??
[  555.960832][   T10] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  555.963226][   T10] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  555.965554][   T10] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  555.969187][   T10] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  555.971539][   T10] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  555.973683][T20420] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  555.973832][   T10] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  555.978697][   T10] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  555.981125][   T10] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  555.983442][   T10] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  555.985747][   T10] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  555.988861][   T10] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[  556.001190][   T10] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  556.014327][T20425] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3797'.
[  556.019915][T20425] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3797'.
[  556.060742][T20427] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3798'.
[  556.288910][ T6037] usb 5-1: USB disconnect, device number 48
[  556.847038][   T60] usb 9-1: new high-speed USB device number 42 using dummy_hcd
[  556.888895][T20434] overlayfs: disabling nfs_export due to verity=on
[  556.891284][T20434] overlayfs: missing 'lowerdir'
[  556.924376][T20437] netlink: 'syz.2.3801': attribute type 1 has an invalid length.
[  556.940487][T20437] 8021q: adding VLAN 0 to HW filter on device bond2
[  556.962403][T20437] bond2: (slave gretap1): making interface the new active one
[  556.965620][T20437] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  556.998784][   T60] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  557.001691][   T60] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  557.004919][   T60] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  557.008194][   T60] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  557.012285][   T60] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  557.017691][   T60] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  557.020661][   T60] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  557.023318][   T60] usb 9-1: Product: syz
[  557.024776][   T60] usb 9-1: Manufacturer: syz
[  557.032068][   T60] cdc_wdm 9-1:1.0: skipping garbage
[  557.033811][   T60] cdc_wdm 9-1:1.0: skipping garbage
[  557.036338][   T60] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  557.038951][   T60] cdc_wdm 9-1:1.0: Unknown control protocol
[  557.294585][T20449] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  557.462376][T20432] lo speed is unknown, defaulting to 1000
[  557.621414][ T5979] usb 9-1: USB disconnect, device number 42
[  557.843297][T20459] overlayfs: failed to resolve './file1': -2
[  558.173520][T20469] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  558.224460][ T5980] usbhid 8-1:0.0: can't add hid device: -71
[  558.226531][ T5980] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  558.231068][ T5980] usb 8-1: USB disconnect, device number 57
[  558.437284][T20480] overlayfs: disabling nfs_export due to verity=on
[  558.439374][T20480] overlayfs: missing 'lowerdir'
[  558.503111][T20483] netlink: 'syz.3.3812': attribute type 4 has an invalid length.
[  558.510376][   T10] lo speed is unknown, defaulting to 1000
[  558.512226][   T10] s
z1: Port: 1 Link DOWN
[  558.514205][   T10] lo speed is unknown, defaulting to 1000
[  558.517528][T20483] netlink: 'syz.3.3812': attribute type 4 has an invalid length.
[  558.525158][   T10] lo speed is unknown, defaulting to 1000
[  558.527418][   T10] s
z1: Port: 1 Link ACTIVE
[  558.529209][ T5979] lo speed is unknown, defaulting to 1000
[  558.899024][T20490] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  558.959445][T20491] FAULT_INJECTION: forcing a failure.
[  558.959445][T20491] name failslab, interval 1, probability 0, space 0, times 0
[  558.964086][T20491] CPU: 2 UID: 0 PID: 20491 Comm: syz.0.3814 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  558.964102][T20491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  558.964108][T20491] Call Trace:
[  558.964112][T20491]  <TASK>
[  558.964116][T20491]  dump_stack_lvl+0x16c/0x1f0
[  558.964133][T20491]  should_fail_ex+0x512/0x640
[  558.964147][T20491]  ? fs_reclaim_acquire+0xae/0x150
[  558.964164][T20491]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  558.964177][T20491]  should_failslab+0xc2/0x120
[  558.964191][T20491]  __kmalloc_noprof+0xd2/0x510
[  558.964205][T20491]  tomoyo_realpath_from_path+0xc2/0x6e0
[  558.964226][T20491]  ? tomoyo_profile+0x47/0x60
[  558.964241][T20491]  tomoyo_path_perm+0x274/0x460
[  558.964251][T20491]  ? tomoyo_path_perm+0x260/0x460
[  558.964263][T20491]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  558.964275][T20491]  ? setattr_copy+0x700/0xb40
[  558.964293][T20491]  ? security_inode_post_setattr+0xd9/0x1f0
[  558.964313][T20491]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  558.964328][T20491]  ? rcu_is_watching+0x12/0xc0
[  558.964339][T20491]  security_inode_getattr+0x116/0x290
[  558.964351][T20491]  vfs_getattr+0x25/0x60
[  558.964363][T20491]  ovl_copy_up_one+0x159/0x38f0
[  558.964376][T20491]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  558.964390][T20491]  ? kernel_text_address+0x100/0x100
[  558.964408][T20491]  ? __pfx_ovl_copy_up_one+0x10/0x10
[  558.964424][T20491]  ? stack_trace_save+0x8e/0xc0
[  558.964434][T20491]  ? stack_depot_save_flags+0x28/0xa50
[  558.964448][T20491]  ? __lock_acquire+0xaa4/0x1ba0
[  558.964463][T20491]  ? kasan_save_stack+0x42/0x60
[  558.964492][T20491]  ? dget_parent+0xf8/0x5e0
[  558.964509][T20491]  ovl_copy_up_flags+0x18d/0x200
[  558.964524][T20491]  ovl_rename+0x7ee/0x1880
[  558.964542][T20491]  ? __pfx_ovl_rename+0x10/0x10
[  558.964554][T20491]  ? down_write_nested+0x151/0x210
[  558.964568][T20491]  ? __pfx_down_write_nested+0x10/0x10
[  558.964581][T20491]  ? find_held_lock+0x2b/0x80
[  558.964590][T20491]  ? vfs_rename+0x4dd/0x2250
[  558.964606][T20491]  vfs_rename+0xf61/0x2250
[  558.964624][T20491]  ? __pfx_vfs_rename+0x10/0x10
[  558.964642][T20491]  ? security_path_rename+0x136/0x3c0
[  558.964655][T20491]  do_renameat2+0x82b/0xc90
[  558.964670][T20491]  ? __pfx_do_renameat2+0x10/0x10
[  558.964682][T20491]  ? find_held_lock+0x2b/0x80
[  558.964690][T20491]  ? __might_fault+0xe3/0x190
[  558.964719][T20491]  ? __might_fault+0x13b/0x190
[  558.964737][T20491]  ? getname_flags.part.0+0x1c5/0x550
[  558.964752][T20491]  __ia32_sys_renameat2+0xe7/0x130
[  558.964765][T20491]  __do_fast_syscall_32+0x73/0x120
[  558.964779][T20491]  do_fast_syscall_32+0x32/0x80
[  558.964791][T20491]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  558.964803][T20491] RIP: 0023:0xf7f05579
[  558.964812][T20491] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  558.964821][T20491] RSP: 002b:00000000f500555c EFLAGS: 00000296 ORIG_RAX: 0000000000000161
[  558.964831][T20491] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000a00
[  558.964837][T20491] RDX: 00000000ffffff9c RSI: 0000000080000600 RDI: 0000000000000002
[  558.964843][T20491] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  558.964849][T20491] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  558.964854][T20491] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  558.964867][T20491]  </TASK>
[  558.964871][T20491] ERROR: Out of memory at tomoyo_realpath_from_path.
[  559.029188][T20475] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  559.076352][T20475] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  559.079038][T20475] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  559.081261][T20475] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  559.506997][ T6037] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  559.639707][T20509] overlayfs: disabling nfs_export due to verity=on
[  559.640881][T20505] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  559.641798][T20509] overlayfs: missing 'lowerdir'
[  559.668541][ T6037] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  559.671039][ T6037] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  559.673920][ T6037] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  559.676571][ T6037] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  559.679895][ T6037] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  559.684280][ T6037] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  559.687189][ T6037] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  559.697104][ T6037] usb 5-1: Product: syz
[  559.707689][ T6037] usb 5-1: Manufacturer: syz
[  559.728074][ T6037] cdc_wdm 5-1:1.0: skipping garbage
[  559.738740][ T6037] cdc_wdm 5-1:1.0: skipping garbage
[  559.747706][ T6037] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  559.757450][ T6037] cdc_wdm 5-1:1.0: Unknown control protocol
[  560.117150][ T6037] usb 8-1: new high-speed USB device number 58 using dummy_hcd
[  560.207350][T20504] lo speed is unknown, defaulting to 1000
[  560.278290][ T6037] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  560.281680][ T6037] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  560.284637][ T6037] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  560.306963][ T6037] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  560.309814][ T6037] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.313482][ T6037] usb 8-1: config 0 descriptor??
[  560.345167][ T5979] usb 5-1: USB disconnect, device number 49
[  560.362504][T20524] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  560.377014][ T5949] Bluetooth: hci4: command 0x0c1a tx timeout
[  560.882910][T20534] gretap1: entered promiscuous mode
[  560.884775][T20534] gretap1: entered allmulticast mode
[  561.087174][ T5949] Bluetooth: hci0: command 0x0c1a tx timeout
[  561.087200][   T68] Bluetooth: hci2: command 0x0c1a tx timeout
[  561.089213][T17063] Bluetooth: hci1: command 0x041b tx timeout
[  561.090347][T20540] FAULT_INJECTION: forcing a failure.
[  561.090347][T20540] name failslab, interval 1, probability 0, space 0, times 0
[  561.090424][T20540] CPU: 0 UID: 0 PID: 20540 Comm: syz.0.3827 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  561.090438][T20540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  561.090444][T20540] Call Trace:
[  561.090448][T20540]  <TASK>
[  561.090452][T20540]  dump_stack_lvl+0x16c/0x1f0
[  561.090469][T20540]  should_fail_ex+0x512/0x640
[  561.090483][T20540]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  561.090497][T20540]  should_failslab+0xc2/0x120
[  561.090510][T20540]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  561.090521][T20540]  ? lockdep_init_map_type+0x5c/0x280
[  561.090534][T20540]  ? xfrm_add_sa+0x276a/0x58a0
[  561.090548][T20540]  kmemdup_noprof+0x29/0x60
[  561.090561][T20540]  xfrm_add_sa+0x276a/0x58a0
[  561.090576][T20540]  ? __pfx_xfrm_add_sa+0x10/0x10
[  561.090589][T20540]  ? __nla_parse+0x40/0x60
[  561.090598][T20540]  ? __pfx_xfrm_add_sa+0x10/0x10
[  561.090610][T20540]  xfrm_user_rcv_msg+0x4fb/0xb60
[  561.090623][T20540]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  561.090635][T20540]  ? kfree_skbmem+0x1a4/0x1f0
[  561.090648][T20540]  ? consume_skb+0xcc/0x100
[  561.090673][T20540]  ? __mutex_trylock_common+0xe9/0x250
[  561.090686][T20540]  ? __pfx___mutex_trylock_common+0x10/0x10
[  561.090702][T20540]  netlink_rcv_skb+0x16a/0x440
[  561.090713][T20540]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  561.090724][T20540]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  561.090742][T20540]  ? netlink_deliver_tap+0x1ae/0xd30
[  561.090753][T20540]  xfrm_netlink_rcv+0x71/0x90
[  561.090762][T20540]  netlink_unicast+0x53a/0x7f0
[  561.090774][T20540]  ? __pfx_netlink_unicast+0x10/0x10
[  561.090788][T20540]  netlink_sendmsg+0x8d1/0xdd0
[  561.090801][T20540]  ? __pfx_netlink_sendmsg+0x10/0x10
[  561.090812][T20540]  ? __import_iovec+0x1c8/0x660
[  561.090830][T20540]  ____sys_sendmsg+0xa95/0xc70
[  561.090843][T20540]  ? __pfx_____sys_sendmsg+0x10/0x10
[  561.090854][T20540]  ? get_compat_msghdr+0x11a/0x170
[  561.090880][T20540]  ___sys_sendmsg+0x134/0x1d0
[  561.090890][T20540]  ? __pfx____sys_sendmsg+0x10/0x10
[  561.090916][T20540]  __sys_sendmsg+0x16d/0x220
[  561.090926][T20540]  ? __pfx___sys_sendmsg+0x10/0x10
[  561.090941][T20540]  ? rcu_is_watching+0x12/0xc0
[  561.090952][T20540]  __do_fast_syscall_32+0x73/0x120
[  561.090965][T20540]  do_fast_syscall_32+0x32/0x80
[  561.090977][T20540]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  561.090990][T20540] RIP: 0023:0xf7f05579
[  561.090998][T20540] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  561.091008][T20540] RSP: 002b:00000000f4fa055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  561.091017][T20540] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 0000000080000000
[  561.091024][T20540] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  561.091029][T20540] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  561.091035][T20540] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  561.091040][T20540] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  561.091053][T20540]  </TASK>
[  561.905545][T20546] lo speed is unknown, defaulting to 1000
[  562.412745][T20550] overlayfs: disabling nfs_export due to verity=on
[  562.414935][T20550] overlayfs: missing 'lowerdir'
[  562.786465][T20561] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  562.842465][ T6037] usbhid 8-1:0.0: can't add hid device: -71
[  562.845235][ T6037] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  562.893838][ T6037] usb 8-1: USB disconnect, device number 58
[  563.240852][T20567] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  563.622470][T20576] overlayfs: disabling nfs_export due to verity=on
[  563.624538][T20576] overlayfs: missing 'lowerdir'
[  563.627350][ T6037] usb 9-1: new high-speed USB device number 43 using dummy_hcd
[  563.632616][T20578] FAULT_INJECTION: forcing a failure.
[  563.632616][T20578] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  563.636631][T20578] CPU: 2 UID: 0 PID: 20578 Comm: syz.2.3839 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  563.636644][T20578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  563.636667][T20578] Call Trace:
[  563.636672][T20578]  <TASK>
[  563.636676][T20578]  dump_stack_lvl+0x16c/0x1f0
[  563.636692][T20578]  should_fail_ex+0x512/0x640
[  563.636708][T20578]  _copy_to_user+0x32/0xd0
[  563.636724][T20578]  simple_read_from_buffer+0xcb/0x170
[  563.636740][T20578]  proc_fail_nth_read+0x197/0x270
[  563.636754][T20578]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  563.636768][T20578]  ? rw_verify_area+0xcf/0x680
[  563.636782][T20578]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  563.636796][T20578]  vfs_read+0x1de/0xc70
[  563.636806][T20578]  ? __pfx___mutex_lock+0x10/0x10
[  563.636818][T20578]  ? __pfx_vfs_read+0x10/0x10
[  563.636830][T20578]  ? __fget_files+0x20e/0x3c0
[  563.636849][T20578]  ksys_read+0x12a/0x240
[  563.636858][T20578]  ? __pfx_ksys_read+0x10/0x10
[  563.636867][T20578]  ? rcu_is_watching+0x12/0xc0
[  563.636883][T20578]  __do_fast_syscall_32+0x73/0x120
[  563.636896][T20578]  do_fast_syscall_32+0x32/0x80
[  563.636921][T20578]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  563.636933][T20578] RIP: 0023:0xf7ff3579
[  563.636942][T20578] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  563.636952][T20578] RSP: 002b:00000000f5116590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  563.636961][T20578] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5116620
[  563.636968][T20578] RDX: 000000000000000f RSI: 00000000f7482ff4 RDI: 0000000000000000
[  563.636974][T20578] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  563.636979][T20578] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  563.636985][T20578] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  563.636998][T20578]  </TASK>
[  563.778988][ T6037] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  563.781692][ T6037] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  563.784826][ T6037] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  563.790978][ T6037] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  563.794380][ T6037] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  563.803858][ T6037] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  563.806685][ T6037] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  563.811982][ T6037] usb 9-1: Product: syz
[  563.813386][ T6037] usb 9-1: Manufacturer: syz
[  563.827953][ T6037] cdc_wdm 9-1:1.0: skipping garbage
[  563.829637][ T6037] cdc_wdm 9-1:1.0: skipping garbage
[  563.837207][ T6037] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  563.843344][ T6037] cdc_wdm 9-1:1.0: Unknown control protocol
[  563.882946][T20593] overlay: Unknown parameter '/'
[  563.900547][T20593] vivid-000: disconnect
[  563.902149][T20592] vivid-000: reconnect
[  563.941913][T20597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3846'.
[  563.944779][T20597] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  564.002546][T20598] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  564.187018][ T6037] usb 8-1: new full-speed USB device number 59 using dummy_hcd
[  564.287098][T17277] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  564.306617][T20570] lo speed is unknown, defaulting to 1000
[  564.338298][ T6037] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  564.340677][ T6037] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  564.343960][ T6037] usb 8-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  564.348940][ T6037] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  564.351295][ T6037] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  564.354581][ T6037] usb 8-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  564.359600][ T6037] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  564.361969][ T6037] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  564.365247][ T6037] usb 8-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  564.371353][ T6037] usb 8-1: string descriptor 0 read error: -22
[  564.373423][ T6037] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  564.376188][ T6037] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.381845][ T6037] adutux 8-1:168.0: interrupt endpoints not found
[  564.412006][ T6007] usb 9-1: USB disconnect, device number 43
[  564.448676][T17277] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  564.452035][T17277] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  564.455027][T17277] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  564.459229][T17277] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  564.462082][T17277] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.465985][T17277] usb 5-1: config 0 descriptor??
[  564.583816][ T6037] usb 8-1: USB disconnect, device number 59
[  564.643484][T20610] bridge0: port 3(vlan0) entered blocking state
[  564.645566][T20610] bridge0: port 3(vlan0) entered disabled state
[  564.649224][T20610] vlan0: entered allmulticast mode
[  564.650869][T20610] bridge0: entered allmulticast mode
[  564.653639][T20610] vlan0: left allmulticast mode
[  564.655193][T20610] bridge0: left allmulticast mode
[  564.967546][T20615] overlayfs: disabling nfs_export due to verity=on
[  564.969694][T20615] overlayfs: missing 'lowerdir'
[  565.382856][T20631] netlink: 'syz.3.3854': attribute type 39 has an invalid length.
[  565.735818][T20634] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  566.140217][T20650] overlayfs: disabling nfs_export due to verity=on
[  566.142355][T20650] overlayfs: missing 'lowerdir'
[  566.190926][T20652] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3862'.
[  566.276765][T20653] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  566.337000][   T60] usb 8-1: new high-speed USB device number 60 using dummy_hcd
[  566.488665][   T60] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  566.491398][   T60] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  566.494601][   T60] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  566.497706][   T60] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  566.501073][   T60] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  566.505727][   T60] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  566.508718][   T60] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  566.511381][   T60] usb 8-1: Product: syz
[  566.512724][   T60] usb 8-1: Manufacturer: syz
[  566.516599][   T60] cdc_wdm 8-1:1.0: skipping garbage
[  566.518393][   T60] cdc_wdm 8-1:1.0: skipping garbage
[  566.520791][   T60] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  566.522669][   T60] cdc_wdm 8-1:1.0: Unknown control protocol
[  566.654025][T20663] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  566.842655][T17277] usbhid 5-1:0.0: can't add hid device: -71
[  566.846208][T17277] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  566.852173][T17277] usb 5-1: USB disconnect, device number 50
[  566.991061][T20645] lo speed is unknown, defaulting to 1000
[  567.022582][T20682] overlayfs: disabling nfs_export due to verity=on
[  567.024735][T20682] overlayfs: missing 'lowerdir'
[  567.132437][ T6007] usb 8-1: USB disconnect, device number 60
[  567.172606][T20691] random: crng reseeded on system resumption
[  567.521777][T20702] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  567.803373][T20711] overlayfs: disabling nfs_export due to verity=on
[  567.805440][T20711] overlayfs: missing 'lowerdir'
[  567.857048][ T6007] usb 7-1: new high-speed USB device number 68 using dummy_hcd
[  568.028561][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  568.032034][ T6007] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  568.035122][ T6007] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  568.039202][ T6007] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  568.042149][ T6007] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  568.046331][ T6007] usb 7-1: config 0 descriptor??
[  568.234586][T20726] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  568.397979][ T5992] IPVS: starting estimator thread 0...
[  568.487113][T20733] IPVS: using max 48 ests per chain, 115200 per kthread
[  568.877201][T20744] lo speed is unknown, defaulting to 1000
[  569.331702][T20752] overlayfs: disabling nfs_export due to verity=on
[  569.333912][T20752] overlayfs: missing 'lowerdir'
[  569.362264][T20755] gfs2: path_lookup on c:::!(>��y�o�=O-��Fm�SH_Y8y�u
[  569.362264][T20755] FãzR��#�xI�6B��YCg)�'!�A�{g�
[  569.362264][T20755] �}�m�]x���%{q��m�*��PN���~%U5J�hBoGh�N�]�.L�.`���$�
 returned error -2
[  569.780294][T20767] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  570.043319][T20770] lo speed is unknown, defaulting to 1000
[  570.174312][T20774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3895'.
[  570.177595][T20774] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3895'.
[  570.180575][T20774] netlink: 'syz.3.3895': attribute type 5 has an invalid length.
[  570.472706][ T6007] usbhid 7-1:0.0: can't add hid device: -71
[  570.474755][ T6007] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  570.481738][ T6007] usb 7-1: USB disconnect, device number 68
[  570.668122][T20785] overlayfs: disabling nfs_export due to verity=on
[  570.675511][T20786] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  570.682234][T20785] overlayfs: missing 'lowerdir'
[  570.884890][T20797] lo speed is unknown, defaulting to 1000
[  571.441153][T20811] netlink: 'syz.3.3906': attribute type 1 has an invalid length.
[  571.458935][T20811] 8021q: adding VLAN 0 to HW filter on device bond0
[  571.489680][T20811] bond0: (slave veth3): Enslaving as an active interface with a down link
[  571.506866][T20811] bond0: (slave syz_tun): making interface the new active one
[  571.510836][T20811] syz_tun: entered promiscuous mode
[  571.513314][T20811] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  571.559361][T20815] bond0: (slave syz_tun): Releasing active interface
[  571.562415][T20815] syz_tun: left promiscuous mode
[  571.571974][T20815] : (slave bond_slave_0): Releasing backup interface
[  571.576637][T20815] : (slave bond_slave_1): Releasing backup interface
[  571.582937][T20815] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  571.585415][T20815] batman_adv: batadv0: Removing interface: batadv_slave_0
[  571.589252][T20815] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  571.592369][T20815] batman_adv: batadv0: Removing interface: batadv_slave_1
[  571.602632][T20815] bond0: (slave veth3): Releasing active interface
[  571.609151][T20818] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  571.831213][T20826] overlayfs: disabling nfs_export due to verity=on
[  571.833329][T20826] overlayfs: missing 'lowerdir'
[  572.102819][T20842] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3913'.
[  572.110198][T20842] netlink: 'syz.2.3913': attribute type 10 has an invalid length.
[  572.121185][T20842] : (slave bridge0): Enslaving as an active interface with an up link
[  572.237155][   T60] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  572.306442][T20843] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  572.411538][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  572.415084][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  572.418830][   T60] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  572.422931][   T60] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  572.425800][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  572.430386][   T60] usb 5-1: config 0 descriptor??
[  572.796643][T20849] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3915'.
[  572.799578][T20849] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3915'.
[  572.998175][T20855] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3916'.
[  573.157458][T20859] lo speed is unknown, defaulting to 1000
[  573.838963][T20869] overlayfs: disabling nfs_export due to verity=on
[  573.841281][T20869] overlayfs: missing 'lowerdir'
[  574.235936][T20877] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  574.684489][   T60] usbhid 5-1:0.0: can't add hid device: -71
[  574.686481][   T60] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  574.710497][   T60] usb 5-1: USB disconnect, device number 51
[  575.008982][T20881] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  575.124751][T20893] sit2: entered promiscuous mode
[  575.126450][T20893] sit2: entered allmulticast mode
[  575.437888][T20900] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3928'.
[  575.936871][T20902] overlayfs: disabling nfs_export due to verity=on
[  575.939924][T20902] overlayfs: missing 'lowerdir'
[  576.085474][T20907] lo speed is unknown, defaulting to 1000
[  576.766540][T20923] Cannot find del_set index 3 as target
[  576.772262][T20923] netlink: 'syz.2.3932': attribute type 11 has an invalid length.
[  576.774755][T20923] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3932'.
[  577.298639][T20932] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  577.307138][ T5980] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  577.441550][T20931] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  577.459365][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  577.463924][ T5980] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  577.468966][ T5980] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  577.474423][ T5980] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  577.478374][ T5980] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.489437][ T5980] usb 5-1: config 0 descriptor??
[  577.494863][T20937] virtio-fs: tag <c:::> not found
[  577.594042][T20940] virtio-fs: tag <c:::> not found
[  578.009761][T20946] overlayfs: disabling nfs_export due to verity=on
[  578.011922][T20946] overlayfs: missing 'lowerdir'
[  578.017492][T20942] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  578.148369][T20956] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3943'.
[  578.467053][T20965] lo speed is unknown, defaulting to 1000
[  578.576717][T20963] Cannot find del_set index 3 as target
[  578.579521][T20963] netlink: 'syz.2.3944': attribute type 11 has an invalid length.
[  578.581979][T20963] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3944'.
[  579.019457][T20973] virtio-fs: tag <c:::> not found
[  579.235899][T20979] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3949'.
[  579.450007][T20984] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  579.544166][ T5980] usbhid 5-1:0.0: can't add hid device: -71
[  579.546561][ T5980] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  579.553811][ T5980] usb 5-1: USB disconnect, device number 52
[  579.697031][   T60] usb 8-1: new high-speed USB device number 61 using dummy_hcd
[  579.746602][T20989] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  579.848678][   T60] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  579.851782][   T60] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  579.854807][   T60] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 72
[  579.859968][   T60] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  579.862879][   T60] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  579.865342][   T60] usb 8-1: Product: syz
[  579.866633][   T60] usb 8-1: Manufacturer: syz
[  579.868299][   T60] usb 8-1: SerialNumber: syz
[  579.871766][T20987] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  580.140203][   T60] usblp 8-1:1.0: usblp0: USB Bidirectional printer dev 61 if 0 alt 0 proto 3 vid 0x0525 pid 0xA4A8
[  580.283486][T21006] Cannot find del_set index 3 as target
[  580.291186][T21006] netlink: 'syz.4.3955': attribute type 11 has an invalid length.
[  580.293699][T21006] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3955'.
[  580.331343][    C0] usblp0: nonzero read bulk status received: -71
[  580.344658][T20987] usblp0: error -71 reading from printer
[  580.350653][    C0] usblp0: nonzero read bulk status received: -71
[  580.472343][T21010] virtio-fs: tag <c:::> not found
[  580.784378][T21016] lo speed is unknown, defaulting to 1000
[  581.337048][   T10] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  581.488646][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  581.597103][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  581.600109][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  581.603909][   T10] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  581.606667][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.612334][   T10] usb 5-1: config 0 descriptor??
[  581.697240][T21031] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  582.198440][T21040] virtio-fs: tag <c:::> not found
[  582.368271][T21041] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  582.473655][T17277] usb 8-1: USB disconnect, device number 61
[  582.483912][T17277] usblp0: removed
[  583.347190][T21055] overlayfs: failed to resolve './file0': -2
[  583.512591][T21058] overlayfs: disabling nfs_export due to verity=on
[  583.514662][T21058] overlayfs: missing 'lowerdir'
[  583.885961][   T10] usbhid 5-1:0.0: can't add hid device: -71
[  583.896298][   T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  583.919731][   T10] usb 5-1: USB disconnect, device number 53
[  584.158929][T21065] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  584.457362][T21075] FAULT_INJECTION: forcing a failure.
[  584.457362][T21075] name failslab, interval 1, probability 0, space 0, times 0
[  584.462156][T21075] CPU: 0 UID: 0 PID: 21075 Comm: syz.2.3975 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  584.462171][T21075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  584.462177][T21075] Call Trace:
[  584.462181][T21075]  <TASK>
[  584.462186][T21075]  dump_stack_lvl+0x16c/0x1f0
[  584.462202][T21075]  should_fail_ex+0x512/0x640
[  584.462216][T21075]  ? __kvmalloc_node_noprof+0x122/0x600
[  584.462227][T21075]  should_failslab+0xc2/0x120
[  584.462240][T21075]  __kvmalloc_node_noprof+0x135/0x600
[  584.462251][T21075]  ? vhost_dev_ioctl+0x221/0xdc0
[  584.462267][T21075]  ? vhost_dev_ioctl+0x221/0xdc0
[  584.462277][T21075]  vhost_dev_ioctl+0x221/0xdc0
[  584.462291][T21075]  ? __pfx_vhost_dev_ioctl+0x10/0x10
[  584.462308][T21075]  vhost_vsock_dev_ioctl+0x3a5/0xb30
[  584.462321][T21075]  ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10
[  584.462336][T21075]  ? __fget_files+0x20e/0x3c0
[  584.462350][T21075]  ? fput+0x60/0xf0
[  584.462362][T21075]  ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10
[  584.462373][T21075]  compat_ptr_ioctl+0x6b/0xa0
[  584.462385][T21075]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  584.462397][T21075]  __ia32_compat_sys_ioctl+0x24c/0x360
[  584.462412][T21075]  __do_fast_syscall_32+0x73/0x120
[  584.462425][T21075]  do_fast_syscall_32+0x32/0x80
[  584.462437][T21075]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  584.462450][T21075] RIP: 0023:0xf7ff3579
[  584.462458][T21075] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  584.462467][T21075] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  584.462477][T21075] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000004008af03
[  584.462483][T21075] RDX: 0000000080000b00 RSI: 0000000000000000 RDI: 0000000000000000
[  584.462489][T21075] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  584.462495][T21075] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  584.462501][T21075] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  584.462513][T21075]  </TASK>
[  584.633608][T21081] virtio-fs: tag <c:::> not found
[  584.982238][T21088] overlayfs: disabling nfs_export due to verity=on
[  584.984291][T21088] overlayfs: missing 'lowerdir'
[  585.101757][T21093] netlink: 'syz.4.3981': attribute type 3 has an invalid length.
[  585.288637][T21096] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  585.374252][T21100] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3983'.
[  585.506978][T17277] usb 7-1: new high-speed USB device number 69 using dummy_hcd
[  585.678445][T17277] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  585.681787][T17277] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  585.684645][T17277] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  585.707135][T17277] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  585.709939][T17277] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.719115][T17277] usb 7-1: config 0 descriptor??
[  585.961164][T21118] virtio-fs: tag <c:::> not found
[  586.027319][T21116] overlayfs: failed to resolve './file0': -2
[  586.214281][T21122] overlayfs: disabling nfs_export due to verity=on
[  586.216350][T21122] overlayfs: missing 'lowerdir'
[  586.948094][T21137] Cannot find del_set index 3 as target
[  586.952260][T21137] netlink: 'syz.4.3991': attribute type 11 has an invalid length.
[  586.954601][T21137] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3991'.
[  587.097748][T21140] Cannot find del_set index 3 as target
[  587.110963][T21140] netlink: 'syz.3.3992': attribute type 11 has an invalid length.
[  587.113387][T21140] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3992'.
[  587.821658][T21146] FAULT_INJECTION: forcing a failure.
[  587.821658][T21146] name failslab, interval 1, probability 0, space 0, times 0
[  587.825523][T21146] CPU: 2 UID: 0 PID: 21146 Comm: syz.4.3995 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  587.825548][T21146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  587.825554][T21146] Call Trace:
[  587.825558][T21146]  <TASK>
[  587.825562][T21146]  dump_stack_lvl+0x16c/0x1f0
[  587.825578][T21146]  should_fail_ex+0x512/0x640
[  587.825592][T21146]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  587.825605][T21146]  should_failslab+0xc2/0x120
[  587.825618][T21146]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  587.825629][T21146]  ? __alloc_skb+0x2b2/0x380
[  587.825646][T21146]  __alloc_skb+0x2b2/0x380
[  587.825661][T21146]  ? __pfx___alloc_skb+0x10/0x10
[  587.825677][T21146]  ? find_held_lock+0x2b/0x80
[  587.825689][T21146]  ovs_ct_limit_cmd_reply_start+0x55/0x1f0
[  587.825710][T21146]  ovs_ct_limit_cmd_del+0x16e/0x7e0
[  587.825727][T21146]  ? __pfx_ovs_ct_limit_cmd_del+0x10/0x10
[  587.825742][T21146]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  587.825756][T21146]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  587.825771][T21146]  genl_family_rcv_msg_doit+0x206/0x2f0
[  587.825784][T21146]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  587.825797][T21146]  ? trace_cap_capable+0x18d/0x200
[  587.825810][T21146]  ? bpf_lsm_capable+0x9/0x10
[  587.825820][T21146]  ? security_capable+0x7e/0x260
[  587.825836][T21146]  ? ns_capable+0xd7/0x110
[  587.825848][T21146]  genl_rcv_msg+0x55c/0x800
[  587.825861][T21146]  ? __pfx_genl_rcv_msg+0x10/0x10
[  587.825872][T21146]  ? __pfx___dev_queue_xmit+0x10/0x10
[  587.825886][T21146]  ? __pfx_ovs_ct_limit_cmd_del+0x10/0x10
[  587.825902][T21146]  ? __lock_acquire+0xaa4/0x1ba0
[  587.825917][T21146]  netlink_rcv_skb+0x16a/0x440
[  587.825927][T21146]  ? __pfx_genl_rcv_msg+0x10/0x10
[  587.825940][T21146]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  587.825956][T21146]  ? __pfx_down_read+0x10/0x10
[  587.825970][T21146]  ? netlink_deliver_tap+0x1ae/0xd30
[  587.825982][T21146]  genl_rcv+0x28/0x40
[  587.825992][T21146]  netlink_unicast+0x53a/0x7f0
[  587.826004][T21146]  ? __pfx_netlink_unicast+0x10/0x10
[  587.826018][T21146]  netlink_sendmsg+0x8d1/0xdd0
[  587.826030][T21146]  ? __pfx_netlink_sendmsg+0x10/0x10
[  587.826041][T21146]  ? __import_iovec+0x1c8/0x660
[  587.826059][T21146]  ____sys_sendmsg+0xa95/0xc70
[  587.826074][T21146]  ? __pfx_____sys_sendmsg+0x10/0x10
[  587.826085][T21146]  ? get_compat_msghdr+0x11a/0x170
[  587.826106][T21146]  ___sys_sendmsg+0x134/0x1d0
[  587.826117][T21146]  ? __pfx____sys_sendmsg+0x10/0x10
[  587.826143][T21146]  __sys_sendmsg+0x16d/0x220
[  587.826152][T21146]  ? __pfx___sys_sendmsg+0x10/0x10
[  587.826167][T21146]  ? rcu_is_watching+0x12/0xc0
[  587.826178][T21146]  __do_fast_syscall_32+0x73/0x120
[  587.826192][T21146]  do_fast_syscall_32+0x32/0x80
[  587.826204][T21146]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  587.826217][T21146] RIP: 0023:0xf7fd7579
[  587.826225][T21146] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  587.826235][T21146] RSP: 002b:00000000f50f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  587.826246][T21146] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  587.826252][T21146] RDX: 0000000000004010 RSI: 0000000000000000 RDI: 0000000000000000
[  587.826258][T21146] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  587.826263][T21146] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  587.826269][T21146] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  587.826281][T21146]  </TASK>
[  588.039951][T21151] virtio-fs: tag <c:::> not found
[  588.052730][T17277] usbhid 7-1:0.0: can't add hid device: -71
[  588.054722][T17277] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  588.063374][T17277] usb 7-1: USB disconnect, device number 69
[  588.112834][T21155] Invalid logical block size (61183)
[  588.337001][   T60] usb 8-1: new high-speed USB device number 62 using dummy_hcd
[  588.466988][   T60] usb 8-1: device descriptor read/64, error -71
[  588.717813][   T60] usb 8-1: new high-speed USB device number 63 using dummy_hcd
[  588.759318][T17063] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  588.766862][T21172] xt_CT: You must specify a L4 protocol and not use inversions on it
[  588.847318][   T60] usb 8-1: device descriptor read/64, error -71
[  588.958626][   T60] usb usb8-port1: attempt power cycle
[  589.262547][T21180] Cannot find del_set index 3 as target
[  589.268319][T21180] netlink: 'syz.2.4004': attribute type 11 has an invalid length.
[  589.270833][T21180] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4004'.
[  589.397006][   T60] usb 8-1: new high-speed USB device number 64 using dummy_hcd
[  589.427803][   T60] usb 8-1: device descriptor read/8, error -71
[  589.667267][   T60] usb 8-1: new high-speed USB device number 65 using dummy_hcd
[  589.687641][   T60] usb 8-1: device descriptor read/8, error -71
[  589.797272][   T60] usb usb8-port1: unable to enumerate USB device
[  590.139103][T21194] virtio-fs: tag <c:::> not found
[  590.167066][ T5979] usb 7-1: new high-speed USB device number 70 using dummy_hcd
[  590.328958][ T5979] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  590.332379][ T5979] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  590.335555][ T5979] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  590.338807][ T5979] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  590.342116][ T5979] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  590.346854][ T5979] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  590.349865][ T5979] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  590.352281][ T5979] usb 7-1: Product: syz
[  590.353562][ T5979] usb 7-1: Manufacturer: syz
[  590.359672][T17277] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  590.361216][ T5979] cdc_wdm 7-1:1.0: skipping garbage
[  590.363677][ T5979] cdc_wdm 7-1:1.0: skipping garbage
[  590.366266][ T5979] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  590.369615][ T5979] cdc_wdm 7-1:1.0: Unknown control protocol
[  590.508361][T17277] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  590.511748][T17277] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  590.514730][T17277] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  590.519226][T17277] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  590.522019][T17277] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  590.525598][T17277] usb 5-1: config 0 descriptor??
[  590.936979][   T59] usb 9-1: new high-speed USB device number 44 using dummy_hcd
[  591.052648][T21189] lo speed is unknown, defaulting to 1000
[  591.098753][   T59] usb 9-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  591.102610][   T59] usb 9-1: config 0 interface 0 has no altsetting 0
[  591.108010][   T59] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  591.111480][   T59] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  591.114594][   T59] usb 9-1: Product: syz
[  591.116208][   T59] usb 9-1: Manufacturer: syz
[  591.118376][   T59] usb 9-1: SerialNumber: syz
[  591.122267][   T59] usb 9-1: config 0 descriptor??
[  591.130408][   T59] usb 9-1: selecting invalid altsetting 0
[  591.232245][T21205] overlayfs: failed to resolve './file1': -2
[  591.298975][ T6037] usb 7-1: USB disconnect, device number 70
[  591.416451][   T58] usb 9-1: USB disconnect, device number 44
[  592.349201][T21217] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  592.592657][T21221] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4015'.
[  592.935572][T17277] usbhid 5-1:0.0: can't add hid device: -71
[  592.940778][T17277] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  592.955182][T17277] usb 5-1: USB disconnect, device number 54
[  593.166818][T21232] virtio-fs: tag <c:::> not found
[  593.228192][T21231] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  593.517018][ T5980] usb 7-1: new high-speed USB device number 71 using dummy_hcd
[  593.649003][ T5980] usb 7-1: device descriptor read/64, error -71
[  593.907281][ T5980] usb 7-1: new high-speed USB device number 72 using dummy_hcd
[  594.057221][ T5980] usb 7-1: device descriptor read/64, error -71
[  594.177767][ T5980] usb usb7-port1: attempt power cycle
[  594.527028][ T5980] usb 7-1: new high-speed USB device number 73 using dummy_hcd
[  594.547691][ T5980] usb 7-1: device descriptor read/8, error -71
[  594.612782][T21268] virtio-fs: tag <c:::> not found
[  594.724137][   T59] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  594.787307][ T5980] usb 7-1: new high-speed USB device number 74 using dummy_hcd
[  594.808007][ T5980] usb 7-1: device descriptor read/8, error -71
[  594.898361][   T59] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  594.901816][   T59] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  594.904894][   T59] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  594.908948][   T59] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  594.911801][   T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.917321][ T5980] usb usb7-port1: unable to enumerate USB device
[  594.921147][   T59] usb 5-1: config 0 descriptor??
[  594.934035][ T5992] IPVS: starting estimator thread 0...
[  595.026988][T21271] IPVS: using max 48 ests per chain, 115200 per kthread
[  596.436278][T21285] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  596.850215][T21287] ==================================================================
[  596.852872][T21287] BUG: KASAN: vmalloc-out-of-bounds in vrealloc_noprof+0x132/0x320
[  596.855654][T21287] Write of size 4064 at addr ffffc90002e39020 by task syz.2.4035/21287
[  596.858948][T21287] 
[  596.860224][T21287] CPU: 2 UID: 0 PID: 21287 Comm: syz.2.4035 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  596.860238][T21287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  596.860244][T21287] Call Trace:
[  596.860249][T21287]  <TASK>
[  596.860253][T21287]  dump_stack_lvl+0x116/0x1f0
[  596.860268][T21287]  print_report+0xc3/0x670
[  596.860280][T21287]  ? __virt_addr_valid+0x5e/0x590
[  596.860294][T21287]  ? vrealloc_noprof+0x132/0x320
[  596.860310][T21287]  kasan_report+0xe0/0x110
[  596.860321][T21287]  ? vrealloc_noprof+0x132/0x320
[  596.860336][T21287]  kasan_check_range+0xef/0x1a0
[  596.860367][T21287]  __asan_memset+0x23/0x50
[  596.860383][T21287]  vrealloc_noprof+0x132/0x320
[  596.860398][T21287]  push_insn_history+0x2ae/0x6c0
[  596.860410][T21287]  do_check_common+0xbd3/0xc2a0
[  596.860425][T21287]  ? __pfx_do_check_common+0x10/0x10
[  596.860435][T21287]  ? lockdep_hardirqs_on+0x7c/0x110
[  596.860447][T21287]  ? kfree+0x2b6/0x4d0
[  596.860460][T21287]  ? bpf_check+0x6c86/0xb460
[  596.860469][T21287]  ? bpf_check+0x7b2f/0xb460
[  596.860480][T21287]  bpf_check+0x7f51/0xb460
[  596.860493][T21287]  ? __pfx_bpf_check+0x10/0x10
[  596.860502][T21287]  ? pcpu_alloc_noprof+0x949/0x1470
[  596.860515][T21287]  ? __lock_acquire+0xaa4/0x1ba0
[  596.860531][T21287]  ? find_held_lock+0x2b/0x80
[  596.860541][T21287]  ? __asan_memset+0x23/0x50
[  596.860555][T21287]  ? bpf_obj_name_cpy+0x14a/0x1a0
[  596.860568][T21287]  bpf_prog_load+0xe41/0x2490
[  596.860582][T21287]  ? __pfx_bpf_prog_load+0x10/0x10
[  596.860598][T21287]  ? __pfx___futex_wait+0x10/0x10
[  596.860615][T21287]  ? bpf_lsm_bpf+0x9/0x10
[  596.860625][T21287]  __sys_bpf+0x433c/0x4d80
[  596.860639][T21287]  ? __pfx___sys_bpf+0x10/0x10
[  596.860653][T21287]  ? do_futex+0x122/0x350
[  596.860663][T21287]  ? __pfx_do_futex+0x10/0x10
[  596.860675][T21287]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[  596.860687][T21287]  ? __sys_getsockopt+0x151/0x1a0
[  596.860703][T21287]  __ia32_sys_bpf+0x76/0xe0
[  596.860717][T21287]  __do_fast_syscall_32+0x73/0x120
[  596.860731][T21287]  do_fast_syscall_32+0x32/0x80
[  596.860743][T21287]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  596.860756][T21287] RIP: 0023:0xf7ff3579
[  596.860764][T21287] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  596.860774][T21287] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  596.860783][T21287] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800017c0
[  596.860790][T21287] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  596.860797][T21287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  596.860802][T21287] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  596.860808][T21287] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  596.860816][T21287]  </TASK>
[  596.860820][T21287] 
[  596.950015][T21287] The buggy address belongs to the virtual mapping at
[  596.950015][T21287]  [ffffc90002e29000, ffffc90002e3b000) created by:
[  596.950015][T21287]  kvrealloc_noprof+0x7d/0xd0
[  596.955613][T21287] 
[  596.956386][T21287] The buggy address belongs to the physical page:
[  596.958366][T21287] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802588e400 pfn:0x65a49
[  596.961463][T21287] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  596.963681][T21287] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  596.966307][T21287] raw: ffff88802588e400 0000000000000000 00000001ffffffff 0000000000000000
[  596.968935][T21287] page dumped because: kasan: bad access detected
[  596.970903][T21287] page_owner tracks the page as allocated
[  596.972672][T21287] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 21287, tgid 21286 (syz.2.4035), ts 596850102390, free_ts 587357328768
[  596.977944][T21287]  post_alloc_hook+0x181/0x1b0
[  596.979437][T21287]  get_page_from_freelist+0x135c/0x3920
[  596.981165][T21287]  __alloc_frozen_pages_noprof+0x5a8/0x23a0
[  596.983008][T21287]  alloc_pages_mpol+0x1fb/0x550
[  596.984538][T21287]  alloc_pages_noprof+0x131/0x390
[  596.986110][T21287]  __vmalloc_node_range_noprof+0x732/0x1540
[  596.987944][T21287]  __kvmalloc_node_noprof+0x2ff/0x600
[  596.989615][T21287]  kvrealloc_noprof+0x7d/0xd0
[  596.991075][T21287]  push_insn_history+0x2ae/0x6c0
[  596.992625][T21287]  do_check_common+0xbd3/0xc2a0
[  596.994134][T21287]  bpf_check+0x7f51/0xb460
[  596.995523][T21287]  bpf_prog_load+0xe41/0x2490
[  596.997001][T21287]  __sys_bpf+0x433c/0x4d80
[  596.998397][T21287]  __ia32_sys_bpf+0x76/0xe0
[  596.999840][T21287]  __do_fast_syscall_32+0x73/0x120
[  597.001397][T21287]  do_fast_syscall_32+0x32/0x80
[  597.002923][T21287] page last free pid 28 tgid 28 stack trace:
[  597.004781][T21287]  __free_frozen_pages+0x69d/0xff0
[  597.006325][T21287]  tlb_remove_table_rcu+0x116/0x1a0
[  597.007908][T21287]  rcu_core+0x799/0x14e0
[  597.009212][T21287]  handle_softirqs+0x216/0x8e0
[  597.010656][T21287]  run_ksoftirqd+0x3a/0x60
[  597.012042][T21287]  smpboot_thread_fn+0x3f4/0xae0
[  597.013607][T21287]  kthread+0x3c2/0x780
[  597.014888][T21287]  ret_from_fork+0x45/0x80
[  597.016287][T21287]  ret_from_fork_asm+0x1a/0x30
[  597.017800][T21287] 
[  597.018562][T21287] Memory state around the buggy address:
[  597.020310][T21287]  ffffc90002e38f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  597.022783][T21287]  ffffc90002e38f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  597.025361][T21287] >ffffc90002e39000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  597.027886][T21287]                                ^
[  597.029548][T21287]  ffffc90002e39080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  597.032155][T21287]  ffffc90002e39100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  597.034613][T21287] ==================================================================
[  597.043122][T21287] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  597.045414][T21287] CPU: 3 UID: 0 PID: 21287 Comm: syz.2.4035 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  597.049078][T21287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  597.052400][T21287] Call Trace:
[  597.053460][T21287]  <TASK>
[  597.054406][T21287]  dump_stack_lvl+0x3d/0x1f0
[  597.055862][T21287]  panic+0x71c/0x800
[  597.057121][T21287]  ? __pfx_panic+0x10/0x10
[  597.058639][T21287]  ? rcu_is_watching+0x12/0xc0
[  597.060151][T21287]  ? preempt_schedule_thunk+0x16/0x30
[  597.061845][T21287]  ? vrealloc_noprof+0x132/0x320
[  597.063401][T21287]  ? preempt_schedule_common+0x44/0xc0
[  597.065128][T21287]  ? vrealloc_noprof+0x132/0x320
[  597.066682][T21287]  check_panic_on_warn+0xab/0xb0
[  597.068267][T21287]  end_report+0x107/0x170
[  597.069635][T21287]  kasan_report+0xee/0x110
[  597.071048][T21287]  ? vrealloc_noprof+0x132/0x320
[  597.072612][T21287]  kasan_check_range+0xef/0x1a0
[  597.074150][T21287]  __asan_memset+0x23/0x50
[  597.075561][T21287]  vrealloc_noprof+0x132/0x320
[  597.077082][T21287]  push_insn_history+0x2ae/0x6c0
[  597.078636][T21287]  do_check_common+0xbd3/0xc2a0
[  597.080170][T21287]  ? __pfx_do_check_common+0x10/0x10
[  597.081837][T21287]  ? lockdep_hardirqs_on+0x7c/0x110
[  597.083460][T21287]  ? kfree+0x2b6/0x4d0
[  597.084764][T21287]  ? bpf_check+0x6c86/0xb460
[  597.086221][T21287]  ? bpf_check+0x7b2f/0xb460
[  597.087685][T21287]  bpf_check+0x7f51/0xb460
[  597.089100][T21287]  ? __pfx_bpf_check+0x10/0x10
[  597.090602][T21287]  ? pcpu_alloc_noprof+0x949/0x1470
[  597.092233][T21287]  ? __lock_acquire+0xaa4/0x1ba0
[  597.093802][T21287]  ? find_held_lock+0x2b/0x80
[  597.095284][T21287]  ? __asan_memset+0x23/0x50
[  597.096753][T21287]  ? bpf_obj_name_cpy+0x14a/0x1a0
[  597.098336][T21287]  bpf_prog_load+0xe41/0x2490
[  597.099822][T21287]  ? __pfx_bpf_prog_load+0x10/0x10
[  597.101459][T21287]  ? __pfx___futex_wait+0x10/0x10
[  597.103047][T21287]  ? bpf_lsm_bpf+0x9/0x10
[  597.104409][T21287]  __sys_bpf+0x433c/0x4d80
[  597.105819][T21287]  ? __pfx___sys_bpf+0x10/0x10
[  597.107325][T21287]  ? do_futex+0x122/0x350
[  597.108699][T21287]  ? __pfx_do_futex+0x10/0x10
[  597.110177][T21287]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[  597.112046][T21287]  ? __sys_getsockopt+0x151/0x1a0
[  597.113643][T21287]  __ia32_sys_bpf+0x76/0xe0
[  597.115081][T21287]  __do_fast_syscall_32+0x73/0x120
[  597.116698][T21287]  do_fast_syscall_32+0x32/0x80
[  597.118227][T21287]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  597.120198][T21287] RIP: 0023:0xf7ff3579
[  597.121515][T21287] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  597.127391][T21287] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  597.129969][T21287] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800017c0
[  597.132431][T21287] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  597.134879][T21287] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  597.137321][T21287] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  597.139762][T21287] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  597.142241][T21287]  </TASK>
[  597.143920][T21287] Kernel Offset: disabled
[  597.145300][T21287] Rebooting in 86400 seconds..

VM DIAGNOSIS:
23:55:24  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88802b43f880 RCX=ffffffff81ae9c79 RDX=ffff888044e38000
RSI=ffffffff81ae9c53 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900010cefe0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed1005687f11 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b23b180
RIP=ffffffff81ae9c55 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977ef000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000570434c0 CR3=0000000053900000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000205b0c1 RBX=0000000000000001 RCX=ffffffff8b68c3e9 RDX=0000000000000000
RSI=ffffffff8dbd9d03 RDI=ffffffff8bf467e0 RBP=ffffed1003b55488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed10056665bd R10=ffff88802b332deb R11=0000000000000000
R12=0000000000000001 R13=ffff88801daaa440 R14=ffffffff90850e10 R15=0000000000000000
RIP=ffffffff8b68ac7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880978ef000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7fe55a0 CR3=0000000057c2f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff854bf770 RDI=ffffffff9addcbc0 RBP=ffffffff9addcb80 RSP=ffffc90025686f08
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000074697257
R12=0000000000000000 R13=ffffffff9addcbd0 R14=ffffffff9addcb80 R15=ffffffff9addce40
RIP=ffffffff854bf797 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880979ef000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f506560c CR3=000000006e66c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000a449e7 RBX=0000000000000003 RCX=ffffffff8b68c3e9 RDX=0000000000000000
RSI=ffffffff8dbd9d03 RDI=ffffffff8bf467e0 RBP=ffffed1003b58000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a65bd R10=ffff88802b532deb R11=0000000000000000
R12=0000000000000003 R13=ffff88801dac0000 R14=ffffffff90850e10 R15=0000000000000000
RIP=ffffffff8b68ac7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097aef000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080000200 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bd909aac5e5be818 3f5cb28f5dbfa5f4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 19afd088fad37bb8 b25f9fdcc1f92cdf
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 560943320be344d4 7c6e9c6ac30980f7
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ed9fbb55fe540ea4 9504bb6aae7a7908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003980
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6945de5ec464a2 1f6466e3fe01aac5
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0080010047b4da53 0000016a00800100
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000016a00800100 680455160000016a
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000016a779345c4 76b9080c00800100
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5ce94255b33beefd 3e3cf9f62bbf4911
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 986a4257b30a9753 f6f0a8801533110b
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000