last executing test programs:

6.734639092s ago: executing program 1 (id=1687):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x2, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000340)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x1f4, 0xd50, 0x1000000, &(0x7f0000000100)="ff412f66b0833efc8864968781", 0x0, 0x300, 0x300, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x2}, 0x50)
setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r6, 0xc0b45545, 0x0)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_SET_IRQCHIP(r8, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @ioapic={0x80a0000, 0x0, 0xffffffff, 0x0, 0x0, [{0x0, 0x3}, {}, {}, {0x0, 0xff}, {}, {}, {}, {0xff}, {}, {}, {0x1, 0x0, 0x7e}, {0x0, 0x0, 0x40}, {0x0, 0xff}, {}, {}, {0x0, 0x0, 0x3a}, {0x0, 0xff}, {0x80, 0x0, 0x81}, {}, {}, {0x0, 0x0, 0xd4}, {}, {0x0, 0xff}]}})
ioctl$KVM_IRQ_LINE(r8, 0x4008ae61, &(0x7f0000000000)={0x9, 0x7})
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="1f", 0x1}], 0x1}, 0x8c0)

5.768430821s ago: executing program 1 (id=1692):
r0 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
write$P9_RVERSION(r0, &(0x7f00000005c0)=ANY=[], 0xfffffffffffffff7)
pwrite64(r0, &(0x7f0000000280), 0x0, 0x3)
syz_pidfd_open(0x0, 0x0)
syz_usb_connect(0x0, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x30000000})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
socket$inet6_sctp(0xa, 0x1, 0x84)
connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80800100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=@deltaction={0x48, 0x31, 0x8, 0x70bd25, 0x25dfdbfe, {}, [@TCA_ACT_TAB={0x34, 0x1, [{0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xcc1a}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f0000004000)=0x2, 0x4, 0x0, 0x0, 0x0, 0xb201fffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x76, 0xd, 0x66, 0x8, 0x3}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x58)
recvmmsg(r5, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0401273, &(0x7f0000000200)={'\x00', 0x7, 0xfffffff2, 0x80, 0x9, 0xfffffffffffffff9, <r6=>0x0})
sched_setscheduler(r6, 0x5, &(0x7f0000000240)=0x6)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x62181)
socket$tipc(0x1e, 0x5, 0x0)

5.193783557s ago: executing program 0 (id=1700):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x3e, 0x208604)
r1 = syz_usb_connect$cdc_ecm(0x0, 0x5e, &(0x7f0000000000)=ANY=[@ANYBLOB="12011001020000402505a1a440000102030d0902"], 0x0)
syz_usb_disconnect(r1)
syz_usb_disconnect(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32=r4, @ANYBLOB="44000280400001"], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0080, 0x0)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r7, &(0x7f00000005c0)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47b07c7d], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000]}, 0x45c)
r8 = dup(r7)
ioctl$UI_SET_EVBIT(r8, 0x40045564, 0x5)
ioctl$UI_DEV_CREATE(r8, 0x5501)
write$uinput_user_dev(r8, &(0x7f00000000c0)={'syz0\x00', {0xfff7, 0xc, 0x100, 0x81}, 0x1d, [0x7b, 0xb7e2, 0x3, 0x9, 0x100, 0x3, 0x1, 0x7, 0x9, 0x2, 0x7, 0xa, 0x3, 0x0, 0x7f, 0xd, 0x1007fff, 0x6, 0x6, 0x5, 0x6, 0x6, 0x7, 0x6, 0xff, 0x6, 0xfffff5ee, 0x401, 0x0, 0xfc75, 0x8, 0x9, 0x1, 0x2, 0xffffffff, 0x81, 0xfffff765, 0x2, 0x4, 0xfffffff9, 0xa, 0x2, 0x5, 0x0, 0x3ff, 0x6, 0x7, 0x4c, 0xfffffffd, 0x80, 0x8, 0x8, 0x9, 0x7, 0x8000101, 0xc3c, 0x1733, 0x7fff, 0x7ffc, 0x1, 0x6, 0x5, 0x1, 0x4], [0x8, 0x3, 0x8, 0x8, 0xffffffff, 0x8, 0x4, 0x0, 0x25, 0x80000010, 0x6, 0x7, 0x8, 0xe62, 0xffffff73, 0x1000, 0x6, 0x5, 0x3, 0x3, 0x1000, 0x7, 0x1, 0x3b40, 0x4, 0x1000, 0x5, 0x7fff, 0x8, 0x5a, 0xffff2503, 0x7fffffff, 0x6995, 0x1, 0x80000000, 0x8, 0xdaa, 0x5, 0x2, 0x76c4, 0xfffffffd, 0x5, 0x4, 0x10000, 0xd, 0x2, 0x9, 0x10, 0x4000e, 0x9, 0x7, 0xa, 0x9, 0x3, 0x7fffffff, 0x3, 0x2, 0x3a6, 0x27f8, 0x8, 0xfffffffd, 0x9, 0xc, 0xfffffffb], [0xa3, 0x6, 0x6, 0x9, 0x1000, 0x0, 0x80000000, 0x5, 0x7f, 0xa, 0x100, 0x1000, 0xf1, 0x6, 0xc, 0x10000, 0x72, 0xc, 0x633, 0xd, 0x7, 0x6, 0x80000000, 0x6, 0x0, 0x7, 0x8, 0x2ef3adcb, 0x10, 0x2, 0x8, 0x8, 0x74, 0x4, 0x7, 0x7ff, 0xfffffff2, 0x63, 0x7, 0x2, 0x3, 0x3, 0x20a7fd9e, 0xfffffffd, 0x2, 0xa1, 0x0, 0x9d, 0x7, 0xa8a, 0x2, 0x6, 0x77, 0xa, 0x1ff, 0x7, 0x7, 0x2, 0x0, 0x2, 0x8, 0x2, 0x3, 0x5], [0x4, 0x4, 0x5, 0x8000, 0x493e, 0x3, 0x35ff4447, 0x7, 0x5, 0x4, 0x7fff, 0x4000005, 0x5, 0x3ff, 0xb88f, 0xffff0000, 0x7, 0xf7df, 0x2, 0x10, 0x8, 0x2, 0xff, 0x6, 0x4, 0x4, 0x0, 0x0, 0x7, 0x4e6, 0x8, 0x6, 0x5ef, 0x8000, 0xc, 0x4, 0x401, 0x1, 0x5, 0x0, 0x9a8, 0x99f, 0x231, 0x3ff, 0x8, 0x1, 0xffff0001, 0x1, 0x1, 0x10, 0x8, 0x5396, 0x6161, 0x9, 0x101, 0x1ff, 0x8, 0x431, 0x6, 0x5, 0x4, 0x7b, 0x7fc, 0x9]}, 0x45c)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000140))
r9 = syz_open_dev$usbfs(&(0x7f0000000340), 0x206, 0x8401)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$USBDEVFS_ALLOW_SUSPEND(r9, 0x5522)
ioctl$USBDEVFS_BULK(r9, 0x5523, 0x0)

3.688941271s ago: executing program 3 (id=1718):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x8, 0x4, 0x4, 0xff}, 0x48)
r0 = openat$cdrom(0xffffff9c, &(0x7f0000000400), 0x101000, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r5, &(0x7f0000000040)={0x18, 0x2, {0xfffc, @initdev={0xac, 0x1e, 0x5, 0x0}}}, 0x1e)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rpcgss_svc_authenticate\x00'}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x20, 0x10, 0x401, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r7, 0x503}}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000940)="1c00000033000b17d25a80648cffff4003050000452300030e099450", 0x1c}], 0x1}, 0x0)
ioctl$CDROM_NEXT_WRITABLE(r0, 0x5394, &(0x7f0000000440))

2.790705317s ago: executing program 3 (id=1728):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2d)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000340)={0x1, 0x0, [{0x1, 0x2, 0x0, 0x0, @irqchip={0x200, 0x5}}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x68e003, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_bt_hidp_HIDPCONNADD(r4, 0x400448c8, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
mkdir(0x0, 0x60)
umount2(0x0, 0x2)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
open$dir(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, 0x0, 0x4000040)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$BLKPG(r8, 0x1269, 0x0)
rseq(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
llistxattr(0x0, 0x0, 0x0)
fcntl$setstatus(r6, 0x4, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
ptrace$pokeuser(0x6, r7, 0x118, 0x40000089)

2.691114962s ago: executing program 1 (id=1729):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0)
io_setup(0x1, &(0x7f00000004c0)=<r1=>0x0)
io_submit(r1, 0xf3, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x1, 0x0, r0, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}])
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x36)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)

2.645151388s ago: executing program 0 (id=1731):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000280)=ANY=[@ANYBLOB="61122800000000006113140000000000bf1000000000000015000200091b00003d030100000000008701000000000000bc26000000000000bf67000000000000140300000ee600f06702000014000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b4436fdeecd791614ed46de741eb8cf91c04eef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c78cd3e7dbeca38e49a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) (async, rerun: 64)
io_setup(0x800, &(0x7f0000000500)=<r1=>0x0) (rerun: 64)
io_submit(r1, 0x2, &(0x7f00000004c0)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x3, 0x4, r0, 0x0, 0x0, 0x3a5e}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x47, r0, 0x0, 0x0, 0x5, 0x0, 0x2}]) (async, rerun: 32)
syz_emit_ethernet(0x36, &(0x7f0000000300)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2c, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) (async, rerun: 32)
mknod$loop(0x0, 0xfff, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) (async)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f0000000080)={0x1, 0x0, [{0x1, 0x7, 0x7, 0x9, 0x7}]})
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000000c0)=0x3)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"}) (async, rerun: 64)
ioctl$KVM_CAP_HALT_POLL(r3, 0x4068aea3, &(0x7f0000000100)={0xb6, 0x0, 0x7}) (async, rerun: 64)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x4}, 0x94) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000440)='contention_end\x00', r6}, 0x18) (async)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000003c0)={0x2c, r7, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000840}, 0x4000000) (async, rerun: 32)
r8 = socket$inet_smc(0x2b, 0x1, 0x0) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0) (async)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 32)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 32)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) (async)
sendto$inet(r8, 0x0, 0x0, 0x200408c4, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2.570465643s ago: executing program 2 (id=1732):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xf691, 0x10100, 0xfffffffe, 0x2b4}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, &(0x7f000000b000)={0x77359400}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

2.497779013s ago: executing program 0 (id=1733):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x8, 0x4, 0x4, 0xff}, 0x48)
r0 = openat$cdrom(0xffffff9c, &(0x7f0000000400), 0x101000, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r5, &(0x7f0000000040)={0x18, 0x2, {0xfffc, @initdev={0xac, 0x1e, 0x5, 0x0}}}, 0x1e)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rpcgss_svc_authenticate\x00'}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x34, 0x10, 0x401, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r7, 0x503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
sendmsg$kcm(r1, 0x0, 0x0)
ioctl$CDROM_NEXT_WRITABLE(r0, 0x5394, &(0x7f0000000440))

2.497269229s ago: executing program 1 (id=1734):
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffff"], 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat2$dir(0xffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x121001, 0x9, 0x10}, 0x18)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
renameat2(r1, &(0x7f00000000c0)='./file0\x00', r4, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="8c0000000906010200000000000000000200ffff08000940000000390900020073797a310000000005000100070000005c0008801c00"], 0x8c}, 0x1, 0x0, 0x0, 0x10000182}, 0x4000080)

2.488738592s ago: executing program 3 (id=1735):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca0200000000000000adcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d070490893616810a121ff4feedd1d176b313b9fc7bf31ddff431a4a50760ce18a76c4b7aa73cec3eec984c76d16f798c436410f3f4a41715e736a132c3cb9421be0b3c2bd40b75896c007fa2d47e3d8392d905d582b8eff689b0f493770c91e8c2e8bd0b08ffa4fd0289b04b0ea024768d196ef721314d68d29988b01871c6ea39f95a0b77744caadd24867acab274e8e4bf3fb44df31e15ffdce52f9f60ffe"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r0, r0, 0x2f}, 0x20)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000140)=ANY=[@ANYRES32=r0, @ANYBLOB='/'], 0x20)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

2.400460715s ago: executing program 3 (id=1736):
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_clone(0x800011, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
syz_io_uring_setup(0x497, &(0x7f0000000300)={0x0, 0x7278, 0x0, 0x1, 0x18e}, &(0x7f0000000240)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = socket(0x11, 0x800000003, 0x0)
socket(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600))
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_open_dev$vim2m(&(0x7f0000000040), 0x3, 0x2) (async)
r5 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f0000000440)={0x0, 0x8, 0x1, {0x2, @pix={0x204, 0x8, 0x39565559, 0x3, 0x20829, 0x4, 0x4, 0x6, 0x1, 0x0, 0x1, 0x3}}}) (async)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f0000000440)={0x0, 0x8, 0x1, {0x2, @pix={0x204, 0x8, 0x39565559, 0x3, 0x20829, 0x4, 0x4, 0x6, 0x1, 0x0, 0x1, 0x3}}})
r6 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r6, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff)
socket$inet_udp(0x2, 0x2, 0x0) (async)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000200)={'tunl0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x1, 0x80, 0x0, 0x1, {{0x5, 0x4, 0x0, 0x3f, 0x14, 0x67, 0x0, 0x0, 0x0, 0x0, @multicast1, @empty}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r7, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000a00)={'ip_vti0\x00', 0x0, 0x7800, 0x7801, 0x0, 0x1, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x0, 0x0, 0x4, 0x2f, 0x0, @multicast1, @empty}}}})
sendmsg$DEVLINK_CMD_PORT_SPLIT(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x2000}, 0x2c004)
syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0) (async)
r8 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r8, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x74}, 0x1, 0x0, 0x0, 0x4008081}, 0x0)

1.710257408s ago: executing program 2 (id=1737):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x8, 0x4, 0x4, 0xff}, 0x48)
r0 = openat$cdrom(0xffffff9c, &(0x7f0000000400), 0x101000, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r5, &(0x7f0000000040)={0x18, 0x2, {0xfffc, @initdev={0xac, 0x1e, 0x5, 0x0}}}, 0x1e)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rpcgss_svc_authenticate\x00'}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x20, 0x10, 0x401, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r7, 0x503}}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000940)="1c00000033000b17d25a80648cffff4003050000452300030e099450", 0x1c}], 0x1}, 0x0)
ioctl$CDROM_NEXT_WRITABLE(r0, 0x5394, &(0x7f0000000440))

1.530075689s ago: executing program 0 (id=1738):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1800, 0x0)
ioctl$KVM_MEMORY_ENCRYPT_UNREG_REGION(0xffffffffffffffff, 0x8010aebc, &(0x7f0000000040)={0x1, 0x1000})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x40305839, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000340)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000002f00)={0x0, 0x0, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_DIRTYFB(r1, 0xc01864b1, &(0x7f0000000040)={r3, 0x2, 0x36, 0x2, &(0x7f0000000100)=[{0x7, 0x1, 0xcc, 0x3}, {0x80, 0x7fff, 0x74d, 0x3ff}]})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r7 = socket$xdp(0x2c, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r8, &(0x7f00000021c0)={0x2020, 0x0, <r9=>0x0, 0x0, <r10=>0x0}, 0x2020)
write$FUSE_INIT(r8, &(0x7f0000000080)={0x50, 0x0, r9, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}}, 0x50)
r11 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
syz_fuse_handle_req(r8, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r8, &(0x7f00000063c0)="99529ca7d265e2dba44891e35e7d5dab7921b730436ecd4e999a25bcf86a25f8f029c0dd50373e90b7cf7779b12ecd4423c5b13cfac186975cd723976f3c747612913029d42517c189364bc59d8ebad53ed1b86f8f66c99b1f9b5b40d78cef1f14f81815d53bdca7fef40607358db69eb8c0b1f6b0942ab4b1ee7ca8deb4eddef06381a3d1c52d6147fc5109c7c607591497a6b2477f60cc881d3219c96bffb34aadec3fa97250713cce17cd536721bf9c40a019531ed0bbad139e26a3d4d39b68ab1bf37cb1a4bd197a8789cb1940cd86d9e56713bc36c7cffd07a311f5bc2e91f16d152eb480645e85ec9b3bf09c7fa140dced0afd55d7b99e90a96e7748e2d0dc09672ac199ce529e631efe1783769819c182ca106f6184bcbb387ed246c43562d74c36ac3a7ec2f0e11f70bad0007c03bb9c0d2dacc2148cce4a4aea327c7319016ad146b52bfae0357f9e892e9bec61a13c93551cfa3d4f4bfa7585c93bb0bef01a9114f3dc54179cf9a57fe88f5cff3403e33c9d09e3e9c2e10f1f16894e1b59e3cad47c1f202cf7b756f2851fc96d09459c9a8d34c19e6a3525cd5001aac5181f57286d0e1e88ce5092c7c76b6abdaebf2c499aa47587b48eb12a2b72548c190b0324ebedb81a63333b6edb25550f859c5ccc404a944ff7f61af8800888192fbd4c8e0e417d1d181b4b335a6f52e0a7dae18397e81e3f747cab7be902ed903bdd6a622f178f9b4244718ee1206237257374d2fd1466ab6135ef7ef4a114ae170eafe9cd78cf9ffc36974cbc4b8003072bed78765a0b9f1240f24dec6a9e46db9bb498d40f727c0cbf8f4a6a49539bd0805caf65d80130d7fb60a69dc7ed890874a17530c042cf33a977d331435d68ef33885f638c777ad49564ca77d8b81ddd853a21cd55d95b627310dd633a4f005853a5506cd8f744c367f3cb6998b0fa97de6bb35b166b0c6408c4e0a38ed26235a88520c38ca97ac8a6dc81e6dc6483d383fa09f198997b8eea1c68c9e3320683c9a02dd89ddc34c241e7294ccc88d6b35762892e8746e558bfbc2251949f2ecb763dad5b975eaf36e2864be6a41d3e20514d32f5d4b6350dc7e3cc3a85428ea98efb3b1edc2a2ec1e618452949cc7e2ba1251990168fee342d4f304b7a7af9162bcbe6b09c75d7420d2c547b4e3cee1836df6eddd5dff73a4e308fcd8eaa7a33e6980a6f8ead03257a37d72d3b265d02fa42f57db877654ed513e31c35e1af0bd28511d6b57cfe07b27cbe9767a534b426dfc3dd257d5899444f34cbf4dc74b9eab2e7e3e1e1a8a6ac5e4359d653506b299a5b7c67b92dc462f1216655f952362a3387ad9966b606d98e8d1b544dc27dc6bc78fd18a446736e25c51143db9886b6c09812d5825b5d9e0932f218ff8bea4d9e1c4df9c9d4eb19336d48163a921c4ff1f0beef26b01b7e8c0d23fb59b84e229eaabb791f2cffc9aa4db75162cbfe4c9ae8d76a5b6bc4bff20e3f8f125b9aadb3e728d7f78d61fd55f46b7f59511b876e6563256686e44f25cf38d393a9b762bada272eba8df28e4086c4cd2fe3c9fab97756fb145373e6ca1991bb1ee6589e49c821ff29f047970819f88f724bd077cd3f0ae463d99b3e53078431e3f9bebabc5289a65479359efe3909186aac60a29f561de8c590988c913c9e693ab8106e8287f6565eee6735f7c88cad7124d1c8d9ff347e97912824088ee954de01c6d8a06447f06899607eadbfd078bc3df506252005749378dbd7399c9eca60b81dc0d88dedec31e5cf6e7b6d6d411958df8f9e0bf4443e8d3bdfe49d05f811d17088024d0629fc8ab8e05e309bf55e8e60d342623765f4e8d2dc4a90291cd4354ff9568c8170e6ea56e028bcf2719595253adb8c84050bb9ce4927a1c1f4560da87d109ceda90bbe45a1717763d8025f1ff40f157185ddf17079da272ae10c4f34162caf4b0d31221a57b3059fd449c87554d968a54b2eebd760dc3263c40d9eedf5905d5699d29706ea6e9e81ff2bf92489a06deffe7e978661f37a88450783e23f107c2bfce000dfc91c5fca49e46d9ea978f215a45984699f0d2503b30a741e13be56b7abe3e5663c0825c3cb04ead44ce97719c4ee6f4cdd3c452775ad7163d5c9034583cc2dbc2b0c04917a3e1aa3d0a8bb6fcf94d7922eb1d543c09185827aeb1b72ae7103ef2c014af2ff4b47fca40fb0e66ddf0264476d7a84e9b8dc551d4c407bdbac6757f7a25bd404b45bec1091696203cc438860131ad5f2fd80e3c45629864dd9f7d302b66fb8fb86735c9a6dcf8b135a273dd2ae9473bc905081be9fcb8f91b1ddba1ac692798dac0b9ccffe0319a779f5e10c65f294b22fe475283b023f9cd890e92c5447b1bc1528255c5af383bc1fb6e72cb9a67215a9e25cde63c89baa8c7125c7e8b748b728d07d9cb66778404f54e6a9e3ae1ae82f3d0ce77199f23f94a01b71b805b476fedbebeb52c83a1b857f23ba438c56a6c4c2a5909f721e6e3d240e4a16455e92220d13022ce7ec0b1365ba4e67aa6ecb324f8826579e12cebdfc0d8af63e83b5e5624d5b791f99093f9a27f7baea9fd10111209c0857a04f07408111063ef34026aee27a3d51b40e53883f9094402534bdd21cc49d7f5593e99cb204cd805bee4add0f82cf4b6dc5da14d6b79fbc68c9ccf7fb5fe774f8879e13079b024a8ad24bf123c420d630837a84ba05abf0ae4dc3fc04f25c7f74ff91d0d609c958642a48551e51b5c0074a56a7da10ce153b08cabea636f8489d8e7b655758a41d7f7474c9d76bf4d54d789bfceaffef139854065de6a94b0275a9626aab99ae838364b1a491e55017e4212b6b01f7a41bc9c215ecd17c49a8610db28c699259c58b81a0e84c45fd8e719c05c48501c49e8a6515044d247f58e4cd0bf22fd6ae31f45339d1f801196d426c52269b1aaffaf18e2a03760bb231cb7cefa6d72f1d7eb6a3bbd65d0914221b8fbf531dbd562eb4a1b28983ac7d83d4813b10b34c9525ba644f61a2c4800d4fe96a7bca63da1041ed73cc57fb9d42f9dfc8ca41d80292bbb311c89b0a0fcee1d88a025a7416863342aea00e6f049cb2ddebd17c5c617ff562a8af0c965cbe8341431a30ea239e4a62aa2b19757a3b0de04229a9907f8610c27b26591405845bf8b5b83706ed18d910c4f68777378366ff565617b19168a04560a32ce5ad64aaef9f4377118c4335b24826cdcde78fb4bdb11498553f56d8dfeb3a482c70cc6580c399b92339cbdb3464fcc7b00e9839fd0d2b8b6db90c56b33593a0048bf7983421f29b1285c81a239045b96a9b0cacd70d6d9853206471f06915efc8d3ec4c50fb13601abc73247a656066fd7b329159b3ce9e3302b4c0d6aec58cb0946a8ee8e7f55f1af604f1edb4d887fa6292dc0ce57705c1a25dc62650c127d11a364b397aefc2fcc3a164bdc53165a461b01de9180c1461b309c75af0911b4cc1b8aa05652b62119c87b4b235c573aa15b1516cddf61efd6a7f8c953fbaaee9c0e800e8f519e1494de850ddb976864088fe0cf90bbc54395078ea2501e8baa84d6807e184105bc2a140b663416496886422643bbf764d406af06e7d086678828defda0b648b25666b7b5ea29e927141740d5be0e61bf25d40b8404ffd3c67bb855b11d4faf82b7b8051615c101c3deb0601a0fa9ecd8b4a95082ccbc8222b0982802dd8430e653d6eea2786dc3a91397135faffdc65a5bae048f5c463b1a6648becce961d39d063d28d1ad6dafcea0b0878379adb16cc0d4cea572abeacd9a168a4fe2e338092b5bc93ecf02ac6ccda03e5b23adf511fdf7a79442093233b79c67d3fdd3c36c96a8f67aa79e4743d99cf963ae6161877f73656eb0314d889f4b8649bbce8a759f90eac6c006197b54b2bbac7c9b237f1e3dc099c62a65481960e6ad697fc66316ac084ba99c60f58bf44ff45f3b2006cbc4196a25f124dfaf247e863a855ef6070deb45219a922dcf2be9bd01c340e1ca5ed7c3ddac9f7a677c5d00610991d21e0751ac8044585b39f3fec5b672a11a9bce32196c2003d01ea50b0f0403e16df188ecbbb74f295f01398363ddfecdb63a49347c912c125670205d7b6be999688df85bb7d5ac12b62b4fdc4eadcc2a9a7897028404f697b007603a0ad588c772952d6670ee870771774ad157c0b9cccd4b2192d835606198ea0c65036ae4e406cdc539ff3aa81fa20b7ab58d6f3abdb69cc1f503d593f7025d2035e7f21db76336efc2843a0dc9bd2eb8794718134ee68fc57d4d2bcc18969d08177f442b87433b48540c661940cf9e2462c53efa310c7e47487deab2ae15b1978ef05aa1e14110943f649d82486f710a39854409e74edcaf06b4a92d3580b9cdabf83c6351657698d3d5af7514f382e75d1c912cded577258603fc9ed002e010747cddf7885d34afc9a84d82696c6660cb5ecafb68b564908fc49c4db6a187d037241a26b1141cf20f2e968a53366db0f60b79cd98cf3c897c50b7b9728e6e7100f99e4d5ed2428dbd285516ca6660777a39b4b2617c1be5b0232d60b9c8099f5daedbf190109439c40b46090985200d6c0501313f3fa4d244864575c275faca47aeff32c7b3e3c59392618562a7c2d4b3af85a37a8847f595352024cb63d3a9085c2a502c6a3248f43c5fc828e636cb634b2d393d853ae2dc9605985cf85c060860a90256c7b574c1e01c320687a2bb0b2d51cc2950c485f2ffa5db0ad7aaf753f543de7f86efb775c6bac2989a33757a28836fd27f9347229a0004bd2e546994c69c678fe5717f613f905d945c072004c3a80e0e54215e19ff9972521890d4e705e429f16fc35fe5a15f2e6b75cd719d38f76b087b62e4b5dcdb35f4baa2bab167150bafb6c69e260ca51004bc826d46b77c3f67eaa08497294868e6d91b7b867e4da62052f4f891677256cfbaf19cf32bad99a7da69d8a66537686f89a58d78c7eeaa99cd38009a1a32582bedc5c718e57b19cd405ae659a89909356a07fcef89384d160fa5ae6683cc379642aea4f0c915f72d679bd521399cb16112f2abdede3001400b4a64d2173e153a68631183679b56b8f389ba889784133453a7e892fd3b092f5040870a3cfd6f982990143e7c0882b4ff4c5d049192d36925a25ae4be441aa30dc7e74398b340c45b52c73ed3b0cd640e3cc9fd4be24e7355f386106f65895f1ee850b2a781d1d1d322ca5a3b0fdb78ce1eda048ece94af25437969c99c58c08f1446ca5541e03987a20fd75283e3e116dc4c9222ab7522e4ccf6da14aef49cac9a6a2cd4aba1c54d49e6da4179a66b84e384cd3da53908579b28c11d525ebdc4dc69074cef8a9ecd3aab98f2858769d656b46141c3a4e69a5ed6c0a732c9ec1fce080eaebf537fa5e17236a44ba9c931f555d193e475ffafd20c53ccbab607c1a15fd06742a64691205eb0d00f7f40e4dd8efb279cf09b2522aac0729a631aacb92d5cfa2ce6bb07385b981890b5916755d5cc3a51c8c36bd2987068cc24fcf73840895469bbb9aff1059601f771afedf0a48d5921103920515b27d7e607951982feba197df8c61600feb3622b9eea13a4db4068728cb98cca76cfae197f6258758490bf41673ee29acd91fd296ec863c646e0ca6a0f0e9de146c663ba13d962964d7c32804fd12a14c1ca7212ad48bdfab469c6570dca562220ecbe7b6b163ed4c9361c5c10bed5c92861b8786ada20a99245d282e4454187ec02adfe354e30647cb10661c85168f7958e3ce69ab48c9455214707a63c9b1167f0845a6bfcce2a96cd53eab430f13cd527f1666290719a47c517cfa22fec2e9916af8aa93c78e567993d7fb8ee60fc4b903b8c67a3658302c5e5f35250c30427e4c055b6c54705bc599861f80b7200d361965ff98c88cc698a2615cadeac4bdfd3d613377cea52d2bbcb7e6b78ac31d4b2c33eaf0b2ed40b963e3cb25c7dfea3ebfe7b4aff2aaaaf184dc80ab649a108e2c830ce7eaea58a263392aa9cd13d7f7bd607dc7c804b19dfa41b3e5a5155201a87311e22062c93896e70f3a5c4b03521300b61cc311ebd5beb9838d0ed207c6bfc99e4392508e95804b10b36024f32e1fe1138e9ee7773f797b2bc6be7416f4e9691ef4c2a8d06af6c8b84bd1e6fd1ba3d3183475ef6c139ccf8dcf37671fbb96a2ab5e0e042f7c4728cf30bcc1a0de28a5024276ceaa194b4926e7f6a97b78bac36e47f832d56a96cd266434d37bcf2c2f57877717d91b1854972f832354acc207a2ee8caace7504e0e6197dd7e64a01c4c67bb2de8acc0cccc6c6bff0b0cbfe345542c5a795dfa48cc0990ab5702574d36494bc44c20f5b324f7c984d986cc8cb40cb2550076d96a069b6688d22171beed2dc5b6ff3ede8fff4c4a9de6d3817357a7ca7d24d87300b4545ebbac8cf7f09ec637a4f4d6bd07673709b6c363a75ccef585610c5f15de7851b5ab53e02a757bfc3caeb9a9a8996beffdc0cfd1201b6cd99cb035584e51a6c15a5d2e17d2f8aa6b41e26809392fac6caed1e02a53dcea8a413203608780dab33315a76eba24d540e4c5b9790420834bc8d4e47bc65ae52a54c0ff308427a8d7aff746aa6589d17514e40fee5d0b3533cf4ad2c5f9d96db9f50bd69ed8c92b860e199a35cf268c66ed13516a3b4b024f62d4b2a656067eece95575bdb4907efc488a9821bc3a9c81dd11b2128b7a01aa7a9ce6e73de3b4e9beced70206f91575baddbcbe5722337953c8016a0f4b62120d776c43b7d1a879b692107954f45acdf8967dcaa994aad4922d4fe093e16c2d0090906f5036af99e50bb09b04e9c9b3b5085abf621297ce203010249cede92e9b66b446b86b43eaaae228dfdd3b4408c12b404bb727f7e969e7da04fc59900112bf8d38af0416dc616e75f167aa1352215f07115a6f4eb6bb5fff6f5c2fc9ab906392036b44090e65fdaf017dc53bc94e0807d679d793df18cc44e6c846d414cef1569530f7692daf91eaaf4ae89fe2522f2c9cf33b6ca508ebcd006bc1a61f0c800553aff9dc7d57200b25ecb83e1e0b8cd29520b63aa649d3f71a62570eee56e03223ddf31f0c04fa686b7f6dd054e7a259d9ba335c2c5b2c508897506c0db7f01878dec1411c33f0af61b81dbcf9ff8bdc0c50044963a79f3ee1462150c6bd03a32dbdfef8d72f0b8b3a395ffb0cc85792e7bc867feb5e312cb64e29e193388e9f173c162f4a1320a6f99ea3795fb77d982605959909a1aa11076fcc779ea6b80ec1bf0edfc2569ec04d15a0bdeebccf3c75393dca5e81663532f8ced12d08e4c2ae6e2954d427c7bf053dc4718f56f453bc88d74045bd2f9747aae9b5298a0de927f1d6b1308f4e1483487f083e71ed09298deb52bb10079b13def7453eb432498069edb5ade70c5c54913684d934a3febf78753ac13300a91f467ff3f6e2f00898f015d08f7739047b321b3eaee5ad8aa7adbf7833f014d8c576a491af9fca6843b327ed513821cb3951b2e67a275225d7af6b382e2f955adaacba5d1fdea2223202dee132b91d5cf381b51da94145255f584a70c5e8d11e06a44afa6599bf3ed0cb61703eba254333af53afac60e54cf6397f9f7302249ab644f0b576c713b15007be1f4f9bb213660bca8a70251472b86669d361ef968f542e81ddbe8f4d2e9cabe8d7bf6a31f14a2cc272963553a424c105e7750437ec5bf316e30ce60b4b0c27ccc1eb27e60f6472fef27654da49905ff9c01b28695310ecd8701aedff25a83da4b7c41995f902bdf249769dcb53a3efa894710dd66ba8745ae2253cc6b75a038183a0bee21226d48239320efad6727093e4f94bbc2fdcc216200d903c32bb9f16dd17d5dac423ae0696f3decc576b8f1fdce63d0532370af7d1e2fa2ca5c5d17bd88f5e3abb4792dac8689ca13752f83d753b06b037bf5a80a3748983790352775685b0414c9d74849fd217e388f904278ddb6b0abdda941b61579c796e2bb77a9bc363b18642c401faa502a31011544111b6eedaa369976c814773d83220a75f31026d6ad0b8b4298ea6062234db232bc435e096e84f740e55bb14d46ae04af0500aa5bb218aff6c76aa8a8e3140a1b0d6638538fd7f30fa8d992e53abf8af2fbc16b9e8a668c1aac72cea1a746ee5f7f3392a4ec8f1d19f2f426b6069b1cd347cbc38bceba96ce5da49198083403143c740c04639cd1089abb34fe812d85921c47437604f684bca44a1eaa965c0a6e1c1fd1f70ee932af3455b36184cc15934cdb3f28959d37d8fc10696f8ec1e4b0c3d1b9ff74a01b796d1bb68954a3768c8bcec741b3b69da892f8922142b16b2cabb469a9906b34216243fac80374c10e178c5fd36440f8d7a8588a9c2510d86ffa8cb68ce8c330d2111c94724e522f04573dad43bce252eb505d29ca9379a6b281519d38b7174f3ae8f185544f3003c936a7e6b23ca97a313aac6a061caa45fda73522f3061767bb4e33dbe4bde390eb0f07225a8aef939cb6ab2ada10c02527281abad394cd4ea9f59467a08b72047cdb75d7b2b98e5b4542554a60f953ac7a4b980f42518eec05ff2c044549cab0cf33eef36dfbabcbc0300009d898862d2194cfcdd9a713c30bbe52291105193656ea5eb830873ac956469d31689cc3c69edb5cb9a6e31ce3e6fb50ddd4e52ef9fdeacfc0db21e1e83e0d8d0a64f17cacb4dc208a893e7fd8ffa86cfc554dfba3d9fd281115eccb4b9d909f2fbf3fbb66bedd7b5db3f6d4f076f5d8fb54f8832896f8ef6f624162f1dd589be7a8e87dd5065708a8b0bfb18a5c2299f5605ac8a11c1add55b2018e6099380a70bee3e0727ca6ec58928fe6eb3147b47401e8d822eebade713b58335787669e5e0de5d328a1067df4cd9124665bb02ee8adfd1b3618374ef167df1f0fe79456f78aee3da4c1bf397e4637b0cf41a0f4a2910efd02b17bf5f3c15b0084b36fa7d4e85a53e5be366b428244eeba7499c3e54397227928e2ff6e583f332d6f7e8cf4d058f379b58a7d03a4bfa454bb4b6d543804b8970e6a9fe8886179eb418a8ce9e509e8433571f7d32378f2e983fa418c8c91760ec9fb20968e7fc23b7c4ac71693b2576ac0f8ce2020ff1e7a7ff24301b48b544fb29a1ca4f2502daded865e488a16dd33ec67b2eee3025cdc5ef90f253c4b5e0a61d51e495b675c5a1d55b4ba3812c5f44cd08487e61d36b0c2dc32d27333a5ee8a0906bfbcd388bd9389d1509912c0471c7b706a5aff880569a3fb11ac5f14d780deb4c1b1afe30fb6b8daf87b27a4ceb869d587a97f2f5af8d819aa47bbf207db68a6ecbbefb1e109ed0bfbbf3b54fba9e79de8fad9c3bcd3e74b8b92ccea3ff5c558c6cd72d78a711fc39df603bd4aa1439dd302258edd2204e52d7f435c6f552b612fbc321bea971195cd4d8bb033e2a779e239164d7eea6d8fd233b0b9b776246564cfcf44b31a83031a2413bf98a398c9f93da243cef9ce73d81bade8ad551fb0ffa75bc874c11d23ac9d7752f22a0f54c3870f3314a83e64332db810da1ebb288e10c4eb9be9ec037317b8f813e68160a887da3f5c0389510a0734b69ef275e19973b169d340610cf2112e9964cc0566b9b690c3feb36c8526491d3a563f0bead2abbcf0665e048aa3f929351b2f89876580633a403250ae3b5244c8c0e996bf888938dfc8920348d88e272e6eadc7c0387ca1dae228bd620ce3975d43b58758d9412d304a227245587065f58c4573ba2557f1d8333ba007709b1239d682f03405b22135757178fb701bbde81d2f8faaa7666c025d8a8bb426dc4b8e61aed79b3b3d3a9b01ee9142772d869677ede166e7a8be8ab84cdd6946b1478ce77ba307213971cfb24c86c344310f279e38d22254bf4caf83c02e715cb0550e615dc9f8dd2400fa749e3527493c15fb454c158e4c0603ae6e962b7890058ec7c10f0618ee274a15bca6ca9fe5bc5f9e7797c0950299912be9c58463c07d667d4bffe8aa590ae43db08512b40f3d265026bef2facdd508984e5f6d2ac7ef573397f14ed2e2ccdcbe5796e60ae64d173814906d1da5a5bfe8a2a4c5d6bb0b3315b878b4877d0c045f6e6cfa0dfc1ea4de7abe26f2b2d8c93299ed1d83f1b7853c756bfa346cd53b008fec169883983fe0f2405777dd85e17b2e4e8b23432c0dc4c386d67b6597184d0b4b95877362304638484cc0951400f66ee8391dd44417c58b3d46a8345a8049fcd70f7b5f4a6f912e2b18760947c74ef2b732b342878d7e7cc99902de87db36469555fbbfe76189f108d6ab31f4727fe4e22d075afaf6cc726ab17a5e1b4ab6c8f29a459da3c4266b5ad8ff55906a190f8b19a3bb92a50df49647c03d5d6106ec07e9300038d059a75b54ac31683ef8e5eee946e1c84d016ee1e7800a92c0a3823b62e0417fe86b191951f65abc0c38c1e0e8f1121a04b62a8a720790560f922804b1b7e7eaa497e1bede6e3d0dcf0312dbf221561958fa1e85a8f99e6fc82f919e78c17d1beda16cfef25fb5d00f7c32df9a51eac76000c988ffdf011564aa0e319764b16a5a7c728a470ff70772fb76c9ada26a0ac073fcbfa12501c2454b19e02d928e3939a40bfff76c002533b3849cdf8016728445131e5f1e292b7d3dc06bb3a3cfff6fabae0b7341694a8938c1d2497cd70b76c337c9a312e96c8f736d7625a535e1906eba53d199221ca60202a65be0f7e530aca10e61fa39c7601d65954e5ed4cab94345c6b89c7f8a0de5c61a7945e1564731b6715331d13263b2961a163382f7c4934d847033860e402f3aadb4f3e6cf47a97a2031401da4d2c8de8c80cdad71b97b4deb2075a02282f958ac6772354e67f097ca693778224b80892490015e7d697fb9107f75cea708178ffec93fb1d44e8493bad1d42c918e661219ea819e0200759037a5a585c0fe074fd407536fe58013f42612c41bfc66e16870d7a9c00ee93a3122b253fecbf5de3837641f4a1376af0f053463413c26c29f9a346318565276856b963da30ba6ab8c4c8ef6cfddc432328586d9d9829895835759bcde0851ae0c838a3927ea63fe5ba793fae94da61cab00fc05f3a265a2da1221bb2b66775ed7ba856b41011652d4984991e56249360ddfc997245ac1547a1c16382d42df383a8d1c852643b24895c422712e79c436fdfffece4ed1c50922d4f25296aaf6b204522086d188bee254f8303b60537ead1195ac5dd301286f0042dd68aa05a70e4beb779aa0b61a316f736b72c9ab7ed860a0908a078f4b8a53f2df0abf993f689de4b02b9138ca5047fb0bfc9ba3b92bff033e36fc9553260b008cef3d147c62d1d3944fd1eaff79bc5a922ec2190907bfda1b51c2c7fb867db1f8e13a37b5e3ae0165e93350b958a239ec1f2b78561cff854b975307b5b5dd23b040602a5a36bd79947ee04c7d0e5e30f9c4c79f7b4e6eada98bfc6c357cdf8939213423f1b21ba26cfc2b2756ea3eb992372db0ab8a7c37d8ae96bf3ed6be873c1891550ef741812032e1ae938326c399ee43a3061602dda006f1b6b620bebb6a5752bee77e8acf9921ebf4d4c8af7eb5e937c65697c0664c594e31a62377a25605051996c474ca322ce8e0e6ef8a7988be", 0x2000, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)={0x180, 0x0, 0xfffffffffffffff9, [{{0x5, 0x2, 0x3, 0x2, 0x4, 0x4008, {0x2, 0x9, 0x100000000, 0xff, 0xffffffffffffffff, 0x0, 0x7fffffff, 0x57, 0x8, 0xc000, 0x3ff, 0x0, r10, 0x4, 0x4}}, {0x20000000000000, 0x537, 0x2b, 0x9, ':-(\\\xc9\x80\x00\x00\x00\xc3\x00\x00\xf39}\xd8mM\x92\x8d$\xd3\xa4a\xb6\x02E\x89\x85V\xc6\x00\x00\x00\x00\x00\x00+\x13;\x00\x00\x00'}}, {{0x5, 0x1, 0x1, 0x4, 0x9, 0x6, {0x1, 0x200, 0xc, 0x8, 0x4, 0x9, 0x5, 0x8, 0x1000, 0x4000, 0x8, 0x0, 0x0, 0x81000000, 0x7}}, {0x3, 0xfff, 0xf, 0x1cde, '/dev/vhost-net\x00'}}]}, 0x0, 0x0, 0x0})
getdents64(r11, &(0x7f0000000100)=""/134, 0x86)
setsockopt$XDP_UMEM_REG(r7, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
ioctl$UFFDIO_COPY(r6, 0xc028aa05, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000013000/0x4000)=nil, 0x3000, 0x3})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r12, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})
close_range(r0, 0xffffffffffffffff, 0x0)

1.250093959s ago: executing program 1 (id=1739):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_io_uring_setup(0x304, &(0x7f0000000100)={0x0, 0x4b, 0x10100, 0x2, 0xe1}, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000480)=<r3=>0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x41, 0x0, @fd=r1, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
r5 = openat$iommufd(0xffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$IOMMU_HWPT_ALLOC$TEST(r4, 0x3b89, &(0x7f0000000300)={0x28, 0x3, 0x0, 0x0, <r6=>0x0, 0x0, 0xdead, 0x4, &(0x7f00000002c0)})
ioctl$IOMMU_HWPT_INVALIDATE$TEST(r5, 0x3b8d, &(0x7f0000000380)={0x20, r6, &(0x7f0000000340)=[{}, {0x1, 0x1}, {0x1, 0x3}, {0x1, 0x2}, {0x1, 0x2}, {0x1, 0x1}, {0x1, 0x3}, {0x1, 0x3}], 0xdeadbeef, 0x8, 0x8})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
r7 = syz_io_uring_setup(0x88f, &(0x7f00000003c0)={0x0, 0xaef2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
ioctl$FITHAW(r0, 0xc0045878)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xffffbffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_READ_FIXED={0x4, 0xc, 0x2000, @fd=r7, 0x0, 0x81, 0xa, 0x0, 0x1})
io_uring_enter(r7, 0x47f6, 0x0, 0x2, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x6, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
r12 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r12, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r14 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r14, &(0x7f0000000080)={0x0, 0x6, &(0x7f0000000100)=[{&(0x7f0000000380)="5c00000012006bab9a3fe3d86e17aa0a076b876c1d0048007ea60864160af36504001a0038001d00e517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb000011d600a0680d4bbd6df1db6f1078bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg(r14, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x40002000)
r15 = openat$comedi(0xffffff9c, &(0x7f0000000440)='/dev/comedi2\x00', 0x200000, 0x0)
ioctl$COMEDI_DEVINFO(r15, 0x80b06401, &(0x7f0000000580))
getsockname$packet(r12, &(0x7f0000000180)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r13, @ANYBLOB="0000000a010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=@newlink={0x58, 0x10, 0x439, 0x70bd2a, 0xffffffea, {0x0, 0x0, 0xe403, r16, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @sit={{0x8}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r13}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_TTL={0x5, 0x4, 0x80}, @IFLA_IPTUN_ENCAP_FLAGS={0x6, 0x10, 0x7000}, @IFLA_IPTUN_6RD_RELAY_PREFIX={0x8, 0xc, 0xffffffff}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x4008040)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f00000001c0)=0xffffffff, 0x4)

1.154344277s ago: executing program 3 (id=1740):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, 0x0, 0x0)
r1 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_APIC_BUS_CYCLES_NS(r2, 0x4068aea3, &(0x7f00000000c0))
connect$bt_l2cap(r0, 0x0, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x4040005}, 0x0)
openat$hwrng(0xffffff9c, &(0x7f0000000000), 0x80800, 0x0)
unshare(0x6a040000)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, 0x0, 0x0)
setsockopt$sock_int(r4, 0x1, 0x8, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000840)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x7, 0xb46, 0x7fffffffffffffff, 0x8, 0x0, 0x3}, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r7 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r7, 0xc0285700, &(0x7f0000000080)={0x0, "4fcb813dd28b42bee2b094a3de6dbfd30a74457bcd1cfd5feffe5c019f45d57f", <r8=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r8, 0xc0303e03, &(0x7f0000000180)={"000000149c0286e08ffad43c40fc0a000000ab65a29e23546aad0281b3aff5eb", r8, <r9=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r9, 0xc0383e04, &(0x7f0000000000)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
symlink(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file0\x00')
r11 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r10, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r11, @ANYBLOB], 0x38}}, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

1.142006488s ago: executing program 0 (id=1741):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x1f4, 0xd50, 0x1000000, &(0x7f0000000100)="ff412f66b0833efc8864968781", 0x0, 0x300, 0x300, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x2}, 0x50)
setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r6, 0xc0b45545, 0x0)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_IRQ_LINE(r8, 0x4008ae61, &(0x7f0000000000)={0x9, 0x7})
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="1f", 0x1}], 0x1}, 0x8c0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x193a, 0x4)

775.856571ms ago: executing program 2 (id=1742):
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x38, 0xd, 0x6, 0x301, 0x0, 0x0, {0x3, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
sendmmsg$inet(r0, &(0x7f0000001bc0)=[{{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='~', 0x1}], 0x1}}, {{&(0x7f00000022c0)={0x2, 0x20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000600)=[{&(0x7f0000002300)="ef", 0x1}], 0x1}}], 0x2, 0x1005)
r2 = socket$inet(0x2, 0x80001, 0x84)
syz_open_dev$admmidi(&(0x7f0000000180), 0x7, 0x40080)
setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x48a, &(0x7f00000001c0)={0x1, 0x8, 0x8}, 0xc)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x76, &(0x7f0000000140)=@assoc_value={r3}, 0x8)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000000000000050000100950500"/31], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

690.28362ms ago: executing program 2 (id=1743):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0)
io_setup(0x1, &(0x7f00000004c0)=<r1=>0x0)
io_submit(r1, 0xf3, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x1, 0x0, r0, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}])
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x36)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)

530.389476ms ago: executing program 2 (id=1744):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca0200000000000000adcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d070490893616810a121ff4feedd1d176b313b9fc7bf31ddff431a4a50760ce18a76c4b7aa73cec3eec984c76d16f798c436410f3f4a41715e736a132c3cb9421be0b3c2bd40b75896c007fa2d47e3d8392d905d582b8eff689b0f493770c91e8c2e8bd0b08ffa4fd0289b04b0ea024768d196ef721314d68d29988b01871c6ea39f95a0b77744caadd24867acab274e8e4bf3fb44df31e15ffdce52f9f60ffe"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r1, r1, 0x2f}, 0x20)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000140)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB='/'], 0x20)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

530.042318ms ago: executing program 2 (id=1745):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x2, 0x400000000000003, 0x0, 0x0, 0x1b, 0x0, 0x0, 0x25dfdbfb, [@sadb_lifetime={0x4, 0x3, 0x0, 0x65f7}, @sadb_address={0x5, 0x6, 0x6c, 0x0, 0x0, @in6={0xa, 0x3, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, @sadb_lifetime={0x4, 0x4, 0x0, 0x7}, @sadb_address={0x5, 0x7, 0x0, 0x0, 0x0, @in6={0xa, 0x4e23, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x400}}, @sadb_address={0x5, 0x5, 0x0, 0x80, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x2, 0x3}]}, 0xd8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000ac0)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000c80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="01002dbd7000fcdbdf251800000008000300", @ANYRES32=r4, @ANYBLOB="c78873fe2b26b9440f8367beb1c950ae2ae9311a0c7d0045081c550709c8346aff0700000000000000000000000000e94de00e27372d2c65a87326adf62628db9213839f3f1fd9a6ecba9bbacd189fef121b80cbe233c6fc290387bd5c7986cca698df6f2ff525758cd969ffec6c0bf2207ff7b24d024fe67988e6cc41236847ad53b59e59a76b400f9264c7d5ab6bcae916e556f4f70abc6238f2e9ff15cfd06b021924342793a266c537e3e9e01b1b3d87798a93137d62d1d2e9e1c8fb278cba8e2f500c8b073d0ef2681b5b93c8045097084edb8f0a876c86656076879b0d380000000000e8deddaa4df86a706e75574fdef455f1cf11ef2d9011f6cd793ee578943b30334387182aa2e502c57f26f1e567b35f17412e2697231d4d14a57c758eac2e375f96ed739eda527c09f0ee41752c18f8a0849e1068a51b5584c7ffeebc9f43bb4f3f5043fc5892aa994cbfde806458114e6700000000dca68aae084e35f84a6b754cadfadd057b3aee86ecdf5f388d6157c247c9074a4aff155dbc06812c35cf17768f4693b448b23b54f7955f7e647970a3d27a0bbe6a6e25bfa6458d56464fa0b79f0f2741fde4515831242f352baede31ee4935af02fd48152041d4c4a1a6885377c6b0c6d26949fb2fcbd80a0779e9484e97efed23123fd74a38215b33ccc543a990e0b245a3c7cd53c5e5f2050e1adbcac063dda2de1bc9b85ed03bb34824f9dffce0820c20031ab17560497b8cee7f1be0bffd07a37132c2f9decbe91976182d3ace0833fadef7765ca393ffc809e359ed2ee16e8899fd2d281c4f412893824d50f883acd1f71dec3361da45d017cb9cb140d0385411c85bbc7ca7e2fe748cb2c7a82767"], 0x1c}, 0x1, 0x0, 0x0, 0x24004415}, 0x20000000)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x30, 0x2b, 0xb, 0x0, 0x0, {0x6}, [@typed={0x4, 0x3}, @nested={0x15, 0x1, 0x0, 0x1, [@generic="a677d10a27a33f598e79ee6484e9aa1061"]}]}, 0x30}}, 0xc00)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r9, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
r10 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r10, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
sendmsg$inet(r10, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080)
sendmsg$inet(r10, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)="cd", 0x1}], 0x1}, 0x240448c4)
socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = socket(0x10, 0x803, 0x8)
r12 = fcntl$dupfd(0xffffffffffffffff, 0x0, r11)
mq_timedreceive(r12, &(0x7f0000000240)=""/114, 0x72, 0x1, &(0x7f00000002c0))
r13 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x3e)
ioctl$KVM_REGISTER_COALESCED_MMIO(r13, 0x4010ae67, &(0x7f0000000180)={0x4000, 0x1000, 0x1})
sendmsg$IPVS_CMD_SET_INFO(r11, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003002908000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r14], 0x5c}}, 0x40)

380.543034ms ago: executing program 1 (id=1746):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x8, 0x4, 0x4, 0xff}, 0x48)
r0 = openat$cdrom(0xffffff9c, &(0x7f0000000400), 0x101000, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r5, &(0x7f0000000040)={0x18, 0x2, {0xfffc, @initdev={0xac, 0x1e, 0x5, 0x0}}}, 0x1e)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rpcgss_svc_authenticate\x00'}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x34, 0x10, 0x401, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r7, 0x503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
sendmsg$kcm(r1, 0x0, 0x0)
ioctl$CDROM_NEXT_WRITABLE(r0, 0x5394, &(0x7f0000000440))

189.632107ms ago: executing program 3 (id=1747):
r0 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
userfaultfd(0x80401)
openat$comedi(0xffffff9c, &(0x7f0000000340)='/dev/comedi3\x00', 0x800, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x80c80, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000004, 0x12, r3, 0x0)
r4 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0xa2ac0, 0x0)
write$USERIO_CMD_REGISTER(r4, &(0x7f00000020c0)={0x0, 0x2}, 0x2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r5, 0xc06864b8, 0x0)
syz_io_uring_setup(0x8005e2, &(0x7f0000000340)={0x0, 0x406bc0, 0x2200, 0xa, 0x200000, 0x0, r3}, &(0x7f0000000400)=<r6=>0x0, &(0x7f0000000140))
socket$inet_sctp(0x2, 0x5, 0x84)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0601, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000003c0)=0x14)
r8 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
r9 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, r8)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x8001af84, 0x0)
pipe2$watch_queue(&(0x7f00000003c0)={<r10=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r8, r10, 0x1e)
r11 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f0000000280)={'fscrypt:', @desc1}, &(0x7f0000000180)={0x0, "de8d0d27ca969fa15f8b3b7bae39c1b3327d4332f8c149d2d65a347d67f6db7eb90dfdad3cdebaaf421412f812305c9da91699b5a02c1295596f0fd9ec78f2fd", 0x2d}, 0x48, r8)
keyctl$KEYCTL_MOVE(0x1e, r11, r8, r9, 0x0)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000180)={0x3, 0xfffffff9, 0x1000009, 0x9})
syz_io_uring_submit(r6, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(0xffffffffffffffff, 0xa3d, 0x0, 0x0, 0x0, 0x0)
mq_open(&(0x7f000084dff0)='!sali\x1cqxte&\xac\xe87x\x00', 0x6e93ebbbcc0884f2, 0x12e, &(0x7f0000000300)={0x0, 0x1, 0x7})

0s ago: executing program 0 (id=1748):
socket$inet_smc(0x2b, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x2, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000340)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x1f4, 0xd50, 0x1000000, &(0x7f0000000100)="ff412f66b0833efc8864968781", 0x0, 0x300, 0x300, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x2}, 0x50)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x9, 0x0, 0xffffffff}, 0x1c)
r5 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r5, 0xc0b45545, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60)
ioctl$KVM_SET_IRQCHIP(r7, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @ioapic={0x80a0000, 0x0, 0xffffffff, 0x0, 0x0, [{0x0, 0x3}, {}, {}, {0x0, 0xff}, {}, {}, {}, {0xff}, {}, {}, {0x1, 0x0, 0x7e}, {0x0, 0x0, 0x40}, {0x0, 0xff}, {}, {}, {0x0, 0x0, 0x3a}, {0x0, 0xff}, {0x80, 0x0, 0x81}, {}, {}, {0x0, 0x0, 0xd4}, {}, {0x0, 0xff}]}})
ioctl$KVM_IRQ_LINE(r7, 0x4008ae61, &(0x7f0000000000)={0x9, 0x7})
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="1f", 0x1}], 0x1}, 0x8c0)

kernel console output (not intermixed with test programs):

136 ns) > initial count (128 ns). Using initial count to start timer.
[   88.388183][ T7023] netlink: 'syz.0.255': attribute type 4 has an invalid length.
[   88.466710][ T5975] usb 8-1: USB disconnect, device number 3
[   89.469537][ T7051] netlink: 'syz.1.264': attribute type 4 has an invalid length.
[   89.747830][ T7054] netlink: 12 bytes leftover after parsing attributes in process `syz.0.263'.
[   89.750683][ T7054] netlink: 12 bytes leftover after parsing attributes in process `syz.0.263'.
[   90.149889][ T7074] FAULT_INJECTION: forcing a failure.
[   90.149889][ T7074] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.154055][ T7074] CPU: 0 UID: 0 PID: 7074 Comm: syz.1.272 Not tainted 6.17.0-rc1-syzkaller-00116-gd7ee5bdce789 #0 PREEMPT(full) 
[   90.154070][ T7074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.154076][ T7074] Call Trace:
[   90.154079][ T7074]  <TASK>
[   90.154084][ T7074]  dump_stack_lvl+0x16c/0x1f0
[   90.154101][ T7074]  should_fail_ex+0x512/0x640
[   90.154118][ T7074]  _copy_from_user+0x2e/0xd0
[   90.154135][ T7074]  __sys_bpf+0x21d/0x4de0
[   90.154152][ T7074]  ? __pfx___sys_bpf+0x10/0x10
[   90.154167][ T7074]  ? ksys_write+0x190/0x250
[   90.154181][ T7074]  ? __mutex_unlock_slowpath+0x163/0x800
[   90.154202][ T7074]  ? fput+0x9b/0xd0
[   90.154216][ T7074]  ? ksys_write+0x1ac/0x250
[   90.154227][ T7074]  ? __pfx_ksys_write+0x10/0x10
[   90.154241][ T7074]  __ia32_sys_bpf+0x76/0xe0
[   90.154257][ T7074]  __do_fast_syscall_32+0x7c/0x3a0
[   90.154271][ T7074]  do_fast_syscall_32+0x32/0x80
[   90.154284][ T7074]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   90.154298][ T7074] RIP: 0023:0xf7f41579
[   90.154306][ T7074] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   90.154316][ T7074] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[   90.154326][ T7074] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000080000040
[   90.154332][ T7074] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000
[   90.154338][ T7074] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   90.154343][ T7074] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   90.154349][ T7074] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   90.154361][ T7074]  </TASK>
[   90.706839][ T7084] netlink: 'syz.3.275': attribute type 4 has an invalid length.
[   90.709499][  T840] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   90.857319][  T840] usb 5-1: Using ep0 maxpacket: 16
[   90.965059][ T7089] team0: Port device vlan0 removed
[   90.986025][ T1144] tipc: Resetting bearer <eth:team0>
[   91.159281][  T840] usb 5-1: unable to get BOS descriptor or descriptor too short
[   91.162382][  T840] usb 5-1: unable to read config index 0 descriptor/start: -71
[   91.164827][  T840] usb 5-1: can't read configurations, error -71
[   91.763059][ T7113] loop9: detected capacity change from 0 to 7
[   91.769162][ T7113]  loop9: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10 p11 p12
[   91.775142][ T7113] loop9: p1 start 4294115327 is beyond EOD, truncated
[   91.777545][ T7113] loop9: p2 start 4294115327 is beyond EOD, truncated
[   91.779812][ T7113] loop9: p3 start 4294115327 is beyond EOD, truncated
[   91.782038][ T7113] loop9: p4 start 4294115327 is beyond EOD, truncated
[   91.784249][ T7113] loop9: p5 start 4294115327 is beyond EOD, truncated
[   91.786351][ T7113] loop9: p6 start 4294115327 is beyond EOD, truncated
[   91.788826][ T7113] loop9: p7 start 4294115327 is beyond EOD, truncated
[   91.791243][ T7113] loop9: p8 start 4294115327 is beyond EOD, truncated
[   91.793381][ T7113] loop9: p9 start 4294115327 is beyond EOD, truncated
[   91.795478][ T7113] loop9: p10 start 4294115327 is beyond EOD, truncated
[   91.798656][ T7113] loop9: p11 start 4294115327 is beyond EOD, truncated
[   91.800937][ T7113] loop9: p12 start 4294115327 is beyond EOD, truncated
[   92.113980][ T6156] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   92.269181][ T6156] usb 8-1: Using ep0 maxpacket: 8
[   92.274415][ T6156] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[   92.276944][ T6156] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   92.280102][ T6156] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   92.283251][ T6156] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   92.286332][ T6156] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   92.291909][ T6156] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   92.294776][ T6156] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.334961][   T40] audit: type=1804 audit(1755318043.722:39): pid=7130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.292" name="file0" dev="ramfs" ino=15570 res=1 errno=0
[   92.367607][  T840] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   92.501332][ T6156] usb 8-1: usb_control_msg returned -32
[   92.503231][ T6156] usbtmc 8-1:16.0: can't read capabilities
[   92.517293][  T840] usb 5-1: Using ep0 maxpacket: 8
[   92.521812][  T840] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[   92.524728][  T840] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.527447][  T840] usb 5-1: Product: syz
[   92.528801][  T840] usb 5-1: Manufacturer: syz
[   92.530468][  T840] usb 5-1: SerialNumber: syz
[   92.537470][  T840] usb 5-1: config 0 descriptor??
[   92.748557][  T840] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[   92.754487][  T840] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[   92.759891][  T840] usb 5-1: USB disconnect, device number 5
[   92.993494][ T7140] usbtmc 8-1:16.0: usb_control_msg returned -32
[   92.996298][ T6156] usb 8-1: USB disconnect, device number 4
[   93.101397][ T7164] netlink: 8 bytes leftover after parsing attributes in process `syz.1.304'.
[   93.104187][ T7164] netlink: 4 bytes leftover after parsing attributes in process `syz.1.304'.
[   93.537515][ T7195] netlink: 8 bytes leftover after parsing attributes in process `syz.0.319'.
[   93.540337][ T7195] gre0: entered promiscuous mode
[   93.617270][ T6156] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   93.757234][  T840] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   93.768544][ T6156] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   93.771271][ T6156] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   93.774436][ T6156] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[   93.777511][ T6156] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   93.781081][ T6156] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   93.786389][ T6156] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   93.789474][ T6156] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   93.792004][ T6156] usb 6-1: Product: syz
[   93.793377][ T6156] usb 6-1: Manufacturer: syz
[   93.798202][ T6156] cdc_wdm 6-1:1.0: skipping garbage
[   93.799881][ T6156] cdc_wdm 6-1:1.0: skipping garbage
[   93.803300][ T6156] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[   93.805200][ T6156] cdc_wdm 6-1:1.0: Unknown control protocol
[   93.807237][   T60] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[   93.908840][  T840] usb 8-1: too many configurations: 9, using maximum allowed: 8
[   93.912593][  T840] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   93.915549][  T840] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   93.919097][  T840] usb 8-1: config 0 interface 0 has no altsetting 0
[   93.921900][  T840] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   93.924679][  T840] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   93.928197][  T840] usb 8-1: config 0 interface 0 has no altsetting 0
[   93.931532][  T840] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   93.934737][  T840] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   93.938187][  T840] usb 8-1: config 0 interface 0 has no altsetting 0
[   93.941120][  T840] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   93.943881][  T840] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   93.948025][  T840] usb 8-1: config 0 interface 0 has no altsetting 0
[   93.951736][  T840] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   93.954636][  T840] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   93.958115][  T840] usb 8-1: config 0 interface 0 has no altsetting 0
[   93.960896][  T840] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   93.963770][  T840] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   93.967102][  T840] usb 8-1: config 0 interface 0 has no altsetting 0
[   93.970576][  T840] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   93.973408][  T840] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   93.976899][  T840] usb 8-1: config 0 interface 0 has no altsetting 0
[   93.979784][  T840] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[   93.979925][   T60] usb 5-1: config 1 interface 0 altsetting 253 endpoint 0x1 has invalid wMaxPacketSize 0
[   93.982563][  T840] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   93.985650][   T60] usb 5-1: config 1 interface 0 has no altsetting 0
[   93.989341][  T840] usb 8-1: config 0 interface 0 has no altsetting 0
[   93.992843][   T60] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   93.994946][  T840] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   93.996232][   T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.999118][  T840] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   93.999132][  T840] usb 8-1: Product: syz
[   93.999139][  T840] usb 8-1: Manufacturer: syz
[   93.999146][  T840] usb 8-1: SerialNumber: syz
[   94.002125][  T840] usb 8-1: config 0 descriptor??
[   94.004277][   T60] usb 5-1: Product: syz
[   94.011566][  T840] yurex 8-1:0.0: USB YUREX device now attached to Yurex #1
[   94.012324][   T60] usb 5-1: Manufacturer: syz
[   94.012336][   T60] usb 5-1: SerialNumber: syz
[   94.062036][    C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[   94.062227][  T840] usb 6-1: USB disconnect, device number 2
[   94.064245][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[   94.067996][    C2] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[   94.070956][    C2] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[   94.206914][ T7205] syzkaller0: entered promiscuous mode
[   94.208859][ T7205] syzkaller0: entered allmulticast mode
[   94.224162][   T60] usb 5-1: USB disconnect, device number 6
[   94.415440][  T840] usb 8-1: USB disconnect, device number 5
[   94.422583][  T840] yurex 8-1:0.0: USB YUREX #1 now disconnected
[   95.187018][ T7232] tmpfs: Unknown parameter '({:]%\!#'
[   95.255044][ T7233] lo: left promiscuous mode
[   95.256547][ T7233] lo: left allmulticast mode
[   95.259003][ T7233] tunl0: left promiscuous mode
[   95.260689][ T7233] tunl0: left allmulticast mode
[   95.263580][ T7233] gre0: left promiscuous mode
[   95.265472][ T7233] gre0: left allmulticast mode
[   95.271970][ T7233] gretap0: left promiscuous mode
[   95.274597][ T7233] gretap0: left allmulticast mode
[   95.279986][ T7233] erspan0: left promiscuous mode
[   95.281759][ T7233] erspan0: left allmulticast mode
[   95.288893][ T7233] ip_vti0: left promiscuous mode
[   95.290980][ T7233] ip_vti0: left allmulticast mode
[   95.294460][ T7233] ip6_vti0: left promiscuous mode
[   95.296352][ T7233] ip6_vti0: left allmulticast mode
[   95.300727][ T7233] sit0: left promiscuous mode
[   95.302521][ T7233] sit0: left allmulticast mode
[   95.306586][ T7233] ip6tnl0: left promiscuous mode
[   95.310056][ T7233] ip6tnl0: left allmulticast mode
[   95.317551][ T7233] ip6gre0: left promiscuous mode
[   95.325240][ T7233] ip6gre0: left allmulticast mode
[   95.346429][ T7233] syz_tun: left promiscuous mode
[   95.348260][ T7233] syz_tun: left allmulticast mode
[   95.351538][ T7243] netlink: 4 bytes leftover after parsing attributes in process `syz.3.336'.
[   95.357313][ T7233] ip6gretap0: left promiscuous mode
[   95.359019][ T7233] ip6gretap0: left allmulticast mode
[   95.363832][ T7233] bridge0: left promiscuous mode
[   95.365456][ T7233] bridge0: left allmulticast mode
[   95.369683][ T7233] vcan0: left promiscuous mode
[   95.371334][ T7233] vcan0: left allmulticast mode
[   95.373910][ T7233] dummy0: left promiscuous mode
[   95.375554][ T7233] dummy0: left allmulticast mode
[   95.382988][ T7233] nlmon0: left promiscuous mode
[   95.384724][ T7233] nlmon0: left allmulticast mode
[   95.387895][ T7233] caif0: left promiscuous mode
[   95.389894][ T7233] caif0: left allmulticast mode
[   95.496976][   T42] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.500287][   T42] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.502914][   T42] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.505561][   T42] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   95.597354][   T60] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   95.650934][ T7235] syz.1.330 (7235) used greatest stack depth: 20840 bytes left
[   95.689815][ T7271] block nbd1: NBD_DISCONNECT
[   95.693352][ T7271] block nbd1: Disconnected due to user request.
[   95.703170][ T7271] block nbd1: shutting down sockets
[   95.747832][   T60] usb 5-1: too many configurations: 9, using maximum allowed: 8
[   95.751415][   T60] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   95.754269][   T60] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   95.757992][   T60] usb 5-1: config 0 interface 0 has no altsetting 0
[   95.760794][   T60] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   95.763641][   T60] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   95.767062][   T60] usb 5-1: config 0 interface 0 has no altsetting 0
[   95.770445][   T60] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   95.773240][   T60] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   95.776641][   T60] usb 5-1: config 0 interface 0 has no altsetting 0
[   95.780848][   T60] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   95.783745][   T60] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   95.787501][   T60] usb 5-1: config 0 interface 0 has no altsetting 0
[   95.790984][   T60] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   95.793794][   T60] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   95.797405][   T60] usb 5-1: config 0 interface 0 has no altsetting 0
[   95.800217][   T60] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   95.803141][   T60] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   95.806560][   T60] usb 5-1: config 0 interface 0 has no altsetting 0
[   95.810942][   T60] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   95.813796][   T60] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   95.817211][   T60] usb 5-1: config 0 interface 0 has no altsetting 0
[   95.819990][   T60] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   95.822765][   T60] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   95.826557][   T60] usb 5-1: config 0 interface 0 has no altsetting 0
[   95.830658][   T60] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   95.833709][   T60] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   95.836321][   T60] usb 5-1: Product: syz
[   95.837789][   T60] usb 5-1: Manufacturer: syz
[   95.839326][   T60] usb 5-1: SerialNumber: syz
[   95.846477][   T60] usb 5-1: config 0 descriptor??
[   95.852389][   T60] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[   96.897295][ T5975] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   97.069007][ T5975] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   97.072546][ T5975] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   97.076026][ T5975] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   97.079300][   T40] audit: type=1800 audit(1755318048.472:40): pid=7312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.366" name="file0" dev="overlay" ino=435 res=0 errno=0
[   97.082514][ T5975] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   97.083501][ T7312] evm: overlay not supported
[   97.091221][ T5975] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   97.094024][ T5975] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.100012][ T5975] usb 8-1: config 0 descriptor??
[   97.226005][   T40] audit: type=1800 audit(1755318048.612:41): pid=7320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.370" name="file0" dev="overlay" ino=700 res=0 errno=0
[   97.359180][ T7330] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   97.415786][ T7329] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   97.510176][ T5975] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   97.512500][ T5975] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   97.514831][ T5975] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   97.517346][ T5975] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   97.519704][ T5975] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   97.522009][ T5975] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   97.524381][ T5975] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   97.526706][ T5975] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   97.529409][ T5975] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   97.531717][ T5975] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[   97.537417][ T5975] plantronics 0003:047F:FFFF.000E: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[   97.711534][   T60] usb 8-1: USB disconnect, device number 6
[   98.107491][    C1] usb 5-1: yurex_control_callback - control failed: -2
[   98.112335][ T1468] usb 5-1: USB disconnect, device number 7
[   98.115757][ T1468] yurex 5-1:0.0: USB YUREX #0 now disconnected
[   98.225594][   T40] audit: type=1800 audit(1755318049.612:42): pid=7346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.381" name="file0" dev="overlay" ino=497 res=0 errno=0
[   98.300333][ T7358] netlink: 12 bytes leftover after parsing attributes in process `syz.1.386'.
[   98.348647][ T7362] team0: No ports can be present during mode change
[   98.351173][ T7362] netlink: 4 bytes leftover after parsing attributes in process `syz.1.389'.
[   98.404697][ T7362] team0 (unregistering): Port device team_slave_0 removed
[   98.409218][ T7362] team0 (unregistering): Port device team_slave_1 removed
[   98.557342][   T24] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   98.717352][   T24] usb 7-1: Using ep0 maxpacket: 32
[   98.720505][   T24] usb 7-1: config 0 has no interfaces?
[   98.723787][   T24] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   98.726844][   T24] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   98.729744][   T24] usb 7-1: Product: syz
[   98.731109][   T24] usb 7-1: Manufacturer: syz
[   98.732579][   T24] usb 7-1: SerialNumber: syz
[   98.734116][  T842] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   98.738749][   T24] usb 7-1: config 0 descriptor??
[   98.889122][  T842] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   98.892026][  T842] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   98.895263][  T842] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[   98.898407][  T842] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   98.901867][  T842] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   98.906693][  T842] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   98.909742][  T842] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   98.912317][  T842] usb 6-1: Product: syz
[   98.913644][  T842] usb 6-1: Manufacturer: syz
[   98.918511][  T842] cdc_wdm 6-1:1.0: skipping garbage
[   98.920148][  T842] cdc_wdm 6-1:1.0: skipping garbage
[   98.923417][  T842] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[   98.925322][  T842] cdc_wdm 6-1:1.0: Unknown control protocol
[   98.942555][  T842] usb 7-1: USB disconnect, device number 7
[   99.797298][  T840] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[   99.947244][  T840] usb 7-1: Using ep0 maxpacket: 32
[   99.953479][  T840] usb 7-1: config 0 has an invalid interface number: 247 but max is 0
[   99.956093][  T840] usb 7-1: config 0 has no interface number 0
[   99.959944][  T840] usb 7-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[   99.962956][  T840] usb 7-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[   99.965515][  T840] usb 7-1: Product: syz
[   99.967017][  T840] usb 7-1: Manufacturer: syz
[   99.971318][  T840] usb 7-1: config 0 descriptor??
[  100.777288][  T842] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  100.939989][  T842] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  100.943420][  T842] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  100.946597][  T842] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  100.949734][  T842] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.953623][  T842] usb 5-1: config 0 descriptor??
[  100.957565][  T842] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  100.959892][  T842] dvb-usb: bulk message failed: -22 (3/0)
[  100.965824][  T842] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  100.969192][  T842] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  100.971776][  T842] usb 5-1: media controller created
[  100.974385][  T842] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  100.982395][  T842] dvb-usb: bulk message failed: -22 (6/0)
[  100.984582][  T842] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  100.988725][  T842] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input11
[  100.997651][  T842] dvb-usb: schedule remote query interval to 150 msecs.
[  101.000071][  T842] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  101.158701][  T842] dvb-usb: bulk message failed: -22 (1/0)
[  101.160804][  T842] dvb-usb: error while querying for an remote control event.
[  101.164783][ T7457] dibusb: i2c wr: len=280 is too big!
[  101.164783][ T7457] 
[  101.168429][  T842] usb 5-1: USB disconnect, device number 8
[  101.189317][  T842] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  101.445434][ T7475] netlink: 12 bytes leftover after parsing attributes in process `syz.3.433'.
[  101.494502][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  101.496598][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  101.499949][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  101.502050][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  101.504269][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  101.506407][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  101.509374][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  101.511450][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  101.513540][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  101.515616][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  101.518710][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  101.520785][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  101.523069][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  101.525360][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  101.527666][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  101.529768][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  101.531836][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  101.533914][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  101.535908][  T840] usb 6-1: USB disconnect, device number 3
[  101.537834][    C3] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  101.537844][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  101.537851][    C3] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  101.546115][ T5975] usb 7-1: USB disconnect, device number 8
[  101.564651][ T7482] pim6reg1: entered promiscuous mode
[  101.568988][ T7482] pim6reg1: entered allmulticast mode
[  101.993922][ T7503] ubi0: attaching mtd0
[  101.995976][ T7503] ubi0 error: ubi_attach_mtd_dev: bad VID header (37978) or data offsets (38042)
[  102.327267][    T9] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[  102.331633][ T7520] netlink: 12 bytes leftover after parsing attributes in process `syz.3.453'.
[  102.480158][    T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  102.484443][    T9] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[  102.488999][    T9] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  102.492761][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.502238][    T9] usb 7-1: config 0 descriptor??
[  102.508898][    T9] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  102.511745][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  102.521191][    T9] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  102.525290][    T9] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  102.525507][   T40] audit: type=1400 audit(1755318053.912:43): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=7538 comm="syz.3.462"
[  102.529231][    T9] usb 7-1: media controller created
[  102.538132][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  102.547944][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  102.550403][    T9] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  102.554761][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input13
[  102.560018][    T9] dvb-usb: schedule remote query interval to 150 msecs.
[  102.562194][    T9] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  102.708844][   T60] usb 7-1: USB disconnect, device number 9
[  102.722144][   T60] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  102.934544][ T7573] netlink: 'syz.1.474': attribute type 10 has an invalid length.
[  102.937041][ T7573] netlink: 40 bytes leftover after parsing attributes in process `syz.1.474'.
[  102.943534][ T7573] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  102.997388][ T7581] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.478'.
[  103.306191][ T7606] netlink: 'syz.2.488': attribute type 7 has an invalid length.
[  103.309340][ T7606] netlink: 32 bytes leftover after parsing attributes in process `syz.2.488'.
[  103.629681][ T5989] Bluetooth: hci3: unexpected event for opcode 0x202f
[  103.642044][   T60] usb 8-1: new full-speed USB device number 7 using dummy_hcd
[  103.652532][   T40] audit: type=1400 audit(1755318055.042:44): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=7643 comm="syz.0.502"
[  103.808960][   T60] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  103.812166][   T60] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  103.814989][   T60] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  103.818042][   T60] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.822007][   T60] usb 8-1: config 0 descriptor??
[  103.826252][   T60] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  103.828825][   T60] dvb-usb: bulk message failed: -22 (3/0)
[  103.832450][   T60] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  103.835484][   T60] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  103.837927][   T60] usb 8-1: media controller created
[  103.840379][   T60] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  103.844621][   T60] dvb-usb: bulk message failed: -22 (6/0)
[  103.846483][   T60] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  103.851694][   T60] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input14
[  103.856149][   T60] dvb-usb: schedule remote query interval to 150 msecs.
[  103.858701][   T60] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  103.987466][  T840] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  104.020628][   T60] dvb-usb: bulk message failed: -22 (1/0)
[  104.022517][   T60] dvb-usb: error while querying for an remote control event.
[  104.028134][    T9] usb 8-1: USB disconnect, device number 7
[  104.038939][    T9] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  104.147294][  T840] usb 6-1: Using ep0 maxpacket: 32
[  104.150614][  T840] usb 6-1: config 0 has an invalid interface number: 247 but max is 0
[  104.153204][  T840] usb 6-1: config 0 has no interface number 0
[  104.156447][  T840] usb 6-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  104.159418][  T840] usb 6-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  104.161961][  T840] usb 6-1: Product: syz
[  104.163316][  T840] usb 6-1: Manufacturer: syz
[  104.166066][  T840] usb 6-1: config 0 descriptor??
[  104.646107][ T7677] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  104.702613][   T24] hid_parser_main: 5 callbacks suppressed
[  104.702625][   T24] hid-generic 0003:0004:0000.000F: unknown main item tag 0x0
[  104.706939][   T24] hid-generic 0003:0004:0000.000F: unknown main item tag 0x0
[  104.709932][   T24] hid-generic 0003:0004:0000.000F: unknown main item tag 0x0
[  104.713515][   T24] hid-generic 0003:0004:0000.000F: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  104.827499][ T5989] Bluetooth: hci0: command 0x0c1a tx timeout
[  105.040901][   T60] usb 7-1: new full-speed USB device number 10 using dummy_hcd
[  105.229869][   T60] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  105.234024][   T60] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[  105.237793][   T60] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  105.241816][   T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.249329][   T60] usb 7-1: config 0 descriptor??
[  105.254497][   T60] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  105.256874][   T60] dvb-usb: bulk message failed: -22 (3/0)
[  105.264963][   T60] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  105.269108][   T60] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  105.271566][   T60] usb 7-1: media controller created
[  105.276560][   T60] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  105.291265][   T60] dvb-usb: bulk message failed: -22 (6/0)
[  105.293356][   T60] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  105.300361][   T60] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input15
[  105.309866][   T60] dvb-usb: schedule remote query interval to 150 msecs.
[  105.312152][   T60] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  105.399442][  T840] usb 6-1: USB disconnect, device number 4
[  105.455448][ T5975] usb 7-1: USB disconnect, device number 10
[  105.465102][ T5975] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  105.896503][   T60] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  105.901276][   T60] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  105.903810][   T60] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  105.907012][   T60] hid-generic 0003:0004:0000.0010: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  106.865941][ T7764] netlink: 40 bytes leftover after parsing attributes in process `syz.1.532'.
[  106.917268][ T7765] netlink: 'syz.1.532': attribute type 4 has an invalid length.
[  107.020001][ T7774] overlay: filesystem on ./bus not supported as upperdir
[  107.101146][ T5975] hid-generic 0003:0004:0000.0011: unknown main item tag 0x0
[  107.104172][ T5975] hid-generic 0003:0004:0000.0011: unknown main item tag 0x0
[  107.107289][ T5975] hid-generic 0003:0004:0000.0011: unknown main item tag 0x0
[  107.111924][ T5975] hid-generic 0003:0004:0000.0011: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  107.947078][ T7801] netlink: 40 bytes leftover after parsing attributes in process `syz.2.544'.
[  107.955185][ T7803] overlay: filesystem on ./bus not supported as upperdir
[  107.975629][ T7798] netlink: 'syz.2.544': attribute type 4 has an invalid length.
[  109.048833][ T7853] Bluetooth: MGMT ver 1.23
[  109.377672][ T7868] netlink: 12 bytes leftover after parsing attributes in process `syz.2.565'.
[  109.380496][ T7868] netlink: 12 bytes leftover after parsing attributes in process `syz.2.565'.
[  110.843254][   T24] hid-generic 0003:0004:0000.0012: unknown main item tag 0x0
[  110.845876][   T24] hid-generic 0003:0004:0000.0012: unknown main item tag 0x0
[  110.848547][   T24] hid-generic 0003:0004:0000.0012: unknown main item tag 0x0
[  110.857397][   T24] hid-generic 0003:0004:0000.0012: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  111.119836][ T7921] overlayfs: failed to resolve './file1': -2
[  111.455170][ T7942] netlink: 12 bytes leftover after parsing attributes in process `syz.1.597'.
[  111.683793][ T7947] overlay: filesystem on ./bus not supported as upperdir
[  112.490886][ T7977] overlay: filesystem on ./bus not supported as upperdir
[  112.753637][ T7989] netlink: 12 bytes leftover after parsing attributes in process `syz.2.615'.
[  113.189280][ T8002] overlay: filesystem on ./bus not supported as upperdir
[  113.427525][ T8011] netlink: 12 bytes leftover after parsing attributes in process `syz.1.624'.
[  113.737218][ T1468] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  113.868217][ T1468] usb 6-1: device descriptor read/64, error -71
[  114.107331][ T1468] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  114.268243][ T1468] usb 6-1: device descriptor read/64, error -71
[  114.378267][ T1468] usb usb6-port1: attempt power cycle
[  114.399824][ T8036] netlink: 12 bytes leftover after parsing attributes in process `syz.3.627'.
[  114.402720][ T8036] netlink: 12 bytes leftover after parsing attributes in process `syz.3.627'.
[  114.717320][ T1468] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  114.738072][ T1468] usb 6-1: device descriptor read/8, error -71
[  114.794998][ T8048] netlink: 12 bytes leftover after parsing attributes in process `syz.0.633'.
[  114.977333][ T1468] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  114.998007][ T1468] usb 6-1: device descriptor read/8, error -71
[  115.107928][ T1468] usb usb6-port1: unable to enumerate USB device
[  115.218514][ T8057] overlayfs: failed to resolve './file1': -2
[  115.659799][ T8083] overlay: filesystem on ./bus not supported as upperdir
[  115.739286][ T8091] overlayfs: failed to resolve './file1': -2
[  115.849558][ T8102] netlink: 44 bytes leftover after parsing attributes in process `syz.3.651'.
[  116.015170][ T8110] overlay: filesystem on ./bus not supported as upperdir
[  116.291106][ T8123] netlink: 12 bytes leftover after parsing attributes in process `syz.3.655'.
[  116.294861][ T8123] netlink: 12 bytes leftover after parsing attributes in process `syz.3.655'.
[  116.526666][ T8136] overlayfs: failed to resolve './file0': -2
[  116.618213][ T8146] netlink: 20 bytes leftover after parsing attributes in process `syz.1.657'.
[  116.669788][ T8149] netlink: 'syz.1.657': attribute type 4 has an invalid length.
[  116.722595][ T8153] overlayfs: failed to resolve './file1': -2
[  116.796465][ T8167] netlink: 12 bytes leftover after parsing attributes in process `syz.0.669'.
[  116.987299][   T24] usb 7-1: new full-speed USB device number 11 using dummy_hcd
[  117.110563][ T8191] netlink: 'syz.3.673': attribute type 4 has an invalid length.
[  117.127250][   T24] usb 7-1: device descriptor read/64, error -71
[  117.204367][ T8202] overlay: filesystem on ./bus not supported as upperdir
[  117.379156][   T24] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[  117.507241][   T24] usb 7-1: device descriptor read/64, error -71
[  117.623586][   T24] usb usb7-port1: attempt power cycle
[  117.967722][   T24] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  117.988271][   T24] usb 7-1: device descriptor read/8, error -71
[  117.992895][ T8255] overlay: filesystem on ./bus not supported as upperdir
[  118.039282][ T8262] __nla_validate_parse: 2 callbacks suppressed
[  118.039298][ T8262] netlink: 12 bytes leftover after parsing attributes in process `syz.1.690'.
[  118.237599][   T24] usb 7-1: new full-speed USB device number 14 using dummy_hcd
[  118.268798][   T24] usb 7-1: device descriptor read/8, error -71
[  118.343271][ T8294] overlay: filesystem on ./bus not supported as upperdir
[  118.394197][   T24] usb usb7-port1: unable to enumerate USB device
[  118.408113][ T8302] netlink: 12 bytes leftover after parsing attributes in process `syz.1.701'.
[  118.965781][ T8336] netlink: 20 bytes leftover after parsing attributes in process `syz.0.707'.
[  119.101740][ T8346] netlink: 12 bytes leftover after parsing attributes in process `syz.0.712'.
[  119.138471][ T8348] overlayfs: failed to resolve './file0': -2
[  119.196626][ T8353] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  119.231648][ T8355] overlayfs: failed to resolve './file1': -2
[  119.550256][ T8371] overlayfs: failed to resolve './file0': -2
[  119.851899][ T8394] overlayfs: failed to resolve './file0': -2
[  119.963584][ T8402] overlay: filesystem on ./bus not supported as upperdir
[  120.004521][ T8405] fuse: Bad value for 'fd'
[  120.337432][   T24] usb 7-1: new full-speed USB device number 15 using dummy_hcd
[  120.389387][ T8416] overlayfs: failed to resolve './file1': -2
[  120.425960][ T8420] netlink: 12 bytes leftover after parsing attributes in process `syz.0.744'.
[  120.450220][ T8422] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  120.467285][   T24] usb 7-1: device descriptor read/64, error -71
[  120.475805][ T8426] overlay: filesystem on ./bus not supported as upperdir
[  120.717307][   T24] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[  120.861587][   T24] usb 7-1: device descriptor read/64, error -71
[  120.987497][   T24] usb usb7-port1: attempt power cycle
[  121.337267][   T24] usb 7-1: new full-speed USB device number 17 using dummy_hcd
[  121.367714][   T24] usb 7-1: device descriptor read/8, error -71
[  121.387059][ T8461] overlayfs: failed to resolve './file1': -2
[  121.429655][ T8466] netlink: 12 bytes leftover after parsing attributes in process `syz.1.755'.
[  121.602586][ T8476] netlink: 12 bytes leftover after parsing attributes in process `syz.0.754'.
[  121.605333][ T8476] netlink: 12 bytes leftover after parsing attributes in process `syz.0.754'.
[  121.627287][   T24] usb 7-1: new full-speed USB device number 18 using dummy_hcd
[  121.788219][   T24] usb 7-1: device descriptor read/8, error -71
[  121.897729][   T24] usb usb7-port1: unable to enumerate USB device
[  123.244593][ T8527] netlink: 12 bytes leftover after parsing attributes in process `syz.0.764'.
[  123.465826][ T8541] netlink: 12 bytes leftover after parsing attributes in process `syz.3.768'.
[  123.469714][ T8541] netlink: 12 bytes leftover after parsing attributes in process `syz.3.768'.
[  123.618443][   T24] usb 7-1: new full-speed USB device number 19 using dummy_hcd
[  123.747410][   T24] usb 7-1: device descriptor read/64, error -71
[  124.188454][   T24] usb 7-1: new full-speed USB device number 20 using dummy_hcd
[  124.317264][   T24] usb 7-1: device descriptor read/64, error -71
[  124.427659][   T24] usb usb7-port1: attempt power cycle
[  125.027358][   T24] usb 7-1: new full-speed USB device number 21 using dummy_hcd
[  125.048161][   T24] usb 7-1: device descriptor read/8, error -71
[  125.297338][   T24] usb 7-1: new full-speed USB device number 22 using dummy_hcd
[  125.322399][   T24] usb 7-1: device descriptor read/8, error -71
[  125.409460][ T8616] netlink: 12 bytes leftover after parsing attributes in process `syz.3.783'.
[  125.412976][ T8616] netlink: 12 bytes leftover after parsing attributes in process `syz.3.783'.
[  125.427715][   T24] usb usb7-port1: unable to enumerate USB device
[  125.492223][ T8624] overlay: filesystem on ./bus not supported as upperdir
[  126.482092][ T8651] overlay: filesystem on ./bus not supported as upperdir
[  127.047311][    T9] usb 7-1: new full-speed USB device number 23 using dummy_hcd
[  127.189364][    T9] usb 7-1: device descriptor read/64, error -71
[  127.428845][    T9] usb 7-1: new full-speed USB device number 24 using dummy_hcd
[  127.557277][    T9] usb 7-1: device descriptor read/64, error -71
[  127.668140][    T9] usb usb7-port1: attempt power cycle
[  128.033450][   T24] hid-generic 0003:0004:0000.0013: unknown main item tag 0x0
[  128.035890][   T24] hid-generic 0003:0004:0000.0013: unknown main item tag 0x0
[  128.038588][   T24] hid-generic 0003:0004:0000.0013: unknown main item tag 0x0
[  128.042722][   T24] hid-generic 0003:0004:0000.0013: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  128.057236][    T9] usb 7-1: new full-speed USB device number 25 using dummy_hcd
[  128.071961][ T8718] fido_id[8718]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  128.077625][    T9] usb 7-1: device descriptor read/8, error -71
[  128.337345][    T9] usb 7-1: new full-speed USB device number 26 using dummy_hcd
[  128.357896][    T9] usb 7-1: device descriptor read/8, error -71
[  128.467364][    T9] usb usb7-port1: unable to enumerate USB device
[  129.063091][ T8741] netlink: 12 bytes leftover after parsing attributes in process `syz.3.823'.
[  129.217808][ T5975] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0
[  129.220184][ T5975] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0
[  129.224938][ T5975] hid-generic 0003:0004:0000.0014: unknown main item tag 0x0
[  129.233153][ T5975] hid-generic 0003:0004:0000.0014: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  129.256958][ T8745] fido_id[8745]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  129.331994][ T8756] netlink: 12 bytes leftover after parsing attributes in process `syz.1.829'.
[  129.642876][ T8768] netlink: 12 bytes leftover after parsing attributes in process `syz.1.833'.
[  129.791782][    T9] hid-generic 0003:0004:0000.0015: unknown main item tag 0x0
[  129.794181][    T9] hid-generic 0003:0004:0000.0015: unknown main item tag 0x0
[  129.796489][    T9] hid-generic 0003:0004:0000.0015: unknown main item tag 0x0
[  129.800671][    T9] hid-generic 0003:0004:0000.0015: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  129.829388][ T8772] fido_id[8772]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  129.925752][ T8781] overlay: filesystem on ./bus not supported as upperdir
[  130.267681][ T5989] Bluetooth: hci0: command 0x0c1a tx timeout
[  130.270509][ T5982] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  130.383849][ T8796] netlink: 12 bytes leftover after parsing attributes in process `syz.0.842'.
[  130.386529][   T24] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  130.397184][   T24] hid-generic 0003:0004:0000.0016: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  130.430301][ T8797] fido_id[8797]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  130.717288][ T5975] usb 8-1: new full-speed USB device number 8 using dummy_hcd
[  130.847388][ T5975] usb 8-1: device descriptor read/64, error -71
[  131.001189][ T8817] netlink: 20 bytes leftover after parsing attributes in process `syz.2.850'.
[  131.081886][ T8819] netlink: 'syz.2.850': attribute type 4 has an invalid length.
[  131.107257][ T5975] usb 8-1: new full-speed USB device number 9 using dummy_hcd
[  131.277248][ T5975] usb 8-1: device descriptor read/64, error -71
[  131.399431][ T5975] usb usb8-port1: attempt power cycle
[  131.437866][ T6156] hid-generic 0003:0004:0000.0017: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  131.463761][ T8841] fido_id[8841]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  131.561721][ T8855] netlink: 12 bytes leftover after parsing attributes in process `syz.1.856'.
[  131.695064][ T8866] overlayfs: missing 'lowerdir'
[  131.757641][ T5975] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[  131.778804][ T5975] usb 8-1: device descriptor read/8, error -71
[  132.004182][ T8875] netlink: 12 bytes leftover after parsing attributes in process `syz.1.860'.
[  132.007271][ T8875] netlink: 12 bytes leftover after parsing attributes in process `syz.1.860'.
[  132.017238][ T5975] usb 8-1: new full-speed USB device number 11 using dummy_hcd
[  132.049104][ T5975] usb 8-1: device descriptor read/8, error -71
[  132.157387][ T5975] usb usb8-port1: unable to enumerate USB device
[  132.347288][ T5989] Bluetooth: hci0: command 0x0c1a tx timeout
[  132.347288][ T5982] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  132.509446][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  132.511547][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  132.628645][   T24] hid-generic 0003:0004:0000.0018: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  132.655223][ T8884] fido_id[8884]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  132.693836][ T8893] overlayfs: missing 'lowerdir'
[  133.520066][ T8906] netlink: 52 bytes leftover after parsing attributes in process `syz.3.870'.
[  133.739582][  T842] usb 7-1: new full-speed USB device number 27 using dummy_hcd
[  133.888004][  T842] usb 7-1: no configurations
[  133.890049][  T842] usb 7-1: can't read configurations, error -22
[  134.017239][  T842] usb 7-1: new full-speed USB device number 28 using dummy_hcd
[  134.170285][  T842] usb 7-1: no configurations
[  134.171992][  T842] usb 7-1: can't read configurations, error -22
[  134.174246][  T842] usb usb7-port1: attempt power cycle
[  134.427451][ T5989] Bluetooth: hci0: command 0x0c1a tx timeout
[  134.432767][ T5982] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  134.537245][  T842] usb 7-1: new full-speed USB device number 29 using dummy_hcd
[  134.568109][  T842] usb 7-1: no configurations
[  134.569623][  T842] usb 7-1: can't read configurations, error -22
[  134.930651][ T8932] netlink: 52 bytes leftover after parsing attributes in process `syz.0.882'.
[  134.939234][  T842] usb 7-1: new full-speed USB device number 30 using dummy_hcd
[  134.989489][  T842] usb 7-1: no configurations
[  134.991020][  T842] usb 7-1: can't read configurations, error -22
[  134.993401][  T842] usb usb7-port1: unable to enumerate USB device
[  136.143075][ T8969] netlink: 12 bytes leftover after parsing attributes in process `syz.1.891'.
[  136.196169][ T8971] netlink: 'syz.1.891': attribute type 4 has an invalid length.
[  136.386966][   T40] audit: type=1800 audit(1755318087.772:45): pid=8975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.893" name="file0" dev="overlay" ino=1454 res=0 errno=0
[  136.431438][  T842] hid_parser_main: 8 callbacks suppressed
[  136.431452][  T842] hid-generic 0003:0004:0000.0019: unknown main item tag 0x0
[  136.435785][  T842] hid-generic 0003:0004:0000.0019: unknown main item tag 0x0
[  136.437436][ T8979] overlay: filesystem on ./bus not supported as upperdir
[  136.438858][  T842] hid-generic 0003:0004:0000.0019: unknown main item tag 0x0
[  136.445805][  T842] hid-generic 0003:0004:0000.0019: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  136.476971][ T8980] fido_id[8980]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  136.507285][ T5989] Bluetooth: hci0: command 0x0c1a tx timeout
[  136.509251][ T5982] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  136.586158][   T40] audit: type=1800 audit(1755318087.972:46): pid=8997 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.903" name="file0" dev="overlay" ino=1300 res=0 errno=0
[  136.592629][ T8999] overlay: filesystem on ./bus not supported as upperdir
[  136.595531][ T9000] netlink: 12 bytes leftover after parsing attributes in process `syz.0.899'.
[  136.646521][ T9001] netlink: 'syz.0.899': attribute type 4 has an invalid length.
[  137.168046][   T40] audit: type=1800 audit(1755318088.562:47): pid=9024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.914" name="file0" dev="overlay" ino=1496 res=0 errno=0
[  137.177296][ T5975] usb 7-1: new full-speed USB device number 31 using dummy_hcd
[  137.211407][ T9027] overlay: filesystem on ./bus not supported as upperdir
[  137.337882][ T5975] usb 7-1: no configurations
[  137.339454][ T5975] usb 7-1: can't read configurations, error -22
[  137.467257][ T5975] usb 7-1: new full-speed USB device number 32 using dummy_hcd
[  137.617745][ T5975] usb 7-1: no configurations
[  137.617758][ T5975] usb 7-1: can't read configurations, error -22
[  137.617923][ T5975] usb usb7-port1: attempt power cycle
[  137.788581][ T9039] netlink: 52 bytes leftover after parsing attributes in process `syz.3.919'.
[  137.871063][ T9043] netlink: 12 bytes leftover after parsing attributes in process `syz.3.920'.
[  137.967376][ T5975] usb 7-1: new full-speed USB device number 33 using dummy_hcd
[  137.984326][ T9050] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  137.987483][ T9050] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  137.990799][ T5975] usb 7-1: no configurations
[  137.992342][ T5975] usb 7-1: can't read configurations, error -22
[  138.031188][  T840] hid-generic 0003:0004:0000.001A: unknown main item tag 0x0
[  138.033565][  T840] hid-generic 0003:0004:0000.001A: unknown main item tag 0x0
[  138.035948][  T840] hid-generic 0003:0004:0000.001A: unknown main item tag 0x0
[  138.040331][  T840] hid-generic 0003:0004:0000.001A: hidraw1: USB HID v0.00 Device [syz0] on syz1
[  138.117314][ T5975] usb 7-1: new full-speed USB device number 34 using dummy_hcd
[  138.138436][ T5975] usb 7-1: no configurations
[  138.140118][ T5975] usb 7-1: can't read configurations, error -22
[  138.142585][ T5975] usb usb7-port1: unable to enumerate USB device
[  138.587325][ T5982] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  138.587365][ T5989] Bluetooth: hci0: command 0x0c1a tx timeout
[  138.591382][ T5982] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  139.123264][ T9076] overlay: filesystem on ./bus not supported as upperdir
[  139.753302][ T9084] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  139.756858][ T9084] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  139.761230][ T9085] netlink: 12 bytes leftover after parsing attributes in process `syz.3.933'.
[  140.567352][  T842] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  140.667351][ T5982] Bluetooth: hci0: command 0x0c1a tx timeout
[  140.727622][  T842] usb 6-1: no configurations
[  140.729140][  T842] usb 6-1: can't read configurations, error -22
[  140.767982][ T9110] netlink: 24 bytes leftover after parsing attributes in process `syz.0.943'.
[  140.848917][ T9117] netlink: 12 bytes leftover after parsing attributes in process `syz.0.945'.
[  140.927302][  T842] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  141.023698][ T9123] netlink: 12 bytes leftover after parsing attributes in process `syz.3.944'.
[  141.026689][ T9123] netlink: 12 bytes leftover after parsing attributes in process `syz.3.944'.
[  141.237669][  T842] usb 6-1: no configurations
[  141.239327][  T842] usb 6-1: can't read configurations, error -22
[  141.241634][  T842] usb usb6-port1: attempt power cycle
[  141.577255][  T842] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  141.598273][  T842] usb 6-1: no configurations
[  141.599804][  T842] usb 6-1: can't read configurations, error -22
[  141.727351][  T842] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[  141.748745][  T842] usb 6-1: no configurations
[  141.750263][  T842] usb 6-1: can't read configurations, error -22
[  141.752754][  T842] usb usb6-port1: unable to enumerate USB device
[  141.769649][ T9140] netlink: 24 bytes leftover after parsing attributes in process `syz.2.954'.
[  142.301463][ T9166] netlink: 12 bytes leftover after parsing attributes in process `syz.0.956'.
[  142.987287][ T5336] Bluetooth: hci0: command 0x0c1a tx timeout
[  142.987307][ T5989] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  143.297977][ T9189] netlink: 12 bytes leftover after parsing attributes in process `syz.2.962'.
[  143.300808][ T9189] netlink: 12 bytes leftover after parsing attributes in process `syz.2.962'.
[  143.344386][ T9195] overlayfs: failed to resolve './file1': -2
[  143.527282][    T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  143.667338][    T9] usb 5-1: device descriptor read/64, error -71
[  143.839489][ T9202] netlink: 12 bytes leftover after parsing attributes in process `syz.3.966'.
[  143.917269][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  144.047280][    T9] usb 5-1: device descriptor read/64, error -71
[  144.158507][    T9] usb usb5-port1: attempt power cycle
[  144.667437][    T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  144.687666][    T9] usb 5-1: device descriptor read/8, error -71
[  144.807371][ T5975] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[  144.927357][    T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  144.947745][    T9] usb 5-1: device descriptor read/8, error -71
[  144.959301][ T5975] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  144.965871][ T5975] usb 6-1: config 0 has no interfaces?
[  144.968271][ T5975] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  144.971066][ T5975] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.984009][ T5975] usb 6-1: config 0 descriptor??
[  145.059350][    T9] usb usb5-port1: unable to enumerate USB device
[  145.169197][ T9277] netlink: 12 bytes leftover after parsing attributes in process `syz.3.975'.
[  145.192960][ T5975] usb 6-1: USB disconnect, device number 13
[  146.868564][ T9306] __nla_validate_parse: 2 callbacks suppressed
[  146.868579][ T9306] netlink: 44 bytes leftover after parsing attributes in process `syz.3.982'.
[  147.231785][ T9329] netlink: 12 bytes leftover after parsing attributes in process `syz.3.985'.
[  147.424725][ T9333] netlink: 12 bytes leftover after parsing attributes in process `syz.3.986'.
[  147.427589][ T9333] netlink: 12 bytes leftover after parsing attributes in process `syz.3.986'.
[  147.553203][ T9341] netlink: 12 bytes leftover after parsing attributes in process `syz.0.987'.
[  148.242006][ T9365] netlink: 12 bytes leftover after parsing attributes in process `syz.2.994'.
[  148.244856][ T9365] netlink: 12 bytes leftover after parsing attributes in process `syz.2.994'.
[  148.361215][ T9373] netlink: 12 bytes leftover after parsing attributes in process `syz.3.996'.
[  148.922813][ T9383] netlink: 12 bytes leftover after parsing attributes in process `syz.0.998'.
[  149.686682][ T9400] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1005'.
[  150.339940][ T9427] overlayfs: failed to resolve './file1': -2
[  151.381087][ T9467] fuse: Bad value for 'fd'
[  151.404032][ T9469] overlayfs: failed to resolve './file1': -2
[  151.817303][  T842] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  151.913620][ T9482] __nla_validate_parse: 2 callbacks suppressed
[  151.913635][ T9482] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1024'.
[  151.977227][  T842] usb 8-1: Using ep0 maxpacket: 32
[  151.980874][  T842] usb 8-1: config 0 has an invalid interface number: 247 but max is 0
[  151.984164][  T842] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  151.988919][  T842] usb 8-1: config 0 has no interface number 0
[  151.991490][  T842] usb 8-1: config 0 interface 247 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  151.998315][  T842] usb 8-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  152.001173][  T842] usb 8-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  152.003768][  T842] usb 8-1: Product: syz
[  152.005092][  T842] usb 8-1: Manufacturer: syz
[  152.008326][  T842] usb 8-1: config 0 descriptor??
[  152.217060][   T60] usb 8-1: USB disconnect, device number 12
[  152.461372][ T9509] fuse: Bad value for 'fd'
[  153.304187][ T9533] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1034'.
[  153.398752][ T9537] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1035'.
[  154.168102][  T842] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  154.302820][ T9571] fuse: Unknown parameter 'grou00000000000000000000'
[  154.317198][  T842] usb 7-1: Using ep0 maxpacket: 32
[  154.330694][  T842] usb 7-1: config 0 has an invalid interface number: 247 but max is 0
[  154.333360][  T842] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  154.336780][  T842] usb 7-1: config 0 has no interface number 0
[  154.339037][  T842] usb 7-1: config 0 interface 247 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  154.349259][  T842] usb 7-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  154.352967][  T842] usb 7-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  154.356313][  T842] usb 7-1: Product: syz
[  154.359317][  T842] usb 7-1: Manufacturer: syz
[  154.362963][  T842] usb 7-1: config 0 descriptor??
[  154.573101][  T842] usb 7-1: USB disconnect, device number 35
[  155.087049][ T9581] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1045'.
[  155.672957][ T9595] fuse: Unknown parameter 'grou00000000000000000000'
[  155.764661][ T9600] FAULT_INJECTION: forcing a failure.
[  155.764661][ T9600] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.769160][ T9600] CPU: 3 UID: 0 PID: 9600 Comm: syz.3.1052 Not tainted 6.17.0-rc1-syzkaller-00116-gd7ee5bdce789 #0 PREEMPT(full) 
[  155.769176][ T9600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.769183][ T9600] Call Trace:
[  155.769199][ T9600]  <TASK>
[  155.769203][ T9600]  dump_stack_lvl+0x16c/0x1f0
[  155.769238][ T9600]  should_fail_ex+0x512/0x640
[  155.769258][ T9600]  _copy_from_user+0x2e/0xd0
[  155.769275][ T9600]  generic_map_update_batch+0x3e9/0x610
[  155.769295][ T9600]  ? __pfx_generic_map_update_batch+0x10/0x10
[  155.769313][ T9600]  ? __pfx_generic_map_update_batch+0x10/0x10
[  155.769328][ T9600]  bpf_map_do_batch+0x5b4/0x680
[  155.769342][ T9600]  __sys_bpf+0x4cf9/0x4de0
[  155.769358][ T9600]  ? __pfx___sys_bpf+0x10/0x10
[  155.769373][ T9600]  ? ksys_write+0x190/0x250
[  155.769388][ T9600]  ? __mutex_unlock_slowpath+0x163/0x800
[  155.769410][ T9600]  ? fput+0x9b/0xd0
[  155.769423][ T9600]  ? ksys_write+0x1ac/0x250
[  155.769435][ T9600]  ? __pfx_ksys_write+0x10/0x10
[  155.769448][ T9600]  __ia32_sys_bpf+0x76/0xe0
[  155.769464][ T9600]  __do_fast_syscall_32+0x7c/0x3a0
[  155.769479][ T9600]  do_fast_syscall_32+0x32/0x80
[  155.769493][ T9600]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.769505][ T9600] RIP: 0023:0xf710e579
[  155.769514][ T9600] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  155.769524][ T9600] RSP: 002b:00000000f54dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  155.769535][ T9600] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000080000300
[  155.769541][ T9600] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[  155.769547][ T9600] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.769552][ T9600] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  155.769558][ T9600] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.769571][ T9600]  </TASK>
[  155.847670][    C3] vkms_vblank_simulate: vblank timer overrun
[  155.880100][ T9604] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1054'.
[  156.207325][  T842] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  156.366617][ T9617] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1058'.
[  156.369609][  T842] usb 6-1: Using ep0 maxpacket: 32
[  156.372776][  T842] usb 6-1: config 0 has an invalid interface number: 247 but max is 0
[  156.375524][  T842] usb 6-1: config 0 has no interface number 0
[  156.377607][  T842] usb 6-1: config 0 interface 247 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  156.382992][  T842] usb 6-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  156.385991][  T842] usb 6-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  156.389024][  T842] usb 6-1: Product: syz
[  156.390651][  T842] usb 6-1: Manufacturer: syz
[  156.393931][  T842] usb 6-1: config 0 descriptor??
[  156.599896][    T9] usb 6-1: USB disconnect, device number 14
[  156.906525][ T9627] fuse: Unknown parameter 'grou00000000000000000000'
[  157.115676][ T9640] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1067'.
[  157.305942][ T9646] netlink: 'syz.2.1070': attribute type 1 has an invalid length.
[  157.339519][ T9650] fuse: Unknown parameter 'group_i00000000000000000000'
[  157.797706][  T842] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  157.947419][  T842] usb 8-1: Using ep0 maxpacket: 32
[  157.950396][  T842] usb 8-1: config 0 has an invalid interface number: 247 but max is 0
[  157.953002][  T842] usb 8-1: config 0 has no interface number 0
[  157.954987][  T842] usb 8-1: config 0 interface 247 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  157.961386][  T842] usb 8-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  157.964162][  T842] usb 8-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  157.966781][  T842] usb 8-1: Product: syz
[  157.968248][  T842] usb 8-1: Manufacturer: syz
[  157.973231][  T842] usb 8-1: config 0 descriptor??
[  158.176566][ T9675] fuse: Unknown parameter 'group_i00000000000000000000'
[  158.179351][  T842] usb 8-1: USB disconnect, device number 13
[  158.951804][ T9699] binder: 9695:9699 ioctl c0306201 800003c0 returned -14
[  158.975111][ T9699] syz.3.1089 (9699): drop_caches: 2
[  159.287395][    T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  159.347302][  T840] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  159.438595][    T9] usb 5-1: config index 0 descriptor too short (expected 11561, got 41)
[  159.441272][    T9] usb 5-1: config 30 has too many interfaces: 167, using maximum allowed: 32
[  159.444317][    T9] usb 5-1: config 30 has an invalid descriptor of length 185, skipping remainder of the config
[  159.448148][    T9] usb 5-1: config 30 has 0 interfaces, different from the descriptor's value: 167
[  159.452956][    T9] usb 5-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice= 0.9c
[  159.455990][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.458940][    T9] usb 5-1: Product: syz
[  159.460275][    T9] usb 5-1: Manufacturer: syz
[  159.461750][    T9] usb 5-1: SerialNumber: syz
[  159.507383][  T840] usb 8-1: Using ep0 maxpacket: 32
[  159.511718][  T840] usb 8-1: config 0 has an invalid interface number: 247 but max is 0
[  159.514337][  T840] usb 8-1: config 0 has no interface number 0
[  159.516282][  T840] usb 8-1: config 0 interface 247 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  159.521783][  T840] usb 8-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  159.525297][  T840] usb 8-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  159.528697][  T840] usb 8-1: Product: syz
[  159.530212][  T840] usb 8-1: Manufacturer: syz
[  159.538413][  T840] usb 8-1: config 0 descriptor??
[  159.734231][ T9723] netlink: 'syz.1.1098': attribute type 2 has an invalid length.
[  159.746749][ T1468] usb 8-1: USB disconnect, device number 14
[  159.844923][ T9725] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  159.847376][ T9725] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  159.851364][ T9725] vhci_hcd vhci_hcd.0: Device attached
[  159.854277][ T9725] tmpfs: Unknown parameter 'nr0xffffffffffffffff'
[  159.861148][ T9727] vhci_hcd: connection closed
[  159.862660][   T90] vhci_hcd: stop threads
[  159.867589][   T90] vhci_hcd: release socket
[  159.869080][   T90] vhci_hcd: disconnect device
[  160.177276][ T6057] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  160.307245][ T6057] usb 7-1: device descriptor read/64, error -71
[  160.567322][ T6057] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  160.697227][ T6057] usb 7-1: device descriptor read/64, error -71
[  160.808369][ T6057] usb usb7-port1: attempt power cycle
[  161.168633][ T6057] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[  161.189233][ T6057] usb 7-1: device descriptor read/8, error -71
[  161.427380][ T6057] usb 7-1: new high-speed USB device number 39 using dummy_hcd
[  161.447624][ T6057] usb 7-1: device descriptor read/8, error -71
[  161.567353][ T6057] usb usb7-port1: unable to enumerate USB device
[  161.952052][    T9] usb 5-1: USB disconnect, device number 13
[  162.915729][ T9793] ptrace attach of "/syz-executor exec"[5986] was attempted by "/syz-executor exec"[9793]
[  162.927320][    T9] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  163.015054][ T9812] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1112'.
[  163.017963][ T9812] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1112'.
[  163.078955][    T9] usb 8-1: config index 0 descriptor too short (expected 11561, got 41)
[  163.081765][    T9] usb 8-1: config 30 has too many interfaces: 167, using maximum allowed: 32
[  163.084933][    T9] usb 8-1: config 30 has an invalid descriptor of length 185, skipping remainder of the config
[  163.088387][    T9] usb 8-1: config 30 has 0 interfaces, different from the descriptor's value: 167
[  163.101991][    T9] usb 8-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice= 0.9c
[  163.105015][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.107890][    T9] usb 8-1: Product: syz
[  163.109919][    T9] usb 8-1: Manufacturer: syz
[  163.111451][    T9] usb 8-1: SerialNumber: syz
[  163.249237][ T9815] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1114'.
[  163.252086][ T9815] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1114'.
[  163.260307][ T9818] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1116'.
[  163.263131][ T9818] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1116'.
[  163.320626][    T9] usb 8-1: USB disconnect, device number 15
[  163.477362][ T9830] fuse: Bad value for 'fd'
[  163.479716][ T9831] fuse: Bad value for 'fd'
[  163.529259][ T9823] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  163.531886][ T9823] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  163.534018][ T9823] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  163.536276][ T9823] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  163.967344][ T6156] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  164.127212][ T6156] usb 6-1: Using ep0 maxpacket: 32
[  164.130099][ T6156] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  164.133433][ T6156] usb 6-1: config 0 has no interfaces?
[  164.136552][ T6156] usb 6-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  164.139951][ T6156] usb 6-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  164.142460][ T6156] usb 6-1: Product: syz
[  164.144084][ T6156] usb 6-1: Manufacturer: syz
[  164.147515][ T6156] usb 6-1: config 0 descriptor??
[  164.177228][  T840] usb 8-1: new full-speed USB device number 16 using dummy_hcd
[  164.338967][  T840] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  164.343048][  T840] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  164.346761][  T840] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  164.350621][  T840] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.355745][  T840] usb 8-1: config 0 descriptor??
[  164.361419][ T6156] usb 6-1: USB disconnect, device number 15
[  164.532379][ T9883] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1126'.
[  164.535293][ T9883] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1126'.
[  164.567047][   T60] usb 8-1: USB disconnect, device number 16
[  164.703967][ T9895] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1129'.
[  165.178749][   T40] audit: type=1326 audit(1755318116.572:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9900 comm="syz.1.1131" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7fc00000
[  165.467303][ T5989] Bluetooth: hci1: command 0x0c1a tx timeout
[  165.549291][ T5989] Bluetooth: hci2: command 0x0c1a tx timeout
[  165.551259][ T5989] Bluetooth: hci3: command 0x0419 tx timeout
[  165.555939][ T5982] Bluetooth: hci0: command 0x0c1a tx timeout
[  165.762226][   T40] audit: type=1326 audit(1755318117.152:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9900 comm="syz.1.1131" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f41579 code=0x7fc00000
[  166.591974][ T9957] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1141'.
[  166.625079][ T9961] fuse: Bad value for 'fd'
[  168.058807][T10019] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  168.061456][T10019] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  168.065941][T10019] vhci_hcd vhci_hcd.0: Device attached
[  168.265819][  T842] vhci_hcd: vhci_device speed not set
[  168.327310][  T842] usb 39-1: new high-speed USB device number 2 using vhci_hcd
[  168.801833][T10022] vhci_hcd: connection reset by peer
[  168.804963][   T61] vhci_hcd: stop threads
[  168.806449][   T61] vhci_hcd: release socket
[  168.808919][   T61] vhci_hcd: disconnect device
[  168.847226][ T6156] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  169.057281][ T6156] usb 8-1: Using ep0 maxpacket: 32
[  169.067345][ T6156] usb 8-1: config 0 has an invalid interface number: 247 but max is 0
[  169.073297][ T6156] usb 8-1: config 0 has no interface number 0
[  169.075697][ T6156] usb 8-1: config 0 interface 247 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  169.080519][ T6156] usb 8-1: config 0 interface 247 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  169.103021][ T6156] usb 8-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  169.106940][ T6156] usb 8-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  169.202855][ T6156] usb 8-1: Product: syz
[  169.204253][ T6156] usb 8-1: Manufacturer: syz
[  169.209854][ T6156] usb 8-1: config 0 descriptor??
[  169.354308][T10040] __nla_validate_parse: 1 callbacks suppressed
[  169.354319][T10040] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1158'.
[  169.360983][T10040] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1158'.
[  169.416456][    T9] usb 8-1: USB disconnect, device number 17
[  169.770244][T10046] overlay: filesystem on ./bus not supported as upperdir
[  169.858662][T10052] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1164'.
[  170.064388][   T40] audit: type=1804 audit(1755318121.452:50): pid=10059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1163" name="/newroot/245/bus/bus" dev="overlay" ino=1377 res=1 errno=0
[  170.092347][   T40] audit: type=1804 audit(1755318121.482:51): pid=10059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1163" name="/newroot/245/bus/bus" dev="overlay" ino=1377 res=1 errno=0
[  170.882029][T10088] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1171'.
[  170.885075][T10088] netlink: 'syz.3.1171': attribute type 7 has an invalid length.
[  170.889415][T10088] netlink: 'syz.3.1171': attribute type 8 has an invalid length.
[  170.892001][T10088] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1171'.
[  170.900250][T10088] gretap0: entered promiscuous mode
[  170.903090][T10088] batadv_slave_1: entered promiscuous mode
[  170.906495][T10088] erspan0: entered promiscuous mode
[  170.916386][T10088] hsr1: Slave A (gretap0) is not up; please bring it up to get a fully working HSR network
[  170.920540][T10088] hsr1: Slave B (batadv_slave_1) is not up; please bring it up to get a fully working HSR network
[  170.924714][T10088] hsr1: Interlink (erspan0) is not up; please bring it up to get a fully working HSR network
[  170.955000][T10092] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1173'.
[  171.237367][  T840] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  171.407300][  T840] usb 8-1: Using ep0 maxpacket: 32
[  171.412546][  T840] usb 8-1: config 0 has an invalid interface number: 247 but max is 0
[  171.415134][  T840] usb 8-1: config 0 has no interface number 0
[  171.417110][  T840] usb 8-1: config 0 interface 247 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  171.427025][  T840] usb 8-1: config 0 interface 247 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  171.444246][  T840] usb 8-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  171.447119][  T840] usb 8-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  171.449809][  T840] usb 8-1: Product: syz
[  171.451162][  T840] usb 8-1: Manufacturer: syz
[  171.454824][  T840] usb 8-1: config 0 descriptor??
[  171.665461][ T6156] usb 8-1: USB disconnect, device number 18
[  172.454016][T10131] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1180'.
[  172.512684][T10138] tipc: Resetting bearer <eth:team0>
[  172.543961][T10138] team0: Mode changed to "loadbalance"
[  172.547103][T10138] netlink: 'syz.0.1182': attribute type 10 has an invalid length.
[  172.933986][T10151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1186'.
[  172.943933][T10151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1186'.
[  173.368186][    T9] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  173.387739][T10180] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1191'.
[  173.457259][  T842] vhci_hcd: vhci_device speed not set
[  173.520145][T10188] syz_tun: left promiscuous mode
[  173.521805][T10188] syz_tun: left allmulticast mode
[  173.528946][    T9] usb 5-1: Using ep0 maxpacket: 32
[  173.535260][    T9] usb 5-1: config 0 has an invalid interface number: 247 but max is 0
[  173.538409][    T9] usb 5-1: config 0 has no interface number 0
[  173.540414][    T9] usb 5-1: config 0 interface 247 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  173.543736][    T9] usb 5-1: config 0 interface 247 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  173.557481][    T9] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  173.560700][    T9] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  173.563655][    T9] usb 5-1: Product: syz
[  173.565178][    T9] usb 5-1: Manufacturer: syz
[  173.571589][    T9] usb 5-1: config 0 descriptor??
[  173.782183][   T24] usb 5-1: USB disconnect, device number 14
[  174.455560][T10214] __nla_validate_parse: 6 callbacks suppressed
[  174.455578][T10214] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1201'.
[  174.683762][   T40] audit: type=1804 audit(1755318126.062:52): pid=10220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1202" name="/newroot/308/bus/bus" dev="overlay" ino=1689 res=1 errno=0
[  174.697883][   T40] audit: type=1804 audit(1755318126.092:53): pid=10220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1202" name="/newroot/308/bus/bus" dev="overlay" ino=1689 res=1 errno=0
[  175.121132][T10230] fuse: Invalid rootmode
[  175.387237][  T840] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  175.537219][  T840] usb 8-1: Using ep0 maxpacket: 32
[  175.542847][  T840] usb 8-1: config 0 has an invalid interface number: 247 but max is 0
[  175.545445][  T840] usb 8-1: config 0 has no interface number 0
[  175.552330][  T840] usb 8-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  175.555452][  T840] usb 8-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  175.558298][  T840] usb 8-1: Product: syz
[  175.560297][  T840] usb 8-1: Manufacturer: syz
[  175.567020][  T840] usb 8-1: config 0 descriptor??
[  175.608393][T10239] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1209'.
[  175.783846][    T9] usb 8-1: USB disconnect, device number 19
[  175.922817][T10248] FAULT_INJECTION: forcing a failure.
[  175.922817][T10248] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  175.928183][T10248] CPU: 3 UID: 0 PID: 10248 Comm: syz.2.1212 Not tainted 6.17.0-rc1-syzkaller-00116-gd7ee5bdce789 #0 PREEMPT(full) 
[  175.928209][T10248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  175.928219][T10248] Call Trace:
[  175.928225][T10248]  <TASK>
[  175.928233][T10248]  dump_stack_lvl+0x16c/0x1f0
[  175.928259][T10248]  should_fail_ex+0x512/0x640
[  175.928286][T10248]  _copy_from_iter+0x29f/0x16f0
[  175.928318][T10248]  ? __pfx__copy_from_iter+0x10/0x10
[  175.928366][T10248]  ? get_pid_task+0xfc/0x250
[  175.928402][T10248]  file_tty_write.constprop.0+0x488/0x9b0
[  175.928434][T10248]  vfs_write+0x7d0/0x11d0
[  175.928455][T10248]  ? __pfx_tty_write+0x10/0x10
[  175.928471][T10248]  ? __pfx_vfs_write+0x10/0x10
[  175.928482][T10248]  ? find_held_lock+0x2b/0x80
[  175.928501][T10248]  ksys_write+0x12a/0x250
[  175.928512][T10248]  ? __pfx_ksys_write+0x10/0x10
[  175.928542][T10248]  ? rcu_is_watching+0x12/0xc0
[  175.928556][T10248]  __do_fast_syscall_32+0x7c/0x3a0
[  175.928571][T10248]  do_fast_syscall_32+0x32/0x80
[  175.928585][T10248]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  175.928598][T10248] RIP: 0023:0xf7f55579
[  175.928607][T10248] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  175.928619][T10248] RSP: 002b:00000000f543455c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  175.928629][T10248] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000280
[  175.928636][T10248] RDX: 0000000000001006 RSI: 0000000000000000 RDI: 0000000000000000
[  175.928642][T10248] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  175.928647][T10248] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  175.928653][T10248] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  175.928666][T10248]  </TASK>
[  176.005238][    C3] vkms_vblank_simulate: vblank timer overrun
[  176.007902][T10250] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1211'.
[  176.010809][T10250] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1211'.
[  176.356145][   T40] audit: type=1804 audit(1755318127.742:54): pid=10252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1213" name="/newroot/305/file1" dev="tmpfs" ino=1732 res=1 errno=0
[  176.363296][   T40] audit: type=1800 audit(1755318127.742:55): pid=10252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1213" name="file1" dev="tmpfs" ino=1732 res=0 errno=0
[  176.799184][    T9] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  176.877384][  T842] usb 6-1: new full-speed USB device number 16 using dummy_hcd
[  176.997262][    T9] usb 8-1: Using ep0 maxpacket: 32
[  177.000303][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.003735][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.007227][    T9] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  177.010074][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.013659][    T9] usb 8-1: config 0 descriptor??
[  177.038963][  T842] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  177.042814][  T842] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  177.046564][  T842] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  177.050511][  T842] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.055850][  T842] usb 6-1: config 0 descriptor??
[  177.060801][  T842] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  177.063586][  T842] dvb-usb: bulk message failed: -22 (3/0)
[  177.066864][  T842] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  177.070040][  T842] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  177.072281][  T842] usb 6-1: media controller created
[  177.074768][  T842] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  177.080775][  T842] dvb-usb: bulk message failed: -22 (6/0)
[  177.082638][  T842] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  177.086103][  T842] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input16
[  177.090904][  T842] dvb-usb: schedule remote query interval to 150 msecs.
[  177.093120][  T842] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  177.222452][T10256] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.227442][T10256] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.247362][  T842] dvb-usb: bulk message failed: -22 (1/0)
[  177.249271][  T842] dvb-usb: error while querying for an remote control event.
[  177.317477][  T842] usb 6-1: USB disconnect, device number 16
[  177.333633][  T842] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  177.578908][    T9] usbhid 8-1:0.0: can't add hid device: -71
[  177.580901][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  177.608374][    T9] usb 8-1: USB disconnect, device number 20
[  177.967216][ T6156] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  177.993015][   T40] audit: type=1804 audit(1755318129.382:56): pid=10272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1220" name="/newroot/342/bus/bus" dev="overlay" ino=1924 res=1 errno=0
[  178.008972][   T40] audit: type=1804 audit(1755318129.402:57): pid=10272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1220" name="/newroot/342/bus/bus" dev="overlay" ino=1924 res=1 errno=0
[  178.127352][ T6156] usb 5-1: Using ep0 maxpacket: 32
[  178.177298][ T6156] usb 5-1: config 0 has an invalid interface number: 247 but max is 0
[  178.179937][ T6156] usb 5-1: config 0 has no interface number 0
[  178.181874][ T6156] usb 5-1: config 0 interface 247 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  178.187360][ T6156] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  178.190184][ T6156] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  178.192717][ T6156] usb 5-1: Product: syz
[  178.194579][ T6156] usb 5-1: Manufacturer: syz
[  178.197471][ T6156] usb 5-1: config 0 descriptor??
[  178.406015][    T9] usb 5-1: USB disconnect, device number 15
[  178.417363][   T60] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  178.597400][   T60] usb 8-1: Using ep0 maxpacket: 32
[  178.608593][   T60] usb 8-1: config 0 has an invalid interface number: 247 but max is 0
[  178.611729][   T60] usb 8-1: config 0 has no interface number 0
[  178.615267][   T60] usb 8-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  178.618324][   T60] usb 8-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  178.627268][   T60] usb 8-1: Product: syz
[  178.629514][   T60] usb 8-1: Manufacturer: syz
[  178.757683][   T60] usb 8-1: config 0 descriptor??
[  178.936029][T10297] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1225'.
[  178.940935][T10297] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1225'.
[  178.986563][T10298] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1224'.
[  178.990403][T10298] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1224'.
[  179.021449][    T9] usb 8-1: USB disconnect, device number 21
[  179.300887][T10306] kernel profiling enabled (shift: 16)
[  179.357238][ T6057] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  179.757204][ T6057] usb 5-1: Using ep0 maxpacket: 32
[  179.762219][ T6057] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.766159][ T6057] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.769799][ T6057] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  179.772732][ T6057] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.815749][ T6057] usb 5-1: config 0 descriptor??
[  180.187628][T10346] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1229'.
[  180.190488][T10346] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1229'.
[  180.364063][T10300] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.369793][T10300] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.599471][ T6057] usbhid 5-1:0.0: can't add hid device: -71
[  180.601434][ T6057] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  180.613901][ T6057] usb 5-1: USB disconnect, device number 16
[  181.127335][ T1345] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  181.308462][ T1345] usb 6-1: Using ep0 maxpacket: 32
[  181.315988][ T1345] usb 6-1: config 0 has an invalid interface number: 247 but max is 0
[  181.320073][ T1345] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  181.324476][ T1345] usb 6-1: config 0 has no interface number 0
[  181.327787][ T1345] usb 6-1: config 0 interface 247 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  181.334891][ T1345] usb 6-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  181.340497][ T1345] usb 6-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  181.344185][ T1345] usb 6-1: Product: syz
[  181.346190][ T1345] usb 6-1: Manufacturer: syz
[  181.355370][ T1345] usb 6-1: config 0 descriptor??
[  181.575976][ T5975] usb 6-1: USB disconnect, device number 17
[  181.657754][T10392] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1237'.
[  181.661594][T10392] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1237'.
[  181.665772][   T60] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  181.847254][   T60] usb 5-1: Using ep0 maxpacket: 32
[  181.850747][   T60] usb 5-1: config 0 has an invalid interface number: 247 but max is 0
[  181.853446][   T60] usb 5-1: config 0 has no interface number 0
[  181.856770][   T60] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  181.859771][   T60] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  181.862358][   T60] usb 5-1: Product: syz
[  181.863717][   T60] usb 5-1: Manufacturer: syz
[  181.868167][   T60] usb 5-1: config 0 descriptor??
[  182.074919][   T60] usb 5-1: USB disconnect, device number 17
[  182.571829][T10422] ptrace attach of "/syz-executor exec"[5972] was attempted by "/syz-executor exec"[10422]
[  183.487244][ T1345] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  183.708077][ T1345] usb 8-1: Using ep0 maxpacket: 32
[  183.712029][ T1345] usb 8-1: config 0 has an invalid interface number: 247 but max is 0
[  183.714767][ T1345] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  183.719257][ T1345] usb 8-1: config 0 has no interface number 0
[  183.721211][ T1345] usb 8-1: config 0 interface 247 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  183.726725][ T1345] usb 8-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  183.730016][ T1345] usb 8-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  183.732891][ T1345] usb 8-1: Product: syz
[  183.734140][ T1345] usb 8-1: Manufacturer: syz
[  183.737639][ T1345] usb 8-1: config 0 descriptor??
[  183.949611][ T1345] usb 8-1: USB disconnect, device number 22
[  184.378888][T10453] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1253'.
[  184.411859][T10455] binder: 10454:10455 ioctl c00c6211 0 returned -14
[  184.747378][  T842] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[  184.907223][  T842] usb 8-1: Using ep0 maxpacket: 32
[  184.911047][  T842] usb 8-1: config 0 has an invalid interface number: 247 but max is 0
[  184.914524][  T842] usb 8-1: config 0 has no interface number 0
[  184.916805][  T842] usb 8-1: config 0 interface 247 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  184.921114][  T842] usb 8-1: config 0 interface 247 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  184.929489][  T842] usb 8-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  184.932963][  T842] usb 8-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  184.936133][  T842] usb 8-1: Product: syz
[  184.938646][  T842] usb 8-1: Manufacturer: syz
[  184.946490][  T842] usb 8-1: config 0 descriptor??
[  185.266354][ T1345] usb 8-1: USB disconnect, device number 23
[  186.057636][   T60] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[  186.107363][  T840] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  186.241187][   T60] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  186.245994][   T60] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  186.252137][   T60] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  186.256579][   T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.257255][  T840] usb 6-1: Using ep0 maxpacket: 8
[  186.265126][  T840] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  186.269071][  T840] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  186.272348][  T840] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  186.275588][  T840] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  186.280193][  T840] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  186.284828][  T840] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.392225][T10488] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  186.444039][   T60] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  186.511253][  T840] usb 6-1: GET_CAPABILITIES returned 0
[  186.513066][  T840] usbtmc 6-1:16.0: can't read capabilities
[  186.715160][  T842] usb 6-1: USB disconnect, device number 18
[  186.861993][T10489] process 'syz.2.1263' launched '/dev/fd/4' with NULL argv: empty string added
[  187.088505][   T60] usb 7-1: USB disconnect, device number 40
[  187.619875][T10503] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1267'.
[  187.623611][T10503] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1267'.
[  188.904861][T10549] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0
[  189.093937][T10554] netlink: 'syz.1.1276': attribute type 4 has an invalid length.
[  189.517281][ T1345] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  189.687203][ T1345] usb 6-1: Using ep0 maxpacket: 32
[  189.690106][ T1345] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  189.694653][ T1345] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  189.697563][ T1345] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.700171][ T1345] usb 6-1: Product: syz
[  189.701501][ T1345] usb 6-1: Manufacturer: syz
[  189.702993][ T1345] usb 6-1: SerialNumber: syz
[  189.705846][ T1345] usb 6-1: config 0 descriptor??
[  189.708593][T10571] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  189.714046][ T1345] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input17
[  189.986675][T10571] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  190.007931][    C0] usbtouchscreen 6-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  190.007933][  T840] usb 6-1: USB disconnect, device number 19
[  190.103979][T10587] overlay: Unknown parameter 'uid<00000000000000000000'
[  190.969314][   T60] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[  191.120502][   T60] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.126203][   T60] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.135226][   T60] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  191.145835][   T60] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  191.149748][   T60] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.154150][   T60] usb 8-1: config 0 descriptor??
[  191.407284][  T840] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  191.511074][T10635] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1290'.
[  191.514035][T10635] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1290'.
[  191.558553][  T840] usb 5-1: Using ep0 maxpacket: 32
[  191.569166][  T840] usb 5-1: config 0 has an invalid interface number: 247 but max is 0
[  191.577114][  T840] usb 5-1: config 0 has no interface number 0
[  191.580479][   T60] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  191.583057][   T60] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  191.585440][   T60] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  191.589335][   T60] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  191.590224][  T840] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  191.591669][   T60] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  191.594336][  T840] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  191.594350][  T840] usb 5-1: Product: syz
[  191.594357][  T840] usb 5-1: Manufacturer: syz
[  191.595969][  T840] usb 5-1: config 0 descriptor??
[  191.699193][   T60] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  191.701574][   T60] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  191.703918][   T60] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  191.706257][   T60] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  191.708786][   T60] plantronics 0003:047F:FFFF.001B: unknown main item tag 0x0
[  191.721898][   T60] plantronics 0003:047F:FFFF.001B: hiddev1,hidraw1: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  191.767932][ T1345] usb 8-1: USB disconnect, device number 24
[  191.821882][  T840] usb 5-1: USB disconnect, device number 18
[  191.876884][T10650] block device autoloading is deprecated and will be removed.
[  192.175976][T10656] netlink: 'syz.2.1294': attribute type 4 has an invalid length.
[  192.983994][T10677] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1301'.
[  193.527348][  T840] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  193.579304][T10688] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1303'.
[  193.625648][T10688] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1303'.
[  193.677364][  T840] usb 5-1: Using ep0 maxpacket: 32
[  193.680304][  T840] usb 5-1: config 0 has an invalid interface number: 247 but max is 0
[  193.682859][  T840] usb 5-1: config 0 has no interface number 0
[  193.696539][  T840] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  193.699400][  T840] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  193.701930][  T840] usb 5-1: Product: syz
[  193.703273][  T840] usb 5-1: Manufacturer: syz
[  193.706239][  T840] usb 5-1: config 0 descriptor??
[  193.755542][T10691] netlink: 'syz.1.1305': attribute type 4 has an invalid length.
[  193.914452][  T842] usb 5-1: USB disconnect, device number 19
[  193.951341][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  193.953884][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  193.956050][T10698] netlink: 'syz.1.1308': attribute type 4 has an invalid length.
[  194.453035][T10706] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1310'.
[  194.608124][T10701] Illegal XDP return value 4294967274 on prog  (id 256) dev N/A, expect packet loss!
[  195.441565][T10719] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1315'.
[  196.534336][T10737] comedi comedi0: aio_iiro_16: I/O port conflict (0x5,8)
[  197.300200][ T1345] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  197.457351][ T1345] usb 5-1: Using ep0 maxpacket: 32
[  197.461204][ T1345] usb 5-1: config 0 has an invalid interface number: 247 but max is 0
[  197.464726][ T1345] usb 5-1: config 0 has no interface number 0
[  197.469582][ T1345] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  197.473319][ T1345] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  197.475836][ T1345] usb 5-1: Product: syz
[  197.477552][ T1345] usb 5-1: Manufacturer: syz
[  197.480895][ T1345] usb 5-1: config 0 descriptor??
[  197.689923][ T1345] usb 5-1: USB disconnect, device number 20
[  197.901546][T10752] fuse: Unknown parameter '0x0000000000000003'
[  198.279835][T10759] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1327'.
[  198.599767][T10771] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1326'.
[  198.603918][T10771] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1326'.
[  198.728661][T10775] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1328'.
[  198.734646][T10775] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1328'.
[  199.147251][T10784] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1331'.
[  199.374764][T10794] fuse: Unknown parameter '0x0000000000000003'
[  199.636816][T10811] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  199.642970][T10811] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  199.914974][  T840] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  200.068580][  T840] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  200.078262][  T840] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  200.085073][  T840] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  200.093871][  T840] usb 8-1: SerialNumber: syz
[  200.127385][T10844] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1341'.
[  200.130088][T10844] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1341'.
[  200.629408][T10853] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1344'.
[  200.677210][T10853] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1344'.
[  200.824049][  T840] cdc_ether 8-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.3-1, CDC Ethernet Device, 42:42:42:42:42:42
[  202.652056][  T840] usb 8-1: USB disconnect, device number 25
[  202.654952][  T840] cdc_ether 8-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.3-1, CDC Ethernet Device
[  204.114848][T10967] __nla_validate_parse: 2 callbacks suppressed
[  204.114861][T10967] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1357'.
[  204.120264][T10967] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1357'.
[  204.302411][T10972] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  204.305011][T10972] overlayfs: missing 'lowerdir'
[  205.248209][T10993] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1367'.
[  205.487301][  T840] usb 7-1: new high-speed USB device number 41 using dummy_hcd
[  205.637283][  T840] usb 7-1: Using ep0 maxpacket: 8
[  205.640456][  T840] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  205.642985][  T840] usb 7-1: config 0 has no interface number 0
[  205.644939][  T840] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  205.649057][  T840] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  205.652213][  T840] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.656256][  T840] usb 7-1: config 0 descriptor??
[  205.660999][  T840] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  206.917938][ T6156] usb 7-1: USB disconnect, device number 41
[  208.627789][T11084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1385'.
[  208.652174][T11084] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  208.775032][T11088] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1388'.
[  208.779375][T11088] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1388'.
[  208.879915][   T24] IPVS: starting estimator thread 0...
[  208.979982][T11094] IPVS: using max 45 ests per chain, 108000 per kthread
[  210.292780][T11119] serio: Serial port ptm0
[  210.727259][ T1345] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[  210.877762][ T1345] usb 7-1: Using ep0 maxpacket: 32
[  210.881364][ T1345] usb 7-1: config 0 has an invalid interface number: 247 but max is 0
[  210.883774][ T1345] usb 7-1: config 0 has no interface number 0
[  210.887383][ T1345] usb 7-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  210.890540][ T1345] usb 7-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  210.893072][ T1345] usb 7-1: Product: syz
[  210.894389][ T1345] usb 7-1: Manufacturer: syz
[  210.897730][ T1345] usb 7-1: config 0 descriptor??
[  211.104826][ T6156] usb 7-1: USB disconnect, device number 42
[  211.670418][T11160] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1405'.
[  211.674379][T11160] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1405'.
[  212.837207][   T24] usb 7-1: new high-speed USB device number 43 using dummy_hcd
[  212.997364][   T24] usb 7-1: Using ep0 maxpacket: 32
[  213.001637][   T24] usb 7-1: config 0 has an invalid interface number: 247 but max is 0
[  213.006362][   T24] usb 7-1: config 0 has no interface number 0
[  213.010945][   T24] usb 7-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  213.014476][   T24] usb 7-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  213.021465][   T24] usb 7-1: Product: syz
[  213.042596][   T24] usb 7-1: Manufacturer: syz
[  213.049490][   T24] usb 7-1: config 0 descriptor??
[  213.259287][  T840] usb 7-1: USB disconnect, device number 43
[  213.502268][T11216] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1414'.
[  213.507548][T11216] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1414'.
[  213.600268][T11222] fuse: Unknown parameter 'grou00000000000000000000'
[  213.748403][T11225] loop4: detected capacity change from 0 to 524255232
[  213.856123][T11231] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1417'.
[  213.871690][T11231] tipc: Resetting bearer <eth:team0>
[  213.874207][T11231] tipc: Resetting bearer <eth:team0>
[  213.880048][T11231] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  213.890927][T11230] loop4: detected capacity change from 524255232 to 524287956
[  214.015169][T11233] block device autoloading is deprecated and will be removed.
[  214.020682][T11233] syz.2.1420: attempt to access beyond end of device
[  214.020682][T11233] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  216.268989][ T6156] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  216.417270][ T6156] usb 5-1: Using ep0 maxpacket: 32
[  216.420261][ T6156] usb 5-1: config 0 has an invalid interface number: 247 but max is 0
[  216.422791][ T6156] usb 5-1: config 0 has no interface number 0
[  216.426390][ T6156] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  216.430963][ T6156] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  216.434160][ T6156] usb 5-1: Product: syz
[  216.435823][ T6156] usb 5-1: Manufacturer: syz
[  216.442925][ T6156] usb 5-1: config 0 descriptor??
[  216.654417][ T6057] usb 5-1: USB disconnect, device number 21
[  216.840670][T11281] input: syz1 as /devices/virtual/input/input18
[  216.909901][T11281] ieee802154 phy0 wpan0: encryption failed: -22
[  217.045497][T11285] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1431'.
[  217.050896][T11285] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1431'.
[  218.797392][   T24] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  218.957294][   T24] usb 5-1: Using ep0 maxpacket: 32
[  218.961535][   T24] usb 5-1: config 0 has an invalid interface number: 247 but max is 0
[  218.965390][   T24] usb 5-1: config 0 has no interface number 0
[  218.970648][   T24] usb 5-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  218.974602][   T24] usb 5-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  218.978292][   T24] usb 5-1: Product: syz
[  218.980194][   T24] usb 5-1: Manufacturer: syz
[  218.985578][   T24] usb 5-1: config 0 descriptor??
[  219.192368][   T24] usb 5-1: USB disconnect, device number 22
[  220.723684][T11379] 9pnet_fd: Insufficient options for proto=fd
[  221.171372][T11394] fuse: Bad value for 'rootmode'
[  221.551088][T11402] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1464'.
[  221.554028][T11402] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1464'.
[  221.897610][T11406] fuse: Unknown parameter 'group_id00000000000000000000'
[  222.210715][T11423] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1470'.
[  222.396438][T11441] netlink: 'syz.1.1474': attribute type 2 has an invalid length.
[  222.399476][T11441] netlink: 'syz.1.1474': attribute type 11 has an invalid length.
[  222.402155][T11441] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1474'.
[  222.429051][T11445] fuse: Unknown parameter 'group_id00000000000000000000'
[  222.606771][T11459] veth0_to_bond: entered allmulticast mode
[  222.886573][T11468] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1479'.
[  222.890591][T11468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1479'.
[  223.009790][T11472] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1481'.
[  223.119688][T11480] fuse: Unknown parameter 'group_id00000000000000000000'
[  223.175501][T11484] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1487'.
[  223.270256][T11485] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1480'.
[  223.274000][T11485] netlink: 'syz.3.1480': attribute type 13 has an invalid length.
[  223.752874][T11485] 8021q: adding VLAN 0 to HW filter on device bond0
[  223.759321][T11485] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  224.153436][T11507] overlayfs: failed lookup in lower (newroot/378, name='file1', err=-40): overlapping layers
[  224.196867][T11509] fuse: Bad value for 'user_id'
[  224.198593][T11509] fuse: Bad value for 'user_id'
[  224.297117][T11513] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1496'.
[  224.659285][T11520] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  224.661384][T11520] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  224.676639][T11520] vhci_hcd vhci_hcd.0: Device attached
[  224.957316][ T6156] usb 42-1: SetAddress Request (2) to port 0
[  224.962232][ T6156] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[  225.254797][T11521] vhci_hcd: connection reset by peer
[  225.260810][   T90] vhci_hcd: stop threads
[  225.262246][   T90] vhci_hcd: release socket
[  225.264191][   T90] vhci_hcd: disconnect device
[  225.913827][T11563] 9pnet_fd: Insufficient options for proto=fd
[  225.943388][T11565] fuse: Bad value for 'user_id'
[  225.945046][T11565] fuse: Bad value for 'user_id'
[  226.097034][T11572] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1505'.
[  226.291662][T11575] tipc: Resetting bearer <eth:team0>
[  227.269348][T11603] 9pnet_fd: Insufficient options for proto=fd
[  227.273282][T11609] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1510'.
[  227.276131][T11609] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1510'.
[  227.567434][ T5975] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  227.719343][ T5975] usb 5-1: config 4 has an invalid interface number: 84 but max is 0
[  227.722336][ T5975] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  227.725947][ T5975] usb 5-1: config 4 has no interface number 0
[  227.729434][ T5975] usb 5-1: config 4 interface 84 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  227.731373][T11627] fuse: Bad value for 'user_id'
[  227.734993][ T5975] usb 5-1: New USB device found, idVendor=8086, idProduct=0b63, bcdDevice=ca.f3
[  227.735002][T11627] fuse: Bad value for 'user_id'
[  227.737988][ T5975] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.741913][ T5975] usb 5-1: Product: syz
[  227.743229][ T5975] usb 5-1: Manufacturer: syz
[  227.744719][ T5975] usb 5-1: SerialNumber: syz
[  227.748869][ T5975] ljca 5-1:4.84: bulk endpoints not found
[  227.952369][ T5975] usb 5-1: USB disconnect, device number 23
[  228.442198][T11656] 9pnet_fd: Insufficient options for proto=fd
[  228.655581][T11665] fuse: Bad value for 'fd'
[  228.978931][T11676] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1525'.
[  228.981801][T11676] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1525'.
[  229.627306][T11683] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1527'.
[  229.630178][T11683] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1527'.
[  230.027264][ T6156] usb 42-1: device descriptor read/8, error -110
[  230.175448][T11696] fuse: Bad value for 'fd'
[  230.437882][ T6156] usb usb42-port1: attempt power cycle
[  230.590302][T11706] erspan0: entered promiscuous mode
[  230.592344][T11706] erspan0: entered allmulticast mode
[  230.601520][T11706] usb 1-1: USB disconnect, device number 2
[  230.694769][T11706] mmap: syz.1.1535 (11706) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  230.888853][T11715] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1536'.
[  230.892970][T11715] netlink: 'syz.0.1536': attribute type 13 has an invalid length.
[  231.007789][ T6156] usb usb42-port1: unable to enumerate USB device
[  231.702220][T11722] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1538'.
[  231.705391][T11722] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1538'.
[  231.778175][T11715] tipc: Resetting bearer <eth:team0>
[  231.781342][T11715] tipc: Resetting bearer <eth:team0>
[  231.789316][T11715] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  232.156756][T11727] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1540'.
[  232.243109][T11730] fuse: Bad value for 'fd'
[  234.006393][T11761] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1549'.
[  234.297401][ T1345] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  234.449013][ T1345] usb 6-1: config 4 has an invalid interface number: 84 but max is 0
[  234.457288][ T1345] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  234.460445][ T1345] usb 6-1: config 4 has no interface number 0
[  234.462376][ T1345] usb 6-1: config 4 interface 84 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  234.468349][ T1345] usb 6-1: New USB device found, idVendor=8086, idProduct=0b63, bcdDevice=ca.f3
[  234.471160][ T1345] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.473663][ T1345] usb 6-1: Product: syz
[  234.475005][ T1345] usb 6-1: Manufacturer: syz
[  234.476550][ T1345] usb 6-1: SerialNumber: syz
[  234.486013][ T1345] ljca 6-1:4.84: bulk endpoints not found
[  234.696494][  T840] usb 6-1: USB disconnect, device number 20
[  235.262434][T11805] No source specified
[  235.310185][ T5336] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  235.385311][T11812] sctp: [Deprecated]: syz.1.1560 (pid 11812) Use of int in max_burst socket option deprecated.
[  235.385311][T11812] Use struct sctp_assoc_value instead
[  235.399007][T11815] fuse: Bad value for 'fd'
[  235.865662][T11832] fuse: Bad value for 'group_id'
[  235.867484][T11832] fuse: Bad value for 'group_id'
[  236.166994][T11843] fuse: Invalid rootmode
[  236.723713][T11883] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.1579'.
[  236.777368][T11888] fuse: Invalid rootmode
[  236.908866][T11908] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[  236.975942][T11913] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1589'.
[  237.252520][T11927] fuse: Invalid rootmode
[  237.684198][T11971] fuse: Unknown parameter '00000000000000000000'
[  238.567188][T12019] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1607'.
[  238.573662][T12019] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1607'.
[  238.601579][T12021] fuse: Unknown parameter '00000000000000000000'
[  238.719489][T12032] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1613'.
[  238.757706][ T5336] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  238.812180][T12037] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1615'.
[  238.819116][T12037] input: syz0 as /devices/virtual/input/input19
[  238.833462][T12038] sctp: [Deprecated]: syz.2.1614 (pid 12038) Use of int in max_burst socket option deprecated.
[  238.833462][T12038] Use struct sctp_assoc_value instead
[  239.175254][T12049] fuse: Unknown parameter '00000000000000000000'
[  239.488505][T12060] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1623'.
[  240.120342][T12076] fuse: Unknown parameter 'user00000000000000000000'
[  241.207234][ T6156] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  241.427313][ T6156] usb 5-1: Using ep0 maxpacket: 16
[  241.438302][ T6156] usb 5-1: config 0 has no interfaces?
[  241.442710][ T6156] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  241.445564][ T6156] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.467221][ T6156] usb 5-1: Product: syz
[  241.468599][ T6156] usb 5-1: Manufacturer: syz
[  241.470061][ T6156] usb 5-1: SerialNumber: syz
[  241.478631][ T6156] usb 5-1: config 0 descriptor??
[  241.878945][ T6156] usb 5-1: USB disconnect, device number 24
[  242.173132][T12109] fuse: Unknown parameter 'user00000000000000000000'
[  242.467846][T12116] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1643'.
[  243.407504][T12136] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1648'.
[  243.731114][T12141] fuse: Unknown parameter 'user00000000000000000000'
[  244.133839][T12169] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1653'.
[  244.511965][T12175] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  244.957224][ T1345] usb 7-1: new high-speed USB device number 44 using dummy_hcd
[  245.108780][ T1345] usb 7-1: Using ep0 maxpacket: 16
[  245.116629][ T1345] usb 7-1: config 0 has no interfaces?
[  245.123317][ T1345] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  245.129014][ T1345] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.132200][ T1345] usb 7-1: Product: syz
[  245.133488][ T1345] usb 7-1: Manufacturer: syz
[  245.135963][ T1345] usb 7-1: SerialNumber: syz
[  245.142708][ T1345] usb 7-1: config 0 descriptor??
[  245.271778][T12214] program syz.0.1657 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  245.748826][  T840] usb 7-1: USB disconnect, device number 44
[  246.105660][T12255] fuse: Unknown parameter 'user_i00000000000000000000'
[  246.138826][T12257] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1667'.
[  246.788980][T12287] fuse: Unknown parameter 'user_i00000000000000000000'
[  247.743966][T12319] tipc: Started in network mode
[  247.746275][T12319] tipc: Node identity 9ebb20eacd6c, cluster identity 4711
[  247.761626][T12319] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  247.765879][T12319] syzkaller0: entered promiscuous mode
[  247.768367][T12319] syzkaller0: entered allmulticast mode
[  247.788674][T12318] tipc: Resetting bearer <eth:syzkaller0>
[  247.824531][T12318] tipc: Disabling bearer <eth:syzkaller0>
[  248.151239][T12334] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1680'.
[  248.154126][T12334] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1680'.
[  249.098569][T12366] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  249.552548][T12389] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1694'.
[  249.560311][T12391] syzkaller0: entered promiscuous mode
[  249.562122][T12391] syzkaller0: entered allmulticast mode
[  249.700605][T12402] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1696'.
[  249.704002][T12402] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  249.767233][ T1345] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  249.937249][ T1345] usb 6-1: Using ep0 maxpacket: 8
[  249.948472][ T1345] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  249.951007][ T1345] usb 6-1: config 0 has no interface number 0
[  249.953464][ T1345] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  249.956791][ T1345] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  249.961598][ T1345] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  249.965718][ T1345] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  249.970259][ T1345] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  249.973079][ T1345] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.976673][ T1345] usb 6-1: config 0 descriptor??
[  249.989802][ T1345] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  250.085933][T12418] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1698'.
[  250.089022][T12418] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1698'.
[  250.327253][ T1345] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  250.477920][ T1345] usb 5-1: too many configurations: 13, using maximum allowed: 8
[  250.481771][ T1345] usb 5-1: config 0 has no interfaces?
[  250.484493][ T1345] usb 5-1: config 0 has no interfaces?
[  250.487403][ T1345] usb 5-1: config 0 has no interfaces?
[  250.490142][ T1345] usb 5-1: config 0 has no interfaces?
[  250.492905][ T1345] usb 5-1: config 0 has no interfaces?
[  250.495604][ T1345] usb 5-1: config 0 has no interfaces?
[  250.498499][ T1345] usb 5-1: config 0 has no interfaces?
[  250.501715][ T1345] usb 5-1: config 0 has no interfaces?
[  250.505877][ T1345] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  250.508831][ T1345] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.511345][ T1345] usb 5-1: Product: syz
[  250.512798][ T1345] usb 5-1: Manufacturer: syz
[  250.514368][ T1345] usb 5-1: SerialNumber: syz
[  250.517869][ T1345] usb 5-1: config 0 descriptor??
[  250.722205][T12427] netlink: 'syz.3.1709': attribute type 12 has an invalid length.
[  250.730442][ T6156] usb 5-1: USB disconnect, device number 25
[  251.140773][T12422] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1700'.
[  251.143656][T12422] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1700'.
[  251.168457][T12470] fuse: Bad value for 'fd'
[  251.387352][  T842] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  251.537713][  T842] usb 5-1: too many configurations: 13, using maximum allowed: 8
[  251.541147][  T842] usb 5-1: config 0 has no interfaces?
[  251.543723][  T842] usb 5-1: config 0 has no interfaces?
[  251.553979][  T842] usb 5-1: config 0 has no interfaces?
[  251.556779][  T842] usb 5-1: config 0 has no interfaces?
[  251.559800][  T842] usb 5-1: config 0 has no interfaces?
[  251.562568][  T842] usb 5-1: config 0 has no interfaces?
[  251.566447][  T842] usb 5-1: config 0 has no interfaces?
[  251.571321][  T842] usb 5-1: config 0 has no interfaces?
[  251.575938][  T842] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  251.580020][  T842] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.582906][  T842] usb 5-1: Product: syz
[  251.584450][  T842] usb 5-1: Manufacturer: syz
[  251.586264][  T842] usb 5-1: SerialNumber: syz
[  251.591424][  T842] usb 5-1: config 0 descriptor??
[  251.830591][T12422] input: syz1 as /devices/virtual/input/input20
[  251.954740][ T1345] usb 5-1: USB disconnect, device number 26
[  252.434989][ T6156] usb 6-1: USB disconnect, device number 21
[  252.445697][ T6156] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  252.927608][  T840] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  253.089113][  T840] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  253.092771][  T840] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  253.097941][  T840] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  253.101692][  T840] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  253.108830][  T840] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  253.112570][  T840] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  253.115895][  T840] usb 6-1: Product: syz
[  253.117872][  T840] usb 6-1: Manufacturer: syz
[  253.130283][  T840] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  253.337039][ T6156] usb 6-1: USB disconnect, device number 22
[  253.655365][T12556] batadv_slave_1: entered promiscuous mode
[  254.649826][T12578] netlink: 'syz.2.1745': attribute type 1 has an invalid length.
[  254.653749][T12578] netlink: 'syz.2.1745': attribute type 1 has an invalid length.
[  254.668287][T12578] 8021q: adding VLAN 0 to HW filter on device bond1
[  254.745322][T12583] bond1: (slave gretap1): making interface the new active one
[  254.748693][T12583] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  255.389453][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  255.391419][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  255.687798][ T1422] ==================================================================
[  255.690052][ T1422] BUG: KASAN: slab-use-after-free in handle_tx+0x5a5/0x630
[  255.692289][ T1422] Read of size 8 at addr ffff888028d36020 by task aoe_tx0/1422
[  255.695524][ T1422] 
[  255.696827][ T1422] CPU: 0 UID: 0 PID: 1422 Comm: aoe_tx0 Not tainted 6.17.0-rc1-syzkaller-00116-gd7ee5bdce789 #0 PREEMPT(full) 
[  255.696841][ T1422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.696848][ T1422] Call Trace:
[  255.696853][ T1422]  <TASK>
[  255.696858][ T1422]  dump_stack_lvl+0x116/0x1f0
[  255.696873][ T1422]  print_report+0xcd/0x630
[  255.696887][ T1422]  ? __virt_addr_valid+0x81/0x610
[  255.696900][ T1422]  ? __phys_addr+0xe8/0x180
[  255.696913][ T1422]  ? handle_tx+0x5a5/0x630
[  255.696923][ T1422]  kasan_report+0xe0/0x110
[  255.696937][ T1422]  ? handle_tx+0x5a5/0x630
[  255.696947][ T1422]  handle_tx+0x5a5/0x630
[  255.696959][ T1422]  dev_hard_start_xmit+0x97/0x740
[  255.696971][ T1422]  __dev_queue_xmit+0xa46/0x4490
[  255.696982][ T1422]  ? lockdep_hardirqs_on+0x7c/0x110
[  255.696994][ T1422]  ? finish_task_switch.isra.0+0x221/0xc10
[  255.697005][ T1422]  ? rcu_is_watching+0x12/0xc0
[  255.697016][ T1422]  ? __pfx___dev_queue_xmit+0x10/0x10
[  255.697026][ T1422]  ? __schedule+0x11a3/0x5de0
[  255.697037][ T1422]  ? __lock_acquire+0xb97/0x1ce0
[  255.697053][ T1422]  ? do_raw_spin_lock+0x12c/0x2b0
[  255.697069][ T1422]  ? find_held_lock+0x2b/0x80
[  255.697078][ T1422]  ? skb_dequeue+0x126/0x180
[  255.697087][ T1422]  ? find_held_lock+0x2b/0x80
[  255.697097][ T1422]  ? rcu_is_watching+0x12/0xc0
[  255.697108][ T1422]  tx+0xcc/0x190
[  255.697131][ T1422]  ? __pfx_tx+0x10/0x10
[  255.697150][ T1422]  kthread+0x1e1/0x3e0
[  255.697161][ T1422]  ? find_held_lock+0x2b/0x80
[  255.697170][ T1422]  ? __pfx_kthread+0x10/0x10
[  255.697181][ T1422]  ? __pfx_default_wake_function+0x10/0x10
[  255.697191][ T1422]  ? lockdep_hardirqs_on+0x7c/0x110
[  255.697203][ T1422]  ? __kthread_parkme+0x19e/0x250
[  255.697216][ T1422]  ? __pfx_kthread+0x10/0x10
[  255.697226][ T1422]  kthread+0x3c2/0x780
[  255.697240][ T1422]  ? __pfx_kthread+0x10/0x10
[  255.697255][ T1422]  ? rcu_is_watching+0x12/0xc0
[  255.697264][ T1422]  ? __pfx_kthread+0x10/0x10
[  255.697278][ T1422]  ret_from_fork+0x5d4/0x6f0
[  255.697294][ T1422]  ? __pfx_kthread+0x10/0x10
[  255.697308][ T1422]  ret_from_fork_asm+0x1a/0x30
[  255.697323][ T1422]  </TASK>
[  255.697327][ T1422] 
[  255.762423][ T1422] Allocated by task 12588:
[  255.763836][ T1422]  kasan_save_stack+0x33/0x60
[  255.765323][ T1422]  kasan_save_track+0x14/0x30
[  255.766790][ T1422]  __kasan_kmalloc+0xaa/0xb0
[  255.768254][ T1422]  alloc_tty_struct+0x96/0x8c0
[  255.769747][ T1422]  tty_init_dev.part.0+0x1e/0x500
[  255.771319][ T1422]  tty_open+0xa50/0xf90
[  255.772665][ T1422]  chrdev_open+0x231/0x6a0
[  255.774067][ T1422]  do_dentry_open+0x97f/0x1530
[  255.775569][ T1422]  vfs_open+0x82/0x3f0
[  255.776887][ T1422]  path_openat+0x1de4/0x2cb0
[  255.778332][ T1422]  do_filp_open+0x20b/0x470
[  255.779770][ T1422]  do_sys_openat2+0x11b/0x1d0
[  255.781244][ T1422]  __ia32_compat_sys_openat+0x16d/0x210
[  255.782991][ T1422]  __do_fast_syscall_32+0x7c/0x3a0
[  255.784612][ T1422]  do_fast_syscall_32+0x32/0x80
[  255.786146][ T1422]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.788124][ T1422] 
[  255.788883][ T1422] Freed by task 840:
[  255.790108][ T1422]  kasan_save_stack+0x33/0x60
[  255.791572][ T1422]  kasan_save_track+0x14/0x30
[  255.793067][ T1422]  kasan_save_free_info+0x3b/0x60
[  255.794636][ T1422]  __kasan_slab_free+0x60/0x70
[  255.796150][ T1422]  kfree+0x2b4/0x4d0
[  255.797377][ T1422]  process_one_work+0x9cc/0x1b70
[  255.798923][ T1422]  worker_thread+0x6c8/0xf10
[  255.800389][ T1422]  kthread+0x3c2/0x780
[  255.801670][ T1422]  ret_from_fork+0x5d4/0x6f0
[  255.803147][ T1422]  ret_from_fork_asm+0x1a/0x30
[  255.804722][ T1422] 
[  255.805482][ T1422] Last potentially related work creation:
[  255.807240][ T1422]  kasan_save_stack+0x33/0x60
[  255.808727][ T1422]  kasan_record_aux_stack+0xa7/0xc0
[  255.810348][ T1422]  insert_work+0x36/0x230
[  255.811719][ T1422]  __queue_work+0x97e/0x1160
[  255.813189][ T1422]  queue_work_on+0x1a4/0x1f0
[  255.814626][ T1422]  release_tty+0x4de/0x5d0
[  255.816046][ T1422]  tty_release_struct+0xb7/0xe0
[  255.817565][ T1422]  tty_release+0xe2d/0x1430
[  255.818986][ T1422]  __fput+0x3ff/0xb70
[  255.820269][ T1422]  task_work_run+0x150/0x240
[  255.821716][ T1422]  exit_to_user_mode_loop+0xeb/0x110
[  255.823393][ T1422]  __do_fast_syscall_32+0x2ac/0x3a0
[  255.825042][ T1422]  do_fast_syscall_32+0x32/0x80
[  255.826574][ T1422]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.828551][ T1422] 
[  255.829307][ T1422] The buggy address belongs to the object at ffff888028d36000
[  255.829307][ T1422]  which belongs to the cache kmalloc-cg-2k of size 2048
[  255.833663][ T1422] The buggy address is located 32 bytes inside of
[  255.833663][ T1422]  freed 2048-byte region [ffff888028d36000, ffff888028d36800)
[  255.837828][ T1422] 
[  255.838601][ T1422] The buggy address belongs to the physical page:
[  255.840590][ T1422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888028d33000 pfn:0x28d30
[  255.843693][ T1422] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  255.846292][ T1422] memcg:ffff888023d56181
[  255.847613][ T1422] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  255.850071][ T1422] page_type: f5(slab)
[  255.851323][ T1422] raw: 00fff00000000040 ffff88801b84c140 0000000000000000 dead000000000001
[  255.854011][ T1422] raw: ffff888028d33000 0000000000080005 00000000f5000000 ffff888023d56181
[  255.856659][ T1422] head: 00fff00000000040 ffff88801b84c140 0000000000000000 dead000000000001
[  255.859288][ T1422] head: ffff888028d33000 0000000000080005 00000000f5000000 ffff888023d56181
[  255.861945][ T1422] head: 00fff00000000003 ffffea0000a34c01 00000000ffffffff 00000000ffffffff
[  255.864604][ T1422] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  255.867225][ T1422] page dumped because: kasan: bad access detected
[  255.869170][ T1422] page_owner tracks the page as allocated
[  255.870895][ T1422] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 10934, tgid 10929 (syz.3.1353), ts 203420437735, free_ts 203298443394
[  255.877407][ T1422]  post_alloc_hook+0x1c0/0x230
[  255.878899][ T1422]  get_page_from_freelist+0x132b/0x38e0
[  255.880639][ T1422]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  255.882496][ T1422]  alloc_pages_mpol+0x1fb/0x550
[  255.884036][ T1422]  new_slab+0x247/0x330
[  255.885346][ T1422]  ___slab_alloc+0xcf2/0x1740
[  255.886808][ T1422]  __slab_alloc.constprop.0+0x56/0xb0
[  255.888487][ T1422]  __kmalloc_cache_noprof+0xfb/0x3e0
[  255.890139][ T1422]  copy_verifier_state+0xbad/0xfb0
[  255.891778][ T1422]  push_stack+0x1ca/0x370
[  255.893161][ T1422]  check_cond_jmp_op+0xaf1/0x72d0
[  255.894732][ T1422]  do_check_common+0xa13e/0xb410
[  255.896299][ T1422]  bpf_check+0x8763/0xc4d0
[  255.897695][ T1422]  bpf_prog_load+0xe41/0x2490
[  255.899171][ T1422]  __sys_bpf+0x4a3f/0x4de0
[  255.900603][ T1422]  __ia32_sys_bpf+0x76/0xe0
[  255.902038][ T1422] page last free pid 10934 tgid 10929 stack trace:
[  255.904070][ T1422]  __free_frozen_pages+0x7d5/0x10f0
[  255.905699][ T1422]  __put_partials+0x165/0x1c0
[  255.907172][ T1422]  qlist_free_all+0x4d/0x120
[  255.908630][ T1422]  kasan_quarantine_reduce+0x195/0x1e0
[  255.910321][ T1422]  __kasan_krealloc+0x14a/0x1a0
[  255.911875][ T1422]  krealloc_noprof+0x19f/0x3a0
[  255.913360][ T1422]  push_jmp_history+0x2fa/0x790
[  255.914854][ T1422]  do_check_common+0xc52/0xb410
[  255.916211][ T1422]  bpf_check+0x8763/0xc4d0
[  255.917487][ T1422]  bpf_prog_load+0xe41/0x2490
[  255.918947][ T1422]  __sys_bpf+0x4a3f/0x4de0
[  255.920369][ T1422]  __ia32_sys_bpf+0x76/0xe0
[  255.921794][ T1422]  __do_fast_syscall_32+0x7c/0x3a0
[  255.923413][ T1422]  do_fast_syscall_32+0x32/0x80
[  255.924971][ T1422]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.926930][ T1422] 
[  255.927712][ T1422] Memory state around the buggy address:
[  255.929438][ T1422]  ffff888028d35f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  255.931935][ T1422]  ffff888028d35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  255.934403][ T1422] >ffff888028d36000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  255.936883][ T1422]                                ^
[  255.938480][ T1422]  ffff888028d36080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  255.940967][ T1422]  ffff888028d36100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  255.943451][ T1422] ==================================================================
[  255.945998][ T1422] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  255.948262][ T1422] CPU: 0 UID: 0 PID: 1422 Comm: aoe_tx0 Not tainted 6.17.0-rc1-syzkaller-00116-gd7ee5bdce789 #0 PREEMPT(full) 
[  255.951824][ T1422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.955099][ T1422] Call Trace:
[  255.956172][ T1422]  <TASK>
[  255.957102][ T1422]  dump_stack_lvl+0x3d/0x1f0
[  255.958552][ T1422]  vpanic+0x6e8/0x7a0
[  255.959833][ T1422]  ? __pfx_vpanic+0x10/0x10
[  255.961265][ T1422]  ? handle_tx+0x5a5/0x630
[  255.962685][ T1422]  panic+0xca/0xd0
[  255.963888][ T1422]  ? __pfx_panic+0x10/0x10
[  255.965303][ T1422]  ? check_panic_on_warn+0x1f/0xb0
[  255.966898][ T1422]  check_panic_on_warn+0xab/0xb0
[  255.968469][ T1422]  end_report+0x107/0x170
[  255.969804][ T1422]  kasan_report+0xee/0x110
[  255.971182][ T1422]  ? handle_tx+0x5a5/0x630
[  255.972628][ T1422]  handle_tx+0x5a5/0x630
[  255.973989][ T1422]  dev_hard_start_xmit+0x97/0x740
[  255.975558][ T1422]  __dev_queue_xmit+0xa46/0x4490
[  255.977133][ T1422]  ? lockdep_hardirqs_on+0x7c/0x110
[  255.978753][ T1422]  ? finish_task_switch.isra.0+0x221/0xc10
[  255.980585][ T1422]  ? rcu_is_watching+0x12/0xc0
[  255.982104][ T1422]  ? __pfx___dev_queue_xmit+0x10/0x10
[  255.983805][ T1422]  ? __schedule+0x11a3/0x5de0
[  255.985293][ T1422]  ? __lock_acquire+0xb97/0x1ce0
[  255.986843][ T1422]  ? do_raw_spin_lock+0x12c/0x2b0
[  255.988437][ T1422]  ? find_held_lock+0x2b/0x80
[  255.989909][ T1422]  ? skb_dequeue+0x126/0x180
[  255.991355][ T1422]  ? find_held_lock+0x2b/0x80
[  255.992867][ T1422]  ? rcu_is_watching+0x12/0xc0
[  255.994361][ T1422]  tx+0xcc/0x190
[  255.995491][ T1422]  ? __pfx_tx+0x10/0x10
[  255.997160][ T1422]  kthread+0x1e1/0x3e0
[  255.998494][ T1422]  ? find_held_lock+0x2b/0x80
[  256.000000][ T1422]  ? __pfx_kthread+0x10/0x10
[  256.001470][ T1422]  ? __pfx_default_wake_function+0x10/0x10
[  256.003316][ T1422]  ? lockdep_hardirqs_on+0x7c/0x110
[  256.004980][ T1422]  ? __kthread_parkme+0x19e/0x250
[  256.006555][ T1422]  ? __pfx_kthread+0x10/0x10
[  256.008112][ T1422]  kthread+0x3c2/0x780
[  256.009413][ T1422]  ? __pfx_kthread+0x10/0x10
[  256.010870][ T1422]  ? rcu_is_watching+0x12/0xc0
[  256.012450][ T1422]  ? __pfx_kthread+0x10/0x10
[  256.013904][ T1422]  ret_from_fork+0x5d4/0x6f0
[  256.015362][ T1422]  ? __pfx_kthread+0x10/0x10
[  256.016849][ T1422]  ret_from_fork_asm+0x1a/0x30
[  256.018346][ T1422]  </TASK>
[  256.019966][ T1422] Kernel Offset: disabled
[  256.021314][ T1422] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:23:27  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85614085 RDI=ffffffff9b0f6600 RBP=ffffffff9b0f65c0 RSP=ffffc90007bef458
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000061 R14=ffffffff9b0f65c0 R15=ffffffff85614020
RIP=ffffffff856140af RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f7580371368 CR3=00000000699bb000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000c62945 RBX=0000000000000001 RCX=ffffffff8b905bf9 RDX=0000000000000000
RSI=ffffffff8de4bb66 RDI=ffffffff8c162980 RBP=ffffed1003a5a488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000000
R12=0000000000000001 R13=ffff88801d2d2440 R14=ffffffff90ab6e90 R15=0000000000000000
RIP=ffffffff8b90475f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5079da4 CR3=00000000712c8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000003 RCX=0000000000000002 RDX=ffff888020728000
RSI=ffffffff816a0d21 RDI=ffffffff8c162980 RBP=ffff8880256b3140 RSP=ffffc90003bdf6a8
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff90ab6e97 R11=0000000000000000
R12=0000000000000003 R13=0000000000000003 R14=ffff88802b43b3c0 R15=ffffed1004ad6628
RIP=ffffffff8b90475f RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000323fcffc CR3=00000000761ad000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000003bee3d RBX=0000000000000003 RCX=ffffffff8b905bf9 RDX=0000000000000000
RSI=ffffffff8de4bb66 RDI=ffffffff8c162980 RBP=ffffed1003a5f000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000000
R12=0000000000000003 R13=ffff88801d2f8000 R14=ffffffff90ab6e90 R15=0000000000000000
RIP=ffffffff8b90475f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080e98000 CR3=00000000652fc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000