last executing test programs:

2m46.964997988s ago: executing program 1 (id=865):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, 0x0, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x2300, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)

2m46.104092235s ago: executing program 1 (id=871):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000280)={0x10, 0x2}, 0x18, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDCTL_SEQ_SYNC(r0, 0x5101)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r2 = add_key$user(0x0, &(0x7f0000000000), 0x0, 0x0, 0xfffffffffffffffe)
keyctl$read(0xb, r2, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
r4 = socket(0x10, 0x3, 0x0)
fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x48}}, 0x4084)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1}, './cgroup.cpu/cgroup.procs\x00'})
r5 = io_uring_setup(0x3eae, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0), 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r6, 0x30)

2m45.414944292s ago: executing program 1 (id=873):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000e40), 0x40080, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000280)={0x3, 0x0, 0xfdfdffff, 0xff600000})
munlockall()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
mmap$IORING_OFF_CQ_RING(&(0x7f0000696000/0x12000)=nil, 0x12000, 0x2000001, 0x80010, r4, 0x8000000)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x1}, 0x1c)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000180))
ioctl$TCSETS(r6, 0xc0384707, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a}, 0x94)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000000c0)=0x1)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "fe94b89fc43c3328eae0cae1f5eba329e6f216"})

2m45.094726517s ago: executing program 1 (id=877):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0x6, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="041706004f00000001ca3c1bdd785630277068d487c54be1aa5429015449e856e51f69b4cd946872f98e9f17079f5045cff33862c2813c70385ff8e19fa83a90acd90ab4c4eab4cdf6050296de962acd"], 0x9)
openat$uhid(0xffffff9c, &(0x7f0000000040), 0x802, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000180))
write$dsp(r2, &(0x7f0000000200)="dce480febb0ccd0bcb66ade3495e87b440e5afdc984cc06eb1c91c85a7fec04b2f82e267c1edd1543b79d80c0f949073bd", 0x31)
write$dsp(r2, &(0x7f0000000080)="cd", 0x1)
ioctl$SNDCTL_DSP_SYNC(r2, 0x5001, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000100))
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000400)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)

2m44.244834217s ago: executing program 1 (id=880):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f00000004c0)={0x50, 0x0, 0x0, {0x7, 0x9}}, 0x50)
chown(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400048c0}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val, @void, @void, @void, @void, @void, @void}, 0x2e)
nanosleep(0x0, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
r4 = syz_open_procfs(0x0, &(0x7f0000000600)='attr\x00')
move_mount(r4, 0x0, r4, 0x0, 0x261)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, 0x0, 0x0)

2m43.704818302s ago: executing program 1 (id=884):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x6)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000000000000}, 0x1})
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, 0x0, &(0x7f00000003c0)=0x3e)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x8a2b01)
r4 = openat$fb0(0xffffff9c, &(0x7f00000001c0), 0x105000, 0x0)
ioctl$FBIOGETCMAP(r4, 0x4604, &(0x7f0000000340)={0x7, 0x1, &(0x7f0000000200)=[0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$EVIOCGKEYCODE(r3, 0x80084504, 0x0)
r5 = openat$vcs(0xffffff9c, &(0x7f0000000140), 0x402, 0x0)
pidfd_getfd(r5, r0, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
connect$tipc(r6, &(0x7f0000000080)=@id={0x1e, 0x3, 0x2, {0x4e22}}, 0x10)
bind$tipc(r6, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x4000000}}, 0x10)
r7 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r7, 0x10f, 0x81, 0x0, 0x0)
sendmsg$tipc(r7, &(0x7f0000000240)={&(0x7f0000000180)=@name={0x1e, 0x2, 0x0, {{0x40}, 0x200}}, 0x10, 0x0}, 0x20001)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r8=>0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r5, 0xc0186405, &(0x7f0000000500)={0x8, 0xfffeffff, {}, {<r9=>0xffffffffffffffff}, 0x0, 0x3})
fstat(r1, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
mount$9p_fd(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000400), 0x840, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@access_uid={'access', 0x3d, r8}}, {@cache_mmap}, {@version_9p2000}, {@version_9p2000}, {@cache_fscache}, {@loose}, {@debug={'debug', 0x3d, 0xd}}], [{@obj_user={'obj_user', 0x3d, '/dev/vcs\x00'}}, {@fowner_gt={'fowner>', r9}}, {@subj_user={'subj_user', 0x3d, '}'}}, {@uid_lt={'uid<', r10}}, {@appraise}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@flag='nolazytime'}]}})
ioctl$EVIOCGID(r3, 0x80084502, &(0x7f0000000040)=""/165)

2m28.536639839s ago: executing program 32 (id=884):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x6)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000000000000}, 0x1})
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, 0x0, &(0x7f00000003c0)=0x3e)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x8a2b01)
r4 = openat$fb0(0xffffff9c, &(0x7f00000001c0), 0x105000, 0x0)
ioctl$FBIOGETCMAP(r4, 0x4604, &(0x7f0000000340)={0x7, 0x1, &(0x7f0000000200)=[0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$EVIOCGKEYCODE(r3, 0x80084504, 0x0)
r5 = openat$vcs(0xffffff9c, &(0x7f0000000140), 0x402, 0x0)
pidfd_getfd(r5, r0, 0x0)
r6 = socket$tipc(0x1e, 0x5, 0x0)
connect$tipc(r6, &(0x7f0000000080)=@id={0x1e, 0x3, 0x2, {0x4e22}}, 0x10)
bind$tipc(r6, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x4000000}}, 0x10)
r7 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r7, 0x10f, 0x81, 0x0, 0x0)
sendmsg$tipc(r7, &(0x7f0000000240)={&(0x7f0000000180)=@name={0x1e, 0x2, 0x0, {{0x40}, 0x200}}, 0x10, 0x0}, 0x20001)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r8=>0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r5, 0xc0186405, &(0x7f0000000500)={0x8, 0xfffeffff, {}, {<r9=>0xffffffffffffffff}, 0x0, 0x3})
fstat(r1, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
mount$9p_fd(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000400), 0x840, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@access_uid={'access', 0x3d, r8}}, {@cache_mmap}, {@version_9p2000}, {@version_9p2000}, {@cache_fscache}, {@loose}, {@debug={'debug', 0x3d, 0xd}}], [{@obj_user={'obj_user', 0x3d, '/dev/vcs\x00'}}, {@fowner_gt={'fowner>', r9}}, {@subj_user={'subj_user', 0x3d, '}'}}, {@uid_lt={'uid<', r10}}, {@appraise}, {@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@flag='nolazytime'}]}})
ioctl$EVIOCGID(r3, 0x80084502, &(0x7f0000000040)=""/165)

9.02302326s ago: executing program 2 (id=1956):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x1e2e81)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, &(0x7f0000000100)={0x80, 0x1, 'client0\x00', 0xffffffff80000004, "00000000ffffffe3", "e4a18560d99f00", 0x800000, 0xfffffffc})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@newtaction={0x18, 0x30, 0x53b, 0x70bd2b, 0x0, {0x9}, [{0x4}]}, 0x18}}, 0x0)
r2 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000040)={@multicast1, @local, @loopback}, 0xc)
getsockopt$inet_buf(r2, 0x0, 0x29, &(0x7f0000000040)=""/185, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
accept4(r3, 0x0, 0x0, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r6 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
mq_open(&(0x7f0000000780)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x136, 0x0)
r7 = syz_usb_connect(0x1, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r7)

5.97324091s ago: executing program 2 (id=1963):
setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000040)=0x2, 0x4)
sendmsg$802154_dgram(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f0000000080)={0x0}, 0x1, 0x7f00, 0x0, 0x20044005}, 0x4000010)

5.912859953s ago: executing program 2 (id=1964):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x12, r2, 0x100000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RMKDIR(r0, &(0x7f0000000240)={0x14, 0x49, 0x2, {0x40, 0x3, 0x1}}, 0x14)
write$char_usb(r0, &(0x7f0000002600)="b56511e72c6cba780ce701ed0b2db27a336692892a6491e2488652ff00c468d353d809d5b20d8ee0f9fefa6cd7bd1036ed25f0e37053d291887c707a892884c2b4aa2ebac156ef8288264449eea05c4f51c3bb4355eb108744fe34e5d0e851d51a855854135f04dd5d854459226f090b6f0d6135e8f2824eed7469236cad2251116a381d8cd30bae59c1fe71e028a667cb910d523aa5d7208286755075ee8be937304cca20e234303df72ad4e2bdc71219456229460a7c6a2df61e8b21b4a4941dcba5c257b90bbf0a976a73973319258ad7f738c04dfbdee4ea0e1b77a909a154fd934f791ebea03db6f06c8f14bc40924e46cbb9b343f25d63f332f9b3f176601f842a4e40401cbc62ee7803c3a2d71f3878f61d8fb8cb5ee90a696b22fb97bbdfd36af05c2e34dfb3d380ae7bc701053b9009d654d84f04c851b311341efcec16ef3d5c8a7e8af494068dbad55bfa7b7bf4475ceb03a6f4ef11ce14652dc36f279671b7184586c7aab57d50ca23deaeeeaebc2ed024d91f399c84834e7802ad28b6ffec7ed089e8af35d15f2713e70ce55b3f60b9c002496e110c3a68e4c01faf901df4e39d007bf99f3a2d2e33c58b92b961937060a92ab6347995c09eb6a363092e3a45b68bd5e734d43b0bc98070d66c8d03490897a7d05e894da6d92c46cb1d961d11a7d1cd9d3c437c07e9f090690d2b344a93fdc5d7276b74231f1ad050024359e7a73ee913e9a7eba72f23482de94c572d07491328ca363762c44ddcdb1623ec6d639b368d407ffafbb265de19bd5e52ec86c12167dfe2a3de629af1d66612c3f313e07a301d8378fc6eb551196b51680d1194d682ff6cdbb0f811608d6321b41664108ef6dd1dfcc7df602901b0c0d549fb8d0c1aa9b542b99d76b6b8c360c9bcb01ed819a57441948465279d0b2652be1058065929bffae3e9c8923ba01c954f3c49298db8ffad96b73684daf2e608046be2ffb0de70237e044d4be3e6ccc1984ebd2f6e0f57e99fcb0ec30598f121bd93a4003e0ba0815e5ddbeba9f3f8600ef86258a5423fb1f30da5be531e573bf5322a5842eeb23107f02021dc332e0e687bd1f4f0ac09293c3638603279484dd552d534089e0b5b903c4ceeedef410662ec12e17e9b616950874e24d313d770e84b488544a8b829039d06637269367c108dc37712d46ef6601ef4e937a120c607e570446d6216366a72ced5d543ba92a929cef7c4fb03307e88174ad88381b16de1c3f9985f483ff75e9b40fc6ba11d037dda41df9a583009baa3b246c19ab5a20cb4e62accb7a86090717c17db68b0d14905ed0ce6e49555de65448782fc0899f631393b5ccd65da59265d1b4ba9ff4d8a328cb42d2e3a465db23cfa9f159ce5716df7ccf393a561a1783679048570f2467c5336106bc8954569c047e854b2211141d169b27ca796b42c544f70123bd9f6ae23f87d1be164cd7bb2da3dc79e6f12a687296942c9c8f2d99b6961b48e046028bd69dcda162510ad235b7bf28a0ff994e23f08e807437dcd1a426a31e818b918e5c28725bf12f42d6f719d9d81100e529b9f7e4891167aef44ec7afa086e46cf832d144ebe668dbafcbf229be799f33df6c1fb3365f4cb64f360fb70ee140818503a185a44f15d3db5fd5abe8ea3c59f4120c23d3792a4ac791959858dc88286e403ad45b31716e28be7684375c2651f88ed78c2948d673ef2a8a937136ca9842717585894453a83280edc21f3fadb974c36696fe7d8bd136a005a69d14d034a869c4035282ac7c91642a05743814b4cd57df50a4eb15dd7a561637ea4ef6b3bcf89695f125fcd390746357917a6bcf55e0268a09ae5b1195f99a7fe5fec2d4115978052e195d7b5df345b827121a86166c9095e387301fc561654db0183715239247eb9dc15e83c20389aa6271b42125bd475b82db032150aa39fab06fde1034347a8a884c74edb21be34c8cf5b437ad7223970defbb27ca8eb0029fdd4acd4bc92236584ed42f03706376c583a5c8e5cf9f2415ee1f8c1b01f34d7cf1b673db2158eb99d55878ee41b391f8d7339c6f3471ae4af25e5ecb8cea2fbed9f915ce483f1a9411ca5b21776295aa4f52fa31d875f9850f3e07b8093b0f92570d41d77e68e9a79a27b6f5a2c9a100cde02ea745353e996b99b43e0f1aa51288d863859bc618a602c17a15e285e6c189a21a4762b57ce396c852a5453f035c7a2d849a98c30a2e7f797ed13ffae44e4d15a240d092a25b4820e0d2fe3b9cb74b89efc977634d1f37eddc1433f6b06fd13c543bceca1254f91413d8b914bd67f1dca660ad8ef561dfb2ce5f0486b3e1a19a3682dad8a727177a1ea448273c3cd308300e3b4fc4f96efa8d6d723de8b38f7688e13c47b2aa801ba5c33a138208412524250e41eb253520f68324dbdb5e7de6e02dc315e20cf1844cc7a5f15428dd342bcf40895d94b3de0e1acdb698a94e0dd881edfb7569d0c81981213e7186eac0d80dd35e1a48aad319678db523e9cea10163e3924c52d1d4ff589b3b228d98e64e6ee22990600ac9b272b483520148dac0e26d27ef618c86b0a49075f71d8c21e49bbcf83eb1374f0ad393074e32fa33a257f13fb187ba40b02ee6e688092e81ce0c04e3e53507b4b244fcf3afd4dbf05747a8c81828351558223a7bd0ff6684e94cd264bb3841cca4983c10b627c3c13286872798a3bce148b7f9847cb2b485bb900ad006b08482c801e9f05e5e57591e9c9ed1235c397ebffec2bffdf0eaa4aa2b3927e583f913edb95ce47603bc725ad16c59c4b638668190bd1f9c4b2c9e1b14a85d9e3e81ef3668baf27e59dd14d1ade2d7873d4feb989cdac04675f40b59a1a41453b44e0fdb89f4a7f3f52cb3a6a79d0763f85826fe1b5acb3215a0328c32ccdf2c21bb4ab3310c2d33f9b1255582e0807492ce59953f6cd4422bfa5ea9192177bbf13bd7a83807362036708653bd01b67d3def4ef7041ea29995404c0b10b0eae74bbf614652f887f755e94d390341437d50cecbf2c16fa21638ad3f85f30db17e1af9bf2b4aa8113d6a9170dc4c024f484200a471e9c73f6d2055585bdb499156081d3bc288a2ddd2b9d856c69c22ad3b4ee16555c64d86b7a9d83722860fdbf06b3a1592f3e5832fdf2d3ee078e54b7cee981cec96de0a4c77e052d2f86061cba468f6c5861771014dd56320f5fd4f84b5a890838e9fe72f41620d131cfdb7d0e627dd490acab383d5fc8cfc95e966ced3dfe3d315ad76a0452a50e8b4e9882ca9294eaa12f73629affc90505f48aedc1da6081259226056012decf4a60c3e252860cc7452e6058d8029d2d0971496e19cc94558c96678bd1b074894271b2bff2810f8a684c9329c584641bfeeb2fd4db920aec9d18e1b05803c37bc1b3cd1b3782a713ea754b1a35f137e21e31afd230aa1ba53cbc0af2ec98c860c993441007f910b8814e115725753f7a05d0b0b290048dd6aa97f3ae6f14b9652db8017e23303a3aa52c9fd5b83aa3f8ecb5e280425709237cd6fc6728664168bb2dda083ceab3ca528a78432104912e96a2ff9057885b1aebf1a8423b5c390f32bc5f3f0093870a27d8eee3576aa70a9b1ee21041a64e7dc0bbac8b46e7aa6a825bddeeab7f7bdad2ffa238a6cc77532551ebe4e650faadf67328371563e17b508ace6ed5dfcec60cd4b90ca23260f8ae78d937b7503f9595f233c7b719b837484bb684b2f9ca4df4d716a7de9ceadf0212e7f24574f1f14015ffb583c9ad2747cbddf2f0903d3dfc60eb204c6b581ba9caba16471d1bfb09b8b96ddadadcc97435ad6fe5ed249e25b01e0d5af5fe0430e4fb18eefce981fa6c78abab2a35f186137f256d8719f2053316680c03e7499941efd68a0ff066519f4d02608c320228c8cdc42fde4abecefde9d2113f730529e0215f284732d267c6804a49778a4ee32fb860122b4584a519ced4dfc0c8a3d25d90142d16e9e36eff436881dbddd06b99dee8c4e2ff7dbc19edaa7e1ad5b1f9d713abd72d4e4547b3a46ab6acfaa7d92b6da52b75bd530f6d833d156b95f1da248219c85fe807af0a47ae22c20392c889f5e89a3524cf42412a70277fe98196deb7a4c2b136fba8cc411afa84ab762d9b95b284d95f9220b3789ab54dcfb21cd2b99fcd501263cf23654c332a3aa37c6dac0c9c54e5602a691192707708e53abea4c63b7943b1348d3cf0bdce7e4076e3a4ed9afe8651cd8e953e30104534dcb6e85ab77773b60be7e46f6cd07ea8fc675d27593223dadb9cba83f3976e5133d79afd6e4a83877bd8f0d56bd99f3d996df0295838ffb421781da6c088f18f1f94e149659f02f01b99c73de89826f65bd3dbb44468518e0f0dd5fca324d3c9864d192040cd067b54b8801610bf8391ded4df50968bf7a0d0c0f7c56f47da904ad9bcc52e8690a844b7b0be9a4e7bc8ae396382ad4f6910df9eee9f19cacd9fb0aa9a378ee8b2e58befcd7158d1ea6cdc73cc63233d8c09fb4a04e7e672d7d0c7187f7b027e87560649eb8dfe97c81f3dea408f7f9c171e38892f077e9423e91b55a4635ddbea7b535d31c8ab28ae5030f04356bf05c737884a351a8da8ae81535ed5e9628befc767cd431907dd388c00b9a8d8ebf5b57017f70830dac5eb2872b77da544742d2c93940a945ed060e387e14680ea92e9a93799e64aca69ded0219486df2541b9fa209923c8d0f57978a39eba4fd17e9108243101d441cfe2c0374aaa65c434cea22e5d103588d526fc92531249ff8b8cd4783d8b915584c5ac71ff330797c85d5f66510a403cf996bec00239cef1730a35c1138b8f7f63f14e253e4d91999632d80f23076f7af79a38388e935e198d666efe799a4b8c2d82e443f01ea4907183d3bc9fb5bb94e119b1fb34beaaf1c0d296c4898600f99488a243c00309ee68a3c7297f3851ca8226eb72103d3e9981ab2dbc7dce584795aa452ee7950508f6016f04c965309f381edb1ce91059c3c21e0f7adf67f966d690545fb9597529fd5885937c433c5a156867951fc419f92ad55795a4267b0c66b59ba22ba782f92d431e37748aa41949a954b3c68120ddac938788b6d753d9152a562f8bf972c744359def08a16da4c077df2795710397e70faa3fe8e004ccf7275ad42d518094821207ad6813f66bf5c15e1a61298b3f977d7fd783f7cac82e88b652a14b9f6df36425cf89507428a6594d2200f392faea2542e6e51faa934ec1218652afd32c1f09ba277f8faa0b0fbf60b82340b42f88115394b36524026e71638bb7faec318168164e7448214f755c36dba743b15858788365171e521b9722d7950d48cb274b67361c89ef262a320186b8fb4ab84394fffdba09b14ca27608e6f49b6513d84a182459666d66902ef5cd3fa048d811401b910fc284c2d07dfe83bd398321f5e4a528b5c76dd2a4bbb7e68ce5826788c065cc686c8e174cc7cafdb289b0e4accd73fb54cccfdf3111a22a0fd764e5677cb54c94f7387b3290e8ea96a43ab678c514a33f497c3ed42ddaae3b1bad3c137d2b4aa193b2de5f4ac6e3f2a1404fcdf9919e18fb4cc8c042a72b550cf01d1dfffb8857d05d92430a669197cd66b7c7c88c539ff61aa880b94b5375989bae5fb8f381f8b211e52fd1bc3060eb2ad77d8de778a49ef3a21d992d3166c586eb5f3bb72a29da04c88441c381752939dc478b3088a66c869949b6d05a66286c61598dba66afb6d57b53ad164476d69fdb2ac668bb9c6fc4452dbb28041bb24556", 0xfeb)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0xfff], 0x0, 0x0, 0x1}}, 0x40)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x8, 0x80, 0x2, 0x2, 0x39e1, 0x2, 0x4000006}, 0x1c)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
io_setup(0x4006, &(0x7f0000000540)=<r6=>0x0)
r7 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
io_submit(r6, 0x1, &(0x7f0000000180)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x1, r7, 0x0, 0x0, 0x2a21}])
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_TIOCOUTQ(r8, 0x5411, &(0x7f0000000200))
ioctl$TUNSETIFF(r5, 0x400454ca, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, 0x0, 0x80)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, &(0x7f0000000180)={0x1, @vbi={0x0, 0x0, 0xa0363159, 0x0, [0x0, 0x7], [0x6]}})
write$tun(r5, 0x0, 0x32)

4.820637019s ago: executing program 2 (id=1968):
r0 = fsopen(&(0x7f0000000100)='ceph\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r2, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$6lowpan_control(r3, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
mkdir(0x0, 0x5)
r4 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='source', &(0x7f0000000000)='::,\n-&\xf5\xcc\xd7\x06f\xcdY\xb9\xc7\x9d\xb2a\r\xd7\xef\xc5\x112i\x88\n\x13.\xd6\xfa\xd5?\xc7\xfd&\x8d*\xbb\xa7&,\xe9\xa3\'\x91>C\x1b\x15\x87\xeb\xfe\x1c\x9d\\C\xfeI\'\xae\x8fKHq\x89\x83\xbb\x9dC\xd6Hy\x04\xa4\xb6\x88\xdb\xa1b\xae\xa7\x87\xcc\xc7\xa4\xdc\n:///\x00\x00\x00\x85^\x00\x0f\bu\x01\xab\x8c\x95?\x90\x8d_r\xe7\r\'-06,\xff\x84x\'+\xd5\xd4?[e\x19\xa3\\J\xe9\x8a\xb9\xe4r\x93\xb3\xd3J \x06\x03\xae', 0xfeffffff00000000)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @exthdr={{0xb}, @void}}]}]}], {0x14}}, 0x68}}, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)

4.563364351s ago: executing program 3 (id=1973):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x3f, 0x40, 0x42}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x1003, r0}, 0x38)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x56fbc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001640)={0x11, 0x19, &(0x7f0000001740)=ANY=[@ANYBLOB="180800000600000000000000000000008510"], &(0x7f0000000000)='GPL\x00', 0xa, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffd81}, 0x94)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x1)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003340)=[{{0x0, 0xfffffffffffffed1, &(0x7f0000000280)=[{&(0x7f0000000600)='4', 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="70dd00000100000001001000"], 0x10, 0x40}}], 0x1, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x39011, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={<r5=>0x0, 0x0, &(0x7f0000000080)}, &(0x7f0000000240)=0xc)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x7a, &(0x7f0000000340)={r5, @in6={{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, &(0x7f0000000040)=0x84)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
open(&(0x7f0000000000)='./file0\x00', 0x707542, 0x1)
unlink(&(0x7f0000000080)='./file0\x00')
mknod(&(0x7f0000000180)='./file0\x00', 0x4, 0x4) (fail_nth: 1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a32000000008c000000060a010400000000000000000100000008000b400000000064000480340001800b000100657874686472000824000280080001400000000c0800034000000000080004400000002205000200070000002c0001800c00010062697477697365001c0002800800034000000004080001400000001408000240000000f50900010073797a3000000000140000001100010000000000000000000700000a"], 0x100}}, 0x0)

4.223248906s ago: executing program 0 (id=1974):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x11, 0x3, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000600)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000d40)={0x1a8, 0x0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x40}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}]}, @TIPC_NLA_MEDIA={0x9c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x87d5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x89}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8739}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7ff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x200}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffb}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_BEARER={0xb0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x12}}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0xbb18, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}}}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xb99}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x6, @private1, 0x10}}}}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xd}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x21}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffffd}]}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x80}, 0x90)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0xef4, &(0x7f0000000300)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r5}, &(0x7f0000000140)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r6, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0xffffffffffffffda, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0xf0b, 0xfffffffe, 0xffffff, {0x0, 0x0, 0x12, 0x0, {0x0, 0xffff}, {0x7, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x401, 0x2, 0x4f398c9a, 0x2000, 0x5, 0xfffffffc, 0xfffffffe, 0x8}}}}]}, 0x58}, 0x1, 0x7a00}, 0x4000000)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
r9 = syz_open_dev$usbmon(&(0x7f0000000000), 0x1, 0x0)
ioctl$MON_IOCX_GET(r9, 0x400c9206, &(0x7f0000000080)={0x0, 0x0})
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0)

3.683305306s ago: executing program 3 (id=1976):
epoll_create1(0x0)
socket$unix(0x1, 0x1, 0x0)
r0 = syz_clone(0x1222080, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @vbi={0x3, 0x80000001, 0x1, 0x393a3941, [0x2, 0xfffffffb], [0x9e, 0x2], 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$inet(0xa, 0x801, 0x84)
listen(r2, 0x8)
r3 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r3, 0x48e9, 0x0, 0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendto$inet6(r8, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)
fcntl$setown(r1, 0x8, r0)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000340)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e21, 0x9, @remote, 0xd}, 0x1c)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan0\x00'})
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
syz_usb_connect$uac1(0x0, 0xad, 0x0, 0x0)

3.366390875s ago: executing program 0 (id=1977):
pipe2$9p(0x0, 0x80000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000040)={0x2, r2})
r3 = getpid()
syz_pidfd_open(r3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

3.274848336s ago: executing program 0 (id=1980):
r0 = socket(0x10, 0x3, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f0000000400)={0x200, 0x9, {<r1=>0xffffffffffffffff}, {0xee00}, 0x80, 0x8000})
ptrace$setregs(0xf, r1, 0x8, &(0x7f0000000440)="6fe6fa798c277a8203292e3acc00e803cb047b59dd31fe7dfa4bff4f8e70186688c2498f86a5f6a3575384711ff379b321eb865bd39e7cc75ce9c218f8f4aaf8a992613cf1d40af27849002d7ced4d9e539842f079acde673f22e0951a6b7ba5d0ab21214542f7e8aa1569ec85a34451f7c370f0f106e47be1d55344ae483106766a61")
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYRES16=0x0, @ANYRES32=r0], 0x4c}}, 0x40010)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0xfc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r2=>0x0})
sendmsg(r0, &(0x7f00000003c0)={&(0x7f0000000100)=@can={0x1d, r2}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000080)="7979fe5913b6a763978fc8df211f7501a6e23de0211bf657a67d833923e93b9a932de5e0fdfa9c62d3108c7b910ca6", 0x2f}, {&(0x7f0000000180)="7e66be23be8a48cdf6e838fc836023287ebfab474e5ff101dc1f264cdb71f410b133aa45af3b1e4481887b99a6f04ca402027299ede37aaac3fa35db1fdc48c95b901d0381f14331d305e8010b067e2a882a887a6e75cf68915c3a3b40e7e3bd25e3cec1e703907f0b93eb6d361dfa2d251b8aa1aa49cef83e3bc1a976f4d167c5bbc5cab624cb0c9ff77ad144f2a27345c7039c654c7eb92e8f5778233ed704b3a2cb39d3601706ed63d954917a2bed26cc0c757b4670a83a202100d6b30828a8fb4c4a72bab0631e86df8a483442bbc4662e5638637e89c333acb97aecab569a2c3a", 0xe3}, {&(0x7f0000000280)="9d42922d6e7327c0963f35f5c4e97a5d7daf", 0x12}, {&(0x7f00000002c0)="43a749802305747401c08174596dd78717f53c4ec91e2aa769b0c0b7924281a4cbd18551345d61bf242ab9c7a783d72e55aca2333ed15ebcc94508d7997a938cc255943217f7b05b47bf50af7643fd4bb6aa1caf152f2adfc94f75f99174e2e3deffb7175bc0345670ba2045251baa0c3821593b51f9ffa2bba42c6e688a4ad4f088ae41abd5971892efb6114522683951fe91498512d80436f46afd3bd8a1ccc9b327e360ab3fd76688a838dc6c21fb43e74b3613e73bc58bd2d97e20fb", 0xbe}], 0x4}, 0x2000c844)

3.22343796s ago: executing program 0 (id=1981):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, 0x0, 0x0)
sendmsg$802154_dgram(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f0000000080)={0x0}, 0x1, 0x7f00, 0x0, 0x20044005}, 0x4000010)

3.22284994s ago: executing program 0 (id=1982):
r0 = fsopen(&(0x7f0000000100)='ceph\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r2, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$6lowpan_control(r3, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
mkdir(0x0, 0x5)
r4 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='source', &(0x7f0000000000)='::,\n-&\xf5\xcc\xd7\x06f\xcdY\xb9\xc7\x9d\xb2a\r\xd7\xef\xc5\x112i\x88\n\x13.\xd6\xfa\xd5?\xc7\xfd&\x8d*\xbb\xa7&,\xe9\xa3\'\x91>C\x1b\x15\x87\xeb\xfe\x1c\x9d\\C\xfeI\'\xae\x8fKHq\x89\x83\xbb\x9dC\xd6Hy\x04\xa4\xb6\x88\xdb\xa1b\xae\xa7\x87\xcc\xc7\xa4\xdc\n:///\x00\x00\x00\x85^\x00\x0f\bu\x01\xab\x8c\x95?\x90\x8d_r\xe7\r\'-06,\xff\x84x\'+\xd5\xd4?[e\x19\xa3\\J\xe9\x8a\xb9\xe4r\x93\xb3\xd3J \x06\x03\xae', 0xfeffffff00000000)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x201, 0x0, 0x0, {}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @exthdr={{0xb}, @void}}]}]}], {0x14}}, 0x68}}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x900, 0x12)

2.791969521s ago: executing program 3 (id=1983):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_exit\x00', r0, 0x0, 0xbe}, 0x18)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r2, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff2f0000000000000000850000006d0000018500000008000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x48, 0x2, 0x6, 0x201, 0x0, 0x0, {0x1}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x48}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="310300fbbfdf240b00ff00000000"], 0x14}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000000)
socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
r9 = syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x1000, 0x2, 0x85, 0x0, r8}, &(0x7f0000000180)=<r10=>0x0, &(0x7f0000000440)=<r11=>0x0)
ptrace$PTRACE_GETSIGMASK(0x420a, 0x0, 0x0, 0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r7})
io_uring_enter(r9, 0x2def, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
renameat2(r2, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r1, &(0x7f0000000180)='./file1\x00', 0x4)

1.927404599s ago: executing program 3 (id=1990):
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)=[<r2=>0x0], &(0x7f00000003c0), 0x0, 0x1, 0x0, 0x0, r1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000500)={0x200, 0x1, &(0x7f0000000180)=[r1], &(0x7f00000001c0)=[0xd], &(0x7f0000000480)=[r2], &(0x7f0000000040), 0x0, 0x3f000000})

1.873385389s ago: executing program 3 (id=1991):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_open_dev$sg(0x0, 0x0, 0x38dd80)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
write$binfmt_script(r0, &(0x7f0000000440)={'#! ', './file0'}, 0xb)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x24004080)
r2 = openat$fb1(0xffffffffffffff9c, &(0x7f0000000040), 0x840, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r2, 0x4610, &(0x7f0000000180)={0x1, 0x1f00})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x7, &(0x7f0000000140)=ANY=[@ANYBLOB="580700000000000000000000000000008510000002000000"], &(0x7f0000000040)='GPL\x00', 0x2}, 0x94)
r3 = epoll_create1(0x0)
r4 = fcntl$dupfd(r3, 0x2, 0xffffffffffffffff)
bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000140)={@cgroup=r4, 0xffffffffffffffff, 0x11, 0x0, r4}, 0x14)
ioctl$SIOCX25SFACILITIES(r4, 0x89e3, &(0x7f0000000000)={0x15, 0x332, 0x6, 0xc, 0xe0f7})
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB])
chdir(&(0x7f0000000100)='./file0\x00')
r5 = open(&(0x7f0000000040)='./file0\x00', 0x80242, 0x1df2a23c5997fa7b)
write$FUSE_CREATE_OPEN(r5, &(0x7f0000000500)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0xfffffffffffffffb, 0xfffffffffedfff83, 0x3, 0x1, {0xffffffffffffffff, 0x3ff, 0x20ff, 0x7ff, 0xf7c, 0x800000000000d615, 0x3fb, 0x7fffffff, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x8ea2}}, {0x0, 0x12}}}, 0xa0)
sendfile(r5, r5, &(0x7f0000000080), 0x7f04)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)

1.721603969s ago: executing program 2 (id=1993):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=@newqdisc={0x30, 0x24, 0x800, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x10, 0xfff1}, {0xffff, 0xffff}, {0x4, 0x6}}, [@qdisc_kind_options=@q_red={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={0x1, 0x1f, &(0x7f0000000380)}, 0x10)
sendmsg$nl_route(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="740000006800010027bd7000fbdbdf250a0002000000000004000c802c000200010000000100000000000000fd0000000100000002000000010000000d000000010000000500000008000500", @ANYRESOCT, @ANYRES32=r0, @ANYRES32=r3, @ANYBLOB="1c000200020000000700000000000000030000000100086c24e545f7"], 0x74}, 0x1, 0x0, 0x0, 0x20000081}, 0x4000050)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, 0x0)
r5 = dup3(r4, r0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0xac5a5000)
r6 = socket$inet6(0xa, 0x3, 0x5)
ioctl$sock_SIOCGIFBR(r5, 0x8940, &(0x7f00000002c0)=@add_del={0x2, &(0x7f0000000240)='bond_slave_0\x00'})
r7 = socket$inet(0x2, 0x80001, 0x84)
r8 = socket$inet(0x2, 0x80001, 0x84)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r8, &(0x7f0000000180)={0x2, 0xce20, @empty}, 0x10)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r7, &(0x7f0000000180)={0x2, 0xce20, @local}, 0x10)
listen(r7, 0x3)
r9 = socket$inet(0x2, 0x80001, 0x84)
setsockopt$sock_int(r9, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r9, &(0x7f0000000180)={0x2, 0xce20, @empty}, 0x10)
listen(r9, 0x3)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
setsockopt$inet6_opts(r6, 0x29, 0x3b, &(0x7f0000000080)=@fragment={0x2d, 0x0, 0x6, 0x0, 0x0, 0xf, 0x68}, 0x8)
setsockopt$inet6_int(r6, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r6, 0x29, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1c08000000000000"], 0x8)
sendmmsg(r6, &(0x7f0000001a00)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}], 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

1.603186124s ago: executing program 2 (id=1994):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(blowfish))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
syz_open_dev$vim2m(0x0, 0x6, 0x2)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000140)={0xfffffffd, {{0xa, 0x4e22, 0xa, @dev={0xfe, 0x80, '\x00', 0x16}, 0x9}}}, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e20, 0xfd9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000001ac0)={r2, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}})
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)
sync()
write$FUSE_NOTIFY_POLL(r4, &(0x7f0000000380)={0x18, 0x6, 0x0, {0xfffffffffffffffd}}, 0x18)

996.139513ms ago: executing program 3 (id=1995):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0}, 0x94)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = memfd_create(&(0x7f0000000ac0)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x00\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<z\xebz\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL!\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xcf;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\xff\xff\xff\xff\xff\xff\xff\xff[M \xea\x03\xfd=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd\xa1`Yb&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"7{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02EL\xffI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\x9b{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x01\x80\x00\x00y\xd2~%\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x00\x00\x00\x00\x00\x00,\xb1|\x0f\"\x1dL\x10\x8e\x17D\xca\x8b\xe5\xca\xc1\xcf\xb2\xdc\xfc\x14+@\xdc\x9fXo\xd7\xc3\x1a\xfeA\xc2\x9a\xce\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfb{\xf5\xdby\x9d;;30\xa7\x94\xfdh)\xa0\"r\xa4\xf4\n\xf7\xb4\xder\xc8\xf2\xa5\xc0\x15\xc5E\xf6\x1dTB\xa2\xa6\xfbN\xb7\xed\xad\x9e\xb6\x87.\xf7=\xd3U\xf0\x1dH\x99\xe6\x97\x92g\xdf\ra\x82\xc7\x00\x92\xdfB\xb2\xac\xf3V\ve\xdd(\x85u\x04\xfcD[\xa4\b\xc8Bt_\x19\xb4\xd9\x97\tD\x8a\xa6\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0xf)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x801b013, r4, 0x0)
pread64(r4, &(0x7f000001a240)=""/102385, 0x18ff1, 0x1135)
ioctl$KVM_SET_CPUID2(r3, 0x4048aecb, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0xc048aeca, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
r8 = io_uring_setup(0x58e1, &(0x7f0000000440)={0x0, 0x61d6, 0x4000, 0x1, 0x258})
r9 = syz_io_uring_setup(0x487, &(0x7f00000000c0)={0x0, 0x9010, 0x100, 0x4, 0x165, 0x0, r8}, &(0x7f0000000000)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r9, 0x16, &(0x7f0000000140)={0x0, 0x0, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r7, 0x0, 0x0, 0x0, 0x121, 0x1, {0x1}})
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r12, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="180000002400010300000000000000000100000004"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
io_uring_enter(r9, 0x3517, 0x173d, 0x42, 0x0, 0x0)

272.779725ms ago: executing program 4 (id=1998):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1, 0x0, 0xffffffffffffffe1}}], 0x1, 0x4000000)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000340)={0x0, 0x4}, 0x8)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmsg$alg(r3, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x18, 0x117, 0x4, 0x200}], 0x18}, 0x28000054)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)={0x14, 0x17, 0xa, 0x801, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)
sendmsg$nl_route_sched_retired(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xfff1, 0xe}}}, 0x24}}, 0x0)
recvmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000800)=""/228, 0xe4}, {&(0x7f0000000940)=""/122, 0x7a}, {&(0x7f0000000600)=""/132, 0x84}, {&(0x7f0000000380)=""/21, 0x15}, {&(0x7f00000006c0)=""/21, 0x15}], 0x5}, 0x4}], 0x2, 0x60, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x20, r6, 0xc4fc9e906872338b, 0x70bd2c, 0x0, {{0x5}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x4}]}, 0x20}}, 0x4c002)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r3, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000400)={0x54, r6, 0x4, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_BSSID={0xa, 0xf5, @random="21ee0495c80c"}, @NL80211_ATTR_PMKID={0x14, 0x55, "30c245f1e1770ffb5829539bfd2a4b39"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="b7b2b3f66941"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="124b997b1761"}]}, 0x54}, 0x1, 0x0, 0x0, 0x2004c041}, 0x40001)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r8, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r8, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

194.288496ms ago: executing program 0 (id=1999):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000040000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000010000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004000000000000000000000000000000c6d6eac3624ce3cd3a1301d696468ff5bb8ab14d7f3ca4d28916cbf3f884ae1ea97f19ea656b3ff7b72d6cebffa7d6d14d358f53e8daf4cf3dcba452f82ae0bdeff0b5df5b8e2d84ae497edf8d"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x8010800)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r6=>0x0})
syz_init_net_socket$ax25(0x3, 0x3, 0xcf)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x3fd4}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x20, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x192}}, 0x20}}, 0x0)
bind$inet(r3, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r3, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r3, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x1100, 0x30000}}], 0x300, 0xf00)

193.253807ms ago: executing program 4 (id=2000):
clock_adjtime(0x7000000, &(0x7f00000002c0)={0x362, 0xf, 0x4, 0x8000000000000001, 0x48f, 0x5, 0xb, 0x424, 0x2, 0xffffffffffffffff, 0xf423f, 0xfffffffffffffff9, 0x8, 0x3, 0x8001000000081, 0x5, 0x2, 0x3, 0x2, 0x9220000000000000, 0x3, 0x3, 0x80000001, 0x0, 0x7, 0x7})

103.308781ms ago: executing program 4 (id=2001):
socket$nl_rdma(0x10, 0x3, 0x14)
socket$packet(0x11, 0x2, 0x300)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x62b4e7cbb8b4f193}, 0x24044040)
r1 = socket$netlink(0x10, 0x3, 0x0)
process_vm_writev(0x0, &(0x7f0000001c80)=[{&(0x7f0000019100)=""/162, 0xa2}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x74}], 0x1, 0x0)
r2 = ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00)
ioctl$UFFDIO_POISON(r2, 0xc020aa08, &(0x7f0000000040)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
r3 = socket(0x10, 0x803, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=ANY=[@ANYBLOB="5800000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800b00010067656e657665000020000280140007000000000000000000000000000000000105000c000100000008000a00", @ANYRES32=r4], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

3.348038ms ago: executing program 4 (id=2002):
syz_emit_ethernet(0x4a, &(0x7f0000000340)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a59d9", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x3a00, 0x3, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r0, 0x89fa, &(0x7f0000000140)={'sit0\x00', &(0x7f0000000100)={@remote, @empty, 0x2, 0x8}})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000000)={@in={{0x2, 0x4e20, @empty}}, 0x0, 0x0, 0x13, 0x0, "84263d9a2788d3385112820fe0853c291300e3f94ddd4fbf5710bd07d3ff63a87bd560bba5c9d844a360b5c453ad573083503e112d8d4f0585d1fcd2184d4eb8b79afcaed13a17ae6499765f560bc371"}, 0xd8)

243.963µs ago: executing program 4 (id=2003):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/ipc\x00')
mkdir(&(0x7f0000000140)='./file1\x00', 0x1a0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='hpfs\x00', 0xa08, &(0x7f00000004c0)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000100)='veth1_to_bond\x00', 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd701afcdbdffc9d00000008000300", @ANYRES32=r4, @ANYBLOB="050053"], 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x4004080)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000500))
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f0000000080)={0x1, 0xc000, {<r5=>0x0}, {0xee01}, 0xfffffffb, 0x4})
sched_setaffinity(r5, 0x8, &(0x7f00000001c0)=0x400)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000801, 0x0, &(0x7f00000000c0)={0x84, 0x7f, 0x2000200000a95e, 0x0, 0x800000009, 0x3de, 0x5, 0x100000000, 0xac6})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
sendmsg$NL80211_CMD_DEL_KEY(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x200000cc}, 0x22040040)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14)
sendmsg$AUDIT_MAKE_EQUIV(r8, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, 0x3f7, 0x301, 0x70bd26, 0x25dfdbfe, {0x7, 0x7, './file1', './file1'}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x48080}, 0x41)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xa1ba255bddd83b29, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r10, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0xc})
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r11, 0x4400ae8f, &(0x7f0000000bc0)={"c718ae3ddd25e4c2826499cb6a055b56a5a7336f377a556f824db28eb6743cf045afd0e932534b9eb3b847abbcef63c85319991745999ed89ff49783a84d57cf175a89f8733d74a1bdddcb0a6c3f7535ef976e79da1b52de6403f6710d606fafaf685ec19f369b7829b12aa2b8cd2ab52f9c688683979cdb9516cb61f2adb9aefd44fce30bddb81ebefa818f31f60d89a4e390920c7ed0e2512fd59f719e734b0a1d1f3ff7babb54258a1585514aac353b21fe733671e0543929c06f72fc598939003ac6777f3497523536fd25ac4f1e265f5038fa7455f2cc6131d4a189a16b0f0b89e6a495e1d95b840c36488adc22cb2d1b8af57f6dce7214152ba1b3c0d3ad0a6db821518e44b24cb36a02d76ea11a1c45879fc77e7bb2af8c345ddddf49f41228df2114f2c27d16499fa36097a5015ad61a6a9484c09e0a2dfb50f7b7ca71135dc32804a80380a6e20e0ae03be775e472cd31d6a31e615937c38e746a5cf6c9d8194242990dd497a2c52af50300000000000000cebbd983c3f86dbe92c4b751c04693cb09af88521ab305ceabf6d2bab40bb1b219fbe95ace2f6c49fea798e76b4ef336dff5ac0f7ab022b800ac1aa42fd231b52465a410177ed85dcc9c6d794e2aa0b90cdc409541aa85fa16e3cbc3a9d6c83ffd4d01e5ba898555eeffccf0cb28ce5df0ba31cb793675276162de2fdcb486455bca57edf4fb14e1533554eb22527d66a28a960c430f6136927f54e670c46292454fe28485f35405025844fd24fe846f6656c77d9b5f2b4750ac4805897b02c85caba80000bb96f71f468c9e7401000238b3b113ab1eef51e1507f8832d5d69528083d44548e491477cda51d7e083a134097438e9d7ea34eae8a2e6b516327db9310c7478a37f5c562037196131cc7c84fa29c3c2576f2ae7570b5a98aaa49ca7ddfd5a8c046ce82e4a2d06082ad7a3ab0dfbe208630b1410b674781855752c9c57c1c5ab0a74a336ce89b3a9c0d37a3ca4e698a798a85faf7f4f1dc020b7dd5750062c9810c4bc1ad7afe338f2b0f29059e684fe16098eb30da105be01ca11a293635dfc6d25ecc770ba72792fd3c6851d951b770d0f9edafb1cb4241350d85b04ed737a9bfd7e8301c43b65a95dda76d6850860ba3195040b14c8ad1a8b52472787621147182352a1dbd93595cbc26e813ccd75e16f9247fe82ed150c121f0041022522ec76476f0a9cffa3be1d3ffffffffffffffff29358bbfd8b7a12fe94a0355beb9420eee0a5c11220100c782b89e9430de84b220e8c0df4bd40be3400c58f149319f891fe86fba751dab3326bf2deb9e782b37ec9c7adf36025a091a4b3600"})

0s ago: executing program 4 (id=2004):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x2) (async)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x33) (async)
r1 = openat$vicodec0(0xffffff9c, &(0x7f00000010c0), 0x2, 0x0) (async)
r2 = socket$xdp(0x2c, 0x3, 0x0) (async)
r3 = epoll_create(0x5) (async)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r4)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e1301"], 0x16) (async, rerun: 32)
r5 = syz_io_uring_setup(0x1e7f, &(0x7f0000000540)={0x0, 0xac24, 0x10000, 0x2, 0x362}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000000)=<r7=>0x0) (rerun: 32)
syz_io_uring_submit(r6, r7, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x5, r2, 0x0, 0x0, 0x0, 0x80800}) (async)
io_uring_enter(r5, 0x3516, 0xc2de, 0x8, 0x0, 0x0) (async)
ioctl$VIDIOC_S_PARM(r1, 0xc0cc5616, &(0x7f0000001100)={0x4, @capture={0x0, 0x1, {0x6, 0x4}, 0x1, 0x2eef}})

kernel console output (not intermixed with test programs):

+0x100/0x3e0
[  218.085898][T10169]  tomoyo_encode+0x29/0x50
[  218.085911][T10169]  tomoyo_realpath_from_path+0x18f/0x6e0
[  218.085927][T10169]  tomoyo_path_number_perm+0x245/0x580
[  218.085939][T10169]  ? tomoyo_path_number_perm+0x237/0x580
[  218.085952][T10169]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  218.085966][T10169]  ? preempt_count_add+0x76/0x150
[  218.085983][T10169]  ? rcu_is_watching+0x12/0xc0
[  218.085994][T10169]  ? __fget_files+0x204/0x3c0
[  218.086004][T10169]  ? hook_file_ioctl_common+0x145/0x410
[  218.086018][T10169]  ? lock_release+0x201/0x2f0
[  218.086031][T10169]  ? __fget_files+0x20e/0x3c0
[  218.086042][T10169]  security_file_ioctl_compat+0x9b/0x240
[  218.086056][T10169]  __ia32_compat_sys_ioctl+0xc3/0x370
[  218.086072][T10169]  __do_fast_syscall_32+0x7c/0x3a0
[  218.086087][T10169]  do_fast_syscall_32+0x32/0x80
[  218.086100][T10169]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  218.086113][T10169] RIP: 0023:0xf7f74579
[  218.086121][T10169] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  218.086132][T10169] RSP: 002b:00000000f549655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  218.086142][T10169] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000004014563c
[  218.086148][T10169] RDX: 000000008001f9c0 RSI: 0000000000000000 RDI: 0000000000000000
[  218.086154][T10169] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  218.086160][T10169] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  218.086182][T10169] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  218.086190][T10169]  </TASK>
[  218.156711][T10169] ERROR: Out of memory at tomoyo_realpath_from_path.
[  218.167180][ T6021] usb 8-1: GET_CAPABILITIES returned 0
[  218.168937][ T6021] usbtmc 8-1:16.0: can't read capabilities
[  218.377740][T10175] Set syz1 is full, maxelem 65536 reached
[  218.398733][T10189] delete_channel: no stack
[  218.411629][ T6042] usb 8-1: USB disconnect, device number 27
[  218.867029][ T6042] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  219.009683][ T6042] usb 5-1: device descriptor read/64, error -71
[  219.151198][T10218] delete_channel: no stack
[  219.246999][ T6042] usb 5-1: new full-speed USB device number 20 using dummy_hcd
[  219.296616][T10083] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  219.299479][T10083] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  219.375860][T10230] netlink: 'syz.2.1201': attribute type 2 has an invalid length.
[  219.379432][T10230] netlink: 1184 bytes leftover after parsing attributes in process `syz.2.1201'.
[  219.385356][ T5986] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  219.385372][ T5986] Bluetooth: hci2: Malformed LE Event: 0x0d
[  219.397200][ T6042] usb 5-1: device descriptor read/64, error -71
[  219.508845][ T6042] usb usb5-port1: attempt power cycle
[  219.624920][T10232] Set syz1 is full, maxelem 65536 reached
[  219.630762][T10236] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  219.846993][ T6042] usb 5-1: new full-speed USB device number 21 using dummy_hcd
[  219.867447][ T6042] usb 5-1: device descriptor read/8, error -71
[  219.897097][ T1021] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[  220.048121][ T1021] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  220.052506][ T1021] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  220.057198][ T1021] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  220.060856][ T1021] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  220.064003][ T1021] usb 9-1: SerialNumber: syz
[  220.068585][ T1021] usb 9-1: bad CDC descriptors
[  220.070739][ T1021] usb-storage 9-1:1.0: USB Mass Storage device detected
[  220.074470][ T1021] usb-storage 9-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  220.077960][ T1021] scsi host6: usb-storage 9-1:1.0
[  220.106983][ T6042] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  220.127742][ T6042] usb 5-1: device descriptor read/8, error -71
[  220.254241][ T6042] usb usb5-port1: unable to enumerate USB device
[  220.315274][T10249] delete_channel: no stack
[  220.555839][T10259] tipc: Started in network mode
[  220.557733][T10259] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  220.560281][T10259] tipc: Enabled bearer <eth:team0>, priority 0
[  220.590833][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.593861][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  221.328744][T10278] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  221.623559][T10283] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1216'.
[  221.660902][   T40] kauditd_printk_skb: 1233 callbacks suppressed
[  221.660914][   T40] audit: type=1326 audit(1755706260.436:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10285 comm="syz.0.1217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  221.671009][   T40] audit: type=1326 audit(1755706260.436:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10285 comm="syz.0.1217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  221.678112][   T40] audit: type=1326 audit(1755706260.436:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10285 comm="syz.0.1217" exe="/syz-executor" sig=0 arch=40000003 syscall=451 compat=1 ip=0xf709e579 code=0x7ffc0000
[  221.684829][   T40] audit: type=1326 audit(1755706260.436:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10285 comm="syz.0.1217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  221.691802][ T6042] tipc: Node number set to 11578026
[  221.762720][T10289] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  221.867070][ T6021] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  221.926030][T10291] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  222.016982][ T6021] usb 8-1: Using ep0 maxpacket: 16
[  222.019841][ T6021] usb 8-1: config 0 has no interfaces?
[  222.023098][ T6021] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  222.025898][ T6021] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.028474][ T6021] usb 8-1: Product: syz
[  222.029799][ T6021] usb 8-1: Manufacturer: syz
[  222.031279][ T6021] usb 8-1: SerialNumber: syz
[  222.034467][ T6021] usb 8-1: config 0 descriptor??
[  222.243385][   T54] usb 8-1: USB disconnect, device number 28
[  222.591790][   T40] audit: type=1326 audit(1755706261.366:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.2.1221" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f12579 code=0x0
[  222.662474][   T54] usb 9-1: USB disconnect, device number 4
[  222.767063][   T53] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  222.878155][T10313] syzkaller1: entered promiscuous mode
[  222.880028][T10313] syzkaller1: entered allmulticast mode
[  222.917115][   T53] usb 5-1: Using ep0 maxpacket: 16
[  222.920683][   T53] usb 5-1: config 0 has no interfaces?
[  222.924067][   T53] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  222.926911][   T53] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.930117][   T53] usb 5-1: Product: syz
[  222.931809][   T53] usb 5-1: Manufacturer: syz
[  222.933681][   T53] usb 5-1: SerialNumber: syz
[  222.936478][   T53] usb 5-1: config 0 descriptor??
[  223.052700][   T40] audit: type=1326 audit(1755706261.826:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.4.1226" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  223.059577][   T40] audit: type=1326 audit(1755706261.826:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.4.1226" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  223.066481][   T40] audit: type=1326 audit(1755706261.826:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.4.1226" exe="/syz-executor" sig=0 arch=40000003 syscall=451 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  223.073628][   T40] audit: type=1326 audit(1755706261.826:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.4.1226" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  223.080701][   T40] audit: type=1326 audit(1755706261.826:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10318 comm="syz.4.1226" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  223.107842][T10321] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1227'.
[  223.111674][T10321] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1227'.
[  223.313333][   T53] usb 5-1: USB disconnect, device number 23
[  223.379768][T10330] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1229'.
[  223.383489][T10330] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1229'.
[  223.912224][T10341] Illegal XDP return value 555852864 on prog  (id 129) dev syz_tun, expect packet loss!
[  223.912760][T10339] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  223.921817][T10341] netlink: 'syz.0.1232': attribute type 10 has an invalid length.
[  223.929839][T10341] veth0_vlan: left promiscuous mode
[  223.933620][T10341] veth0_vlan: entered promiscuous mode
[  223.937918][T10341] team0: Device veth0_vlan failed to register rx_handler
[  224.222178][T10352] syzkaller1: entered promiscuous mode
[  224.223910][T10352] syzkaller1: entered allmulticast mode
[  224.226784][T10352] nfs: Unknown parameter 'f�c'
[  224.580274][T10358] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  225.430760][T10368] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1239'.
[  225.433657][T10368] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1239'.
[  226.230262][T10384] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  226.279509][T10386] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1243'.
[  227.148331][T10424] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  227.275708][T10428] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1250'.
[  227.279617][T10428] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1250'.
[  227.307427][T10430] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  228.416994][   T29] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  228.567084][   T29] usb 8-1: Using ep0 maxpacket: 16
[  228.569941][   T29] usb 8-1: config 0 has no interfaces?
[  228.573050][   T29] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  228.575879][   T29] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.578464][   T29] usb 8-1: Product: syz
[  228.579788][   T29] usb 8-1: Manufacturer: syz
[  228.581253][   T29] usb 8-1: SerialNumber: syz
[  228.584955][   T29] usb 8-1: config 0 descriptor??
[  228.814042][   T10] usb 8-1: USB disconnect, device number 29
[  229.067068][   T34] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  229.227061][   T34] usb 9-1: Using ep0 maxpacket: 16
[  229.230308][   T34] usb 9-1: config 0 has no interfaces?
[  229.233400][   T34] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  229.236232][   T34] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.238899][   T34] usb 9-1: Product: syz
[  229.240226][   T34] usb 9-1: Manufacturer: syz
[  229.241695][   T34] usb 9-1: SerialNumber: syz
[  229.243776][   T34] usb 9-1: config 0 descriptor??
[  229.441000][T10466] Set syz1 is full, maxelem 65536 reached
[  229.468122][T10473] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  229.547849][   T29] usb 9-1: USB disconnect, device number 5
[  229.638373][T10478] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1262'.
[  229.641399][T10478] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1262'.
[  230.222737][T10482] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1263'.
[  230.225546][T10482] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1263'.
[  230.887057][ T1021] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  231.047134][ T1021] usb 8-1: Using ep0 maxpacket: 16
[  231.050482][ T1021] usb 8-1: config 0 has no interfaces?
[  231.054007][ T1021] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  231.058142][ T1021] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.060722][ T1021] usb 8-1: Product: syz
[  231.062114][ T1021] usb 8-1: Manufacturer: syz
[  231.063852][ T1021] usb 8-1: SerialNumber: syz
[  231.067526][ T1021] usb 8-1: config 0 descriptor??
[  231.288594][ T1021] usb 8-1: USB disconnect, device number 30
[  231.372295][T10510] comedi comedi0: dmm32at: I/O port conflict (0xee,16)
[  231.603867][T10504] Set syz1 is full, maxelem 65536 reached
[  231.621263][T10518] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1274'.
[  231.624184][T10518] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1274'.
[  233.117096][ T6021] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  233.267532][ T6021] usb 8-1: Using ep0 maxpacket: 16
[  233.270492][ T6021] usb 8-1: config 0 has no interfaces?
[  233.275022][ T6021] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  233.278800][ T6021] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.282178][ T6021] usb 8-1: Product: syz
[  233.283967][ T6021] usb 8-1: Manufacturer: syz
[  233.285893][ T6021] usb 8-1: SerialNumber: syz
[  233.288898][ T6021] usb 8-1: config 0 descriptor??
[  233.541077][ T1021] usb 8-1: USB disconnect, device number 31
[  234.060419][ T6021] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[  234.218379][ T6021] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  234.222173][ T6021] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  234.226646][ T6021] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  234.231103][ T6021] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  234.238133][ T6021] usb 9-1: SerialNumber: syz
[  234.243748][ T6021] usb 9-1: bad CDC descriptors
[  234.247231][ T6021] usb-storage 9-1:1.0: USB Mass Storage device detected
[  234.252832][ T6021] usb-storage 9-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  234.258125][ T6021] scsi host6: usb-storage 9-1:1.0
[  234.913361][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  234.913379][   T40] audit: type=1326 audit(1755706273.686:1452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10566 comm="syz.3.1283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  234.924763][   T40] audit: type=1326 audit(1755706273.686:1453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10566 comm="syz.3.1283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  234.931842][   T40] audit: type=1326 audit(1755706273.686:1454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10566 comm="syz.3.1283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  234.938441][   T40] audit: type=1326 audit(1755706273.686:1455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10566 comm="syz.3.1283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  234.946186][   T40] audit: type=1326 audit(1755706273.686:1456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10566 comm="syz.3.1283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  234.955901][   T40] audit: type=1326 audit(1755706273.686:1457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10566 comm="syz.3.1283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  234.962599][   T40] audit: type=1326 audit(1755706273.686:1458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10566 comm="syz.3.1283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  234.969568][   T40] audit: type=1326 audit(1755706273.686:1459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10566 comm="syz.3.1283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  234.977039][   T40] audit: type=1326 audit(1755706273.686:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10566 comm="syz.3.1283" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  234.985640][   T40] audit: type=1326 audit(1755706273.686:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10566 comm="syz.3.1283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  235.667994][ T6049] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  235.726101][T10585] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  235.816995][ T6049] usb 8-1: Using ep0 maxpacket: 16
[  235.827150][ T6049] usb 8-1: config 0 has no interfaces?
[  235.831170][ T6049] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  235.837268][ T6049] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.841328][ T6049] usb 8-1: Product: syz
[  235.920375][ T6049] usb 8-1: Manufacturer: syz
[  235.921844][ T6049] usb 8-1: SerialNumber: syz
[  235.924257][ T6049] usb 8-1: config 0 descriptor??
[  236.141033][ T6049] usb 8-1: USB disconnect, device number 32
[  236.671173][T10598] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1295'.
[  236.947073][   T54] usb 8-1: new full-speed USB device number 33 using dummy_hcd
[  237.128341][   T54] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  237.137093][   T54] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  237.140944][   T54] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  237.143714][   T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  237.146095][   T54] usb 8-1: SerialNumber: syz
[  237.151095][   T54] usb 8-1: bad CDC descriptors
[  237.152823][   T54] usb-storage 8-1:1.0: USB Mass Storage device detected
[  237.159576][   T54] usb-storage 8-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  237.163206][   T54] scsi host7: usb-storage 8-1:1.0
[  237.472959][T10623] Set syz1 is full, maxelem 65536 reached
[  237.617910][ T6049] usb 9-1: USB disconnect, device number 6
[  238.597037][ T1021] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  238.747558][ T1021] usb 5-1: Using ep0 maxpacket: 16
[  238.752493][ T1021] usb 5-1: config 0 has no interfaces?
[  238.756119][ T1021] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  238.762295][ T1021] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.767249][T10642] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  238.776542][ T1021] usb 5-1: Product: syz
[  238.778723][ T1021] usb 5-1: Manufacturer: syz
[  238.780308][ T1021] usb 5-1: SerialNumber: syz
[  238.784957][ T1021] usb 5-1: config 0 descriptor??
[  238.977390][T10648] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  239.003696][   T10] usb 5-1: USB disconnect, device number 24
[  239.701713][T10664] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1315'.
[  239.757731][ T1021] usb 8-1: USB disconnect, device number 33
[  239.934342][T10673] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.011216][ T5987] Bluetooth: hci4: command 0x0405 tx timeout
[  240.068629][T10684] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  240.071686][T10684] batman_adv: batadv0: Removing interface: batadv_slave_0
[  240.075181][T10684] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  240.078340][T10684] batman_adv: batadv0: Removing interface: batadv_slave_1
[  240.539105][ T5986] Bluetooth: hci4: unexpected event for opcode 0x2041
[  240.543279][T10690] afs: Unknown parameter ''
[  240.572247][T10692] trusted_key: encrypted_key: insufficient parameters specified
[  240.629386][T10693] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  240.869773][T10703] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1328'.
[  240.873463][T10703] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1328'.
[  240.937129][   T10] usb 8-1: new full-speed USB device number 34 using dummy_hcd
[  241.010895][T10710] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1330'.
[  241.014827][T10710] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1330'.
[  241.098843][   T10] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  241.103329][   T10] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  241.108351][   T10] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  241.112093][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  241.115349][   T10] usb 8-1: SerialNumber: syz
[  241.120630][   T10] usb 8-1: bad CDC descriptors
[  241.122833][   T10] usb-storage 8-1:1.0: USB Mass Storage device detected
[  241.125921][   T10] usb-storage 8-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  241.128861][   T10] scsi host6: usb-storage 8-1:1.0
[  241.173808][T10719] netlink: 264 bytes leftover after parsing attributes in process `syz.2.1332'.
[  241.422501][T10724] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1333'.
[  241.445471][T10722] Set syz1 is full, maxelem 65536 reached
[  241.756583][T10733] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  243.737212][ T7857] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  243.897170][ T7857] usb 9-1: Using ep0 maxpacket: 16
[  243.900254][ T7857] usb 9-1: config 1 has an invalid interface number: 105 but max is 0
[  243.903500][ T7857] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  243.906812][ T7857] usb 9-1: config 1 has no interface number 0
[  243.908991][ T7857] usb 9-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  243.912304][ T7857] usb 9-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  243.916714][ T7857] usb 9-1: config 1 interface 105 has no altsetting 0
[  243.920561][ T7857] usb 9-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  243.923626][ T7857] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.926323][ T7857] usb 9-1: Product: syz
[  243.928098][ T7857] usb 9-1: Manufacturer: syz
[  243.929717][ T7857] usb 9-1: SerialNumber: syz
[  243.932416][T10775] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  244.142099][ T7857] aqc111 9-1:1.105: probe with driver aqc111 failed with error -22
[  244.487718][   T10] usb 8-1: USB disconnect, device number 34
[  245.929311][T10818] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  246.029190][T10820] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1361'.
[  246.472097][   T40] kauditd_printk_skb: 70 callbacks suppressed
[  246.472109][   T40] audit: type=1326 audit(1755706285.246:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10827 comm="syz.3.1364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  246.480781][   T40] audit: type=1326 audit(1755706285.246:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10827 comm="syz.3.1364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  246.488524][   T40] audit: type=1326 audit(1755706285.246:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10827 comm="syz.3.1364" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  246.495341][   T40] audit: type=1326 audit(1755706285.246:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10827 comm="syz.3.1364" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  246.502495][   T40] audit: type=1326 audit(1755706285.246:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10827 comm="syz.3.1364" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  246.510773][   T40] audit: type=1326 audit(1755706285.246:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10827 comm="syz.3.1364" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  246.520067][   T40] audit: type=1326 audit(1755706285.246:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10827 comm="syz.3.1364" exe="/syz-executor" sig=0 arch=40000003 syscall=451 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  246.528965][   T40] audit: type=1326 audit(1755706285.246:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10827 comm="syz.3.1364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  246.539354][   T10] usb 9-1: USB disconnect, device number 7
[  246.545450][   T40] audit: type=1326 audit(1755706285.246:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10827 comm="syz.3.1364" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  246.557124][   T40] audit: type=1326 audit(1755706285.246:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10827 comm="syz.3.1364" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  246.676712][T10840] veth1_macvtap: mtu less than device minimum
[  247.667971][T10860] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  247.686996][ T7857] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[  247.997380][ T7857] usb 8-1: Using ep0 maxpacket: 16
[  248.108399][ T7857] usb 8-1: config 0 has no interfaces?
[  248.112737][ T7857] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  248.115699][ T7857] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.118774][ T7857] usb 8-1: Product: syz
[  248.120229][ T7857] usb 8-1: Manufacturer: syz
[  248.121869][ T7857] usb 8-1: SerialNumber: syz
[  248.124821][ T7857] usb 8-1: config 0 descriptor??
[  248.343075][ T1334] usb 8-1: USB disconnect, device number 35
[  249.658100][T10895] trusted_key: encrypted_key: insufficient parameters specified
[  249.716025][T10898] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  249.719806][T10897] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  250.315075][T10914] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1390'.
[  250.374738][T10917] overlayfs: failed to clone upperpath
[  250.433007][T10918] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1391'.
[  250.435878][T10918] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1391'.
[  251.202016][T10931] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1395'.
[  251.373513][T10946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  252.118966][T10977] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1411'.
[  252.121948][T10977] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1411'.
[  252.531798][T10988] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  253.123753][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  253.123771][   T40] audit: type=1326 audit(1755706291.896:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1420" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000
[  253.135803][   T40] audit: type=1326 audit(1755706291.896:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1420" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  253.143875][   T40] audit: type=1326 audit(1755706291.896:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1420" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  253.150834][   T40] audit: type=1326 audit(1755706291.896:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1420" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  253.159204][   T40] audit: type=1326 audit(1755706291.896:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1420" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  253.166196][   T40] audit: type=1326 audit(1755706291.896:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1420" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  253.173967][   T40] audit: type=1326 audit(1755706291.896:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1420" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  253.181358][   T40] audit: type=1326 audit(1755706291.896:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1420" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  253.188313][   T40] audit: type=1326 audit(1755706291.896:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1420" exe="/syz-executor" sig=0 arch=40000003 syscall=451 compat=1 ip=0xf7f12579 code=0x7ffc0000
[  253.195344][   T40] audit: type=1326 audit(1755706291.896:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.1420" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000
[  253.317228][ T6099] usb 8-1: new full-speed USB device number 36 using dummy_hcd
[  253.468180][ T6099] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  253.471677][ T6099] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  253.475360][ T6099] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  253.478394][ T6099] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  253.480876][ T6099] usb 8-1: SerialNumber: syz
[  253.485311][ T6099] usb 8-1: bad CDC descriptors
[  253.487238][ T6099] usb-storage 8-1:1.0: USB Mass Storage device detected
[  253.490196][ T6099] usb-storage 8-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  253.492958][ T6099] scsi host6: usb-storage 8-1:1.0
[  253.807704][T11018] Set syz1 is full, maxelem 65536 reached
[  253.861187][T11017] netlink: 212388 bytes leftover after parsing attributes in process `syz.4.1424'.
[  253.865255][T11017] openvswitch: netlink: Message has 5 unknown bytes.
[  254.382441][T11037] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1430'.
[  254.385348][T11037] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1430'.
[  255.198352][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  255.200412][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  256.351356][   T29] usb 8-1: USB disconnect, device number 36
[  256.634226][T11071] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1441'.
[  256.638300][T11071] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1441'.
[  256.641584][T11071] netlink: 'syz.2.1441': attribute type 12 has an invalid length.
[  256.790202][T11076] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  256.889406][T11080] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1444'.
[  256.892261][T11080] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1444'.
[  257.069465][T11086] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1446'.
[  257.497182][ T6021] usb 9-1: new full-speed USB device number 8 using dummy_hcd
[  257.668381][ T6021] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  257.671825][ T6021] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  257.675523][ T6021] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  257.678591][ T6021] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  257.681058][ T6021] usb 9-1: SerialNumber: syz
[  257.684173][ T6021] usb 9-1: bad CDC descriptors
[  257.685932][ T6021] usb-storage 9-1:1.0: USB Mass Storage device detected
[  257.692738][ T6021] usb-storage 9-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  257.695506][ T6021] scsi host6: usb-storage 9-1:1.0
[  258.985859][   T40] kauditd_printk_skb: 493 callbacks suppressed
[  258.985870][   T40] audit: type=1326 audit(1755706297.756:2059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.3.1458" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  258.997031][   T40] audit: type=1326 audit(1755706297.756:2060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.3.1458" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  259.005744][   T40] audit: type=1326 audit(1755706297.756:2061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.3.1458" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  259.013028][   T40] audit: type=1326 audit(1755706297.756:2062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.3.1458" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  259.020385][   T40] audit: type=1326 audit(1755706297.756:2063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.3.1458" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  259.028214][   T40] audit: type=1326 audit(1755706297.756:2064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.3.1458" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  259.036695][   T40] audit: type=1326 audit(1755706297.756:2065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.3.1458" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  259.045585][   T40] audit: type=1326 audit(1755706297.756:2066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.3.1458" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  259.054089][   T40] audit: type=1326 audit(1755706297.766:2067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.3.1458" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  259.063200][   T40] audit: type=1326 audit(1755706297.766:2068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.3.1458" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  259.093835][T11138] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  259.252855][T11143] tipc: Started in network mode
[  259.254495][T11143] tipc: Node identity a28ae1ebbb9a, cluster identity 4711
[  259.257018][T11143] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  259.259759][T11143] syzkaller0: entered promiscuous mode
[  259.261609][T11143] syzkaller0: entered allmulticast mode
[  259.278578][T11143] tipc: Resetting bearer <eth:syzkaller0>
[  259.428092][T11145] tipc: Resetting bearer <eth:syzkaller0>
[  259.431965][T11145] tipc: Disabling bearer <eth:syzkaller0>
[  259.797991][T11155] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  260.071195][T11160] netlink: 'syz.2.1465': attribute type 1 has an invalid length.
[  260.073645][T11160] netlink: 'syz.2.1465': attribute type 1 has an invalid length.
[  260.076061][T11160] netlink: 'syz.2.1465': attribute type 1 has an invalid length.
[  260.078965][T11160] netlink: 'syz.2.1465': attribute type 1 has an invalid length.
[  260.081317][T11160] netlink: 'syz.2.1465': attribute type 1 has an invalid length.
[  260.083729][T11160] netlink: 'syz.2.1465': attribute type 1 has an invalid length.
[  260.086182][T11160] netlink: 'syz.2.1465': attribute type 1 has an invalid length.
[  260.089168][T11160] netlink: 'syz.2.1465': attribute type 1 has an invalid length.
[  260.091643][T11160] netlink: 'syz.2.1465': attribute type 1 has an invalid length.
[  260.283629][   T29] usb 9-1: USB disconnect, device number 8
[  261.190691][T11190] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1475'.
[  261.536998][   T29] usb 9-1: new full-speed USB device number 9 using dummy_hcd
[  261.567439][T11200] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  261.758942][   T29] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  261.763891][   T29] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  261.768317][   T29] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  261.771359][   T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  261.773995][   T29] usb 9-1: SerialNumber: syz
[  261.781678][   T29] usb 9-1: bad CDC descriptors
[  261.784601][   T29] usb-storage 9-1:1.0: USB Mass Storage device detected
[  261.835670][   T29] usb-storage 9-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  261.857470][   T29] scsi host6: usb-storage 9-1:1.0
[  261.887948][T11206] mkiss: ax0: crc mode is auto.
[  261.982697][T11208] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  261.986581][T11208] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  262.001384][T11208] bond0: (slave ipvlan2): Error -95 calling set_mac_address
[  262.649836][T11239] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  262.672521][T11230] tmpfs: Unknown parameter ''
[  262.942622][T11246] program syz.3.1492 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  263.218359][T11258] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  263.381946][T11274] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  263.410233][T11255] tipc: Disabling bearer <eth:syzkaller0>
[  264.242631][ T6042] usb 9-1: USB disconnect, device number 9
[  264.330675][T11300] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1507'.
[  264.768882][T11315] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  264.978618][T11316] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  264.980878][T11316] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  264.984330][T11316] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  264.986865][T11316] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  264.990111][T11316] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  264.992154][T11316] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  264.995338][T11316] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  264.997895][T11316] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  265.000937][T11316] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  265.342686][T11330] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1516'.
[  265.392965][ T5986] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  265.463384][   T40] kauditd_printk_skb: 132 callbacks suppressed
[  265.463403][   T40] audit: type=1326 audit(1755706304.236:2201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11350 comm="syz.3.1523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  265.476035][   T40] audit: type=1326 audit(1755706304.236:2202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11350 comm="syz.3.1523" exe="/syz-executor" sig=0 arch=40000003 syscall=451 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  265.483972][   T40] audit: type=1326 audit(1755706304.236:2203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11350 comm="syz.3.1523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  265.491162][   T40] audit: type=1326 audit(1755706304.236:2204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11350 comm="syz.3.1523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  265.547678][T11357] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1525'.
[  265.651912][   T40] audit: type=1326 audit(1755706304.426:2205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  265.659680][T11364] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1527'.
[  265.664259][   T40] audit: type=1326 audit(1755706304.426:2206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  265.672416][   T40] audit: type=1326 audit(1755706304.426:2207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f12579 code=0x7ffc0000
[  265.682227][   T40] audit: type=1326 audit(1755706304.426:2208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  265.691733][   T40] audit: type=1326 audit(1755706304.426:2209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  265.701664][   T40] audit: type=1326 audit(1755706304.426:2210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.2.1527" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f12598 code=0x7ffc0000
[  265.807819][T11367] overlayfs: failed to resolve './file1': -2
[  265.965243][T11365] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1527'.
[  265.991571][T11369] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1528'.
[  266.511819][T11386] vlan2: entered allmulticast mode
[  266.747849][T11390] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1534'.
[  266.957089][ T5986] Bluetooth: hci0: command 0x0406 tx timeout
[  267.047421][ T5987] Bluetooth: hci1: command 0x0406 tx timeout
[  267.047440][   T63] Bluetooth: hci2: command 0x0406 tx timeout
[  267.049950][ T5986] Bluetooth: hci4: command 0x0405 tx timeout
[  267.228329][T11400] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1537'.
[  267.231944][   T54] IPVS: starting estimator thread 0...
[  267.328214][T11401] IPVS: using max 57 ests per chain, 136800 per kthread
[  267.734805][T11409] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1539'.
[  267.741523][T11409] syz.2.1539: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  267.748032][T11409] CPU: 0 UID: 0 PID: 11409 Comm: syz.2.1539 Not tainted syzkaller #0 PREEMPT(full) 
[  267.748060][T11409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  267.748072][T11409] Call Trace:
[  267.748080][T11409]  <TASK>
[  267.748087][T11409]  dump_stack_lvl+0x16c/0x1f0
[  267.748115][T11409]  warn_alloc+0x248/0x3a0
[  267.748140][T11409]  ? __pfx_warn_alloc+0x10/0x10
[  267.748160][T11409]  ? __pfx_stack_trace_save+0x10/0x10
[  267.748188][T11409]  ? kasan_save_stack+0x42/0x60
[  267.748209][T11409]  ? kasan_save_stack+0x33/0x60
[  267.748228][T11409]  ? kasan_save_track+0x14/0x30
[  267.748249][T11409]  ? xskq_create+0x52/0x1d0
[  267.748267][T11409]  ? xsk_setsockopt+0x792/0x9a0
[  267.748282][T11409]  ? do_sock_setsockopt+0xf3/0x1d0
[  267.748307][T11409]  ? xskq_create+0xfb/0x1d0
[  267.748327][T11409]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  267.748352][T11409]  ? xskq_create+0xfb/0x1d0
[  267.748374][T11409]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  267.748397][T11409]  ? xskq_create+0xfb/0x1d0
[  267.748416][T11409]  vmalloc_user_noprof+0x9e/0xe0
[  267.748434][T11409]  ? xskq_create+0xfb/0x1d0
[  267.748453][T11409]  xskq_create+0xfb/0x1d0
[  267.748471][T11409]  xsk_setsockopt+0x792/0x9a0
[  267.748488][T11409]  ? __pfx_xsk_setsockopt+0x10/0x10
[  267.748509][T11409]  ? aa_sock_opt_perm+0xfd/0x1c0
[  267.748528][T11409]  ? __pfx_xsk_setsockopt+0x10/0x10
[  267.748546][T11409]  do_sock_setsockopt+0xf3/0x1d0
[  267.748571][T11409]  __sys_setsockopt+0x120/0x1a0
[  267.748596][T11409]  __ia32_sys_setsockopt+0xbc/0x160
[  267.748620][T11409]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  267.748645][T11409]  __do_fast_syscall_32+0x7c/0x3a0
[  267.748669][T11409]  do_fast_syscall_32+0x32/0x80
[  267.748692][T11409]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  267.748714][T11409] RIP: 0023:0xf7f12579
[  267.748729][T11409] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  267.748747][T11409] RSP: 002b:00000000f543655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  267.748767][T11409] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000011b
[  267.748778][T11409] RDX: 0000000000000002 RSI: 0000000080000900 RDI: 0000000000000004
[  267.748789][T11409] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  267.748799][T11409] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  267.748810][T11409] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  267.748828][T11409]  </TASK>
[  267.748836][T11409] Mem-Info:
[  267.850144][T11409] active_anon:1527 inactive_anon:5082 isolated_anon:0
[  267.850144][T11409]  active_file:16713 inactive_file:1255 isolated_file:0
[  267.850144][T11409]  unevictable:3293 dirty:457 writeback:0
[  267.850144][T11409]  slab_reclaimable:6180 slab_unreclaimable:59291
[  267.850144][T11409]  mapped:26695 shmem:2306 pagetables:1319
[  267.850144][T11409]  sec_pagetables:327 bounce:0
[  267.850144][T11409]  kernel_misc_reclaimable:0
[  267.850144][T11409]  free:70024 free_pcp:11441 free_cma:0
[  267.865731][T11409] Node 0 active_anon:0kB inactive_anon:244kB active_file:0kB inactive_file:616kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:632kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8752kB pagetables:1744kB sec_pagetables:1216kB all_unreclaimable? yes Balloon:0kB
[  267.875601][T11409] Node 1 active_anon:6108kB inactive_anon:20084kB active_file:66852kB inactive_file:4404kB unevictable:9636kB isolated(anon):0kB isolated(file):0kB mapped:106148kB dirty:1828kB writeback:0kB shmem:5688kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5104kB pagetables:3532kB sec_pagetables:92kB all_unreclaimable? no Balloon:0kB
[  267.888436][T11409] Node 0 DMA free:2000kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:4kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:232kB local_pcp:0kB free_cma:0kB
[  267.900178][T11409] lowmem_reserve[]: 0 288 288 288 288
[  267.902538][T11409] Node 0 DMA32 free:17916kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:2048KB free_highatomic:1632KB active_anon:0kB inactive_anon:240kB active_file:0kB inactive_file:616kB unevictable:3536kB writepending:0kB present:1032196kB managed:295148kB mlocked:0kB bounce:0kB free_pcp:11640kB local_pcp:3608kB free_cma:0kB
[  267.913099][T11409] lowmem_reserve[]: 0 0 0 0 0
[  267.914695][T11409] Node 1 DMA32 free:260180kB boost:10240kB min:57380kB low:69164kB high:80948kB reserved_highatomic:0KB free_highatomic:0KB active_anon:6108kB inactive_anon:20084kB active_file:66852kB inactive_file:4404kB unevictable:9636kB writepending:1828kB present:1048432kB managed:948220kB mlocked:6112kB bounce:0kB free_pcp:33676kB local_pcp:6368kB free_cma:0kB
[  267.925280][T11409] lowmem_reserve[]: 0 0 0 0 0
[  267.926866][T11409] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 4*32kB (U) 3*64kB (UM) 1*128kB (M) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2000kB
[  267.931205][T11409] Node 0 DMA32: 77*4kB (UME) 101*8kB (UME) 76*16kB (ME) 127*32kB (UMEH) 68*64kB (UMEH) 20*128kB (UMEH) 8*256kB (UMH) 5*512kB (UMH) 0*1024kB 0*2048kB 0*4096kB = 17916kB
[  267.936445][T11409] Node 1 DMA32: 1015*4kB (UME) 962*8kB (UME) 213*16kB (UME) 301*32kB (UME) 277*64kB (UME) 190*128kB (UME) 85*256kB (UME) 59*512kB (UME) 28*1024kB (UME) 15*2048kB (UM) 20*4096kB (U) = 260124kB
[  267.942408][T11409] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  267.945372][T11409] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  267.948473][T11409] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  267.951516][T11409] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  267.954450][T11409] 20597 total pagecache pages
[  267.955983][T11409] 327 pages in swap cache
[  267.957405][T11409] Free swap  = 120052kB
[  267.958743][T11409] Total swap = 124996kB
[  267.960051][T11409] 524155 pages RAM
[  267.961282][T11409] 0 pages HighMem/MovableOnly
[  267.962748][T11409] 209473 pages reserved
[  267.964061][T11409] 0 pages cma reserved
[  268.396544][T11424] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  268.567505][ T6099] usb 9-1: new full-speed USB device number 10 using dummy_hcd
[  268.719346][ T6099] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  268.722964][T11434] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  268.723204][ T6099] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  268.732809][ T6099] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  268.735973][ T6099] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  268.739897][ T6099] usb 9-1: SerialNumber: syz
[  268.746690][ T6099] usb 9-1: bad CDC descriptors
[  268.750119][ T6099] usb-storage 9-1:1.0: USB Mass Storage device detected
[  268.753373][ T6099] usb-storage 9-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  268.757414][ T6099] scsi host6: usb-storage 9-1:1.0
[  268.798810][T11438] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1546'.
[  268.801669][T11438] tipc: Enabling of bearer <eth:
> rejected, failed to enable media
[  269.047068][ T5986] Bluetooth: hci0: command 0x0406 tx timeout
[  269.117321][ T5986] Bluetooth: hci4: command 0x0405 tx timeout
[  269.119079][ T5986] Bluetooth: hci1: command 0x0406 tx timeout
[  269.120779][ T5986] Bluetooth: hci2: command 0x0406 tx timeout
[  270.039235][ T6049] usb 9-1: USB disconnect, device number 10
[  270.171425][T11462] tipc: Started in network mode
[  270.173625][T11462] tipc: Node identity 8a0cbbc02614, cluster identity 4711
[  270.176136][T11462] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  270.179670][T11462] syzkaller0: entered promiscuous mode
[  270.182109][T11462] syzkaller0: entered allmulticast mode
[  270.188947][T11462] tipc: Resetting bearer <eth:syzkaller0>
[  270.191662][T11461] tipc: Resetting bearer <eth:syzkaller0>
[  270.194478][T11461] tipc: Disabling bearer <eth:syzkaller0>
[  270.363227][T11468] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.608898][T11475] tun0: tun_chr_ioctl cmd 1074025675
[  270.611346][T11475] tun0: persist disabled
[  270.695610][   T40] kauditd_printk_skb: 123 callbacks suppressed
[  270.695627][   T40] audit: type=1326 audit(1755706309.466:2334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.0.1559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  270.707688][   T40] audit: type=1326 audit(1755706309.466:2335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.0.1559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  270.717134][   T40] audit: type=1326 audit(1755706309.466:2336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.0.1559" exe="/syz-executor" sig=0 arch=40000003 syscall=451 compat=1 ip=0xf709e579 code=0x7ffc0000
[  270.727282][   T40] audit: type=1326 audit(1755706309.466:2337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.0.1559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  270.738590][   T40] audit: type=1326 audit(1755706309.466:2338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11479 comm="syz.0.1559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  271.207175][ T5986] Bluetooth: hci4: command 0x0405 tx timeout
[  271.950448][T11502] fuse: Bad value for 'user_id'
[  271.952149][T11502] fuse: Bad value for 'user_id'
[  272.096335][T11511] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  272.099161][T11511] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  272.102821][T11511] vhci_hcd vhci_hcd.0: Device attached
[  272.108592][T11512] vhci_hcd: connection closed
[  272.108738][   T80] vhci_hcd: stop threads
[  272.112080][   T80] vhci_hcd: release socket
[  272.113924][   T80] vhci_hcd: disconnect device
[  272.205714][   T40] audit: type=1326 audit(1755706310.976:2339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11514 comm="syz.0.1568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  272.212055][   T40] audit: type=1326 audit(1755706310.976:2340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11514 comm="syz.0.1568" exe="/syz-executor" sig=0 arch=40000003 syscall=451 compat=1 ip=0xf709e579 code=0x7ffc0000
[  272.218495][   T40] audit: type=1326 audit(1755706310.976:2341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11514 comm="syz.0.1568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  272.224743][   T40] audit: type=1326 audit(1755706310.976:2342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11514 comm="syz.0.1568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  272.229669][T11517] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  272.507394][ T6099] usb 8-1: new high-speed USB device number 37 using dummy_hcd
[  272.657135][ T6099] usb 8-1: Using ep0 maxpacket: 16
[  272.660270][ T6099] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  272.665560][ T6099] usb 8-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  272.668804][ T6099] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.671290][ T6099] usb 8-1: Product: syz
[  272.672594][ T6099] usb 8-1: Manufacturer: syz
[  272.674053][ T6099] usb 8-1: SerialNumber: syz
[  272.676465][ T6099] usb 8-1: config 0 descriptor??
[  272.679106][ T6099] hub 8-1:0.0: bad descriptor, ignoring hub
[  272.681145][ T6099] hub 8-1:0.0: probe with driver hub failed with error -5
[  272.685466][ T6099] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  272.828923][T11533] __nla_validate_parse: 2 callbacks suppressed
[  272.828936][T11533] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1573'.
[  272.856892][T11535] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1574'.
[  273.134200][ T6049] usb 8-1: USB disconnect, device number 37
[  273.269613][T11546] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1577'.
[  274.000576][T11560] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1582'.
[  274.652525][T11569] binder: 11568:11569 ioctl 5330 0 returned -22
[  274.660248][T11569] binder: 11568:11569 ioctl 127c 80000200 returned -22
[  274.891253][T11581] lo speed is unknown, defaulting to 1000
[  274.895695][T11581] lo speed is unknown, defaulting to 1000
[  274.900083][T11581] lo speed is unknown, defaulting to 1000
[  275.051803][T11581] infiniband s
z1: set down
[  275.053300][T11581] infiniband s
z1: added lo
[  275.057193][ T6042] lo speed is unknown, defaulting to 1000
[  275.084368][T11581] RDS/IB: s
z1: added
[  275.085697][T11581] smc: adding ib device s
z1 with port count 1
[  275.087744][T11581] smc:    ib device s
z1 port 1 has pnetid 
[  275.089865][T11581] lo speed is unknown, defaulting to 1000
[  275.122276][T11581] lo speed is unknown, defaulting to 1000
[  275.147963][T11579] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  275.149966][T11579] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  275.151913][T11579] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  275.154490][T11579] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  275.156379][T11581] lo speed is unknown, defaulting to 1000
[  275.164299][ T6042] lo speed is unknown, defaulting to 1000
[  275.191248][T11581] lo speed is unknown, defaulting to 1000
[  275.243235][T11590] libceph: resolve '
[  275.243235][T11590] -&���f�Y�ǝ�a���2i�
[  275.243235][T11590] .���?��&�*��&' (ret=-3): failed
[  275.279498][T11579] block device autoloading is deprecated and will be removed.
[  275.282908][T11579] syz.3.1584: attempt to access beyond end of device
[  275.282908][T11579] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  276.128525][T11605] overlayfs: failed to clone upperpath
[  276.316827][T11612] block device autoloading is deprecated and will be removed.
[  277.074262][T11636] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1600'.
[  277.207116][ T5986] Bluetooth: hci2: command 0x0406 tx timeout
[  277.209162][ T5986] Bluetooth: hci1: command 0x0406 tx timeout
[  277.211103][ T5986] Bluetooth: hci0: command 0x0406 tx timeout
[  277.213052][ T5987] Bluetooth: hci4: command 0x0405 tx timeout
[  279.456168][T11692] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1614'.
[  279.927705][ T1334] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  280.077098][ T1334] usb 5-1: Using ep0 maxpacket: 16
[  280.080838][ T1334] usb 5-1: config 0 has no interfaces?
[  280.084936][ T1334] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  280.089830][ T1334] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.093267][ T1334] usb 5-1: Product: syz
[  280.095195][ T1334] usb 5-1: Manufacturer: syz
[  280.097427][ T1334] usb 5-1: SerialNumber: syz
[  280.100520][ T1334] usb 5-1: config 0 descriptor??
[  280.322068][ T6099] usb 5-1: USB disconnect, device number 25
[  280.446269][T11715] bridge_slave_0: left allmulticast mode
[  280.448666][T11715] bridge_slave_0: left promiscuous mode
[  280.450619][T11715] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.455371][T11715] bridge_slave_1: left allmulticast mode
[  280.457921][T11715] bridge_slave_1: left promiscuous mode
[  280.459917][T11715] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.466170][T11715] bond0: (slave bond_slave_0): Releasing backup interface
[  280.472978][T11715] bond0: (slave bond_slave_1): Releasing backup interface
[  280.482496][T11715] team0: Port device team_slave_0 removed
[  280.487318][T11715] team0: Port device team_slave_1 removed
[  280.489805][T11715] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.492735][T11715] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.496255][T11715] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  280.498715][T11715] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.508778][T11715] bond0: (slave wlan1): Releasing backup interface
[  280.521877][ T1186] tipc: Resetting bearer <eth:team0>
[  280.530626][T11718] team0: Mode changed to "loadbalance"
[  280.591853][T11715] validate_nla: 39 callbacks suppressed
[  280.591868][T11715] netlink: 'syz.4.1620': attribute type 10 has an invalid length.
[  280.597832][T11715] 8021q: adding VLAN 0 to HW filter on device bond0
[  280.600458][T11715] team0: Port device bond0 added
[  280.632233][T11714] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1620'.
[  280.635135][T11714] tipc: Resetting bearer <eth:team0>
[  280.641319][T11714] tipc: Disabling bearer <eth:team0>
[  280.644640][T11714] team0 (unregistering): Port device bond0 removed
[  281.627080][ T6042] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  281.647405][T11756] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  281.787057][ T6042] usb 9-1: Using ep0 maxpacket: 16
[  281.789788][ T6042] usb 9-1: config 0 has no interfaces?
[  281.792884][ T6042] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  281.795700][ T6042] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.798433][ T6042] usb 9-1: Product: syz
[  281.799753][ T6042] usb 9-1: Manufacturer: syz
[  281.801213][ T6042] usb 9-1: SerialNumber: syz
[  281.803280][ T6042] usb 9-1: config 0 descriptor??
[  282.011557][ T1021] usb 9-1: USB disconnect, device number 11
[  282.628255][T11773] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1641'.
[  282.635069][T11773] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  282.638524][T11773] bond_slave_0: left promiscuous mode
[  282.644162][T11773] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  282.648217][T11773] bond_slave_1: left promiscuous mode
[  282.652464][T11773] bond0 (unregistering): Released all slaves
[  283.065323][T11786] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1645'.
[  283.296457][T11799] usb usb8: usbfs: process 11799 (syz.4.1647) did not claim interface 0 before use
[  283.456277][T11794] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  283.616308][T11806] lo speed is unknown, defaulting to 1000
[  284.136741][T11820] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1655'.
[  284.275122][T11831] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1658'.
[  284.345425][T11825] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  284.347948][T11825] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  284.350561][T11825] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  284.353239][T11825] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  284.355589][T11825] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  284.399800][ T5987] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  285.134881][T11857] futex_wake_op: syz.3.1666 tries to shift op by 32; fix this program
[  285.216316][   T40] audit: type=1326 audit(1755706323.986:2343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11860 comm="syz.3.1668" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  285.224818][   T40] audit: type=1326 audit(1755706323.986:2344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11860 comm="syz.3.1668" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000
[  285.231793][   T40] audit: type=1326 audit(1755706323.996:2345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11860 comm="syz.3.1668" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  285.238659][   T40] audit: type=1326 audit(1755706323.996:2346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11860 comm="syz.3.1668" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  285.245686][   T40] audit: type=1326 audit(1755706323.996:2347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11860 comm="syz.3.1668" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  285.254663][   T40] audit: type=1326 audit(1755706323.996:2348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11860 comm="syz.3.1668" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  285.262965][   T40] audit: type=1326 audit(1755706323.996:2349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11860 comm="syz.3.1668" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  285.269880][   T40] audit: type=1326 audit(1755706323.996:2350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11860 comm="syz.3.1668" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  285.276596][   T40] audit: type=1326 audit(1755706323.996:2351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11860 comm="syz.3.1668" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  285.284122][   T40] audit: type=1326 audit(1755706323.996:2352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11860 comm="syz.3.1668" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f74598 code=0x7ffc0000
[  285.367877][T11866] [U] R5�JCҰ~V6��|�7����KXVZZ�G�R��   $�
[  285.489782][T11880] vxcan3: entered promiscuous mode
[  285.491463][T11880] vxcan3: entered allmulticast mode
[  285.923536][T11884] netlink: 'syz.3.1678': attribute type 1 has an invalid length.
[  285.926146][T11884] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1678'.
[  286.407900][ T5987] Bluetooth: hci4: command 0x0405 tx timeout
[  286.411263][ T5987] Bluetooth: hci2: command 0x0406 tx timeout
[  286.413998][ T5987] Bluetooth: hci1: command 0x0406 tx timeout
[  286.416788][ T5987] Bluetooth: hci0: command 0x0406 tx timeout
[  287.527758][T11947] syzkaller1: entered promiscuous mode
[  287.530001][T11947] syzkaller1: entered allmulticast mode
[  287.804529][T11974] bridge_slave_0: left promiscuous mode
[  287.807069][T11974] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.835324][T11974] bridge_slave_1: left allmulticast mode
[  287.839195][T11974] bridge_slave_1: left promiscuous mode
[  287.842901][T11974] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.868602][T11974] team0: Port device team_slave_0 removed
[  287.874023][T11974] team0: Port device team_slave_1 removed
[  287.876341][T11974] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  287.879166][T11974] batman_adv: batadv0: Removing interface: batadv_slave_0
[  287.882090][T11974] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  287.884488][T11974] batman_adv: batadv0: Removing interface: batadv_slave_1
[  288.247986][T11989] i2c i2c-1: Invalid block write size 34
[  288.477100][ T5987] Bluetooth: hci4: command 0x0405 tx timeout
[  288.787983][T12001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1699'.
[  289.383793][T11997] Process accounting resumed
[  289.607304][ T6042] usb 8-1: new high-speed USB device number 38 using dummy_hcd
[  289.697147][   T29] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  289.757097][ T6042] usb 8-1: Using ep0 maxpacket: 8
[  289.760171][ T6042] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  289.762926][ T6042] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  289.768560][ T6042] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  289.773198][ T6042] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  289.778148][ T6042] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  289.782838][ T6042] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  289.787860][ T6042] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  289.793285][ T6042] usb 8-1: config 168 interface 0 has no altsetting 0
[  289.797058][ T6042] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  289.799819][ T6042] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  289.803759][ T6042] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  289.808288][ T6042] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  289.812930][ T6042] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  289.817333][ T6042] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  289.821401][ T6042] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  289.825957][ T6042] usb 8-1: config 168 interface 0 has no altsetting 0
[  289.830513][ T6042] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  289.833275][ T6042] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  289.838307][ T6042] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  289.843014][ T6042] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  289.847809][   T29] usb 9-1: Using ep0 maxpacket: 16
[  289.849991][ T6042] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  289.854625][ T6042] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  289.859447][ T6042] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  289.865077][ T6042] usb 8-1: config 168 interface 0 has no altsetting 0
[  289.870408][   T29] usb 9-1: config 0 has no interfaces?
[  289.875357][   T29] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  289.879457][ T6042] usb 8-1: string descriptor 0 read error: -22
[  289.882188][ T6042] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  289.885776][   T29] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.889134][ T6042] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.892441][   T29] usb 9-1: Product: syz
[  289.894199][   T29] usb 9-1: Manufacturer: syz
[  289.896634][   T29] usb 9-1: SerialNumber: syz
[  289.901796][ T6042] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  289.905945][   T29] usb 9-1: config 0 descriptor??
[  290.104107][ T1142] Bluetooth: hci3: Frame reassembly failed (-84)
[  290.114966][ T6099] usb 9-1: USB disconnect, device number 12
[  290.701166][   T40] kauditd_printk_skb: 360 callbacks suppressed
[  290.701176][   T40] audit: type=1326 audit(1755706329.476:2713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.0.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  290.714687][   T40] audit: type=1326 audit(1755706329.486:2714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.0.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  290.726982][   T40] audit: type=1326 audit(1755706329.486:2715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.0.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  290.734340][   T40] audit: type=1326 audit(1755706329.486:2716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.0.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  290.744281][   T40] audit: type=1326 audit(1755706329.486:2717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.0.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  290.752887][   T40] audit: type=1326 audit(1755706329.486:2718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.0.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  290.761847][   T40] audit: type=1326 audit(1755706329.486:2719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.0.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  290.771263][   T40] audit: type=1326 audit(1755706329.486:2720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.0.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000
[  290.780508][   T40] audit: type=1326 audit(1755706329.486:2721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.0.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  290.789594][   T40] audit: type=1326 audit(1755706329.486:2722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12030 comm="syz.0.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf709e598 code=0x7ffc0000
[  290.825685][T12035] netlink: 'syz.0.1711': attribute type 4 has an invalid length.
[  290.829060][T12035] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1711'.
[  290.889378][T12036] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1710'.
[  291.364340][T12049] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1716'.
[  291.369232][T12049] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1716'.
[  291.518106][T12057] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1720'.
[  291.577418][T12063] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1722'.
[  291.666122][T12058] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  292.157083][ T5986] Bluetooth: hci3: command 0x1003 tx timeout
[  292.159607][ T5987] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  292.163516][ T6099] usb 8-1: USB disconnect, device number 38
[  292.436152][T12083] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1726'.
[  292.675751][T12088] futex_wake_op: syz.0.1727 tries to shift op by 32; fix this program
[  293.373746][T12106] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1732'.
[  293.378281][T12106] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1732'.
[  293.823200][   T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.829816][   T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.970177][T12120] block device autoloading is deprecated and will be removed.
[  294.277621][ T6099] usb 5-1: new low-speed USB device number 26 using dummy_hcd
[  294.428924][ T6099] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  294.432342][ T6099] usb 5-1: config 0 has no interface number 0
[  294.434884][ T6099] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  294.440198][ T6099] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  294.444697][ T6099] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  294.450328][ T6099] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  294.454828][ T6099] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  294.459791][ T6099] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  294.465200][ T6099] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  294.469902][ T6099] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.474244][ T6099] usb 5-1: config 0 descriptor??
[  294.477039][T12124] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  294.480234][T12124] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  294.488294][ T6099] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  294.593654][T12129] netlink: 211608 bytes leftover after parsing attributes in process `syz.4.1741'.
[  294.753301][T12140] ldusb 5-1:0.55: Write buffer overflow, 7 bytes dropped
[  294.763948][   T10] usb 5-1: USB disconnect, device number 26
[  294.769465][   T10] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  294.839997][T12141] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  295.060453][T12143] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1745'.
[  295.258346][T12149] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1747'.
[  295.455938][T12162] capability: warning: `syz.2.1751' uses deprecated v2 capabilities in a way that may be insecure
[  295.997891][T12168] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  296.001281][T12168] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.083515][T12168] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  296.098339][T12168] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.195032][T12168] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  296.198463][T12168] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.201627][T12178] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  296.231245][T12168] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  296.234552][T12168] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.327987][T10083] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  296.330652][T10083] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  296.337795][T10083] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  296.340866][T10083] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  296.345395][T10083] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  296.349093][T10083] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  296.351930][T10083] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  296.354682][T10083] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  296.478462][T12191] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1757'.
[  296.555934][T12197] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1758'.
[  296.560724][T12194] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1758'.
[  296.565912][T12197] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1758'.
[  296.689765][T12195] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  296.689862][T12195] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  296.690031][T12195] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  297.131360][T12201] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  297.673794][T12209] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  297.685971][T12210] syzkaller0: entered promiscuous mode
[  297.688927][T12210] syzkaller0: entered allmulticast mode
[  297.692953][T12209] tipc: Resetting bearer <eth:syzkaller0>
[  297.704451][T12208] tipc: Resetting bearer <eth:syzkaller0>
[  297.761335][T12208] tipc: Disabling bearer <eth:syzkaller0>
[  297.924370][T12215] loop6: detected capacity change from 0 to 524287999
[  298.371383][T12220] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  298.637422][ T5987] Bluetooth: hci1: command 0x0406 tx timeout
[  298.717380][ T5986] Bluetooth: hci4: command 0x0405 tx timeout
[  298.719546][ T5987] Bluetooth: hci2: command 0x0406 tx timeout
[  299.917859][T12237] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1771'.
[  299.965023][T12232] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  300.278101][T12245] netlink: 'syz.4.1772': attribute type 13 has an invalid length.
[  300.281669][T12245] netlink: 'syz.4.1772': attribute type 17 has an invalid length.
[  300.299070][T12245] gretap0: left allmulticast mode
[  300.319502][T12245] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.322785][T12245] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  300.638755][   T54] usb 9-1: new full-speed USB device number 13 using dummy_hcd
[  300.802106][   T54] usb 9-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  300.805140][   T54] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.808131][   T54] usb 9-1: Product: syz
[  300.809583][   T54] usb 9-1: Manufacturer: syz
[  300.811353][   T54] usb 9-1: SerialNumber: syz
[  300.814418][   T54] usb 9-1: config 0 descriptor??
[  300.818421][   T54] visor 9-1:0.0: Sony Clie 3.5 converter detected
[  301.024826][   T54] usb 9-1: clie_3_5_startup: get config number failed: -32
[  301.028131][   T54] visor 9-1:0.0: probe with driver visor failed with error -32
[  301.110224][T12257] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  301.112872][T12257] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  301.116212][T12257] vhci_hcd vhci_hcd.0: Device attached
[  301.387151][ T6042] usb 38-1: SetAddress Request (2) to port 0
[  301.389679][ T6042] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[  301.768473][T12258] vhci_hcd: connection reset by peer
[  301.770784][ T1142] vhci_hcd: stop threads
[  301.772462][ T1142] vhci_hcd: release socket
[  301.774058][ T1142] vhci_hcd: disconnect device
[  302.037171][   T10] usb 8-1: new high-speed USB device number 39 using dummy_hcd
[  302.207019][   T10] usb 8-1: Using ep0 maxpacket: 16
[  302.210580][   T10] usb 8-1: config 0 has no interfaces?
[  302.214614][   T10] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  302.217832][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.220448][   T10] usb 8-1: Product: syz
[  302.222152][   T10] usb 8-1: Manufacturer: syz
[  302.223748][   T10] usb 8-1: SerialNumber: syz
[  302.228008][   T10] usb 8-1: config 0 descriptor??
[  302.353312][T12272] netlink: zone id is out of range
[  302.355787][T12272] netlink: zone id is out of range
[  302.358461][T12272] netlink: zone id is out of range
[  302.360312][T12272] netlink: del zone limit has 4 unknown bytes
[  302.376435][ T5986] Bluetooth: hci1: unexpected event for opcode 0x2024
[  302.463554][   T29] usb 8-1: USB disconnect, device number 39
[  302.717372][T12285] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1785'.
[  303.404597][   T10] usb 9-1: USB disconnect, device number 13
[  303.531691][ T5986] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  304.148098][   T10] usb 9-1: new full-speed USB device number 14 using dummy_hcd
[  304.252513][ T5986] Bluetooth: hci2: unexpected event for opcode 0x1004
[  304.307069][   T10] usb 9-1: device descriptor read/64, error -71
[  304.547045][   T10] usb 9-1: new full-speed USB device number 15 using dummy_hcd
[  304.687143][   T10] usb 9-1: device descriptor read/64, error -71
[  304.797511][   T10] usb usb9-port1: attempt power cycle
[  304.987300][T12332] Set syz1 is full, maxelem 65536 reached
[  305.147052][   T10] usb 9-1: new full-speed USB device number 16 using dummy_hcd
[  305.178538][   T10] usb 9-1: device descriptor read/8, error -71
[  305.237764][   T54] usb 8-1: new high-speed USB device number 40 using dummy_hcd
[  305.244570][T12336] netlink: 'syz.0.1799': attribute type 1 has an invalid length.
[  305.258067][T12336] 8021q: adding VLAN 0 to HW filter on device bond0
[  305.266926][T12336] vlan2: entered allmulticast mode
[  305.269603][T12336] macvtap0: entered allmulticast mode
[  305.272146][T12336] veth0_macvtap: entered allmulticast mode
[  305.278777][T12336] bond0: (slave vlan2): making interface the new active one
[  305.284212][T12336] bond0: (slave vlan2): Enslaving as an active interface with an up link
[  305.294240][T12336] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1799'.
[  305.387233][   T54] usb 8-1: Using ep0 maxpacket: 16
[  305.390062][   T54] usb 8-1: config 0 has no interfaces?
[  305.393367][   T54] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  305.396268][   T54] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.399162][   T54] usb 8-1: Product: syz
[  305.400591][   T54] usb 8-1: Manufacturer: syz
[  305.402157][   T54] usb 8-1: SerialNumber: syz
[  305.405606][   T54] usb 8-1: config 0 descriptor??
[  305.417053][   T10] usb 9-1: new full-speed USB device number 17 using dummy_hcd
[  305.447445][   T10] usb 9-1: device descriptor read/8, error -71
[  305.535333][T12344] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  305.557150][   T10] usb usb9-port1: unable to enumerate USB device
[  305.618504][   T54] usb 8-1: USB disconnect, device number 40
[  306.321014][T12361] xt_time: unknown flags 0xf4
[  306.477177][ T6042] usb 38-1: device descriptor read/8, error -110
[  306.879066][ T6042] usb usb38-port1: attempt power cycle
[  306.901836][T12349] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  306.904716][T12349] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  306.907599][T12349] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  306.931672][T12374] warning: `syz.0.1813' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  306.954931][T12376] cgroup: Unknown subsys name 'cpuset'
[  307.019181][   T54] IPVS: starting estimator thread 0...
[  307.025745][   T10] libceph: connect (1)[c::]:6789 error -101
[  307.029159][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  307.066648][T12383] FAULT_INJECTION: forcing a failure.
[  307.066648][T12383] name failslab, interval 1, probability 0, space 0, times 0
[  307.071042][T12383] CPU: 2 UID: 0 PID: 12383 Comm: syz.4.1815 Not tainted syzkaller #0 PREEMPT(full) 
[  307.071057][T12383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  307.071064][T12383] Call Trace:
[  307.071067][T12383]  <TASK>
[  307.071071][T12383]  dump_stack_lvl+0x16c/0x1f0
[  307.071088][T12383]  should_fail_ex+0x512/0x640
[  307.071103][T12383]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  307.071119][T12383]  should_failslab+0xc2/0x120
[  307.071132][T12383]  __kmalloc_noprof+0xd2/0x510
[  307.071145][T12383]  tomoyo_realpath_from_path+0xc2/0x6e0
[  307.071160][T12383]  ? tomoyo_profile+0x47/0x60
[  307.071169][T12383]  tomoyo_path_number_perm+0x245/0x580
[  307.071181][T12383]  ? tomoyo_path_number_perm+0x237/0x580
[  307.071193][T12383]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  307.071207][T12383]  ? preempt_count_add+0x76/0x150
[  307.071225][T12383]  ? rcu_is_watching+0x12/0xc0
[  307.071236][T12383]  ? __fget_files+0x204/0x3c0
[  307.071246][T12383]  ? hook_file_ioctl_common+0x145/0x410
[  307.071259][T12383]  ? lock_release+0x201/0x2f0
[  307.071273][T12383]  ? __fget_files+0x20e/0x3c0
[  307.071284][T12383]  security_file_ioctl_compat+0x9b/0x240
[  307.071298][T12383]  __ia32_compat_sys_ioctl+0xc3/0x370
[  307.071315][T12383]  __do_fast_syscall_32+0x7c/0x3a0
[  307.071329][T12383]  do_fast_syscall_32+0x32/0x80
[  307.071342][T12383]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  307.071355][T12383] RIP: 0023:0xf7f77579
[  307.071363][T12383] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  307.071373][T12383] RSP: 002b:00000000f549655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  307.071383][T12383] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000008b07
[  307.071390][T12383] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000
[  307.071396][T12383] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  307.071402][T12383] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  307.071408][T12383] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  307.071416][T12383]  </TASK>
[  307.071420][T12383] ERROR: Out of memory at tomoyo_realpath_from_path.
[  307.107415][T12379] IPVS: using max 57 ests per chain, 136800 per kthread
[  307.128441][T12386] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1816'.
[  307.136762][T12388] evm: overlay not supported
[  307.160277][   T40] kauditd_printk_skb: 77 callbacks suppressed
[  307.160292][   T40] audit: type=1804 audit(1755706345.936:2800): pid=12388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1817" name="/newroot/408/bus/bus" dev="overlay" ino=2188 res=1 errno=0
[  307.289967][   T10] libceph: connect (1)[c::]:6789 error -101
[  307.297076][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  307.370517][T12409] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1824'.
[  307.447288][ T6042] usb usb38-port1: unable to enumerate USB device
[  307.813240][   T10] libceph: connect (1)[c::]:6789 error -101
[  307.829251][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  307.881994][T12422] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1826'.
[  307.899585][T12378] ceph: No mds server is up or the cluster is laggy
[  308.167081][ T5986] Bluetooth: hci1: command 0x0406 tx timeout
[  308.345791][T12452] tipc: Enabling of bearer <eth:batadv0> rejected, failed to enable media
[  308.389370][T12454] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  308.565226][   T54] IPVS: starting estimator thread 0...
[  308.667257][T12461] IPVS: using max 56 ests per chain, 134400 per kthread
[  308.967130][ T5986] Bluetooth: hci4: command 0x0405 tx timeout
[  308.967949][ T5987] Bluetooth: hci2: command 0x0406 tx timeout
[  309.289441][T12487] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1840'.
[  309.293893][T12487] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1840'.
[  309.460178][T12499] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1839'.
[  309.644052][T12504] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1841'.
[  309.707370][ T6099] usb 8-1: new high-speed USB device number 41 using dummy_hcd
[  309.760117][T12507] libceph: resolve '
[  309.760117][T12507] -&���f�Y�ǝ�a���2i�
[  309.760117][T12507] .���?��&�*��&' (ret=-3): failed
[  309.853294][T12505] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  309.855317][T12505] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  309.858026][T12505] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  309.897438][ T6099] usb 8-1: Using ep0 maxpacket: 16
[  309.902894][ T6099] usb 8-1: config 0 has no interfaces?
[  309.906818][ T6099] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  309.911265][ T6099] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.914847][ T6099] usb 8-1: Product: syz
[  309.916203][ T6099] usb 8-1: Manufacturer: syz
[  309.918174][ T6099] usb 8-1: SerialNumber: syz
[  309.920447][ T6099] usb 8-1: config 0 descriptor??
[  310.139973][   T54] usb 8-1: USB disconnect, device number 41
[  310.405244][T12515] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  310.409967][T12515] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.471801][T12515] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  310.476197][T12515] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.558495][T12515] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  310.561938][T12515] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.651992][T12515] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  310.657597][T12515] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.672350][T12518] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1847'.
[  310.706074][ T1186] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  310.709550][ T1186] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.723025][ T1186] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  310.725845][ T1186] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.728603][ T1186] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  310.731311][ T1186] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.733976][ T1186] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  310.740117][ T1186] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  310.795618][T12523] sp0: Synchronizing with TNC
[  311.171965][T12530] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  311.176607][ T5987] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  311.179174][ T5987] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  311.181647][ T5987] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  311.184339][ T5987] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  311.186885][ T5987] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  311.200141][T12531] lo speed is unknown, defaulting to 1000
[  311.233018][T12530] netlink: 'syz.0.1850': attribute type 1 has an invalid length.
[  311.235509][T12530] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1850'.
[  311.244193][T12530] tipc: Resetting bearer <eth:syzkaller0>
[  311.282347][T12530] tipc: Disabling bearer <eth:syzkaller0>
[  311.340312][T12531] chnl_net:caif_netlink_parms(): no params data found
[  311.442474][T12542] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1851'.
[  311.450403][T12531] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.455041][T12531] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.459136][T12531] bridge_slave_0: entered allmulticast mode
[  311.461475][T12531] bridge_slave_0: entered promiscuous mode
[  311.464080][T12531] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.466417][T12531] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.468955][T12531] bridge_slave_1: entered allmulticast mode
[  311.471243][T12531] bridge_slave_1: entered promiscuous mode
[  311.492999][T12531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.501045][T12531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  311.531647][T12531] team0: Port device team_slave_0 added
[  311.535290][T12531] team0: Port device team_slave_1 added
[  311.555809][T12531] batman_adv: batadv0: Adding interface: batadv_slave_0
[  311.559653][T12531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.568348][T12531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  311.572404][T12531] batman_adv: batadv0: Adding interface: batadv_slave_1
[  311.574587][T12531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.583042][T12531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  311.606238][T12531] hsr_slave_0: entered promiscuous mode
[  311.610399][T12531] hsr_slave_1: entered promiscuous mode
[  311.612942][T12531] debugfs: 'hsr0' already exists in 'hsr'
[  311.615273][T12531] Cannot create hsr debugfs directory
[  311.644322][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  311.648900][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.720335][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  311.728071][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.770265][ T5987] Bluetooth: hci1: command 0x0406 tx timeout
[  311.791770][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  311.795629][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.851566][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  311.855400][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.917030][ T5987] Bluetooth: hci4: command 0x0405 tx timeout
[  311.959447][   T12] bridge_slave_1: left allmulticast mode
[  311.961573][   T12] bridge_slave_1: left promiscuous mode
[  311.963850][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.968760][   T12] bridge_slave_0: left allmulticast mode
[  311.970585][   T12] bridge_slave_0: left promiscuous mode
[  311.972466][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.161048][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  312.164692][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  312.168780][   T12] bond0 (unregistering): Released all slaves
[  312.223231][   T12] tipc: Disabling bearer <eth:team0>
[  312.225222][   T12] tipc: Left network mode
[  312.664687][   T12] hsr_slave_0: left promiscuous mode
[  312.667724][   T12] hsr_slave_1: left promiscuous mode
[  312.671923][   T12] veth1_macvtap: left promiscuous mode
[  312.674161][   T12] veth0_macvtap: left promiscuous mode
[  312.676380][   T12] veth1_vlan: left promiscuous mode
[  312.678670][   T12] veth0_vlan: left promiscuous mode
[  312.753374][   T12] team0 (unregistering): Port device team_slave_1 removed
[  312.759765][   T12] team0 (unregistering): Port device team_slave_0 removed
[  313.010267][T12531] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  313.013753][T12531] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  313.017362][T12531] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  313.020623][T12531] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  313.032294][   T12] IPVS: stop unused estimator thread 0...
[  313.044239][T12531] 8021q: adding VLAN 0 to HW filter on device bond0
[  313.051162][T12531] 8021q: adding VLAN 0 to HW filter on device team0
[  313.055122][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.057665][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  313.062728][ T1186] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.065166][ T1186] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.175754][T12531] 8021q: adding VLAN 0 to HW filter on device batadv0
[  313.190603][T12531] veth0_vlan: entered promiscuous mode
[  313.194551][T12531] veth1_vlan: entered promiscuous mode
[  313.197806][ T5987] Bluetooth: hci3: command tx timeout
[  313.208623][T12531] veth0_macvtap: entered promiscuous mode
[  313.212179][T12531] veth1_macvtap: entered promiscuous mode
[  313.220382][T12531] batman_adv: batadv0: Interface activated: batadv_slave_0
[  313.227087][T12531] batman_adv: batadv0: Interface activated: batadv_slave_1
[  313.233594][ T1186] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  313.244301][ T1186] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  313.248822][ T1186] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.256119][ T1186] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  313.270759][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.273658][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.284669][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.288353][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.542305][T12620] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1860'.
[  313.546572][T12620] netlink: 'syz.2.1860': attribute type 1 has an invalid length.
[  313.642966][T12622] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1862'.
[  314.007046][   T10] usb 8-1: new low-speed USB device number 42 using dummy_hcd
[  314.133630][T12632] random: crng reseeded on system resumption
[  314.171615][   T10] usb 8-1: config 0 has no interfaces?
[  314.173492][   T10] usb 8-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00
[  314.177243][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.183903][   T10] usb 8-1: config 0 descriptor??
[  314.240564][T12635] bond0: (slave caif0): Error: Device type is different from other slaves
[  314.454520][T12623] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1861'.
[  314.606540][T12641] libceph: resolve '
[  314.606540][T12641] -&���f�Y�ǝ�a���2i�
[  314.606540][T12641] .���?��&�*��&' (ret=-3): failed
[  315.287039][ T5986] Bluetooth: hci3: command tx timeout
[  315.708605][T12662] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1871'.
[  316.070138][T12664] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  316.499654][   T53] usb 8-1: USB disconnect, device number 42
[  316.639741][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  316.641859][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  316.786455][T12669] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  317.367194][ T5986] Bluetooth: hci3: command 0x040f tx timeout
[  317.379136][T12687] mkiss: ax0: crc mode is auto.
[  317.466582][T12690] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1880'.
[  317.678687][T12699] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1882'.
[  318.005556][T12706] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  318.364698][T12694] trusted_key: syz.0.1881 sent an empty control message without MSG_MORE.
[  318.500825][T12717] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1886'.
[  318.506859][   T40] audit: type=1326 audit(1755706357.276:2801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12716 comm="syz.4.1886" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  318.513680][   T40] audit: type=1326 audit(1755706357.286:2802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12716 comm="syz.4.1886" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  318.520527][   T40] audit: type=1326 audit(1755706357.286:2803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12716 comm="syz.4.1886" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  318.527778][   T40] audit: type=1326 audit(1755706357.286:2804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12716 comm="syz.4.1886" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  318.537861][   T40] audit: type=1326 audit(1755706357.286:2805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12716 comm="syz.4.1886" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  318.545655][   T40] audit: type=1326 audit(1755706357.286:2806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12716 comm="syz.4.1886" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  318.552174][T12717] kvm: kvm [12716]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0xffffffff00000005
[  318.555624][   T40] audit: type=1326 audit(1755706357.286:2807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12716 comm="syz.4.1886" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  318.568444][   T40] audit: type=1326 audit(1755706357.286:2808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12716 comm="syz.4.1886" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  318.575948][   T40] audit: type=1326 audit(1755706357.286:2809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12716 comm="syz.4.1886" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  318.583881][   T40] audit: type=1326 audit(1755706357.286:2810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12716 comm="syz.4.1886" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f77579 code=0x7ffc0000
[  318.745944][T12729] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  318.814185][T12726] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  318.822210][T12726] kvm: pic: non byte read
[  318.824934][T12726] kvm: pic: non byte read
[  319.149732][T12738] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1891'.
[  319.158099][T12738] vlan3: entered promiscuous mode
[  319.160367][T12738] vlan3: entered allmulticast mode
[  319.162604][T12738] hsr_slave_1: entered allmulticast mode
[  319.447071][ T5987] Bluetooth: hci3: command 0x040f tx timeout
[  319.924932][T12750] FAULT_INJECTION: forcing a failure.
[  319.924932][T12750] name failslab, interval 1, probability 0, space 0, times 0
[  319.930419][T12750] CPU: 1 UID: 0 PID: 12750 Comm: syz.3.1894 Not tainted syzkaller #0 PREEMPT(full) 
[  319.930442][T12750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  319.930453][T12750] Call Trace:
[  319.930458][T12750]  <TASK>
[  319.930465][T12750]  dump_stack_lvl+0x16c/0x1f0
[  319.930490][T12750]  should_fail_ex+0x512/0x640
[  319.930514][T12750]  ? ieee80211_alloc_chanctx+0xa1/0x550
[  319.930541][T12750]  should_failslab+0xc2/0x120
[  319.930563][T12750]  __kmalloc_noprof+0xd2/0x510
[  319.930581][T12750]  ? __pfx_ieee80211_check_combinations+0x10/0x10
[  319.930610][T12750]  ieee80211_alloc_chanctx+0xa1/0x550
[  319.930629][T12750]  ieee80211_new_chanctx+0x84/0x320
[  319.930648][T12750]  _ieee80211_link_use_channel+0xbae/0xe00
[  319.930671][T12750]  ? __pfx__ieee80211_link_use_channel+0x10/0x10
[  319.930691][T12750]  ? kasan_save_track+0x14/0x30
[  319.930709][T12750]  ? __kasan_kmalloc+0xaa/0xb0
[  319.930726][T12750]  ? nl80211_start_ap+0x475/0x4b10
[  319.930744][T12750]  ? genl_rcv_msg+0x55c/0x800
[  319.930772][T12750]  ieee80211_start_ap+0x14fc/0x3860
[  319.930795][T12750]  ? __pfx_ieee80211_start_ap+0x10/0x10
[  319.930817][T12750]  ? cfg80211_reg_check_beaconing+0x208/0xea0
[  319.930838][T12750]  ? cfg80211_find_elem_match+0x1aa/0x1f0
[  319.930862][T12750]  ? validate_beacon_tx_rate+0x28c/0xa50
[  319.930883][T12750]  nl80211_start_ap+0x2c9c/0x4b10
[  319.930903][T12750]  ? __pfx___mutex_lock+0x10/0x10
[  319.930926][T12750]  ? __pfx_nl80211_start_ap+0x10/0x10
[  319.930946][T12750]  ? __nla_parse+0x40/0x60
[  319.930964][T12750]  ? nl80211_pre_doit+0x1b0/0xb10
[  319.930981][T12750]  genl_family_rcv_msg_doit+0x206/0x2f0
[  319.931007][T12750]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  319.931035][T12750]  ? bpf_lsm_capable+0x9/0x10
[  319.931050][T12750]  ? security_capable+0x7e/0x260
[  319.931067][T12750]  ? ns_capable+0xd7/0x110
[  319.931085][T12750]  genl_rcv_msg+0x55c/0x800
[  319.931110][T12750]  ? __pfx_genl_rcv_msg+0x10/0x10
[  319.931134][T12750]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  319.931150][T12750]  ? __pfx_nl80211_start_ap+0x10/0x10
[  319.931166][T12750]  ? __pfx_nl80211_post_doit+0x10/0x10
[  319.931192][T12750]  netlink_rcv_skb+0x155/0x420
[  319.931214][T12750]  ? __pfx_genl_rcv_msg+0x10/0x10
[  319.931238][T12750]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  319.931264][T12750]  ? netlink_deliver_tap+0x1ae/0xd30
[  319.931286][T12750]  genl_rcv+0x28/0x40
[  319.931308][T12750]  netlink_unicast+0x5aa/0x870
[  319.931350][T12750]  ? __pfx_netlink_unicast+0x10/0x10
[  319.931372][T12750]  ? __pfx___might_resched+0x10/0x10
[  319.931393][T12750]  netlink_sendmsg+0x8d1/0xdd0
[  319.931416][T12750]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.931439][T12750]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  319.931458][T12750]  ____sys_sendmsg+0xa95/0xc70
[  319.931485][T12750]  ? __pfx_____sys_sendmsg+0x10/0x10
[  319.931510][T12750]  ? get_compat_msghdr+0x11a/0x170
[  319.931539][T12750]  ? kstrtouint_from_user+0x13c/0x1d0
[  319.931562][T12750]  ___sys_sendmsg+0x134/0x1d0
[  319.931581][T12750]  ? get_pid_task+0xfc/0x250
[  319.931604][T12750]  ? __pfx____sys_sendmsg+0x10/0x10
[  319.931628][T12750]  ? rcu_is_watching+0x12/0xc0
[  319.931653][T12750]  __sys_sendmsg+0x16d/0x220
[  319.931673][T12750]  ? __pfx___sys_sendmsg+0x10/0x10
[  319.931698][T12750]  ? rcu_is_watching+0x12/0xc0
[  319.931716][T12750]  __do_fast_syscall_32+0x7c/0x3a0
[  319.931739][T12750]  do_fast_syscall_32+0x32/0x80
[  319.931760][T12750]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  319.931781][T12750] RIP: 0023:0xf7f74579
[  319.931794][T12750] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  319.931811][T12750] RSP: 002b:00000000f549655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  319.931827][T12750] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000
[  319.931838][T12750] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  319.931848][T12750] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  319.931858][T12750] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  319.931867][T12750] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  319.931882][T12750]  </TASK>
[  320.078760][    C1] vkms_vblank_simulate: vblank timer overrun
[  320.321046][T12762] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  320.323273][T12762] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  320.356906][T12762] vhci_hcd vhci_hcd.0: Device attached
[  320.496358][T12769] input: syz1 as /devices/virtual/input/input7
[  320.597173][ T6042] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[  320.780358][T12771] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  321.321067][T12763] vhci_hcd: connection reset by peer
[  321.323522][   T46] vhci_hcd: stop threads
[  321.324891][   T46] vhci_hcd: release socket
[  321.326548][   T46] vhci_hcd: disconnect device
[  321.372416][T12784] tipc: Started in network mode
[  321.373940][T12784] tipc: Node identity 0a3d9a1872ca, cluster identity 4711
[  321.376017][T12784] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  321.380084][T12786] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  321.393983][T12786] syzkaller0: entered promiscuous mode
[  321.396363][T12786] syzkaller0: entered allmulticast mode
[  321.400552][T12784] syzkaller0: entered promiscuous mode
[  321.402888][T12784] syzkaller0: entered allmulticast mode
[  321.522175][T12783] tipc: Resetting bearer <eth:syzkaller0>
[  321.526026][T12783] tipc: Disabling bearer <eth:syzkaller0>
[  321.527356][ T5987] Bluetooth: hci3: command 0x040f tx timeout
[  321.533705][T12789] tipc: Resetting bearer <eth:syzkaller0>
[  321.707070][   T53] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  321.857534][   T53] usb 9-1: Using ep0 maxpacket: 16
[  321.948153][   T53] usb 9-1: config 0 has no interfaces?
[  321.967276][   T53] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  321.970144][   T53] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.972819][   T53] usb 9-1: Product: syz
[  321.974203][   T53] usb 9-1: Manufacturer: syz
[  321.975671][   T53] usb 9-1: SerialNumber: syz
[  321.997355][   T53] usb 9-1: config 0 descriptor??
[  322.019534][T12796] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1905'.
[  322.206371][T12785] tipc: Resetting bearer <eth:syzkaller0>
[  322.217052][T12785] tipc: Disabling bearer <eth:syzkaller0>
[  322.229188][ T6021] usb 9-1: USB disconnect, device number 18
[  323.229956][ T6049] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  323.230805][T12816] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  323.407233][ T6049] usb 9-1: Using ep0 maxpacket: 32
[  323.416411][ T6049] usb 9-1: config 0 has an invalid interface number: 247 but max is 0
[  323.419355][ T6049] usb 9-1: config 0 has no interface number 0
[  323.433905][ T6049] usb 9-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  323.436837][ T6049] usb 9-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  323.439463][ T6049] usb 9-1: Product: syz
[  323.440882][ T6049] usb 9-1: Manufacturer: syz
[  323.448777][ T6049] usb 9-1: config 0 descriptor??
[  324.072467][T12850] ksmbd: Daemon and kernel module version mismatch. ksmbd: 152, kernel module: 1. User-space ksmbd should terminate.
[  324.093192][   T40] kauditd_printk_skb: 25 callbacks suppressed
[  324.093224][   T40] audit: type=1326 audit(1755706362.866:2836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12842 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  324.123594][   T40] audit: type=1326 audit(1755706362.876:2837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12842 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  324.123618][   T40] audit: type=1326 audit(1755706362.876:2838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12842 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf708e579 code=0x7ffc0000
[  324.123635][   T40] audit: type=1326 audit(1755706362.876:2839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12842 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  324.123650][   T40] audit: type=1326 audit(1755706362.876:2840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12842 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf708e579 code=0x7ffc0000
[  324.123667][   T40] audit: type=1326 audit(1755706362.876:2841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12842 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  324.123684][   T40] audit: type=1326 audit(1755706362.876:2842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12842 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf708e579 code=0x7ffc0000
[  324.123701][   T40] audit: type=1326 audit(1755706362.876:2843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12842 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  324.123717][   T40] audit: type=1326 audit(1755706362.876:2844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12842 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf708e579 code=0x7ffc0000
[  324.123732][   T40] audit: type=1326 audit(1755706362.876:2845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12842 comm="syz.2.1919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000
[  324.274593][T12858] pim6reg: entered allmulticast mode
[  324.280267][T12851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  324.839866][T12842] pim6reg: left allmulticast mode
[  324.901381][T12862] geneve2: entered allmulticast mode
[  325.747068][ T6042] vhci_hcd: vhci_device speed not set
[  325.767074][ T6021] usb 9-1: USB disconnect, device number 19
[  325.783079][T12876] Invalid logical block size (2304)
[  325.852574][T12883] No control pipe specified
[  326.691260][T12891] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  326.693273][T12891] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  326.695370][T12891] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  326.698116][T12891] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  326.702033][T12891] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  326.978158][T12924] input: syz1 as /devices/virtual/input/input8
[  327.750809][T12920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  327.988838][T12933] binder: 12932:12933 ioctl c00c620f 80000740 returned -22
[  328.006600][T12937] IPv6: NLM_F_REPLACE set, but no existing node found!
[  328.097024][ T5987] Bluetooth: hci1: command 0x0406 tx timeout
[  328.697969][T12929] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  328.717010][ T5987] Bluetooth: hci4: command 0x0405 tx timeout
[  328.717052][ T5986] Bluetooth: hci3: command 0x040f tx timeout
[  329.235243][T12962] netlink: 'syz.4.1952': attribute type 1 has an invalid length.
[  329.247129][T12962] 8021q: adding VLAN 0 to HW filter on device bond1
[  329.276900][T12962] bond1: (slave veth3): Enslaving as an active interface with a down link
[  329.284549][T12962] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1952'.
[  329.290343][T12962] bond1: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  329.296452][T12962] vlan2: entered allmulticast mode
[  329.298451][T12962] veth0_to_bond: entered allmulticast mode
[  329.330573][T12969] binder: 12967:12969 ioctl c0306201 800004c0 returned -22
[  329.410902][   T12] Bluetooth: hci2: Frame reassembly failed (-84)
[  329.765570][T12973] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  330.057204][ T6049] usb 7-1: new low-speed USB device number 2 using dummy_hcd
[  330.258137][ T6049] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  330.260820][ T6049] usb 7-1: config 0 has no interface number 0
[  330.263176][ T6049] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  330.266812][ T6049] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  330.270471][ T6049] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  330.275161][ T6049] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  330.279900][ T6049] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  330.284858][ T6049] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  330.290379][ T6049] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  330.294047][ T6049] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.298282][ T6049] usb 7-1: config 0 descriptor??
[  330.300323][T12977] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  330.302752][T12977] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  330.306841][ T6049] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  330.514291][   T53] usb 7-1: USB disconnect, device number 2
[  330.516354][    C1] ldusb 7-1:0.55: usb_submit_urb failed (-19)
[  330.519458][   T53] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[  330.544236][T12988] libceph: resolve '
[  330.544236][T12988] -&���f�Y�ǝ�a���2i�
[  330.544236][T12988] .���?��&�*��&' (ret=-3): failed
[  330.618354][T12986] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  330.620485][T12986] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  330.622553][T12986] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  331.437060][   T63] Bluetooth: hci2: command 0x1003 tx timeout
[  331.437100][ T5986] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  332.557040][ T5986] Bluetooth: hci1: command 0x0406 tx timeout
[  332.637219][ T5986] Bluetooth: hci3: command 0x040f tx timeout
[  332.637256][   T63] Bluetooth: hci4: command 0x0405 tx timeout
[  332.857032][ T6178] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  333.007023][ T6178] usb 9-1: Using ep0 maxpacket: 16
[  333.010353][ T6178] usb 9-1: config 0 has no interfaces?
[  333.014692][ T6178] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  333.019312][ T6178] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.022160][ T6178] usb 9-1: Product: syz
[  333.023523][ T6178] usb 9-1: Manufacturer: syz
[  333.024961][ T6178] usb 9-1: SerialNumber: syz
[  333.028207][ T6178] usb 9-1: config 0 descriptor??
[  333.556851][T13012] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  333.598192][ T6178] usb 9-1: USB disconnect, device number 20
[  333.778366][T13033] libceph: resolve '
[  333.778366][T13033] -&���f�Y�ǝ�a���2i�
[  333.778366][T13033] .���?��&�*��&' (ret=-3): failed
[  333.835024][T13023] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  333.837230][T13023] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  333.839443][T13023] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  333.924206][T13035] FAULT_INJECTION: forcing a failure.
[  333.924206][T13035] name failslab, interval 1, probability 0, space 0, times 0
[  333.928642][T13035] CPU: 1 UID: 0 PID: 13035 Comm: syz.3.1973 Not tainted syzkaller #0 PREEMPT(full) 
[  333.928658][T13035] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  333.928678][T13035] Call Trace:
[  333.928683][T13035]  <TASK>
[  333.928687][T13035]  dump_stack_lvl+0x16c/0x1f0
[  333.928705][T13035]  should_fail_ex+0x512/0x640
[  333.928722][T13035]  should_failslab+0xc2/0x120
[  333.928736][T13035]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  333.928749][T13035]  ? getname_flags.part.0+0x4c/0x550
[  333.928768][T13035]  getname_flags.part.0+0x4c/0x550
[  333.928784][T13035]  getname_flags+0x93/0xf0
[  333.928796][T13035]  __ia32_sys_mknod+0x72/0xb0
[  333.928809][T13035]  __do_fast_syscall_32+0x7c/0x3a0
[  333.928824][T13035]  do_fast_syscall_32+0x32/0x80
[  333.928839][T13035]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  333.928853][T13035] RIP: 0023:0xf7f74579
[  333.928862][T13035] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  333.928873][T13035] RSP: 002b:00000000f545455c EFLAGS: 00000296 ORIG_RAX: 000000000000000e
[  333.928883][T13035] RAX: ffffffffffffffda RBX: 0000000080000180 RCX: 0000000000000004
[  333.928890][T13035] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000
[  333.928896][T13035] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  333.928902][T13035] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  333.928909][T13035] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  333.928918][T13035]  </TASK>
[  334.170058][T13040] hub 8-0:1.0: USB hub found
[  334.172227][T13040] hub 8-0:1.0: 1 port detected
[  335.329942][T13065] libceph: resolve '
[  335.329942][T13065] -&���f�Y�ǝ�a���2i�
[  335.329942][T13065] .���?��&�*��&' (ret=-3): failed
[  335.837247][ T5986] Bluetooth: hci1: command 0x0406 tx timeout
[  335.917143][ T5986] Bluetooth: hci3: command 0x040f tx timeout
[  335.917387][ T5987] Bluetooth: hci4: command 0x0405 tx timeout
[  336.150805][ T6042] libceph: connect (1)[c::]:6789 error -101
[  336.153551][ T6042] libceph: mon0 (1)[c::]:6789 connect error
[  336.302266][T13084] ceph: No mds server is up or the cluster is laggy
[  336.642887][T13103] 9pnet_virtio: no channels available for device syz
[  336.662310][T13101] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1993'.
[  336.665509][T13101] binder: 13100:13101 ioctl c0306201 0 returned -14
[  336.669548][T13101] binder: 13100:13101 ioctl 8940 800002c0 returned -22
[  336.770940][T13109] loop6: detected capacity change from 0 to 524287999
[  337.524396][T13116] binder: Unknown parameter 'euid'
[  337.997061][ T5987] Bluetooth: hci3: command 0x040f tx timeout
[  338.072633][T13126] loop2: detected capacity change from 0 to 7
[  338.075379][ T5989] Dev loop2: unable to read RDB block 7
[  338.077469][ T5989]  loop2: AHDI p1 p2 p3
[  338.079371][ T5989] loop2: partition table partially beyond EOD, truncated
[  338.087315][ T5989] loop2: p1 start 1601398130 is beyond EOD, truncated
[  338.091695][ T5989] loop2: p2 start 1702059890 is beyond EOD, truncated
[  338.094448][T13126] Dev loop2: unable to read RDB block 7
[  338.096200][T13126]  loop2: AHDI p1 p2 p3
[  338.098538][T13126] loop2: partition table partially beyond EOD, truncated
[  338.101033][T13126] loop2: p1 start 1601398130 is beyond EOD, truncated
[  338.103103][T13126] loop2: p2 start 1702059890 is beyond EOD, truncated
[  338.216200][T13132] netlink: 'syz.4.2001': attribute type 1 has an invalid length.
[  338.235592][T13132] 8021q: adding VLAN 0 to HW filter on device bond2
[  338.255298][T13132] bond2: (slave geneve2): making interface the new active one
[  338.260096][T13132] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  338.267395][T13134] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1999'.
[  338.358189][T13141] Oops: general protection fault, probably for non-canonical address 0xdffffc000000005f: 0000 [#1] SMP KASAN NOPTI
[  338.362041][T13141] KASAN: null-ptr-deref in range [0x00000000000002f8-0x00000000000002ff]
[  338.365807][T13141] CPU: 3 UID: 0 PID: 13141 Comm: syz.4.2004 Not tainted syzkaller #0 PREEMPT(full) 
[  338.369535][T13141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  338.372928][T13141] RIP: 0010:h5_recv+0x104/0x950
[  338.374501][T13141] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 c1 32 43 f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00
[  338.380800][T13141] RSP: 0018:ffffc90004547ba8 EFLAGS: 00010293
[  338.382845][T13141] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff8877dada
[  338.385394][T13141] RDX: ffff88802311c880 RSI: ffffffff8877db1f RDI: 0000000000000005
[  338.387862][T13141] RBP: ffffc90004547d30 R08: 0000000000000005 R09: 0000000000000000
[  338.390407][T13141] R10: 0000000000000001 R11: 000000000000001e R12: 0000000000000001
[  338.392863][T13141] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8cb476c0
[  338.395308][T13141] FS:  0000000000000000(0000) GS:ffff8880977c4000(0063) knlGS:00000000f5475b40
[  338.398072][T13141] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  338.400178][T13141] CR2: 0000000080766000 CR3: 0000000053414000 CR4: 0000000000352ef0
[  338.402696][T13141] Call Trace:
[  338.403761][T13141]  <TASK>
[  338.404701][T13141]  ? tomoyo_path_number_perm+0x295/0x580
[  338.406518][T13141]  ? __pfx_h5_recv+0x10/0x10
[  338.408022][T13141]  ? rcu_is_watching+0x12/0xc0
[  338.409597][T13141]  ? lock_acquire+0x2cd/0x350
[  338.411201][T13141]  ? __pfx___might_resched+0x10/0x10
[  338.412928][T13141]  hci_uart_tty_receive+0x254/0x7e0
[  338.414614][T13141]  ? __pfx_hci_uart_tty_receive+0x10/0x10
[  338.416487][T13141]  tty_ioctl+0x583/0x1680
[  338.417986][T13141]  ? __pfx_tty_ioctl+0x10/0x10
[  338.419680][T13141]  ? do_vfs_ioctl+0x128/0x14f0
[  338.421238][T13141]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  338.422868][T13141]  ? rcu_is_watching+0x12/0xc0
[  338.424389][T13141]  ? __fget_files+0x204/0x3c0
[  338.425902][T13141]  ? hook_file_ioctl_common+0x145/0x410
[  338.427694][T13141]  ? __fget_files+0x20e/0x3c0
[  338.429243][T13141]  tty_compat_ioctl+0x24a/0x4d0
[  338.430791][T13141]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  338.432496][T13141]  __ia32_compat_sys_ioctl+0x23f/0x370
[  338.434235][T13141]  __do_fast_syscall_32+0x7c/0x3a0
[  338.435856][T13141]  do_fast_syscall_32+0x32/0x80
[  338.437835][T13141]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  338.440323][T13141] RIP: 0023:0xf7f77579
[  338.441906][T13141] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  338.448030][T13141] RSP: 002b:00000000f547555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  338.450699][T13141] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005412
[  338.453202][T13141] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  338.455650][T13141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  338.458163][T13141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  338.460712][T13141] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  338.463208][T13141]  </TASK>
[  338.464196][T13141] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  338.465674][T13141] ---[ end trace 0000000000000000 ]---
[  338.470116][T13141] RIP: 0010:h5_recv+0x104/0x950
[  338.471716][T13141] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 c1 32 43 f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00
[  338.479073][T13141] RSP: 0018:ffffc90004547ba8 EFLAGS: 00010293
[  338.481223][T13141] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff8877dada
[  338.483736][T13141] RDX: ffff88802311c880 RSI: ffffffff8877db1f RDI: 0000000000000005
[  338.486291][T13141] RBP: ffffc90004547d30 R08: 0000000000000005 R09: 0000000000000000
[  338.489569][T13141] R10: 0000000000000001 R11: 000000000000001e R12: 0000000000000001
[  338.492198][T13141] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8cb476c0
[  338.494693][T13141] FS:  0000000000000000(0000) GS:ffff8880977c4000(0063) knlGS:00000000f5475b40
[  338.497795][T13141] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  338.500233][T13141] CR2: 0000000080766000 CR3: 0000000053414000 CR4: 0000000000352ef0
[  338.502952][T13141] Kernel panic - not syncing: Fatal exception
[  338.505444][T13141] Kernel Offset: disabled
[  338.506861][T13141] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:12:57  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffc90003f97b60 RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff85151594 RDI=ffffc90003f97b60 RBP=ffffffff85151580 RSP=ffffc90000007f68
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=ffffc90000007ff8
R12=0000000000000000 R13=dffffc0000000000 R14=0000000000000000 R15=ffffc90003f97b28
RIP=ffffffff851515bd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000057e9f4c0 CR3=000000004b5fe000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefeffd0 Opmask01=0000000000004211 Opmask02=000000007ffeffff Opmask03=0000000000000000
Opmask04=00000000ffffefff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555ebd034970
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f49f63f1b20
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f49f63f1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffff000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a7f749729c14a 2a2a7f749729c14a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a5563dc000a48 2a2a7f74972e6f8b
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c696620732520 6465746165726300 0a73253a47000a73 253d73253a45000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40494c4305560005 4140514440574600 0a56001f47000a56 001856001f45000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555ebd03b250 0000555ebd086ac0 0000555ebd03a4f0 0000555ebd028760
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 cf29dad0d7677c21 0000555be8e88fa7 0000000000000141 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bc48b6b3f8140552 2f007a289d8aa0d4 79732f002f6d6435 7379736275732f73
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff7ffffffd77fff7 6f7f7f7fffffffff 7f7f7f7fff7f7f77 7f7f7f6ffd7ffff3
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70625f322d33 2e36312e312d6e61 696265642d332e36
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555ebd026a70 0000000000000041 0000550030023000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000704 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000001000008fb RBX=0000000000000001 RCX=0000000000000830 RDX=0000000000000001
RSI=00000000000000fb RDI=0000000000000001 RBP=ffffc90003f97b20 RSP=ffffc90003f97a00
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=0000000000000000 R13=1ffff920007f2f43 R14=1ffff920007f2f01 R15=0000000000000000
RIP=ffffffff81695748 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880975c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008002a000 CR3=0000000049f29000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88802b541d40 RCX=ffffffff81af11d1 RDX=ffff888023fb4880
RSI=ffffffff81af11ab RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90003c174e8
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000007b9c
R12=dffffc0000000000 R13=ffffed10056a83a9 R14=0000000000000001 R15=0000000000000003
RIP=ffffffff81af11b2 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f66e40 CR3=000000004b063000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7404ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85616b45 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc90004547510
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043
R12=0000000000000000 R13=0000000000000033 R14=ffffffff9b0f8640 R15=ffffffff85616ae0
RIP=ffffffff85616b6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977c4000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080766000 CR3=0000000053414000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000