last executing test programs:

3.079715155s ago: executing program 1 (id=1489):
r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000240)={0xb8, 0x6, 0x4, {0x8, @pix={0x0, 0xffffffff, 0x51424752, 0x0, 0x0, 0x0, 0xc}}})
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f00000000c0)={0x0, 0x6, 0x3})

3.020725288s ago: executing program 1 (id=1490):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
accept4(r0, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$netlink(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a0001"], 0x50}}, 0x4000000)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socket$packet(0x11, 0x3, 0x300)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r3, @ANYBLOB="01000000000000000000010000000c0005006c000000000000000c0002000000000000000000040007800c000800000000000000000008000100000000004400078008000100", @ANYRES32, @ANYBLOB="380001", @ANYRES32=r4, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB="08000100", @ANYBLOB="06"], 0x90}}, 0x0)

2.958841485s ago: executing program 1 (id=1492):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000080)="18", 0x48, 0x0, &(0x7f00000000c0)={0x11, 0xc, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
recvmmsg(r1, &(0x7f0000003a00)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f00000001c0)=""/81, 0x51}, {&(0x7f0000000240)=""/144, 0x90}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000000)=""/15, 0xf}, {&(0x7f0000000340)=""/99, 0x63}, {&(0x7f0000001440)=""/70, 0x46}, {&(0x7f00000014c0)=""/214, 0xd6}, {&(0x7f00000003c0)=""/34, 0x22}], 0x9, &(0x7f0000001640)=""/183, 0xb7}, 0x5fd}, {{&(0x7f0000001700)=@ax25={{0x3, @rose}, [@bcast, @remote, @rose, @rose, @remote, @default, @null, @null]}, 0x80, &(0x7f0000003900)=[{&(0x7f0000001780)=""/23, 0x17}, {&(0x7f00000017c0)=""/25, 0x19}, {&(0x7f0000001800)=""/7, 0x7}, {&(0x7f0000001840)=""/28, 0x1c}, {&(0x7f0000001880)=""/4096, 0x1000}, {&(0x7f0000002880)=""/4096, 0x1000}, {&(0x7f0000003880)=""/86, 0x56}], 0x7, &(0x7f0000003940)=""/160, 0xa0}, 0x101}], 0x2, 0x40, &(0x7f0000003a40)={0x0, 0x989680})
ioctl$KDSKBENT(r3, 0x4b47, &(0x7f0000000400)={0x0, 0x7f, 0x700})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="58000000020601020000000000000000000000000c00078005001500030000100500010006000000050005000200000005000400000000000900020073797a300000000011000342686173683a365c2c706f727400000000"], 0x58}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x5d, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYRES64=r0], 0x34}, 0x1, 0x0, 0x0, 0xc810}, 0x8004)

2.956982047s ago: executing program 1 (id=1494):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000009a02000000001f000000000000000000"])
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x102, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x80000000000001, 0x0, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB]}, 0x50)
syz_emit_ethernet(0x8e, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r5 = signalfd(r2, &(0x7f0000000100)={[0x7fffffff, 0x5]}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r6 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x2}, &(0x7f0000000080), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000010380)=""/47, 0x2f}], 0x4)
r7 = socket$rds(0x15, 0x5, 0x0)
ioctl$RTC_ALM_SET(r5, 0x40247007, &(0x7f0000000300)={0xd, 0x25, 0xb, 0x19, 0x5, 0x619, 0x5, 0x4f, 0x1})
bind$rds(r7, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r6, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340)}], &(0x7f0000000180), 0x200000000000023f}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x37)

2.048888072s ago: executing program 0 (id=1501):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x40001}, 0x1c)
r1 = inotify_init1(0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r2=>0x0})
r3 = syz_open_procfs(r2, &(0x7f0000000600)='fd/4\x00')
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r4 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1000})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
open_by_handle_at(r3, &(0x7f0000000240)=ANY=[@ANYBLOB="0c00000001000000d87a"], 0x10000)
ioctl$sock_inet6_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000000))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000001000000010000000020000000000000000000001000000002000001c0000babde23d314baebc18dada9d198202bda2376b71cec1523ab50fd32b6ecb359458826d00000000fc749096bf5319bbe00d9f22bfaaf1f52211a72e3c64703a24e0d83470562b76e8e273ba8f5dfd21356e60dabef1b244e11afb782fdff64bb8b1c65fee6cdfffed68854c7a8f839eece484cdf676cd853d077a205aaa9e98f8788094af6ef3cd2ec81b3a2ec7a7fec26d1ac6598a6354c7d021fe56139ab8e1ecbc41b603d71a195d12200657a34b8bed17baa1544b2cfc8ffd091f1a5fa67d9e4186e687bc1d7751dffa2774e364a1df2bc6afc23ad3926c5dde82d25ffd8f02589cf99dd83dfdae6920483249515e694032f170e219a1aaa01f1d601822a3440a9e3ac1536af67fad03f5bd18189e6ec4e120f769420c9c499ddd8eb7028c42a435eb5dc6cfd64df942f275e4fdff1e4d5758b154e32fcf7e56fb48b2af5437ee882fc493768a9625163418c510b4ec3092c9facdb499b32822eaec8feea8961d42c9106eefdf8f6b"], 0x0, 0x2a, 0x0, 0xa, 0x0, 0x0, @void, @value}, 0x20)
sendmmsg$sock(r0, &(0x7f0000000800)=[{{&(0x7f00000005c0)=@qipcrtr={0x2a, 0x1}, 0x80, 0x0}}], 0x1, 0x0)

1.906719263s ago: executing program 0 (id=1503):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000040)="05000000010003", 0x7)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="200000001a1401"], 0x20}}, 0x0)

1.850698334s ago: executing program 0 (id=1505):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat$sw_sync(0xffffff9c, &(0x7f0000000140), 0x40, 0x0)
ioctl$SW_SYNC_IOC_INC(r1, 0x40045701, &(0x7f0000000180)=0xaa4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r2 = socket$kcm(0x10, 0x2, 0x10)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x501001)
r4 = openat$ttynull(0xffffff9c, &(0x7f00000001c0), 0xc000, 0x0)
ioctl$TIOCSISO7816(r4, 0xc0285443, &(0x7f0000000300)={0xc62, 0x50, 0x1, 0x24f4e500, 0x7})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r3, 0xc0105303, &(0x7f0000000500))
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)="cf68e4c66c906dd02ad94db0cfb7688af9e606c07413ba8b8d907ca902b9de94b28daba9eaf34b4e350bd9cd19f16496259dff71b19b4c1547bc576e3c8cbf002b9070f05c383880e98f74bb142fce479df047a47c8cfc729f0ef9cb01ca8793e046e1adeaca222900c1e4a2bc68bcbdf171ffdb0e8efea12382c6354649d97cfc17f34363b77d06b550b9a3e6e705da2293a8142a4b5b9eb7d5d3df975574813c05bb68f5081701d536612208a32e315b0880c69438e31948afb9434c5a2f4bd5b1ba4ed1bd4682d972fc90970b3e3ec8536defe148c7aee5c3979aac4a4f4f3db938c63de57c6f22e072058316190458031aeeda0f35d99bb1", 0xfa}, {&(0x7f0000000240)="5cc7798ebb14a573ba51a5c11d7d916d8760e8064c011f28dae142d277aaadb8606109f7d06f1306d1fdba4dc7180f6a76291d7fefccc648e8531b35d8d6a2903c53dc908c660f9e736cc9bf3ba1a40c346d17483f4e42e46ec325ad907314911000abfce824026a8ff4c8dda3124c253261202ca18ab2650a92c10f25ba6781d434", 0x82}], 0x2}, 0x0)
quotactl_fd$Q_QUOTAOFF(r3, 0xffffffff80000300, 0xffffffffffffffff, 0x0)

1.780545016s ago: executing program 0 (id=1507):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000000)={0x3, 0x2, "14c927", 0x8, 0x5})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
close_range(0xffffffffffffffff, r1, 0x2)
r2 = openat$binderfs(0xffffff9c, &(0x7f0000000040)='./binderfs/custom0\x00', 0x802, 0x0)
r3 = mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, 0xffffffffffffffff, 0x9)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000280)={0x74, 0x0, &(0x7f00000001c0)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000100)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r1}, @ptr={0x70742a85, 0x1, &(0x7f0000000080)=""/70, 0x46, 0x2, 0x18}}, &(0x7f0000000180)={0x0, 0x18, 0x30}}}, @acquire={0x40046305, 0x1}, @free_buffer={0x40086303, r3}, @increfs, @increfs_done], 0x8, 0x0, &(0x7f0000000240)="c5bcfbbaa5b72c3c"})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'syzkaller1\x00'})
r4 = fsopen(&(0x7f0000000300)='bdev\x00', 0x1)
fcntl$notify(r4, 0x402, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000340)={0x0, <r6=>0x0})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000380)={r6})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
fgetxattr(r7, &(0x7f00000003c0)=@known='user.incfs.id\x00', &(0x7f0000000400)=""/132, 0x84)
r8 = openat$vhost_vsock(0xffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r8, 0x4008af00, &(0x7f0000000500)=0x100000000)
fstat(r5, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setgroups(0x1, &(0x7f00000005c0)=[r9])
r10 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r10, &(0x7f0000000600)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e22, @multicast2}, 0x0, 0x3, 0x4, 0x1}}, 0x26)
socket$inet6(0xa, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000000640)={{0x1, 0x1, 0x18, <r11=>r2}, './file0\x00'})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000006c0)={<r12=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r11, &(0x7f0000000740)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000680), r12, 0x0, 0x1, 0x4}}, 0x20)
syz_create_resource$binfmt(&(0x7f0000000780)='./file0\x00')
openat$sw_sync(0xffffff9c, &(0x7f00000007c0), 0x800, 0x0)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000800), &(0x7f0000000840)='.\x00', 0x2, 0x1)
r13 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), r11)
sendmsg$L2TP_CMD_TUNNEL_GET(r11, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x24, r13, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast1}]}, 0x24}}, 0x20008081)

1.579523643s ago: executing program 0 (id=1508):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="14000000160048dac87880648c2594f913", 0x11}], 0x1}, 0x1c04c080)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r4, 0x8004587d, &(0x7f0000001ec0)={@id={0x2, 0x0, @auto="de60e4b8e8c640437d02438081fc0e47"}})
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
setregid(0xffffffffffffffff, 0x0)
read$FUSE(r4, 0x0, 0x0)
landlock_create_ruleset(0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
getpid()
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000100)=<r7=>0x0)
process_vm_readv(r7, &(0x7f0000008400)=[{&(0x7f0000000340)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000000180)=""/134, 0x86}], 0x1, 0x0)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x121001, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[], 0x34}}, 0x0)

1.579044552s ago: executing program 1 (id=1509):
memfd_create(&(0x7f0000000100)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x8d\xd9\x89\xab\xf8P\xacYtk\xa3\xed\xfa*8\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9]\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xfd\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x137\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xc4\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000000)={0x0, 0x1, &(0x7f00000010c0)="17"})
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2e1}, 0x0)
kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f0000001340)=@abs={0x0, 0x0, 0x4e21}, 0x4b)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/partitions\x00', 0x0, 0x0)
preadv(r2, &(0x7f0000001500)=[{&(0x7f00000002c0)=""/4084, 0xff4}], 0x1, 0x202, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000340)={'U+'}, 0x16, 0x2)
r3 = openat2$dir(0xffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x200000, 0x130, 0x20}, 0x18)
open_tree(r3, &(0x7f0000000640)='\x00', 0x81801)
io_uring_setup(0x3055, &(0x7f00000012c0))
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f00000000c0))
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246)

1.400349956s ago: executing program 0 (id=1512):
r0 = socket(0x28, 0x5, 0x0)
r1 = accept4$unix(r0, 0x0, 0x0, 0x0)
r2 = syz_open_dev$ndb(&(0x7f00000003c0), 0x0, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x0, "2e2b5aa4"}, @local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4={0x3, 0x0, 0x8}]}}, 0x0}, 0x0)
r4 = syz_open_dev$hiddev(&(0x7f0000000540), 0x1, 0x180)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_START_AP(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYRESOCT=r0, @ANYRESHEX=r3, @ANYBLOB="36a695aacfafebc39ab62975b95eb1be40f4bad3eb98a043a445f3ab4fcfe7314b15c33b2a9dd281ebc30251e57b9db533db0bbd543f2ed3881e78b9b49909326faee67723d16a8d7dc7a37724218b888e0ca1ffe743d7ed2e75025aeec96a3e75be8d637a75caf1fa88965a29a0ca7a74965f92d7e21f6aaab24b46d3cea5e6da43726c4ab5dd5a89113054c157a2f47a1b3566d99bccad2e95564b9fa34a1e6051fffa017d6cedd86cd93cc746", @ANYRES16, @ANYRES8=r6, @ANYRES8=r7, @ANYRES8=r1, @ANYBLOB="79c421a7a08c508700d41bc33c1815b30f150c19308ce0a20df7ce7914f62a4d9aa645d17fe748ef4de0b4f130378a3e38f7e9c965ae573b246a3070a1b79450e4eaecef725ee918365a7d2d6a42ea4caa73b6a9c9b6cded4546b4abb0827888e734e74cabc0c66c5a90ad42e6339a9285cb94f2a90483d499fd9c42f9ffa081ee613574e1b614838f6a69506bdc7e9af962c0d2db056014f3fe0b598fd7a5c514b01908579ac1197ccec13e57157a928b9857fbd911e212afc983bb5cb9f9d6524bfabc2919ede80c2984cecbc8718b899f76999383"], 0x1c}, 0x1, 0x0, 0x0, 0x24000}, 0x4008080)
ioctl$HIDIOCSFLAG(r4, 0x4004480f, &(0x7f0000000000)=0x2)
ioctl$BLKTRACESETUP(r2, 0xc0401273, &(0x7f0000000000)={'\x00', 0x0, 0x42, 0x10000007})
fchdir(r0)
set_mempolicy(0x3, &(0x7f0000000080)=0x5, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff97}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$BLKTRACESTART(r2, 0x1276, 0x0)

1.149236149s ago: executing program 2 (id=1516):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000080000000200000f"], 0x0, 0x46, 0x0, 0x9, 0x0, 0x0, @void, @value}, 0x28)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) (async)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={0xffffffffffffffff, 0x10, 0xfffffffffffffdd7, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, 0x0}, 0x40) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000100)={0x0, 0x14, 0x7, 0x2, 0x0, 0xef, &(0x7f0000000040)}) (async)
write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)

1.090280062s ago: executing program 2 (id=1517):
syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$sndseq(0xffffff9c, &(0x7f0000000000), 0x100)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, &(0x7f0000000040)={{0x23, 0xe}, 'port1\x00', 0xa, 0x808, 0x800, 0xffff7fff, 0x4, 0x2, 0x5, 0x0, 0x2, 0x5})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @ioapic={0x1000, 0x426, 0x3, 0x0, 0x0, [{0x2, 0xd, 0x3, '\x00', 0x9}, {0x3, 0x4, 0x6, '\x00', 0x7}, {0x7, 0x1, 0x3, '\x00', 0x7}, {0x6, 0x0, 0xf, '\x00', 0x42}, {0x10, 0x80, 0x6, '\x00', 0x6}, {0x7, 0x9, 0x6, '\x00', 0x9}, {0x0, 0x5, 0x4, '\x00', 0xfa}, {0x9, 0x8, 0x0, '\x00', 0x3}, {0x5, 0x8, 0x3, '\x00', 0xf8}, {0x1, 0x6, 0x2, '\x00', 0xd}, {0x7, 0x6, 0x6, '\x00', 0x1}, {0x4, 0x6, 0x81, '\x00', 0x3}, {0x8, 0x14, 0xa, '\x00', 0xd}, {0x8, 0x4, 0x3e, '\x00', 0x6d}, {0x5f, 0xd, 0x1, '\x00', 0xd}, {0x0, 0xff, 0xfd, '\x00', 0x10}, {0x2, 0x9, 0x4, '\x00', 0x7}, {0x0, 0x9, 0x3}, {0x8, 0x9, 0x5, '\x00', 0x2}, {0x10, 0x3, 0x5, '\x00', 0x8}, {0x0, 0x5, 0x1, '\x00', 0xf3}, {0x71, 0x3, 0x9, '\x00', 0x3}, {0x2d, 0x59, 0xf}, {0x7f, 0x8, 0x5, '\x00', 0x7}]}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0xfffffffffffffffe, 0x0, 0xb, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4000000], 0xf000, 0x2c0f12})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)) (async)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) (async)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) (async)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB="0000000000160000000000000000100000000000865020ba4cbfe35d08c604ca3af2fd73285b1a235763371a045a3065bd2d1ce04e318953cb9b847751429388e27ef982b0aa42c7990cf221784a5faa0396a04a0681a8", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000500"/28], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{r6}, &(0x7f0000000080), &(0x7f00000000c0)='%pi6   \x00'}, 0x20) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x14, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
getsockopt$bt_BT_POWER(0xffffffffffffffff, 0x112, 0x4, 0xffffffffffffffff, &(0x7f0000000080))

1.000228957s ago: executing program 2 (id=1518):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, 0x0)
openat$autofs(0xffffff9c, &(0x7f0000000000), 0x200142, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = socket$netlink(0x10, 0x3, 0xc)
r3 = syz_open_dev$sndctrl(0x0, 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000700)={{0x2}, 0x0, [0x2000000, 0x0, 0x0, 0x0, 0x8, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]})
syz_open_dev$tty1(0xc, 0x4, 0x1)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0)
r5 = dup(r1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000001440)={@local, @empty, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x2, 0x6, 0x20, 0x68, 0x0, 0xe3, 0x21, 0x0, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}}, "5d8375322b8239d20b4fb806"}}}}, 0x0)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
socket$inet(0x2, 0x1, 0x0)
r7 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r7, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r7, 0x3)
r8 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r8, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
recvmmsg(r8, &(0x7f0000007940), 0x55, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

749.60151ms ago: executing program 2 (id=1520):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000000)={'ip6tnl0\x00', 0x0, 0x4, 0x5, 0x1, 0xffff, 0x2, @mcast1, @private0, 0x700, 0x7, 0x6, 0x3}})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000140)={'wg1\x00'})
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newlink={0x6c, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40493, 0x20000}}, 0x6c}}, 0x0)

689.830746ms ago: executing program 3 (id=1521):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockname(r0, &(0x7f0000000000)=@can, &(0x7f0000000080)=0x80) (async, rerun: 64)
ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f00000000c0)='bridge0\x00') (async, rerun: 64)
r1 = openat$nmem0(0xffffff9c, &(0x7f0000000100), 0x100002, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000001c0)={0x1, 0x0, [{0x1, 0x74, &(0x7f0000000140)=""/116}]}) (async)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000200)) (async)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(0xffffffffffffffff, 0x80605414, &(0x7f0000000240))
preadv2(r0, &(0x7f0000000300)=[{&(0x7f00000002c0)=""/60, 0x3c}], 0x1, 0x4, 0x8, 0xc)
ioctl$IOC_PR_REGISTER(r1, 0x401870c8, &(0x7f0000000340)={0x4f5e, 0x8})
r2 = openat$ndctl0(0xffffff9c, &(0x7f0000000380), 0x100, 0x0)
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f00000003c0)={'pim6reg\x00', {0x2, 0x0, @private}})
ioctl$BLKIOMIN(r1, 0x1278, &(0x7f0000000400)) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_DELRULE={0x58, 0x8, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x80}}, 0x8000) (async)
ioctl$DRM_IOCTL_GET_CLIENT(r2, 0xc0186405, &(0x7f0000000580)={0x3, 0x7fffffff, {<r3=>0x0}, {<r4=>0xffffffffffffffff}, 0x5f, 0x3})
quotactl_fd$Q_QUOTAON(r2, 0xffffffff80000200, r4, &(0x7f00000005c0)='./file0\x00')
read$FUSE(r1, &(0x7f0000000600)={0x2020}, 0x2020)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r5, &(0x7f0000003900)={&(0x7f0000002640)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000038c0)={&(0x7f0000002680)={0x120c, 0xb, 0x2, 0x5, 0x70bd28, 0x7fff, {0x1}, [@generic="484f907a804e3ed0c0f6477a9ce7a354ee82f5", @generic="6aed1e396a5b3834424140f6e23d9728e6fed85e96b1e4712aca479febba1fa406cfc3222b2b55b72bcefc6089de69d4713c747fe6508d2bd8e390d1", @nested={0x119d, 0x1b, 0x0, 0x1, [@typed={0x8, 0xfa, 0x0, 0x0, @pid=r3}, @generic="d979389df216c615c2b427af1dd9aca604ba7b173703b9f9a6c793974b269e94534a6adc9f4f216ec951cb76847da3b150e0cd2868fd48b14914998aa210e4882dec843c1fa020d1933e44980daf27523983aae4f33b617c15cbd7c84293255963bcd5e3b240f3f144ef9e2547f42c2c927d5556a1aa6fc94f8566daacefe54e905bdd1106", @generic="aed95918e784a9369d1e14e356bf28ecd0c8fc098dd9af27eecc8adb16ca6043910437884996126b18cd8da7f6a7fe76d903790af9ba6e746acb62d73f59583a5c4e6a318f32ce49df28af5d7dd75db84008d46c9a7847d2d73fa6aa46fbbd4bd4082a2375a1f506f785ab4e5b4b817b08282f001d9d97f0c2fc541647da3207b2c4b8887cd8049b53cb58c69d31718dca1f4d7c08892f59094dea5c84ec18666e782bce1347e2c77b2864e052465ce50256d27bd5f5b901a79806a12c8aa68f803eafdeb32da22c546cbdbb643dc4d03109f6aaac989e6aa9751c5a6b8bb91fc5f9205f98042bb8f0bf4ebfa1f79819ecb49e3797d1435d34b847a4a9abc85cd6201a4d70b561919951a145f959e91c3f1d3dadcce85f1fb32d2f5748c431997aeceed61ebf8b6c389b174dafe3f64755682f8fd4ea6803887499ef48f8f2964c5485a4b135d7ac760730450ae316d04666ecfbbcd96d37a41ec7f43dc5929ea67e862c7fe3c8d74d588ee47a07f205c671f0cd776324eb04d0c1163b7984ecd6415c72425e947a2d5a253b152039c8b89636e253c378ef55726f5e9661549db91fd7784b05eab83872215c99f86cffb6fca304b1a31870b8567077dde8502628b3da2dcf85becf339604707e714212f7880e4c2218b37ca68c09b0d22b52868559b81383583fa325258c535e24845fe758916c8637997f035b9bed0fc266616ab72b22b53a82933e02e1afa1f15c12716faabc5e543e8e7e1e8ec1e61a2b7c5b84b64b5df43b98a25d112392a940476552b4306a4418ee280d7eca8ea2d43b36f38d76840116fa80ddcb3a99b8c1411cb32f3193968468075419372da45ac5aaa07ed38066100a56b9011eb466b16267a38814052f0ab7a4d733a4afdb4b8309fdfa39648ace3db89278b8be39ef5def504b552db0d3fe468f3165946d5a951723c8c514220d571805d0ed36f31a95a58d8c71f093d8c1f7de1d685757444107e01f18a5a7aa10f664a4cbc35f64594e57b4f8cb677681cc88ad4c4bb178f5d6af118b2527b40747fe53a7e244b81da6d2d5c19db2b248f110821040778af3d81326a4b368fe15a7683bed336ca868b83d3300176e3b2a2b44a30d3a4881dd51204d5eea008192fb3bdaf2feabea5c86512e63e3fc5fe40dbfb77daf4cc9064185b24c3596fd09ae76cd20c126bbc1f0d52a2448c75f4bb3c88274e5621497613600a0e7f4281eb9a999129016c199e3e74e4bbcdf86c33886104ae2e6ff2c4e557aa7d3919b4352bb24e388a622a0eb398dce24cc8d56b25281c0b1b1d03cb175f4fc8b045c490677d53b48aa3ea1fb031f859e815ab276e0f90eb2c891c0142cba0c54b96b251a86c3986f495c0ab2f8ae977bca93afe0b77be045474b3b9aaacaf6575fe2a3dbf1c3c26c8479318c0c91644e9e160979b75dea0836e1723d7d4a20c6876beabb126c1b08ac7641ef7b17d848ccd9b76c18e018d68492d01c926b0386d63d6fc12fb4227f7c5a7965606d70779d7d271f05ecac1d50316fb63e65b2bc229f840a9a1216a134abb15ed3f23983ce1601654963dde2288726781bf7df5fca5a9d4d94772466427586070cf25ef42683a63c486a802cbc931c1e9a32ab3ff778292049a9a3f3232d647f0285e4ecec80c450d185b2855ce1599479af12d03bc70e347d8c1b7872f2ecefe1a788930f6c649d1fae02e0a270e9427ad79fecae8cb06b77feae74642bf8649c40c03b5f700ffc4e2b7273bacd6608ac3212224a074b4159703a1a34a53b8be500f7a72a5e28330d56572fc719905454d2a6865cf62f0e4aa493de23cc8700caee3bb49f4963c9d97bc4734ced7e220f94bc7ff3dccf1c11e4a3783adde128d18b366bfd5709f76e7cffd3f771302876eb93972ba4c42672accef0d66ed8418b0002656e6b90958caa538d2c2784c48577a5a182e4bd6aa03797498b913f63ac1c0f4d9af586e1f1a2b16ce720c6a6556bdd5f76b87ee2163b692b1619196e4dfd16a79fdc86e8d8c659efbd2a6eea314fbb7be9f62e3a1ef147d9411dd12ebf9ef7d92f867bd6b6f1727e8c0a5322ef818f7cbc2e260e37323f19a13c53d191c5937f7272c4367cc1e1947390794ede441451d7a2c2ca2131b318965bb89f957b56dfafa1b99ec31921ebea7056b180e28cfb0474649f08489f026e69159474da7128e00e6c0f0858575c6fe3e0b3bad643f41fc463e98d71ea0dd056a076d0a70f8713a2bd8798f129ebc375778cf2c8e2954da033fbba30e8844d29fd3dbadb3931ae351e7b835cb505d249ac558bacc78ad05926a301a8b2ff036d17ffdb5dc0717b3a50d64ab90d1bdc5cadd2ceafa3e58b09b7b69614212ec760862614c6e27adc9ed783cec359b95d86cf58d3ffb9384724e620fbef688d9b6f8841dc6bd38991eb5b779efcd36f606796ed269ffdc234ccd30f4eda58b5f3121260154e76b500636a6e79b85efbacbe5aed043c058bf79c930ee020b505c2d80f7cd4c33001d19bf39350d4b70ffaefef314fa74b91a6bed5372ade9194ddd760385908759c686912844d0b29417257ab906c13c620b5917ae30db7ccbb8768487cf47b12a3652ec1b11500e5a5da365f4ca8e3c95a8e5ee416f7d20c5e90ff015d8cea6f0df375d440521260b09ede7e521061619527de44691f173ad8d159497644c76066d43323ff1ec51bffed8190269398ddb34e4a5761baee3148f8bd847f5e041aa03d9401253296e819a0f889fd12a75d0e1fa1c44a309db42f2835c85b58d66528a3d8b973ca4e7c95b41f340eb9820d566d4f55fbaf35455f01a0cb420a35ed98b8bbaec4b2ff4740d5bab968cbf2aeec6d7f4581a9e2e47514c62ca7eb1ae4a4677d846cd5390f732f31c341cb8f3e19f7ffd6128597adf82dcb1eaed047817a1721958c299d5d1e9f31f94fb9e88531ca8e774ab78c25ca7dc6283c55ff9238927ac7f6a5ee4c404b01b726c008cce94528f9e3e2c8197b0193d6f4c7ffc279fb48fda72f19bef6cee7b0823f19e574815815dd89f115ce19b372f22c818a42a493ed4dc27773aabcb10c044d87bb802a371db07009d3ec568df760cda320f0560bd1ef53e3d9f4bd70497747409a68417190bc551b1a35429e3544d84cd90c433e1c48a7e5a28679d48b540820613682ca7cbb1b7d4e7f02cb1f106b7af48890be259fb4bc5122bbaf7399f2ad1a78a16f7145d9d42e0ea15be1ce2fae6d8b8b45021444029c42fce41e00a7a4522cc84e9d7f5b3ec6abe2b873a0ac9f18d0045377740e59070e60c3b9444ecd0ab646eb31e36681525031b2910f9e309e869434fdf1021588d289d8b42c795a8b8ad42588a8165bf40e195b7d8beaf1099e8539bc4ab799d8136bf0c5269c13906938d17f2786c1ad9cce2e1f098ab5b54ddd94dd63e8b2338826c544de05f2a13fd31e77fb048f32fb13042e007f5f2a21afece932b056afae22b5daa04397fdae4f3a21c9c25f4269f4bfcdd561b64d8ede15b1e2ceb5cbb813c1f045a63ae201ea87a73c5fe2be73dfc24bcf1b6886356aa5c99b81377c3b0193f2b2a8492e42d2e81fdf8ee5044adf3f2ed19e0d4e580da294a4dbc1edce062b59f3758dbc8d2c4f8f32b2f832c577c43f77d70ccdf60582c167ced7d37bca17c62c22b9f5861f594e26aa54b808af2b06c3793b65c271f5b0e4e3aec2270beb1b5d024d1c0c05dab6a6d4e78b9d98b67f9f465efff30859915ee126cf233fdc9d491a280a019e5c4c41e2659205df8a9f956d1e8da88bcd5da9c4e3e04dcdc77ed9f210e680dc55df94f00e7db14e4e0299de982b34b99b141dea50cf7efcca2bef094c497049a8cfccfbcad1b041f9aaa2a00610f9f74ce251e280561151a4410def462bcfe7f3f23bd4e484e56c86b31dc7307d8694d8d46ab3d38c7a25ecc69856d7e9b16c87563aa55423d2c9f9f3c056c83a854ea4d872c367dac2ba28b6751239758fc99d5eeac0f6f6306c3c70313f4f9900cb49973618547fab9a0318479738434fc0813edde41c57d647e92732a71741864544f903e3fb7673b823c5f87194b30732e33a89b811bc6383ecb94a0b6fd8a75107effaa970298881b6b62644998bc841a5d9ec9ca8d1b2dbb27d4ae933f90f5415d15a9ae974f2c998ceed6277d4d493bdb0c42a163412ff5fd71d0990967bb4d946e2aa78e00789027b7cf46923005942432b79de5fe9d97a5515e013eacfa905f28666d3dd3da1061f46b5306f48ca77746813901c244070aeccc2a4940864c457dbee076caaabb065b90f696f51a40cd3d9f9e5cea07f53ec46f881f8989d56ba079055034687a49a3757547789c0706d9ad105d1ce8288fe182c60c753a57b802da08caf0af15d82166c225084887385f718d6c85e6ee5d234b01d6eadf48a1dbf1461585869399ccf7bd559146e642487e9e84555b3e6f46306bfecc1aac787164aa6e0c28fdce02fd7c7fc05f7e13aa1f3dc35a14cc02e8e331190904a030da7c470249bc9a1df9f03deba1869a33c7baf52f2231dcf5c4829c83a46c943a19372ed3e3ffd1abdd96a269c9b566b801bc9361579bd09a2c2dbf35d2b59eba0255148029ec677c46f3eeb15882bf647d4ecf8d9bdc7419b8d6543d9fa152820394cf3ddeaecbe4aa0dda925715e435947ea6cb9bbf9ad4a43523b9d29ecb92abe29c864cb6aaa43f69241f141416c22b6d16205444031473a3d684d6fd6a2c2501b27162373c496ed5f5730af4798b6541225711b90a57a4946e9a8e55c5ddd39caa551ee4a347e290b99cfdb354ac4c214383322525dfaf298b55ba8b846d7e8efc4aa007e6a5c079d7b4fb55e09b1470c40d74cffff0e207e70c8c84e8f1753f57287d0a46508c5c67760501288e1f2c31c466b85f0d486b74565ff5d63a71f7725c6aa46e2c8cddcddcf6c2904cc5aa42e51c22cb664c84843ceeda345652a8bf2be97307330e65c66bc9ed133d83dce23fadd5143c1ada237fa699efc50e1be60eaa255962ffe043a176cb7c6ec4b508005dd4ac3dc53307425da4ba42503c0ca7342be75293ead753bf76b30e5a39d89b23e46c0bf23097c119b4733f38889afa0a74b6078fc6aadb118e74b0ad5e1384c569421915892f36094749f73a55b7ecf1cccf55e8ab2b63b4df23036d61e9845d041377b76aa03326c31f0525517177fbbc6ec945146103f1b1826e1a9eec1932d887c82886765cff430df3752d4bb4bc9aa81167b42cff5503bd486302abed1f5b67699b9e3352455da2f48f6531c75b0a521c04f5c115ad46382ea9008bc7b7a913b46ce8dc89e7a33b11a170184f1e09f0ce63c904548c5cedee65906c1930a585e0264f7ecf706a2deda9dadf2bec37f31e3c58c5c4f640dda770034b1840872b2de58c73f80e0b059595e398ec003f7079d4679cc0f7b45cbbfef3ad644304c603804320aa195e20b5537eb9f2778b50a30fd0e1e053c918e08df80636c68e9e7edde3f44a8c740088457c9be223815dec16e02b765bed8cde65d11143ac9ca1739b0c54fdf27071cef609f8364b07a842d0db89b4573d853a623b81d5cbfed0d26d2ba938016bdda77fcd005e406f11f6ae1e09714178de733497745d7dc6e24ca5c65ebb451ad190d50d67bac1c2a349fa453b2105aa09ff25c2e873ec70da0145805b7b9131b3a6ada55b3bdf9e5ed43e34adc7efd83e5f92658d8d1f0e0ad2c64ac580d9755e631dccc8d9238706023c9db583d098f83d19eb9f45e44b353b89a0af15badc7b4faef26fb5ccbea3b7f", @generic="abaae47db3fe8d8a50ecba5ccfe58948bab3c0aaf54be1f86d74a47c46946beea972c8bb49245ae67d79bc76b8d3350988a339e270c7406b06c2fe18e6f21856b0608d2c53d4d7cf9b6dfbf131f2e22791b063fed1a7288557f83ff456e62601464a58edc08ce952c1aa703aa8378ac9378da7ccdc30d259c5a71f660a91806bac6761c8af58341d5c78288277fcd5402c88b6008c8f", @generic="a4d1ccaf7c13a039a682e4f02ce91c4bee53a5ab4aa8851e414af2f50a74ad4305b3a2f15a6945d3d13afce3589ce8e046766775aa481ad1afdcba37cde2a3a17c72f6296f33a2a8496cdb175b9b9d8348ae091906fe00ad1839d87924ba2ea40465", @generic="ab65c6bf2fb24502aca175ed07310a0d83d411df"]}, @typed={0x8, 0x79, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x120c}}, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc01cf509, &(0x7f0000003940)={<r7=>0xffffffffffffffff, 0x80000000, 0x4, 0x4})
write$sndseq(r7, &(0x7f0000003a80)=[{0x42, 0x0, 0x0, 0x65, @tick=0x1, {0x7, 0x9}, {0x2e, 0x3}, @raw32={[0x30a1, 0x4, 0x3]}}, {0xe9, 0x3, 0x6, 0x3, @tick=0x8, {0x12, 0x7f}, {0x5}, @connect={{0xe, 0xa3}, {0x8, 0x6}}}, {0x2, 0x8, 0x9, 0x2, @tick=0xfffffff8, {0x1, 0xb}, {0x81}, @addr={0x3, 0x10}}, {0x0, 0x3, 0x3, 0x5, @tick=0x25c5, {0x9}, {0x3, 0x8}, @time=@time={0x2, 0x8}}, {0xf0, 0x8, 0x1, 0x2, @tick=0xb, {0x3, 0x6}, {0xa, 0xd3}, @raw32={[0x0, 0x80, 0x5]}}, {0x1, 0x7, 0x0, 0x7, @tick=0x10, {0x7, 0xf}, {0x57, 0x2}, @time=@time={0x7d00, 0x5}}, {0x4, 0xf7, 0x37, 0x8, @time={0x1, 0x4}, {0x4, 0x8}, {0x4, 0x8}, @raw8={"eea036b2deddf2288396af11"}}, {0x3, 0x4, 0x9, 0xf, @time={0x0, 0x2}, {0x2, 0x9}, {0x6, 0x9}, @ext={0xd2, &(0x7f0000003980)="f477e5abfc4b60e88f7b4caa15c3978fbe011a7b55bc9f1b7222699982a37e2d88a4aa940203360b856d7c4407b0b30100dd8cc66de78b033d97e9983ca6352628b2a4f22f74b1f08d30f0b13b13759c382230f5d8e742a6a4501d901b4739ea9c349bc6451d6785f032c1f4d99f53c7199ae36b0d3d93cf522f293face6afdf39d20fcd34e5964f70ceb527c99b0799dc673f1d4986c0a379d52186272b50014657925a95733b84bec244ce07a2195c5ac58559f8d452e87fe35665d7e8a98e078c7e45eacfe597565c5e79c3211082c842"}}], 0xe0) (async)
r8 = openat$mice(0xffffff9c, &(0x7f0000003b80), 0x32142)
setsockopt$RDS_CANCEL_SENT_TO(r8, 0x114, 0x1, &(0x7f0000003bc0)={0x2, 0x4e20, @loopback}, 0x10)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000000, 0x110, 0xffffffffffffffff, 0x4a000) (async, rerun: 64)
openat$sysctl(0xffffff9c, &(0x7f0000003c00)='/proc/sys/net/ipv4/tcp_mtu_probing\x00', 0x1, 0x0) (async, rerun: 64)
socket(0xa, 0x80000, 0x1)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000003c40)) (async)
ioctl$TIOCSISO7816(r1, 0xc0285443, &(0x7f0000003c80)={0x1, 0x40, 0xf, 0x7, 0x10}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000003cc0)={0x73622a85, 0x1100}) (async)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r8, 0x13, &(0x7f0000003d00)=[0x4, 0x2], 0x2)

689.446373ms ago: executing program 2 (id=1522):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)={0x50, r2, 0x1, 0x0, 0xd000000, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x2a, 0x33, @action={{{}, {}, @broadcast, @device_a, @initial, {0x0, 0x400}}, @ext_ch_sw={0x4, 0x4, {{0x0, 0x0, 0x2}, @val={0x76, 0x6, {0x4, 0x5, 0x19, 0x3}}}}}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}]}, 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

689.086786ms ago: executing program 3 (id=1523):
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_load={'load ', 'ecryptfs', 0x20, 'user:', 'trusted:', 0x20, 0x40}, 0x32, 0xfffffffffffffffc)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f00000001c0)="fe41b679d70ef872d5108c6466f274c90e211b4b0018c11369e21ab3fb30bf08d6e8febdc32baf04ecae4f8abdc6ec0f05e4ddc1c3714fae14514db33351b9b78932c1c7f66ffaf9f9e068080cdef3909f1b217ba2c2717a62a93f68992379af7a5e65b83e598dcc4c1deec2c1b929920da96d714bae4a9d72f3e6c5aded15913f6054eeedf5286110db90f29766767f2a1323558eb3361d6ac7", 0x9a, 0xfffffffffffffffe)
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x9c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x6c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5}]}]}]}}]}, 0x9c}}, 0x0)
openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
socketpair(0x9, 0x3, 0x0, &(0x7f00000000c0))

620.171433ms ago: executing program 2 (id=1524):
signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x3]}, 0x8, 0xc0800)
r0 = creat(&(0x7f0000000180)='./file0\x00', 0x0)
mount(&(0x7f0000000540)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='zonefs\x00', 0x0, 0x0)
openat$sysctl(0xffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='net\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000003c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x4}]})
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0)
statx(r2, 0x0, 0x1000, 0x400, &(0x7f0000000080))
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setresuid(0x0, r3, 0x0)
r4 = geteuid()
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000001c0)={{{@in, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@multicast1}, 0x0, @in=@local}}, &(0x7f0000000100)=0xe4)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
prctl$PR_SET_NAME(0xf, &(0x7f0000000200)='\x00\x9b\xd6\xeb\x81</ \xf1<\xb8\xf8\x8aK\x9d0:gV\xb5$&\x82\xa7\x1d\x0f\x9f\xe4\xe6\"i;\xef\x17L)R\xd9\xae\x1f\x9dll\xa0X\xfdl\x9d\xf4\xa8]_\xb9c\xdf\x00\x00\x00\x00\x00\x00s\x9ct~\x1d\xf7\xe1\x984\xc3~U\xb8\xed\x90\xa0_\x0e\xde\tv\xaa@\xcb\\\'n\x8e\x8eb\xb7\xdad\xac\x9b\xf6LM\x8d\x1cR\x8e\x03\xb7f\xc6S\x1b\xd1\xc4l\xf9\xfa\x18\xd9\n\x01\xe6\xdd\xb5\x02\x04\xbc\x0f\xf0\x9b\xc0\x169\xfa\xee\xfaA\xa5\xbfI\xa2\x11\xb2e^\xd7b\xfa\x8d\xfe\xd5l\xdb\x15\xa9n\x8e-X\xc6i\xfc\xc6\xcf\xf8\x14j\x7f(\xe3\xbcP\x84\x80\xc2\xfcH\xab\xd6\xe4h%\xdfo\xe1\xf3jq\x91*\x17\xf4\x81\x1e\x14L\x1e\xc1a\xa2\x97\x80i\xb4\xe1J\xf6\xc5\xb4\xf6\xe4{\x8a\x84\xaa\x86:\xd7\x1c\xbe\x8cZ\x87Dht<\xb6f\xdf\xc9\xd0\x98\xfb\x10\t\xf3\x1c4(\xc4}n\xa3@\xfbyf:\x95\x14\xc4\xd69~(\xe9\xd1\xe7\xfe\xa2\x80\xd4v\x93\x00\x00\x00\x00\xd2\xd6;\x10p\t\xc5\xf1h{\xd9\xa1u\xbf\x10\x81\xe6\xd0\xdf\xcb\x99\xaf\x93F\xc2\x84\xacu\xf3\xda\xcc\xa5\x04\x8d\x85\xed\x05\agB\xc5c\xa0\v\x9dxW\xfb\xb9.{\x9f\x93Bl\xf7\a\xb20x\x1d2lM\x86\x90\xffG\xa6Xm\xcd\x0e\xebb\xa3\x8a\xf01\xe6\x8c`\x04\xb5\x89\xbe\xb9O\x15\x90\xdc\xe78g\xcds=p\xd0?\x81\x1a\xe3\xe0$*WI.\xc5a\xea\x98\x14\xe1\xc8\xf6\xec\xfa\x8f\xa6_\xc4\xb0w\x88\xc1mA\x11\x83\x94\x86\xf3%\x83\n]\xf0\xcd\xfc\xc5\xfd\x96\r\xc7D\xe2\x18\xb0\xa9[\x85\xf5\xbfK=\xf6\xbc')
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
epoll_create1(0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, <r7=>0x0}, &(0x7f0000000280)=0x5)
setuid(r7)
mount$9p_tcp(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x420, &(0x7f00000002c0)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@noextend}, {@access_client}, {@cachetag={'cachetag', 0x3d, '/dev/nbd'}}, {@version_9p2000}, {@posixacl}, {@posixacl}, {@access_client}, {@access_uid={'access', 0x3d, r3}}, {@aname={'aname', 0x3d, 'zonefs\x00'}}, {@debug={'debug', 0x3d, 0x7}}], [{@uid_gt={'uid>', r4}}, {@euid_eq={'euid', 0x3d, r5}}, {@defcontext={'defcontext', 0x3d, 'root'}}, {@uid_lt={'uid<', r7}}]}})

570.281527ms ago: executing program 3 (id=1525):
r0 = socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7}}}, 0x24}}, 0x0)

569.930767ms ago: executing program 1 (id=1526):
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x12, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="7400000003010103000000070000000000000003140001800c26034000020000060003400004000014001980080002000003000008000100020000001094f42aa00002800500020002000000200004801c0003800800024000000004080002400000000505000100d30000000800154000200000"], 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x20000804)
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x0, 0x12, r0, 0x0)
futex(&(0x7f000000cffc)=0x20000003, 0x1, 0x2, 0x0, 0x0, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x800, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4000004)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000003b0007010000000000000000047c0000ec0000000c00018006000600800a0000100002800c000b"], 0x34}, 0x1, 0x0, 0x0, 0x20048010}, 0xc000)

562.075962ms ago: executing program 3 (id=1527):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000005c0)={'syztnl1\x00', <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @loopback}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f0000000100)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private0, 0x0, 0x1f00}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
capset(0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
mlockall(0x7)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000180)={'ip_vti0\x00', r2, 0x20, 0x1, 0x800, 0x900000, {{0xa, 0x4, 0x2, 0xf, 0x28, 0x65, 0x0, 0xfe, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010102, {[@lsrr={0x83, 0x13, 0x3a, [@private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback]}]}}}}})
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f0000000240)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
r6 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid_for_children\x00')
ioctl$NS_GET_USERNS(r6, 0xb701, 0x0)
futex(&(0x7f0000000040), 0x5, 0x0, 0x0, &(0x7f0000000140), 0x35000000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r7, 0xaf01, 0x0)
ioctl$VHOST_SET_OWNER(r7, 0xaf01, 0x0)
syz_clone(0x80000480, 0x0, 0x0, 0x0, 0x0, 0x0)
mlockall(0x7)

280.180806ms ago: executing program 3 (id=1528):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r1, 0x0)
io_cancel(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0cc5605, &(0x7f0000000180)={0x1, @vbi={0x0, 0x0, 0x32314241}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0xe, 0x4, &(0x7f0000000d40)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000af00f5ff9400000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

0s ago: executing program 3 (id=1529):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
accept4(r0, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$netlink(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a0001"], 0x50}}, 0x4000000)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socket$packet(0x11, 0x3, 0x300)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r3, @ANYBLOB="01000000000000000000010000000c0005006c000000000000000c0002000000000000000000040007800c000800000000000000000008000100000000004400078008000100", @ANYBLOB="38000100", @ANYRES32=r4, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB="08000100", @ANYBLOB="06"], 0x90}}, 0x0)

kernel console output (not intermixed with test programs):

86][ T7816]  ? __pfx___dev_queue_xmit+0x10/0x10
[  112.754987][ T7816]  netlink_rcv_skb+0x165/0x410
[  112.756591][ T7816]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  112.758105][ T7816]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  112.759602][ T7816]  ? netlink_deliver_tap+0x1ae/0xcf0
[  112.761019][ T7816]  netlink_unicast+0x53c/0x7f0
[  112.762295][ T7816]  ? __pfx_netlink_unicast+0x10/0x10
[  112.763688][ T7816]  ? __phys_addr_symbol+0x30/0x80
[  112.765017][ T7816]  ? __check_object_size+0x4a1/0x710
[  112.766521][ T7816]  netlink_sendmsg+0x8b8/0xd70
[  112.767807][ T7816]  ? __pfx_netlink_sendmsg+0x10/0x10
[  112.769298][ T7816]  ? lock_acquire+0x2f/0xb0
[  112.770512][ T7816]  ____sys_sendmsg+0x9ae/0xb40
[  112.771801][ T7816]  ? __pfx_____sys_sendmsg+0x10/0x10
[  112.773204][ T7816]  ? get_compat_msghdr+0x11b/0x170
[  112.774562][ T7816]  ? __pfx___lock_acquire+0x10/0x10
[  112.775939][ T7816]  ___sys_sendmsg+0x135/0x1e0
[  112.777254][ T7816]  ? __pfx____sys_sendmsg+0x10/0x10
[  112.778674][ T7816]  ? lock_acquire+0x2f/0xb0
[  112.779934][ T7816]  ? __fget_files+0x40/0x3f0
[  112.781201][ T7816]  ? fdget+0x176/0x210
[  112.782354][ T7816]  __sys_sendmsg+0x117/0x1f0
[  112.783652][ T7816]  ? __pfx___sys_sendmsg+0x10/0x10
[  112.784995][ T7816]  ? __fget_files+0x244/0x3f0
[  112.786321][ T7816]  __do_fast_syscall_32+0x73/0x120
[  112.787673][ T7816]  do_fast_syscall_32+0x32/0x80
[  112.788952][ T7816]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  112.790599][ T7816] RIP: 0023:0xf747e579
[  112.791675][ T7816] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  112.796810][ T7816] RSP: 002b:00000000f574556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  112.798986][ T7816] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020006040
[  112.801063][ T7816] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  112.803509][ T7816] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  112.805679][ T7816] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  112.808011][ T7816] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  112.810185][ T7816]  </TASK>
[  112.852940][ T7819] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.781'.
[  113.152765][ T5391] usb 5-1: USB disconnect, device number 10
[  113.267970][ T7822] overlayfs: conflicting options: verity=on,redirect_dir=follow
[  113.276727][ T7822] netlink: 232 bytes leftover after parsing attributes in process `syz.0.782'.
[  113.377033][   T39] kauditd_printk_skb: 7 callbacks suppressed
[  113.377067][   T39] audit: type=1800 audit(1729730597.094:323): pid=7822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.782" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  113.535768][ T7827] pim6reg1: entered promiscuous mode
[  113.537285][ T7827] pim6reg1: entered allmulticast mode
[  113.806380][ T7855] netlink: 'syz.0.792': attribute type 10 has an invalid length.
[  113.817513][ T7855] 8021q: adding VLAN 0 to HW filter on device batadv0
[  113.820057][ T7855] team0: Port device batadv0 added
[  114.658544][   T63] IPVS: starting estimator thread 0...
[  114.760900][ T7876] IPVS: using max 36 ests per chain, 86400 per kthread
[  114.956915][ T7882] pim6reg1: entered promiscuous mode
[  114.958348][ T7882] pim6reg1: entered allmulticast mode
[  115.150707][ T7890] __nla_validate_parse: 11 callbacks suppressed
[  115.150718][ T7890] netlink: 4 bytes leftover after parsing attributes in process `syz.1.803'.
[  115.322782][ T7898] netlink: 4 bytes leftover after parsing attributes in process `syz.2.805'.
[  116.698057][ T7926] netlink: 4 bytes leftover after parsing attributes in process `syz.1.811'.
[  116.876063][ T7930] netlink: 12 bytes leftover after parsing attributes in process `syz.2.812'.
[  117.083763][ T7936] futex_wake_op: syz.3.815 tries to shift op by 144; fix this program
[  117.086350][ T7936] netlink: 'syz.3.815': attribute type 1 has an invalid length.
[  117.089068][ T7936] netlink: 224 bytes leftover after parsing attributes in process `syz.3.815'.
[  117.097742][ T7936] loop2: detected capacity change from 0 to 16384
[  117.592508][ T7946] netlink: 'syz.0.827': attribute type 9 has an invalid length.
[  117.595359][ T7946] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.827'.
[  117.598708][ T7946] openvswitch: netlink: Message has 8 unknown bytes.
[  117.616843][ T7948] netlink: 4 bytes leftover after parsing attributes in process `syz.3.818'.
[  118.489805][ T7968] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.823'.
[  118.846464][ T7977] netlink: 4 bytes leftover after parsing attributes in process `syz.1.826'.
[  118.979734][ T7986] usb 2-1: USB disconnect, device number 3
[  119.060050][ T7987] hub 2-0:1.0: USB hub found
[  119.062325][ T7987] hub 2-0:1.0: 6 ports detected
[  119.221022][ T5391] usb 2-1: new high-speed USB device number 4 using ehci-pci
[  119.406039][ T5391] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  119.409318][ T5391] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  119.412636][ T5391] usb 2-1: Product: QEMU USB Tablet
[  119.414527][ T5391] usb 2-1: Manufacturer: QEMU
[  119.416239][ T5391] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  119.437797][ T5391] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0011/input/input8
[  119.505202][ T5391] hid-generic 0003:0627:0001.0011: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  119.710724][   T39] audit: type=1326 audit(1729730603.424:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  119.739687][   T39] audit: type=1326 audit(1729730603.424:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  119.750592][   T39] audit: type=1326 audit(1729730603.424:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  119.757594][   T39] audit: type=1326 audit(1729730603.424:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  119.763978][   T39] audit: type=1326 audit(1729730603.424:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  119.771194][   T39] audit: type=1326 audit(1729730603.424:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=92 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  119.778581][   T39] audit: type=1326 audit(1729730603.424:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  119.794871][   T39] audit: type=1326 audit(1729730603.424:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  119.805282][   T39] audit: type=1326 audit(1729730603.424:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  119.816597][   T39] audit: type=1326 audit(1729730603.424:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  120.131424][ T1993] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  120.515510][ T1993] usb 8-1: config index 0 descriptor too short (expected 45, got 36)
[  120.521750][ T1993] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  120.526965][ T1993] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  120.530874][ T1993] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  120.535841][ T1993] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  120.538983][ T1993] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.554652][ T1993] usb 8-1: config 0 descriptor??
[  120.562684][ T7997] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  120.787581][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.837'.
[  121.004212][ T8020] netlink: 4 bytes leftover after parsing attributes in process `syz.2.839'.
[  121.011379][ T1993] plantronics 0003:047F:FFFF.0012: unknown main item tag 0xd
[  121.014039][ T1993] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[  121.024738][ T1993] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  121.315079][   T30] usb 8-1: USB disconnect, device number 6
[  121.896748][ T8029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.841'.
[  122.084865][ T8038] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.842'.
[  122.815245][ T8056] netlink: 12 bytes leftover after parsing attributes in process `syz.0.854'.
[  122.844320][ T8057] usb 2-1: USB disconnect, device number 4
[  122.894821][ T8057] hub 2-0:1.0: USB hub found
[  122.897538][ T8057] hub 2-0:1.0: 6 ports detected
[  123.090943][   T63] usb 2-1: new high-speed USB device number 5 using ehci-pci
[  123.284887][   T63] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  123.287335][   T63] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  123.289481][   T63] usb 2-1: Product: QEMU USB Tablet
[  123.291015][   T63] usb 2-1: Manufacturer: QEMU
[  123.292307][   T63] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  123.311115][   T63] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0013/input/input10
[  123.343222][ T8046] Process accounting resumed
[  123.381755][   T63] hid-generic 0003:0627:0001.0013: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  123.661514][ T8074] netlink: 4 bytes leftover after parsing attributes in process `syz.0.852'.
[  123.831062][   T63] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  123.984965][   T63] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  123.988115][   T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.991140][   T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.993725][   T63] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  123.999231][   T63] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  124.001811][   T63] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  124.003946][   T63] usb 7-1: Manufacturer: syz
[  124.009150][   T63] usb 7-1: config 0 descriptor??
[  124.416573][   T63] appleir 0003:05AC:8243.0014: unknown main item tag 0x0
[  124.418760][   T63] appleir 0003:05AC:8243.0014: No inputs registered, leaving
[  124.423909][   T63] appleir 0003:05AC:8243.0014: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  124.624995][ T8082] netlink: 4 bytes leftover after parsing attributes in process `syz.0.855'.
[  124.672428][ T8083] netlink: 12 bytes leftover after parsing attributes in process `syz.3.856'.
[  125.013836][    T9] usb 7-1: USB disconnect, device number 9
[  125.022262][   T39] kauditd_printk_skb: 59 callbacks suppressed
[  125.022275][   T39] audit: type=1326 audit(1729730608.744:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8109 comm="syz.1.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  125.030722][   T39] audit: type=1326 audit(1729730608.744:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8109 comm="syz.1.860" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf747e579 code=0x7ffc0000
[  125.041595][   T39] audit: type=1326 audit(1729730608.744:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8109 comm="syz.1.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  125.049104][   T39] audit: type=1326 audit(1729730608.744:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8109 comm="syz.1.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  125.109961][ T8124] netlink: 8 bytes leftover after parsing attributes in process `syz.1.861'.
[  125.227678][   T39] audit: type=1326 audit(1729730608.944:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.0.862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  125.233732][   T39] audit: type=1326 audit(1729730608.944:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.0.862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  125.239433][   T39] audit: type=1326 audit(1729730608.954:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.0.862" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  125.245347][   T39] audit: type=1326 audit(1729730608.954:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.0.862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  125.251023][   T39] audit: type=1326 audit(1729730608.954:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.0.862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  125.699681][ T8121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  125.858237][ T8141] syz.3.866: attempt to access beyond end of device
[  125.858237][ T8141] nbd3: rw=0, sector=2, nr_sectors = 1 limit=0
[  126.223196][ T8156] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.870'.
[  126.325715][ T8159] binder: 8157:8159 unknown command 25366
[  126.327383][ T8159] binder: 8157:8159 ioctl c0306201 20000040 returned -22
[  126.346017][ T8161] netlink: 4 bytes leftover after parsing attributes in process `syz.3.872'.
[  126.432237][ T8164] netlink: 12 bytes leftover after parsing attributes in process `syz.3.873'.
[  126.438073][ T8164] FAULT_INJECTION: forcing a failure.
[  126.438073][ T8164] name failslab, interval 1, probability 0, space 0, times 0
[  126.443221][ T8164] CPU: 2 UID: 0 PID: 8164 Comm: syz.3.873 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  126.445949][ T8164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  126.448636][ T8164] Call Trace:
[  126.449473][ T8164]  <TASK>
[  126.450204][ T8164]  dump_stack_lvl+0x16c/0x1f0
[  126.451405][ T8164]  should_fail_ex+0x497/0x5b0
[  126.452569][ T8164]  ? fs_reclaim_acquire+0xae/0x150
[  126.453808][ T8164]  should_failslab+0xc2/0x120
[  126.455014][ T8164]  __kmalloc_noprof+0xcb/0x410
[  126.456265][ T8164]  ? __pfx_lock_release+0x10/0x10
[  126.457569][ T8164]  flow_rule_alloc+0x29/0xf0
[  126.458752][ T8164]  fl_hw_replace_filter+0x138/0x5e0
[  126.460085][ T8164]  ? __pfx_fl_hw_replace_filter+0x10/0x10
[  126.461505][ T8164]  ? lock_acquire+0x2f/0xb0
[  126.462655][ T8164]  ? fl_change+0x3501/0x4dd0
[  126.463824][ T8164]  fl_change+0x28ed/0x4dd0
[  126.464992][ T8164]  ? fl_change+0x3066/0x4dd0
[  126.466171][ T8164]  ? __pfx_fl_change+0x10/0x10
[  126.467389][ T8164]  ? fl_get+0x215/0x3b0
[  126.468422][ T8164]  ? __pfx_fl_get+0x10/0x10
[  126.469587][ T8164]  ? __pfx_fl_change+0x10/0x10
[  126.470808][ T8164]  tc_new_tfilter+0xc49/0x2450
[  126.472001][ T8164]  ? __pfx_tc_new_tfilter+0x10/0x10
[  126.473306][ T8164]  ? __pfx___lock_acquire+0x10/0x10
[  126.474626][ T8164]  ? kmem_cache_free+0x152/0x4b0
[  126.475841][ T8164]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  126.477162][ T8164]  ? __pfx_lock_release+0x10/0x10
[  126.478439][ T8164]  ? trace_lock_acquire+0x14a/0x1d0
[  126.479756][ T8164]  ? __pfx_tc_new_tfilter+0x10/0x10
[  126.481002][ T8164]  rtnetlink_rcv_msg+0x95b/0xea0
[  126.482232][ T8164]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  126.483593][ T8164]  ? __pfx___dev_queue_xmit+0x10/0x10
[  126.484917][ T8164]  netlink_rcv_skb+0x165/0x410
[  126.486135][ T8164]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  126.487494][ T8164]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  126.488840][ T8164]  ? netlink_deliver_tap+0x1ae/0xcf0
[  126.490161][ T8164]  netlink_unicast+0x53c/0x7f0
[  126.491564][ T8164]  ? __pfx_netlink_unicast+0x10/0x10
[  126.492829][ T8164]  ? __phys_addr_symbol+0x30/0x80
[  126.494105][ T8164]  ? __check_object_size+0x488/0x710
[  126.495605][ T8164]  netlink_sendmsg+0x8b8/0xd70
[  126.496859][ T8164]  ? __pfx_netlink_sendmsg+0x10/0x10
[  126.498203][ T8164]  ? lock_acquire+0x2f/0xb0
[  126.499383][ T8164]  ____sys_sendmsg+0x9ae/0xb40
[  126.500620][ T8164]  ? __pfx_____sys_sendmsg+0x10/0x10
[  126.502101][ T8164]  ? get_compat_msghdr+0x11b/0x170
[  126.503408][ T8164]  ? __pfx___lock_acquire+0x10/0x10
[  126.504729][ T8164]  ___sys_sendmsg+0x135/0x1e0
[  126.505888][ T8164]  ? __pfx____sys_sendmsg+0x10/0x10
[  126.507200][ T8164]  ? lock_acquire+0x2f/0xb0
[  126.508378][ T8164]  ? __fget_files+0x40/0x3f0
[  126.509656][ T8164]  ? fdget+0x176/0x210
[  126.510767][ T8164]  __sys_sendmsg+0x117/0x1f0
[  126.511935][ T8164]  ? __pfx___sys_sendmsg+0x10/0x10
[  126.513203][ T8164]  ? __fget_files+0x244/0x3f0
[  126.514410][ T8164]  __do_fast_syscall_32+0x73/0x120
[  126.515760][ T8164]  do_fast_syscall_32+0x32/0x80
[  126.516953][ T8164]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  126.518508][ T8164] RIP: 0023:0xf7fb4579
[  126.519560][ T8164] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  126.524052][ T8164] RSP: 002b:00000000f571556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  126.526112][ T8164] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020006040
[  126.528539][ T8164] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  126.530453][ T8164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  126.532400][ T8164] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  126.534290][ T8164] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  126.536674][ T8164]  </TASK>
[  126.800986][ T1993] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  126.930456][   T39] audit: type=1326 audit(1729730610.644:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8182 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000
[  126.975444][ T1993] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  126.978922][ T1993] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.984175][ T1993] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.986933][ T1993] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  126.996326][ T1993] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  126.998915][ T1993] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  127.001491][ T1993] usb 6-1: Manufacturer: syz
[  127.005144][ T1993] usb 6-1: config 0 descriptor??
[  127.166124][ T8191] program syz.2.880 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  127.331670][ T8194] netlink: 12 bytes leftover after parsing attributes in process `syz.3.881'.
[  127.420498][ T1993] appleir 0003:05AC:8243.0015: unknown main item tag 0x0
[  127.423556][ T1993] appleir 0003:05AC:8243.0015: No inputs registered, leaving
[  127.426918][ T1993] appleir 0003:05AC:8243.0015: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  127.941379][ T5391] usb 6-1: USB disconnect, device number 13
[  128.751562][ T1993] usb 6-1: new low-speed USB device number 14 using dummy_hcd
[  128.881137][ T8234] netlink: 12 bytes leftover after parsing attributes in process `syz.0.894'.
[  128.910808][ T1993] usb 6-1: Invalid ep0 maxpacket: 32
[  129.018065][ T8236] NILFS (nullb0): couldn't find nilfs on the device
[  129.051673][ T1993] usb 6-1: new low-speed USB device number 15 using dummy_hcd
[  129.070678][ T8238] netlink: 8 bytes leftover after parsing attributes in process `syz.3.896'.
[  129.073289][ T8238] netlink: 24 bytes leftover after parsing attributes in process `syz.3.896'.
[  129.284758][ T1993] usb 6-1: Invalid ep0 maxpacket: 32
[  129.286765][ T1993] usb usb6-port1: attempt power cycle
[  129.394873][ T8246] veth0_vlan: left promiscuous mode
[  129.398595][ T8246] veth0_vlan: entered promiscuous mode
[  129.630848][ T1993] usb 6-1: new low-speed USB device number 16 using dummy_hcd
[  129.664165][ T1993] usb 6-1: Invalid ep0 maxpacket: 32
[  129.747419][   T69] veth1_vlan (unregistering): left allmulticast mode
[  129.765330][   T69] bond0: (slave macvlan0): Releasing backup interface
[  129.790912][ T1993] usb 6-1: new low-speed USB device number 17 using dummy_hcd
[  129.811360][ T1993] usb 6-1: Invalid ep0 maxpacket: 32
[  129.812895][ T1993] usb usb6-port1: unable to enumerate USB device
[  129.864922][ T8271] netlink: 8 bytes leftover after parsing attributes in process `syz.2.905'.
[  129.867404][ T8271] netlink: 24 bytes leftover after parsing attributes in process `syz.2.905'.
[  129.915864][ T8275] vivid-007: disconnect
[  130.061009][    T9] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  130.309766][    T9] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  130.350901][    T9] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  130.490903][    T9] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  130.490932][  T830] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  130.507647][ T8275] vivid-007: reconnect
[  130.509286][    T9] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  130.513006][    T9] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  130.516470][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  130.520163][    T9] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  130.523280][    T9] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  130.526064][    T9] usb 5-1: Product: syz
[  130.527478][    T9] usb 5-1: Manufacturer: syz
[  130.529036][    T9] usb 5-1: SerialNumber: syz
[  130.532243][    T9] usb 5-1: config 0 descriptor??
[  130.534426][ T8264] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  130.537603][    T9] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  130.542347][    T9] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  130.620137][ T8286] netlink: 12 bytes leftover after parsing attributes in process `syz.2.910'.
[  130.625984][ T8286] FAULT_INJECTION: forcing a failure.
[  130.625984][ T8286] name failslab, interval 1, probability 0, space 0, times 0
[  130.629207][ T8286] CPU: 0 UID: 0 PID: 8286 Comm: syz.2.910 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  130.631960][ T8286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  130.634730][ T8286] Call Trace:
[  130.635618][ T8286]  <TASK>
[  130.636409][ T8286]  dump_stack_lvl+0x16c/0x1f0
[  130.637724][ T8286]  should_fail_ex+0x497/0x5b0
[  130.638999][ T8286]  should_failslab+0xc2/0x120
[  130.640255][ T8286]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  130.641661][ T8286]  ? skb_clone+0x190/0x3f0
[  130.642580][  T830] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  130.642832][ T8286]  skb_clone+0x190/0x3f0
[  130.645639][  T830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.646737][ T8286]  netlink_deliver_tap+0xb26/0xcf0
[  130.649611][  T830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.650835][ T8286]  netlink_unicast+0x6b4/0x7f0
[  130.650853][ T8286]  ? __pfx_netlink_unicast+0x10/0x10
[  130.650863][ T8286]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  130.650880][ T8286]  netlink_ack+0x6a5/0xb20
[  130.650895][ T8286]  netlink_rcv_skb+0x327/0x410
[  130.653389][  T830] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  130.654623][ T8286]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  130.656788][  T830] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  130.657325][ T8286]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  130.658497][  T830] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  130.659760][ T8286]  ? netlink_deliver_tap+0x1ae/0xcf0
[  130.659776][ T8286]  netlink_unicast+0x53c/0x7f0
[  130.659789][ T8286]  ? __pfx_netlink_unicast+0x10/0x10
[  130.663612][  T830] usb 8-1: Manufacturer: syz
[  130.664540][ T8286]  ? __phys_addr_symbol+0x30/0x80
[  130.668482][  T830] usb 8-1: config 0 descriptor??
[  130.670300][ T8286]  ? __check_object_size+0x488/0x710
[  130.679572][ T8286]  netlink_sendmsg+0x8b8/0xd70
[  130.680828][ T8286]  ? __pfx_netlink_sendmsg+0x10/0x10
[  130.682200][ T8286]  ? lock_acquire+0x2f/0xb0
[  130.683437][ T8286]  ____sys_sendmsg+0x9ae/0xb40
[  130.684695][ T8286]  ? __pfx_____sys_sendmsg+0x10/0x10
[  130.686072][ T8286]  ? get_compat_msghdr+0x11b/0x170
[  130.687417][ T8286]  ? __pfx___lock_acquire+0x10/0x10
[  130.688775][ T8286]  ___sys_sendmsg+0x135/0x1e0
[  130.690012][ T8286]  ? __pfx____sys_sendmsg+0x10/0x10
[  130.691386][ T8286]  ? lock_acquire+0x2f/0xb0
[  130.692583][ T8286]  ? __fget_files+0x40/0x3f0
[  130.693802][ T8286]  ? fdget+0x176/0x210
[  130.694875][ T8286]  __sys_sendmsg+0x117/0x1f0
[  130.696217][ T8286]  ? __pfx___sys_sendmsg+0x10/0x10
[  130.697569][ T8286]  ? __fget_files+0x244/0x3f0
[  130.698823][ T8286]  __do_fast_syscall_32+0x73/0x120
[  130.700208][ T8286]  do_fast_syscall_32+0x32/0x80
[  130.701497][ T8286]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  130.703156][ T8286] RIP: 0023:0xf746e579
[  130.704246][ T8286] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  130.709249][ T8286] RSP: 002b:00000000f573556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  130.711440][ T8286] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020006040
[  130.713510][ T8286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  130.715587][ T8286] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  130.717655][ T8286] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  130.719727][ T8286] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  130.721789][ T8286]  </TASK>
[  130.762021][ T5391] usb 5-1: USB disconnect, device number 11
[  130.765522][ T5391] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  131.077237][  T830] appleir 0003:05AC:8243.0016: unknown main item tag 0x0
[  131.079572][  T830] appleir 0003:05AC:8243.0016: No inputs registered, leaving
[  131.083319][  T830] appleir 0003:05AC:8243.0016: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  131.425979][   T39] kauditd_printk_skb: 23 callbacks suppressed
[  131.425990][   T39] audit: type=1804 audit(1729730615.144:426): pid=8294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.912" name="/newroot/244/file0/file0" dev="ramfs" ino=23690 res=1 errno=0
[  131.497270][ T8298] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  131.512725][ T8300] netlink: 8 bytes leftover after parsing attributes in process `syz.2.915'.
[  131.515905][ T8300] netlink: 24 bytes leftover after parsing attributes in process `syz.2.915'.
[  131.562479][ T8306] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  131.580612][ T8308] netlink: 4 bytes leftover after parsing attributes in process `syz.1.919'.
[  131.594649][   T63] usb 8-1: USB disconnect, device number 7
[  131.682495][ T8312] netlink: 12 bytes leftover after parsing attributes in process `syz.1.920'.
[  131.810893][   T30] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  131.960867][   T30] usb 7-1: Using ep0 maxpacket: 8
[  131.964258][   T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  131.967438][   T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  131.970333][   T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  131.973661][   T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  131.977773][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  131.981874][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  131.985818][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  131.990408][   T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  131.993771][   T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  131.996399][   T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  131.999669][   T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  132.002698][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  132.005693][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  132.008518][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  132.011913][   T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  132.014214][   T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  132.016734][   T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  132.019661][   T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  132.023767][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  132.027388][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  132.030648][   T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  132.036443][   T30] usb 7-1: string descriptor 0 read error: -22
[  132.038759][   T30] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  132.041223][   T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.048134][   T30] adutux 7-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  132.181788][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  132.275447][ T8306] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  132.419328][   T30] usb 7-1: USB disconnect, device number 10
[  132.542148][ T8324] netlink: 4 bytes leftover after parsing attributes in process `syz.0.923'.
[  132.544262][ T8325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.925'.
[  132.734229][ T8331] netlink: 12 bytes leftover after parsing attributes in process `syz.0.926'.
[  132.742697][ T8331] FAULT_INJECTION: forcing a failure.
[  132.742697][ T8331] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.746098][ T8331] CPU: 1 UID: 0 PID: 8331 Comm: syz.0.926 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0
[  132.749146][ T8331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  132.752928][ T8331] Call Trace:
[  132.754077][ T8331]  <TASK>
[  132.755117][ T8331]  dump_stack_lvl+0x16c/0x1f0
[  132.756818][ T8331]  should_fail_ex+0x497/0x5b0
[  132.758343][ T8331]  _copy_to_user+0x30/0xc0
[  132.759888][ T8331]  simple_read_from_buffer+0xd0/0x160
[  132.761824][ T8331]  proc_fail_nth_read+0x198/0x270
[  132.763210][ T8331]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  132.764653][ T8331]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  132.766094][ T8331]  vfs_read+0x1ce/0xbd0
[  132.767203][ T8331]  ? __fget_files+0x23a/0x3f0
[  132.768436][ T8331]  ? fdget_pos+0x24c/0x360
[  132.769925][ T8331]  ? __pfx_lock_release+0x10/0x10
[  132.771753][ T8331]  ? trace_lock_acquire+0x14a/0x1d0
[  132.773200][ T8331]  ? __pfx_vfs_read+0x10/0x10
[  132.774874][ T8331]  ? __pfx___mutex_lock+0x10/0x10
[  132.776787][ T8331]  ? __fget_files+0x244/0x3f0
[  132.778128][ T8331]  ksys_read+0x12f/0x260
[  132.779283][ T8331]  ? __pfx_ksys_read+0x10/0x10
[  132.780526][ T8331]  __do_fast_syscall_32+0x73/0x120
[  132.781859][ T8331]  do_fast_syscall_32+0x32/0x80
[  132.783173][ T8331]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  132.785340][ T8331] RIP: 0023:0xf7f72579
[  132.786904][ T8331] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  132.793564][ T8331] RSP: 002b:00000000f56d55a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  132.795707][ T8331] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00000000f56d5620
[  132.797650][ T8331] RDX: 000000000000000f RSI: 00000000f73fbff4 RDI: 0000000000000000
[  132.800030][ T8331] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  132.802766][ T8331] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  132.805437][ T8331] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  132.808176][ T8331]  </TASK>
[  132.838542][ T8334] netlink: 8 bytes leftover after parsing attributes in process `syz.2.927'.
[  132.841250][ T8336] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  132.841863][ T8334] netlink: 24 bytes leftover after parsing attributes in process `syz.2.927'.
[  132.850930][   T25] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  133.094297][   T25] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  133.098073][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.098089][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.098099][   T25] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  133.098847][   T25] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  133.099005][   T25] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  133.099016][   T25] usb 6-1: Manufacturer: syz
[  133.106122][   T25] usb 6-1: config 0 descriptor??
[  133.200867][   T56] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  133.372364][   T56] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  133.375266][   T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.378112][   T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.380711][   T56] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  133.386166][   T56] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  133.388638][   T56] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  133.390873][   T56] usb 7-1: Manufacturer: syz
[  133.393272][   T56] usb 7-1: config 0 descriptor??
[  133.520937][   T25] appleir 0003:05AC:8243.0017: unknown main item tag 0x0
[  133.523237][   T25] appleir 0003:05AC:8243.0017: No inputs registered, leaving
[  133.526667][   T25] appleir 0003:05AC:8243.0017: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  133.799740][   T56] appleir 0003:05AC:8243.0018: unknown main item tag 0x0
[  133.801971][   T56] appleir 0003:05AC:8243.0018: No inputs registered, leaving
[  133.805021][   T56] appleir 0003:05AC:8243.0018: hiddev1,hidraw2: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  133.923422][ T8358] netlink: 12 bytes leftover after parsing attributes in process `syz.0.934'.
[  134.811804][ T8368] block device autoloading is deprecated and will be removed.
[  134.956250][ T8377] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  135.051140][ T8383] tmpfs: Unknown parameter '0xffffffffffffffff'
[  135.626351][   T30] usb 6-1: USB disconnect, device number 18
[  135.737418][ T8398] openvswitch: netlink: Actions may not be safe on all matching packets
[  136.151082][   T30] usb 7-1: USB disconnect, device number 11
[  137.120876][ T8422] __nla_validate_parse: 4 callbacks suppressed
[  137.120895][ T8422] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.954'.
[  137.280896][ T8427] usb 2-1: USB disconnect, device number 5
[  137.385168][ T8428] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  137.387278][ T8428] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  137.387882][ T8424] binder: BINDER_SET_CONTEXT_MGR already set
[  137.394567][ T8424] binder: 8423:8424 ioctl 4018620d 20000100 returned -16
[  137.394923][ T8428] vhci_hcd vhci_hcd.0: Device attached
[  137.400344][ T8424] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.404652][ T8424] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.416768][   T39] audit: type=1804 audit(1729730621.134:427): pid=8428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.956" name="/newroot/253/file0/file0" dev="ramfs" ino=23822 res=1 errno=0
[  137.500306][ T8436] netlink: 4 bytes leftover after parsing attributes in process `syz.3.958'.
[  137.571656][ T5391] vhci_hcd: vhci_device speed not set
[  137.630886][   T56] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  137.630897][ T5391] usb 17-1: new full-speed USB device number 2 using vhci_hcd
[  137.760956][  T830] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  137.769759][ T8440] netlink: 12 bytes leftover after parsing attributes in process `syz.1.960'.
[  137.792441][   T56] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  137.794972][   T56] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.798390][   T56] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  137.801534][   T56] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  137.803655][   T56] usb 5-1: Manufacturer: syz
[  137.806041][   T56] usb 5-1: config 0 descriptor??
[  137.850918][   T56] rc_core: IR keymap rc-hauppauge not found
[  137.852681][   T56] Registered IR keymap rc-empty
[  137.855515][   T56] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  137.858828][   T56] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input11
[  137.916704][  T830] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  137.919489][  T830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.924816][  T830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.927342][  T830] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  137.931497][  T830] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  137.933801][  T830] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  137.936022][  T830] usb 8-1: Manufacturer: syz
[  137.941846][  T830] usb 8-1: config 0 descriptor??
[  138.025019][ T8452] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  138.056939][ T8454] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.965'.
[  138.352204][  T830] appleir 0003:05AC:8243.0019: unknown main item tag 0x0
[  138.354244][  T830] appleir 0003:05AC:8243.0019: No inputs registered, leaving
[  138.357145][  T830] appleir 0003:05AC:8243.0019: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  138.430956][   T56] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  138.602301][   T56] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  138.605225][   T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.608222][   T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.611499][ T8431] vhci_hcd: connection reset by peer
[  138.618008][   T56] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  138.622646][   T83] vhci_hcd: stop threads
[  138.624031][   T56] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  138.624979][   T83] vhci_hcd: release socket
[  138.627101][   T56] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  138.631158][   T83] vhci_hcd: disconnect device
[  138.632312][   T56] usb 6-1: Manufacturer: syz
[  138.637582][   T56] usb 6-1: config 0 descriptor??
[  138.654286][ T8459] netlink: 8 bytes leftover after parsing attributes in process `syz.2.967'.
[  138.657303][ T8459] netlink: 24 bytes leftover after parsing attributes in process `syz.2.967'.
[  138.662711][ T8459] netlink: 8 bytes leftover after parsing attributes in process `syz.2.967'.
[  138.665715][ T8459] netlink: 4 bytes leftover after parsing attributes in process `syz.2.967'.
[  138.668692][ T8459] netlink: 'syz.2.967': attribute type 1 has an invalid length.
[  138.672450][ T8459] netlink: 24 bytes leftover after parsing attributes in process `syz.2.967'.
[  138.718144][ T8462] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  138.722641][ T8462] overlayfs: failed to set uuid (255/file1, err=-1); falling back to uuid=null.
[  138.735077][ T8462] evm: overlay not supported
[  138.876169][   T63] usb 8-1: USB disconnect, device number 8
[  139.045079][   T56] usbhid 6-1:0.0: can't add hid device: -32
[  139.047047][   T56] usbhid 6-1:0.0: probe with driver usbhid failed with error -32
[  140.123234][ T8468] netlink: 12 bytes leftover after parsing attributes in process `syz.3.971'.
[  140.224298][ T8474] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  140.228662][ T8474] Cannot find add_set index 3 as target
[  141.134280][ T8482] netlink: 'syz.3.976': attribute type 1 has an invalid length.
[  141.195282][   T57] usb 6-1: USB disconnect, device number 19
[  141.309470][ T8492] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  141.322753][ T8493] PKCS7: Unknown OID: [5] 0.0
[  141.324242][ T8493] PKCS7: Only support pkcs7_signedData type
[  141.466721][ T8503] netlink: 'syz.1.985': attribute type 1 has an invalid length.
[  142.740902][ T5391] vhci_hcd: vhci_device speed not set
[  142.750658][ T8510] loop6: detected capacity change from 0 to 524287999
[  142.756044][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  142.758506][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  142.760908][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  142.763301][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  142.765473][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  142.768547][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  142.771339][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  142.773728][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  142.776569][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  142.779641][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  142.783601][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  142.786205][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  142.788400][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  142.790836][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  142.793168][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  142.795794][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  142.798650][ T8510] ldm_validate_partition_table(): Disk read failed.
[  142.800810][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  142.803189][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  142.808095][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  142.810514][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  142.813495][ T8510] Dev loop6: unable to read RDB block 0
[  142.815771][ T8510]  loop6: unable to read partition table
[  142.817363][ T8510] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  142.833568][ T4843] ldm_validate_partition_table(): Disk read failed.
[  142.835729][ T4843] Dev loop6: unable to read RDB block 0
[  142.837637][ T4843]  loop6: unable to read partition table
[  142.967179][ T8504] syz.3.984 (8504): drop_caches: 1
[  143.007344][ T8519] __nla_validate_parse: 14 callbacks suppressed
[  143.007356][ T8519] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.989'.
[  143.328690][ T8531] netlink: 12 bytes leftover after parsing attributes in process `syz.3.993'.
[  143.396065][ T8533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.994'.
[  143.398448][ T8533] netlink: 24 bytes leftover after parsing attributes in process `syz.3.994'.
[  143.406575][ T8533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.994'.
[  143.408880][ T8533] netlink: 4 bytes leftover after parsing attributes in process `syz.3.994'.
[  143.411331][ T8533] netlink: 'syz.3.994': attribute type 1 has an invalid length.
[  143.413784][ T8533] netlink: 24 bytes leftover after parsing attributes in process `syz.3.994'.
[  143.526085][ T8537] netlink: 8 bytes leftover after parsing attributes in process `syz.3.996'.
[  143.530391][ T8537] netlink: 4 bytes leftover after parsing attributes in process `syz.3.996'.
[  144.011051][    T9] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  144.162147][    T9] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  144.165115][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.168025][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.170525][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  144.174702][    T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  144.177161][    T9] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  144.180008][    T9] usb 6-1: Manufacturer: syz
[  144.182270][    T9] usb 6-1: config 0 descriptor??
[  144.405778][ T8545] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.999'.
[  144.574422][ T8547] netlink: 'syz.3.1000': attribute type 1 has an invalid length.
[  144.579949][ T8547] netlink: 'syz.3.1000': attribute type 7 has an invalid length.
[  144.593877][    T9] appleir 0003:05AC:8243.001A: unknown main item tag 0x0
[  144.595977][    T9] appleir 0003:05AC:8243.001A: No inputs registered, leaving
[  144.598935][    T9] appleir 0003:05AC:8243.001A: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  144.815550][ T8554] netlink: 'syz.3.1003': attribute type 1 has an invalid length.
[  144.934675][ T8561] veth1_macvtap: left promiscuous mode
[  144.936190][ T8561] macsec0: entered promiscuous mode
[  144.937670][ T8561] macsec0: entered allmulticast mode
[  144.967266][ T8566] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  145.108674][ T5391] usb 6-1: USB disconnect, device number 20
[  146.721064][  T830] usb 5-1: USB disconnect, device number 12
[  146.950829][   T30] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  146.960886][   T56] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  147.112239][   T56] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  147.115774][   T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.118865][   T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.121839][   T56] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  147.122328][   T30] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  147.125982][   T56] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  147.128061][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.131076][   T56] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  147.133642][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.136282][   T56] usb 8-1: Manufacturer: syz
[  147.138692][   T30] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  147.143922][   T56] usb 8-1: config 0 descriptor??
[  147.144416][   T30] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  147.147714][   T30] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  147.149711][   T30] usb 6-1: Manufacturer: syz
[  147.151810][   T30] usb 6-1: config 0 descriptor??
[  147.549596][   T56] appleir 0003:05AC:8243.001B: unknown main item tag 0x0
[  147.552351][   T56] appleir 0003:05AC:8243.001B: No inputs registered, leaving
[  147.555484][   T56] appleir 0003:05AC:8243.001B: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  147.563004][   T30] appleir 0003:05AC:8243.001C: unknown main item tag 0x0
[  147.565140][   T30] appleir 0003:05AC:8243.001C: No inputs registered, leaving
[  147.567931][   T30] appleir 0003:05AC:8243.001C: hiddev1,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  147.934902][    T9] libceph: connect (1)[c::]:6789 error -101
[  147.936673][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  148.022055][ T8600] ceph: No mds server is up or the cluster is laggy
[  148.124958][ T8607] __nla_validate_parse: 11 callbacks suppressed
[  148.125028][ T8607] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1018'.
[  148.257507][ T8610] overlayfs: conflicting lowerdir path
[  148.412097][ T8615] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  148.414174][ T8615] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  148.573914][ T8617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.576418][ T8617] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.870408][ T8625] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1023'.
[  148.901382][    T9] usb 8-1: reset high-speed USB device number 9 using dummy_hcd
[  148.985736][ T5365] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  148.989522][ T5365] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  148.992272][ T5365] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  148.995158][ T5365] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  148.997919][ T5365] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  149.000573][ T5365] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  149.014414][ T5363] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  149.018501][ T5363] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  149.021839][ T5363] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  149.025875][ T5363] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  149.029647][ T5363] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  149.033589][ T5363] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  149.121627][ T8628] chnl_net:caif_netlink_parms(): no params data found
[  149.168849][ T8628] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.170747][ T8628] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.173467][ T8628] bridge_slave_0: entered allmulticast mode
[  149.175445][ T8628] bridge_slave_0: entered promiscuous mode
[  149.177620][ T8641] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1025'.
[  149.184396][ T8628] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.186182][ T8628] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.188056][ T8628] bridge_slave_1: entered allmulticast mode
[  149.189996][ T8628] bridge_slave_1: entered promiscuous mode
[  149.209346][ T8628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  149.212915][ T8628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  149.237474][ T8628] team0: Port device team_slave_0 added
[  149.242416][ T8628] team0: Port device team_slave_1 added
[  149.265072][ T8628] batman_adv: batadv0: Adding interface: batadv_slave_0
[  149.267282][ T8628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.275426][ T8628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  149.280511][ T8628] batman_adv: batadv0: Adding interface: batadv_slave_1
[  149.282983][ T8628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.290559][ T8628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  149.327598][ T8628] hsr_slave_0: entered promiscuous mode
[  149.329501][ T8628] hsr_slave_1: entered promiscuous mode
[  149.331461][ T8628] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  149.333445][ T8628] Cannot create hsr debugfs directory
[  149.415612][ T8628] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  149.418351][ T8628] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.500680][ T8628] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  149.504231][ T8628] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.543167][ T8651] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1028'.
[  149.568886][ T8628] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  149.572046][ T8628] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.654699][ T8628] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  149.658032][ T8628] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.681766][ T1993] usb 8-1: USB disconnect, device number 9
[  149.704419][ T8653] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1029'.
[  149.706760][ T8653] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1029'.
[  149.711632][ T8653] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1029'.
[  149.713893][ T8653] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1029'.
[  149.716163][ T8653] netlink: 'syz.3.1029': attribute type 1 has an invalid length.
[  149.718116][ T8653] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1029'.
[  149.768357][ T8628] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  149.772515][ T8628] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  149.776153][ T8628] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  149.779672][ T8628] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  149.815229][ T8628] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.823054][   T56] usb 6-1: USB disconnect, device number 21
[  149.823445][ T8628] 8021q: adding VLAN 0 to HW filter on device team0
[  149.908858][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.910832][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.920477][ T8659] veth1_macvtap: entered promiscuous mode
[  149.923539][ T8659] veth1_macvtap: entered allmulticast mode
[  149.928773][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.930872][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  150.212049][ T8628] 8021q: adding VLAN 0 to HW filter on device batadv0
[  150.249391][ T8628] veth0_vlan: entered promiscuous mode
[  150.255435][ T8628] veth1_vlan: entered promiscuous mode
[  150.274528][ T8628] veth0_macvtap: entered promiscuous mode
[  150.277649][ T8628] veth1_macvtap: entered promiscuous mode
[  150.286859][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.289621][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.292756][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.295581][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.298120][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.301123][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.304883][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.307571][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.311097][ T8628] batman_adv: batadv0: Interface activated: batadv_slave_0
[  150.326707][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.330896][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.336000][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.342982][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.345890][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.349141][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.355791][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.359258][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.364618][ T8628] batman_adv: batadv0: Interface activated: batadv_slave_1
[  150.375034][ T8628] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.377336][ T8628] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.379683][ T8628] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  150.382209][ T8628] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  150.431751][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.433938][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.445010][   T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  150.448283][   T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.830972][   T25] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  150.975972][ T8682] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1036'.
[  150.983652][   T25] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  150.987453][   T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.990176][ T8683] netlink: 'syz.3.1037': attribute type 1 has an invalid length.
[  150.990426][   T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  150.995086][   T25] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  150.999514][   T25] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  151.002093][   T25] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  151.005300][   T25] usb 7-1: Manufacturer: syz
[  151.007280][   T25] usb 7-1: config 0 descriptor??
[  151.060941][ T5363] Bluetooth: hci1: command tx timeout
[  151.240276][ T8696] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  151.273432][ T8698] kernel read not supported for file /!selinuxselinux (pid: 8698 comm: syz.0.1042)
[  151.277085][   T39] audit: type=1800 audit(1729730634.994:428): pid=8698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1042" name="!selinuxselinux" dev="mqueue" ino=23247 res=0 errno=0
[  151.413844][   T25] appleir 0003:05AC:8243.001D: unknown main item tag 0x0
[  151.416200][   T25] appleir 0003:05AC:8243.001D: No inputs registered, leaving
[  151.419625][   T25] appleir 0003:05AC:8243.001D: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  151.733703][ T8702] ip6t_srh: unknown srh invflags 6BE9
[  151.944650][   T39] audit: type=1800 audit(1729730635.664:429): pid=8705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1043" name="bus" dev="9p" ino=36317169 res=0 errno=0
[  152.017341][ T8706] input: syz0 as /devices/virtual/input/input12
[  152.049355][ T8706] netfs: Couldn't get user pages (rc=-14)
[  152.830558][ T8714] netlink: 'syz.3.1046': attribute type 1 has an invalid length.
[  153.049858][ T8723] EXT4-fs warning (device sda1): ext4_group_extend:1862: can't shrink FS - resize aborted
[  153.151016][ T5363] Bluetooth: hci1: command tx timeout
[  153.166065][ T8731] netlink: 'syz.3.1051': attribute type 2 has an invalid length.
[  153.168872][ T8731] __nla_validate_parse: 13 callbacks suppressed
[  153.168883][ T8731] netlink: 723 bytes leftover after parsing attributes in process `syz.3.1051'.
[  153.378516][ T8747] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1056'.
[  153.381359][ T8747] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1056'.
[  153.386234][ T8747] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1056'.
[  153.388728][ T8747] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1056'.
[  153.391742][ T8747] netlink: 'syz.0.1056': attribute type 1 has an invalid length.
[  153.393768][ T8747] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1056'.
[  153.424441][ T8749] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1058'.
[  153.436239][ T8751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1057'.
[  153.460968][  T830] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[  153.521473][ T5391] usb 7-1: USB disconnect, device number 12
[  153.570687][ T8756] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1059'.
[  153.622666][  T830] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  153.625517][  T830] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  153.629699][  T830] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  153.632420][  T830] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  153.634563][  T830] usb 8-1: SerialNumber: syz
[  153.637025][ T8740] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  153.827749][ T8760] UBIFS error (pid: 8760): cannot open "./file0", error -22
[  154.045155][ T8740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1054'.
[  154.053061][  T830] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -71
[  154.060406][  T830] usb 8-1: USB disconnect, device number 10
[  154.473981][ T8768] openvswitch: netlink: Actions may not be safe on all matching packets
[  154.656577][ T8783] netlink: 'syz.3.1067': attribute type 1 has an invalid length.
[  154.790880][   T30] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  154.955417][   T30] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  154.958259][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.961193][   T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.963797][   T30] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  154.968063][   T30] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  154.970387][   T30] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  154.973457][   T30] usb 7-1: Manufacturer: syz
[  154.980642][   T30] usb 7-1: config 0 descriptor??
[  155.230880][ T5363] Bluetooth: hci1: command tx timeout
[  155.382147][ T8802] kvm: user requested TSC rate below hardware speed
[  155.389863][   T30] appleir 0003:05AC:8243.001E: unknown main item tag 0x0
[  155.392868][   T30] appleir 0003:05AC:8243.001E: No inputs registered, leaving
[  155.398803][   T30] appleir 0003:05AC:8243.001E: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  155.698991][ T8808] ADFS-fs (nullb0): unrecognised mount option "GPL" or missing value
[  155.735733][ T8811] tmpfs: Unknown parameter '0000000000000000000600000000000000000000007017777777777777777777770x0000000000000006ÿÿ'
[  155.785483][ T8817] netlink: 'syz.1.1076': attribute type 1 has an invalid length.
[  156.810915][    T9] usb 7-1: reset high-speed USB device number 13 using dummy_hcd
[  156.941059][    T9] usb 7-1: device descriptor read/64, error -32
[  157.180888][    T9] usb 7-1: reset high-speed USB device number 13 using dummy_hcd
[  157.300968][ T5363] Bluetooth: hci1: command tx timeout
[  157.322915][    T9] usb 7-1: device descriptor read/64, error -32
[  157.580914][    T9] usb 7-1: reset high-speed USB device number 13 using dummy_hcd
[  157.611053][    T9] usb 7-1: device descriptor read/8, error -32
[  157.627352][ T8853] netlink: 'syz.0.1086': attribute type 1 has an invalid length.
[  157.713936][ T8859] ttyprintk ttyprintk: ldisc open failed (-12), clearing slot 0
[  158.512043][    T8] usb 7-1: USB disconnect, device number 13
[  158.834960][ T8877] netlink: 'syz.0.1094': attribute type 2 has an invalid length.
[  158.912103][ T8882] __nla_validate_parse: 21 callbacks suppressed
[  158.912115][ T8882] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1096'.
[  158.918265][ T8882] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1096'.
[  158.926265][ T8882] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1096'.
[  158.928605][ T8882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1096'.
[  158.931513][ T8882] netlink: 'syz.1.1096': attribute type 1 has an invalid length.
[  158.933531][ T8882] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1096'.
[  158.976085][ T8887] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1098'.
[  159.070512][ T8888] ptrace attach of "/syz-executor exec"[5360] was attempted by "/syz-executor exec"[8888]
[  159.146307][ T8894] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1100'.
[  159.170858][ T4793] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  159.321991][ T4793] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  159.324853][ T4793] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.327637][ T4793] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.334130][ T4793] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  159.341249][ T4793] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  159.343601][ T4793] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  159.345672][ T4793] usb 7-1: Manufacturer: syz
[  159.350255][ T4793] usb 7-1: config 0 descriptor??
[  159.757133][ T4793] appleir 0003:05AC:8243.001F: unknown main item tag 0x0
[  159.759259][ T4793] appleir 0003:05AC:8243.001F: No inputs registered, leaving
[  159.762863][ T4793] appleir 0003:05AC:8243.001F: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  160.170268][ T8917] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1106'.
[  160.172637][ T8917] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1106'.
[  160.177135][ T8917] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1106'.
[  160.179468][ T8917] netlink: 'syz.3.1106': attribute type 1 has an invalid length.
[  160.279304][    T8] usb 7-1: USB disconnect, device number 14
[  160.483663][ T8930] /dev/sr0: Can't open blockdev
[  160.678545][ T8947] [U] 
[  160.680868][ T8947] [U] 
[  160.682080][ T8947] [U] µ¯Ñ›ÔTÛÓ$GYSRըїÀÝ<Ü]3ÚÔº¤¤¸TÇÑ¿Á\JŒ(È
[  160.686577][ T8947] [U] 
[  160.687695][ T8947] [U] CW¯™ÇÇ* Þ9JÁQØ#EØËSWÐÁÔC±ÏV·1žÂÛÏ!È	�žGPœX
[  160.690120][ T8947] [U] N%Ì9ÙÞÖC…_¹ÁNÊ…ÇBC‰…$�ÞÔ4Þ(�²ž
[  160.693988][ T8947] [U] Hª QÄØ›Tµ¦OÂR‚I#ıËTNBS_RЬ‰¡¾Æ«°
:‰Ø€–ɦT‘ȯËÙ0¿™’ÚÃËŒÃ�WÚ™_[HN%
[  160.696612][ T8947] [U] Ï £ÜÙÛ4‡RЛŸÛŠ<)Ü6JG؃¬ÍKÉ^�R\
[  160.698207][ T8947] [U] 7¼R:€J37Ø
[  160.702749][ T8947] [U] YÛPÜ<�ÅÔ…ÚU’“
H¦3Æ°-Î̤„Ø\PQBXÕ!Q6ÃÜÆSO'}­Ï[ÉÛÀP5OÉ>€DÊÅÖŽYÞJ>|H0=ÖÔ·TžXÈÒZÔY֦ʢ
Äš4ª‡IÇ¢À5AZËÑ~ZAÂ~ÝKÝ^�TGžSÍJ‹I:Á¶¬Ž¥OD!M2KÃW§¬R>ƈΗKC?X…8 ¥HÇÒ*©@QEÛ»ÚU	½À.J9�È“~´{—Á`²ÍÃ'R)Ó-ÀǬŸÎ=5­ÝÖ�JLY ÉCÄBˆØ;+LP�°,FØN‡‚ÁÁYÎ%¿3†P¨ÈÕ&Ç)­Ó][œÈ‹4ÃL»Ã¶£„!’J�>	ÔÎ
[  160.709995][ T8947] [U] Ø.”CšÖ¯·ÏEJÓJ
Û@œK’JÁ605RXUÑTTµO‹&�XÐOº�Ö•§\®‹&…¬°¡ÙN
%Y‹‘ÁÐ17¿6`¬ÌI‚W
[  160.714457][ T8947] [U] ÏØÇM<@NºÙKJ(ÝÂ6)Ô)ÎVÌÕLR¢
[  160.717045][ T8947] [U] >YGÐ¤Zª?Œ¹`–O­MÉXØ�Ó‡Ø"Á¨¹š·¢9+¼¾DEÝÁ¹{“ÅŒ$~BÜYDšUME«!XÌÝ›A¹£AUÇ}J„¿Â£2N%MBËQÑÉÄ
[  160.721767][ T8947] [U] ÞWV×ÏÙW‹@HZ�=¦(ƒ„Eˆ‡JÉ~ÈOS@žËBÈHª:"®ÃÁ‡!ƒJIÖÄUJ=Á¥)ÎŽU¤Å	G×ØÐÚÔ–=Y=ÊKÊADËÎ
R†¨¹¹Á:=ÉSÖÙ—�AX¾¢ÛX
[  160.726721][ T8947] [U] BIÞ™E¿„}¼ETØ@±3Ì(Ü ¿¥¨�V¤žÀÐ{™Îº©’~ÐUK+Þ{3T˜Ú$Æ».ÃN[8S‹Ê‡šº""ÒÊ”̺„]RÏGÝ5
[  160.729755][ T8947] [U] V²{Õ¨ÓVNB>DM«·T•¨�QÂTÀ
ÃÌÚÀ
[  160.732235][ T8947] [U] GÁ*|Ó9ÙºŸÅ†¸
[  160.733692][ T8947] [U] G´ÆMIUÔE!ÞÕT
ÏŒ*ß�…8A7I5‚-|¤Ï6LK
[  160.736118][ T8947] [U] NÅ«—Dª²Ë	ÂÌS}R�½BÃÅYºW<»ÂÊÈC‚ ÓÆÐH°\ÓFÍÈD.›Ã÷®˜FŒPK¸Ï‹,ªÎ‚C—Úœ.Â;
¤ÊEYºÝK÷Æ]Z>‘ÚIÃÁ�ÓOQ&
O«’�¼”½,PÙÖ]–,7Í›�§UÚÑÝI­­Â
[  160.742164][ T8947] [U] ÀÛ	$ÄL÷U2Ê¿F_3•+|NWÕµZÓEÇ—ÒP1W~·Ö�N‹(§OÍ�±¸8ÒDÏ	£SÆÙCDÊ®FÂ��65ÖZÜGÃR“Þ°Ú{ÁÒÕT“·ÈK£"@£ÆÐÔÈ:Á5}GÝB—©DѸ¦ƒ\K”
[  160.747670][ T8947] [U] ÈÐÙ‡YÓ…ÒŸ8Î4Œ4N<;
[  160.750172][ T8947] [U] Ã�ÔU†IŽ7X#E¤4VML‚ÔÈ‹¬œšGÍ””A³©)-‡ÌÌ(¿NÌ—N–¢ÈÖL#Ã)׌SU�É6�
[  160.752875][ T8947] [U] )Æ<�ÈE?ÊA­¤Uܤ—9ˆ%]²ÔDCCŽE+L<'T�¬1Â�KÈ…œ·3ÅÜ.É»Á€ÊÆWS¨ÉÐÀ×ÐZY­Ï¼9I>ÌÒÑØ
]ÞÈœ}{”
/`ÌÜ¿5'ÙE–	41ßTNAX߿ʯÇÏ­Q�ÌëI TÒ%ÒGÐ7L~·BÝS
[  160.756930][ T8947] [U] £Í¢ÄÅ¢
[  160.758409][ T8947] [U] ZÓ‘UÝĪÕ4¬©&Ë™ÃE~Ý8EÁσ1´¥L{ȨGV‰Y$PN�O4MËÈÓ*FÓ`ÂÎA€‰T×ÙM0?*I›#;ÁѤ+4V
’¹ÛGA
ØݬÆ%H»·[›A�YX)LG]F ‚ÏHÂ|ÞZV²E­/Ëϧ1Ò7Ǭ³-ǽÈÍHœO+¯…^È)8™&E£@A8GË…Œ-ÈWR»�SÃÜ-V–-Ò±ÌO>ÆÅ�Q�œÄ#9¨UA„H«)F²Þ½´œžSAÖ™³IÜN¼šZ@¯C—¶º>K³L–VD^1É)§M$/ÜÅЄ78..„»Q�¢ÝA¸|ŸÖȦ)�9Ò">D>EÃÓ#I�¬`\Û|{ÓUÂFH.. œEMÍW}]5ÖÃ-,Å¢RK}ÏFÆÕQ¬À·C×O*ÄPÀ¹›Á¦ÂN�F¶Ê
[  160.767757][ T8947] [U] „§“´
[  160.769108][ T8947] [U] T¦0Ô�—*ÃÕ°�
ÖXAØØÊËÉ£¥A4W…K¦¼¯¼C]X¢‹ŒË]ÊLÛ÷Æ=ß
[  160.772606][ T8947] [U] Ú$C
UGSˆEÔ²6ÖÔÝÌ÷ÝÀ„¹T¼Ï„PPË’Z3T2È�£‚”9W-«†Ö‘Ì™ÅAR�­�Ý»NB�ÚŽ�
²²:^X�Öϧ·œB÷Á°ÑÖ̲~Þ{JÒÅ
[  160.776223][ T8947] [U] ÍÕTÌ·EÀÊ' 2‚­ÄL*ÁAª¢-³;P;BTØÖ.¸N¦`¿�_Ó®Î;®Ò*·U;°Á5C#R/˜ÆQ¸KÚ*M¡„ÏS�AÀšÙÎ#)A‰Bš–>¾YØ�‹O\;^°ˆ'ÝßO�5_�Y¬HŠÑÄÃL
÷CEŽŒ&A‚`;ÂœÖԸЕÙSœ�S¤–Ƈ{ŸH¡Þ ÓTM�0ǸµÀBI^LÝÅ>À�Ô8ÝÙ¢VV8<Ô¶-²{$>°D	œ‚Øý]ÅW¶�–›UŒšÔ0?K¬˼ڹŽ[UIRB_ILÚ/ES¿ßI*ŸWÖSÎ*ÃZSÀÔÀÍŽÑ’‹¿
[  160.784936][ T8947] [U] 
[  160.794065][ T8946] [U] 
[  160.806080][ T8954] netlink: 'syz.3.1115': attribute type 1 has an invalid length.
[  161.208898][ T8979] trusted_key: encrypted_key: insufficient parameters specified
[  161.550894][    T8] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  161.714297][    T8] usb 8-1: config 0 has no interfaces?
[  161.715836][    T8] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  161.718431][    T8] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.720863][    T9] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  161.724715][    T8] usb 8-1: config 0 descriptor??
[  161.816642][ T8990] futex_wake_op: syz.2.1126 tries to shift op by 144; fix this program
[  161.823851][ T8990] loop2: detected capacity change from 0 to 16384
[  161.882783][    T9] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  161.885652][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.888441][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.891118][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  161.895219][    T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  161.897700][    T9] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  161.899956][    T9] usb 6-1: Manufacturer: syz
[  161.908490][    T9] usb 6-1: config 0 descriptor??
[  161.946645][ T8985] netlink: 'syz.3.1124': attribute type 82 has an invalid length.
[  162.098725][  T830] usb 8-1: USB disconnect, device number 11
[  162.266081][ T9018] block device autoloading is deprecated and will be removed.
[  162.268664][ T9018] syz.2.1133: attempt to access beyond end of device
[  162.268664][ T9018] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  162.315498][    T9] appleir 0003:05AC:8243.0020: unknown main item tag 0x0
[  162.317569][    T9] appleir 0003:05AC:8243.0020: No inputs registered, leaving
[  162.320715][    T9] appleir 0003:05AC:8243.0020: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  163.740942][    T9] usb 6-1: reset high-speed USB device number 22 using dummy_hcd
[  164.531949][    T8] usb 6-1: USB disconnect, device number 22
[  164.733042][   T39] audit: type=1400 audit(1729730648.464:430): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04
[  164.808692][ T9049] __nla_validate_parse: 14 callbacks suppressed
[  164.808704][ T9049] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1142'.
[  165.470914][   T56] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  165.630819][   T56] usb 7-1: Using ep0 maxpacket: 32
[  165.634238][   T56] usb 7-1: config 13 has an invalid interface number: 151 but max is 1
[  165.636486][   T56] usb 7-1: config 13 has an invalid interface number: 46 but max is 1
[  165.638718][   T56] usb 7-1: config 13 contains an unexpected descriptor of type 0x2, skipping
[  165.643876][   T56] usb 7-1: config 13 contains an unexpected descriptor of type 0x2, skipping
[  165.646228][   T56] usb 7-1: config 13 has an invalid interface number: 88 but max is 1
[  165.648485][   T56] usb 7-1: config 13 has 3 interfaces, different from the descriptor's value: 2
[  165.650926][   T56] usb 7-1: config 13 has no interface number 0
[  165.652597][   T56] usb 7-1: config 13 has no interface number 1
[  165.654251][   T56] usb 7-1: config 13 has no interface number 2
[  165.655899][   T56] usb 7-1: config 13 interface 151 altsetting 2 endpoint 0xD has an invalid bInterval 0, changing to 7
[  165.658878][   T56] usb 7-1: config 13 interface 46 altsetting 6 bulk endpoint 0x9 has invalid maxpacket 1024
[  165.664176][   T56] usb 7-1: config 13 interface 46 altsetting 6 has an endpoint descriptor with address 0xB8, changing to 0x88
[  165.667208][   T56] usb 7-1: config 13 interface 46 altsetting 6 endpoint 0x88 has an invalid bInterval 189, changing to 7
[  165.670179][   T56] usb 7-1: config 13 interface 46 altsetting 6 endpoint 0x88 has invalid maxpacket 26296, setting to 1024
[  165.673187][   T56] usb 7-1: config 13 interface 46 altsetting 6 has a duplicate endpoint with address 0x7, skipping
[  165.675954][   T56] usb 7-1: config 13 interface 46 altsetting 6 has an invalid descriptor for endpoint zero, skipping
[  165.678733][   T56] usb 7-1: config 13 interface 46 altsetting 6 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  165.683706][   T56] usb 7-1: config 13 interface 46 altsetting 6 endpoint 0xA has invalid maxpacket 1023, setting to 64
[  165.686478][   T56] usb 7-1: config 13 interface 46 altsetting 6 has 9 endpoint descriptors, different from the interface descriptor's value: 10
[  165.689827][   T56] usb 7-1: too many endpoints for config 13 interface 88 altsetting 21: 64, using maximum allowed: 30
[  165.692751][   T56] usb 7-1: config 13 interface 88 altsetting 21 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[  165.695648][   T56] usb 7-1: config 13 interface 88 altsetting 21 has 2 endpoint descriptors, different from the interface descriptor's value: 64
[  165.699097][   T56] usb 7-1: config 13 interface 151 has no altsetting 0
[  165.700982][   T56] usb 7-1: config 13 interface 46 has no altsetting 0
[  165.702721][   T56] usb 7-1: config 13 interface 88 has no altsetting 0
[  165.705971][   T56] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0043, bcdDevice=31.3a
[  165.708877][   T56] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.711086][   T56] usb 7-1: Product: 쑶ॹ悛鞫�澬Ḭᛆᾘ哺�帣��볇괸�鋗⼷�㗺曈᫄⩋抚ऊ驦昉漂郳ᓚ้踜삖煴껽啠皓껮异觌䎴�뒯瑩ἳ鋑��敦䘙碂勂㉹�ᦩ�ᗲ䊣浆ꂰ昒ꙫ朕垼髶
[  165.717133][   T56] usb 7-1: Manufacturer: â°�
[  165.718340][   T56] usb 7-1: SerialNumber: �먔㵴嘙ᒢ裪鉜�䢬툄义�먋ᇺ��贶�放嫷俜彨㬨攣�朗倘厥��邻쨜�嶑竮뺃Ꚋ貇�掮�統椨䌢�Ϛ涔࿷�娈倞Ꜥ╠㳊暒圢꜖쟷釪ᱎர
[  165.939590][   T56] usbhid 7-1:13.46: couldn't find an input interrupt endpoint
[  165.945175][   T56] usb 7-1: USB disconnect, device number 15
[  166.430985][ T4793] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  166.602271][ T4793] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  166.605747][ T4793] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  166.608592][ T4793] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  166.611669][ T4793] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.616304][ T9090] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  166.622530][ T4793] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  166.663927][ T9094] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1153'.
[  166.857343][ T4793] usb 8-1: USB disconnect, device number 12
[  166.879752][ T9103] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1155'.
[  166.949179][    C3] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  167.310937][ T5365] Bluetooth: hci1: command 0x0405 tx timeout
[  167.622260][ T9122] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1157'.
[  167.854742][ T9133] overlayfs: workdir and upperdir must be separate subtrees
[  168.041626][ T9142] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.047693][ T9142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1168'.
[  168.054278][ T9142] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.101059][ T9142] bridge_slave_0 (unregistering): left allmulticast mode
[  168.102935][ T9142] bridge_slave_0 (unregistering): left promiscuous mode
[  168.104862][ T9142] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.277359][ T9149] binder: BINDER_SET_CONTEXT_MGR already set
[  168.279509][ T9149] binder: 9148:9149 ioctl 4018620d 20000100 returned -16
[  168.562798][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  168.774266][ T9171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1177'.
[  168.777319][ T9171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1177'.
[  168.910949][    T8] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  169.060974][    T8] usb 6-1: Using ep0 maxpacket: 16
[  169.066736][    T8] usb 6-1: config 205 has an invalid interface number: 43 but max is 1
[  169.069418][    T8] usb 6-1: config 205 has an invalid interface number: 5 but max is 1
[  169.071976][    T8] usb 6-1: config 205 contains an unexpected descriptor of type 0x2, skipping
[  169.074567][    T8] usb 6-1: config 205 has no interface number 0
[  169.076352][    T8] usb 6-1: config 205 has no interface number 1
[  169.078437][    T8] usb 6-1: config 205 interface 43 altsetting 205 has an invalid descriptor for endpoint zero, skipping
[  169.081654][    T8] usb 6-1: config 205 interface 5 altsetting 127 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  169.085046][    T8] usb 6-1: config 205 interface 5 altsetting 127 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  169.088054][    T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0x4, skipping
[  169.091103][    T8] usb 6-1: config 205 interface 5 altsetting 127 has an invalid descriptor for endpoint zero, skipping
[  169.094342][    T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0x4, skipping
[  169.097410][    T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0x3, skipping
[  169.100331][    T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0xA, skipping
[  169.103350][    T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0xF, skipping
[  169.106401][    T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0xA, skipping
[  169.109474][    T8] usb 6-1: config 205 interface 43 has no altsetting 0
[  169.111652][    T8] usb 6-1: config 205 interface 5 has no altsetting 0
[  169.118082][    T8] usb 6-1: New USB device found, idVendor=7392, idProduct=a711, bcdDevice=15.fb
[  169.120841][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.123033][    T8] usb 6-1: Product: ݃먷젥ꎯ䮯稞㫚⎔㵯䖕᳃圧�魥ᒨ纀續�䰚軬�첈㡫啰務콕譬ᇈ�쪡⇼㗵줹��顊Ԉ�飈�ụ쎖天ꫭ｣穱꿺ᰃ�캞鑸꧷�൸厓��逬⒛嘆�ꪉ䑆↾㼙�㉂莾뎽�巰뼽ꖟ�倵ﮟᘉﻑ��熲Ϥ徿뇤᳿㚰�ꀺ뾎휷뭽袓嵀㙄㡟
[  169.131103][    T8] usb 6-1: Manufacturer: 갛⢾㊳ﳉ�᪙鴹�䵵ఙ촯⣡峞⬹ﲉ�鞿컚Ƕꕜん邽㣆軙悋祪楕喌ꄇ瞖췑橅㽦榪뵩��䱭际鄟봎헪ꖉᇖ
[  169.135679][    T8] usb 6-1: SerialNumber: syz
[  169.551395][    T8] usb 6-1: USB disconnect, device number 23
[  169.907695][ T9191] syzkaller1: entered promiscuous mode
[  169.909377][ T9191] syzkaller1: entered allmulticast mode
[  169.912732][ T9191] tipc: Started in network mode
[  169.914144][ T9191] tipc: Node identity 4, cluster identity 4711
[  169.915844][ T9191] tipc: Node number set to 4
[  170.071184][   T11] tipc: Left network mode
[  170.832839][ T9203] netlink: 'syz.2.1186': attribute type 9 has an invalid length.
[  170.841033][ T9203] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1186'.
[  171.084972][ T9213] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  171.127770][   T39] audit: type=1326 audit(1729730910.853:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  171.139569][   T39] audit: type=1326 audit(1729730910.853:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  171.149355][   T39] audit: type=1326 audit(1729730910.853:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  171.155156][   T39] audit: type=1326 audit(1729730910.853:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  171.160679][   T39] audit: type=1326 audit(1729730910.863:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  171.171062][   T39] audit: type=1326 audit(1729730910.863:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  171.183296][   T39] audit: type=1326 audit(1729730910.863:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  171.190603][   T39] audit: type=1326 audit(1729730910.863:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  171.197232][   T39] audit: type=1326 audit(1729730910.863:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  171.202923][   T39] audit: type=1326 audit(1729730910.873:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fb4579 code=0x7ffc0000
[  171.747349][ T9207] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  171.755851][ T9233] ptrace attach of "/syz-executor exec"[8628] was attempted by "/syz-executor exec"[9233]
[  171.885746][ T9236] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  172.000960][ T5391] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  172.152761][ T5391] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  172.156565][ T5391] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.160368][ T5391] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.164043][ T5391] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  172.169783][ T5391] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  172.173399][ T5391] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  172.176198][ T5391] usb 6-1: Manufacturer: syz
[  172.179284][ T5391] usb 6-1: config 0 descriptor??
[  172.330327][ T9241] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1195'.
[  172.592555][ T5391] usbhid 6-1:0.0: can't add hid device: -32
[  172.594164][ T5391] usbhid 6-1:0.0: probe with driver usbhid failed with error -32
[  173.847714][ T1105] Bluetooth: hci4: Frame reassembly failed (-84)
[  174.795255][   T56] usb 6-1: USB disconnect, device number 24
[  174.925138][ T9290] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1205'.
[  175.385963][ T9302] vxcan1: tx address claim with dlc 1
[  175.870961][ T5363] Bluetooth: hci4: command 0x1003 tx timeout
[  175.870988][ T5365] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  176.191001][ T5391] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  176.332740][ T9318] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1214'.
[  176.344133][ T5391] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  176.346973][ T5391] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.349780][ T5391] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.352400][ T5391] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  176.369618][ T9323] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1215'.
[  176.370984][ T5391] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  176.374467][ T5391] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  176.376590][ T5391] usb 7-1: Manufacturer: syz
[  176.379749][ T5391] usb 7-1: config 0 descriptor??
[  176.402610][ T9325] input: syz1 as /devices/virtual/input/input13
[  176.587215][ T9311] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.590663][ T9311] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.595430][ T9311] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.598513][ T9311] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.640898][   T63] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  176.803740][   T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.806747][   T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.809289][   T63] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  176.811865][ T5391] appleir 0003:05AC:8243.0021: unknown main item tag 0x0
[  176.812940][   T63] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  176.814961][ T5391] appleir 0003:05AC:8243.0021: No inputs registered, leaving
[  176.817171][   T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.820166][ T5391] appleir 0003:05AC:8243.0021: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  176.820903][    T8] usb 6-1: new low-speed USB device number 25 using dummy_hcd
[  176.828006][   T63] usb 5-1: config 0 descriptor??
[  176.970952][    T8] usb 6-1: Invalid ep0 maxpacket: 16
[  177.100866][    T8] usb 6-1: new low-speed USB device number 26 using dummy_hcd
[  177.250841][    T8] usb 6-1: Invalid ep0 maxpacket: 16
[  177.259658][    T8] usb usb6-port1: attempt power cycle
[  177.265961][ T9327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.269843][ T9327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.327634][ T4793] usb 7-1: USB disconnect, device number 16
[  177.460406][   T63] usbhid 5-1:0.0: can't add hid device: -71
[  177.462194][   T63] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  177.470656][   T63] usb 5-1: USB disconnect, device number 13
[  177.600877][    T8] usb 6-1: new low-speed USB device number 27 using dummy_hcd
[  177.621743][    T8] usb 6-1: Invalid ep0 maxpacket: 16
[  177.750905][    T8] usb 6-1: new low-speed USB device number 28 using dummy_hcd
[  177.771380][    T8] usb 6-1: Invalid ep0 maxpacket: 16
[  177.773133][    T8] usb usb6-port1: unable to enumerate USB device
[  178.599093][ T9381] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1228'.
[  178.845687][ T9390] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  178.977119][ T9396] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  178.978890][ T9396] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  178.981698][ T9396] vhci_hcd vhci_hcd.0: Device attached
[  178.989372][ T9398] vhci_hcd: connection closed
[  178.989667][   T12] vhci_hcd: stop threads
[  178.993692][   T12] vhci_hcd: release socket
[  178.994925][   T12] vhci_hcd: disconnect device
[  179.011478][   T56] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  179.231008][   T63] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  179.383428][   T63] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  179.386339][   T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.389352][   T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.392246][   T63] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  179.396927][   T63] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  179.399555][   T63] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  179.401718][   T63] usb 8-1: Manufacturer: syz
[  179.407113][   T63] usb 8-1: config 0 descriptor??
[  179.633456][ T9414] netlink: 'syz.1.1237': attribute type 1 has an invalid length.
[  179.635536][ T9414] netlink: 9352 bytes leftover after parsing attributes in process `syz.1.1237'.
[  179.637933][ T9414] netlink: 'syz.1.1237': attribute type 1 has an invalid length.
[  179.639994][ T9414] netlink: 'syz.1.1237': attribute type 2 has an invalid length.
[  179.642933][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1237'.
[  179.683924][ T9414] xt_TCPMSS: Only works on TCP SYN packets
[  179.817878][   T63] appleir 0003:05AC:8243.0022: unknown main item tag 0x0
[  179.819989][   T63] appleir 0003:05AC:8243.0022: No inputs registered, leaving
[  179.823042][   T63] appleir 0003:05AC:8243.0022: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  180.002620][ T9385] delete_channel: no stack
[  180.017793][ T9420] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1238'.
[  180.210613][ T9434] input: syz0 as /devices/virtual/input/input14
[  180.247856][   T39] kauditd_printk_skb: 4 callbacks suppressed
[  180.247867][   T39] audit: type=1326 audit(1729730919.973:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  180.257267][   T39] audit: type=1326 audit(1729730919.973:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  180.266893][   T39] audit: type=1326 audit(1729730919.973:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf747e579 code=0x7ffc0000
[  180.274664][   T39] audit: type=1326 audit(1729730919.973:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  180.280309][   T39] audit: type=1326 audit(1729730919.983:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  180.287901][   T39] audit: type=1326 audit(1729730919.983:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  180.305563][   T39] audit: type=1326 audit(1729730920.023:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=255 compat=1 ip=0xf747e579 code=0x7ffc0000
[  180.311272][   T39] audit: type=1326 audit(1729730920.023:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  180.317184][   T39] audit: type=1326 audit(1729730920.023:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  180.341486][   T39] audit: type=1326 audit(1729730920.023:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=255 compat=1 ip=0xf747e579 code=0x7ffc0000
[  180.895754][ T9453] vxcan1: entered allmulticast mode
[  181.080203][ T9460] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1251'.
[  181.214441][ T9462] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1252'.
[  181.795303][   T30] usb 8-1: USB disconnect, device number 13
[  182.693420][ T9499] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1260'.
[  183.110927][ T5391] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  183.273985][ T5391] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  183.277910][ T5391] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  183.290828][ T5391] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  183.293323][ T5391] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  183.297810][ T5391] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  183.300222][ T5391] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  183.305633][ T5391] usb 5-1: Manufacturer: syz
[  183.308229][ T5391] usb 5-1: config 0 descriptor??
[  183.471925][ T9519] bridge_slave_1: left allmulticast mode
[  183.473622][ T9519] bridge_slave_1: left promiscuous mode
[  183.476637][ T9519] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.662529][ T9526] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1269'.
[  183.664995][ T9526] openvswitch: netlink: Tunnel attr 1291 out of range max 16
[  183.674157][ T9528] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1270'.
[  183.725924][ T5391] appleir 0003:05AC:8243.0023: unknown main item tag 0x0
[  183.728239][ T5391] appleir 0003:05AC:8243.0023: No inputs registered, leaving
[  183.731565][ T5391] appleir 0003:05AC:8243.0023: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  183.767278][ T9531] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1271'.
[  184.089526][ T9547] syzkaller0: entered promiscuous mode
[  184.092254][ T9547] syzkaller0: entered allmulticast mode
[  184.104042][ T9547] program syz.3.1274 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  184.559183][ T9551] netlink: 1264 bytes leftover after parsing attributes in process `syz.1.1276'.
[  185.351594][ T9568] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1279'.
[  185.364623][ T9572] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  185.714160][ T9598] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  185.717952][ T9598] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  185.780900][ T5365] Bluetooth: hci1: command 0x0405 tx timeout
[  186.707696][  T830] usb 5-1: USB disconnect, device number 15
[  186.899798][ T9621] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1292'.
[  187.010620][ T9624] lo speed is unknown, defaulting to 1000
[  187.013230][ T9624] lo speed is unknown, defaulting to 1000
[  187.018809][ T9624] lo speed is unknown, defaulting to 1000
[  187.024492][ T9624] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  187.029310][ T9624] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  187.046196][ T9624] lo speed is unknown, defaulting to 1000
[  187.048777][ T9624] lo speed is unknown, defaulting to 1000
[  187.052390][ T9624] lo speed is unknown, defaulting to 1000
[  187.054258][ T9624] lo speed is unknown, defaulting to 1000
[  187.056112][ T9624] lo speed is unknown, defaulting to 1000
[  188.007632][ T9658] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1302'.
[  188.060828][    T8] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  188.280100][    T8] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  188.283130][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.286336][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.289650][    T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  188.295671][    T8] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  188.298227][    T8] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  188.300850][    T8] usb 5-1: Manufacturer: syz
[  188.310047][    T8] usb 5-1: config 0 descriptor??
[  189.237475][    T8] usbhid 5-1:0.0: can't add hid device: -32
[  189.239818][    T8] usbhid 5-1:0.0: probe with driver usbhid failed with error -32
[  189.463944][   T39] kauditd_printk_skb: 4 callbacks suppressed
[  189.463955][   T39] audit: type=1326 audit(1729730929.193:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000
[  189.475762][   T39] audit: type=1326 audit(1729730929.193:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000
[  189.483380][   T39] audit: type=1326 audit(1729730929.193:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000
[  189.488904][   T39] audit: type=1326 audit(1729730929.193:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000
[  189.494939][   T39] audit: type=1326 audit(1729730929.193:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000
[  189.503052][   T39] audit: type=1326 audit(1729730929.193:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000
[  189.508548][   T39] audit: type=1326 audit(1729730929.193:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000
[  189.514045][   T39] audit: type=1326 audit(1729730929.193:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000
[  189.519536][   T39] audit: type=1326 audit(1729730929.193:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000
[  189.526251][   T39] audit: type=1326 audit(1729730929.193:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000
[  189.623129][ T9674] ALSA: mixer_oss: invalid OSS volume 'IPVS'
[  190.023138][ T5365] Bluetooth: hci1: command 0x0405 tx timeout
[  190.294089][ T9699] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1311'.
[  191.360855][ T4793] usb 5-1: USB disconnect, device number 16
[  191.408402][ T9756] raw_sendmsg: syz.0.1320 forgot to set AF_INET. Fix it!
[  191.426989][ T9762] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1321'.
[  191.462320][ T9764] netlink: 728 bytes leftover after parsing attributes in process `syz.0.1322'.
[  191.465763][ T9764] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1322'.
[  191.474433][ T9767] netlink: 'syz.2.1323': attribute type 9 has an invalid length.
[  191.476477][ T9767] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1323'.
[  191.558104][ T9775] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1325'.
[  191.560382][ T9775] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1325'.
[  191.565247][ T9775] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1325'.
[  191.567444][ T9775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1325'.
[  191.569553][ T9775] netlink: 'syz.0.1325': attribute type 1 has an invalid length.
[  191.981037][ T5391] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  192.110957][ T5391] usb 7-1: device descriptor read/64, error -71
[  192.370934][ T5391] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  192.511120][ T5391] usb 7-1: device descriptor read/64, error -71
[  192.620963][ T5391] usb usb7-port1: attempt power cycle
[  192.652426][ T9809] netlink: 'syz.1.1336': attribute type 1 has an invalid length.
[  192.970898][ T5391] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  193.001484][ T5391] usb 7-1: device descriptor read/8, error -71
[  193.095902][ T9828] __nla_validate_parse: 9 callbacks suppressed
[  193.095917][ T9828] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1341'.
[  193.260913][ T5391] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  193.281766][ T5391] usb 7-1: device descriptor read/8, error -71
[  193.340890][   T30] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  193.396459][ T5391] usb usb7-port1: unable to enumerate USB device
[  193.470958][ T9831] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1342'.
[  193.492259][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.495145][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.497800][   T30] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  193.501275][   T30] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  193.504593][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.508474][   T30] usb 5-1: config 0 descriptor??
[  193.623959][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  193.629398][ T9839] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1346'.
[  193.632381][ T9839] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1346'.
[  193.638193][ T9839] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1346'.
[  193.642097][ T9839] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1346'.
[  193.644498][ T9839] netlink: 'syz.3.1346': attribute type 1 has an invalid length.
[  193.646449][ T9839] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1346'.
[  193.675657][ T9843] overlay: Unknown parameter 'rootcontext'
[  193.704033][ T9847] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1348'.
[  193.727199][   T30] usbhid 5-1:0.0: can't add hid device: -71
[  193.729174][   T30] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  193.732232][   T30] usb 5-1: USB disconnect, device number 17
[  193.765964][ T9854] tmpfs: Bad value for 'mpol'
[  194.013923][ T9862] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1352'.
[  194.312319][ T9871] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1355'.
[  194.318709][ T9871] netlink: 'syz.3.1355': attribute type 1 has an invalid length.
[  194.765051][ T9887] ieee802154 phy0 wpan0: encryption failed: -22
[  194.767141][ T9887] ieee802154 phy0 wpan0: encryption failed: -22
[  194.962816][   T39] kauditd_printk_skb: 32986 callbacks suppressed
[  194.962832][   T39] audit: type=1800 audit(1729730934.693:33455): pid=9887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1360" name="/" dev="fuse" ino=1 res=0 errno=0
[  194.972815][   T39] audit: type=1800 audit(1729730934.693:33456): pid=9888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1360" name="/" dev="fuse" ino=1 res=0 errno=0
[  195.084506][ T9898] netlink: 'syz.3.1364': attribute type 1 has an invalid length.
[  195.410955][ T5391] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  195.562971][ T5391] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  195.565602][ T5391] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  195.568382][ T5391] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  195.580989][ T5391] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  195.585537][ T5391] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  195.587817][ T5391] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  195.589950][ T5391] usb 7-1: Manufacturer: syz
[  195.598010][ T5391] usb 7-1: config 0 descriptor??
[  195.817508][   T39] audit: type=1326 audit(1729730935.543:33457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  195.824297][   T39] audit: type=1326 audit(1729730935.543:33458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf747e579 code=0x7ffc0000
[  195.829955][   T39] audit: type=1326 audit(1729730935.543:33459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  195.836587][   T39] audit: type=1326 audit(1729730935.543:33460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf747e579 code=0x7ffc0000
[  195.842200][   T39] audit: type=1326 audit(1729730935.543:33461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  195.847718][   T39] audit: type=1326 audit(1729730935.543:33462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf747e579 code=0x7ffc0000
[  195.853394][   T39] audit: type=1326 audit(1729730935.543:33463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000
[  195.856299][ T9916] syz.0.1370 (9916): drop_caches: 2
[  195.859066][   T39] audit: type=1326 audit(1729730935.543:33464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf747e579 code=0x7ffc0000
[  196.010523][ T5391] appleir 0003:05AC:8243.0024: unknown main item tag 0x0
[  196.012678][ T5391] appleir 0003:05AC:8243.0024: No inputs registered, leaving
[  196.017227][ T5391] appleir 0003:05AC:8243.0024: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  196.075074][  T830] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  196.220920][  T830] usb 6-1: Using ep0 maxpacket: 8
[  196.224280][  T830] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  196.227064][  T830] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  196.229591][  T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  196.232314][  T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  196.234914][  T830] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  196.238269][  T830] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  196.240601][  T830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.460134][  T830] usb 6-1: usb_control_msg returned -71
[  196.461801][  T830] usbtmc 6-1:16.0: can't read capabilities
[  196.468697][  T830] usb 6-1: USB disconnect, device number 29
[  196.527427][ T5391] usb 7-1: USB disconnect, device number 21
[  197.121919][ T9960] netlink: 'syz.1.1383': attribute type 1 has an invalid length.
[  197.730342][T10011] nbd: socks must be embedded in a SOCK_ITEM attr
[  198.041073][ T5391] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  198.077458][T10024] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  198.213918][ T5391] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  198.217684][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.220968][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.226041][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0
[  198.229239][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.233132][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.237000][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0
[  198.240485][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.243656][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.247525][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0
[  198.250292][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.253350][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.256315][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0
[  198.258889][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.261368][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.264176][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0
[  198.266814][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.269481][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.272462][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0
[  198.275101][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.277701][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.280514][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0
[  198.282965][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  198.285373][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  198.288244][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0
[  198.291895][ T5391] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  198.294274][ T5391] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  198.296494][ T5391] usb 5-1: Product: syz
[  198.297951][ T5391] usb 5-1: Manufacturer: syz
[  198.299249][ T5391] usb 5-1: SerialNumber: syz
[  198.301416][ T5391] usb 5-1: config 0 descriptor??
[  198.304623][ T5391] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  198.508012][T10027] __nla_validate_parse: 40 callbacks suppressed
[  198.508028][T10027] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1408'.
[  198.559162][    C3] usb 5-1: yurex_control_callback - control failed: -71
[  198.562278][ T5391] usb 5-1: USB disconnect, device number 18
[  198.565039][ T5391] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  198.723407][T10036] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1412'.
[  198.726403][T10036] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1412'.
[  198.730377][T10036] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1412'.
[  198.734814][T10036] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1412'.
[  198.737648][T10036] nbd: socks must be embedded in a SOCK_ITEM attr
[  198.779412][T10042] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1415'.
[  199.090844][    T9] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  199.119087][T10059] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1421'.
[  199.260882][    T9] usb 7-1: Using ep0 maxpacket: 8
[  199.264057][    T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  199.266448][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  199.268871][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  199.281086][    T9] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  199.284380][    T9] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  199.290814][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.329569][T10065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1422'.
[  199.330372][T10064] netlink: 'syz.3.1423': attribute type 1 has an invalid length.
[  199.331961][T10065] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1422'.
[  199.336268][T10064] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1423'.
[  199.339907][T10065] nbd: socks must be embedded in a SOCK_ITEM attr
[  199.498608][    T9] usb 7-1: usb_control_msg returned -32
[  199.500044][    T9] usbtmc 7-1:16.0: can't read capabilities
[  199.581883][ T4793] usb 7-1: USB disconnect, device number 22
[  200.000917][T10091] block nbd3: Device being setup by another task
[  200.007772][T10094] nbd: socks must be embedded in a SOCK_ITEM attr
[  200.093079][T10091] block nbd3: shutting down sockets
[  200.408992][T10121] netlink: 'syz.0.1439': attribute type 12 has an invalid length.
[  200.413269][T10121] netlink: 'syz.0.1439': attribute type 11 has an invalid length.
[  200.478897][T10124] nbd: socks must be embedded in a SOCK_ITEM attr
[  201.242963][T10147] nbd: socks must be embedded in a SOCK_ITEM attr
[  201.878507][T10175] netlink: 'syz.3.1460': attribute type 10 has an invalid length.
[  201.895346][T10175] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.898010][T10175] team0: Port device batadv0 added
[  201.973171][T10178] nbd: socks must be embedded in a SOCK_ITEM attr
[  202.766621][T10206] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  202.776723][T10206] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  202.780259][T10206] kvm: requested 95542 ns i8254 timer period limited to 200000 ns
[  202.785122][T10206] kvm: requested 82971 ns i8254 timer period limited to 200000 ns
[  202.788011][T10206] kvm: requested 96381 ns i8254 timer period limited to 200000 ns
[  202.793365][T10206] kvm: requested 90514 ns i8254 timer period limited to 200000 ns
[  202.796633][T10206] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  202.799739][T10206] kvm: requested 84647 ns i8254 timer period limited to 200000 ns
[  202.807110][T10206] kvm: requested 39390 ns i8254 timer period limited to 200000 ns
[  202.810115][T10206] kvm: requested 85485 ns i8254 timer period limited to 200000 ns
[  202.965153][T10214] nbd: socks must be embedded in a SOCK_ITEM attr
[  203.397202][T10232] hub 9-0:1.0: USB hub found
[  203.399164][T10232] hub 9-0:1.0: 1 port detected
[  203.518435][T10239] __nla_validate_parse: 38 callbacks suppressed
[  203.518453][T10239] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1478'.
[  203.692666][T10247] program syz.0.1480 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  203.728851][T10251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1481'.
[  203.732130][T10251] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1481'.
[  203.738118][T10251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1481'.
[  203.740426][T10251] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1481'.
[  203.743613][T10251] nbd: socks must be embedded in a SOCK_ITEM attr
[  203.788104][T10253] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1482'.
[  204.005291][T10267] input: syz1 as /devices/virtual/input/input16
[  204.023016][T10274] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1487'.
[  204.037257][T10276] program syz.1.1488 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  204.042326][T10276] program syz.1.1488 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  204.045929][T10276] program syz.1.1488 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  204.094375][T10290] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1490'.
[  204.096821][T10290] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1490'.
[  204.107047][T10290] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1490'.
[  204.111752][T10290] nbd: socks must be embedded in a SOCK_ITEM attr
[  204.128086][T10292] netlink: 'syz.2.1491': attribute type 2 has an invalid length.
[  205.107161][T10321] nbd: socks must be embedded in a SOCK_ITEM attr
[  205.351235][T10337] Bluetooth: hci3: Opcode 0x0401 failed: -22
[  205.555858][T10345] EXT4-fs (sda1): shut down requested (2)
[  205.558075][T10345] Aborting journal on device sda1-8.
[  205.654008][T10350] nbd: socks must be embedded in a SOCK_ITEM attr
[  205.819267][T10358] netlink: 'syz.2.1513': attribute type 13 has an invalid length.
[  205.821855][T10358] macvtap0: entered allmulticast mode
[  205.823294][T10358] veth0_macvtap: entered allmulticast mode
[  205.825876][T10358] macvtap0: refused to change device tx_queue_len
[  206.000914][  T830] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  206.172219][  T830] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  206.175893][  T830] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  206.180313][  T830] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  206.183716][  T830] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.187802][  T830] usb 5-1: config 0 descriptor??
[  206.384239][T10376] nbd: nbd0 already in use
[  206.467822][T10389] trusted_key: encrypted_key: insufficient parameters specified
[  206.502843][T10391] zonefs (nbd2) ERROR: Not a zoned block device
[  206.513684][   T39] kauditd_printk_skb: 70 callbacks suppressed
[  206.513701][   T39] audit: type=1326 audit(1729730946.243:33535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz.2.1524" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe0579 code=0x0
[  206.604905][  T830] plantronics 0003:047F:FFFF.0025: No inputs registered, leaving
[  206.611406][  T830] plantronics 0003:047F:FFFF.0025: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  206.624243][T10399] openvswitch: netlink: Actions may not be safe on all matching packets
[  206.807394][  T830] usb 5-1: USB disconnect, device number 19
SYZFAIL: posix_spawn failed
 (errno 5: Input/output error)
[  207.283143][ T9720] bridge_slave_1: left allmulticast mode
[  207.285290][ T9720] bridge_slave_1: left promiscuous mode
[  207.288377][ T9720] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.323017][ T9720] bridge_slave_0: left allmulticast mode
[  207.325107][ T9720] bridge_slave_0: left promiscuous mode
[  207.335885][ T9720] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.958606][ T9720] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  207.963176][ T9720] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.966906][ T9720] bond0 (unregistering): Released all slaves
[  207.971906][ T9720] bond1 (unregistering): Released all slaves
[  208.396900][ T9720] hsr_slave_0: left promiscuous mode
[  208.398947][ T9720] hsr_slave_1: left promiscuous mode
[  208.400866][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  208.403028][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_0
[  208.405661][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.407804][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_1
[  208.433815][ T9720] veth1_macvtap: left promiscuous mode
[  208.435529][ T9720] veth0_macvtap: left promiscuous mode
[  209.047136][ T9720] team0 (unregistering): Port device team_slave_1 removed
[  209.134151][ T9720] team0 (unregistering): Port device team_slave_0 removed
[  210.237000][ T9720] IPVS: stop unused estimator thread 0...
[  210.366057][ T9720] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.469048][ T9720] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.556099][ T9720] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.625359][ T9720] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.790362][ T9720] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.837344][ T9720] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.915015][ T9720] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.970119][ T9720] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.064406][ T9720] bridge_slave_1: left allmulticast mode
[  211.065908][ T9720] bridge_slave_1: left promiscuous mode
[  211.067425][ T9720] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.070365][ T9720] bridge_slave_0: left allmulticast mode
[  211.072228][ T9720] bridge_slave_0: left promiscuous mode
[  211.073796][ T9720] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.171756][ T9720] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.175457][ T9720] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.178852][ T9720] bond0 (unregistering): Released all slaves
[  212.257608][ T9720] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.263355][ T9720] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.268420][ T9720] bond0 (unregistering): Released all slaves
[  212.774160][ T9720] hsr_slave_0: left promiscuous mode
[  212.775872][ T9720] hsr_slave_1: left promiscuous mode
[  212.777505][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  212.779495][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.781968][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  212.783889][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.788531][ T9720] hsr_slave_0: left promiscuous mode
[  212.790525][ T9720] hsr_slave_1: left promiscuous mode
[  212.792439][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  212.794384][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.796606][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  212.798568][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.829666][ T9720] veth1_macvtap: left promiscuous mode
[  212.831793][ T9720] veth0_macvtap: left promiscuous mode
[  212.833284][ T9720] veth1_vlan: left promiscuous mode
[  212.835748][ T9720] veth0_vlan: left promiscuous mode
[  212.837847][ T9720] veth1_macvtap: left promiscuous mode
[  212.839322][ T9720] veth0_macvtap: left allmulticast mode
[  212.840846][ T9720] veth0_macvtap: left promiscuous mode
[  212.842331][ T9720] veth1_vlan: left promiscuous mode
[  212.843746][ T9720] veth0_vlan: left promiscuous mode
[  213.596038][ T9720] team0 (unregistering): Port device team_slave_1 removed
[  213.679904][ T9720] team0 (unregistering): Port device team_slave_0 removed
[  214.054311][ T9720] team0 (unregistering): Port device batadv0 removed
[  214.747851][ T9720] team0 (unregistering): Port device team_slave_1 removed
[  214.823426][ T9720] team0 (unregistering): Port device team_slave_0 removed
[  215.348930][   T56] lo speed is unknown, defaulting to 1000
[  215.872697][ T9720] IPVS: stop unused estimator thread 0...

VM DIAGNOSIS:
00:44:51  Registers:
info registers vcpu 0

CPU#0
RAX=000000000083d07d RBX=0000000000000000 RCX=ffffffff8b139ef9 RDX=0000000000000000
RSI=ffffffff8b4cc960 RDI=ffffffff8bb12d60 RBP=fffffbfff1b52af8 RSP=ffffffff8da07e20
R8 =0000000000000001 R9 =ffffed1005687025 R10=ffff88802b43812b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8da957c0 R14=ffffffff901ce608 R15=0000000000000000
RIP=ffffffff8b13b2df RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ffdb1ef9 CR3=0000000045d52000 CR4=00352ef0
DR0=0000000000000005 DR1=000000000000000a DR2=0000000000000002 DR3=0000000000000010 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f739bff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000beeb83 RBX=0000000000000001 RCX=ffffffff8b139ef9 RDX=0000000000000000
RSI=ffffffff8b4cc960 RDI=ffffffff8bb12d60 RBP=ffffed10036e9910 RSP=ffffc90000477e08
R8 =0000000000000001 R9 =ffffed10056a7025 R10=ffff88802b53812b R11=0000000000000000
R12=0000000000000001 R13=ffff88801b74c880 R14=ffffffff901ce608 R15=0000000000000000
RIP=ffffffff8b13b2df RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ffdc0ccc CR3=000000000db7c000 CR4=00352ef0
DR0=0000000000000005 DR1=000000000000000a DR2=0000000000000002 DR3=0000000000000010 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000004b9137 RBX=0000000000000002 RCX=ffffffff8b139ef9 RDX=0000000000000000
RSI=ffffffff8b4cc960 RDI=ffffffff8bb12d60 RBP=ffffed10036ec000 RSP=ffffc90000487e08
R8 =0000000000000001 R9 =ffffed10056c7025 R10=ffff88802b63812b R11=0000000000000000
R12=0000000000000002 R13=ffff88801b760000 R14=ffffffff901ce608 R15=0000000000000000
RIP=ffffffff8b13b2df RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000584194c0 CR3=000000002ad96000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000020000 RBX=0000000000000000 RCX=1ffff11004af1a7a RDX=0000000000000000
RSI=0000000000000022 RDI=ffff88802578d3fc RBP=0000000000000000 RSP=ffffc90002f2f5d8
R8 =0000000000000000 R9 =0000000000000000 R10=000000000000000f R11=0000000000000002
R12=0000000000000000 R13=ffff88802578d3d8 R14=0000000000000022 R15=ffff88802578c880
RIP=ffffffff8169f55c RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055d41b67eff8 CR3=0000000000bf4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf
ZMM22=998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1
ZMM23=6799726167997261 6799726167997261 6799726167997261 6799726167997261 6799726167997261 6799726167997261 6799726167997261 6799726167997261
ZMM24=6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7
ZMM25=183168a2183168a2 183168a2183168a2 183168a2183168a2 183168a2183168a2 183168a2183168a2 183168a2183168a2 183168a2183168a2 183168a2183168a2
ZMM26=2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b
ZMM27=bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e
ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=4c0900004c090000 4c0900004c090000 4c0900004c090000 4c0900004c090000 4c0900004c090000 4c0900004c090000 4c0900004c090000 4c0900004c090000