last executing test programs:

5m8.139959474s ago: executing program 3 (id=484):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x1eb482, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv_slave_0\x00', <r0=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f0000000180)={0x2, 0x7, {}, {<r2=>0xee00}, 0x80000001, 0xfffffff7})
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@private0, @in6=@private0, 0x6, 0x30, 0x4e23, 0xffb, 0x0, 0xa0, 0x0, 0xc, r0, r2}, {0x2, 0x7f, 0x1, 0x800000000000, 0x4, 0x100, 0x2}, {0x7c64, 0x1, 0x7fffffff, 0x28000000000}, 0x2, 0x6e6bb9, 0x0, 0x0, 0x2}, {{@in=@rand_addr=0x64010100, 0x4d2, 0x6c}, 0x2, @in6=@mcast2, 0x34ff, 0x4, 0x2, 0x5b, 0x2, 0x10, 0x5}}, 0xe4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000c3d9fe716419342e0001", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/24], 0x48)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x5}, 0x2f)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x1c, &(0x7f0000000000)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r7}, {}, {0x7, 0x0, 0xb, 0x6, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xa, 0x9, 0x9}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6, 0x2, 0x0, r6}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

5m7.200409729s ago: executing program 3 (id=487):
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$video(&(0x7f0000000140), 0x1d24, 0x23635de98487b93e)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="180000002e00010026bdf000fcdbdf1b04000000040010"], 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000003c0)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), 0xffffffffffffffff)
r5 = syz_open_dev$media(&(0x7f0000000040), 0x5, 0x141800)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r5, 0x80047c05, &(0x7f0000000100))
ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, 0x0)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000000, 0x5d032, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000000)={<r6=>0xffffffffffffffff}, 0x4000)
syz_open_procfs$pagemap(0x0, &(0x7f0000000240))
socket$inet(0x2, 0xa, 0x0)
r7 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
vmsplice(r8, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
ioctl$VIDIOC_CREATE_BUFS(r7, 0xc100565c, &(0x7f0000000040)={0x0, 0xfff, 0x4, {0x9, @pix_mp={0x12, 0x5be7, 0xb5315258, 0x6, 0xb, [{0x80000004, 0x7}, {0x7ff, 0x5}, {0x10000001, 0x9}, {0x63d, 0x7fd}, {0x1, 0xb}, {0x7, 0x489aa92e}, {0x5}, {0xff, 0x7}], 0x1, 0xc, 0x2, 0x0, 0x3}}, 0xfffffffd})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
ioctl$TCSETAF(r6, 0x5408, &(0x7f00000001c0)={0x7, 0x81, 0x1, 0x3, 0xb, "433aa7962294dfe8"})

5m6.132458875s ago: executing program 3 (id=493):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4604070003040000000000000003000300030000000903000038000000ce0000000e0000000b0020000102"], 0x58)
close(r0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000e00)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0}, 0x94)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) (fail_nth: 27)

5m5.192388116s ago: executing program 3 (id=499):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xc}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x20000804)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000780)=@newtfilter={0x4c, 0x2c, 0xd3f, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff3, 0x10}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}, @TCA_BPF_CLASSID={0x8, 0x3, {0x10}}]}}]}, 0x4c}}, 0x20004804)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000080)={@private0, 0x8000000, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x2, 0x9}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000180)={@dev={0xfe, 0x80, '\x00', 0xf}, 0x8000000, 0x0, 0x1, 0x0, 0x0, 0x5}, 0x20)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r8, @ANYBLOB="fe000000000000001c0012000c000100626f6e6400"], 0x3c}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket(0x1, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
r13 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r13, 0x400448c8, &(0x7f0000000580)={r11, r12, 0x101, 0x0, &(0x7f0000000400), 0x2, 0xfc, 0xb, 0x7fff, 0x100, 0x2, 0x800, 'syz1\x00'})
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r14], 0x54}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c000000110001002dbd7000fbdbdf2500000000", @ANYRES32=r14], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x6, 0x9, 0x7fff0000}]})
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)

5m4.969419696s ago: executing program 3 (id=503):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x181000)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000a80)='a', 0x1}) (async)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000180)={&(0x7f0000000000)="dd", 0x1}) (async)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000140)={&(0x7f0000000100)="e3", 0x1, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r1, 0xc00464be, &(0x7f0000000080)={r2}) (async)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000500)={&(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0, <r3=>0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x3, 0x5, 0x5})
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000540)={0x1, r3, 0x3, 0x90, 0x1, 0x61f, 0x8})
r4 = syz_open_procfs(0x0, &(0x7f0000000280)='fd/3\x00')
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f00000002c0)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x5, r2, 0xfbfbfbfb}) (async)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, &(0x7f00000003c0)={r2, 0xf9, &(0x7f00000002c0)=""/249})
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=@newlink={0x90, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20101}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x4}}}}}}, @IFLA_PHYS_PORT_ID={0xf, 0x22, "2b044da8b5dfd540fbf6f1"}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0xfffffffc}, @IFLA_PHYS_SWITCH_ID={0x24, 0x24, "9d7ef8706999d909ed44f497de7e24bdae1832ddc03086074d46290f7c85d314"}, @IFLA_PORT_SELF={0xc, 0x19, 0x0, 0x1, [@IFLA_PORT_PROFILE={0x6, 0x2, '\\\x00'}]}]}, 0x90}}, 0x0) (async)
syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) (async)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[], 0x48) (async)
io_setup(0x4005, &(0x7f00000004c0)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000480)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x7, r5, 0x0}]) (async)
r7 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
r8 = shmat(r7, &(0x7f0000ff9000/0x4000)=nil, 0x400c)
mremap(&(0x7f0000ff4000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffe000/0x2000)=nil) (async)
shmdt(r8)
setsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000240)={0x3, 0x7, 0x7, 0x1, 0xb2, 0xa, 0x0, 0x2, 0x7, 0xbd, 0x9, 0x9, 0x4, 0x30}, 0xe)
openat$full(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x2) (async)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) (async)
r9 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r9, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)

5m4.289147091s ago: executing program 3 (id=507):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
mremap(&(0x7f0000aaf000/0x3000)=nil, 0x3000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat$fuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$fuse(0xffffff9c, &(0x7f0000000200), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000006300)={0x2020, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x34014c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000001d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x0, {0x0, 0x1a}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8652b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x5, {0x8, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3966, 0x1, 0x8000, 0xfffffff8, r3, r4, 0x1, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat$dir(0xffffff9c, &(0x7f0000000240)='./file0\x00', 0x701203, 0x4)
r6 = openat(r5, &(0x7f0000000180)='./file0\x00', 0x80001, 0x101)
write$tcp_congestion(r6, &(0x7f00000000c0)='lp\x00', 0xfffffdef)
accept4$inet6(r6, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast2}, &(0x7f00000002c0)=0x1c, 0x0)
dup2(r0, r0)
write$FUSE_NOTIFY_POLL(r0, &(0x7f0000000100)={0xfffffffffffffeab, 0x1, 0x0, {0x2}}, 0xffffffe8)

5m4.288892244s ago: executing program 32 (id=507):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
mremap(&(0x7f0000aaf000/0x3000)=nil, 0x3000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat$fuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$fuse(0xffffff9c, &(0x7f0000000200), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000006300)={0x2020, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x34014c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000001d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x0, {0x0, 0x1a}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8652b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x5, {0x8, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3966, 0x1, 0x8000, 0xfffffff8, r3, r4, 0x1, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat$dir(0xffffff9c, &(0x7f0000000240)='./file0\x00', 0x701203, 0x4)
r6 = openat(r5, &(0x7f0000000180)='./file0\x00', 0x80001, 0x101)
write$tcp_congestion(r6, &(0x7f00000000c0)='lp\x00', 0xfffffdef)
accept4$inet6(r6, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast2}, &(0x7f00000002c0)=0x1c, 0x0)
dup2(r0, r0)
write$FUSE_NOTIFY_POLL(r0, &(0x7f0000000100)={0xfffffffffffffeab, 0x1, 0x0, {0x2}}, 0xffffffe8)

2m54.548733723s ago: executing program 4 (id=1366):
r0 = socket$xdp(0x2c, 0x3, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000200000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340)={0x4, 0x0, 0x1000, 0x7}, 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r1, 0x2000000, 0xfe7f, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f0000000100)={0x0, 0x0, 0x3, 0x1003, 0xfffffffffffffffc})
syz_io_uring_setup(0x891, &(0x7f0000000140)={0x0, 0x8c36, 0x80, 0x9, 0xe3}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8d40, 0x0)
ioctl$TIOCPKT(r6, 0x5420, &(0x7f0000000080)=0xfffffffa)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x2, "00769a7d8200010000001495595915303d6000"})
r7 = syz_open_pts(r6, 0x0)
ioctl$TCFLSH(r7, 0x540b, 0x1)
bind$vsock_stream(r5, &(0x7f0000000040)={0x28, 0x0, 0x2710}, 0x10)
listen(r5, 0x0)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r8, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r9 = dup(r8)
write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffd2c)
r10 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r10, 0x84, 0xb, &(0x7f00000000c0)={0x0, 0xfd, 0x15, 0x0, 0xfc, 0x0, 0xc4, 0xe2, 0x0, 0x4, 0x81, 0x80, 0x8, 0x5}, 0xe)
r11 = accept4(r5, 0x0, 0x0, 0x800)
recvmsg(r11, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'})
r12 = syz_io_uring_setup(0x88f, &(0x7f0000000440)={0x0, 0x304e, 0x0, 0x2, 0x28d}, &(0x7f0000000000)=<r13=>0x0, &(0x7f0000000280)=<r14=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r13, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r15 = io_uring_register$IORING_REGISTER_PERSONALITY(r12, 0x9, 0x0, 0x0)
syz_io_uring_submit(r13, r14, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}, 0x0, {0x0, r15}})

2m53.68411683s ago: executing program 4 (id=1371):
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', 0x0, 0x0, 0x1) (async)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', 0x0, 0x0, 0x1)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
io_setup(0x222, &(0x7f0000000180))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0xe, 0x0, 0x0, &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000340)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r1, 0xc02464bb, &(0x7f0000000000)={0x2, r2})
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001740)=ANY=[@ANYRES16=r3, @ANYRES64=0x0, @ANYBLOB, @ANYRESDEC=r0, @ANYRES16, @ANYBLOB="00d04a4c5d79580b69dc9d4ac8", @ANYRES8=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xc, 0xb9, &(0x7f0000000140)=""/185, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xc, 0xb9, &(0x7f0000000140)=""/185, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000380)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2) (async)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r8 = openat$binfmt_register(0xffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r8, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x8, 0x3a, '', 0x3a, '[$(.[(', 0x3a, './file0'}, 0x2d)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r9, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r9, &(0x7f00000009c0)={0x2, 0x4e24, @loopback}, 0x10)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
writev(r9, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) (async)
writev(r9, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)

2m52.497040836s ago: executing program 4 (id=1377):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000180)={0x2020}, 0x143b)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x9, @mcast1, 0x5}, 0x1c)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000001c0)={0x4, &(0x7f0000000080)=[{0x6, 0x9, 0x6, 0x3}, {0x3, 0x5, 0x8, 0x3}, {0x101, 0x9, 0x80}, {0x5, 0x8, 0x8, 0x1ad8f15b}]}, 0x8)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f00000000c0)={0x3, 'syz_tun\x00', {0xd66}, 0x1ff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e640000000018000280140008800800030001"], 0x48}}, 0x0)
sendmmsg$inet(r1, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)

2m52.38236305s ago: executing program 4 (id=1380):
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
truncate(&(0x7f0000000000)='./file0\x00', 0x96f)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x80}}]}, {0x2}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) (async, rerun: 32)
sendmmsg$unix(r3, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="d14c5a9b101aed00c467627208b03b638a0a3076b39979534505bc7414d0a150e576d0b6427cce6dc903a0eebd2642c541f74c0ca038a35f106cac9db8349093d73db1d33877ed1600afb4a7b5fe324abfd52104633625e71d80048c6047a1", 0x5f}, {&(0x7f0000000340)="76626e591767cddd3f13a035284d9d44d294a6ad0daacdf011838b", 0x1b}], 0x2, &(0x7f0000000980)=[@cred={{0x18, 0x1, 0x2, {r1}}}, @cred={{0x18, 0x1, 0x2, {r1}}}, @cred={{0x18, 0x1, 0x2, {r1, 0xee00}}}, @cred={{0x18, 0x1, 0x2, {0x0, 0x0, 0xee00}}}], 0x60, 0x10810}}], 0x1, 0x0) (async, rerun: 32)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) (async, rerun: 64)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000940)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r6, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010028bd7000fbdbdf251500000008000300", @ANYRES32=r7, @ANYBLOB="0c002b8008000100c3"], 0x28}, 0x1, 0x0, 0x0, 0x45001}, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) (async)
chdir(&(0x7f0000000300)='./file0\x00') (async)
setreuid(0x0, 0x0) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r9, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000000c0)={r10, r9, 0x4, r9}, 0x10)
write$binfmt_script(r8, &(0x7f0000000640)={'#! ', './file0', [], 0xa, "7bad65c4da5338577feb172ca63250224c76e2027f000000000000007e2ac7fe2e31a2e87e3ee43ed92dfbb6bc0700de24db4ec870b8000000000002002c65e7495fe9afeb28bb60e91e23e104f6dbbf40e1fc2ab1a77fd9f6414e438f03"}, 0x69) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000440)='io_uring_req_failed\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
sendmsg$netlink(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000000a40)=ANY=[@ANYBLOB="300000002e00030500"/20, @ANYRES64=r0, @ANYBLOB="a43aab2991aaa1f9424ec8450c8ca1e9ecb6941882dd1129b382b2b52758b7ec6dcb0da945f6f7d3b84d50ee8284028b7c13880160874c153197d3041d86194902da662601930ee5f978a6028947cd876cc8091e848da6532f3012ec1c23e86be74a2fcfb2b35a83759218bd849f2d69103ae2d4827b366f02783bc2e8b2028613aef6f49dca8a3250019ffcb7c03040f2961ef9d11f9e16ff8e08c9cc4af99078029d91ee8d4e42fa2d316defbfba6ee7ebe55b375c0bcb5dcba9f8b16fa43f8479d4bba251a4d9628d0700000000000000000000000000000000eedcd7d842f00fe02cf2da8e20d98104dea73b34dd72981cd291de04ca9b9f60b21c9adff7399ff1c83dafdd1536031987b03ed1f23125671d2ad922eb23299cabb32e72dbb3ca5e6a28af26aeebde5c3df702a12c89b9b7525f52660e158f8eec7ebe6dfa273ad1b16503d1d95459f58f"], 0x30}], 0x1}, 0x0)

2m52.184845344s ago: executing program 4 (id=1382):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0xb0, 0x400, 0x1, 0x20000}, &(0x7f0000000040), &(0x7f0000000080))
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0xc1842, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
setresuid(0xee01, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$get_persistent(0x16, 0x0, r1)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r3=>0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r3, 0x20000000000000f7, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])
r5 = ioctl$KVM_GET_STATS_FD_vm(r4, 0xaece)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'macvtap0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB='P\x00%\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="15010000000000001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32=r7, @ANYBLOB="0a000100aaaaaaaaaa160000"], 0x50}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002)
bind$packet(r5, &(0x7f0000000000)={0x11, 0x1, r7, 0x1, 0x45, 0x6, @multicast}, 0x14)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_COALESCE(r9, &(0x7f0000000200)={0x0, 0x47, &(0x7f0000000b00)={&(0x7f0000000000)={0x28, r8, 0x1, 0xfffffffe, 0x0, {{0x2}, {@void, @val={0xc, 0x99, {0x1, 0x2}}}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x1}]}, 0x28}}, 0x8000)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110e22ffc4)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001e80)={&(0x7f0000000180)=@abs={0x1, 0x5c, 0x1}, 0x6e, 0x0}, 0x20000)
r10 = syz_open_procfs(0x0, &(0x7f0000000100)='net/sctp\x00')
setreuid(0xee01, 0xee01)
utimensat(r10, 0x0, 0x0, 0x0)
ioctl$TUNGETVNETLE(r0, 0x40047451, &(0x7f0000000180))
close(0x3)
syz_usb_disconnect(0xffffffffffffffff)

2m51.250725741s ago: executing program 4 (id=1390):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
socket(0x2, 0x80805, 0x0) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000003c0)=[@in6={0xa, 0x4e24, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xdd2}]}, &(0x7f0000000180)=0xc) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
setsockopt(r0, 0x1, 0x7, &(0x7f0000000440)="f624737f", 0x4) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) (async)
clock_adjtime(0x2, &(0x7f00000005c0)={0x6, 0x4, 0x13, 0x0, 0x3, 0x2, 0x80000001, 0x7fffffff, 0x200, 0x1, 0x9b, 0xf, 0x1, 0x0, 0x81, 0x8, 0x394, 0x4, 0x4, 0x2, 0x3ff, 0x4, 0x3169, 0x4a2, 0x7, 0x8})
r4 = syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4) (async)
ptrace(0x8, r4) (async)
wait4(r4, 0x0, 0x2, 0x0)
socket$inet6(0xa, 0xa, 0x9)
r5 = fsmount(r3, 0x0, 0xc)
openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) (async)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={'veth0_to_bond\x00', {0x2, 0x4e22, @multicast2}})
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x8000)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/consoles\x00', 0x0, 0x0)
close(r6)
mount(&(0x7f0000000580)=@nullb, &(0x7f0000000100)='./file0\x00', &(0x7f0000000380)='xfs\x00', 0x81001f, &(0x7f0000000980)='norecovery') (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000240)={'erspan0\x00', &(0x7f00000000c0)={'syztnl0\x00', <r7=>0x0, 0x80, 0x1, 0x8, 0x3fb2, {{0x2e, 0x4, 0x0, 0xe, 0xb8, 0x64, 0x0, 0x7a, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}, @broadcast, {[@timestamp_addr={0x44, 0xc, 0x64, 0x1, 0x4, [{@broadcast, 0x10001}]}, @cipso={0x86, 0x62, 0xffffffffffffffff, [{0x1, 0xa, "441ac6dd1af4b225"}, {0x5, 0x5, "13bbc4"}, {0x5, 0xa, "4b1af216a97ea1a5"}, {0x2, 0x10, "5c4ad59b1da90376a048f2fe62a3"}, {0x1, 0xe, "665574e010ee3d05046c3820"}, {0x2, 0xe, "e0c8d8a056629e4a2607bf21"}, {0x7, 0x8, "24815cbd7af3"}, {0x6, 0x2}, {0x7, 0xd, "e2f6503dbd33828d6e2b90"}]}, @generic={0x7, 0x9, "043c4bc0e91590"}, @noop, @cipso={0x86, 0xe, 0x3, [{0x1, 0x6, "28ae33e5"}, {0x1, 0x2}]}, @cipso={0x86, 0x1d, 0x1, [{0x2, 0x7, "c579310f3c"}, {0x0, 0x4, "a142"}, {0x0, 0x3, '6'}, {0x6, 0x4, 'ty'}, {0x0, 0x5, "6d8491"}]}]}}}}})
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@deltclass={0x2c, 0x29, 0x100, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0xb, 0xfff2}, {0x2, 0xfff2}, {0x9, 0x2}}, [@tclass_kind_options=@c_tbf={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x11}, 0x20040000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, 0x15, 0x1, 0x0, 0x0, {0x5}}, 0x14}}, 0x0) (async)
r9 = socket(0x1e, 0x5, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_CONNINFO(r9, 0x6, 0x2, &(0x7f0000000340)={0x6, "663da9"}, 0x6) (async)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4402000010003b15fc0708000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000008ec01002400128009000100626f6e64000000001400028008000900020000000500010005000000"], 0x44}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)

2m35.958723619s ago: executing program 33 (id=1390):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
socket(0x2, 0x80805, 0x0) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000003c0)=[@in6={0xa, 0x4e24, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xdd2}]}, &(0x7f0000000180)=0xc) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
setsockopt(r0, 0x1, 0x7, &(0x7f0000000440)="f624737f", 0x4) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) (async)
clock_adjtime(0x2, &(0x7f00000005c0)={0x6, 0x4, 0x13, 0x0, 0x3, 0x2, 0x80000001, 0x7fffffff, 0x200, 0x1, 0x9b, 0xf, 0x1, 0x0, 0x81, 0x8, 0x394, 0x4, 0x4, 0x2, 0x3ff, 0x4, 0x3169, 0x4a2, 0x7, 0x8})
r4 = syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4) (async)
ptrace(0x8, r4) (async)
wait4(r4, 0x0, 0x2, 0x0)
socket$inet6(0xa, 0xa, 0x9)
r5 = fsmount(r3, 0x0, 0xc)
openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0) (async)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={'veth0_to_bond\x00', {0x2, 0x4e22, @multicast2}})
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x8000)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/consoles\x00', 0x0, 0x0)
close(r6)
mount(&(0x7f0000000580)=@nullb, &(0x7f0000000100)='./file0\x00', &(0x7f0000000380)='xfs\x00', 0x81001f, &(0x7f0000000980)='norecovery') (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000240)={'erspan0\x00', &(0x7f00000000c0)={'syztnl0\x00', <r7=>0x0, 0x80, 0x1, 0x8, 0x3fb2, {{0x2e, 0x4, 0x0, 0xe, 0xb8, 0x64, 0x0, 0x7a, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}, @broadcast, {[@timestamp_addr={0x44, 0xc, 0x64, 0x1, 0x4, [{@broadcast, 0x10001}]}, @cipso={0x86, 0x62, 0xffffffffffffffff, [{0x1, 0xa, "441ac6dd1af4b225"}, {0x5, 0x5, "13bbc4"}, {0x5, 0xa, "4b1af216a97ea1a5"}, {0x2, 0x10, "5c4ad59b1da90376a048f2fe62a3"}, {0x1, 0xe, "665574e010ee3d05046c3820"}, {0x2, 0xe, "e0c8d8a056629e4a2607bf21"}, {0x7, 0x8, "24815cbd7af3"}, {0x6, 0x2}, {0x7, 0xd, "e2f6503dbd33828d6e2b90"}]}, @generic={0x7, 0x9, "043c4bc0e91590"}, @noop, @cipso={0x86, 0xe, 0x3, [{0x1, 0x6, "28ae33e5"}, {0x1, 0x2}]}, @cipso={0x86, 0x1d, 0x1, [{0x2, 0x7, "c579310f3c"}, {0x0, 0x4, "a142"}, {0x0, 0x3, '6'}, {0x6, 0x4, 'ty'}, {0x0, 0x5, "6d8491"}]}]}}}}})
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@deltclass={0x2c, 0x29, 0x100, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0xb, 0xfff2}, {0x2, 0xfff2}, {0x9, 0x2}}, [@tclass_kind_options=@c_tbf={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x11}, 0x20040000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, 0x15, 0x1, 0x0, 0x0, {0x5}}, 0x14}}, 0x0) (async)
r9 = socket(0x1e, 0x5, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_CONNINFO(r9, 0x6, 0x2, &(0x7f0000000340)={0x6, "663da9"}, 0x6) (async)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4402000010003b15fc0708000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000008ec01002400128009000100626f6e64000000001400028008000900020000000500010005000000"], 0x44}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)

2m26.751583144s ago: executing program 0 (id=1497):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000900)=ANY=[@ANYBLOB="b700000000000000070000000000000095000000000000005b1953e7203b3833b487e3c4bd4540e4b6e87b7891e0f159182f542be18de00d9d95e1c4a6b62a3c065fc1a7b4c144cc2508eba2540e3425abc138dbaf9f6da59d9c77cbe2a8a9666a08ed1704c6bb2e422f01d64cae3050d7bd3c10b0e80d9483a2e36568cf0c6a1b78d9ca2f8065a1d7b4b0eeeecaa3c865de68042c9ab36e8a43b97955b04e5351f99c682a939832582c0dfd64028580c33fca4ca652f4c4e116c16e0f76fd9379599b54e06a8662f81fe375751e06007efabbd87b82d35367257d1bc15f92370261aace269013bc00b86daae71e253200000000b1467c86aff0ee8ff6c53939acb3866e8247eff7c10f000200000e6bd59e5b4dbc12ce8f0a5f816382fc66bcf14bb83ce2336b93b90594b78301e696503eea3404fe7dc3a8a5f9fde10f53e458e9efbe57fb52e85ea5346ed9f42418aefc6052afd588f8ae73eaab3af38936bfdadc91cda3983de6513ef3c2e58a54ffb1921aab1df971cdc2b2ab17bc9e421b5991b6036f845313a4a5f9d8a36472d7d758d73e9be967ca3fdae7d7ba03a8d9e5962c67ca30e5b6eb3c524c22632e47f18c879f0564361ef35aba5ed3f2d1b0bc6954e7e2dc49106ce8a49b48812ad3f5f8391c14ecde831be42d15bdc797c2b9ab30a8e90d7d53784e7add8e5bd5b6797a63e48efa0eb4d1df88ea8b388e94c6a15ac4e22447dad331244a38a5a2e294905611bfeadcac35f6ccf6af94191954c6b840a3092ef94d1e0e23019fbbdcd5b47e4a565ce42d0bbd7b14f9df1139c15ee4d687fe0861a8210071ebeb63606d28dcb5404e077400bd04453c49d0e2e0bb2700000046a4e564ba31c3d62f2d0fb6b7630f66f086e36885c3634a522888f1c4049361cfb8914f59073ba6a8a6ea283acfa3d3bc40e7a70f71b27686ac5307918ac06f1a396fe1accc74e9eabfea"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x17}, 0x48)
r1 = socket(0x10, 0x800000000080002, 0x6)
setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f00000000c0)=r0, 0x4)
gettid()
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000180)={0x40000000})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x1c58, &(0x7f0000000300)={0x0, 0x4ac1, 0x10000, 0x2, 0x3f, 0x0, r5}, &(0x7f0000000180)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4})
io_uring_enter(r6, 0x2dec, 0x4800, 0x2, 0x0, 0x0)
pselect6(0x2a, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x1000000, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2m25.807181093s ago: executing program 0 (id=1501):
mkdir(&(0x7f0000000240)='./bus\x00', 0x48)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000700)=@raw={'raw\x00', 0x3c1, 0x3, 0x4cc, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x404, 0x3d8, 0x3d8, 0x404, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x28c, 0x2d4, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x0, 0x2, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf4}, {0x0, 0x11, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, [0x0, 0x0, 0xff000000, 0xff], [0xffffff00, 0xffffff00, 0xff000000, 0xffffffff], 'team_slave_1\x00', 'veth1_virt_wifi\x00', {0xff}, {}, 0x886215f4d37bb4bb, 0x90, 0x1, 0x69}, 0x0, 0xc8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x528)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x6)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
gettid()
listen(r2, 0x99)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
sendto$inet(r1, 0x0, 0x0, 0x240007bd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x8a)
lsetxattr(&(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=@known='trusted.overlay.impure\x00', &(0x7f00000003c0)='\x00', 0x1, 0x1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000480), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

2m24.885599771s ago: executing program 0 (id=1512):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.current\x00', 0x26e1, 0x0)
close(r0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000080)={0x1, 0x0, [{0x1c5, 0x0, 0x5}]})
socket$kcm(0xa, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000c0002060500000000000000000000000000040006"], 0x18}}, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8b32, &(0x7f0000000000)={'virt_wifi0\x00', @random="06000000ffff"})

2m24.529680828s ago: executing program 0 (id=1516):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x200006, 0x8, &(0x7f0000006680))
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00', 0xfffffffc})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc08c5334, &(0x7f0000000400))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x60880, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)={'#! ', './file0', [{0x20, '9p\x00'}, {0x20, '9p\x00'}, {0x20, 'syz\x00'}, {0x20, '\x00'}, {0x20, '\t\x00\x00\x00\x00\x00\x00\x00\xfe$Y{\x9b\x05\x00&.\xdc'}, {}, {0x20, '[*'}, {0x20, ']'}, {}, {0x20, 'syz\x00'}], 0xa, "a60429d372a0b35d75dcbd98438e0eb599d66b8a50c113253a29717849958721f107c5b759a7eeaaaaad1c957e0b9c86f8a6715c86e4a0192892f7e07c85fa1ac3bec796ce6f0a17065cc105b11ce1b489e3aab9d43099f83bd578584e97d6f1597ca98248a64aa69ed10a2e9ed0c2907527d780085709214fee6e4c0cf72c4db1367865c03e4df4ccfc5990dc370c78e604aa6008ffe9889ff306ca72c5ac4925ca6e94ecfbf64bc84943f417d4637cfa481cd092204a29824fe31a632f275339f9157a07b18e3ded3e28893c06e9a79c782c3bdf5185cdfcecd9c420b233d0b432c4d45f1ebb8247d3f52d5a9d3e3be2c1352f4ee45c03a97b"}, 0x133)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299b000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)
capset(0x0, &(0x7f0000000080))
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0xf000, 0x3, &(0x7f0000009000/0xf000)=nil)
mremap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bind$bt_l2cap(r3, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
syz_clone(0x111, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$SO_TIMESTAMP(r3, 0x1, 0x1d, &(0x7f00000000c0), &(0x7f0000000140)=0x4)
write$P9_RREADDIR(r4, &(0x7f0000000640)={0xb, 0x29, 0x2, {0xf}}, 0xfffffc95)

2m24.435222703s ago: executing program 0 (id=1517):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mremap(&(0x7f0000064000/0x3000)=nil, 0x3000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
socket$netlink(0x10, 0x3, 0xf)

2m24.228112616s ago: executing program 0 (id=1519):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0x11}]}, 0x0, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x9, 0x3, 0x2, 0x8, 0x6100, r1, 0xed4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x3}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000540)={&(0x7f0000000180)="c8166c9f6452d8e4455580a0cfd161c3a1646c00d8bccc522c21a36e855c1ff58f93520b0a7d6b63dcf9f7bf5915efce9887a6f4cd9c752478b375e2811616d3957ca7722b7e9d41462fb05f6eaca5a374e174f77d6bdce2e5d4e3a2bb7a15f26a7e3b69a627c2a5f9952fcef3752243494badc4ab786814ae38f8e80b8b2a0ccfbabf595444c7bc76d5489360a3d5d4ef3607e74db691d9729a16965874fccfb2319e", &(0x7f0000000080)=""/13, &(0x7f0000000300)="ec745add85df996e51a3e97c4506816d5f22175f764c432eb07930cb74a7b3d9896166be4d8458bb676de5f08c15292e711e3f41412d623fd60f076954c5c6391ee6a409a86e77c3ebb42dd094895bf698a283291f2c979b106a107e0bc1ee7e95d62463952e9733b620cd79146a4ce5c4a21e45ee8705fad5c864064a01d35fff447eab6aa1946c9ce3ff415634a59f48e11976f7afd32d36a7ef40574ec3f92b728f614e5683ba310a85de50ba8443a37a950c3ebfe6408d4499d1b58f41", &(0x7f00000003c0)="ae448bb62c49f54fbcaed9d8cf483c225661539b570a9b8cd1948abe44bd0e05dd9db535ad534a083c513e8053f5b1a60b5aa76702ae6b21", 0x81ec, r3, 0x4}, 0x38)

2m24.180123506s ago: executing program 34 (id=1519):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0x11}]}, 0x0, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x9, 0x3, 0x2, 0x8, 0x6100, r1, 0xed4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x3}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000540)={&(0x7f0000000180)="c8166c9f6452d8e4455580a0cfd161c3a1646c00d8bccc522c21a36e855c1ff58f93520b0a7d6b63dcf9f7bf5915efce9887a6f4cd9c752478b375e2811616d3957ca7722b7e9d41462fb05f6eaca5a374e174f77d6bdce2e5d4e3a2bb7a15f26a7e3b69a627c2a5f9952fcef3752243494badc4ab786814ae38f8e80b8b2a0ccfbabf595444c7bc76d5489360a3d5d4ef3607e74db691d9729a16965874fccfb2319e", &(0x7f0000000080)=""/13, &(0x7f0000000300)="ec745add85df996e51a3e97c4506816d5f22175f764c432eb07930cb74a7b3d9896166be4d8458bb676de5f08c15292e711e3f41412d623fd60f076954c5c6391ee6a409a86e77c3ebb42dd094895bf698a283291f2c979b106a107e0bc1ee7e95d62463952e9733b620cd79146a4ce5c4a21e45ee8705fad5c864064a01d35fff447eab6aa1946c9ce3ff415634a59f48e11976f7afd32d36a7ef40574ec3f92b728f614e5683ba310a85de50ba8443a37a950c3ebfe6408d4499d1b58f41", &(0x7f00000003c0)="ae448bb62c49f54fbcaed9d8cf483c225661539b570a9b8cd1948abe44bd0e05dd9db535ad534a083c513e8053f5b1a60b5aa76702ae6b21", 0x81ec, r3, 0x4}, 0x38)

8.902064058s ago: executing program 1 (id=2213):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002027702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000071000000950000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000340)={0x1, 0x1, &(0x7f0000000240)=""/225, 0x0, &(0x7f00000001c0)=""/48, 0x9000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000000c0))
r2 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000100)={0x1, r2})
rseq(&(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)

8.760595101s ago: executing program 1 (id=2215):
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000500)={0x5, 0x0, 0xeeee8000, 0x2000, &(0x7f0000ffc000/0x2000)=nil})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="020401070d00000027bd7000fddbdf2502001000000004d4000004d2000000000200010005000000090000000000000002001000000004d2000004d30000000005001a00e0000002000000000000000000000000fffff18409000000000002000000000026000c10"], 0x68}}, 0x48000)
connect$qrtr(r3, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0xa5a1, 0x800, 0x7, 0x285}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
mkdir(&(0x7f0000000200)='./file0\x00', 0x28e08a7aa33ba155)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x54)
mremap(&(0x7f000060c000/0x3000)=nil, 0x3000, 0x3000, 0x0, &(0x7f0000ff5000/0x3000)=nil)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$vhost_msg_v2(r5, &(0x7f0000000240)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)
lsetxattr$security_capability(&(0x7f0000000100)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000240)=@v3={0x3000000, [{0xffff4a0c, 0x7}, {0x2}], 0xee01}, 0x18, 0x0)
r6 = open(&(0x7f00000001c0)='./file0\x00', 0x14b042, 0x83)
ftruncate(r6, 0x3000000)

7.643525735s ago: executing program 1 (id=2219):
r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000000000000000000020000000000"], 0x0, 0x1a}, 0x28)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000300)=0x100001, 0x4)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000000)=0xa)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x5, @rand_addr=' \x01\x00', 0x4001}, 0x1c)
ioctl$SG_GET_VERSION_NUM(r0, 0x2284, &(0x7f0000000080))
r2 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
mknod$loop(0x0, 0x80, 0x0)
syz_emit_ethernet(0xae, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x78, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1803"}, {0x0, 0x1, "00e9bf0dff80000000000000"}, {0x0, 0x1, "e30000000000"}]}}}}}}, 0x0)
syz_usb_control_io$uac1(r2, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r3, 0x5b04, 0x0)

4.826123565s ago: executing program 2 (id=2237):
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x4000)=nil, 0x0, 0x12)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x20040001)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r2, &(0x7f00000002c0)={'#! ', './file0', [], 0xa, "1f410e2852ad52cb07410969e814977e4f2c4a80522094786c8673fb61cf8b86bd030000005a3c7c04055f1f70e4064d46b2bb9e5100d446bb6afb2c0fc07b58f4a9c1006a0b6c05639e23ec12979ff9b48ca61e6dec58682449c75d86eb4337b8d343ed9c18927289d3d788fa281a5742690ff5a505cfff34fc1503afbfd2d44b50e4ca119f67b2890064d83a34eae5f4e64ae0c7c124730f21dcbc2d36ade1464efc381735512e000bc2b08cd6d659d3cfb1f7968823"}, 0xc2)
write$FUSE_NOTIFY_STORE(r2, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x28)
close(r2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r3}, 0x38)
r4 = signalfd4(r3, &(0x7f0000000040)={[0xffffffff, 0x800]}, 0x8, 0x40800)
mq_notify(r4, &(0x7f0000000100)={0x0, 0x15, 0x2, @thr={&(0x7f00000000c0)="84b7db386c911fd5", &(0x7f0000000640)="29ceeaac08f90af62d07868a6c44f29f847fd9f131239bed0077bcb2a77c111681069f8681eea952e251d8bd0c4c5229da7268d7e70a998aba992a4193dd86c37e7dffe5b7b5a159558acd5e7149d3c3f932a2a77544c6d294e26544a8bce8a967f2a0c622ac140bbf8b9f5f14dc3cea6aac9acee8d5693d7ed6a81d35d180fa16413616ef760a6c5790fade9424dd573f29cada22f53a22e4407d754d29b4c02103a278c89227f5fb9346e288e1d5b64be09cc816a167aae7271567b3ff43e18becf3e98e4541c0a2f1f156793cc8c58d6ba5a0f9c8cd82a7f21deac7f67133884c17dc873c5904fbdfbf211ccb1a5a213ca79e1f73fdbddaf363cff73bf8bec714525b95200516e87864d8c56fbde0cad586ad5bce0266d006f690e8d097d2c9546981ffdd1de0aa0450800def3b1544088539a1695ecdf54731bf64b18190a09467cf0ef5f6f94f7ed10ddd03ec2fc8e5bd01e1048c088058caffe1d1056f3e32f7ab31af86245b13f370c80d4c0294b7c4aab1d19c60627e9b757c8ce14ef5845cc23f515b103389b2a9f0d8bca18b6972e3ff48867a1f323bba6319735f477d2a9f2b96e9217d068e5fc26e66c985193b6633a224a51f112afa912b927050cbff94512ded707ba943f8c3890511d2316cb96487b4bf36b8a32ab2444a7b48b84024ce53802456c6ade9b74d6b9f712b964198ca1ea6b56ee69582866df199abfc0fcd851f1c532694b904720f1ac21f1ca4eb376ee9ea1478b35e50af34f731b9a0fed21e14531022c6d5f1eb632487b4b01f6ef7149032e0b8e05f9b387dd3164237898dcb38c08e7839e39cbf6f6e066f53c6d02f66e09da7e72c9116feb292c5faecfbb90f07e33743d37189ee182429cfcd9d879b18c69bedd924ce08343d45985a237eb13a3ba8c2cfb6bbc15d5b43ccd9dc16a95eca4586769b3b1f8b4e2a98a1a1dc05ec90ad0336dd6c91e9259fe4f1687e04e24b361caa17cebb26e05e1348ade331bf713ed6cd15fd1deb99e86abb6b6b4724c779ca43831c5308475c306ff40b4f3196374f909b8aa51292631a09766564d43cfb136b0e8ca314a35ed3c0bf1a3afc506f76573db9d2367312b0342f0743698d48b847539a06b609aae92cf810dadc6bf1ef27163d9f9dd1b269cc54c60771faeabd462473b03c633bec7873f3f35054fc84fbb9bc75247136b5344768bf9c9086b432a163d3c1ca9c9059dcb8a7cab96216a50d5cec8460ee94fd52ccbf0598cc07daa63ade579a2406ecad488beb98d38b29ef69d68d6ddfaef72718c6e3f9a059435f564f282c6a38c3d22b947b6ba84873a66321dc8c2f2f25aa2234cfeb727e09a61b9f8994564f6a15c491f853134368adac857fd0912fafa80f62cc34edcbb81b0a8279aed939c6cb9ef4f9cdb75187e50f85c5ec47a4b6ea133d8becf951c2f0e308cfb2bdf9032af36cf333fe697a3494a6de7ad700f865df2c64f6e19a09c88e84d1cac5409ea4abb0876150d1bd5926cb73706d329deb2fc97d071e363aa25ef5e0c2a006eaf0ab8cb45bb13828e6969e467dfb050b1f2861dae6d683f2ec526871333fbcd4509b8e545595f8c34c6483f066b5d3ff42c7cd1f7e17b3c6d9048da5255fc1b211a5dce2cc6dbdf23ecbc29207b992fe013e7a6ca3793326616c3cedcfa4683bc360d9555c3383f503cec55598803109f2380c322352d4da8aa416b3a2861b2bdeb92918072f45f0939533c3b26424edf2b0dd579340ed6736b5e0c3c469ec532d5a4a9d75f6bd8273dd68debc7bb216dc75fcbf3f542decc2049bd3f084e94592ef00ce38ef302e2e82cc2d6f96af62822fd5b7294fa98148f0ba863c8d1faedc969e9da3ccafb007e57a1dba3581ab09ecd078012b9455daad2e13cfa0dd26a93b605fb556afd2c548718843dca97c4f5580c9b06e1d46b489aa41a551bbc4255925b1495d2ec1abbe88dc84e473ebdc94041b9c0ddc4c5d531a8c9a50e2cc0f1ca438116e3fc90379a25f588f2b15791817d7cd89b4e266ee0725cdf43205f1f58ece692874ece3d791ae2385d9b0a482fd6adb10652559d7908ff229da0ec19903c5953af7e237762876a236836df79ebfc1e40e0aec2b71eccee8b951d1357e9c762b1f6adcd00d434ea27360146cf43d443ecf3a1cd9c2059549f53e844171f1676888c7d450e3e027031fa99367c7bfec40b7f9d74ace0b6184bf01c426132728ca6db8562dcd708b186c3dc8be3e63d38b6f84caba895e28f7f4fb4c4afee59d3052b279655f731b5b7357c739e7c74c5907189fb6cd1823463de0d46fbb48b4c719e851db5b682519a54921a451be1b93e366f74f2f9053a2c48318978d1c656c6ecb367229c68afacdedcdfbd89aab5748a9e127f95a65ff5e791bc105cd728905b19a7904358421d3ff512e52cf74a5ed1a613f4b48c5eddf5a294b32d652ffd4d3b18addc7f645c5281dd68fb981dd4801d1e6c41b4ed563e89513d4808b2ea20148b7ed04f4877ab7520fafea40ef5e45cb490dfa12f20baf237445499977c1c43deb9e189e167afe31bd4da315ba3c625178669782ae1f4a884d91e0c61b86a78c6c7e92bdc5a8acf475046bba69b7d4ef0c0d9034f404bf6b2208dcd9ca48f1f8a823681ba3aa0ad7c246be25f25d3f747d0033639f45b9eab739b6ff3c8a35472182fb88baf59f620345737103709a314296e2a5b3395425b842ee61e842936edcc94d4b8923708d0467051d9000c3a5e3a13d952bd7f397095c385002071b6e2a98829e41a9dac97041cf7de0a64c66232446dad6dd9825ab540419d2d4aec520c827cdaa60cb36be4f4e7360dc213105a46962472791383a7ac8cbf01c11054b892474dd007961ad2bac4e14e2856836be13d1e9b980a9479e7e5468644b29a3dabb1e98ccbb53a671af24a9dce71e147c2e0ac7f089c0cbc012384fb11f9ac8a1dd39b8318d42270c52c5d52573d2fd594c7a771679e172117a97dad393a5fc4f5b33a855192b5f604c1aa80465cbbaaeb8b110e22e4c49b3ae26adba328f585e27368349d921b17626f7b6366180162de48047bbbac6762a6e3ddfbcc7c8feb221fa11f00212631c1679d16c0d4ef73af14440846fba8bea05356f4379290556bc9909829f2d7ed0a891571ba6d13c43bcc8db227d4a85b8f59696c9f827c28b4960801fff3c766a6f97fd38cbfdf4b11cc9912d7863c3dab4bae12c12935bcb2f632f35f58d11d4261f1399fe38fea5ee23d2561c3a677a9d3653c67dfe6c6c4335a5e80baffc1613244182c68a74ec9fa9fdf2f506867dc4aff97d8e71fbdc7374d0f00d5f4f8442f0805083065ee4efb29da1c6a016a8988167d76d2ac0024dd4f42e6989915c516af51f9fdcb2f7624e3e57798d71a8f9c4dc6d42506ad34ccf2c0f14eb99ecc96963100caaf5efe1d656cdd226b2923d417d5dc2cdffa8eba928f4af2fcae2e5d8f5b4abd3d68fe716ffd15c251b3ff5e0c1c265b572605695ee4a5c32014a0ff893aeb7f72939ba5cdec36c566734d0e51b8d62c85437cc76bd7a858090f82af90731fa3abda430fd99d445b77f65cb57d991a6a7c642fca5ec01ba7dcbc9f745baa5d2f63598615b3a22ccffe9492429262f0729d1814330cdad1f8c7c37f77edca02da023b34619123d0db6030030e5f8ef48e6539cb94a0ac928b355d4f0258b1aaf9316653eba9b622847da1850320c9156ce8f8358ccb3160374ccc3f6ad64ed3fa4e9d3d3368d75d8b0280fb0b9cf414942b76e15fa1af9ab1fff21cda3a0c38c57cd98de14bfb6d0dfacac25181a82aad44bd2299908e310f93305571366f030c0264b2262c0a2d522414579bfab8959a82332c28f6b18fdbb85685a9de5278d1f632a1166781d96a5e6b070bcb2c53d105651703da6b8e41ecc8d2b861c7d0d78f538b713327841fcabfe350ab5cefaf9ecdf9f42ee9be7a9d395de9cc4e7e09ee2b8863c295cbb4667d0fe668834ced84cf2316bddd9504acf92db7b44cd00436c8d491e534af8a44571cd8e47d5c7ef2c6c13c6391179842072982d1ec4ec3d986f664a77832cec8e0a8fd2519eae0a5f46c86def90ef391c013763cb0aca54737ea62a22cf506bee69f94a73e1ecac102c08791f9925d4c73b33f23c95ccbe2f571813ed1000319cc4d0c6212f358733400dae04cd162064ee9ca6699d8809b83a85c63bce8427a1cc86beead41bf0c274201790292c667f92af6fdf4b660c9f858001e7e4a66e637e2c360b2778f8f3affa3e768c093092af19d3ccbe7033003727c60b78de97b00acea8e4de4a0c21e0e2e007e2a70bde91d62bbe61a2d089d4f59e134ac003e9c875a05f299c52fe384e7587868fbd9077c89215402cf811064e102e4a30b77e9f78f709a796547b38040799d8cb889c706bd4c0421085935c6aac9b7ec9f9e9ecca72bec46cb37f9414534c3200f7b5854f49782494e3a3c0a10390bb8fd983412a5e93d2339bd6b6ae74d8425ccda2e6e7d6eaa0810f5f57461bb62d5029d5f7202ce1857c1f5ae8a122dc15c455068de95be0d0c34cec71faa8102c15f038b420a837bf6c178c100639dd3f4350ea9779eaab2a7804c496abad8d69da54762f4c7fb1298e1d7bb4809bfb9304a58f3022cdfa977e4590d1c4b9f4466cb5dcb7c834557792bb0529d12fa91b72129c071d3599159f71584343a382dd04e851585182b41709c5024b6361b71005456b43665ac8ed49ff7d109fc7921e2b756d01347b58535082498143f4c81368fc44a926947416208c8c334c367fdad47686d27a21a3ba3cfd64329e584882279c8ec8898e599e634e6c06d13db0087868c8b4ecd77e46fce1d5d52c7fdde0065f6b5ebd6e2c9316a0291fd501bed0e7a23e70742facb290ad7b731d7f2d30b2719b6d243ef0cec2148ec13319a50902525f955f3af98edb2292b5deea39006632f27018ebb30214df96333b29082daa32b9e3e1edcb98d68931cd0fcb47b23da18fa92189157de7bd7593c76dacfbc4a06960f643fc2f1fb1859e80c9870a67d0a4795d32d1de804bf68bf00cfe2d4213df22c6070ab50562e5785bd3cdae43837b01c830cd1a24a84b834d4b465d7e69c49879718240e53caf774e16539c4fbd2486d40139c88650b971474f6da7aa190713520a72bf23416d6f13541927e6b3085cfd3882468ac5d15ad1b2a2098610650469e9b7f5f16287ba7b59c33fc509e091460117ab3e0de724e55ac90d9784ffe355c616c2e891d82d276eda8a588413aa453472bc37230ae61fb9fdf6299c5d65e0e3035c8142a9a214804ba601b7d7aedfd75f8e727ee334b86ea6c9d9e9731dceabbee69eea9644a7136c65fb4d18a1bacc8e4da736e077e9c6f997db1298b0d6030e919d41a516b6a4837050cb2e53bbd714c07c0c23804790f69dfb9f85c42195f13df60c5bfdc4cd4c417d2dab580c723283bacaf89126e83ca702bab3c88079595b379f5ccc1f48de4b030e9ae76574080085760e7331435dc0512b75ecba2a78cc838c7a8aa1f16ae0ba46202449ec2012307c85b01295311d10370b59dfb1508c0b8c1035bc88c2a84ef154cb5f31d700f56e7227810e77efb4330a140c9e54682d888f2b19ae6d320adc2e2677cadc364e75c42564a648af01de568ecbe8efaeb99c56a93e683c2593b864e7f3398267abed487be0c488c40fca6cc4865d1e5b6f47530fb3954fac294447308cfb3fd487c70a6b4665e3530839bd8dd0667e1efa23a9fef716f6ab087780bdeec7d1d0a62b02d9"}})
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100007e3dc410cd0621013ddd0102030109021b000100094000090485000189fe1f000905820220"], 0x0)

4.569715971s ago: executing program 1 (id=2240):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
epoll_create1(0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/devices\x00', 0x0, 0x0)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec28, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f0000000240)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x20af, 0x6d82, 0x0, 0x0, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000180)={{}, 'syz1\x00', 0x40})
ioctl$UI_DEV_CREATE(r3, 0x5501)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x840, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000f8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
rseq(0x0, 0xfe51, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r5 = socket(0x1e, 0x1, 0x0)
connect$tipc(r5, &(0x7f0000000480)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x1}}, 0x10)
write$binfmt_misc(r5, &(0x7f0000000340), 0x2000011a)
syz_usb_connect(0x5, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x110, 0x24, 0xa1, 0x71, 0x8, 0x5ac, 0x921d, 0xd3ea, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xa2, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xa6, 0x1, 0x0, 0x3, 0xe9, 0x0, 0x3}}]}}]}}, 0x0)
sendmmsg$sock(r5, &(0x7f0000001600)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)="15", 0x1}], 0x1}}], 0x1, 0x40001)
rseq(&(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x3, 0x3, 0x1, 0x2}}, 0x20, 0x1, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
openat$vcsa(0xffffffffffffff9c, &(0x7f00000002c0), 0x90880, 0x0)
set_mempolicy(0x3, &(0x7f0000000040)=0x10000000001, 0x7)
set_mempolicy(0x2, &(0x7f0000000440)=0x1, 0xdc)

3.224288744s ago: executing program 1 (id=2250):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendto$unix(r0, 0x0, 0x0, 0x4004080, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0xffffffffffffffff, &(0x7f0000000100)={0x38, 0x0, 0x0, 0xe744, 0x7fe, 0x0, 0x0, 0xfffffffffffffffe, 0x80000080}, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000240)={0x2, 0x4e20, @loopback}, 0x10)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$nvram(0xffffff9c, &(0x7f0000000400), 0xa000, 0x0)
ioctl$VHOST_SET_LOG_BASE(r4, 0x4008af04, &(0x7f0000000480)=&(0x7f0000000440))
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e22, @loopback}, 0x10)
ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x89e1, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x5, 0xe4340000, 0x0, {0x2}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0cc5604, &(0x7f0000000300)={0x5, @win={{0x4, 0x4a3, 0x1, 0x2b9}, 0x0, 0x964, &(0x7f0000000080)={{0x11, 0xf4ec, 0x2, 0x5}}, 0x2, &(0x7f00000001c0)="548fb3a4a855dc30f769c85b6b5c"}})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)={0x5c, 0x9, 0x6, 0x801, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0xe1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
fsopen(&(0x7f0000000200)='coda\x00', 0x1)
sendmsg$IPSET_CMD_LIST(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810)
syz_usb_connect(0x5, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100004106cd40cd060f011bd5000000010902"], 0x0)

2.293243611s ago: executing program 5 (id=2254):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r1, 0x29, 0xc8, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$MRT6_FLUSH(r1, 0x29, 0xd4, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000005c0)={0x40, r0, 0x1, 0x70bd27, 0x25dfd3fb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2.23629206s ago: executing program 5 (id=2255):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/disk', 0x1, 0x0)
io_setup(0x23, &(0x7f0000000280)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000200)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x4, r1, &(0x7f0000000380)="8799bef58b1c4d7b1ebda07349d4c6d87276b50700f356c4edf9c4026e338a7350ffcc9a64b6b5a9b77e428d1f5279ead58b1c7c0a7364", 0x37, 0x4}])
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000000c0)={0xdffffffa, 0xd07, 0x4})
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x20, 0x10, 0x4, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500a5}}, 0x20}}, 0x10)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x38, 0x1403, 0x1, 0x70bd28, 0x25dfdbfb, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ip6_vti0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8840}, 0x4000)

2.075606972s ago: executing program 5 (id=2256):
flock(0xffffffffffffffff, 0x5)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)=@newlink={0x3c, 0x10, 0x401, 0xfdfffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1243}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_INC_SCI={0x5}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000040)={0xf0f006, 0x80000006})
bind$inet6(r1, &(0x7f0000002180)={0xa, 0x4e21, 0x9, @empty, 0x3}, 0x1c)
ioctl$TCSETS(0xffffffffffffffff, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_COALESCE(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000002c0)={0x20, r2, 0x10, 0x70bd2d, 0x0, {{0x2}, {@void, @val={0xc, 0x99, {0x1, 0x1}}}}}, 0x20}}, 0x8000040)
syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0)

2.031966947s ago: executing program 5 (id=2257):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x34, &(0x7f00000000c0)=r0, 0x4)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r1, &(0x7f0000000540)={0x0, {'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000500)=""/18, 0x12, 0xb, 0x3, 0x4, 0x0, 0xc04}}, 0x11c)
r2 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)={0x40000000})
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(sm4)\x00'}, 0x58)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10002, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x1c58, &(0x7f0000000300)={0x0, 0x4ac1, 0x10000, 0x2, 0x3f, 0x0, r4}, &(0x7f0000000180)=<r6=>0x0, &(0x7f0000000200)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3})
io_uring_enter(r5, 0x2dec, 0x4800, 0x2, 0x0, 0x0)
pselect6(0x2a, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x1000000, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.784220715s ago: executing program 2 (id=2260):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x34, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f0000000540)={0x0, {'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000500)=""/18, 0x12, 0xb, 0x3, 0x4, 0x0, 0xc04}}, 0x11c)
r1 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x40000000})
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(sm4)\x00'}, 0x58)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10002, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x1c58, &(0x7f0000000300)={0x0, 0x4ac1, 0x10000, 0x2, 0x3f, 0x0, r3}, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000000200)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r2})
io_uring_enter(r4, 0x2dec, 0x4800, 0x2, 0x0, 0x0)
pselect6(0x2a, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x1000000, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.357062881s ago: executing program 6 (id=2263):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r2, 0x29, 0xc8, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, 0x0, 0x0)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000005c0)={0x40, r1, 0x1, 0x70bd27, 0x25dfd3fb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r4 = openat$vnet(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VHOST_VDPA_GET_VQS_COUNT(r4, 0x8004af80, &(0x7f00000000c0))

1.329966264s ago: executing program 6 (id=2264):
syz_open_dev$tty20(0xc, 0x4, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket(0x1000000000000010, 0x80802, 0x0)
bind$netlink(r0, &(0x7f0000000440)={0x10, 0x0, 0x0, 0x10004400}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x2000000000000201, &(0x7f0000001100)=ANY=[], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x8, &(0x7f0000000180), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x9}, 0x10}, 0x94)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000240)=0x3)
getsockopt$bt_hci(r0, 0x0, 0x3, 0x0, &(0x7f0000d23000))
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000080)=0x83)
socket$unix(0x1, 0x1, 0x0)
ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000ac0)=@newtfilter={0x8b4, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, 0x0, {}, {}, {0x8, 0x5}}, [@TCA_CHAIN={0x8, 0xb, 0x3}, @TCA_CHAIN={0x8, 0xb, 0x6f}, @filter_kind_options=@f_basic={{0xa}, {0x864, 0x2, [@TCA_BASIC_POLICE={0x850, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x3, 0xfffffffc, 0x4, 0x8, 0x5, 0x0, 0x629, 0x4, 0x10, 0x8, 0x8, 0x9, 0x5, 0x4, 0x0, 0xae, 0x319, 0x0, 0x2, 0x9, 0x7, 0x6, 0x6, 0x6, 0x8001, 0xcb, 0x9, 0xffff, 0x1, 0x8, 0xb2, 0x10001, 0x9, 0x6, 0x0, 0xc6af, 0x0, 0x401, 0x5fe, 0x7, 0x4, 0x1, 0x7, 0x5, 0xc3d, 0x81, 0x2, 0x32, 0x6, 0x6, 0x200, 0x1000, 0xfffffb71, 0x7, 0x4, 0x0, 0x88d, 0x8001, 0x9, 0x6, 0x0, 0x0, 0xe, 0x80, 0x8000, 0x3, 0x6, 0x2, 0x3800, 0x43, 0xfffffff7, 0x7fffffff, 0x4, 0xab25, 0xffffff7f, 0x1000, 0x5, 0x5, 0x8, 0x8, 0x0, 0x2, 0x1, 0x11, 0x2, 0x0, 0x8, 0x8, 0xfffff713, 0x8, 0x4, 0x8000, 0x3ff, 0x34, 0x7, 0x9, 0xc4c1, 0x6, 0x9, 0x6, 0xed, 0x2, 0xfffffff9, 0x2c0, 0x222000, 0xffff, 0x7, 0x2, 0xa, 0x2, 0x1, 0xfffffff8, 0x7, 0x3, 0x9e, 0x12000000, 0x6, 0x4, 0x4000000, 0x7, 0x3ff, 0x1, 0x8001, 0xfffffffe, 0x7, 0xa774, 0xffffffff, 0x1ff, 0x49, 0x4, 0xf, 0x1, 0xa, 0x4, 0x1, 0x7, 0x1, 0x1da, 0x5, 0xc, 0xaf7, 0x91eb, 0x8, 0x0, 0x51, 0x186, 0x9, 0x4, 0x7, 0x8, 0x9, 0xc7d2, 0xffffffff, 0xd9, 0x3, 0x6, 0x4, 0xfffffffb, 0x4c74, 0x80000001, 0x3, 0x29, 0x8, 0x5, 0x81, 0x9, 0xc, 0x7, 0x101, 0x81, 0x7, 0x3, 0x6, 0x200, 0x0, 0x80000001, 0x0, 0xf, 0x0, 0x4, 0x6e2b, 0x8, 0xffffffff, 0x4, 0xf, 0x101, 0xfff, 0xb7, 0x3ff, 0xff4, 0x0, 0xd, 0x6, 0x5, 0x10000, 0xffff, 0x5, 0x6, 0x5, 0x89, 0x5ebb5170, 0x2, 0x11b4, 0x1, 0x5, 0xffffffc0, 0x1e6b, 0x19, 0x4, 0x7, 0xb8ff, 0x7, 0xfffffffe, 0x7, 0x8, 0x5, 0x9, 0x3, 0x1, 0x7, 0x101, 0x6, 0x2, 0xdd6, 0x6, 0x1c, 0x0, 0xdb, 0xda, 0x2, 0x4, 0xff, 0x6, 0x0, 0x401, 0x1, 0x10000, 0x3, 0x79, 0x0, 0x9, 0x4, 0xffffffff, 0x4, 0x2, 0x5, 0x0, 0x68000000, 0x4, 0xc, 0x7, 0x80000001, 0x1c94, 0x5, 0x6, 0x9]}, @TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x9, 0x1, 0x7fff, 0x1, 0x8, 0x7f, 0x5, 0x8c, 0x5, 0x7, 0x10000, 0x4, 0x1, 0xc, 0xbb1a, 0x40, 0xc, 0xa, 0x5, 0x4, 0x2c5, 0x5, 0x742, 0xffffffff, 0x200, 0x1, 0xffffffff, 0x7, 0x8, 0x1, 0x5, 0x2, 0xfffff200, 0x101, 0x7, 0x5, 0x10001, 0x2, 0xa, 0x1f, 0x3, 0x5a8b, 0x3, 0x6, 0x80, 0xac06, 0x6, 0xfff, 0xf, 0x1, 0xfffffffb, 0xfff, 0x9, 0x2, 0xeb, 0x2, 0xf166, 0x1000, 0xcb, 0x4, 0xffffffff, 0x0, 0x23, 0x5, 0x0, 0xe, 0x8, 0x81, 0xfffffe00, 0x1, 0x4a, 0x3, 0x316, 0x8, 0x6, 0x4, 0x85c, 0xeab, 0x200, 0x8, 0x10000, 0x2, 0x992, 0xfffffff9, 0x7, 0x8, 0x3, 0x4, 0x80000001, 0x7, 0x1, 0x8, 0x9b, 0x4, 0x6, 0x1, 0x4, 0x3, 0x3, 0x9, 0x3, 0xfffffff7, 0x2, 0x4, 0x0, 0x9, 0x7, 0x8001, 0x100, 0x4, 0x80000000, 0x101, 0x2, 0x8, 0x2, 0x800, 0x800, 0x7fffffff, 0x4, 0x2, 0xc519, 0x2, 0x0, 0x101, 0x3, 0xfffffff9, 0x3, 0xe, 0x9, 0x180000, 0x2, 0xee, 0x3, 0x9, 0x1, 0x7441, 0x3, 0xd, 0x9, 0x7, 0x81, 0x3, 0x40, 0x4, 0x800, 0x5, 0x6, 0xffffffff, 0x8, 0x80000000, 0x3, 0x2, 0x8000, 0x2, 0x9edfca2, 0x8, 0x8684, 0x5, 0x10001, 0xffffffff, 0x1, 0x80000001, 0x5, 0x6, 0x6, 0x0, 0x6, 0xfffffff7, 0x5, 0x1ff, 0x80000000, 0x6, 0x5, 0x10001, 0x401, 0xfffffffe, 0x8, 0xa, 0x0, 0x4, 0x5, 0x7, 0x9, 0x8, 0x40000000, 0x55aa, 0x0, 0x5, 0x3, 0x3, 0x413, 0x6, 0x9, 0x6, 0x0, 0x60, 0x6, 0x9, 0x5, 0x2, 0x400, 0x0, 0x1ff, 0xac, 0x5, 0xf, 0x1, 0x1000, 0x57, 0x2, 0x2, 0xfffffffb, 0x6, 0x7ff, 0xfffff801, 0x9, 0x6ba, 0xffffffff, 0xffffffff, 0x5, 0x6, 0x7ff, 0x7, 0xd, 0xed1f, 0x1, 0x6, 0xfffffff8, 0x1f8e, 0x5, 0x9, 0x4, 0x0, 0x5, 0xb, 0x7, 0xffffffff, 0x7, 0x3, 0x6, 0x5, 0x2, 0xffffffff, 0x5, 0xfff, 0x5, 0x401, 0x44, 0x4, 0x100, 0x0, 0xef, 0xb, 0x5, 0x6]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3}, @TCA_POLICE_TBF={0x3c, 0x1, {0x10, 0x1, 0x3, 0x856, 0x2, {0x2, 0x1, 0x9, 0x7, 0xffcb, 0x9}, {0x9, 0x2, 0xbc, 0x3, 0x5737, 0x7}, 0x6, 0x31d, 0x6}}]}, @TCA_BASIC_CLASSID={0x8, 0x1, {0x9, 0x8}}, @TCA_BASIC_CLASSID={0x8, 0x1, {0x6, 0xd}}]}}, @TCA_CHAIN={0x8, 0xb, 0x8}, @TCA_CHAIN={0x8, 0xb, 0x1}]}, 0x8b4}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
symlinkat(&(0x7f0000003200)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00')

1.118090156s ago: executing program 5 (id=2265):
memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F', 0x1)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r0, &(0x7f00003a1000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="9a01000000f800b8d58800000f23d00f21f8351000000d0f23f864640f79ea66baf80cb8c85f5480ef66bafc0cecc4c2adac17b9550200000f320f2860c7c4e11751df0f2e2d00000080b9800000c00f3235008000000f30", 0x58}], 0x1, 0x4a, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f0000000080)={0xc0001, 0x0, {[0xffffffffffffffff, 0x1f8, 0x83, 0xffffffffefffff15, 0x3, 0x4, 0x4, 0x4]}})
r3 = landlock_create_ruleset(&(0x7f0000000180)={0xc120, 0x1, 0x2}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r3, 0x1, &(0x7f0000000000)={0x20, r3}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

963.037807ms ago: executing program 5 (id=2266):
r0 = socket$inet(0x2, 0x1, 0x100) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newqdisc={0x150, 0x24, 0x10, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf, 0x3}, {0x0, 0x9}, {0xb, 0x6}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8, 0x2, 0xa7}}, @TCA_STAB={0x118, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xa5, 0x0, 0x5, 0x101, 0x1, 0x2, 0x0, 0x1}}, {0x6, 0x2, [0x4]}}, {{0x1c, 0x1, {0xa, 0xa5, 0x40, 0x7, 0x0, 0xfffff001, 0x2, 0x8}}, {0x14, 0x2, [0x9, 0x6, 0x7, 0x8001, 0x9, 0x4, 0x7ff, 0x5]}}, {{0x1c, 0x1, {0x37, 0x0, 0x2, 0x7, 0x1, 0x7ffffff8, 0x7, 0x2}}, {0x8, 0x2, [0xff, 0x4d]}}, {{0x1c, 0x1, {0xa7, 0x1, 0x5, 0x8, 0x2, 0x7ff, 0x100, 0x7}}, {0x12, 0x2, [0xc766, 0x200, 0x800, 0x0, 0xfffe, 0x8, 0x1]}}, {{0x1c, 0x1, {0x4, 0x1, 0x495, 0x860, 0x0, 0x7f, 0x9}}, {0x4}}, {{0x1c, 0x1, {0x51, 0x4, 0xb, 0x3, 0x2, 0x9, 0x9, 0x2}}, {0x8, 0x2, [0x7fff, 0x2]}}, {{0x1c, 0x1, {0x0, 0x2, 0x1, 0x2, 0x1, 0x4, 0x10001, 0x3}}, {0xa, 0x2, [0x5, 0xb, 0x7]}}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x804}, 0x0)
fdatasync(r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r1 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="d2ff030060010000009e08f086dd", 0x0, 0xd5ad, 0x60000000, 0xfffffffffffffc2c, 0x0, 0x0, 0x0, 0x6}, 0x9)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='M\x05\x00\x00\x00', 0x0)
r5 = gettid()
tkill(r5, 0xb) (async)
utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0xa, &(0x7f0000000180)=[{0x7fff, 0x1, 0x1, 0x5}, {0x1, 0x4, 0x8, 0x885}, {0x80, 0x6, 0x5, 0x7ff}, {0x7, 0xfc, 0x5, 0x2}, {0x8, 0xfb, 0x3, 0x5}, {0x6, 0x7, 0x5, 0x1}, {0x2, 0x9, 0x4, 0xfffffff9}, {0x7, 0x8, 0xd, 0x3}, {0x1, 0x0, 0x7, 0x7}, {0x1c3, 0x21, 0x8, 0x50c5}]})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
r7 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402505a8a4410001020b0109021b00010100c000090400000207010100090501020002"], 0x0)
syz_usb_control_io$printer(r7, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}}) (async)
r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
pwritev2(r8, &(0x7f00000015c0)=[{&(0x7f0000000080)="ec", 0x1}], 0x1, 0xfffff, 0x0, 0x0) (async)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0xb, 0x6, 0xff}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x10007f, 0x20000006, 0x4d, 0x6, 0x3, 0x9, 0x2, 0xffff2d34, 0xffffff01, 0x6, 0x3, 0xfffffffc, 0x5, 0x4, 0x2, 0x7, 0x3c5b, 0x80000001, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x0, 0x3, 0xe, 0x8, 0x8000806e, 0x7, 0x17, 0x1, 0x7, 0x200, 0x3e, 0x8c, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x400, 0x80, 0x1, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x8, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x1, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8020, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x43, 0x103], [0x7, 0xa, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xf, 0x4, 0x6, 0x5, 0x0, 0x6, 0x5, 0x1, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x2, 0x6d03, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xc2, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x1000000a, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x80000000, 0xb, 0x5, 0x93a, 0x6, 0x1000006, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x4, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0x10000, 0x7f, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x96, 0xffffffff, 0x80000000, 0x0, 0x4, 0xc8, 0x1, 0xfffff000, 0x10080, 0x3, 0x7e, 0x100, 0x1000, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x1, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c) (async)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) (async)
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3}) (async)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

887.26781ms ago: executing program 2 (id=2267):
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x0)

819.883677ms ago: executing program 2 (id=2268):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, r1, 0x1, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x240080c0}, 0x2000014) (async)
sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, r1, 0x1, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x240080c0}, 0x2000014)
r3 = socket$nl_route(0x10, 0x3, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) (async)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r4, &(0x7f0000001d80)='.\x00', 0x8000, &(0x7f0000001dc0)={0xb, 0x0, 0x80000}, 0x20) (async)
mount_setattr(r4, &(0x7f0000001d80)='.\x00', 0x8000, &(0x7f0000001dc0)={0xb, 0x0, 0x80000}, 0x20)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f00000000c0)='wlan1\x00', &(0x7f0000000140)='+-(-]X[\x00', 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r5=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000040))
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x4a, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x6c, 0x10, 0x401, 0x20000, 0x400, {0x0, 0x0, 0x0, 0x0, 0x908b, 0x4f310}, [@IFLA_LINK={0x8, 0x5, r5}, @IFLA_TARGET_NETNSID, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x6c}, 0x1, 0x0, 0x0, 0x240008c4}, 0x4054) (async)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x4a, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x6c, 0x10, 0x401, 0x20000, 0x400, {0x0, 0x0, 0x0, 0x0, 0x908b, 0x4f310}, [@IFLA_LINK={0x8, 0x5, r5}, @IFLA_TARGET_NETNSID, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x6c}, 0x1, 0x0, 0x0, 0x240008c4}, 0x4054)
ioctl$MON_IOCQ_URB_LEN(r3, 0x9201)

752.340987ms ago: executing program 2 (id=2269):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000019c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x408c5}, 0x40084)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mkdir(&(0x7f0000000240)='./bus\x00', 0x48)
setresuid(0x0, 0xee00, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000480), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

736.89797ms ago: executing program 2 (id=2270):
setgroups(0x0, 0x0)
getgroups(0x1, &(0x7f0000000080)=[0xee00])
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
fchown(r0, 0x0, 0x0)
syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f4, 0x10340, 0xfffffffe, 0x8000}, &(0x7f0000002000), 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0xe1de16f30d6386eb, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x2, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000002000000000000030000001811000077d562fe8878505b8a5a17077ca278a6de559ae73c06e8f8a4b7ed4f6360c5cd462bde09199f32754d628feaffb9676b87a2f150ea42957aa323faf16eac598dd212892bb4899c25133b5de8282055920180baa203f6bab7dce738629ec6981d7a7d42b8dd4ab56965c9784dcc7b9a98286b000000000000863c3826af98ca081ee48cd705b5240d76e7ec8903a1f783fb2a6a7c0f3a99ddf5d6edd0ef32c3c3d941458e665b768044a22b05b3085c726ace1c8838a537df30eda2a85b83739923c8c0a5f2cdc654a6", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="120100000c9768405e0483020b9901e4020109021b000100000000090400fb0160291d00090509"], 0x0)
r2 = syz_open_dev$audion(&(0x7f0000000000), 0x3, 0x1)
write$P9_RVERSION(r2, &(0x7f0000000640)={0x15, 0x65, 0xffff, 0x0, 0x8, '9P2000.L'}, 0x5ce)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='rxrpc_abort\x00', r1, 0x0, 0xfffffffffffffff7}, 0x18)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @vbi={0x6, 0x2, 0x2000c7a, 0x59565955, [0x3, 0x7], [0x2, 0x400006], 0x2}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x0)
read$msr(r3, &(0x7f0000019540)=""/102392, 0x18ff8)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x4000080)
listen(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='jbd2_run_stats\x00', r1, 0x0, 0x4}, 0x18)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="580000000001010400000000000000000a000000440001802c00018014000300fe8000000000000000000000000000aa14000400ff010000000000000000100000010c000280050001000000008000000040000100000000"], 0x58}}, 0x0)
r5 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_SMBUS(r5, 0x720, &(0x7f00000000c0)={0xff, 0xf9, 0x9, &(0x7f0000000080)={0x5, "903817457f79367c7c02d20cbc2bc3e9f04400"}})

688.751238ms ago: executing program 6 (id=2271):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x80000)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r2, &(0x7f00000003c0), 0x10)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f0000000200)=0x1, 0x4)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f0000000080)=0x8, 0x4)
r3 = socket(0x2, 0x1, 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x100)
r5 = socket$inet(0xa, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000bc0)=@mangle={'mangle\x00', 0x44, 0x6, 0x3e8, 0x134, 0x290, 0x1f0, 0x134, 0x1f0, 0x354, 0x354, 0x354, 0x354, 0x354, 0x6, 0x0, {[{{@uncond, 0x7a00, 0x70, 0x94}, @unspec=@CHECKSUM={0x24}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x7f00007f, 'syzkaller1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@multicast1, @multicast1, 0xff, 0x0, 'veth1_vlan\x00', 'veth1_macvtap\x00', {}, {0xff}, 0x0, 0x1, 0xc1513f04b421a003}, 0x0, 0x94, 0xbc, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x0, 0x0, 0x5}, {0xffffffffffffffff, 0x2, 0x4}}}}, {{@uncond, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00', {}, {}, 0xff}, 0x0, 0x94, 0xc4, 0x0, {}, [@inet=@rpfilter={{0x24}, {0xa19527f8e34a6037}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x444)
ioctl$NBD_SET_SOCK(r1, 0xab00, r3)
ioctl$NBD_DO_IT(r4, 0xab03)
r6 = fsmount(0xffffffffffffffff, 0x0, 0x1)
ioctl$PPPIOCGIDLE64(r6, 0x8010743f, &(0x7f0000000100))
close_range(r0, r1, 0x0)

650.823922ms ago: executing program 6 (id=2272):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r2, 0x29, 0xc8, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, 0x0, 0x0)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000005c0)={0x40, r1, 0x1, 0x70bd27, 0x25dfd3fb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r4 = openat$vnet(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VHOST_VDPA_GET_VQS_COUNT(r4, 0x8004af80, &(0x7f00000000c0))

595.188361ms ago: executing program 6 (id=2273):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r2, 0x29, 0xc8, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, 0x0, 0x0)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000005c0)={0x40, r1, 0x1, 0x70bd27, 0x25dfd3fb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0)

541.940998ms ago: executing program 6 (id=2274):
getpid()
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0x98, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x84, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0xc, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x3c, 0x1, 0x0, 0x0, {{0x8}, {0x14, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0x10, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_PRIO={0x8, 0x3, @val=0x8}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x3)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x3c}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=@newtfilter={0xd4, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x3}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0xa8, 0x2, [@TCA_U32_ACT={0x80, 0x7, [@m_bpf={0x2c, 0x1a, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xf, 0x3}}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x6, 0x9, 0x6, 0x1, 0xd6}}]}, {0x2e}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}]}}]}, 0xd4}}, 0x24040084)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000000)=0x1000)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x275c, &(0x7f00000003c0)={0x0, 0x5bce, 0x800, 0x3, 0xc0001c8}, &(0x7f0000000340), &(0x7f0000001180))
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x581, 0x2, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x4d014}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_DOWNDELAY={0x8, 0x1f, 0x7fffffff}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004003}, 0x0)
write$dsp(r3, &(0x7f0000000300)="a52876830a602214f6b4e928", 0xc)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0)

0s ago: executing program 1 (id=2275):
clock_gettime(0x6, &(0x7f0000000000))
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
request_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000200)='#$*\x00', r0)
keyctl$restrict_keyring(0xa, r0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')
r1 = epoll_create(0x6)
epoll_pwait2(r1, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}], 0x7, &(0x7f00000000c0), &(0x7f0000000100)={[0x9, 0x8000]}, 0x8)
clock_gettime(0x6, &(0x7f0000000000)) (async)
add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) (async)
request_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000200)='#$*\x00', r0) (async)
keyctl$restrict_keyring(0xa, r0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e') (async)
epoll_create(0x6) (async)
epoll_pwait2(r1, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}], 0x7, &(0x7f00000000c0), &(0x7f0000000100)={[0x9, 0x8000]}, 0x8) (async)

kernel console output (not intermixed with test programs):

n0: encryption failed: -22
[  253.080711][T11011] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1279'.
[  253.245702][T11020] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1282'.
[  253.680375][T11030] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1283'.
[  254.699965][   T34] usb 42-1: device descriptor read/8, error -110
[  255.101434][   T34] usb usb42-port1: attempt power cycle
[  255.470826][T11048] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1287'.
[  255.675005][   T34] usb usb42-port1: unable to enumerate USB device
[  256.675259][T11063] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1290'.
[  258.385739][   T59] hid_parser_main: 26 callbacks suppressed
[  258.385751][   T59] hid-generic 000B:0003:0004.000A: unknown main item tag 0x0
[  258.393779][   T59] hid-generic 000B:0003:0004.000A: unknown main item tag 0x0
[  258.398099][   T59] hid-generic 000B:0003:0004.000A: unknown main item tag 0x0
[  258.401142][   T59] hid-generic 000B:0003:0004.000A: unknown main item tag 0x0
[  258.404379][   T59] hid-generic 000B:0003:0004.000A: unknown main item tag 0x0
[  258.407533][   T59] hid-generic 000B:0003:0004.000A: unknown main item tag 0x0
[  258.410517][   T59] hid-generic 000B:0003:0004.000A: unknown main item tag 0x0
[  258.413418][   T59] hid-generic 000B:0003:0004.000A: unknown main item tag 0x0
[  258.416116][   T59] hid-generic 000B:0003:0004.000A: unknown main item tag 0x0
[  258.418629][   T59] hid-generic 000B:0003:0004.000A: unknown main item tag 0x0
[  258.426180][   T59] hid-generic 000B:0003:0004.000A: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  258.727155][T11090] fido_id[11090]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  259.026972][   T59] hid-generic 000B:0003:0004.000B: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  259.108773][T11096] fido_id[11096]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  260.159054][T11117] net_ratelimit: 56 callbacks suppressed
[  260.159064][T11117] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  260.194562][   T59] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  260.266973][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  260.268971][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  260.395394][   T59] usb 5-1: Using ep0 maxpacket: 8
[  260.400415][   T59] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  260.403800][   T59] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  260.406656][T11121] overlay: Unknown parameter 'measure'
[  260.408723][   T59] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  260.415590][   T59] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  260.419705][   T59] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  260.425225][   T59] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  260.428769][   T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  260.433143][T11120] tipc: Started in network mode
[  260.436731][T11120] tipc: Node identity ac14140f, cluster identity 4711
[  260.440608][T11120] tipc: New replicast peer: 255.255.255.255
[  260.443710][T11120] tipc: Enabled bearer <udp:syz2>, priority 10
[  260.645330][   T59] usb 5-1: GET_CAPABILITIES returned 0
[  260.647100][   T59] usbtmc 5-1:16.0: can't read capabilities
[  260.852501][   T59] usb 5-1: USB disconnect, device number 7
[  260.889883][   T34] hid-generic 000B:0003:0004.000C: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  260.983030][T11137] fido_id[11137]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  261.444518][ T6030] tipc: Node number set to 2886997007
[  261.480997][T11152] lo speed is unknown, defaulting to 1000
[  261.812129][T11169] IPVS: length: 121 != 8
[  261.906749][T11169] IPVS: Unknown mcast interface: /input/event#
[  262.242214][   T34] hid-generic 000B:0003:0004.000D: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  262.327172][T11196] fido_id[11196]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  263.254260][T11211] bond3: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  263.258610][T11211] bond3 (unregistering): Released all slaves
[  263.504347][T11217] ./cgroup: Can't lookup blockdev
[  264.046058][T11234] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  264.048400][T11234] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  264.060403][T11234] vhci_hcd vhci_hcd.0: Device attached
[  264.112694][T11234] netlink: 'syz.1.1332': attribute type 2 has an invalid length.
[  264.337188][ T6029] usb 40-1: SetAddress Request (30) to port 0
[  264.339184][ T6029] usb 40-1: new SuperSpeed USB device number 30 using vhci_hcd
[  265.059980][T11235] vhci_hcd: connection reset by peer
[  265.065246][   T81] vhci_hcd vhci_hcd.1: stop threads
[  265.066931][   T81] vhci_hcd vhci_hcd.1: release socket
[  265.070097][   T81] vhci_hcd vhci_hcd.1: disconnect device
[  265.124391][T11237] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  265.128691][T11237] Error validating options; rc = [-22]
[  265.458896][   T53] hid_parser_main: 62 callbacks suppressed
[  265.458908][   T53] hid-generic 000B:0003:0004.000E: unknown main item tag 0x0
[  265.463313][   T53] hid-generic 000B:0003:0004.000E: unknown main item tag 0x0
[  265.465840][   T53] hid-generic 000B:0003:0004.000E: unknown main item tag 0x0
[  265.468276][   T53] hid-generic 000B:0003:0004.000E: unknown main item tag 0x0
[  265.470742][   T53] hid-generic 000B:0003:0004.000E: unknown main item tag 0x0
[  265.473206][   T53] hid-generic 000B:0003:0004.000E: unknown main item tag 0x0
[  265.475772][   T53] hid-generic 000B:0003:0004.000E: unknown main item tag 0x0
[  265.478311][   T53] hid-generic 000B:0003:0004.000E: unknown main item tag 0x0
[  265.480772][   T53] hid-generic 000B:0003:0004.000E: unknown main item tag 0x0
[  265.483239][   T53] hid-generic 000B:0003:0004.000E: unknown main item tag 0x0
[  265.487463][   T53] hid-generic 000B:0003:0004.000E: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  265.523464][T11248] fido_id[11248]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  265.770062][T11251] dns_resolver: Unsupported content type (5)
[  266.079436][   T40] audit: type=1326 audit(1766034272.773:81819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11267 comm="syz.1.1347" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  266.091403][   T40] audit: type=1326 audit(1766034272.773:81820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11267 comm="syz.1.1347" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  266.098544][   T40] audit: type=1326 audit(1766034272.773:81821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11267 comm="syz.1.1347" exe="/syz-executor" sig=0 arch=40000003 syscall=138 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  266.105255][   T40] audit: type=1326 audit(1766034272.773:81822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11267 comm="syz.1.1347" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  266.111660][   T40] audit: type=1326 audit(1766034272.773:81823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11267 comm="syz.1.1347" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  266.134557][   T40] audit: type=1326 audit(1766034272.773:81824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11267 comm="syz.1.1347" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  266.148074][   T40] audit: type=1326 audit(1766034272.773:81825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11267 comm="syz.1.1347" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  266.154930][   T40] audit: type=1326 audit(1766034272.773:81826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11267 comm="syz.1.1347" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  266.161752][   T40] audit: type=1326 audit(1766034272.773:81827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11267 comm="syz.1.1347" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  266.184661][   T40] audit: type=1326 audit(1766034272.773:81828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11267 comm="syz.1.1347" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  266.362227][T11276] lo speed is unknown, defaulting to 1000
[  266.384616][   T34] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  266.544695][   T34] usb 6-1: Using ep0 maxpacket: 32
[  266.550970][   T34] usb 6-1: config 21 has an invalid interface number: 14 but max is 1
[  266.554271][   T34] usb 6-1: config 21 has an invalid interface number: 59 but max is 1
[  266.557603][   T34] usb 6-1: config 21 contains an unexpected descriptor of type 0x2, skipping
[  266.561008][   T34] usb 6-1: config 21 has no interface number 0
[  266.563506][   T34] usb 6-1: config 21 has no interface number 1
[  266.566132][   T34] usb 6-1: config 21 interface 14 altsetting 26 has an invalid descriptor for endpoint zero, skipping
[  266.570362][   T34] usb 6-1: config 21 interface 14 altsetting 26 has a duplicate endpoint with address 0x8, skipping
[  266.573698][   T34] usb 6-1: config 21 interface 14 altsetting 26 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  266.579436][   T34] usb 6-1: config 21 interface 14 altsetting 26 has an invalid descriptor for endpoint zero, skipping
[  266.583786][   T34] usb 6-1: config 21 interface 14 altsetting 26 has an invalid descriptor for endpoint zero, skipping
[  266.588246][   T34] usb 6-1: config 21 interface 14 altsetting 26 has a duplicate endpoint with address 0xB, skipping
[  266.591718][   T34] usb 6-1: config 21 interface 59 altsetting 7 has a duplicate endpoint with address 0xB, skipping
[  266.596096][   T34] usb 6-1: config 21 interface 59 altsetting 7 endpoint 0x7 has invalid maxpacket 1024, setting to 64
[  266.599531][   T34] usb 6-1: config 21 interface 59 altsetting 7 has a duplicate endpoint with address 0x81, skipping
[  266.602896][   T34] usb 6-1: config 21 interface 59 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[  266.606432][   T34] usb 6-1: config 21 interface 59 altsetting 7 has a duplicate endpoint with address 0xC, skipping
[  266.610718][   T34] usb 6-1: config 21 interface 59 altsetting 7 has a duplicate endpoint with address 0xA, skipping
[  266.615032][   T34] usb 6-1: config 21 interface 59 altsetting 7 has a duplicate endpoint with address 0x7, skipping
[  266.619268][   T34] usb 6-1: config 21 interface 59 altsetting 7 has a duplicate endpoint with address 0x1, skipping
[  266.623627][   T34] usb 6-1: config 21 interface 59 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[  266.628191][   T34] usb 6-1: config 21 interface 14 has no altsetting 0
[  266.630934][   T34] usb 6-1: config 21 interface 59 has no altsetting 0
[  266.634640][T11280] veth0_macvtap: left promiscuous mode
[  266.635376][   T34] usb 6-1: New USB device found, idVendor=2c7c, idProduct=0203, bcdDevice=ba.c4
[  266.640063][   T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.643184][   T34] usb 6-1: Product: ᾬ⻙Ꚁ枿㇌鋭�퉠�Ҫ掟祌ᓀ㴴煯뙦鄨㰬냌ꥎ꺤蠦圑�⚮囶Ḁ釾䗒ꃸ�陙姪걊蒂弰쪦➗솨䩾㕃幖颣�䣷筚侤�鵢쒤�鲚���鈫ꑠ�㥺☺⋢ꨧ扼
[  266.651054][   T34] usb 6-1: Manufacturer: У
[  266.652795][   T34] usb 6-1: SerialNumber: 跳�苩�譭≧㰽쩘敧氼��畎�鋉䥘艛钒ﭕꋶ쯘筢鉘陒缚�
[  266.661468][T11274] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  266.664124][T11274] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  267.128221][T11289] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  267.130683][T11289] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  267.137966][T11289] vhci_hcd vhci_hcd.0: Device attached
[  267.404623][ T6076] usb 38-1: SetAddress Request (22) to port 0
[  267.406679][ T6076] usb 38-1: new SuperSpeed USB device number 22 using vhci_hcd
[  268.481098][T11295] vhci_hcd: connection reset by peer
[  268.980354][ T6163] vhci_hcd vhci_hcd.0: stop threads
[  268.982646][ T6163] vhci_hcd vhci_hcd.0: release socket
[  268.999860][ T6163] vhci_hcd vhci_hcd.0: disconnect device
[  269.147884][   T34] option 6-1:21.14: GSM modem (1-port) converter detected
[  269.159657][   T34] usb 6-1: USB disconnect, device number 14
[  269.164313][   T34] option 6-1:21.14: device disconnected
[  269.257920][T11310] usb 2-1: USB disconnect, device number 2
[  269.293316][T11318] nbd: device at index 1 is going down
[  269.464901][ T6029] usb 40-1: device descriptor read/8, error -110
[  269.485585][T11330] netlink: 6032 bytes leftover after parsing attributes in process `syz.4.1363'.
[  269.504313][T11330] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1363'.
[  269.885468][ T6029] usb usb40-port1: attempt power cycle
[  270.114183][T11338] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  270.121577][T11338] bond0 (unregistering): Released all slaves
[  270.342745][T11349] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1367'.
[  270.444988][ T6029] usb usb40-port1: unable to enumerate USB device
[  270.923105][T11354] macsec1: entered promiscuous mode
[  270.925764][T11354] macsec0: entered promiscuous mode
[  270.927820][T11354] macsec1: entered allmulticast mode
[  270.929724][T11354] macsec0: entered allmulticast mode
[  271.007140][T11356] nbd: device at index 0 is going down
[  271.706507][ T6011] hid_parser_main: 8 callbacks suppressed
[  271.706518][ T6011] hid-generic 000B:0003:0004.000F: unknown main item tag 0x0
[  271.712893][ T6011] hid-generic 000B:0003:0004.000F: unknown main item tag 0x0
[  271.716096][ T6011] hid-generic 000B:0003:0004.000F: unknown main item tag 0x0
[  271.718766][ T6011] hid-generic 000B:0003:0004.000F: unknown main item tag 0x0
[  271.721266][ T6011] hid-generic 000B:0003:0004.000F: unknown main item tag 0x0
[  271.726042][ T6011] hid-generic 000B:0003:0004.000F: unknown main item tag 0x0
[  271.734572][ T6011] hid-generic 000B:0003:0004.000F: unknown main item tag 0x0
[  271.737004][ T6011] hid-generic 000B:0003:0004.000F: unknown main item tag 0x0
[  271.739473][ T6011] hid-generic 000B:0003:0004.000F: unknown main item tag 0x0
[  271.741826][ T6011] hid-generic 000B:0003:0004.000F: unknown main item tag 0x0
[  271.752259][ T6011] hid-generic 000B:0003:0004.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  271.866816][T11371] fido_id[11371]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  272.266023][T11378] input: syz1 as /devices/virtual/input/input21
[  272.368487][T11387] bond0 (unregistering): Released all slaves
[  272.521499][ T6076] usb 38-1: device descriptor read/8, error -110
[  272.735092][T11404] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(14)
[  272.737908][T11404] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  272.744049][T11404] vhci_hcd vhci_hcd.0: Device attached
[  273.004569][ T6076] usb 38-1: SetAddress Request (23) to port 0
[  273.006585][ T6076] usb 38-1: new SuperSpeed USB device number 23 using vhci_hcd
[  273.255236][T11407] vhci_hcd: connection reset by peer
[  273.258764][   T46] vhci_hcd vhci_hcd.0: stop threads
[  273.261723][   T46] vhci_hcd vhci_hcd.0: release socket
[  273.264017][   T46] vhci_hcd vhci_hcd.0: disconnect device
[  273.416516][T11427] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1388'.
[  273.701331][T11438] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1389'.
[  273.853630][T11438] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  273.869761][T11443] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  273.873081][T11443] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  273.876985][T11443] vhci_hcd vhci_hcd.0: Device attached
[  273.891563][T11444] vhci_hcd: connection closed
[  273.891872][   T46] vhci_hcd vhci_hcd.1: stop threads
[  273.896997][   T46] vhci_hcd vhci_hcd.1: release socket
[  273.899315][   T46] vhci_hcd vhci_hcd.1: disconnect device
[  274.124612][   T10] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  274.306658][   T10] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 183, setting to 64
[  274.310410][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  274.314339][   T10] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  274.317998][   T10] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  274.320848][   T10] usb 5-1: Product: syz
[  274.322291][   T10] usb 5-1: Manufacturer: syz
[  274.323868][   T10] usb 5-1: SerialNumber: syz
[  274.327968][   T10] usb 5-1: config 0 descriptor??
[  274.332977][   T10] usb 5-1: selecting invalid altsetting 0
[  275.864544][ T5960] Bluetooth: hci3: command 0x0c1a tx timeout
[  276.517379][T11475] syzkaller1: entered promiscuous mode
[  276.519350][T11475] syzkaller1: entered allmulticast mode
[  276.642062][T11477] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1402'.
[  276.690799][T11477] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1402'.
[  276.900220][   T34] usb 5-1: USB disconnect, device number 8
[  276.904512][   T10] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  277.054627][  T840] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  277.086363][   T10] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  277.091508][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  277.096822][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  277.101789][   T10] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  277.122583][   T10] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  277.126651][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.134776][   T10] usb 7-1: config 0 descriptor??
[  277.205902][  T840] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  277.209353][  T840] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  277.212414][  T840] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  277.217141][  T840] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  277.220077][  T840] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.228861][  T840] usb 6-1: config 0 descriptor??
[  277.541186][   T10] hid_parser_main: 8 callbacks suppressed
[  277.541199][   T10] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  277.547408][   T10] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  277.549854][   T10] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  277.552231][   T10] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  277.554654][   T10] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  277.559939][   T10] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  277.562337][   T10] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  277.566176][   T10] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  277.568579][   T10] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  277.570979][   T10] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  277.588985][   T10] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  277.595734][   T10] usb 7-1: USB disconnect, device number 12
[  277.608939][T11491] fido_id[11491]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb7/report_descriptor': No such file or directory
[  277.639118][  T840] plantronics 0003:047F:FFFF.0011: reserved main item tag 0xe
[  277.650900][  T840] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  277.880057][T11496] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  277.903586][   T29] usb 6-1: USB disconnect, device number 15
[  278.104551][ T6076] usb 38-1: device descriptor read/8, error -110
[  278.214755][ T6076] usb usb38-port1: attempt power cycle
[  278.785374][ T6076] usb usb38-port1: unable to enumerate USB device
[  278.884549][T11510] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  278.886672][T11510] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  278.891752][T11510] vhci_hcd vhci_hcd.0: Device attached
[  279.326438][   T59] usb 40-1: SetAddress Request (34) to port 0
[  279.328999][   T59] usb 40-1: new SuperSpeed USB device number 34 using vhci_hcd
[  279.491276][T11511] vhci_hcd: connection reset by peer
[  279.493333][ T6184] vhci_hcd vhci_hcd.1: stop threads
[  279.495641][ T6184] vhci_hcd vhci_hcd.1: release socket
[  279.497865][ T6184] vhci_hcd vhci_hcd.1: disconnect device
[  279.713930][T11518] siw: device registration error -23
[  280.126953][T11525] pim6reg: entered allmulticast mode
[  280.134572][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  280.134581][   T40] audit: type=1326 audit(1766034286.803:81836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.2.1412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  280.147218][T11525] pim6reg: left allmulticast mode
[  280.153238][   T40] audit: type=1326 audit(1766034286.803:81837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.2.1412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  280.174726][   T40] audit: type=1326 audit(1766034286.803:81838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.2.1412" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  280.183153][   T40] audit: type=1326 audit(1766034286.803:81839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.2.1412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  280.191715][   T40] audit: type=1326 audit(1766034286.813:81840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.2.1412" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  280.203329][   T40] audit: type=1326 audit(1766034286.813:81841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.2.1412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  280.210956][   T40] audit: type=1326 audit(1766034286.813:81842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.2.1412" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  280.217805][   T40] audit: type=1326 audit(1766034286.813:81843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.2.1412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  280.224591][   T40] audit: type=1326 audit(1766034286.813:81844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.2.1412" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  280.231354][   T40] audit: type=1326 audit(1766034286.813:81845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11520 comm="syz.2.1412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  280.444585][   T34] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  280.605967][   T34] usb 6-1: config 0 has no interfaces?
[  280.608133][   T34] usb 6-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  280.611833][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.624600][   T34] usb 6-1: config 0 descriptor??
[  281.211627][ T6030] usb 6-1: USB disconnect, device number 16
[  281.362847][T11541] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  281.365495][T11541] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  281.369916][T11541] vhci_hcd vhci_hcd.0: Device attached
[  281.664540][ T6030] usb 38-1: SetAddress Request (26) to port 0
[  281.667459][ T6030] usb 38-1: new SuperSpeed USB device number 26 using vhci_hcd
[  281.711215][ T8840] hid-generic 000B:0003:0004.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  281.833529][T11542] vhci_hcd: connection reset by peer
[  281.836523][ T6184] vhci_hcd vhci_hcd.0: stop threads
[  281.838781][ T6184] vhci_hcd vhci_hcd.0: release socket
[  281.841199][ T6184] vhci_hcd vhci_hcd.0: disconnect device
[  282.615046][ T6076] hid_parser_main: 24 callbacks suppressed
[  282.615066][ T6076] hid-generic 000B:0003:0004.0013: unknown main item tag 0x0
[  282.675512][ T6076] hid-generic 000B:0003:0004.0013: unknown main item tag 0x0
[  282.902271][ T6076] hid-generic 000B:0003:0004.0013: unknown main item tag 0x0
[  282.905088][ T6076] hid-generic 000B:0003:0004.0013: unknown main item tag 0x0
[  282.908711][ T6076] hid-generic 000B:0003:0004.0013: unknown main item tag 0x0
[  282.911061][ T6076] hid-generic 000B:0003:0004.0013: unknown main item tag 0x0
[  282.913343][ T6076] hid-generic 000B:0003:0004.0013: unknown main item tag 0x0
[  282.918915][ T6076] hid-generic 000B:0003:0004.0013: unknown main item tag 0x0
[  282.921715][ T6076] hid-generic 000B:0003:0004.0013: unknown main item tag 0x0
[  282.924060][ T6076] hid-generic 000B:0003:0004.0013: unknown main item tag 0x0
[  282.929577][ T6076] hid-generic 000B:0003:0004.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  283.304805][ T8840] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  283.470534][ T8840] usb 5-1: Using ep0 maxpacket: 8
[  283.477371][ T8840] usb 5-1: config 1 has an invalid interface number: 4 but max is 2
[  283.480014][ T8840] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  283.483085][ T8840] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  283.487761][ T8840] usb 5-1: config 1 has no interface number 1
[  283.490415][ T8840] usb 5-1: too many endpoints for config 1 interface 4 altsetting 16: 195, using maximum allowed: 30
[  283.495307][ T8840] usb 5-1: config 1 interface 4 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 195
[  283.500682][ T8840] usb 5-1: config 1 interface 4 has no altsetting 0
[  283.506409][ T8840] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  283.510256][ T8840] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.513627][ T8840] usb 5-1: Product: syz
[  283.515937][ T8840] usb 5-1: Manufacturer: syz
[  283.517971][ T8840] usb 5-1: SerialNumber: syz
[  283.737210][ T8840] usb 5-1: 0:2 : does not exist
[  283.748463][ T8840] hub 5-1:1.4: Invalid hub with more than one config or interface
[  283.751838][ T8840] hub 5-1:1.4: probe with driver hub failed with error -22
[  283.760438][ T8840] usb 5-1: USB disconnect, device number 9
[  283.784007][ T7944] udevd[7944]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  284.416522][T11590] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  284.424650][   T59] usb 40-1: device descriptor read/8, error -110
[  284.612690][T11595] tipc: Enabled bearer <udp:syz2>, priority 10
[  284.875972][   T59] usb usb40-port1: attempt power cycle
[  285.081453][T11608] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1436'.
[  285.455088][   T59] usb usb40-port1: unable to enumerate USB device
[  285.875586][   T29] libceph: connect (1)[c::]:6789 error -101
[  285.878715][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  285.972049][T11624] ceph: No mds server is up or the cluster is laggy
[  286.396420][T11633] fuse: Bad value for 'fd'
[  286.762903][ T6030] usb 38-1: device descriptor read/8, error -110
[  287.160159][ T6030] usb usb38-port1: attempt power cycle
[  287.430333][T11651] netlink: 'syz.1.1448': attribute type 6 has an invalid length.
[  287.433861][T11651] overlay: filesystem on ./bus not supported
[  287.759726][ T6030] usb usb38-port1: unable to enumerate USB device
[  287.865027][T11659] x_tables: duplicate underflow at hook 1
[  288.964238][T11679] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1457'.
[  289.005169][T11679] bond0: entered allmulticast mode
[  289.007642][T11679] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.015128][T11673] input: syz0 as /devices/virtual/input/input23
[  289.019059][   T64] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  289.023786][   T64] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  289.027527][   T64] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  289.030927][   T64] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  289.033443][   T64] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  289.076396][T11682] lo speed is unknown, defaulting to 1000
[  289.465792][T11682] chnl_net:caif_netlink_parms(): no params data found
[  289.530290][T11682] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.532999][T11682] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.537190][T11682] bridge_slave_0: entered allmulticast mode
[  289.540575][T11682] bridge_slave_0: entered promiscuous mode
[  289.544229][T11682] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.547591][T11682] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.550196][T11682] bridge_slave_1: entered allmulticast mode
[  289.552863][T11682] bridge_slave_1: entered promiscuous mode
[  289.577571][T11682] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  289.582370][T11682] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  289.608160][T11682] team0: Port device team_slave_0 added
[  289.614109][T11682] team0: Port device team_slave_1 added
[  289.631537][T11682] batman_adv: batadv0: Adding interface: batadv_slave_0
[  289.634042][T11682] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  289.643284][T11682] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  289.650649][T11682] batman_adv: batadv0: Adding interface: batadv_slave_1
[  289.652793][T11682] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  289.662869][T11682] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  289.688794][T11682] hsr_slave_0: entered promiscuous mode
[  289.691105][T11682] hsr_slave_1: entered promiscuous mode
[  289.693215][T11682] debugfs: 'hsr0' already exists in 'hsr'
[  289.695416][T11682] Cannot create hsr debugfs directory
[  289.866962][T11682] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  289.872359][T11682] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  289.878480][T11682] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  289.882609][T11682] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  289.899593][T11682] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.902020][T11682] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.904516][T11682] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.906846][T11682] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.958614][T11682] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.973272][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  289.977878][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.987939][T11682] 8021q: adding VLAN 0 to HW filter on device team0
[  289.997439][ T6154] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.999794][ T6154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.006730][ T6154] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.009730][ T6154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.184191][T11682] 8021q: adding VLAN 0 to HW filter on device batadv0
[  290.237889][T11726] tmpfs: Unknown parameter 'usrquotagÁü¿¡!!‹�0„Ÿ'
[  290.353946][T11682] veth0_vlan: entered promiscuous mode
[  290.360289][T11682] veth1_vlan: entered promiscuous mode
[  290.384101][T11682] veth0_macvtap: entered promiscuous mode
[  290.393421][T11682] veth1_macvtap: entered promiscuous mode
[  290.402662][T11682] batman_adv: batadv0: Interface activated: batadv_slave_0
[  290.418638][T11682] batman_adv: batadv0: Interface activated: batadv_slave_1
[  290.424360][ T6187] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.428673][ T6187] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.437917][ T6187] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.445131][ T6187] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.493438][ T6174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.497097][ T6174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  290.515758][ T1256] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.518437][ T1256] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  290.962677][T11750] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  290.964892][T11750] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  290.969935][T11750] vhci_hcd vhci_hcd.0: Device attached
[  291.048382][   T10] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  291.074742][ T5960] Bluetooth: hci4: command tx timeout
[  291.345413][   T53] usb 37-1: new low-speed USB device number 4 using vhci_hcd
[  291.725221][T11751] vhci_hcd: connection reset by peer
[  291.728905][   T46] vhci_hcd vhci_hcd.0: stop threads
[  291.729832][   T10] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  291.732900][   T46] vhci_hcd vhci_hcd.0: release socket
[  291.734126][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.734140][   T10] usb 7-1: Product: syz
[  291.742872][   T46] vhci_hcd vhci_hcd.0: disconnect device
[  292.263550][   T10] usb 7-1: Manufacturer: syz
[  292.265681][   T10] usb 7-1: SerialNumber: syz
[  292.272632][T11756] nbd: device at index 5 is going down
[  292.295414][   T10] usb 7-1: config 0 descriptor??
[  292.522190][T11765] kAFS: unable to lookup cell ''
[  292.595135][   T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  292.754888][   T10] usb 5-1: Using ep0 maxpacket: 8
[  292.791157][   T10] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 5
[  292.942255][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  292.964981][   T10] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  292.978638][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.027007][   T10] usb 5-1: config 0 descriptor??
[  293.144494][ T5960] Bluetooth: hci4: command tx timeout
[  293.376426][T11770] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  293.379890][T11770] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[  293.384007][T11770] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  293.389949][T11770] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[  293.471837][   T29] usb 7-1: USB disconnect, device number 13
[  293.558515][T11778] kvm_intel: kvm [11777]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x6
[  294.274579][ T6011] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  294.425594][ T6011] usb 6-1: Using ep0 maxpacket: 8
[  294.429961][ T6011] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  294.435337][ T6011] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  294.439258][ T6011] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  294.443382][ T6011] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  294.449163][ T6011] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  294.452698][ T6011] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.661254][ T6011] usb 6-1: GET_CAPABILITIES returned 0
[  294.663058][ T6011] usbtmc 6-1:16.0: can't read capabilities
[  294.858219][   T10] usbhid 5-1:0.0: can't add hid device: -71
[  294.860929][   T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  294.869152][   T10] usb 5-1: USB disconnect, device number 10
[  294.876499][ T6011] usb 6-1: USB disconnect, device number 17
[  295.224513][ T5960] Bluetooth: hci4: command tx timeout
[  295.495916][T11799] netlink: 'syz.1.1485': attribute type 4 has an invalid length.
[  295.499179][T11799] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1485'.
[  295.510917][T11799] wlan1: mtu less than device minimum
[  295.666012][ T6010] hid_parser_main: 8 callbacks suppressed
[  295.666024][ T6010] hid-generic 000B:0003:0004.0014: unknown main item tag 0x0
[  295.670593][ T6010] hid-generic 000B:0003:0004.0014: unknown main item tag 0x0
[  295.672992][ T6010] hid-generic 000B:0003:0004.0014: unknown main item tag 0x0
[  295.675645][ T6010] hid-generic 000B:0003:0004.0014: unknown main item tag 0x0
[  295.678233][ T6010] hid-generic 000B:0003:0004.0014: unknown main item tag 0x0
[  295.681008][ T6010] hid-generic 000B:0003:0004.0014: unknown main item tag 0x0
[  295.683359][ T6010] hid-generic 000B:0003:0004.0014: unknown main item tag 0x0
[  295.686483][ T6010] hid-generic 000B:0003:0004.0014: unknown main item tag 0x0
[  295.689279][ T6010] hid-generic 000B:0003:0004.0014: unknown main item tag 0x0
[  295.692253][ T6010] hid-generic 000B:0003:0004.0014: unknown main item tag 0x0
[  295.701846][ T6010] hid-generic 000B:0003:0004.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  295.974601][T11813] fido_id[11813]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  296.033213][T11818] syz.1.1487 (11818): drop_caches: 2
[  296.560005][T11821] FAULT_INJECTION: forcing a failure.
[  296.560005][T11821] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.565434][T11821] CPU: 2 UID: 0 PID: 11821 Comm: syz.0.1488 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  296.565459][T11821] Tainted: [L]=SOFTLOCKUP
[  296.565465][T11821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  296.565476][T11821] Call Trace:
[  296.565482][T11821]  <TASK>
[  296.565488][T11821]  dump_stack_lvl+0x16c/0x1f0
[  296.565518][T11821]  should_fail_ex+0x512/0x640
[  296.565540][T11821]  _copy_to_user+0x32/0xd0
[  296.565561][T11821]  simple_read_from_buffer+0xcb/0x170
[  296.565586][T11821]  proc_fail_nth_read+0x197/0x240
[  296.565614][T11821]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  296.565664][T11821]  ? rw_verify_area+0xcf/0x6c0
[  296.565684][T11821]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  296.565717][T11821]  vfs_read+0x1e4/0xcf0
[  296.565742][T11821]  ? __pfx___mutex_lock+0x10/0x10
[  296.565769][T11821]  ? __pfx_vfs_read+0x10/0x10
[  296.565790][T11821]  ? find_held_lock+0x2b/0x80
[  296.565819][T11821]  ? __fget_files+0x20e/0x3c0
[  296.565849][T11821]  ksys_read+0x12a/0x250
[  296.565872][T11821]  ? __pfx_ksys_read+0x10/0x10
[  296.565902][T11821]  __do_fast_syscall_32+0xe8/0x680
[  296.565931][T11821]  do_fast_syscall_32+0x32/0x80
[  296.565954][T11821]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  296.565975][T11821] RIP: 0023:0xf705d579
[  296.565988][T11821] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  296.566004][T11821] RSP: 002b:00000000f544d590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  296.566020][T11821] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f544d620
[  296.566030][T11821] RDX: 000000000000000f RSI: 00000000f73f6ff4 RDI: 0000000000000000
[  296.566040][T11821] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  296.566049][T11821] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  296.566059][T11821] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  296.566082][T11821]  </TASK>
[  296.851652][   T53] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  297.304553][ T5960] Bluetooth: hci4: command tx timeout
[  297.323111][   T40] kauditd_printk_skb: 20 callbacks suppressed
[  297.323124][   T40] audit: type=1326 audit(1766034304.013:81866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.1.1492" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  297.347553][   T40] audit: type=1326 audit(1766034304.033:81867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.1.1492" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  297.363906][   T40] audit: type=1326 audit(1766034304.033:81868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.1.1492" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  297.384266][   T40] audit: type=1326 audit(1766034304.033:81869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.1.1492" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  297.401911][   T40] audit: type=1326 audit(1766034304.033:81870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.1.1492" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  297.484565][   T40] audit: type=1326 audit(1766034304.033:81871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.1.1492" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  297.494808][   T40] audit: type=1326 audit(1766034304.033:81872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.1.1492" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  297.503745][   T40] audit: type=1326 audit(1766034304.033:81873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.1.1492" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  297.510562][   T40] audit: type=1326 audit(1766034304.033:81874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.1.1492" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  297.517291][   T40] audit: type=1326 audit(1766034304.033:81875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11833 comm="syz.1.1492" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  297.653872][T11840] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  297.656456][T11840] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  297.660589][T11840] vhci_hcd vhci_hcd.0: Device attached
[  297.955546][   T34] usb 40-1: SetAddress Request (38) to port 0
[  297.957959][   T34] usb 40-1: new SuperSpeed USB device number 38 using vhci_hcd
[  298.095313][T11840] rdma_rxe: rxe_newlink: failed to add wg2
[  298.466927][T11841] vhci_hcd: connection reset by peer
[  298.470953][ T6183] vhci_hcd vhci_hcd.1: stop threads
[  298.473672][ T6183] vhci_hcd vhci_hcd.1: release socket
[  298.476244][ T6183] vhci_hcd vhci_hcd.1: disconnect device
[  299.716422][T11889] ntfs3(sr0): Primary boot signature is not NTFS.
[  299.718649][T11889] ntfs3(sr0): try to read out of volume at offset 0xf800
[  299.764756][T11892] netlink: 'syz.5.1509': attribute type 1 has an invalid length.
[  300.444156][T11920] syz_tun (unregistering): left allmulticast mode
[  300.447687][T11920] syz_tun (unregistering): left promiscuous mode
[  300.450372][T11920] bridge0: port 1(syz_tun) entered disabled state
[  300.724842][T11925] pim6reg1: entered promiscuous mode
[  300.727014][T11925] pim6reg1: entered allmulticast mode
[  300.792968][   T64] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  300.799743][   T64] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  300.813082][   T64] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  300.829724][   T64] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  300.839941][   T64] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  300.916192][T11926] lo speed is unknown, defaulting to 1000
[  302.327427][ T1256] bond1 (unregistering): Released all slaves
[  302.437220][ T1256] bond2 (unregistering): Released all slaves
[  302.443258][ T1256] bond3 (unregistering): Released all slaves
[  302.526406][ T1256] bond4 (unregistering): (slave veth5): Releasing active interface
[  302.530971][ T1256] bond4 (unregistering): (slave veth0_to_bond): Releasing active interface
[  302.544929][ T1256] bond4 (unregistering): Released all slaves
[  302.665177][ T1256] bond5 (unregistering): Released all slaves
[  302.752229][ T1256] bond0 (unregistering): Released all slaves
[  302.806897][T11942] lo speed is unknown, defaulting to 1000
[  302.905599][ T5960] Bluetooth: hci2: command tx timeout
[  302.951798][ T1256] tipc: Left network mode
[  302.998448][   T34] usb 40-1: device descriptor read/8, error -110
[  303.003850][T11926] chnl_net:caif_netlink_parms(): no params data found
[  303.246050][T11926] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.254509][T11926] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.256919][T11926] bridge_slave_0: entered allmulticast mode
[  303.259725][T11926] bridge_slave_0: entered promiscuous mode
[  303.262766][T11926] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.272861][T11926] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.276206][T11926] bridge_slave_1: entered allmulticast mode
[  303.284833][T11926] bridge_slave_1: entered promiscuous mode
[  303.319835][T11926] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.335924][T11926] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.395336][   T34] usb usb40-port1: attempt power cycle
[  303.454241][T11966] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1529'.
[  303.487315][T11926] team0: Port device team_slave_0 added
[  303.495180][T11926] team0: Port device team_slave_1 added
[  303.555662][ T1256] hsr_slave_0: left promiscuous mode
[  303.561029][ T1256] hsr_slave_1: left promiscuous mode
[  303.568169][ T1256] macsec0: left allmulticast mode
[  303.570833][ T1256] macsec0: left promiscuous mode
[  303.783621][T11970] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  303.785772][T11970] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  303.788512][T11970] vhci_hcd vhci_hcd.0: Device attached
[  303.817270][T11965] netlink: 'syz.2.1532': attribute type 13 has an invalid length.
[  303.838336][ T1256] pimreg (unregistering): left allmulticast mode
[  303.850396][ T1256] pimreg3 (unregistering): left allmulticast mode
[  303.975069][   T34] usb usb40-port1: unable to enumerate USB device
[  304.114552][ T6032] usb 48-1: SetAddress Request (2) to port 0
[  304.116769][ T6032] usb 48-1: new SuperSpeed USB device number 2 using vhci_hcd
[  304.323101][T11979] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1533'.
[  304.382761][ T1256] team0 (unregistering): Port device team_slave_1 removed
[  304.417439][ T1256] team0 (unregistering): Port device team_slave_0 removed
[  304.686103][T11965] 8021q: adding VLAN 0 to HW filter on device bond0
[  304.691117][T11965] 8021q: adding VLAN 0 to HW filter on device team0
[  304.698083][T11965] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  304.727396][T11926] batman_adv: batadv0: Adding interface: batadv_slave_0
[  304.734454][T11926] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  304.754498][T11926] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  304.760538][   T53] lo speed is unknown, defaulting to 1000
[  304.762985][   T53] syz0: Port: 1 Link ACTIVE
[  304.764945][T11926] batman_adv: batadv0: Adding interface: batadv_slave_1
[  304.767192][T11926] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  304.784463][T11926] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  304.845913][T11926] hsr_slave_0: entered promiscuous mode
[  304.848109][T11926] hsr_slave_1: entered promiscuous mode
[  304.850300][T11926] debugfs: 'hsr0' already exists in 'hsr'
[  304.852096][T11926] Cannot create hsr debugfs directory
[  304.967319][T11926] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  304.971823][T11926] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  304.977298][T11926] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  304.981620][T11926] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  304.985449][ T5960] Bluetooth: hci2: command tx timeout
[  305.027666][T11926] 8021q: adding VLAN 0 to HW filter on device bond0
[  305.027816][T11984] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1535'.
[  305.079212][ T1256] IPVS: stop unused estimator thread 0...
[  305.082610][T11926] 8021q: adding VLAN 0 to HW filter on device team0
[  305.092049][   T81] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.094343][   T81] bridge0: port 1(bridge_slave_0) entered forwarding state
[  305.125486][ T6163] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.128543][ T6163] bridge0: port 2(bridge_slave_1) entered forwarding state
[  305.346638][T11926] 8021q: adding VLAN 0 to HW filter on device batadv0
[  305.632017][T11926] veth0_vlan: entered promiscuous mode
[  305.638975][T11926] veth1_vlan: entered promiscuous mode
[  305.660222][T11926] veth0_macvtap: entered promiscuous mode
[  305.675481][T11926] veth1_macvtap: entered promiscuous mode
[  305.689668][T11926] batman_adv: batadv0: Interface activated: batadv_slave_0
[  305.697921][T11926] batman_adv: batadv0: Interface activated: batadv_slave_1
[  305.707024][   T81] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  305.711036][   T81] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  305.718780][   T81] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  305.722258][   T81] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  305.772738][ T1256] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.777127][ T1256] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.787717][T12021] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  305.790099][T12021] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  305.797350][T12021] vhci_hcd vhci_hcd.0: Device attached
[  305.802586][   T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.807068][   T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.815685][T12021] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  306.084584][   T59] usb 40-1: SetAddress Request (42) to port 0
[  306.087406][   T59] usb 40-1: new SuperSpeed USB device number 42 using vhci_hcd
[  306.293591][T12032] hugetlbfs: syz.2.1542 (12032): Using mlock ulimits for SHM_HUGETLB is obsolete
[  306.381243][T12022] vhci_hcd: connection reset by peer
[  306.383413][   T81] vhci_hcd vhci_hcd.1: stop threads
[  306.386683][   T81] vhci_hcd vhci_hcd.1: release socket
[  306.388990][   T81] vhci_hcd vhci_hcd.1: disconnect device
[  306.484529][T11971] vhci_hcd: connection reset by peer
[  306.493253][   T60] vhci_hcd vhci_hcd.5: stop threads
[  306.496302][   T60] vhci_hcd vhci_hcd.5: release socket
[  306.498638][   T60] vhci_hcd vhci_hcd.5: disconnect device
[  306.755462][T12039] netlink: 'syz.5.1544': attribute type 10 has an invalid length.
[  306.780159][T12039] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  307.064594][ T5960] Bluetooth: hci2: command tx timeout
[  307.394276][T12041] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1545'.
[  307.395953][T12042] binder: 12040:12042 unknown command 0
[  307.409526][T12042] binder: 12040:12042 ioctl c0306201 80000080 returned -22
[  307.411998][T12042] binder: BINDER_SET_CONTEXT_MGR already set
[  307.414357][T12042] binder: 12040:12042 ioctl 4018620d 80000040 returned -16
[  307.463719][T12037] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  307.607842][T12048] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1547'.
[  307.610771][T12048] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1547'.
[  307.690030][T12061] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  308.176382][T12076] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6)
[  308.178549][T12076] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  308.186610][T12076] vhci_hcd vhci_hcd.0: Device attached
[  308.229842][T12076] fuse: Bad value for 'group_id'
[  308.231898][T12076] fuse: Bad value for 'group_id'
[  308.494567][ T6029] usb 50-1: SetAddress Request (2) to port 0
[  308.496577][ T6029] usb 50-1: new SuperSpeed USB device number 2 using vhci_hcd
[  308.824733][T12088] FAULT_INJECTION: forcing a failure.
[  308.824733][T12088] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  308.830446][T12079] vhci_hcd: connection reset by peer
[  308.835742][ T6183] vhci_hcd vhci_hcd.6: stop threads
[  308.838348][ T6183] vhci_hcd vhci_hcd.6: release socket
[  308.841159][ T6183] vhci_hcd vhci_hcd.6: disconnect device
[  308.844553][T12088] CPU: 0 UID: 0 PID: 12088 Comm: syz.1.1555 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  308.844576][T12088] Tainted: [L]=SOFTLOCKUP
[  308.844581][T12088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  308.844597][T12088] Call Trace:
[  308.844602][T12088]  <TASK>
[  308.844608][T12088]  dump_stack_lvl+0x16c/0x1f0
[  308.844632][T12088]  should_fail_ex+0x512/0x640
[  308.844651][T12088]  _copy_to_user+0x32/0xd0
[  308.844668][T12088]  ip_tunnel_parm_to_user+0x365/0x430
[  308.844692][T12088]  ? __pfx_ip_tunnel_parm_to_user+0x10/0x10
[  308.844719][T12088]  ? netdev_state_change+0x136/0x240
[  308.844740][T12088]  ? ipip6_tunnel_ctl+0xcd/0x780
[  308.844760][T12088]  ip_tunnel_siocdevprivate+0x174/0x1b0
[  308.844775][T12088]  ? __pfx_ip_tunnel_siocdevprivate+0x10/0x10
[  308.844800][T12088]  ipip6_tunnel_siocdevprivate+0x3b8/0x16d0
[  308.844819][T12088]  ? __do_fast_syscall_32+0xe8/0x680
[  308.844840][T12088]  ? do_fast_syscall_32+0x32/0x80
[  308.844861][T12088]  ? __pfx_ipip6_tunnel_siocdevprivate+0x10/0x10
[  308.844884][T12088]  ? lock_acquire+0x179/0x330
[  308.844901][T12088]  ? __pfx___might_resched+0x10/0x10
[  308.844922][T12088]  ? full_name_hash+0xbc/0x110
[  308.844940][T12088]  ? dev_ifsioc+0x8ee/0x1ee0
[  308.844956][T12088]  dev_ifsioc+0x8ee/0x1ee0
[  308.844974][T12088]  ? __pfx_dev_ifsioc+0x10/0x10
[  308.844990][T12088]  ? __pfx___mutex_lock+0x10/0x10
[  308.845019][T12088]  ? dev_load+0x8e/0x240
[  308.845040][T12088]  dev_ioctl+0x1b2/0x1060
[  308.845058][T12088]  sock_ioctl+0x5b3/0x6b0
[  308.845073][T12088]  ? __pfx_sock_ioctl+0x10/0x10
[  308.845088][T12088]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  308.845114][T12088]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  308.845134][T12088]  compat_sock_ioctl+0x58b/0x730
[  308.845151][T12088]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  308.845163][T12088]  ? hook_file_ioctl_common+0x144/0x410
[  308.845185][T12088]  ? __fget_files+0x20e/0x3c0
[  308.845204][T12088]  ? __fput_deferred+0x440/0x480
[  308.845222][T12088]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  308.845235][T12088]  __ia32_compat_sys_ioctl+0x242/0x370
[  308.845253][T12088]  __do_fast_syscall_32+0xe8/0x680
[  308.845275][T12088]  do_fast_syscall_32+0x32/0x80
[  308.845296][T12088]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  308.845314][T12088] RIP: 0023:0xf7f04579
[  308.845326][T12088] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  308.845339][T12088] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  308.845354][T12088] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000089f3
[  308.845363][T12088] RDX: 0000000080000940 RSI: 0000000000000000 RDI: 0000000000000000
[  308.845372][T12088] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  308.845380][T12088] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  308.845389][T12088] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  308.845410][T12088]  </TASK>
[  309.144534][ T5960] Bluetooth: hci2: command tx timeout
[  309.226578][ T6032] usb 48-1: device descriptor read/8, error -110
[  309.323918][T12081] fuse: Unknown parameter 'use00000000000000000000'
[  309.617626][ T6032] usb usb48-port1: attempt power cycle
[  309.806198][T12107] can: request_module (can-proto-0) failed.
[  309.808313][T12110] overlayfs: overlapping lowerdir path
[  310.195328][ T6032] usb usb48-port1: unable to enumerate USB device
[  311.144911][   T59] usb 40-1: device descriptor read/8, error -110
[  311.545371][   T59] usb usb40-port1: attempt power cycle
[  312.105467][   T59] usb usb40-port1: unable to enumerate USB device
[  313.544628][ T6029] usb 50-1: device descriptor read/8, error -110
[  313.935351][ T6029] usb usb50-port1: attempt power cycle
[  314.495358][ T6029] usb usb50-port1: unable to enumerate USB device
[  321.706535][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  321.709259][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  348.934397][T12139] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1563'.
[  349.006304][ T5947] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  349.080541][T12141] netlink: 'syz.5.1570': attribute type 1 has an invalid length.
[  349.093340][T12141] 8021q: adding VLAN 0 to HW filter on device bond1
[  349.158089][T12141] bond1: (slave dummy0): making interface the new active one
[  349.161190][T12141] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  349.164496][ T5947] usb 7-1: Using ep0 maxpacket: 8
[  349.169576][ T5947] usb 7-1: config 1 interface 0 altsetting 8 bulk endpoint 0x1 has invalid maxpacket 16
[  349.172609][ T5947] usb 7-1: config 1 interface 0 altsetting 8 bulk endpoint 0x82 has invalid maxpacket 64
[  349.175723][ T5947] usb 7-1: config 1 interface 0 has no altsetting 0
[  349.180692][ T5947] usb 7-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  349.183498][ T5947] usb 7-1: New USB device strings: Mfr=1, Product=231, SerialNumber=3
[  349.183511][ T5947] usb 7-1: Product: syz
[  349.183519][ T5947] usb 7-1: Manufacturer: �蹃晡ᘌ疈澢ᢹλ樵ݡᙚ꽂�韙䛒﷭⃃�覯뿄ų쎯褈⤗䜚툖�殯Ȝꃈ㹡䒔肃僂ͣ๾憱롢嬭땶�艱㒷唞鋫ॉ�峻哹ཧꛋᢌ낎ͳ섪뵞謟孌쨳뒮଄ꅵ迲龈汗令뢄䒎�襎ﾈ㬡쟰糇�拓ᡫ懤ㄕ⌔䫋ꤣጺዴ�殺
[  349.183535][ T5947] usb 7-1: SerialNumber: syz
[  349.218409][T12132] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  349.226642][T12132] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  349.367951][T12146] : entered promiscuous mode
[  349.382679][T12146] netlink: 'syz.5.1571': attribute type 29 has an invalid length.
[  349.385388][T12146] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1571'.
[  349.389824][T12146] veth0_to_bridge: entered promiscuous mode
[  349.455145][T12132] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  349.459226][T12132] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  349.476735][ T5947] usblp0: Disabling reads from problematic bidirectional printer
[  349.495438][ T5947] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 14 if 0 alt 8 proto 3 vid 0x03F0 pid 0x0004
[  349.513751][ T5947] usb 7-1: USB disconnect, device number 14
[  349.525560][ T5947] usblp0: removed
[  349.855336][T12157] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  350.109995][T12143] veth0_to_bridge: left promiscuous mode
[  350.416428][   T53] libceph: connect (1)[c::]:6789 error -101
[  350.419401][   T53] libceph: mon0 (1)[c::]:6789 connect error
[  350.463865][T12166] ceph: No mds server is up or the cluster is laggy
[  350.634040][T12166] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  350.670403][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  350.670418][   T40] audit: type=1804 audit(1766034357.363:81880): pid=12170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1575" name="/newroot/397/bus/bus" dev="overlay" ino=2168 res=1 errno=0
[  350.863351][T12173] ntfs3(nullb0): Primary boot signature is not NTFS.
[  350.866121][T12173] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  351.426449][ T5960] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  351.521338][T12179] overlayfs: upper fs does not support file handles, falling back to index=off.
[  351.698187][T12182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1580'.
[  352.698835][T12197] netlink: 'syz.6.1583': attribute type 7 has an invalid length.
[  352.702180][T12197] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1583'.
[  352.709344][T12197] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1583'.
[  353.117493][T12205] ubi: mtd0 is already attached to ubi31
[  353.125831][T12206] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1584'.
[  353.389376][T12210] netlink: 'syz.1.1587': attribute type 27 has an invalid length.
[  353.412484][T12210] vti0: left promiscuous mode
[  353.433523][T12210] overlayfs: failed to resolve './file0': -2
[  353.478823][T12210] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1587'.
[  354.205310][T12228] netlink: 'syz.6.1590': attribute type 9 has an invalid length.
[  354.208405][T12228] netlink: 'syz.6.1590': attribute type 11 has an invalid length.
[  354.210954][T12228] netlink: 'syz.6.1590': attribute type 12 has an invalid length.
[  354.214078][T12228] netlink: 210020 bytes leftover after parsing attributes in process `syz.6.1590'.
[  354.217690][T12228] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1590'.
[  354.354550][   T29] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  354.504881][   T29] usb 7-1: Using ep0 maxpacket: 8
[  354.513751][   T29] usb 7-1: config 0 interface 0 has no altsetting 0
[  354.516253][   T29] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  354.520485][   T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.532504][   T29] usb 7-1: config 0 descriptor??
[  354.955809][   T29] mcp2221 0003:04D8:00DD.0015: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  355.166098][   T29] usb 7-1: USB disconnect, device number 15
[  355.873534][ T5947] hid_parser_main: 8 callbacks suppressed
[  355.873546][ T5947] hid-generic 0008:FFFFFFFA:0001.0016: unknown main item tag 0x0
[  355.878856][ T5947] hid-generic 0008:FFFFFFFA:0001.0016: unknown main item tag 0x0
[  355.881396][ T5947] hid-generic 0008:FFFFFFFA:0001.0016: unknown main item tag 0x0
[  355.883775][ T5947] hid-generic 0008:FFFFFFFA:0001.0016: unknown main item tag 0x0
[  355.887652][ T5947] hid-generic 0008:FFFFFFFA:0001.0016: unknown main item tag 0x0
[  355.891002][ T5947] hid-generic 0008:FFFFFFFA:0001.0016: unknown main item tag 0x0
[  355.894717][ T5947] hid-generic 0008:FFFFFFFA:0001.0016: unknown main item tag 0x0
[  355.901170][ T5947] hid-generic 0008:FFFFFFFA:0001.0016: unknown main item tag 0x0
[  355.904346][ T5947] hid-generic 0008:FFFFFFFA:0001.0016: unknown main item tag 0x0
[  355.916058][ T5947] hid-generic 0008:FFFFFFFA:0001.0016: unknown main item tag 0x0
[  355.926715][ T5947] hid-generic 0008:FFFFFFFA:0001.0016: hidraw0: <UNKNOWN> HID v8.b8 Device [syz0] on syz0
[  355.985489][T12252] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  355.988152][T12252] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  355.991952][T12252] vhci_hcd vhci_hcd.0: Device attached
[  356.010422][T12256] veth1_to_bond: entered allmulticast mode
[  356.063777][T12252] random: crng reseeded on system resumption
[  356.083851][T12257] binder: 12255:12257 ioctl 0 80000040 returned -22
[  356.199765][T12251] fido_id[12251]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  356.312876][ T6076] usb 48-1: SetAddress Request (6) to port 0
[  356.315287][ T6076] usb 48-1: new SuperSpeed USB device number 6 using vhci_hcd
[  356.610578][T12264] IPVS: Error connecting to the multicast addr
[  356.982980][T12255] veth1_to_bond: left allmulticast mode
[  357.253151][T12267] xt_CT: No such helper "syz1"
[  358.406031][T12276] lo speed is unknown, defaulting to 1000
[  358.527490][T12277] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  358.529501][T12277] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  358.533481][T12277] vhci_hcd vhci_hcd.0: Device attached
[  358.779729][T12253] vhci_hcd: connection reset by peer
[  358.781597][ T6178] vhci_hcd vhci_hcd.5: stop threads
[  358.783178][ T6178] vhci_hcd vhci_hcd.5: release socket
[  358.784873][ T6178] vhci_hcd vhci_hcd.5: disconnect device
[  358.798974][ T6011] usb 42-1: SetAddress Request (34) to port 0
[  358.801688][ T6011] usb 42-1: new SuperSpeed USB device number 34 using vhci_hcd
[  359.223003][T12286] lo speed is unknown, defaulting to 1000
[  359.306150][T12278] vhci_hcd: connection reset by peer
[  359.308430][ T6178] vhci_hcd vhci_hcd.2: stop threads
[  359.310405][ T6178] vhci_hcd vhci_hcd.2: release socket
[  359.312602][ T6178] vhci_hcd vhci_hcd.2: disconnect device
[  359.619115][T12300] netlink: 'syz.6.1610': attribute type 21 has an invalid length.
[  359.663907][T12300] netlink: 156 bytes leftover after parsing attributes in process `syz.6.1610'.
[  359.669730][  T840] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  359.800499][  T840] usb 6-1: device descriptor read/64, error -71
[  359.990058][ T6032] hid-generic 000B:0003:0004.0017: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  360.045295][  T840] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  360.061152][T12305] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.093838][T12310] fido_id[12310]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  360.220380][  T840] usb 6-1: device descriptor read/64, error -71
[  360.330638][  T840] usb usb6-port1: attempt power cycle
[  360.344049][T12315] /dev/nullb0: Can't open blockdev
[  360.357520][T12305] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.436456][T12305] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.545005][T12305] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.643259][ T6154] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  360.653581][ T6154] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  360.660247][ T6154] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  360.668105][ T6154] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  360.680780][  T840] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  360.711172][  T840] usb 6-1: device descriptor read/8, error -71
[  360.950979][  T840] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  360.971682][  T840] usb 6-1: device descriptor read/8, error -71
[  361.028519][T12325] lo speed is unknown, defaulting to 1000
[  361.081515][  T840] usb usb6-port1: unable to enumerate USB device
[  361.402264][ T6076] usb 48-1: device descriptor read/8, error -110
[  361.891703][ T6076] usb usb48-port1: attempt power cycle
[  362.307910][ T5960] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  362.311022][T12356] fuse: Bad value for 'fd'
[  362.316697][T12356] overlayfs: failed to clone upperpath
[  362.526679][   T40] audit: type=1804 audit(1766034625.212:81881): pid=12369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1634" name="/newroot/44/file0/file1" dev="overlay" ino=281 res=1 errno=0
[  362.572375][T12372] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  362.693354][T12374] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  362.863407][ T6076] usb usb48-port1: unable to enumerate USB device
[  363.335815][T12376] nbd: must specify an index to disconnect
[  363.607047][T12383] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1637'.
[  363.874112][ T6011] usb 42-1: device descriptor read/8, error -110
[  364.279586][ T6011] usb usb42-port1: attempt power cycle
[  364.502737][T12396] lo speed is unknown, defaulting to 1000
[  364.570981][T12395] overlayfs: upper fs does not support file handles, falling back to index=off.
[  364.886063][ T6011] usb usb42-port1: unable to enumerate USB device
[  365.001675][T12405] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  365.003665][T12405] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  365.006685][T12405] vhci_hcd vhci_hcd.0: Device attached
[  365.165161][T12407] vhci_hcd: connection closed
[  365.165565][ T1155] vhci_hcd vhci_hcd.5: stop threads
[  365.168903][ T1155] vhci_hcd vhci_hcd.5: release socket
[  365.170837][ T1155] vhci_hcd vhci_hcd.5: disconnect device
[  365.459742][ T8840] hid_parser_main: 232 callbacks suppressed
[  365.459755][ T8840] hid-generic 000B:0003:0004.0018: unknown main item tag 0x0
[  365.464618][ T8840] hid-generic 000B:0003:0004.0018: unknown main item tag 0x0
[  365.468775][ T8840] hid-generic 000B:0003:0004.0018: unknown main item tag 0x0
[  365.477559][ T8840] hid-generic 000B:0003:0004.0018: unknown main item tag 0x0
[  365.480076][ T8840] hid-generic 000B:0003:0004.0018: unknown main item tag 0x0
[  365.482432][ T8840] hid-generic 000B:0003:0004.0018: unknown main item tag 0x0
[  365.484832][ T8840] hid-generic 000B:0003:0004.0018: unknown main item tag 0x0
[  365.487675][ T8840] hid-generic 000B:0003:0004.0018: unknown main item tag 0x0
[  365.489969][ T8840] hid-generic 000B:0003:0004.0018: unknown main item tag 0x0
[  365.492709][ T8840] hid-generic 000B:0003:0004.0018: unknown main item tag 0x0
[  365.496582][ T8840] hid-generic 000B:0003:0004.0018: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  365.831043][T12420] fido_id[12420]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  366.015854][T12433] input: syz1 as /devices/virtual/input/input24
[  366.486359][ T5960] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  366.590675][T12443] overlayfs: upper fs does not support file handles, falling back to index=off.
[  366.714723][T12448] overlay: ./file1 is not a directory
[  366.906207][T12458] netlink: 'syz.1.1659': attribute type 2 has an invalid length.
[  366.911081][T12458] nbd: must specify at least one socket
[  366.921615][T12458] nbd: couldn't find device at index 1
[  367.026988][T12462] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  367.418289][T12471] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1664'.
[  367.515715][T12482] veth1_macvtap: left promiscuous mode
[  367.519192][T12482] macsec0: entered promiscuous mode
[  367.521477][T12482] macsec0: entered allmulticast mode
[  367.532241][T12482] veth1_macvtap: entered promiscuous mode
[  367.534748][T12482] veth1_macvtap: entered allmulticast mode
[  367.539706][T12482] macsec0: left promiscuous mode
[  367.542100][T12482] macsec0: left allmulticast mode
[  367.544224][T12482] veth1_macvtap: left allmulticast mode
[  367.678342][T12486] bridge0: port 3(netdevsim0) entered blocking state
[  367.681311][T12486] bridge0: port 3(netdevsim0) entered disabled state
[  367.684490][T12486] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  367.691402][T12486] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  367.694885][T12486] bridge0: port 3(netdevsim0) entered blocking state
[  367.697830][T12486] bridge0: port 3(netdevsim0) entered forwarding state
[  368.267221][T12503] overlayfs: missing 'lowerdir'
[  368.335129][T12493] block nbd2: NBD_DISCONNECT
[  368.336863][T12493] block nbd2: Disconnected due to user request.
[  368.339794][T12493] block nbd2: shutting down sockets
[  368.579430][T12508] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  368.581901][T12508] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  368.588742][T12508] vhci_hcd vhci_hcd.0: Device attached
[  368.671892][T12517] Cannot find add_set index 0 as target
[  368.914742][ T8840] usb 40-1: SetAddress Request (46) to port 0
[  368.919711][ T8840] usb 40-1: new SuperSpeed USB device number 46 using vhci_hcd
[  369.141273][T12510] vhci_hcd: connection reset by peer
[  369.144846][ T6184] vhci_hcd vhci_hcd.1: stop threads
[  369.147737][ T6184] vhci_hcd vhci_hcd.1: release socket
[  369.153571][ T6184] vhci_hcd vhci_hcd.1: disconnect device
[  369.281074][ T5947] hid-generic 000B:0003:0004.0019: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  369.531921][T12534] fido_id[12534]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  369.682364][T12546] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1686'.
[  369.686355][T12545] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1686'.
[  369.937243][T12549] lo speed is unknown, defaulting to 1000
[  370.223682][T12555] lo speed is unknown, defaulting to 1000
[  371.247230][T12589] input: syz1 as /devices/virtual/input/input25
[  371.487086][ T5947] hid_parser_main: 26 callbacks suppressed
[  371.487104][ T5947] hid-generic 000B:0003:0004.001A: unknown main item tag 0x0
[  371.522226][ T5947] hid-generic 000B:0003:0004.001A: unknown main item tag 0x0
[  371.529837][ T5947] hid-generic 000B:0003:0004.001A: unknown main item tag 0x0
[  371.533682][ T5947] hid-generic 000B:0003:0004.001A: unknown main item tag 0x0
[  371.536450][ T5947] hid-generic 000B:0003:0004.001A: unknown main item tag 0x0
[  371.538842][ T5947] hid-generic 000B:0003:0004.001A: unknown main item tag 0x0
[  371.541219][ T5947] hid-generic 000B:0003:0004.001A: unknown main item tag 0x0
[  371.543572][ T5947] hid-generic 000B:0003:0004.001A: unknown main item tag 0x0
[  371.546038][ T5947] hid-generic 000B:0003:0004.001A: unknown main item tag 0x0
[  371.548401][ T5947] hid-generic 000B:0003:0004.001A: unknown main item tag 0x0
[  371.551478][   T29] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  371.552586][ T5947] hid-generic 000B:0003:0004.001A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  371.701249][   T29] usb 6-1: Using ep0 maxpacket: 8
[  371.709711][   T29] usb 6-1: config 162 has an invalid interface number: 166 but max is 0
[  371.714730][   T29] usb 6-1: config 162 has no interface number 0
[  371.717342][   T29] usb 6-1: config 162 interface 166 has no altsetting 0
[  371.726524][   T29] usb 6-1: New USB device found, idVendor=05ac, idProduct=921d, bcdDevice=d3.ea
[  371.730352][   T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.733971][   T29] usb 6-1: Product: syz
[  371.735864][   T29] usb 6-1: Manufacturer: syz
[  371.737924][   T29] usb 6-1: SerialNumber: syz
[  371.971376][   T29] appledisplay 6-1:162.166: Could not find int-in endpoint
[  371.976424][   T29] usbhid 6-1:162.166: couldn't find an input interrupt endpoint
[  371.980033][   T29] usb 6-1: USB disconnect, device number 22
[  372.127080][T12600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1701'.
[  372.136032][T12600] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1701'.
[  373.235507][T12613] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  373.238024][T12613] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  373.240494][T12613] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  373.246272][T12613] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  373.252183][T12613] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  373.254624][T12613] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  373.259178][T12613] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  373.380888][   T34] hid-generic 000B:0003:0004.001B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  373.607458][T12629] lo speed is unknown, defaulting to 1000
[  374.056642][ T8840] usb 40-1: device descriptor read/8, error -110
[  374.445476][ T8840] usb usb40-port1: attempt power cycle
[  374.549364][   T40] audit: type=1326 audit(1766034637.220:81882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12649 comm="syz.2.1718" exe="/syz-executor" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf70fd579 code=0x0
[  374.634176][ T5960] Bluetooth: hci3: command 0x0c1a tx timeout
[  375.025585][ T8840] usb usb40-port1: unable to enumerate USB device
[  375.244960][ T5960] Bluetooth: hci4: command 0x0c1a tx timeout
[  375.324689][ T5960] Bluetooth: hci2: command 0x0c1a tx timeout
[  375.501527][T12705] netlink: 'syz.5.1735': attribute type 21 has an invalid length.
[  375.504041][T12705] netlink: 'syz.5.1735': attribute type 1 has an invalid length.
[  375.506754][T12705] netlink: 100 bytes leftover after parsing attributes in process `syz.5.1735'.
[  375.514138][T12705] netlink: 'syz.5.1735': attribute type 1 has an invalid length.
[  375.517183][T12705] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1735'.
[  375.777005][T12722] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1741'.
[  375.792223][T12722] netlink: 128 bytes leftover after parsing attributes in process `syz.6.1741'.
[  376.040793][T12737] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1746'.
[  376.103759][T12739] overlayfs: failed to clone upperpath
[  376.808383][T12769] bridge0: port 3(syz_tun) entered blocking state
[  376.810622][T12769] bridge0: port 3(syz_tun) entered disabled state
[  376.812848][T12769] syz_tun: entered allmulticast mode
[  376.815627][T12769] syz_tun: entered promiscuous mode
[  377.326513][ T5960] Bluetooth: hci4: command 0x0c1a tx timeout
[  377.417215][ T5960] Bluetooth: hci2: command 0x0c1a tx timeout
[  378.322561][T12806] lo speed is unknown, defaulting to 1000
[  378.367694][T12802] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1767'.
[  379.036072][T12841] lo speed is unknown, defaulting to 1000
[  379.419590][ T5960] Bluetooth: hci4: command 0x0c1a tx timeout
[  379.499074][ T5960] Bluetooth: hci2: command 0x0c1a tx timeout
[  379.505991][T12855] rpc_pipefs: Unknown parameter '�Zz-#FÇ<æõ]%gCžÊ
[  379.505991][T12855] SÃȘØÈžZ§6ŸÂ'
[  380.137913][T12869] nbd: couldn't find device at index 5
[  380.373205][T12880] netlink: 2020 bytes leftover after parsing attributes in process `syz.5.1791'.
[  380.376400][T12880] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1791'.
[  380.382382][T12880] nbd: couldn't find device at index 5
[  380.815920][T12887] syzkaller0: entered promiscuous mode
[  380.818313][T12887] syzkaller0: entered allmulticast mode
[  381.059739][ T5960] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  382.736442][T12928] comedi comedi1: pcmda12: I/O port conflict (0xfb,16)
[  382.740980][T12929] program syz.1.1807 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  382.745179][T12928] program syz.1.1807 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  382.837628][T12945] overlayfs: failed to clone upperpath
[  382.843731][T12945] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1811'.
[  382.902427][ T5960] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  382.990903][T12946] overlayfs: upper fs does not support file handles, falling back to index=off.
[  383.181464][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  383.185949][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  383.272358][T12953] netlink: 'syz.6.1814': attribute type 12 has an invalid length.
[  383.282146][T12953] netlink: 'syz.6.1814': attribute type 29 has an invalid length.
[  383.284640][T12953] netlink: 148 bytes leftover after parsing attributes in process `syz.6.1814'.
[  383.292279][T12953] netlink: 59 bytes leftover after parsing attributes in process `syz.6.1814'.
[  383.532934][ T5960] Bluetooth: hci2: unexpected event for opcode 0x0000
[  383.620596][T12946] overlayfs: statfs failed on './file0'
[  383.725886][T12965] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1820'.
[  383.756378][T12972] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1821'.
[  383.760265][T12972] netem: change failed
[  383.801870][T12975] bond2: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  383.807236][T12975] bond2 (unregistering): Released all slaves
[  383.849536][T12982] netlink: 'syz.2.1826': attribute type 2 has an invalid length.
[  383.864376][T12982] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1826'.
[  383.908487][T12989] netlink: 'syz.1.1825': attribute type 1 has an invalid length.
[  383.948156][ T5960] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  383.986736][T12994] syz_tun: left allmulticast mode
[  383.988766][T12994] syz_tun: left promiscuous mode
[  383.990680][T12994] bridge0: port 3(syz_tun) entered disabled state
[  384.000443][T12994] bridge_slave_0: left allmulticast mode
[  384.002358][T12994] bridge_slave_0: left promiscuous mode
[  384.007350][T12994] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.047332][T12994] bridge_slave_1: left allmulticast mode
[  384.049212][T12994] bridge_slave_1: left promiscuous mode
[  384.051069][T12994] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.069230][T12990] overlayfs: upper fs does not support file handles, falling back to index=off.
[  384.073292][T12995] netlink: 'syz.6.1829': attribute type 10 has an invalid length.
[  384.077465][T12994] bond0: (slave bond_slave_0): Releasing backup interface
[  384.082078][T12994] bond0: (slave bond_slave_1): Releasing backup interface
[  384.124165][T12998] netlink: 2188 bytes leftover after parsing attributes in process `syz.6.1829'.
[  384.131598][T12994] team0: Port device team_slave_0 removed
[  384.158273][T12994] team0: Port device team_slave_1 removed
[  384.165830][T12994] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  384.169893][T12994] batman_adv: batadv0: Removing interface: batadv_slave_0
[  384.174698][T12994] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  384.177037][T12994] batman_adv: batadv0: Removing interface: batadv_slave_1
[  384.180151][T12994] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  384.188940][T12995] 8021q: adding VLAN 0 to HW filter on device bond0
[  384.191972][T12995] team0: Port device bond0 added
[  384.210524][T12998] team0 (unregistering): Port device bond0 removed
[  384.728764][T12990] overlayfs: statfs failed on './file0'
[  384.791406][T13003] digital: digital_start_poll: Unknown protocol
[  385.086337][T13022] netlink: 'syz.6.1832': attribute type 1 has an invalid length.
[  385.123795][T13022] 8021q: adding VLAN 0 to HW filter on device bond1
[  385.130165][T13023] bond1: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  385.155810][T13022] bond1: (slave veth3): Enslaving as an active interface with a down link
[  385.247520][ T5960] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  385.248227][T13034] fuse: Bad value for 'fd'
[  385.253720][T13034] overlayfs: failed to clone upperpath
[  387.314764][ T5960] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  387.319127][T13069] fuse: Bad value for 'fd'
[  387.600593][ T5960] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  387.604347][ T5960] Bluetooth: hci2: Injecting HCI hardware error event
[  387.609607][ T5960] Bluetooth: hci2: hardware error 0x00
[  388.380709][T13102] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1860'.
[  388.507828][T13106] syzkaller1: entered promiscuous mode
[  388.509677][T13106] syzkaller1: entered allmulticast mode
[  389.000362][T13125] nbd: couldn't find device at index 1
[  389.220516][T13139] Bluetooth: MGMT ver 1.23
[  389.335161][T13144] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1871'.
[  389.658456][ T5960] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  390.417228][T13159] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  390.420337][T13159] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  391.209312][T13165] nbd7: detected capacity change from 0 to 8589934655
[  391.342462][ T5960] block nbd7: Receive control failed (result -104)
[  392.318181][T13206] nbd: couldn't find device at index 5
[  392.508189][T13212] mkiss: ax0: crc mode is auto.
[  392.600390][ T5960] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  392.733608][T13216] overlayfs: upper fs does not support file handles, falling back to index=off.
[  392.788859][T13223] overlayfs: failed to resolve '/': -2
[  392.793379][T13223] overlayfs: failed to clone lowerpath
[  393.745861][T13233] netlink: 288 bytes leftover after parsing attributes in process `syz.5.1893'.
[  393.945066][T13244] netlink: 'syz.2.1895': attribute type 13 has an invalid length.
[  394.159556][T13251] overlayfs: failed to resolve './file1': -2
[  394.295523][T13244] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  394.514967][ T5960] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  394.638204][T13258] overlayfs: upper fs does not support file handles, falling back to index=off.
[  394.904234][T13271] lo speed is unknown, defaulting to 1000
[  394.968435][T13277] can: request_module (can-proto-4) failed.
[  395.450358][T13296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  395.487210][T13297] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  395.489634][T13297] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  395.492696][T13297] vhci_hcd vhci_hcd.0: Device attached
[  395.507468][T13296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  395.511886][T13296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  395.783714][   T59] usb 42-1: SetAddress Request (38) to port 0
[  395.786904][   T59] usb 42-1: new SuperSpeed USB device number 38 using vhci_hcd
[  396.015964][T13310] nbd: couldn't find device at index 1
[  396.098463][T13290] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  396.363606][T13314] overlayfs: failed to resolve './file1': -2
[  397.460078][T13302] vhci_hcd: connection reset by peer
[  397.465236][ T6183] vhci_hcd vhci_hcd.2: stop threads
[  397.466910][ T6183] vhci_hcd vhci_hcd.2: release socket
[  397.483736][ T6183] vhci_hcd vhci_hcd.2: disconnect device
[  397.551412][T13328] program syz.2.1919 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  397.786018][ T5960] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  397.866807][T13353] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1927'.
[  397.870217][T13353] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1927'.
[  397.900949][T13354] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1927'.
[  397.903791][T13354] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1927'.
[  397.906394][T13347] overlayfs: upper fs does not support file handles, falling back to index=off.
[  397.919677][T13353] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1927'.
[  397.927018][T13353] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1927'.
[  397.933461][T13355] xt_CT: You must specify a L4 protocol and not use inversions on it
[  397.934387][T13353] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1927'.
[  397.940935][T13353] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1927'.
[  397.947087][T13353] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1927'.
[  398.534845][T13364] bond2: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  398.538588][T13365] netlink: 'syz.5.1929': attribute type 4 has an invalid length.
[  398.539094][T13364] bond2 (unregistering): Released all slaves
[  398.575243][T13365] wlan1: mtu less than device minimum
[  398.583824][T13367] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  398.756415][T13378] overlayfs: failed to resolve './file0': -2
[  399.154429][T13385] __nla_validate_parse: 125 callbacks suppressed
[  399.154442][T13385] netlink: 752 bytes leftover after parsing attributes in process `syz.6.1938'.
[  399.164087][T13385] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1938'.
[  399.440407][ T5960] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  399.555603][T13394] overlayfs: upper fs does not support file handles, falling back to index=off.
[  399.790981][T13406] netlink: 'syz.6.1943': attribute type 1 has an invalid length.
[  399.805989][T13406] 8021q: adding VLAN 0 to HW filter on device bond2
[  399.814334][T13406] bond2: up delay (35976) is not a multiple of miimon (100), value rounded to 35900 ms
[  399.819016][T13406] bond2: entered allmulticast mode
[  400.581260][T13434] overlayfs: failed to clone upperpath
[  401.080731][ T5960] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  401.201872][T13454] overlayfs: upper fs does not support file handles, falling back to index=off.
[  401.283011][T13467] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1962'.
[  401.362851][T13473] kAFS: unable to lookup cell '(,'
[  401.461444][T13476] overlayfs: failed to clone upperpath
[  401.649458][   T59] usb 42-1: device descriptor read/8, error -110
[  401.688741][T13480] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1966'.
[  401.945212][T13494] overlayfs: failed to resolve './file0': -2
[  402.060149][   T59] usb usb42-port1: attempt power cycle
[  402.650038][   T59] usb usb42-port1: unable to enumerate USB device
[  402.818228][T13521] netlink: 1400 bytes leftover after parsing attributes in process `syz.2.1977'.
[  403.181921][T13538] syz_tun: left allmulticast mode
[  403.316872][T13545] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1983'.
[  403.861442][T13544] netlink: 3 bytes leftover after parsing attributes in process `syz.5.1984'.
[  403.866917][T13544] batadv1: entered allmulticast mode
[  403.930232][T13553] overlayfs: failed to clone upperpath
[  404.111328][T13560] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  404.113407][T13560] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  404.116033][T13560] vhci_hcd vhci_hcd.0: Device attached
[  404.617541][T13571] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.685918][T13561] vhci_hcd: connection closed
[  404.686164][ T6183] vhci_hcd vhci_hcd.1: stop threads
[  404.689650][ T6183] vhci_hcd vhci_hcd.1: release socket
[  404.692063][ T6183] vhci_hcd vhci_hcd.1: disconnect device
[  404.692353][ T6076] usb 40-1: SetAddress Request (50) to port 0
[  404.695885][ T6076] usb 40-1: new SuperSpeed USB device number 50 using vhci_hcd
[  404.749466][T13571] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.761518][   T59] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  404.809143][T13571] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  404.911606][   T59] usb 7-1: Using ep0 maxpacket: 32
[  404.915558][   T59] usb 7-1: config 1 interface 0 altsetting 6 bulk endpoint 0x1 has invalid maxpacket 16
[  404.918650][   T59] usb 7-1: config 1 interface 0 has no altsetting 0
[  404.922710][   T59] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  404.925590][   T59] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.928059][   T59] usb 7-1: Product: П
[  404.929421][   T59] usb 7-1: Manufacturer: 甆ꆥ�ⅎ⊿첢뙰尺쭔�檷䴘�㞜蠠킘�ê㹭傋䈣�ㅣǩ椨�篽ƭ�傘Ⳝ廸鄉ꦲ밙࡛痂瘲᤯칄䗴��识盫��⛻ꨎ拵䋜潧쬼
[  404.935771][   T59] usb 7-1: SerialNumber: syz
[  404.939245][T13570] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  404.949436][T13571] bridge0: port 3(netdevsim0) entered disabled state
[  404.959569][T13571] netdevsim netdevsim5 netdevsim0 (unregistering): left allmulticast mode
[  404.962749][T13571] netdevsim netdevsim5 netdevsim0 (unregistering): left promiscuous mode
[  404.965564][T13571] bridge0: port 3(netdevsim0) entered disabled state
[  404.970986][T13571] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.124981][ T6174] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  405.142428][ T6174] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  405.159753][ T6149] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  405.177204][ T6149] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  405.754672][T13588] overlay: Unknown parameter 'dont_measure'
[  405.929408][T13592] fuse: Bad value for 'fd'
[  405.933833][T13592] overlayfs: failed to clone upperpath
[  406.229343][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.237438][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  406.270261][T13595] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  406.275100][T13597] IPVS: set_ctl: invalid protocol: 103 172.30.0.2:4
[  406.295595][T13597] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  406.298513][T13597] overlayfs: overlapping lowerdir path
[  407.222505][T12294] hid_parser_main: 26 callbacks suppressed
[  407.222522][T12294] hid-generic 000B:0003:0004.001C: unknown main item tag 0x0
[  407.269062][T12294] hid-generic 000B:0003:0004.001C: unknown main item tag 0x0
[  407.272483][T12294] hid-generic 000B:0003:0004.001C: unknown main item tag 0x0
[  407.275675][T12294] hid-generic 000B:0003:0004.001C: unknown main item tag 0x0
[  407.392047][T12294] hid-generic 000B:0003:0004.001C: unknown main item tag 0x0
[  407.394563][T12294] hid-generic 000B:0003:0004.001C: unknown main item tag 0x0
[  407.396896][T12294] hid-generic 000B:0003:0004.001C: unknown main item tag 0x0
[  407.399218][T12294] hid-generic 000B:0003:0004.001C: unknown main item tag 0x0
[  407.402371][T12294] hid-generic 000B:0003:0004.001C: unknown main item tag 0x0
[  407.405071][T12294] hid-generic 000B:0003:0004.001C: unknown main item tag 0x0
[  407.409244][T12294] hid-generic 000B:0003:0004.001C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  407.441940][   T59] usb 7-1: USB disconnect, device number 16
[  407.498702][ T5960] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  407.611077][T13626] overlayfs: upper fs does not support file handles, falling back to index=off.
[  408.107879][T13633] 9p: Unknown access argument 18446744073709551615: -34
[  408.189337][T13640] input: syz0 as /devices/virtual/input/input27
[  408.951173][T12294] hid-generic 000B:0003:0004.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  409.490915][T13669] lo speed is unknown, defaulting to 1000
[  409.601686][T13683] overlayfs: upper fs does not support file handles, falling back to index=off.
[  409.719167][T13687] netlink: 'syz.6.2025': attribute type 4 has an invalid length.
[  409.721853][T13687] netlink: 152 bytes leftover after parsing attributes in process `syz.6.2025'.
[  409.726428][T13687] .`: renamed from bond0
[  409.769411][ T6076] usb 40-1: device descriptor read/8, error -110
[  410.016582][ T6076] usb 40-1: SetAddress Request (51) to port 0
[  410.019391][ T6076] usb 40-1: new SuperSpeed USB device number 51 using vhci_hcd
[  410.164837][T13700] overlayfs: failed to resolve './file1': -2
[  411.221660][T13729] lo speed is unknown, defaulting to 1000
[  411.237519][ T6030] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  411.250372][T13725] netlink: 'syz.1.2035': attribute type 4 has an invalid length.
[  411.253813][T13725] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2035'.
[  411.261584][T13725] wlan1: mtu less than device minimum
[  411.408675][ T6030] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  411.412749][ T6030] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  411.416947][ T6030] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[  411.421982][ T6030] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  411.425512][ T6030] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  411.430851][ T6030] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  411.433814][ T6030] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  411.436366][ T6030] usb 10-1: Product: syz
[  411.437995][ T6030] usb 10-1: Manufacturer: syz
[  411.449504][ T6030] cdc_wdm 10-1:1.0: skipping garbage
[  411.451307][ T6030] cdc_wdm 10-1:1.0: skipping garbage
[  411.457654][ T6030] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  411.459593][ T6030] cdc_wdm 10-1:1.0: Unknown control protocol
[  411.612498][T13738] mkiss: ax0: crc mode is auto.
[  412.076520][ T8840] usb 10-1: USB disconnect, device number 2
[  412.629675][T13760] netlink: 112 bytes leftover after parsing attributes in process `syz.1.2040'.
[  412.638469][T13758] vhci_hcd vhci_hcd.0: port 0 already used
[  413.136594][T13767] xt_ecn: cannot match TCP bits for non-tcp packets
[  413.150053][T13767] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2044'.
[  413.227322][T13777] overlayfs: failed to resolve './file1': -2
[  413.302384][T13779] overlayfs: failed to clone upperpath
[  414.122858][T13786] overlayfs: upper fs does not support file handles, falling back to index=off.
[  414.697437][ T5960] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  414.764048][T13809] overlayfs: upper fs does not support file handles, falling back to index=off.
[  414.779602][T13786] overlayfs: statfs failed on './file0'
[  414.809086][   T40] audit: type=1804 audit(1766034677.444:81883): pid=13810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2054" name="/newroot/155/bus/bus" dev="overlay" ino=913 res=1 errno=0
[  415.120648][ T6076] usb 40-1: device descriptor read/8, error -110
[  415.290971][ T6076] usb usb40-port1: attempt power cycle
[  415.420921][ T6076] usb 40-1: SetAddress Request (52) to port 0
[  415.423372][ T6076] usb 40-1: new SuperSpeed USB device number 52 using vhci_hcd
[  415.453675][T13822] xt_CT: You must specify a L4 protocol and not use inversions on it
[  417.209459][T13849] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2065'.
[  417.376666][ T5960] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  417.397347][T13862] overlayfs: upper fs does not support file handles, falling back to index=off.
[  418.020437][T13878] overlayfs: failed to clone upperpath
[  418.602303][T13888] netlink: 'syz.2.2078': attribute type 21 has an invalid length.
[  418.606787][T13888] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2078'.
[  418.799313][T12294] hid_parser_main: 26 callbacks suppressed
[  418.799326][T12294] hid-generic 000B:0003:0004.001E: unknown main item tag 0x0
[  418.809136][T12294] hid-generic 000B:0003:0004.001E: unknown main item tag 0x0
[  418.819140][T12294] hid-generic 000B:0003:0004.001E: unknown main item tag 0x0
[  418.822016][T12294] hid-generic 000B:0003:0004.001E: unknown main item tag 0x0
[  418.825453][T12294] hid-generic 000B:0003:0004.001E: unknown main item tag 0x0
[  418.828561][T12294] hid-generic 000B:0003:0004.001E: unknown main item tag 0x0
[  418.831778][T12294] hid-generic 000B:0003:0004.001E: unknown main item tag 0x0
[  418.841414][T12294] hid-generic 000B:0003:0004.001E: unknown main item tag 0x0
[  418.844595][T12294] hid-generic 000B:0003:0004.001E: unknown main item tag 0x0
[  418.847684][T12294] hid-generic 000B:0003:0004.001E: unknown main item tag 0x0
[  418.861927][T12294] hid-generic 000B:0003:0004.001E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  419.718684][T13898] fido_id[13898]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  419.762766][T13912] comedi comedi1: dac02: a I/O base address must be specified
[  420.485331][ T6076] usb 40-1: device descriptor read/8, error -110
[  420.527682][T12294] hid-generic 000B:0003:0004.001F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  420.735484][ T6076] usb 40-1: SetAddress Request (53) to port 0
[  420.752037][ T6076] usb 40-1: new SuperSpeed USB device number 53 using vhci_hcd
[  421.076606][T13940] xt_CT: No such helper "syz1"
[  421.634807][   T35] block nbd7: Possible stuck request ffff888026ca8000: control (read@0,1024B). Runtime 30 seconds
[  421.640330][   T35] block nbd7: Possible stuck request ffff888026ca8200: control (read@1024,1024B). Runtime 30 seconds
[  421.643886][   T35] block nbd7: Possible stuck request ffff888026ca8400: control (read@2048,1024B). Runtime 30 seconds
[  421.648067][   T35] block nbd7: Possible stuck request ffff888026ca8600: control (read@3072,1024B). Runtime 30 seconds
[  422.450614][T13973] overlayfs: failed to clone upperpath
[  422.541180][   T10] hid-generic 000B:0003:0004.0020: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  423.135445][T13982] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  423.138480][T13982] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  423.142878][T13982] vhci_hcd vhci_hcd.0: Device attached
[  423.161129][T13986] netlink: 'syz.5.2105': attribute type 1 has an invalid length.
[  423.181451][T13982] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  423.204918][T13986] 8021q: adding VLAN 0 to HW filter on device bond2
[  423.226826][T13990] netlink: 'syz.6.2106': attribute type 2 has an invalid length.
[  423.231664][T13990] netlink: 'syz.6.2106': attribute type 1 has an invalid length.
[  423.236457][T13990] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2106'.
[  423.417781][ T6017] usb 42-1: SetAddress Request (42) to port 0
[  423.419841][ T6017] usb 42-1: new SuperSpeed USB device number 42 using vhci_hcd
[  423.911005][T13983] vhci_hcd: connection reset by peer
[  423.922159][ T1256] vhci_hcd vhci_hcd.2: stop threads
[  423.924394][ T1256] vhci_hcd vhci_hcd.2: release socket
[  423.926999][ T1256] vhci_hcd vhci_hcd.2: disconnect device
[  424.081030][ T8840] hid_parser_main: 44 callbacks suppressed
[  424.081048][ T8840] hid-generic 000B:0003:0004.0021: unknown main item tag 0x0
[  424.086485][ T8840] hid-generic 000B:0003:0004.0021: unknown main item tag 0x0
[  424.094883][ T8840] hid-generic 000B:0003:0004.0021: unknown main item tag 0x0
[  424.097770][ T8840] hid-generic 000B:0003:0004.0021: unknown main item tag 0x0
[  424.486138][ T8840] hid-generic 000B:0003:0004.0021: unknown main item tag 0x0
[  424.491423][ T8840] hid-generic 000B:0003:0004.0021: unknown main item tag 0x0
[  424.494551][ T8840] hid-generic 000B:0003:0004.0021: unknown main item tag 0x0
[  424.497575][ T8840] hid-generic 000B:0003:0004.0021: unknown main item tag 0x0
[  424.500517][ T8840] hid-generic 000B:0003:0004.0021: unknown main item tag 0x0
[  424.502866][ T8840] hid-generic 000B:0003:0004.0021: unknown main item tag 0x0
[  424.509155][ T8840] hid-generic 000B:0003:0004.0021: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  424.532113][T14028] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  424.545815][T14028] block device autoloading is deprecated and will be removed.
[  424.848414][T14038] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  424.850573][T14038] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  424.869352][T14038] vhci_hcd vhci_hcd.0: Device attached
[  425.081019][T14048] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  425.170091][T14061] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2125'.
[  425.182538][T14048] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  425.242949][T14048] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  425.303744][T14048] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  425.381342][ T6154] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  425.390406][ T6154] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  425.397947][ T6154] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  425.406586][ T6154] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  425.530837][T14039] vhci_hcd: connection closed
[  425.531205][ T6154] vhci_hcd vhci_hcd.2: stop threads
[  425.535515][ T6154] vhci_hcd vhci_hcd.2: release socket
[  425.537841][ T6154] vhci_hcd vhci_hcd.2: disconnect device
[  425.636700][T14066] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2127'.
[  425.646387][T14066] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2127'.
[  425.861654][ T6076] usb 40-1: device descriptor read/8, error -110
[  425.970013][ T6076] usb usb40-port1: unable to enumerate USB device
[  426.679092][T14084] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  426.682522][T14084] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  426.763457][T14101] netlink: 752 bytes leftover after parsing attributes in process `syz.5.2137'.
[  426.767384][T14101] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2137'.
[  426.881612][T14113] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2140'.
[  426.905577][T14113] vxlan0: entered promiscuous mode
[  426.912975][ T6174] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  426.925226][ T6174] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  426.933273][ T6174] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  426.942132][ T6174] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  426.970589][T14117] fuse: Bad value for 'fd'
[  426.984729][T14117] overlayfs: upper fs does not support file handles, falling back to index=off.
[  427.114557][T14127] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2146'.
[  427.172339][T14129] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2147'.
[  427.351480][T14141] overlayfs: failed to clone upperpath
[  427.407148][ T5960] Bluetooth: hci3: unexpected event for opcode 0x0c1b
[  427.692689][T14152] netlink: 'syz.2.2154': attribute type 12 has an invalid length.
[  427.821143][T14158] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2156'.
[  428.492190][ T6017] usb 42-1: device descriptor read/8, error -110
[  428.552092][T12294] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  428.703414][T12294] usb 10-1: config 0 has no interfaces?
[  428.705196][T12294] usb 10-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  428.708018][T12294] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.711696][T12294] usb 10-1: config 0 descriptor??
[  428.732263][ T5960] Bluetooth: hci4: command 0x0c1a tx timeout
[  428.783451][T14186] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2163'.
[  428.789303][T14186] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2163'.
[  428.843529][T14193] overlayfs: failed to clone upperpath
[  428.896068][ T6017] usb usb42-port1: attempt power cycle
[  428.931582][T14205] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2171'.
[  429.203367][T14210] loop2: detected capacity change from 0 to 7
[  429.208181][ T6109] Dev loop2: unable to read RDB block 7
[  429.210062][ T6109]  loop2: unable to read partition table
[  429.211850][ T6109] loop2: partition table beyond EOD, truncated
[  429.259236][T14210] Dev loop2: unable to read RDB block 7
[  429.261242][T14210]  loop2: unable to read partition table
[  429.264364][T14210] loop2: partition table beyond EOD, truncated
[  429.267198][T14210] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  429.273241][T14209] overlayfs: failed to clone upperpath
[  429.533567][ T6017] usb usb42-port1: unable to enumerate USB device
[  429.593028][T13315] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  429.753213][T13315] usb 6-1: Using ep0 maxpacket: 16
[  429.757306][T13315] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  429.760405][T13315] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  429.764038][T13315] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  429.768726][T13315] usb 6-1: config 1 interface 0 has no altsetting 0
[  429.772603][T13315] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  429.775834][T13315] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.778373][T13315] usb 6-1: Product: syz
[  429.779702][T13315] usb 6-1: Manufacturer: syz
[  429.781182][T13315] usb 6-1: SerialNumber: syz
[  430.036174][T14215] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2172'.
[  431.124271][ T6010] usb 10-1: USB disconnect, device number 3
[  431.523249][ T5960] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  431.529684][T14230] overlayfs: upper fs does not support file handles, falling back to index=off.
[  431.855179][T13315] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 23 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  431.865750][T13315] usb 6-1: USB disconnect, device number 23
[  431.869473][T13315] usblp0: removed
[  432.104008][T14239] input: syz1 as /devices/virtual/input/input28
[  432.176580][T14244] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  432.345515][T12294] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  432.353804][T14249] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2184'.
[  432.462633][T14254] overlay: Bad value for 'uuid'
[  432.505414][T12294] usb 7-1: Using ep0 maxpacket: 8
[  432.509025][T12294] usb 7-1: config 162 has an invalid interface number: 166 but max is 0
[  432.512160][T12294] usb 7-1: config 162 has no interface number 0
[  432.514663][T12294] usb 7-1: config 162 interface 166 has no altsetting 0
[  432.519327][T12294] usb 7-1: New USB device found, idVendor=05ac, idProduct=921d, bcdDevice=d3.ea
[  432.522068][T12294] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  432.524769][T12294] usb 7-1: Product: syz
[  432.526384][T12294] usb 7-1: Manufacturer: syz
[  432.528048][T12294] usb 7-1: SerialNumber: syz
[  432.613011][T14260] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[  432.615165][T14260] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  432.618314][T14260] vhci_hcd vhci_hcd.0: Device attached
[  432.628976][T14260] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2184'.
[  432.746916][T12294] appledisplay 7-1:162.166: Could not find int-in endpoint
[  432.750439][T12294] usbhid 7-1:162.166: couldn't find an input interrupt endpoint
[  432.777229][T12294] usb 7-1: USB disconnect, device number 17
[  432.905775][ T5947] usb 48-1: SetAddress Request (11) to port 0
[  432.911517][ T5947] usb 48-1: new SuperSpeed USB device number 11 using vhci_hcd
[  432.957037][T14280] overlayfs: upper fs does not support file handles, falling back to index=off.
[  433.205398][T14261] vhci_hcd: connection reset by peer
[  433.209443][ T1256] vhci_hcd vhci_hcd.5: stop threads
[  433.211596][ T1256] vhci_hcd vhci_hcd.5: release socket
[  433.214082][ T1256] vhci_hcd vhci_hcd.5: disconnect device
[  434.530221][T14315] input: syz1 as /devices/virtual/input/input29
[  434.659973][T14325] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2205'.
[  434.666281][   T40] audit: type=1326 audit(1766034697.287:81884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14323 comm="syz.2.2207" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fd598 code=0x7ffc0000
[  434.666591][T14325] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2205'.
[  434.676635][   T40] audit: type=1326 audit(1766034697.297:81885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14323 comm="syz.2.2207" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fd598 code=0x7ffc0000
[  434.683523][   T40] audit: type=1326 audit(1766034697.307:81886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14323 comm="syz.2.2207" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fd598 code=0x7ffc0000
[  434.690525][   T40] audit: type=1326 audit(1766034697.307:81887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14323 comm="syz.2.2207" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fd598 code=0x7ffc0000
[  434.697074][   T40] audit: type=1326 audit(1766034697.307:81888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14323 comm="syz.2.2207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  434.704354][   T40] audit: type=1326 audit(1766034697.307:81889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14323 comm="syz.2.2207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  434.711310][   T40] audit: type=1326 audit(1766034697.307:81890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14323 comm="syz.2.2207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  434.718268][   T40] audit: type=1326 audit(1766034697.307:81891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14323 comm="syz.2.2207" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fd598 code=0x7ffc0000
[  434.725006][   T40] audit: type=1326 audit(1766034697.317:81892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14323 comm="syz.2.2207" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fd598 code=0x7ffc0000
[  434.731739][   T40] audit: type=1326 audit(1766034697.317:81893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14323 comm="syz.2.2207" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70fd598 code=0x7ffc0000
[  434.847467][ T6011] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  434.997717][ T6011] usb 6-1: Using ep0 maxpacket: 8
[  435.000727][ T6011] usb 6-1: config 162 has an invalid interface number: 166 but max is 0
[  435.003401][ T6011] usb 6-1: config 162 has no interface number 0
[  435.005849][ T6011] usb 6-1: config 162 interface 166 has no altsetting 0
[  435.010467][ T6011] usb 6-1: New USB device found, idVendor=05ac, idProduct=921d, bcdDevice=d3.ea
[  435.013188][ T6011] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.019077][ T6011] usb 6-1: Product: syz
[  435.021793][ T6011] usb 6-1: Manufacturer: syz
[  435.023251][ T6011] usb 6-1: SerialNumber: syz
[  435.250832][ T6011] appledisplay 6-1:162.166: Could not find int-in endpoint
[  435.253557][ T6011] usbhid 6-1:162.166: couldn't find an input interrupt endpoint
[  435.257936][ T6011] usb 6-1: USB disconnect, device number 24
[  435.781892][T14343] sctp: [Deprecated]: syz.5.2210 (pid 14343) Use of struct sctp_assoc_value in delayed_ack socket option.
[  435.781892][T14343] Use struct sctp_sack_info instead
[  436.361829][T14356] overlayfs: failed to clone upperpath
[  437.459639][T12294] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  437.599621][T12294] usb 6-1: device descriptor read/64, error -71
[  437.839862][T12294] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  437.950151][ T5947] usb 48-1: device descriptor read/8, error -110
[  437.989948][T12294] usb 6-1: device descriptor read/64, error -71
[  438.100389][T12294] usb usb6-port1: attempt power cycle
[  438.342108][ T5947] usb usb48-port1: attempt power cycle
[  438.440402][T12294] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  438.461074][T12294] usb 6-1: device descriptor read/8, error -71
[  438.703553][T12294] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  438.751414][T12294] usb 6-1: device descriptor read/8, error -71
[  438.802963][T14406] rdma_rxe: rxe_newlink: failed to add ip6_vti0
[  438.861095][T12294] usb usb6-port1: unable to enumerate USB device
[  438.941538][ T5947] usb usb48-port1: unable to enumerate USB device
[  439.260696][T14420] siw: device registration error -23
[  439.350439][   T34] hid_parser_main: 8 callbacks suppressed
[  439.350451][   T34] hid-generic 000B:0003:0004.0022: unknown main item tag 0x0
[  439.357427][   T34] hid-generic 000B:0003:0004.0022: unknown main item tag 0x0
[  439.359763][   T34] hid-generic 000B:0003:0004.0022: unknown main item tag 0x0
[  439.363464][   T34] hid-generic 000B:0003:0004.0022: unknown main item tag 0x0
[  439.366586][   T34] hid-generic 000B:0003:0004.0022: unknown main item tag 0x0
[  439.370642][   T34] hid-generic 000B:0003:0004.0022: unknown main item tag 0x0
[  439.373135][   T34] hid-generic 000B:0003:0004.0022: unknown main item tag 0x0
[  439.375410][   T34] hid-generic 000B:0003:0004.0022: unknown main item tag 0x0
[  439.377628][   T34] hid-generic 000B:0003:0004.0022: unknown main item tag 0x0
[  439.379774][   T34] hid-generic 000B:0003:0004.0022: unknown main item tag 0x0
[  439.386221][   T34] hid-generic 000B:0003:0004.0022: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  439.838984][   T34] hid-generic 000B:0003:0004.0023: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  439.988734][T14434] bond0: (slave vlan1): Device is not bonding slave
[  439.990830][T14434] bond0: option active_slave: invalid value (vlan1)
[  439.994504][T14434] bond0 (unregistering): Released all slaves
[  440.131571][T14441] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2238'.
[  440.135433][T14441] netlink: 'syz.6.2238': attribute type 21 has an invalid length.
[  440.314541][T14446] input: syz1 as /devices/virtual/input/input31
[  440.412020][ T6010] usb 7-1: new full-speed USB device number 18 using dummy_hcd
[  440.563834][ T6010] usb 7-1: config 0 has an invalid interface number: 133 but max is 0
[  440.566646][ T6010] usb 7-1: config 0 has no interface number 0
[  440.573631][ T6010] usb 7-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  440.576641][ T6010] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.582275][   T59] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  440.585850][ T6010] usb 7-1: Product: syz
[  440.587463][ T6010] usb 7-1: Manufacturer: syz
[  440.591502][ T6010] usb 7-1: SerialNumber: syz
[  440.602088][ T6010] usb 7-1: config 0 descriptor??
[  440.703335][T14466] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2247'.
[  440.744464][   T59] usb 6-1: Using ep0 maxpacket: 8
[  440.747565][   T59] usb 6-1: config 162 has an invalid interface number: 166 but max is 0
[  440.750353][   T59] usb 6-1: config 162 has no interface number 0
[  440.752715][   T59] usb 6-1: config 162 interface 166 has no altsetting 0
[  440.756645][   T59] usb 6-1: New USB device found, idVendor=05ac, idProduct=921d, bcdDevice=d3.ea
[  440.759640][   T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.762258][   T59] usb 6-1: Product: syz
[  440.763673][   T59] usb 6-1: Manufacturer: syz
[  440.765255][   T59] usb 6-1: SerialNumber: syz
[  440.979343][   T59] appledisplay 6-1:162.166: Could not find int-in endpoint
[  440.986242][   T59] usbhid 6-1:162.166: couldn't find an input interrupt endpoint
[  441.005942][   T59] usb 6-1: USB disconnect, device number 29
[  441.539200][T14473] lo speed is unknown, defaulting to 1000
[  442.156675][T14477] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2249'.
[  442.163684][T14477] vlan3: entered promiscuous mode
[  442.165436][T14477] gretap0: entered promiscuous mode
[  442.313750][ T5947] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  442.474937][ T5947] usb 6-1: config 0 has no interfaces?
[  442.477185][ T5947] usb 6-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  442.481187][ T5947] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.492590][ T5947] usb 6-1: config 0 descriptor??
[  442.515040][T14492] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2253'.
[  442.518923][T14492] netlink: 260 bytes leftover after parsing attributes in process `syz.5.2253'.
[  442.625628][T14496] rdma_rxe: rxe_newlink: failed to add ip6_vti0
[  443.033861][T14505] fuse: Bad value for 'fd'
[  443.039068][ T6010] keyspan 7-1:0.133: Keyspan 1 port adapter converter detected
[  443.043367][T14505] overlayfs: failed to clone upperpath
[  443.103630][ T6030] hid-generic 000B:0003:0004.0025: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  443.167994][   T59] hid-generic 000B:0003:0004.0024: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  443.175030][ T6010] keyspan 7-1:0.133: found no endpoint descriptor for endpoint 81
[  443.177341][ T6010] keyspan 7-1:0.133: found no endpoint descriptor for endpoint 1
[  443.179778][ T6010] keyspan 7-1:0.133: found no endpoint descriptor for endpoint 2
[  443.194283][ T6010] usb 7-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  443.199746][ T6010] usb 7-1: USB disconnect, device number 18
[  443.225037][ T6010] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  443.228344][ T6010] keyspan 7-1:0.133: device disconnected
[  443.541921][T14518] bond1: (slave veth0_to_bond): Releasing active interface
[  443.545104][T14518] bond1: (slave veth0_to_bond): the permanent HWaddr of slave - aa:aa:aa:aa:aa:1d - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  443.554424][T14518] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  443.589186][T14518] netlink: 'syz.6.2264': attribute type 10 has an invalid length.
[  443.592837][T14518] netlink: 2188 bytes leftover after parsing attributes in process `syz.6.2264'.
[  444.011184][T14529] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2268'.
[  444.011323][T14530] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2268'.
[  444.062055][T14532] overlayfs: upper fs does not support file handles, falling back to index=off.
[  444.151385][T14536] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  444.159121][T14536] Cannot find add_set index 0 as target
[  444.245150][ T6030] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  444.455304][   T10] usb 7-1: new full-speed USB device number 19 using dummy_hcd
[  444.467438][ T6030] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  444.479291][ T6030] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  444.483271][ T6030] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  444.486601][ T6030] usb 10-1: Product: syz
[  444.488333][ T6030] usb 10-1: Manufacturer: syz
[  444.490188][ T6030] usb 10-1: SerialNumber: syz
[  444.549064][T14544] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2274'.
[  444.552127][T14544] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2274'.
[  444.618011][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[  444.622863][   T10] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  444.628911][   T10] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  444.632375][   T10] usb 7-1: Product: syz
[  444.634201][   T10] usb 7-1: Manufacturer: syz
[  444.640874][   T10] usb 7-1: SerialNumber: syz
[  444.651551][   T10] usb 7-1: config 0 descriptor??
[  444.660351][   T10] usb 7-1: selecting invalid altsetting 0
[  444.667167][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  444.670212][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  444.720124][ T6030] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  444.811489][ T6030] usb 6-1: USB disconnect, device number 30
[  444.860109][T14535] ==================================================================
[  444.862735][T14535] BUG: KASAN: slab-out-of-bounds in copy_to_urb.constprop.0+0x30f/0x440
[  444.865380][T14535] Write of size 264 at addr ffff8880234ae800 by task syz.2.2270/14535
[  444.869959][T14535] 
[  444.870827][T14535] CPU: 1 UID: 0 PID: 14535 Comm: syz.2.2270 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  444.870843][T14535] Tainted: [L]=SOFTLOCKUP
[  444.870847][T14535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  444.870853][T14535] Call Trace:
[  444.870857][T14535]  <TASK>
[  444.870861][T14535]  dump_stack_lvl+0x116/0x1f0
[  444.870879][T14535]  print_report+0xcd/0x630
[  444.870902][T14535]  ? __virt_addr_valid+0x81/0x610
[  444.870919][T14535]  ? __phys_addr+0xe8/0x180
[  444.870934][T14535]  ? copy_to_urb.constprop.0+0x30f/0x440
[  444.870947][T14535]  kasan_report+0xe0/0x110
[  444.870962][T14535]  ? copy_to_urb.constprop.0+0x30f/0x440
[  444.870976][T14535]  kasan_check_range+0x100/0x1b0
[  444.870986][T14535]  __asan_memcpy+0x3c/0x60
[  444.870999][T14535]  copy_to_urb.constprop.0+0x30f/0x440
[  444.871013][T14535]  prepare_playback_urb+0xc3b/0x1e70
[  444.871032][T14535]  ? __pfx_prepare_playback_urb+0x10/0x10
[  444.871045][T14535]  ? __lock_acquire+0x436/0x2890
[  444.871056][T14535]  prepare_outbound_urb+0x419/0xdd0
[  444.871071][T14535]  ? __pfx_prepare_playback_urb+0x10/0x10
[  444.871083][T14535]  ? _copy_from_iter+0x161/0x16c0
[  444.871095][T14535]  ? find_held_lock+0x2b/0x80
[  444.871107][T14535]  ? __pfx_prepare_outbound_urb+0x10/0x10
[  444.871121][T14535]  ? __pfx__copy_from_iter+0x10/0x10
[  444.871132][T14535]  ? mark_held_locks+0x49/0x80
[  444.871140][T14535]  ? finish_task_switch.isra.0+0x207/0xbd0
[  444.871155][T14535]  snd_usb_endpoint_start+0x42c/0x1040
[  444.871165][T14535]  ? __pfx_snd_usb_endpoint_start+0x10/0x10
[  444.871175][T14535]  ? do_transfer+0x17a/0x210
[  444.871190][T14535]  start_endpoints+0xfb/0x1d0
[  444.871202][T14535]  snd_usb_substream_playback_trigger+0x6a0/0x870
[  444.871215][T14535]  snd_pcm_do_start+0xd4/0x1f0
[  444.871230][T14535]  snd_pcm_action_single+0x80/0x150
[  444.871243][T14535]  snd_pcm_action+0x70/0x90
[  444.871258][T14535]  __snd_pcm_lib_xfer+0x1403/0x1ef0
[  444.871268][T14535]  ? __pfx_default_write_copy+0x10/0x10
[  444.871283][T14535]  ? __pfx_interleaved_copy+0x10/0x10
[  444.871298][T14535]  ? __pfx___snd_pcm_lib_xfer+0x10/0x10
[  444.871308][T14535]  ? write_comp_data+0x3/0x90
[  444.871324][T14535]  snd_pcm_oss_write3+0xcf/0x1e0
[  444.871339][T14535]  io_playback_transfer+0x26e/0x2f0
[  444.871352][T14535]  snd_pcm_plug_write_transfer+0x2cf/0x400
[  444.871364][T14535]  ? __pfx_snd_pcm_plug_write_transfer+0x10/0x10
[  444.871376][T14535]  ? snd_pcm_format_physical_width+0x76/0xa0
[  444.871388][T14535]  ? snd_pcm_plug_client_channels_buf+0x212/0x450
[  444.871401][T14535]  snd_pcm_oss_write2+0x24a/0x410
[  444.871411][T14535]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  444.871421][T14535]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[  444.871434][T14535]  ? snd_pcm_oss_prepare+0x11e/0x240
[  444.871450][T14535]  snd_pcm_oss_write+0x710/0xa10
[  444.871461][T14535]  ? security_file_permission+0x71/0x210
[  444.871476][T14535]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  444.871487][T14535]  vfs_write+0x2a0/0x11d0
[  444.871502][T14535]  ? __pfx_vfs_write+0x10/0x10
[  444.871514][T14535]  ? find_held_lock+0x2b/0x80
[  444.871526][T14535]  ? __fget_files+0x204/0x3c0
[  444.871541][T14535]  ? __fget_files+0x20e/0x3c0
[  444.871555][T14535]  ksys_write+0x12a/0x250
[  444.871568][T14535]  ? __pfx_ksys_write+0x10/0x10
[  444.871583][T14535]  __do_fast_syscall_32+0xe8/0x680
[  444.871599][T14535]  do_fast_syscall_32+0x32/0x80
[  444.871614][T14535]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  444.871628][T14535] RIP: 0023:0xf70fd579
[  444.871636][T14535] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  444.871646][T14535] RSP: 002b:00000000f54ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  444.871657][T14535] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000640
[  444.871663][T14535] RDX: 00000000000005ce RSI: 0000000000000000 RDI: 0000000000000000
[  444.871669][T14535] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  444.871675][T14535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  444.871681][T14535] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  444.871690][T14535]  </TASK>
[  444.871694][T14535] 
[  444.914367][T12294] hid_parser_main: 62 callbacks suppressed
[  444.914384][T12294] hid-generic 000B:0003:0004.0026: unknown main item tag 0x0
[  444.914485][T14535] Allocated by task 14535:
[  444.974018][T12294] hid-generic 000B:0003:0004.0026: unknown main item tag 0x0
[  444.975609][T14535]  kasan_save_stack+0x33/0x60
[  444.975634][T14535]  kasan_save_track+0x14/0x30
[  444.975650][T14535]  __kasan_kmalloc+0xaa/0xb0
[  444.975666][T14535]  __kmalloc_noprof+0x33d/0x910
[  444.975679][T14535]  hcd_buffer_alloc+0x1f5/0x290
[  444.975696][T14535]  usb_alloc_coherent+0x5f/0xa0
[  444.975711][T14535]  snd_usb_endpoint_set_params+0x18c8/0x2980
[  444.981297][T12294] hid-generic 000B:0003:0004.0026: unknown main item tag 0x0
[  445.037660][T14535]  snd_usb_hw_params+0x715/0x1070
[  445.039281][T14535]  snd_pcm_hw_params+0xafc/0x1ba0
[  445.040899][T14535]  snd_pcm_kernel_ioctl+0x147/0x2e0
[  445.042571][T14535]  snd_pcm_oss_change_params_locked+0x15ab/0x3ab0
[  445.044621][T14535]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  445.046523][T14535]  snd_pcm_oss_write+0x4c2/0xa10
[  445.048123][T14535]  vfs_write+0x2a0/0x11d0
[  445.049538][T14535]  ksys_write+0x12a/0x250
[  445.050963][T14535]  __do_fast_syscall_32+0xe8/0x680
[  445.052620][T14535]  do_fast_syscall_32+0x32/0x80
[  445.054181][T14535]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  445.056197][T14535] 
[  445.056990][T14535] The buggy address belongs to the object at ffff8880234ae800
[  445.056990][T14535]  which belongs to the cache kmalloc-256 of size 256
[  445.061355][T14535] The buggy address is located 0 bytes inside of
[  445.061355][T14535]  allocated 240-byte region [ffff8880234ae800, ffff8880234ae8f0)
[  445.065683][T14535] 
[  445.066465][T14535] The buggy address belongs to the physical page:
[  445.068490][T14535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x234ae
[  445.071233][T14535] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  445.073891][T14535] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  445.076401][T14535] page_type: f5(slab)
[  445.077670][T14535] raw: 00fff00000000040 ffff88801b442b40 ffffea00004ce600 dead000000000005
[  445.080388][T14535] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  445.083078][T14535] head: 00fff00000000040 ffff88801b442b40 ffffea00004ce600 dead000000000005
[  445.085808][T14535] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  445.088463][T14535] head: 00fff00000000001 ffffea00008d2b81 00000000ffffffff 00000000ffffffff
[  445.091176][T14535] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  445.094087][T14535] page dumped because: kasan: bad access detected
[  445.096099][T14535] page_owner tracks the page as allocated
[  445.097922][T14535] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 11682, tgid 11682 (syz-executor), ts 289853019338, free_ts 287732278173
[  445.104448][T14535]  post_alloc_hook+0x1af/0x220
[  445.105976][T14535]  get_page_from_freelist+0xd0b/0x31a0
[  445.107710][T14535]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  445.109598][T14535]  new_slab+0xaf/0x430
[  445.110892][T14535]  ___slab_alloc+0xe18/0x1c90
[  445.112414][T14535]  __slab_alloc.constprop.0+0x63/0x110
[  445.114142][T14535]  __kmalloc_node_noprof+0x4d8/0x930
[  445.115904][T14535]  alloc_slab_obj_exts+0x43/0xf0
[  445.117669][T14535]  new_slab+0x353/0x430
[  445.119407][T14535]  ___slab_alloc+0xe18/0x1c90
[  445.121299][T14535]  __slab_alloc.constprop.0+0x63/0x110
[  445.123391][T14535]  kmem_cache_alloc_lru_noprof+0x451/0x770
[  445.125247][T14535]  alloc_inode+0x64/0x240
[  445.126630][T14535]  new_inode+0x22/0x1c0
[  445.127959][T14535]  __debugfs_create_file+0x105/0x530
[  445.129660][T14535]  debugfs_create_file_unsafe+0x3c/0x50
[  445.131412][T14535] page last free pid 33 tgid 33 stack trace:
[  445.133357][T14535]  __free_frozen_pages+0x7df/0x1170
[  445.135001][T14535]  rcu_core+0x79c/0x15f0
[  445.136352][T14535]  handle_softirqs+0x219/0x950
[  445.137900][T14535]  run_ksoftirqd+0x3a/0x60
[  445.139319][T14535]  smpboot_thread_fn+0x3f7/0xae0
[  445.140910][T14535]  kthread+0x3c5/0x780
[  445.142225][T14535]  ret_from_fork+0x983/0xb10
[  445.143712][T14535]  ret_from_fork_asm+0x1a/0x30
[  445.145269][T14535] 
[  445.146044][T14535] Memory state around the buggy address:
[  445.147827][T14535]  ffff8880234ae780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  445.150357][T14535]  ffff8880234ae800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  445.152965][T14535] >ffff8880234ae880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[  445.155481][T14535]                                                              ^
[  445.157912][T14535]  ffff8880234ae900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  445.160428][T14535]  ffff8880234ae980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  445.162937][T14535] ==================================================================
[  445.165446][T14535] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  445.167646][T14535] CPU: 1 UID: 0 PID: 14535 Comm: syz.2.2270 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  445.171005][T14535] Tainted: [L]=SOFTLOCKUP
[  445.172430][T14535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  445.176046][T14535] Call Trace:
[  445.177154][T14535]  <TASK>
[  445.178114][T14535]  dump_stack_lvl+0x3d/0x1f0
[  445.179606][T14535]  vpanic+0x640/0x6f0
[  445.180871][T14535]  panic+0xca/0xd0
[  445.182209][T14535]  ? __pfx_panic+0x10/0x10
[  445.183882][T14535]  ? end_report+0x4c/0x160
[  445.185320][T14535]  ? rcu_is_watching+0x12/0xc0
[  445.186854][T14535]  ? lock_release+0x201/0x2d0
[  445.188346][T14535]  check_panic_on_warn+0xab/0xb0
[  445.189918][T14535]  end_report+0x107/0x160
[  445.191282][T14535]  kasan_report+0xee/0x110
[  445.192727][T14535]  ? copy_to_urb.constprop.0+0x30f/0x440
[  445.194483][T14535]  kasan_check_range+0x100/0x1b0
[  445.196043][T14535]  __asan_memcpy+0x3c/0x60
[  445.197514][T14535]  copy_to_urb.constprop.0+0x30f/0x440
[  445.199234][T14535]  prepare_playback_urb+0xc3b/0x1e70
[  445.200912][T14535]  ? __pfx_prepare_playback_urb+0x10/0x10
[  445.202703][T14535]  ? __lock_acquire+0x436/0x2890
[  445.204265][T14535]  prepare_outbound_urb+0x419/0xdd0
[  445.205929][T14535]  ? __pfx_prepare_playback_urb+0x10/0x10
[  445.207720][T14535]  ? _copy_from_iter+0x161/0x16c0
[  445.209327][T14535]  ? find_held_lock+0x2b/0x80
[  445.210837][T14535]  ? __pfx_prepare_outbound_urb+0x10/0x10
[  445.212749][T14535]  ? __pfx__copy_from_iter+0x10/0x10
[  445.214643][T14535]  ? mark_held_locks+0x49/0x80
[  445.216169][T14535]  ? finish_task_switch.isra.0+0x207/0xbd0
[  445.218006][T14535]  snd_usb_endpoint_start+0x42c/0x1040
[  445.219738][T14535]  ? __pfx_snd_usb_endpoint_start+0x10/0x10
[  445.221602][T14535]  ? do_transfer+0x17a/0x210
[  445.223410][T14535]  start_endpoints+0xfb/0x1d0
[  445.224911][T14535]  snd_usb_substream_playback_trigger+0x6a0/0x870
[  445.226924][T14535]  snd_pcm_do_start+0xd4/0x1f0
[  445.228453][T14535]  snd_pcm_action_single+0x80/0x150
[  445.230092][T14535]  snd_pcm_action+0x70/0x90
[  445.231537][T14535]  __snd_pcm_lib_xfer+0x1403/0x1ef0
[  445.233177][T14535]  ? __pfx_default_write_copy+0x10/0x10
[  445.235120][T14535]  ? __pfx_interleaved_copy+0x10/0x10
[  445.236888][T14535]  ? __pfx___snd_pcm_lib_xfer+0x10/0x10
[  445.238634][T14535]  ? write_comp_data+0x3/0x90
[  445.240131][T14535]  snd_pcm_oss_write3+0xcf/0x1e0
[  445.241708][T14535]  io_playback_transfer+0x26e/0x2f0
[  445.243368][T14535]  snd_pcm_plug_write_transfer+0x2cf/0x400
[  445.245221][T14535]  ? __pfx_snd_pcm_plug_write_transfer+0x10/0x10
[  445.247211][T14535]  ? snd_pcm_format_physical_width+0x76/0xa0
[  445.249119][T14535]  ? snd_pcm_plug_client_channels_buf+0x212/0x450
[  445.251143][T14535]  snd_pcm_oss_write2+0x24a/0x410
[  445.252789][T14535]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  445.254533][T14535]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[  445.256231][T14535]  ? snd_pcm_oss_prepare+0x11e/0x240
[  445.257916][T14535]  snd_pcm_oss_write+0x710/0xa10
[  445.259501][T14535]  ? security_file_permission+0x71/0x210
[  445.261272][T14535]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  445.263128][T14535]  vfs_write+0x2a0/0x11d0
[  445.264503][T14535]  ? __pfx_vfs_write+0x10/0x10
[  445.266027][T14535]  ? find_held_lock+0x2b/0x80
[  445.267519][T14535]  ? __fget_files+0x204/0x3c0
[  445.269024][T14535]  ? __fget_files+0x20e/0x3c0
[  445.270531][T14535]  ksys_write+0x12a/0x250
[  445.271909][T14535]  ? __pfx_ksys_write+0x10/0x10
[  445.273473][T14535]  __do_fast_syscall_32+0xe8/0x680
[  445.275096][T14535]  do_fast_syscall_32+0x32/0x80
[  445.276697][T14535]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  445.278658][T14535] RIP: 0023:0xf70fd579
[  445.279925][T14535] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  445.285864][T14535] RSP: 002b:00000000f54ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  445.288420][T14535] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000640
[  445.290894][T14535] RDX: 00000000000005ce RSI: 0000000000000000 RDI: 0000000000000000
[  445.293366][T14535] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  445.295777][T14535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  445.298271][T14535] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  445.300803][T14535]  </TASK>
[  445.302483][T14535] Kernel Offset: disabled
[  445.303874][T14535] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:03:15  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000a7f38b RBX=0000000000000000 RCX=ffffffff8b7566d9 RDX=0000000000000000
RSI=ffffffff8daca1ff RDI=ffffffff8bf2b500 RBP=fffffbfff1c12f68 RSP=ffffffff8e007df8
R8 =0000000000000001 R9 =ffffed100564673d R10=ffff88802b2339eb R11=ffffffff8e098670
R12=0000000000000000 R13=ffffffff8e097b40 R14=ffffffff9088e2d0 R15=0000000000000000
RIP=ffffffff8b754dcf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976fd000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73cf41c CR3=000000005ff59000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 150ad4c0fda0fd65 5aad3bb03269c7fc
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 aba55ca533718353 a5d9a10c2e37a2c8
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 357a0a18a5119b86 26e4410f202605b9
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d223adeb1fcfb8b8 7a658589f8901ff0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000b780
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7a5214c6010e7ddf 52a000009fde0000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7c227c48010e7e57 8ade0000cb8e0080
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 15fb636e85eeb11d 0000010e0000010e
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 01000000010e7efe 010e7eb100800100
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a788c20a62e2f700 6942a93174f5bfbb
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 308012dbdf1fc6ff 40eb6c53e9787d0d
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85300f25 RDI=ffffffff9aed82a0 RBP=ffffffff9aed8260 RSP=ffffc900047e6e70
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3230383838667257
R12=0000000000000000 R13=0000000000000030 R14=ffffffff9aed8260 R15=ffffffff85300ec0
RIP=ffffffff85300f4f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977fd000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f748762c CR3=0000000052097000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=ffff8880404b3c00 RCX=0000000000000100 RDX=0000000000000001
RSI=0000000000000002 RDI=ffff8880404b3c02 RBP=dffffc0000000000 RSP=ffffc90003d8f020
R8 =0000000000000001 R9 =ffff88802b43bd14 R10=ffff8880404b3c03 R11=ffff88802416aff0
R12=00000000000077c4 R13=0000000000000000 R14=ffff88802b43bd00 R15=ffffed1008096780
RIP=ffffffff8b784e58 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007ffb57d47300 ffffffff 00c00000
GS =0000 ffff8880978fd000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000558f370e4f40 CR3=00000000280b9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=f569ed93fe53de2e 4e17505be74d0e10 f569ed93fe53de2e 4e17505be74d0e10 f569ed93fe53de2e 4e17505be74d0e10 f569ed93fe53de2e 4e17505be74d0e10
ZMM18=6eb512a34f3792f7 d12977e6438bab78 6eb512a34f3792f7 d12977e6438bab78 6eb512a34f3792f7 d12977e6438bab78 6eb512a34f3792f7 d12977e6438bab78
ZMM19=de11000000000000 0000000000000004 de11000000000000 0000000000000003 de11000000000000 0000000000000002 de11000000000000 0000000000000001
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 020002a80301c802 0002a60340020002 a40300020002a203 14020002a0030008
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000298031785f4d2 0800029003048004 00028c0340040002 8803018808000280
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0302800204800304 8002019003000800 0188030fffffffff 0201800300080006
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000806060168bc04 c0a0a0a0080001b0 0300080001a80300 080001a003020800
ZMM25=6abff5466abff546 6abff5466abff546 6abff5466abff546 6abff5466abff546 6abff5466abff546 6abff5466abff546 6abff5466abff546 6abff5466abff546
ZMM26=9f900a3c9f900a3c 9f900a3c9f900a3c 9f900a3c9f900a3c 9f900a3c9f900a3c 9f900a3c9f900a3c 9f900a3c9f900a3c 9f900a3c9f900a3c 9f900a3c9f900a3c
ZMM27=6af306386af30638 6af306386af30638 6af306386af30638 6af306386af30638 6af306386af30638 6af306386af30638 6af306386af30638 6af306386af30638
ZMM28=000000e0000000df 000000de000000dd 000000dc000000db 000000da000000d9 000000d8000000d7 000000d6000000d5 000000d4000000d3 000000d2000000d1
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=f61f0000f61f0000 f61f0000f61f0000 f61f0000f61f0000 f61f0000f61f0000 f61f0000f61f0000 f61f0000f61f0000 f61f0000f61f0000 f61f0000f61f0000
info registers vcpu 3

CPU#3
RAX=ffffc90000415000 RBX=ffff8880404b3c00 RCX=ffffffff819dc049 RDX=1ffff11004300087
RSI=ffffffff863cbe44 RDI=ffff888021800438 RBP=0000000000000001 RSP=ffffc900005e8e98
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=ffff88801da90b30
R12=ffffc90000415008 R13=ffff888021800428 R14=ffff888027634800 R15=0000000000000000
RIP=ffffffff863cbe92 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979fd000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f729de30 CR3=0000000051425000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000