last executing test programs:

2m33.444227834s ago: executing program 3 (id=843):
socket$inet_smc(0x2b, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r1 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
add_key(0x0, &(0x7f0000000180), 0x0, 0x0, r1)
arch_prctl$ARCH_SHSTK_ENABLE(0x1011, 0x0)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r2, 0x1)

2m32.295752471s ago: executing program 3 (id=845):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
link(&(0x7f0000000180)='./file1\x00', &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff}, 0x0)
dup(r2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRESHEX=r3, @ANYBLOB])
ptrace$getenv(0x4201, r1, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f0000000040), 0xa, 0x0)
getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x0)
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2m30.924875743s ago: executing program 3 (id=848):
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x40)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000013c0)={0x3, 0x2, 0x2, {0x5, @vbi={0x7, 0x0, 0x3, 0x0, [0x0, 0x8000000], [0x8200, 0x1]}}})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xc9, 0x8a, 0x26, 0x20, 0xb95, 0x7e2b, 0xeb19, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xd5, 0x0, 0x0, 0xa1, 0xa7, 0xf1}}]}}]}}, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000c40), r2)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r2, 0x0, 0x4040004)
ioctl$VIDIOC_QBUF(r0, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x10, 0x0, {}, {0x2, 0x8, 0x0, 0x4, 0x0, 0x4, "001500"}, 0x0, 0x2, {}, 0x18603})

2m29.969673713s ago: executing program 1 (id=851):
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[], 0xff52)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)
io_uring_setup(0x7c41, &(0x7f0000000580)={0x0, 0x2, 0x10, 0x0, 0x1eb})
socket$nl_xfrm(0x10, 0x3, 0x6)

2m27.476510167s ago: executing program 3 (id=859):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
link(&(0x7f0000000180)='./file1\x00', &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff}, 0x0)
dup(r2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRESHEX=r3, @ANYBLOB])
ptrace$getenv(0x4201, r1, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x0)
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2m27.326471183s ago: executing program 3 (id=860):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
rt_sigsuspend(0x0, 0x0)

2m27.007585843s ago: executing program 1 (id=863):
mmap(&(0x7f0000261000/0xc00000)=nil, 0xc00000, 0x3000003, 0x31, 0xffffffffffffffff, 0x0)
iopl(0x3)
process_mrelease(0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000140)=0x9, 0x3ff, 0x1)
syz_io_uring_setup(0x111, 0x0, 0x0, &(0x7f0000000280))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xc, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
r0 = syz_open_dev$vim2m(0x0, 0x7f, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000040)={0x1, @pix_mp={0x0, 0x0, 0x35315241, 0x0, 0x0, [{}, {}, {}, {}, {0x0, 0x2}, {}, {0x1}]}})
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffff99)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x100, &(0x7f0000000080)=0x20023, 0x0, 0x4)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40186f40, &(0x7f0000000440)=0x1f)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000480)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYRES32=r4, @ANYBLOB], 0x20)
r5 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2, 0x2)
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8b0f, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

2m26.30839811s ago: executing program 3 (id=864):
inotify_init1(0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
open_by_handle_at(0xffffffffffffffff, 0x0, 0x10441)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff85000000710000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000280)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_clone(0x0, 0x0, 0xfffffffffffffead, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace(0x8, r3)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
waitid(0x0, 0x0, 0x0, 0x2, &(0x7f0000000540))

2m25.336454161s ago: executing program 32 (id=864):
inotify_init1(0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
open_by_handle_at(0xffffffffffffffff, 0x0, 0x10441)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff85000000710000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000280)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_clone(0x0, 0x0, 0xfffffffffffffead, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace(0x8, r3)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
waitid(0x0, 0x0, 0x0, 0x2, &(0x7f0000000540))

2m25.330156021s ago: executing program 1 (id=868):
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r1, &(0x7f0000000080), 0x12)
r3 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r3, r3, 0x0, 0x401)

2m23.997884575s ago: executing program 1 (id=871):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
link(&(0x7f0000000180)='./file1\x00', &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff}, 0x0)
dup(r2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRESHEX=r3, @ANYBLOB])
ptrace$getenv(0x4201, r1, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x0)
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2m23.690205352s ago: executing program 1 (id=872):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
semctl$SEM_STAT_ANY(0x0, 0x4, 0x14, &(0x7f0000000a00)=""/4096)

2m22.54752784s ago: executing program 1 (id=875):
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)={'a', ' *:* ', 'w\x00'}, 0x8)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x28}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80, {0xd000}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e8603b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de745c0b1108c17615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158234a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ed3d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0d957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="65660fc736b9230200000f320fc5b0040000000f0f10970fe8fa640fbe01cf0ff4c9e21d4501c744240000000000c74424021c320000c744240600000000360fba64255a2f0fc76e0466ba6100ecef66bafc0c66b8004066ef66b8296c", 0x5d}], 0x1, 0x20, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m21.611323229s ago: executing program 33 (id=875):
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)={'a', ' *:* ', 'w\x00'}, 0x8)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x28}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80, {0xd000}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e8603b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de745c0b1108c17615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158234a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ed3d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0d957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="65660fc736b9230200000f320fc5b0040000000f0f10970fe8fa640fbe01cf0ff4c9e21d4501c744240000000000c74424021c320000c744240600000000360fba64255a2f0fc76e0466ba6100ecef66bafc0c66b8004066ef66b8296c", 0x5d}], 0x1, 0x20, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

14.455337648s ago: executing program 0 (id=1255):
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', 0x0, 0x0, 0x0)

13.516513329s ago: executing program 0 (id=1258):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000200))
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
mount(&(0x7f0000000240), 0x0, &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000200)={{0x1, 0x1, 0x18}, './file0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x298f3cc22e12b39a, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x6)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$proc_mixer(r2, 0x0, 0x178)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={0x0, @multicast1, @initdev}, &(0x7f0000000280)=0xc)
r4 = syz_open_procfs$pagemap(0x0, &(0x7f0000000240))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f00000004c0)={0x60, 0x0, &(0x7f000023d000/0x4000)=nil, &(0x7f00004fa000/0x4000)=nil, 0x0, &(0x7f0000000ec0)=[{}], 0x1, 0x1ff, 0x0, 0x0, 0x0, 0xd})
mount(&(0x7f0000000000)=@filename='./file0\x00', &(0x7f0000000040)='.\x00', &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)

12.082580611s ago: executing program 0 (id=1259):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, 0x0)

9.418889845s ago: executing program 0 (id=1272):
syz_open_dev$video4linux(&(0x7f0000000100), 0xae0, 0x40000)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_pressure(r0, &(0x7f00000000c0)='memory.pressure\x00', 0x2, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r1, 0x0, 0x0, 0xffff, 0x5dd073cf)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_buf(r4, 0x6, 0xb, 0x0, 0x0)

8.388505159s ago: executing program 6 (id=1274):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000a00), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)={0x1c, r1, 0x1, 0x70bd2a, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$FOU_CMD_GET(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000440)={0x14, 0x0, 0xb05}, 0x14}}, 0x0)

8.35570558s ago: executing program 5 (id=1275):
r0 = landlock_create_ruleset(&(0x7f0000000000)={0xd1, 0x4}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r5}, 0x4)
r6 = syz_open_procfs(0x0, &(0x7f0000000100)='attr\x00')
getdents64(r6, &(0x7f0000002f40)=""/4098, 0x1002)

8.268072964s ago: executing program 2 (id=1277):
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)

8.023032973s ago: executing program 6 (id=1278):
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
close(0x4)

7.947926548s ago: executing program 2 (id=1279):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
shutdown(r0, 0x1)
poll(0x0, 0x0, 0x40)

7.872211388s ago: executing program 4 (id=1280):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000300)=@nullb, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='ufs\x00', 0x4000, 0x0)

7.214312347s ago: executing program 6 (id=1281):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r1, &(0x7f0000002980)={&(0x7f0000000180)={0x2, 0x0, @dev}, 0x10, &(0x7f0000001400)=[{&(0x7f0000001800)='_', 0x1}], 0x1}, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000340)={'wg2\x00', {0x2, 0x4e24, @empty}})

7.064828455s ago: executing program 2 (id=1282):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, 0x0)

7.026434813s ago: executing program 5 (id=1283):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000200))
openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000240), 0x0, &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000200)={{0x1, 0x1, 0x18}, './file0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x298f3cc22e12b39a, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x6)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$proc_mixer(r2, 0x0, 0x178)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={0x0, @multicast1, @initdev}, &(0x7f0000000280)=0xc)
r4 = syz_open_procfs$pagemap(0x0, &(0x7f0000000240))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f00000004c0)={0x60, 0x0, &(0x7f000023d000/0x4000)=nil, &(0x7f00004fa000/0x4000)=nil, 0x0, &(0x7f0000000ec0)=[{}], 0x1, 0x1ff, 0x0, 0x0, 0x0, 0xd})
mount(&(0x7f0000000000)=@filename='./file0\x00', &(0x7f0000000040)='.\x00', &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)

6.241444876s ago: executing program 4 (id=1284):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
fallocate(r0, 0x83, 0x20000000000000, 0x4)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
acct(&(0x7f0000000140)='./file0\x00')
acct(0x0)
sched_setaffinity(r1, 0x8, &(0x7f00000002c0)=0x81)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, &(0x7f0000000040)={0x0, [[0x8], [0x4, 0x0, 0x0, 0xb7], [0x0, 0x4, 0x0, 0x0, 0x200000]], '\x00', [{}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {0xffffffff}, {0xeef}], '\x00', 0x1268000, 0x0, 0x0, 0x5000000, 0x0, 0x2})
socket$inet6(0xa, 0x2, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newrule={0x30, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1001f}, [@FRA_SRC={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x30}}, 0x0)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r6, 0xffffffffffffffff, 0x0)
unshare(0x6a040000)

5.805327353s ago: executing program 6 (id=1285):
memfd_create(0x0, 0xfe4f7789b86302de)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a3200000000400004803c0001800b00010065787468647200002c000280080002001200000008000340"], 0x94}}, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

3.752140029s ago: executing program 6 (id=1286):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYRES32=r2, @ANYRES16=0x0, @ANYBLOB="000129bd7000ffdbdf25140000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000300000008000b000300000006001100030000000800150007000000080001007063690011000200303030303a30303a31302e3000000000080003000100000008000b0001000000060011000500000008001500000000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000200000008000b000300000006001100040000000800150000000800", @ANYRESDEC=r2], 0xd0}, 0x1, 0x0, 0x0, 0x40400}, 0x805)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x7d, &(0x7f00000000c0)={0x0, @in6={{0x2, 0x0, 0x0, @dev}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, 0x0, &(0x7f0000000240))
r5 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r7, 0x1, 0x10, &(0x7f0000001280), 0x4)
sendmsg$inet(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001240)=[{&(0x7f0000001200)="a912", 0x2}], 0x1}, 0x20000801)
recvmsg(r7, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40002002)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket(0x22, 0x1, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
sendto$inet6(r9, &(0x7f00000007c0)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006080a0000000d0085a168d0bf46d32345653600648d270015000a00000849935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160016000a0000000000e000e218d1dd3b6ed538f2523250", 0x78, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r11 = openat$cgroup_freezer_state(r10, &(0x7f00000000c0), 0x2, 0x0)
r12 = openat$cgroup_procs(r10, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r12, &(0x7f0000000180), 0x12)
write$cgroup_freezer_state(r11, &(0x7f0000000200)='THAWED\x00', 0x7)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r8, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, '.\x00'}})

3.751401343s ago: executing program 4 (id=1287):
rseq(0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000500)})
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000500000000000000000000008500000041"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00"/13, @ANYRES32, @ANYBLOB="45a30000000000000f00"/20, @ANYRES32=0x0, @ANYBLOB='\x00'/21], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x8, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000064000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000080000008500000083000000b70900000000000055090100000000009500b90000000000bf91000000000000b7020000020000008500000000000000b70000000000000095000000000000003a79b28c0b83a66eff15ae67df3c45cbbd2f6a3fd9a472309e965642c528554b5eae103d174a"], &(0x7f0000000200)='syzkaller\x00', 0xa, 0x100b, &(0x7f0000001e40)=""/4107, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_dev$loop(&(0x7f00000000c0), 0x207, 0x161a81)
r4 = memfd_create(&(0x7f0000000840)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdc\xc0*rw[\r\x98\xf6\xd3\xbf\xa1\xcf\x8e\xc2\x8c\f\xee}g\xfe\xae\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\x01\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x1f\x88Z0\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdf\x00\x10\x00\x00\x00\x00\x00\x00\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k\xce\xbc\x0e#\x89\x96n8\xc5\xefo\xb8\x8f]\xf1\xe0;)I\xc5\xb0\x01\xdb\x99S\xc1\x02z\xa7\x19 \xe8/rH\xfd\x9e-\xf8\x83<\x1c\x89\xf6%\xde\x16(\xbc\xdd\xf4\xe3F\x91\x91\x10\xbc\x87q\x8a\x12\x04\xb1W\xc9(\x13wU\x1eT\xd4}`n\xaau\x03\xd9,\x01\xef\x98Y\xf4nE%?@D\xa4?\x8dq}=\xae#sZ\xe6W^\xc5\xb0ur\xe5\xe3\xe9\x82\x80', 0x0)
pwritev(r4, &(0x7f0000000180)=[{&(0x7f00000002c0)="01", 0x1}], 0x1, 0xd34, 0x9)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x10000, &(0x7f0000000180))
ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x541b)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)
ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4)
sendfile(r3, r4, 0x0, 0x24002de8)
r7 = memfd_create(&(0x7f00000006c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f\xf8\xd28\xf4\x1c\xc0\xf9\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xeb\xcd\t\x00\x90k\xd6\x05\r\x84\x87\x1c\b\x8c`\xea\x13A\x90m\xb6\x02\x00\x00\x00A\xc5\xb8_\xd4\x18,\fus\xb2\x99/\xc0\x9a\xf2O\xdb\xc0\x8b\x19\x17\xb7Rvd\xcb:\b0\xc3\x93;\xcc\x14\x02\xc4\xfd{\xbb-\x80\xbf\xab\xbf\xd2\xd3\xe0Cf\xb7\x7f\x93X\'\xf5/\xf9cY\x828\xa2\x00_\xb0#w\xae\xb8L\xeb\xa1\xecF\xbd\xf0\x91$s\xd8\x80\x1a\xc4\xe5=_b\x99\xf9\x84(\xcb,Y\xe6\xf0\x13\x15J\x9f,\xa5\xf2.A\x00\x00S\x94\xe7\x05no\xee\x8b\xb0ciB\x82\t9*\a\x88\xfe\xca\xcb\xe2G\x00\xa9;q\x0f\xb4\xfa\x8e\v\xf7\xc7\x86>wHw]=rW\x01\xe3\xdb\x10G-\xf7\xacD\xd7\xfb\xa0\x96\x85u\xddDv\x9c\x8b\xab\xe3F\x1d\xd2C\xdc\x1f\x80\x005\'y8a\xd3s_\xa6\b\x90\xab\xc9_\xc9\xcb;z\xcc\x9d5\xd2j\x1d\xd9\xe1\xcb\x1c\x156\xc5\xf2d\xfe\x0er\x01\xcdyF\xc1H\r\x94\xa9\x89P|\xcff\x9e\x03\xa4:\x04\v\xfe\x04\x02.\x9e\xf5~\x00\xf2TL\xac\x87<)\x02\xbaq\xae\x87\x1a\xc0\xe5\x90', 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4, 0x2012, r7, 0x6fa88000)

3.724150574s ago: executing program 5 (id=1288):
socket$inet6(0xa, 0x1, 0x0)
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000140)={[0x9]}, 0x8)
r1 = syz_io_uring_setup(0xddf, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0x0, 0x242, 0x0, r0}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, r0})
io_uring_enter(r1, 0x353, 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
tee(r4, r6, 0xfffffffffffffc01, 0x0)

3.584739493s ago: executing program 2 (id=1289):
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)

2.717319843s ago: executing program 2 (id=1290):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000a00), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)={0x1c, r1, 0x1, 0x70bd2a, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$FOU_CMD_GET(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000440)={0x14, 0x0, 0xb05}, 0x14}}, 0x0)

2.605394834s ago: executing program 5 (id=1291):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20004044)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = io_uring_setup(0x57a4, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r4 = syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x101000)
bind$alg(r0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e6400000000180002801400088008"], 0x48}}, 0x14)
sendmmsg$inet(r5, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r4, 0x89f8, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0}}, 0x0)

2.532691477s ago: executing program 4 (id=1292):
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
close(0x4)

2.488349659s ago: executing program 2 (id=1293):
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6_udplite(0xa, 0x2, 0x88)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000100))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r2, 0x75fa, 0xe475, 0x0, 0x0, 0x0)

1.913531107s ago: executing program 0 (id=1294):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
pread64(r1, &(0x7f0000000480)=""/177, 0xb1, 0xa6)

1.73006429s ago: executing program 4 (id=1295):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000300)=@nullb, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='ufs\x00', 0x4000, 0x0)

1.424020155s ago: executing program 5 (id=1296):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r1, 0x84, 0x1e, &(0x7f0000000000), 0x10)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000340)={'wg2\x00', {0x2, 0x4e24, @empty}})

556.506407ms ago: executing program 4 (id=1297):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbffffffffffffffe, 0x0, 0xffffffff}, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000340)={0x84}, 0x8)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x162682, 0x0)
r4 = dup(r3)
fallocate(r4, 0x10, 0x0, 0x1062200)

178.795527ms ago: executing program 5 (id=1298):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000200))
openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000240), 0x0, &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000200)={{0x1, 0x1, 0x18}, './file0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x298f3cc22e12b39a, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x6)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$proc_mixer(r2, 0x0, 0x178)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={0x0, @multicast1, @initdev}, &(0x7f0000000280)=0xc)
r4 = syz_open_procfs$pagemap(0x0, &(0x7f0000000240))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f00000004c0)={0x60, 0x0, &(0x7f000023d000/0x4000)=nil, &(0x7f00004fa000/0x4000)=nil, 0x0, &(0x7f0000000ec0)=[{}], 0x1, 0x1ff, 0x0, 0x0, 0x0, 0xd})
mount(&(0x7f0000000000)=@filename='./file0\x00', &(0x7f0000000040)='.\x00', &(0x7f0000000140)='f2fs\x00', 0x0, 0x0)

66.547521ms ago: executing program 0 (id=1299):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0xb)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r1 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x80, 0x7f)
mkdirat(r1, &(0x7f0000000100)='./control\x00', 0x0)
openat(r1, &(0x7f0000000280)='./control\x00', 0x470082, 0x0)
unlinkat(r1, &(0x7f0000000140)='./control\x00', 0x200)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x20, 0x6, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x74}}, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
lseek(r3, 0x289e0cb5, 0x0)

0s ago: executing program 6 (id=1300):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x20000000}, 0x20050800)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8500, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000340)={0xf0003, 0x0, [0x0, 0x8, 0x2000000000000, 0xfffffffffffffffd, 0xfffffffffffffffd]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f00000001c0)={'\x00', 0x0, 0x6, 0x8000, 0xc, 0x59c, 0xffffffffffffffff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

link: 48 bytes leftover after parsing attributes in process `syz.1.138'.
[  110.957638][ T6292] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  110.964649][ T6292] EXT4-fs (loop3): mount failed
[  111.440027][ T6315] binfmt_misc: register: failed to install interpreter file ./file2
[  111.871695][ T6335] netlink: 48 bytes leftover after parsing attributes in process `syz.4.152'.
[  111.892296][ T6327] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.099259][ T6327] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.309797][ T6327] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.440132][ T6327] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.720452][ T6327] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.767378][ T6327] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.821807][ T6327] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.884639][ T6327] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.341543][ T6382] loop1: detected capacity change from 0 to 512
[  113.372457][ T6382] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  113.418907][ T6382] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  113.471080][ T6382] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  113.496402][ T6382] System zones: 1-12
[  113.508446][ T6382] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  113.528707][ T6382] EXT4-fs (loop1): 1 truncate cleaned up
[  113.573316][ T6382] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.726656][ T5835] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.746326][ T6393] syz.0.176: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  113.813065][ T6393] CPU: 1 UID: 0 PID: 6393 Comm: syz.0.176 Not tainted 6.14.0-rc2-next-20250210-syzkaller #0
[  113.813091][ T6393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  113.813108][ T6393] Call Trace:
[  113.813116][ T6393]  <TASK>
[  113.813124][ T6393]  dump_stack_lvl+0x241/0x360
[  113.813155][ T6393]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.813173][ T6393]  ? __pfx__printk+0x10/0x10
[  113.813208][ T6393]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  113.813227][ T6393]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  113.813250][ T6393]  warn_alloc+0x278/0x410
[  113.813277][ T6393]  ? __vmalloc_node_range_noprof+0x106/0x1380
[  113.813301][ T6393]  ? __pfx_warn_alloc+0x10/0x10
[  113.813326][ T6393]  ? kasan_save_track+0x3f/0x80
[  113.813341][ T6393]  ? __kasan_kmalloc+0x98/0xb0
[  113.813360][ T6393]  ? xsk_setsockopt+0x4ea/0x950
[  113.813379][ T6393]  ? do_sock_setsockopt+0x3af/0x720
[  113.813396][ T6393]  ? __x64_sys_setsockopt+0x1ee/0x280
[  113.813409][ T6393]  ? do_syscall_64+0xf3/0x230
[  113.813423][ T6393]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.813455][ T6393]  __vmalloc_node_range_noprof+0x126/0x1380
[  113.813526][ T6393]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  113.813554][ T6393]  ? __kasan_kmalloc+0x98/0xb0
[  113.813578][ T6393]  vmalloc_user_noprof+0x74/0x80
[  113.813600][ T6393]  ? xskq_create+0xb6/0x170
[  113.813618][ T6393]  xskq_create+0xb6/0x170
[  113.813641][ T6393]  xsk_init_queue+0xa1/0x100
[  113.813664][ T6393]  xsk_setsockopt+0x4ea/0x950
[  113.813688][ T6393]  ? __pfx_xsk_setsockopt+0x10/0x10
[  113.813707][ T6393]  ? __pfx_aa_sk_perm+0x10/0x10
[  113.813728][ T6393]  ? aa_sock_opt_perm+0xfd/0x1b0
[  113.813758][ T6393]  ? __pfx_xsk_setsockopt+0x10/0x10
[  113.813775][ T6393]  do_sock_setsockopt+0x3af/0x720
[  113.813802][ T6393]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  113.813828][ T6393]  ? __fget_files+0x395/0x410
[  113.813846][ T6393]  ? __fget_files+0x2a/0x410
[  113.813879][ T6393]  __x64_sys_setsockopt+0x1ee/0x280
[  113.813909][ T6393]  do_syscall_64+0xf3/0x230
[  113.813925][ T6393]  ? clear_bhb_loop+0x35/0x90
[  113.813952][ T6393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.813982][ T6393] RIP: 0033:0x7fc8ff38cde9
[  113.814002][ T6393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.814015][ T6393] RSP: 002b:00007fc9001e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  113.814033][ T6393] RAX: ffffffffffffffda RBX: 00007fc8ff5a5fa0 RCX: 00007fc8ff38cde9
[  113.814043][ T6393] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000005
[  113.814052][ T6393] RBP: 00007fc8ff40e2a0 R08: 0000000000000004 R09: 0000000000000000
[  113.814061][ T6393] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000000
[  113.814071][ T6393] R13: 0000000000000000 R14: 00007fc8ff5a5fa0 R15: 00007ffcb98d2678
[  113.814108][ T6393]  </TASK>
[  113.814116][ T6393] Mem-Info:
[  114.035068][   T30] audit: type=1326 audit(1739251750.134:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  114.054897][ T6393] active_anon:4977 inactive_anon:0 isolated_anon:0
[  114.054897][ T6393]  active_file:1388 inactive_file:38308 isolated_file:0
[  114.054897][ T6393]  unevictable:768 dirty:199 writeback:0
[  114.054897][ T6393]  slab_reclaimable:9871 slab_unreclaimable:97665
[  114.054897][ T6393]  mapped:28800 shmem:1428 pagetables:921
[  114.054897][ T6393]  sec_pagetables:0 bounce:0
[  114.054897][ T6393]  kernel_misc_reclaimable:0
[  114.054897][ T6393]  free:1346391 free_pcp:231 free_cma:0
[  114.133128][ T6403] netlink: 16 bytes leftover after parsing attributes in process `syz.2.181'.
[  114.165705][ T6393] Node 0 active_anon:19908kB inactive_anon:0kB active_file:5552kB inactive_file:153160kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115200kB dirty:796kB writeback:0kB shmem:4176kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10664kB pagetables:3684kB sec_pagetables:0kB all_unreclaimable? no
[  114.218622][   T30] audit: type=1326 audit(1739251750.134:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  114.308504][ T6393] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  114.308557][ T6393] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  114.308611][ T6393] lowmem_reserve[]: 0 2490 2491 0 0
[  114.308655][ T6393] Node 0 DMA32 free:1461692kB boost:0kB min:34184kB low:42728kB high:51272kB reserved_highatomic:0KB active_anon:19852kB inactive_anon:0kB active_file:5552kB inactive_file:152580kB unevictable:1536kB writepending:804kB present:3129332kB managed:2550780kB mlocked:0kB bounce:0kB free_pcp:1616kB local_pcp:780kB free_cma:0kB
[  114.308707][ T6393] lowmem_reserve[]: 0 0 0 0 0
[  114.308751][ T6393] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:580kB unevictable:0kB writepending:0kB present:1048580kB managed:620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  114.308798][ T6393] lowmem_reserve[]: 0 0 0 0 0
[  114.308843][ T6393] Node 1 Normal free:3905872kB boost:0kB min:55708kB low:69632kB high:83556kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  114.308894][ T6393] lowmem_reserve[]: 0 0 0 0 0
[  114.308938][ T6393] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  114.313029][ T6393] Node 0 DMA32: 91*4kB (UME) 51*8kB (UM) 267*16kB (UME) 63*32kB (UME) 120*64kB (UME) 62*128kB (UME) 25*256kB (ME) 18*512kB (UME) 18*1024kB (ME) 12*2048kB (UME) 337*4096kB (M) = 1461652kB
[  114.313224][ T6393] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  114.313339][ T6393] Node 1 Normal: 228*4kB (UE) 54*8kB (UME) 41*16kB (UME) 210*32kB (UME) 93*64kB (UME) 38*128kB (UME) 15*256kB (UM) 9*512kB (UME) 3*1024kB (UME) 2*2048kB (UE) 945*4096kB (M) = 3905872kB
[  114.313525][ T6393] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  114.313540][ T6393] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  114.313555][ T6393] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  114.313569][ T6393] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  114.313585][ T6393] 41126 total pagecache pages
[  114.313594][ T6393] 0 pages in swap cache
[  114.313603][ T6393] Free swap  = 124740kB
[  114.313611][ T6393] Total swap = 124996kB
[  114.313621][ T6393] 2097051 pages RAM
[  114.313629][ T6393] 0 pages HighMem/MovableOnly
[  114.313638][ T6393] 427570 pages reserved
[  114.313645][ T6393] 0 pages cma reserved
[  114.367613][   T30] audit: type=1326 audit(1739251750.134:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  114.367663][   T30] audit: type=1326 audit(1739251750.134:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f25d678b750 code=0x7ffc0000
[  114.633186][ T6416] loop1: detected capacity change from 0 to 512
[  114.634096][ T6416] EXT4-fs: Ignoring removed nobh option
[  114.644386][ T6416] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  114.644522][ T6416] EXT4-fs (loop1): failed to open journal device unknown-block(8,0) -16
[  114.950361][ T6425] netlink: 'syz.4.190': attribute type 1 has an invalid length.
[  114.952816][ T6422] loop1: detected capacity change from 0 to 1024
[  115.049681][ T6422] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.246113][ T6431] IPVS: stopping master sync thread 6432 ...
[  115.395959][ T6400] tty tty24: ldisc open failed (-12), clearing slot 23
[  115.645570][ T6444] netlink: 24 bytes leftover after parsing attributes in process `syz.2.197'.
[  115.864552][   T52] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  115.919900][   T52] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  115.938752][   T52] EXT4-fs (loop1): This should not happen!! Data will be lost
[  115.938752][   T52] 
[  115.950447][   T52] EXT4-fs (loop1): Total free blocks count 0
[  115.961113][   T52] EXT4-fs (loop1): Free/Dirty block details
[  115.968743][   T52] EXT4-fs (loop1): free_blocks=68451041280
[  115.978605][   T52] EXT4-fs (loop1): dirty_blocks=2512
[  115.990403][   T52] EXT4-fs (loop1): Block reservation details
[  116.003510][   T52] EXT4-fs (loop1): i_reserved_data_blocks=157
[  116.109286][ T6458] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  116.157942][ T4558] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 460 with error 28
[  116.942852][ T5884] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  117.199461][ T6482] loop9: detected capacity change from 0 to 6
[  117.454558][ T5884] usb 4-1: unable to get BOS descriptor or descriptor too short
[  117.476510][ T5884] usb 4-1: not running at top speed; connect to a high speed hub
[  117.552504][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  117.575031][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  117.592978][ T5884] usb 4-1: config 0 has an invalid interface number: 88 but max is 0
[  117.627557][ T5884] usb 4-1: config 0 has no interface number 0
[  117.644022][ T5884] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[  117.666506][ T5884] usb 4-1: config 0 interface 88 has no altsetting 0
[  117.699384][ T5884] usb 4-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  117.729212][ T5884] usb 4-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  117.769345][ T5884] usb 4-1: Product: syz
[  117.773564][ T5884] usb 4-1: Manufacturer: syz
[  117.810396][ T5884] usb 4-1: SerialNumber: syz
[  117.863306][ T5884] usb 4-1: config 0 descriptor??
[  118.954306][ T5884] usb 4-1: USB disconnect, device number 2
[  120.376169][ T5883] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  120.385825][ T5884] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  120.483676][ T6542] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  120.492137][ T6542] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  120.504571][ T6542] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  120.513041][ T6542] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock
[  120.823892][ T5883] usb 3-1: Using ep0 maxpacket: 8
[  120.835055][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  120.950663][ T5883] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  120.961463][ T5884] usb 1-1: unable to get BOS descriptor or descriptor too short
[  120.975439][ T5883] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.985774][ T5884] usb 1-1: not running at top speed; connect to a high speed hub
[  121.002743][ T5884] usb 1-1: config 0 has an invalid interface number: 88 but max is 0
[  121.024096][ T5883] usb 3-1: config 0 descriptor??
[  121.030673][ T5884] usb 1-1: config 0 has no interface number 0
[  121.049478][ T5884] usb 1-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 10
[  121.068006][ T6548] GUP no longer grows the stack in syz.4.238 (6548): 400000004000-400000008000 (400000002000)
[  121.078168][ T5884] usb 1-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid maxpacket 255, setting to 64
[  121.109260][ T5884] usb 1-1: config 0 interface 88 has no altsetting 0
[  121.116627][ T6548] CPU: 1 UID: 0 PID: 6548 Comm: syz.4.238 Not tainted 6.14.0-rc2-next-20250210-syzkaller #0
[  121.116651][ T6548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  121.116665][ T6548] Call Trace:
[  121.116673][ T6548]  <TASK>
[  121.116681][ T6548]  dump_stack_lvl+0x241/0x360
[  121.116711][ T6548]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.116731][ T6548]  ? __pfx__printk+0x10/0x10
[  121.116752][ T6548]  ? find_vma+0xf9/0x170
[  121.116795][ T6548]  __get_user_pages+0x3b07/0x4140
[  121.116886][ T6548]  ? __pfx___get_user_pages+0x10/0x10
[  121.116952][ T6548]  get_user_pages_remote+0x31e/0xb60
[  121.116992][ T6548]  ? __pfx_get_user_pages_remote+0x10/0x10
[  121.117021][ T6548]  ? __access_remote_vm+0x320/0x800
[  121.117053][ T6548]  __access_remote_vm+0x229/0x800
[  121.117094][ T6548]  ? __pfx___access_remote_vm+0x10/0x10
[  121.117119][ T6548]  ? rep_movs_alternative+0x4c/0x70
[  121.117152][ T6548]  proc_pid_cmdline_read+0x5b2/0x860
[  121.117188][ T6548]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  121.117214][ T6548]  ? rw_verify_area+0x243/0x630
[  121.117246][ T6548]  vfs_readv+0x6bc/0xa80
[  121.117284][ T6548]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  121.117303][ T6548]  ? __pfx_vfs_readv+0x10/0x10
[  121.117320][ T6548]  ? do_sys_openat2+0x179/0x1c0
[  121.117368][ T6548]  ? __fget_files+0x2a/0x410
[  121.117392][ T6548]  ? __fget_files+0x395/0x410
[  121.117410][ T6548]  ? __fget_files+0x2a/0x410
[  121.117447][ T6548]  __x64_sys_preadv+0x1b7/0x2d0
[  121.117470][ T6548]  ? __pfx___x64_sys_preadv+0x10/0x10
[  121.117491][ T6548]  ? do_syscall_64+0x100/0x230
[  121.117513][ T6548]  ? do_syscall_64+0xb6/0x230
[  121.117535][ T6548]  do_syscall_64+0xf3/0x230
[  121.117553][ T6548]  ? clear_bhb_loop+0x35/0x90
[  121.117580][ T6548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.117602][ T6548] RIP: 0033:0x7f51b7d8cde9
[  121.117618][ T6548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.117632][ T6548] RSP: 002b:00007f51b8b80038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  121.117658][ T6548] RAX: ffffffffffffffda RBX: 00007f51b7fa5fa0 RCX: 00007f51b7d8cde9
[  121.117670][ T6548] RDX: 0000000000000001 RSI: 00004000000000c0 RDI: 0000000000000003
[  121.117681][ T6548] RBP: 00007f51b7e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  121.117692][ T6548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  121.117702][ T6548] R13: 0000000000000000 R14: 00007f51b7fa5fa0 R15: 00007ffe6d46cf88
[  121.117740][ T6548]  </TASK>
[  121.404419][ T5883] asix 3-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  121.451681][ T5884] usb 1-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  121.522046][ T5884] usb 1-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  121.563754][ T5884] usb 1-1: Product: syz
[  121.588495][ T5884] usb 1-1: Manufacturer: syz
[  121.616408][ T5884] usb 1-1: SerialNumber: syz
[  121.621619][ T6555] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.638545][ T5884] usb 1-1: config 0 descriptor??
[  121.650647][ T6533] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  121.743050][ T6555] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.816357][ T6555] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.869117][ T6555] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.923104][ T5884] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.88/input/input5
[  122.039212][ T6555] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.142301][ T5884] usb 1-1: USB disconnect, device number 2
[  122.148355][    C0] usb_acecad 1-1:0.88: can't resubmit intr, dummy_hcd.0-1/input0, status -19
[  122.283792][ T6555] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.327763][ T6555] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.374111][ T6555] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.422672][ T5883] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  122.660214][ T5883] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  122.969665][ T5883] asix 3-1:0.0: probe with driver asix failed with error -71
[  123.080370][ T5883] usb 3-1: USB disconnect, device number 2
[  124.823035][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  124.857156][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  125.437537][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  125.745672][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[  126.275094][ T5882] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  126.322232][ T6623] capability: warning: `syz.0.263' uses deprecated v2 capabilities in a way that may be insecure
[  126.354987][ T5884] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  126.445093][ T5882] usb 2-1: Using ep0 maxpacket: 8
[  126.458242][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  126.484945][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  126.494648][ T5882] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  126.506496][ T5884] usb 5-1: device descriptor read/64, error -71
[  126.524922][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  126.534734][ T5882] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  126.547125][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.586633][ T5882] usb 2-1: config 0 descriptor??
[  126.850855][ T5882] usb 2-1: USB disconnect, device number 2
[  127.018802][ T5884] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  127.155091][ T5884] usb 5-1: device descriptor read/64, error -71
[  127.468396][ T5884] usb usb5-port1: attempt power cycle
[  128.407671][ T6659] syz.3.277 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  129.074451][ T6661] input: syz0 as /devices/virtual/input/input6
[  129.717330][ T5881] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  130.277165][ T5881] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  130.359055][ T5881] usb 3-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x16, changing to 0x6
[  130.458556][ T5838] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  130.474508][ T5838] Bluetooth: hci2: Injecting HCI hardware error event
[  130.486627][ T5838] Bluetooth: hci2: hardware error 0x00
[  130.510938][ T5881] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 8386, setting to 1024
[  130.528154][ T5881] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024
[  130.597373][ T5881] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  130.620645][ T5881] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  130.676825][ T5881] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  130.686583][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.694917][ T5881] usb 3-1: Product: syz
[  130.699436][ T5881] usb 3-1: Manufacturer: syz
[  130.704585][ T5881] usb 3-1: SerialNumber: syz
[  130.795842][ T6674] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  130.935072][ T5884] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  131.034604][ T6674] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  131.105035][ T5884] usb 1-1: Using ep0 maxpacket: 16
[  131.118555][ T5884] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.141418][ T5884] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.162653][ T5884] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  131.199311][ T5884] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.247948][ T5884] usb 1-1: config 0 descriptor??
[  131.645841][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  131.666276][ T6674] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  131.708314][ T6702] ubi31: attaching mtd0
[  131.714951][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  131.717962][ T6702] ubi31: scanning is finished
[  131.728193][ T6702] ubi31: empty MTD device detected
[  131.785815][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  131.941849][ T5881] cdc_mbim 3-1:1.0: failed to get mac address
[  132.025927][ T5884] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:8241.0001/input/input7
[  132.050734][ T5881] cdc_mbim 3-1:1.0: bind() failure
[  132.444865][ T5881] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71
[  132.465447][ T5884] appleir 0003:05AC:8241.0001: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  132.466909][ T5881] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71
[  132.545115][ T5881] usbtest 3-1:1.1: probe with driver usbtest failed with error -71
[  132.563337][ T5884] usb 1-1: USB disconnect, device number 3
[  132.611206][ T5881] usb 3-1: USB disconnect, device number 3
[  132.695947][ T5838] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  132.790943][ T6710] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun!
[  132.969224][ T6702] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  133.811476][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  133.819645][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  133.930040][ T6702] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  134.224170][ T6702] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  134.313005][ T6702] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  134.393378][ T6702] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  134.425955][ T6702] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  134.467512][ T6702] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3895399425
[  134.508782][ T6702] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  134.520588][ T6714] ubi31: background thread "ubi_bgt31d" started, PID 6714
[  135.978676][ T6737] ubi: mtd0 is already attached to ubi31
[  136.538029][ T6747] loop4: detected capacity change from 0 to 1024
[  136.594073][ T6747] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.936156][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.426670][ T6772] netlink: 8 bytes leftover after parsing attributes in process `syz.1.317'.
[  138.906150][ T6789] loop3: detected capacity change from 0 to 1024
[  138.978152][ T6789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.036622][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.832597][ T5881] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  141.014601][ T5881] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  141.036486][ T5881] usb 3-1: config 0 interface 0 has no altsetting 0
[  141.060215][ T5881] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  141.100822][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.252650][ T5881] usb 3-1: Product: syz
[  141.301428][ T5881] usb 3-1: Manufacturer: syz
[  141.370981][ T6824] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  141.385098][ T6824] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  141.395325][ T6824] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  141.395438][ T5881] usb 3-1: SerialNumber: syz
[  141.409989][ T6824] F2FS-fs (loop9): Can't find valid F2FS filesystem in 2th superblock
[  142.869916][ T5881] usb 3-1: config 0 descriptor??
[  142.942035][ T5881] usb 3-1: can't set config #0, error -71
[  143.011323][ T5881] usb 3-1: USB disconnect, device number 4
[  146.966381][ T6890] netlink: 8 bytes leftover after parsing attributes in process `syz.2.360'.
[  146.995264][ T6890] netlink: 8 bytes leftover after parsing attributes in process `syz.2.360'.
[  147.247400][   T46] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  147.558518][   T46] usb 5-1: Using ep0 maxpacket: 32
[  147.650838][   T46] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  147.843927][   T46] usb 5-1: config 0 has no interface number 0
[  147.987863][   T46] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  148.014533][   T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.026400][   T46] usb 5-1: Product: syz
[  148.030601][   T46] usb 5-1: Manufacturer: syz
[  148.036046][   T46] usb 5-1: SerialNumber: syz
[  148.065957][   T46] usb 5-1: config 0 descriptor??
[  148.093053][   T46] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  148.327918][   T46] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  148.441624][   T46] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  148.503825][ T6886] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.536450][ T6886] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.812827][    C1] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  148.813490][ T5883] usb 5-1: USB disconnect, device number 5
[  148.981746][ T5883] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  149.069342][ T5883] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  149.153788][ T5883] quatech2 5-1:0.51: device disconnected
[  149.160157][    T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  149.262977][ T6926] warning: `syz.1.374' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  149.357946][    T9] usb 1-1: Using ep0 maxpacket: 8
[  149.379931][    T9] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  149.403018][    T9] usb 1-1: config 0 has no interface number 0
[  149.429711][    T9] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  149.470052][    T9] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 42911, setting to 1024
[  149.511947][    T9] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  149.524028][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.536850][    T9] usb 1-1: config 0 descriptor??
[  149.545046][ T6921] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  149.556732][ T6930] 9pnet_fd: Insufficient options for proto=fd
[  149.587714][    T9] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  149.785627][    C0] iowarrior 1-1:0.1: iowarrior_callback - usb_submit_urb failed with result -1
[  149.796158][    T9] usb 1-1: USB disconnect, device number 4
[  150.788426][ T5838] Bluetooth: hci4: Invalid connection link type handle 0x00c9
[  152.303558][ T6971] 9pnet_fd: Insufficient options for proto=fd
[  153.277323][ T6953] syz.1.386 (6953): drop_caches: 2
[  155.197512][ T7006] 9pnet_fd: Insufficient options for proto=fd
[  156.871076][ T7031] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  158.132390][ T7043] 9pnet_fd: Insufficient options for proto=fd
[  162.771260][ T7085] 9pnet_fd: Insufficient options for proto=fd
[  165.691940][ T7122] 9pnet_fd: Insufficient options for proto=fd
[  166.142260][ T7130] ubi: mtd0 is already attached to ubi31
[  166.966465][ T7137] ubi: mtd0 is already attached to ubi31
[  167.672299][ T7150] 9pnet_fd: Insufficient options for proto=fd
[  167.850855][ T7151] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  167.860246][ T7151] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  167.871505][ T7151] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  167.879812][ T7151] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  171.314982][ T7180] ubi: mtd0 is already attached to ubi31
[  172.220527][ T7189] 9pnet_fd: Insufficient options for proto=fd
[  173.630795][ T7202] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  173.638845][ T7202] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  173.648465][ T7202] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  173.656471][ T7202] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock
[  174.787414][ T7224] 9pnet_fd: Insufficient options for proto=fd
[  176.351227][ T7258] 9pnet_fd: Insufficient options for proto=fd
[  179.066239][ T5915] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  179.639599][ T7300] 9pnet_fd: Insufficient options for proto=fd
[  179.761009][ T5915] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  179.807149][ T5915] usb 4-1: config 0 interface 0 has no altsetting 0
[  179.933039][ T5915] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  180.099969][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.216013][ T5915] usb 4-1: Product: syz
[  180.272577][ T5915] usb 4-1: Manufacturer: syz
[  180.318847][ T5915] usb 4-1: SerialNumber: syz
[  180.340524][ T5915] usb 4-1: config 0 descriptor??
[  180.373592][ T5915] usb 4-1: selecting invalid altsetting 0
[  183.245634][ T5915] usb 4-1: USB disconnect, device number 3
[  183.787067][ T5915] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  183.809318][ T7340] 9pnet_fd: Insufficient options for proto=fd
[  183.972963][ T7344] netlink: 'syz.1.533': attribute type 8 has an invalid length.
[  183.981403][ T7344] netlink: 163260 bytes leftover after parsing attributes in process `syz.1.533'.
[  183.992536][ T5915] usb 4-1: Using ep0 maxpacket: 8
[  184.006471][ T5915] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  184.024879][ T5915] usb 4-1: config 179 has no interface number 0
[  184.031358][ T5915] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  184.043414][ T5915] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  184.058599][ T5915] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  184.071077][ T5915] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  184.086483][ T5915] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  184.101946][ T5915] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  184.114283][ T5915] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.132126][ T7324] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  184.684170][ T7343] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  184.691249][ T7343] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  184.759480][ T7343] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  184.768143][ T7343] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  184.774144][ T7343] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  184.781877][ T7343] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  184.789580][ T7343] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  184.795658][ T7343] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  184.804404][ T7343] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  184.853881][ T6563] udevd[6563]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  184.894826][ T7324] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  184.901769][ T7324] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  184.995199][ T7324] vhci_hcd vhci_hcd.0: Device attached
[  185.085411][   T46] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  185.205865][ T5883] vhci_hcd: vhci_device speed not set
[  185.301768][ T7352] vhci_hcd: connection closed
[  185.326996][ T5884] usb 4-1: USB disconnect, device number 4
[  185.327037][    C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  185.354907][    C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  185.361096][ T6682] vhci_hcd: stop threads
[  185.500136][ T5883] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  185.686471][   T46] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  185.688311][ T6682] vhci_hcd: release socket
[  185.708124][ T6682] vhci_hcd: disconnect device
[  185.780530][   T46] usb 3-1: config 0 interface 0 has no altsetting 0
[  185.798343][   T46] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  185.835367][   T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.864924][   T46] usb 3-1: Product: syz
[  185.869202][   T46] usb 3-1: Manufacturer: syz
[  185.884042][   T46] usb 3-1: SerialNumber: syz
[  185.906042][   T46] usb 3-1: config 0 descriptor??
[  185.952062][   T46] usb 3-1: selecting invalid altsetting 0
[  185.976206][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  186.897739][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout
[  186.897898][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout
[  187.089409][  T977] IPVS: starting estimator thread 0...
[  187.239630][ T7369] IPVS: using max 26 ests per chain, 62400 per kthread
[  187.677021][   T46] usb 3-1: USB disconnect, device number 5
[  187.785757][ T5930] udevd[5930]: setting mode of /dev/audio3 to 020660 failed: No such file or directory
[  187.828724][ T5930] udevd[5930]: setting owner of /dev/audio3 to uid=0, gid=29 failed: No such file or directory
[  188.007719][ T5928] udevd[5928]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  188.087443][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout
[  189.002933][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout
[  189.015038][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout
[  190.135483][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout
[  190.246135][   T46] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  191.015518][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout
[  191.042395][ T5883] vhci_hcd: vhci_device speed not set
[  191.052158][   T46] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  191.094957][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout
[  191.965059][   T46] usb 3-1: config 0 interface 0 has no altsetting 0
[  191.992624][   T46] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  192.226950][   T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.295216][   T46] usb 3-1: Product: syz
[  192.322775][   T46] usb 3-1: Manufacturer: syz
[  192.343257][   T46] usb 3-1: SerialNumber: syz
[  192.387721][   T46] usb 3-1: config 0 descriptor??
[  192.442478][   T46] usb 3-1: selecting invalid altsetting 0
[  193.154925][ T7425] ubi: mtd0 is already attached to ubi31
[  194.399450][ T7367] usb 3-1: USB disconnect, device number 6
[  194.641496][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  194.654910][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  198.184343][ T7456] netlink: 12 bytes leftover after parsing attributes in process `syz.4.568'.
[  199.739423][  T977] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  200.257786][  T977] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  200.274893][  T977] usb 4-1: config 0 interface 0 has no altsetting 0
[  200.297635][  T977] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  200.325057][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.333149][  T977] usb 4-1: Product: syz
[  200.353759][  T977] usb 4-1: Manufacturer: syz
[  200.372384][  T977] usb 4-1: SerialNumber: syz
[  200.388951][  T977] usb 4-1: config 0 descriptor??
[  200.416551][ T7485] netlink: 44 bytes leftover after parsing attributes in process `syz.0.575'.
[  200.418057][  T977] usb 4-1: selecting invalid altsetting 0
[  201.774659][   T25] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  202.074123][ T7367] usb 4-1: USB disconnect, device number 5
[  202.249133][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  202.328516][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  202.369898][   T25] usb 1-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  202.638035][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.660400][   T25] usb 1-1: config 0 descriptor??
[  204.057162][   T25] usb 1-1: can't set config #0, error -71
[  204.144682][   T25] usb 1-1: USB disconnect, device number 5
[  205.210432][ T7522] ubi: mtd0 is already attached to ubi31
[  207.682839][ T7535] netlink: 8 bytes leftover after parsing attributes in process `syz.2.589'.
[  211.049049][ T7561] overlayfs: failed to get index nlink (file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, err=-61)
[  212.608185][ T7581] random: crng reseeded on system resumption
[  214.464894][ T7594] netlink: 'syz.1.606': attribute type 10 has an invalid length.
[  214.472690][ T7594] netlink: 40 bytes leftover after parsing attributes in process `syz.1.606'.
[  214.484443][ T7594] bridge0: port 3(batadv0) entered blocking state
[  214.492930][ T7594] bridge0: port 3(batadv0) entered disabled state
[  214.501141][ T7594] batadv0: entered allmulticast mode
[  214.556579][ T7594] batadv0: entered promiscuous mode
[  214.568884][ T7594] bridge0: port 3(batadv0) entered blocking state
[  214.576099][ T7594] bridge0: port 3(batadv0) entered forwarding state
[  214.834377][ T7596] netlink: 8 bytes leftover after parsing attributes in process `syz.2.607'.
[  214.874505][ T6665] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  214.884884][ T6665] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  215.858468][ T7585] netlink: 'syz.3.602': attribute type 10 has an invalid length.
[  215.866722][ T7585] netlink: 40 bytes leftover after parsing attributes in process `syz.3.602'.
[  216.783780][ T7607] Zero length message leads to an empty skb
[  218.299094][ T7625] netlink: 'syz.0.616': attribute type 1 has an invalid length.
[  219.790645][ T7632] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  221.058012][ T7648] netlink: 8 bytes leftover after parsing attributes in process `syz.0.622'.
[  222.739309][ T7672] netlink: 8 bytes leftover after parsing attributes in process `syz.3.631'.
[  222.847847][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.3.631'.
[  222.952270][ T7672] netlink: 24 bytes leftover after parsing attributes in process `syz.3.631'.
[  222.961467][ T7672] netlink: 24 bytes leftover after parsing attributes in process `syz.3.631'.
[  223.312389][ T7680] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.632'.
[  223.323435][ T7675] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.632'.
[  223.615293][  T977] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  224.295313][  T977] usb 5-1: Using ep0 maxpacket: 32
[  224.327234][  T977] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  224.358019][  T977] usb 5-1: config 0 has no interface number 0
[  224.388341][  T977] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  224.421420][  T977] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.461113][  T977] usb 5-1: Product: syz
[  224.473363][  T977] usb 5-1: Manufacturer: syz
[  224.514881][  T977] usb 5-1: SerialNumber: syz
[  224.538648][  T977] usb 5-1: config 0 descriptor??
[  224.588654][  T977] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  224.856093][  T977] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  224.908135][  T977] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  225.024668][ T7697] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  225.031245][ T7697] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  225.076585][ T7678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  225.098074][ T7697] vhci_hcd vhci_hcd.0: Device attached
[  225.123925][ T7678] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  225.305123][  T977] vhci_hcd: vhci_device speed not set
[  225.385206][  T977] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[  225.393275][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  225.435872][ T5884] usb 5-1: USB disconnect, device number 6
[  226.287080][ T5884] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  226.298036][ T7699] vhci_hcd: connection reset by peer
[  226.328067][ T1078] vhci_hcd: stop threads
[  226.333070][ T1078] vhci_hcd: release socket
[  226.354794][ T1078] vhci_hcd: disconnect device
[  226.358547][ T5884] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  226.391918][ T5884] quatech2 5-1:0.51: device disconnected
[  226.545212][   T46] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  226.596422][ T7712] netlink: 4 bytes leftover after parsing attributes in process `syz.4.645'.
[  226.731659][   T46] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  226.908223][   T46] usb 1-1: config 0 interface 0 has no altsetting 0
[  227.767575][   T46] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  227.776802][   T46] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.811392][   T46] usb 1-1: Product: syz
[  227.822398][   T46] usb 1-1: Manufacturer: syz
[  227.834616][   T46] usb 1-1: SerialNumber: syz
[  227.898387][   T46] usb 1-1: config 0 descriptor??
[  227.929801][   T46] usb 1-1: selecting invalid altsetting 0
[  228.284622][ T7738] netlink: 'syz.3.654': attribute type 8 has an invalid length.
[  228.292611][ T7738] netlink: 163260 bytes leftover after parsing attributes in process `syz.3.654'.
[  228.958711][ T7737] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  228.966088][ T7737] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  228.993285][ T5834] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  229.617916][ T7737] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  229.624118][ T7737] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  229.766630][  T974] usb 1-1: USB disconnect, device number 6
[  230.718356][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  230.948797][  T977] vhci_hcd: vhci_device speed not set
[  232.205999][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout
[  232.212651][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout
[  232.556770][ T7779] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  232.865348][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout
[  233.589272][ T7794] No such timeout policy "syz1"
[  237.758019][ T7826] netlink: 'syz.2.681': attribute type 1 has an invalid length.
[  238.458810][ T7834] block device autoloading is deprecated and will be removed.
[  240.863694][ T7851] netlink: 8 bytes leftover after parsing attributes in process `syz.1.690'.
[  243.339475][ T7868] netlink: 16 bytes leftover after parsing attributes in process `syz.1.693'.
[  243.426414][ T7869] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  244.251623][ T5838] Bluetooth: hci4: Malformed MSFT vendor event: 0x02
[  244.585261][ T5825] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  244.779409][ T5825] usb 4-1: Using ep0 maxpacket: 8
[  245.187321][ T5825] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  245.215312][ T5825] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  245.231537][ T5825] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  245.252668][ T5825] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  245.270631][ T5825] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  245.282797][ T5825] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.804685][ T5825] usb 4-1: GET_CAPABILITIES returned 0
[  245.812043][ T5825] usbtmc 4-1:16.0: can't read capabilities
[  246.091621][ T5883] usb 4-1: USB disconnect, device number 6
[  246.864898][ T7886] syz.4.702 (7886) used greatest stack depth: 18384 bytes left
[  247.025757][ T7898] fuse: Bad value for 'fd'
[  247.123348][ T7900] Cannot find add_set index 0 as target
[  248.485289][ T5883] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  248.595826][ T5825] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  248.685447][ T5883] usb 4-1: Using ep0 maxpacket: 8
[  248.777993][ T5883] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  248.785012][ T5825] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  248.805688][ T7925] syz.2.714: attempt to access beyond end of device
[  248.805688][ T7925] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0
[  248.807287][ T5825] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  248.833500][ T7925] vxfs: unable to read disk superblock at 1
[  248.849846][ T7925] syz.2.714: attempt to access beyond end of device
[  248.849846][ T7925] nbd2: rw=0, sector=16, nr_sectors = 2 limit=0
[  248.864888][ T7925] vxfs: unable to read disk superblock at 8
[  248.871309][ T7925] vxfs: can't find superblock.
[  248.892050][ T5825] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  248.892383][ T5883] usb 4-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  248.949772][ T5825] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  249.032792][ T5825] usb 1-1: Manufacturer: syz
[  249.236733][ T5883] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  249.246302][ T5825] usb 1-1: config 0 descriptor??
[  249.283304][ T5883] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.325820][ T5883] usbtmc 4-1:16.0: bulk endpoints not found
[  250.279587][ T7924] Mount JFS Failure: -22
[  250.284117][ T7924] jfs_mount failed w/return code = -22
[  250.605897][ T5825] rc_core: IR keymap rc-hauppauge not found
[  250.613244][ T5825] Registered IR keymap rc-empty
[  250.622138][ T7910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  251.535531][ T7910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  251.543029][ T5825] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  251.572699][ T5825] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input8
[  252.167539][ T7945] netlink: 8 bytes leftover after parsing attributes in process `syz.2.719'.
[  252.707417][   T25] usb 1-1: USB disconnect, device number 7
[  252.765472][  T977] usb 4-1: USB disconnect, device number 7
[  253.935613][ T7973] random: crng reseeded on system resumption
[  254.666496][ T5882] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  255.047546][ T5882] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  255.208814][ T5882] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.4b
[  255.225864][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0
[  255.254956][ T5882] usb 4-1: Product: syz
[  255.272129][ T5882] usb 4-1: config 0 descriptor??
[  255.534133][ T7988] netlink: 8 bytes leftover after parsing attributes in process `syz.2.733'.
[  255.942570][ T5882] ath6kl: Unsupported hardware version: 0x0
[  255.958344][ T5882] ath6kl: Failed to init ath6kl core: -22
[  255.968681][ T5882] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -22
[  256.068028][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  256.074438][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  256.768909][ T5882] usb 4-1: USB disconnect, device number 8
[  257.011583][ T8008] netlink: 16 bytes leftover after parsing attributes in process `syz.4.741'.
[  257.030705][ T8008] netlink: 24 bytes leftover after parsing attributes in process `syz.4.741'.
[  258.539663][ T8017] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun!
[  258.829290][ T8023] random: crng reseeded on system resumption
[  258.979209][ T8008] veth3: entered promiscuous mode
[  258.984424][ T8008] veth3: entered allmulticast mode
[  260.133098][ T8025] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[  260.143223][ T8025] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  262.144992][ T8028] netlink: 'syz.3.745': attribute type 10 has an invalid length.
[  262.162353][ T8028] netlink: 40 bytes leftover after parsing attributes in process `syz.3.745'.
[  264.095008][  T977] usb 5-1: new low-speed USB device number 7 using dummy_hcd
[  264.280519][ T8067] netlink: 'syz.0.759': attribute type 1 has an invalid length.
[  264.729763][  T977] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  264.929274][   T30] audit: type=1800 audit(1739251901.034:39): pid=8076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.761" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  264.961280][  T977] usb 5-1: config 0 has no interface number 0
[  264.969201][  T977] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  264.985231][  T977] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  264.999275][  T977] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  265.020331][  T977] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  265.033164][  T977] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  265.703235][ T8078] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  265.825822][  T977] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  265.873945][  T977] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  265.884886][  T977] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.939639][  T977] usb 5-1: config 0 descriptor??
[  266.211287][  T977] usb 5-1: can't set config #0, error -71
[  266.227334][  T977] usb 5-1: USB disconnect, device number 7
[  269.636696][ T8112] random: crng reseeded on system resumption
[  270.547968][ T8113] netlink: 'syz.4.772': attribute type 10 has an invalid length.
[  270.556199][ T8113] netlink: 40 bytes leftover after parsing attributes in process `syz.4.772'.
[  270.594129][ T8113] bridge0: port 3(batadv0) entered blocking state
[  271.023864][ T8113] bridge0: port 3(batadv0) entered disabled state
[  271.077026][ T8113] batadv0: entered allmulticast mode
[  271.159384][ T8113] batadv0: entered promiscuous mode
[  271.347489][ T8113] bridge0: port 3(batadv0) entered blocking state
[  271.354480][ T8113] bridge0: port 3(batadv0) entered forwarding state
[  272.122273][ T6665] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  272.131555][ T6665] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  272.731041][ T8151] netlink: 'syz.3.784': attribute type 1 has an invalid length.
[  273.303460][ T8165] pimreg: entered allmulticast mode
[  274.234119][ T8182] random: crng reseeded on system resumption
[  277.164176][ T8183] netlink: 'syz.4.799': attribute type 10 has an invalid length.
[  277.172391][ T8183] netlink: 40 bytes leftover after parsing attributes in process `syz.4.799'.
[  277.864507][ T8215] blktrace: Concurrent blktraces are not allowed on sg0
[  278.809691][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout
[  279.212815][ T8233] netlink: 52 bytes leftover after parsing attributes in process `syz.0.815'.
[  279.369709][ T8235] loop4: detected capacity change from 0 to 1024
[  279.646088][ T8235] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  280.679785][   T30] audit: type=1800 audit(1739251916.794:40): pid=8235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.816" name="file1" dev="loop4" ino=15 res=0 errno=0
[  281.150711][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.642848][ T8267] blktrace: Concurrent blktraces are not allowed on sg0
[  281.791496][ T8271] random: crng reseeded on system resumption
[  283.271997][   T30] audit: type=1326 audit(1739251919.384:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  283.320901][   T30] audit: type=1326 audit(1739251919.384:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  283.357966][   T30] audit: type=1326 audit(1739251919.384:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  283.392554][   T30] audit: type=1326 audit(1739251919.384:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  283.423887][   T30] audit: type=1326 audit(1739251919.384:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  283.448231][   T30] audit: type=1326 audit(1739251919.384:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  283.471455][   T30] audit: type=1326 audit(1739251919.384:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  283.566396][   T30] audit: type=1326 audit(1739251919.384:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  284.118704][   T30] audit: type=1326 audit(1739251919.384:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8285 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f25d678cde9 code=0x7ffc0000
[  284.231000][ T8291] loop4: detected capacity change from 0 to 1024
[  285.032492][ T8291] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.123452][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.379369][ T8313] Cannot find del_set index 136 as target
[  286.924944][  T974] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  287.116075][  T974] usb 2-1: Using ep0 maxpacket: 32
[  287.130786][  T974] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  287.144925][  T974] usb 2-1: config 0 has no interface number 0
[  287.161797][  T974] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  287.171301][  T974] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.195097][  T974] usb 2-1: Product: syz
[  287.199318][  T974] usb 2-1: Manufacturer: syz
[  287.203935][  T974] usb 2-1: SerialNumber: syz
[  287.248842][  T974] usb 2-1: config 0 descriptor??
[  287.268645][  T974] smsc95xx v2.0.0
[  288.264342][  T974] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  288.295003][  T974] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  288.324234][  T974] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  288.385657][  T974] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  288.424890][  T974] usb 2-1: USB disconnect, device number 3
[  289.241249][ T8342] ubi: mtd0 is already attached to ubi31
[  289.856035][ T8344] loop1: detected capacity change from 0 to 1024
[  290.001167][ T8344] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.235676][   T46] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  290.533810][   T30] kauditd_printk_skb: 43 callbacks suppressed
[  290.533827][   T30] audit: type=1800 audit(1739251926.644:93): pid=8344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.847" name="file1" dev="loop1" ino=15 res=0 errno=0
[  290.723527][ T8355] netlink: 16 bytes leftover after parsing attributes in process `syz.0.850'.
[  290.745363][   T46] usb 4-1: Using ep0 maxpacket: 32
[  291.113806][   T46] usb 4-1: config 0 has an invalid interface number: 213 but max is 0
[  291.145221][ T5835] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.175531][   T46] usb 4-1: config 0 has no interface number 0
[  291.199526][   T46] usb 4-1: New USB device found, idVendor=0b95, idProduct=7e2b, bcdDevice=eb.19
[  291.272640][ T8359] netlink: 40 bytes leftover after parsing attributes in process `syz.2.853'.
[  291.279209][   T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.282153][ T8359] tipc: Invalid UDP bearer configuration
[  291.293310][   T46] usb 4-1: Product: syz
[  291.303078][ T8357] netlink: 40 bytes leftover after parsing attributes in process `syz.4.852'.
[  291.315955][ T8359] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  291.335095][   T46] usb 4-1: Manufacturer: syz
[  291.339746][   T46] usb 4-1: SerialNumber: syz
[  291.376220][   T46] usb 4-1: config 0 descriptor??
[  291.779877][   T46] asix 4-1:0.213 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  291.793485][   T46] asix 4-1:0.213: probe with driver asix failed with error -71
[  292.457948][   T46] usb 4-1: USB disconnect, device number 9
[  293.182795][ T8376] use of bytesused == 0 is deprecated and will be removed in the future,
[  293.191692][ T8376] use the actual size instead.
[  293.262585][ T8381] overlayfs: failed to get index nlink (file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, err=-61)
[  294.417968][ T8391] ubi: mtd0 is already attached to ubi31
[  294.892707][ T8387] syz.2.862 (8387) used greatest stack depth: 18288 bytes left
[  295.019091][ T8393] netlink: 40 bytes leftover after parsing attributes in process `syz.0.865'.
[  295.209477][ T6665] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.389192][ T6665] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.412658][ T8400] random: crng reseeded on system resumption
[  295.492717][ T8397] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.604119][ T6665] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.707978][ T8397] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.843808][ T6665] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.946767][ T8397] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.240340][ T8397] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.612332][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  296.622247][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  296.636251][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  296.653457][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  296.665539][ T5838] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  296.674488][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  296.896399][ T8411] overlayfs: failed to get index nlink (file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, err=-61)
[  297.174457][ T8397] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  297.184075][ T6665] bridge_slave_1: left allmulticast mode
[  297.194789][ T6665] bridge_slave_1: left promiscuous mode
[  297.205798][ T6665] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.236330][ T6665] bridge_slave_0: left allmulticast mode
[  298.311609][ T6665] bridge_slave_0: left promiscuous mode
[  298.407343][ T6665] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.780515][ T5834] Bluetooth: hci0: command tx timeout
[  299.323662][ T8429] netlink: 8 bytes leftover after parsing attributes in process `syz.4.879'.
[  299.422955][ T8429] netlink: 8 bytes leftover after parsing attributes in process `syz.4.879'.
[  299.645940][ T8431] ubi: mtd0 is already attached to ubi31
[  300.196772][ T6665] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  300.243590][ T6665] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  300.266445][ T6665] bond0 (unregistering): Released all slaves
[  300.327684][ T8397] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  300.367283][ T8397] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  300.499505][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  300.508956][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  300.524056][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  300.547243][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  300.557669][ T5838] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  300.566265][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  300.591922][ T8397] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  300.696009][ T8447] random: crng reseeded on system resumption
[  300.856070][ T5838] Bluetooth: hci0: command tx timeout
[  302.645168][ T5838] Bluetooth: hci1: command tx timeout
[  302.859876][ T6665] hsr_slave_0: left promiscuous mode
[  302.883813][ T6665] hsr_slave_1: left promiscuous mode
[  302.939123][ T6665] veth1_macvtap: left promiscuous mode
[  302.945233][ T5838] Bluetooth: hci0: command tx timeout
[  302.961157][ T6665] veth0_macvtap: left promiscuous mode
[  302.971681][ T6665] veth1_vlan: left promiscuous mode
[  302.977475][ T6665] veth0_vlan: left promiscuous mode
[  304.695282][ T5838] Bluetooth: hci1: command tx timeout
[  305.015277][ T5838] Bluetooth: hci0: command tx timeout
[  305.112042][ T8487] overlayfs: failed to get index nlink (file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, err=-61)
[  305.543434][ T6665] team0 (unregistering): Port device team_slave_1 removed
[  305.738298][ T6665] team0 (unregistering): Port device team_slave_0 removed
[  306.752791][ T8502] random: crng reseeded on system resumption
[  306.788323][ T5838] Bluetooth: hci1: command tx timeout
[  307.828330][ T8407] chnl_net:caif_netlink_parms(): no params data found
[  308.442006][ T8407] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.450410][ T8407] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.462249][ T8407] bridge_slave_0: entered allmulticast mode
[  308.486294][ T8407] bridge_slave_0: entered promiscuous mode
[  308.497098][ T8407] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.504314][ T8407] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.513587][ T8407] bridge_slave_1: entered allmulticast mode
[  308.539034][ T8407] bridge_slave_1: entered promiscuous mode
[  308.855123][ T5838] Bluetooth: hci1: command tx timeout
[  308.875794][ T8532] overlayfs: failed to get index nlink (file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, err=-61)
[  309.400132][ T8441] chnl_net:caif_netlink_parms(): no params data found
[  309.562217][ T8407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  309.710506][ T8407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  309.990533][ T8407] team0: Port device team_slave_0 added
[  310.336978][ T8407] team0: Port device team_slave_1 added
[  310.448516][ T8558] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  310.455057][ T8558] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  310.484449][ T8558] vhci_hcd vhci_hcd.0: Device attached
[  310.508367][ T6665] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.655700][ T5883] vhci_hcd: vhci_device speed not set
[  310.692665][ T6665] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.727569][ T5883] usb 37-1: new full-speed USB device number 3 using vhci_hcd
[  310.729466][ T8407] batman_adv: batadv0: Adding interface: batadv_slave_0
[  310.744088][ T8407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  310.817491][ T8407] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  310.870493][ T6665] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.903800][ T8407] batman_adv: batadv0: Adding interface: batadv_slave_1
[  310.930634][ T8407] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  311.125132][ T8407] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  311.137149][ T8441] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.144594][ T8441] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.152073][ T8441] bridge_slave_0: entered allmulticast mode
[  311.169268][ T8441] bridge_slave_0: entered promiscuous mode
[  311.187362][ T6665] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.194118][ T8561] vhci_hcd: connection reset by peer
[  312.013768][   T29] vhci_hcd: stop threads
[  312.018205][   T29] vhci_hcd: release socket
[  312.033702][   T29] vhci_hcd: disconnect device
[  312.139367][ T8441] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.171487][ T8441] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.195180][ T8441] bridge_slave_1: entered allmulticast mode
[  312.218875][ T8441] bridge_slave_1: entered promiscuous mode
[  313.120832][ T8441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  313.397876][ T8578] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.512672][ T8407] hsr_slave_0: entered promiscuous mode
[  313.543647][ T8407] hsr_slave_1: entered promiscuous mode
[  313.573834][ T8407] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  313.601112][ T8407] Cannot create hsr debugfs directory
[  313.642963][ T8441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  313.706569][ T8578] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.947722][ T8578] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.118576][ T8441] team0: Port device team_slave_0 added
[  314.175152][ T8441] team0: Port device team_slave_1 added
[  314.250151][ T8578] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.465942][ T8441] batman_adv: batadv0: Adding interface: batadv_slave_0
[  314.478482][ T8441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.506358][ T8441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  315.178609][ T8441] batman_adv: batadv0: Adding interface: batadv_slave_1
[  315.198522][ T8441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  315.247474][ T8441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  315.608361][ T6665] batadv0: left allmulticast mode
[  315.613461][ T6665] batadv0: left promiscuous mode
[  315.670115][ T6665] bridge0: port 3(batadv0) entered disabled state
[  315.751934][ T6665] bridge_slave_1: left allmulticast mode
[  315.777952][ T6665] bridge_slave_1: left promiscuous mode
[  315.885366][ T5883] vhci_hcd: vhci_device speed not set
[  316.017300][ T6665] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.044133][ T6665] bridge_slave_0: left allmulticast mode
[  316.064643][ T6665] bridge_slave_0: left promiscuous mode
[  316.071152][ T6665] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.501207][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  317.507673][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  318.342513][ T6665] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  318.353511][ T6665] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  318.369766][ T6665] bond0 (unregistering): Released all slaves
[  318.467727][ T8441] hsr_slave_0: entered promiscuous mode
[  318.475446][ T8441] hsr_slave_1: entered promiscuous mode
[  318.482652][ T8441] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  318.492030][ T8441] Cannot create hsr debugfs directory
[  318.577329][ T8578] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  318.721599][ T8578] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  318.948728][ T8578] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  319.038837][ T8578] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  319.575179][ T8662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.928'.
[  319.713699][ T8664] overlayfs: failed to get index nlink (file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, err=-61)
[  319.876552][ T8662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.928'.
[  320.678857][ T6665] hsr_slave_0: left promiscuous mode
[  320.956325][ T6665] hsr_slave_1: left promiscuous mode
[  320.968540][ T6665] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  321.829098][ T6665] batman_adv: batadv0: Removing interface: batadv_slave_0
[  321.846613][ T6665] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  321.984943][ T5883] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  322.145132][ T5883] usb 1-1: Using ep0 maxpacket: 16
[  322.164117][ T5883] usb 1-1: config 0 has an invalid interface number: 214 but max is 0
[  322.172709][ T5883] usb 1-1: config 0 has no interface number 0
[  322.179795][ T5883] usb 1-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  322.218401][ T8679] netlink: 'syz.4.933': attribute type 10 has an invalid length.
[  322.790887][ T6665] batman_adv: batadv0: Removing interface: batadv_slave_1
[  322.898798][ T6665] veth1_macvtap: left promiscuous mode
[  322.914680][ T6665] veth0_macvtap: left promiscuous mode
[  322.915446][ T5883] usb 1-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  322.930005][ T5883] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.930040][ T6665] veth1_vlan: left promiscuous mode
[  322.938741][ T5883] usb 1-1: Product: syz
[  322.948304][ T5883] usb 1-1: Manufacturer: syz
[  322.952952][ T5883] usb 1-1: SerialNumber: syz
[  322.968316][ T5883] usb 1-1: config 0 descriptor??
[  322.974447][ T6665] veth0_vlan: left promiscuous mode
[  323.165746][ T6665] pimreg (unregistering): left allmulticast mode
[  323.412968][ T8667] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  323.428723][ T8667] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  323.721458][ T6665] team0 (unregistering): Port device team_slave_1 removed
[  323.774105][ T6665] team0 (unregistering): Port device team_slave_0 removed
[  323.871429][ T5883] usbtouchscreen 1-1:0.214: probe with driver usbtouchscreen failed with error -71
[  323.903275][ T5883] usb 1-1: USB disconnect, device number 8
[  324.341327][ T8407] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  324.371127][ T8688] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.391123][ T8407] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  324.466071][ T8688] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.572897][ T8688] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.609410][ T8680] infiniband syz1: set down
[  324.621064][ T8680] infiniband syz1: added team_slave_0
[  324.629821][ T8680] syz1: rxe_create_cq: returned err = -12
[  324.638182][ T8680] infiniband syz1: Couldn't create ib_mad CQ
[  324.644454][ T8680] infiniband syz1: Couldn't open port 1
[  324.690504][ T8680] RDS/IB: syz1: added
[  324.696889][ T8680] smc: adding ib device syz1 with port count 1
[  324.703324][ T8680] smc:    ib device syz1 port 1 has pnetid 
[  325.286044][ T8407] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  325.322749][ T8407] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  325.406117][ T8688] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.614093][ T8441] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  325.808672][ T8441] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  325.812980][ T6665] IPVS: stop unused estimator thread 0...
[  325.843536][ T8441] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  325.991016][ T8441] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  326.252377][ T8688] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  326.525938][ T8712] overlayfs: failed to get index nlink (file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, err=-61)
[  326.952413][ T8688] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  327.084217][ T8441] 8021q: adding VLAN 0 to HW filter on device bond0
[  327.166339][ T8441] 8021q: adding VLAN 0 to HW filter on device team0
[  327.273898][ T8688] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  327.299445][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.308030][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[  327.549309][ T8721] virtio-fs: tag </dev/md0> not found
[  328.444312][   T29] bridge0: port 2(bridge_slave_1) entered blocking state
[  328.451599][   T29] bridge0: port 2(bridge_slave_1) entered forwarding state
[  328.992035][ T8723] netlink: 16 bytes leftover after parsing attributes in process `syz.4.943'.
[  329.158689][ T8407] 8021q: adding VLAN 0 to HW filter on device bond0
[  329.201427][ T8688] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  329.259341][ T8724] 8021q: adding VLAN 0 to HW filter on device bond0
[  329.272195][ T8724] bond0: (slave rose0): Enslaving as an active interface with an up link
[  329.520672][ T8730] netlink: 'syz.4.945': attribute type 10 has an invalid length.
[  329.529521][ T8730] netlink: 40 bytes leftover after parsing attributes in process `syz.4.945'.
[  330.074340][ T8733] netlink: 8 bytes leftover after parsing attributes in process `syz.0.946'.
[  330.506766][ T8407] 8021q: adding VLAN 0 to HW filter on device team0
[  330.592714][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.601469][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  330.816509][ T6665] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.823741][ T6665] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.310794][ T8752] blktrace: Concurrent blktraces are not allowed on sg0
[  332.189811][ T8441] 8021q: adding VLAN 0 to HW filter on device batadv0
[  332.436367][ T8762] Cannot find del_set index 136 as target
[  333.148929][ T8407] 8021q: adding VLAN 0 to HW filter on device batadv0
[  333.694089][ T8790] netlink: 8 bytes leftover after parsing attributes in process `syz.0.957'.
[  334.128645][ T8792] overlayfs: failed to get index nlink (file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, err=-61)
[  334.728737][ T8441] veth0_vlan: entered promiscuous mode
[  334.800328][ T8441] veth1_vlan: entered promiscuous mode
[  335.040238][ T8441] veth0_macvtap: entered promiscuous mode
[  335.107996][ T8441] veth1_macvtap: entered promiscuous mode
[  335.557228][ T7367] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  335.617350][ T8441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  335.792801][ T8441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  335.866443][ T7367] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  335.939384][ T8441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  335.971641][ T7367] usb 1-1: config 0 interface 0 has no altsetting 0
[  335.991435][ T8441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.011343][ T7367] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  336.020547][ T8441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.040127][ T7367] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.053446][ T7367] usb 1-1: Product: syz
[  336.059078][ T8441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.077764][ T7367] usb 1-1: Manufacturer: syz
[  336.082581][ T7367] usb 1-1: SerialNumber: syz
[  336.113101][ T8441] batman_adv: batadv0: Interface activated: batadv_slave_0
[  336.126039][ T7367] usb 1-1: config 0 descriptor??
[  336.141938][ T8407] veth0_vlan: entered promiscuous mode
[  336.157505][ T7367] usb 1-1: selecting invalid altsetting 0
[  336.177354][ T8441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.200469][ T8441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.221001][ T8441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.234990][ T8441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.249870][ T8441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.260957][ T8441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.281015][ T8441] batman_adv: batadv0: Interface activated: batadv_slave_1
[  336.303265][ T8441] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  336.364932][ T8441] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  336.373679][ T8441] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  336.434942][ T8441] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  336.587640][ T8407] veth1_vlan: entered promiscuous mode
[  338.250513][    T9] usb 1-1: USB disconnect, device number 9
[  338.436892][ T8407] veth0_macvtap: entered promiscuous mode
[  338.484442][ T6665] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  338.525081][ T6665] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  338.736498][ T8845] netlink: 8 bytes leftover after parsing attributes in process `syz.4.969'.
[  338.747298][ T8845] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  339.146762][ T8407] veth1_macvtap: entered promiscuous mode
[  339.289128][ T6665] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  339.332891][ T6665] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  339.395891][ T1078] Bluetooth: hci5: Frame reassembly failed (-84)
[  339.403623][ T1078] Bluetooth: hci5: Frame reassembly failed (-84)
[  339.422143][ T1078] Bluetooth: hci5: Frame reassembly failed (-84)
[  339.449848][ T8851] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  339.515289][ T8407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.535026][ T8407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.553142][ T8407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.575360][ T8407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.595582][ T8407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.619116][ T8407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.629562][ T8407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  339.641300][ T8407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.654512][ T8407] batman_adv: batadv0: Interface activated: batadv_slave_0
[  339.697041][ T8407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.715067][ T8407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  339.887778][ T8407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  339.978110][ T8407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.295404][ T8407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.459349][ T8407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.514962][ T8407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.532526][ T8407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.593064][ T8407] batman_adv: batadv0: Interface activated: batadv_slave_1
[  340.644031][ T8407] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  340.696290][ T8865] netlink: 'syz.6.877': attribute type 1 has an invalid length.
[  340.734234][ T8407] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  340.761828][ T8407] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  340.803720][ T8407] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  341.051876][ T7746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  341.076991][ T7746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  341.485047][ T5838] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  341.491785][ T5834] Bluetooth: hci5: command 0x1003 tx timeout
[  342.766651][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.777791][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  347.730507][ T8920] relay: one or more items not logged [item size (56) > sub-buffer size (6)]
[  349.575815][ T8934] loop2: detected capacity change from 0 to 1024
[  349.691256][ T8934] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.784869][   T30] audit: type=1800 audit(1739251985.894:94): pid=8934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.989" name="file1" dev="loop2" ino=15 res=0 errno=0
[  349.843704][ T8951] netlink: 16 bytes leftover after parsing attributes in process `syz.5.993'.
[  350.066897][ T5842] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.925839][ T8963] netlink: 'syz.5.997': attribute type 1 has an invalid length.
[  353.191388][ T8999] loop5: detected capacity change from 0 to 1024
[  353.271409][ T8994] syzkaller0: entered promiscuous mode
[  353.278580][ T8994] syzkaller0: entered allmulticast mode
[  353.309216][ T8999] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.369385][   T30] audit: type=1800 audit(1739251989.484:95): pid=8999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1007" name="file1" dev="loop5" ino=15 res=0 errno=0
[  353.698459][ T8407] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.439232][ T9016] syz.4.1011 (9016) used greatest stack depth: 18160 bytes left
[  356.277225][ T9029] netlink: 'syz.4.1014': attribute type 1 has an invalid length.
[  357.066123][ T9046] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1019'.
[  357.099742][ T9046] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1019'.
[  357.602576][ T9053] loop6: detected capacity change from 0 to 1024
[  357.683488][ T9053] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.753221][   T30] audit: type=1800 audit(1739251993.864:96): pid=9053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1022" name="file1" dev="loop6" ino=15 res=0 errno=0
[  357.867108][ T8441] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.565654][  T977] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  358.957336][  T977] usb 7-1: Using ep0 maxpacket: 8
[  359.254049][  T977] usb 7-1: config 0 has no interfaces?
[  359.273958][  T977] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  359.287057][  T977] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  359.310322][  T977] usb 7-1: Product: syz
[  359.314534][  T977] usb 7-1: SerialNumber: syz
[  359.347388][  T977] usb 7-1: config 0 descriptor??
[  359.567776][ T5893] usb 7-1: USB disconnect, device number 2
[  361.367383][ T9089] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1032'.
[  361.701383][ T9093] loop4: detected capacity change from 0 to 1024
[  361.815177][ T9093] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  361.876285][   T30] audit: type=1800 audit(1739251997.984:97): pid=9093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1034" name="file1" dev="loop4" ino=15 res=0 errno=0
[  362.017981][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.958822][    T9] IPVS: starting estimator thread 0...
[  366.969420][ T9135] IPVS: ip_vs_add_dest(): server weight less than zero
[  366.970394][ T9137] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[  366.982822][ T9137] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  367.045407][ T9137] vhci_hcd vhci_hcd.0: Device attached
[  367.088985][ T9138] IPVS: using max 22 ests per chain, 52800 per kthread
[  367.097929][   T30] audit: type=1326 audit(1739252003.174:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9142 comm="syz.4.1051" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f51b7d8cde9 code=0x0
[  367.266112][    T9] vhci_hcd: vhci_device speed not set
[  367.330265][    T9] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[  367.505401][ T9153] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1053'.
[  367.783586][ T9140] vhci_hcd: connection reset by peer
[  367.823120][ T5897] vhci_hcd: stop threads
[  367.969882][ T5897] vhci_hcd: release socket
[  368.003527][ T5897] vhci_hcd: disconnect device
[  368.609418][ T9170] syzkaller0: entered promiscuous mode
[  368.642161][ T9170] syzkaller0: entered allmulticast mode
[  371.435314][ T9210] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1068'.
[  372.134429][ T9212] loop6: detected capacity change from 0 to 1024
[  372.230988][ T9212] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  372.261211][   T30] audit: type=1800 audit(1739252008.384:99): pid=9212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1069" name="file1" dev="loop6" ino=15 res=0 errno=0
[  372.333809][ T8441] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.476224][    T9] vhci_hcd: vhci_device speed not set
[  372.695014][ T9225] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1071'.
[  373.321542][ T9228] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[  373.328108][ T9228] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  373.339580][ T9228] vhci_hcd vhci_hcd.0: Device attached
[  373.577758][    T9] vhci_hcd: vhci_device speed not set
[  373.635019][    T9] usb 45-1: new full-speed USB device number 3 using vhci_hcd
[  374.091984][ T9230] vhci_hcd: connection reset by peer
[  374.097675][ T3509] vhci_hcd: stop threads
[  374.102907][ T3509] vhci_hcd: release socket
[  374.113217][ T3509] vhci_hcd: disconnect device
[  376.347182][ T9258] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1079'.
[  376.888612][ T9275] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  376.895173][ T9275] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  376.957377][ T9275] vhci_hcd vhci_hcd.0: Device attached
[  377.038861][ T9276] syzkaller0: entered promiscuous mode
[  377.054361][ T9276] syzkaller0: entered allmulticast mode
[  377.135253][ T5893] vhci_hcd: vhci_device speed not set
[  377.194994][ T5893] usb 33-1: new full-speed USB device number 2 using vhci_hcd
[  377.734359][ T9278] vhci_hcd: connection reset by peer
[  377.749607][ T6665] vhci_hcd: stop threads
[  377.769856][ T6665] vhci_hcd: release socket
[  377.779778][ T6665] vhci_hcd: disconnect device
[  378.877501][    T9] vhci_hcd: vhci_device speed not set
[  378.950132][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  378.956912][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  380.496576][ T9325] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  380.503151][ T9325] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  380.564479][ T9325] vhci_hcd vhci_hcd.0: Device attached
[  380.827718][ T7367] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  381.023407][ T7367] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  381.024618][ T7367] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  381.024682][ T7367] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  381.024707][ T7367] usb 6-1: config 0 interface 0 has no altsetting 0
[  381.045583][ T7367] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  381.045643][ T7367] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  381.045669][ T7367] usb 6-1: config 0 interface 0 has no altsetting 0
[  381.046966][ T7367] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  381.047019][ T7367] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  381.047045][ T7367] usb 6-1: config 0 interface 0 has no altsetting 0
[  381.048315][ T7367] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  381.048367][ T7367] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  381.048392][ T7367] usb 6-1: config 0 interface 0 has no altsetting 0
[  381.049660][ T7367] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  381.049715][ T7367] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  381.049740][ T7367] usb 6-1: config 0 interface 0 has no altsetting 0
[  381.051003][ T7367] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  381.051057][ T7367] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  381.051082][ T7367] usb 6-1: config 0 interface 0 has no altsetting 0
[  381.056039][ T7367] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  381.056093][ T7367] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  381.056118][ T7367] usb 6-1: config 0 interface 0 has no altsetting 0
[  381.057346][ T7367] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  381.057398][ T7367] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  381.057441][ T7367] usb 6-1: config 0 interface 0 has no altsetting 0
[  381.060091][ T7367] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  381.060117][ T7367] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  381.060136][ T7367] usb 6-1: Product: syz
[  381.060151][ T7367] usb 6-1: Manufacturer: syz
[  381.060165][ T7367] usb 6-1: SerialNumber: syz
[  381.076531][ T7367] usb 6-1: config 0 descriptor??
[  381.358144][ T9327] vhci_hcd: connection closed
[  381.383749][ T6664] vhci_hcd: stop threads
[  381.413598][ T7367] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  381.421252][ T6664] vhci_hcd: release socket
[  381.421318][ T6664] vhci_hcd: disconnect device
[  381.676366][    T9] usb 6-1: USB disconnect, device number 2
[  381.687184][    T9] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  382.375383][ T5893] vhci_hcd: vhci_device speed not set
[  383.852072][ T9349] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  383.858645][ T9349] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  383.965008][ T9349] vhci_hcd vhci_hcd.0: Device attached
[  384.145191][ T5884] vhci_hcd: vhci_device speed not set
[  384.215499][ T5884] usb 43-1: new full-speed USB device number 2 using vhci_hcd
[  384.255491][ T5825] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  384.426118][ T5825] usb 7-1: config 0 has an invalid interface number: 181 but max is 0
[  384.444918][ T5825] usb 7-1: config 0 has no interface number 0
[  384.451087][ T5825] usb 7-1: New USB device found, idVendor=0733, idProduct=2211, bcdDevice=79.f4
[  384.513381][ T5825] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.536756][ T9356] vhci_hcd: connection reset by peer
[  384.557557][   T11] vhci_hcd: stop threads
[  384.574358][ T5825] usb 7-1: config 0 descriptor??
[  384.574469][   T11] vhci_hcd: release socket
[  384.608125][ T5825] gspca_main: sunplus-2.14.0 probing 0733:2211
[  384.615321][   T11] vhci_hcd: disconnect device
[  384.873429][ T5825] gspca_sunplus: reg_r err -71
[  384.984979][ T5825] sunplus 7-1:0.181: probe with driver sunplus failed with error -71
[  385.219543][ T5825] usb 7-1: USB disconnect, device number 3
[  386.221489][ T9389] syzkaller0: entered promiscuous mode
[  386.295069][ T9389] syzkaller0: entered allmulticast mode
[  386.375838][ T9395] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1114'.
[  387.541836][ T9409] loop5: detected capacity change from 0 to 1024
[  387.833599][ T9409] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  388.543637][   T30] audit: type=1800 audit(1739252024.654:100): pid=9409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1119" name="file1" dev="loop5" ino=15 res=0 errno=0
[  388.764075][ T8407] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  389.325763][ T5884] vhci_hcd: vhci_device speed not set
[  389.388017][ T9430] netlink: 'syz.5.1122': attribute type 8 has an invalid length.
[  389.396553][ T9430] netlink: 163260 bytes leftover after parsing attributes in process `syz.5.1122'.
[  392.311651][ T9420] IPv6: sit1: Disabled Multicast RS
[  392.537410][ T9429] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  392.543676][ T9429] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  392.551215][ T9429] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  392.557550][ T9429] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  392.579070][ T9429] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  392.587304][ T9429] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  392.593387][ T9429] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  392.602435][ T9429] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  392.681241][ T9438] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[  392.687776][ T9438] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  392.718044][ T9438] vhci_hcd vhci_hcd.0: Device attached
[  392.914997][ T5884] vhci_hcd: vhci_device speed not set
[  393.002159][ T5884] usb 45-1: new full-speed USB device number 4 using vhci_hcd
[  393.322499][ T9458] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1129'.
[  393.406155][ T9442] vhci_hcd: connection reset by peer
[  393.574151][ T3509] vhci_hcd: stop threads
[  393.735109][ T3509] vhci_hcd: release socket
[  393.752844][ T3509] vhci_hcd: disconnect device
[  393.820999][ T9463] loop4: detected capacity change from 0 to 1024
[  394.028600][ T9463] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  394.127633][   T30] audit: type=1800 audit(1739252030.244:101): pid=9463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1132" name="file1" dev="loop4" ino=15 res=0 errno=0
[  394.559035][ T5845] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  394.635202][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  394.641892][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  394.648965][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout
[  394.656000][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  395.124349][ T9479] syzkaller0: entered promiscuous mode
[  395.171036][ T9479] syzkaller0: entered allmulticast mode
[  395.598301][ T9499] netlink: 'syz.4.1136': attribute type 8 has an invalid length.
[  395.606366][ T9499] netlink: 163260 bytes leftover after parsing attributes in process `syz.4.1136'.
[  396.785168][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout
[  396.793563][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  398.137542][ T5884] vhci_hcd: vhci_device speed not set
[  398.860835][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  398.862435][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout
[  399.205652][ T9498] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  399.211872][ T9498] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  399.221049][ T9498] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  399.227974][ T9498] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  399.521305][ T9525] loop5: detected capacity change from 0 to 1024
[  399.556226][ T9518] bond1: entered promiscuous mode
[  399.563288][ T9518] 8021q: adding VLAN 0 to HW filter on device bond1
[  399.587786][ T9523] lo speed is unknown, defaulting to 1000
[  399.627055][ T9525] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  399.644058][ T9532] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  399.650617][ T9532] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  399.671732][ T9523] lo speed is unknown, defaulting to 1000
[  399.677468][ T9532] vhci_hcd vhci_hcd.0: Device attached
[  399.705096][   T30] audit: type=1800 audit(1739252035.814:102): pid=9525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1146" name="file1" dev="loop5" ino=15 res=0 errno=0
[  399.754213][ T9523] lo speed is unknown, defaulting to 1000
[  399.855040][ T5893] vhci_hcd: vhci_device speed not set
[  399.871236][ T8407] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.880191][ T9523] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  399.914954][ T5893] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  399.981866][ T9523] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  400.327967][ T9535] vhci_hcd: connection reset by peer
[  400.363851][   T11] vhci_hcd: stop threads
[  400.432379][   T11] vhci_hcd: release socket
[  400.494963][   T11] vhci_hcd: disconnect device
[  400.706224][ T9523] lo speed is unknown, defaulting to 1000
[  400.744376][ T9523] lo speed is unknown, defaulting to 1000
[  400.801140][ T9523] lo speed is unknown, defaulting to 1000
[  401.094921][ T9523] lo speed is unknown, defaulting to 1000
[  401.266555][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout
[  401.266642][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  401.272637][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout
[  401.278830][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  401.362358][ T9523] lo speed is unknown, defaulting to 1000
[  401.460180][ T9559] netlink: 'syz.6.1153': attribute type 10 has an invalid length.
[  401.468169][ T9559] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1153'.
[  401.477358][ T9559] bridge0: port 3(batadv0) entered blocking state
[  401.483848][ T9559] bridge0: port 3(batadv0) entered disabled state
[  401.490462][ T9559] batadv0: entered allmulticast mode
[  401.496952][ T9559] batadv0: entered promiscuous mode
[  401.502626][ T9559] bridge0: port 3(batadv0) entered blocking state
[  401.509148][ T9559] bridge0: port 3(batadv0) entered forwarding state
[  402.282178][   T11] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  402.291572][   T11] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  402.438741][ T9576] netlink: 'syz.5.1156': attribute type 8 has an invalid length.
[  402.447180][ T9576] netlink: 163260 bytes leftover after parsing attributes in process `syz.5.1156'.
[  402.617845][ T9570] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  402.653715][ T9570] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  402.662434][ T9570] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  402.671190][ T9583] exfat: Unknown parameter 'discardu/#/msr'
[  402.703725][ T9570] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  404.454999][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout
[  404.698860][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout
[  404.705029][ T9482] Bluetooth: hci4: command 0x0c1a tx timeout
[  404.774967][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout
[  404.865485][ T9611] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  404.872056][ T9611] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  405.069970][ T9616] netlink: 'syz.0.1166': attribute type 10 has an invalid length.
[  405.078321][ T9616] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1166'.
[  405.092105][ T9616] bridge0: port 3(batadv0) entered blocking state
[  405.106623][ T9616] bridge0: port 3(batadv0) entered disabled state
[  405.122453][ T9616] batadv0: entered allmulticast mode
[  405.147210][ T9611] vhci_hcd vhci_hcd.0: Device attached
[  405.154938][ T5893] vhci_hcd: vhci_device speed not set
[  405.220520][ T9616] batadv0: entered promiscuous mode
[  405.247304][ T9616] bridge0: port 3(batadv0) entered blocking state
[  405.254197][ T9616] bridge0: port 3(batadv0) entered forwarding state
[  405.386154][ T7367] vhci_hcd: vhci_device speed not set
[  405.456693][ T7367] usb 37-1: new full-speed USB device number 4 using vhci_hcd
[  405.678866][ T9614] vhci_hcd: connection reset by peer
[  405.680768][ T9624] IPVS: ip_vs_add_dest(): server weight less than zero
[  405.699093][ T7746] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  405.708669][ T7746] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  405.778353][ T9625] ufs: You didn't specify the type of your ufs filesystem
[  405.778353][ T9625] 
[  405.778353][ T9625] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  405.778353][ T9625] 
[  405.778353][ T9625] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  405.809480][    C1] vkms_vblank_simulate: vblank timer overrun
[  405.819082][ T9625] ufs: ufstype=old is supported read-only
[  405.834363][ T9625] ufs: ufs_fill_super(): bad magic number
[  405.906305][ T7507] vhci_hcd: stop threads
[  406.354944][ T7507] vhci_hcd: release socket
[  406.389111][ T7507] vhci_hcd: disconnect device
[  406.704028][ T9640] netlink: 'syz.5.1174': attribute type 8 has an invalid length.
[  406.715255][ T9640] netlink: 163260 bytes leftover after parsing attributes in process `syz.5.1174'.
[  407.220798][ T9658] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:20002
[  407.416675][ T9638] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  407.422784][ T9638] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  407.428920][ T9638] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  407.435038][ T9638] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  407.549647][ T9661] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1180'.
[  408.406369][ T5882] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  408.489062][ T9680] ufs: You didn't specify the type of your ufs filesystem
[  408.489062][ T9680] 
[  408.489062][ T9680] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  408.489062][ T9680] 
[  408.489062][ T9680] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  408.519935][    C1] vkms_vblank_simulate: vblank timer overrun
[  408.526475][ T9680] ufs: ufstype=old is supported read-only
[  408.536796][ T9680] ufs: ufs_fill_super(): bad magic number
[  408.775295][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  409.086324][ T5882] usb 3-1: Using ep0 maxpacket: 16
[  409.174713][ T9684] netlink: 'syz.4.1184': attribute type 10 has an invalid length.
[  409.261709][ T9684] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1184'.
[  409.300965][ T5882] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  409.387652][ T5882] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  409.479965][ T5882] usb 3-1: Product: syz
[  409.504410][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout
[  409.511262][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  409.514923][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout
[  409.543319][ T5882] usb 3-1: Manufacturer: syz
[  409.605009][ T5882] usb 3-1: SerialNumber: syz
[  409.641385][ T5882] usb 3-1: config 0 descriptor??
[  409.680910][ T5882] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  410.061189][ T9699] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[  410.067775][ T9699] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  410.204183][ T9712] netlink: 'syz.4.1191': attribute type 8 has an invalid length.
[  410.213158][ T9712] netlink: 163260 bytes leftover after parsing attributes in process `syz.4.1191'.
[  410.265104][ T9699] vhci_hcd vhci_hcd.0: Device attached
[  410.554846][    C0] hrtimer: interrupt took 54871 ns
[  410.634998][ T7367] vhci_hcd: vhci_device speed not set
[  410.745171][ T5915] vhci_hcd: vhci_device speed not set
[  410.798366][ T9703] vhci_hcd: connection closed
[  410.798804][ T7746] vhci_hcd: stop threads
[  410.817770][ T5915] usb 45-1: new full-speed USB device number 5 using vhci_hcd
[  410.820921][ T7746] vhci_hcd: release socket
[  410.848641][ T7746] vhci_hcd: disconnect device
[  410.870687][ T9709] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  410.879016][ T9709] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  410.886807][ T9709] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  410.893027][ T9709] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  410.975222][ T5882] ssu100 3-1:0.0: probe with driver ssu100 failed with error -71
[  411.034964][ T5882] usb 3-1: USB disconnect, device number 7
[  411.300888][ T9731] overlayfs: failed to get index nlink (file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, err=-61)
[  412.052309][ T9739] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1195'.
[  412.295312][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout
[  412.936685][ T9482] Bluetooth: hci1: command 0x0c1a tx timeout
[  412.947414][ T9755] Bluetooth: hci4: command 0x0c1a tx timeout
[  412.953157][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout
[  413.079331][ T9754] netlink: 'syz.5.1199': attribute type 10 has an invalid length.
[  413.089690][ T9754] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1199'.
[  413.137844][ T9754] bridge0: port 3(batadv0) entered blocking state
[  413.146437][ T9754] bridge0: port 3(batadv0) entered disabled state
[  413.155745][ T9754] batadv0: entered allmulticast mode
[  413.207720][ T9754] batadv0: entered promiscuous mode
[  413.220766][ T9754] bridge0: port 3(batadv0) entered blocking state
[  413.227727][ T9754] bridge0: port 3(batadv0) entered forwarding state
[  413.444590][ T3509] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  413.453911][ T3509] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  413.996979][ T9769] netlink: 'syz.5.1204': attribute type 8 has an invalid length.
[  414.005484][ T9769] netlink: 163260 bytes leftover after parsing attributes in process `syz.5.1204'.
[  414.414218][ T9787] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  414.420779][ T9787] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  414.460490][ T9790] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1209'.
[  414.688667][ T9768] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  414.695458][ T9768] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  414.701645][ T9768] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  414.705573][ T9787] vhci_hcd vhci_hcd.0: Device attached
[  414.707969][ T9768] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  415.015485][ T5893] vhci_hcd: vhci_device speed not set
[  415.085214][ T5893] usb 41-1: new full-speed USB device number 3 using vhci_hcd
[  415.194945][ T5884] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  415.226909][ T9788] vhci_hcd: connection reset by peer
[  415.244296][ T6664] vhci_hcd: stop threads
[  415.251133][ T6664] vhci_hcd: release socket
[  415.266278][ T6664] vhci_hcd: disconnect device
[  415.606604][ T5884] usb 7-1: Using ep0 maxpacket: 8
[  415.975438][ T5915] vhci_hcd: vhci_device speed not set
[  416.049446][ T5884] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  416.067071][ T5884] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x14, changing to 0x4
[  416.078892][ T5884] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  416.107130][ T5884] usb 7-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  416.124938][ T5884] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.132979][ T5884] usb 7-1: Product: syz
[  416.137701][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  416.152119][ T5884] usb 7-1: Manufacturer: syz
[  416.205360][ T5884] usb 7-1: SerialNumber: syz
[  416.236148][ T5884] usb 7-1: config 0 descriptor??
[  416.347835][ T5884] imon:imon_find_endpoints: no valid input (IR) endpoint found
[  416.456434][ T5884] imon 7-1:0.0: unable to initialize intf0, err -19
[  416.578449][ T5884] imon:imon_probe: failed to initialize context!
[  416.775234][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  416.781519][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  416.784995][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout
[  416.819249][ T9775] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  416.834951][ T5884] imon 7-1:0.0: unable to register, err -19
[  416.915869][ T9775] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  416.976452][ T5884] usb 7-1: USB disconnect, device number 4
[  417.144943][   T46] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  417.335420][   T46] usb 1-1: Using ep0 maxpacket: 8
[  417.354407][   T46] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  417.366097][   T46] usb 1-1: config 0 has no interfaces?
[  417.382429][   T46] usb 1-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=31.1f
[  417.393294][   T46] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.394985][    T9] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  417.408607][   T46] usb 1-1: Product: syz
[  417.413692][   T46] usb 1-1: Manufacturer: syz
[  417.420704][ T9836] netlink: 'syz.5.1220': attribute type 8 has an invalid length.
[  417.426838][   T46] usb 1-1: SerialNumber: syz
[  417.428621][ T9836] netlink: 163260 bytes leftover after parsing attributes in process `syz.5.1220'.
[  417.468037][   T46] usb 1-1: config 0 descriptor??
[  417.597474][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  417.614504][    T9] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  417.805541][    T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  417.823386][ T5884] usb 1-1: USB disconnect, device number 10
[  417.840465][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  417.860333][    T9] usb 5-1: SerialNumber: syz
[  417.877134][    T9] usb 5-1: bad CDC descriptors
[  418.119348][ T9834] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  418.125950][ T9834] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  418.132182][ T9834] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  418.139292][ T9834] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  418.343827][ T9853] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1222'.
[  418.807363][ T9845] netlink: 'syz.6.1221': attribute type 1 has an invalid length.
[  419.425300][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout
[  419.724518][ T9874] netlink: 'syz.2.1229': attribute type 10 has an invalid length.
[  419.839688][ T9868] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  420.135403][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout
[  420.141583][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout
[  420.162700][ T9885] netlink: 'syz.5.1233': attribute type 8 has an invalid length.
[  420.170619][ T9885] netlink: 163260 bytes leftover after parsing attributes in process `syz.5.1233'.
[  420.214946][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout
[  420.516706][  T977] usb 5-1: USB disconnect, device number 8
[  420.525903][ T5893] vhci_hcd: vhci_device speed not set
[  420.870680][ T9884] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  420.877048][ T9884] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  420.883241][ T9884] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  420.889531][ T9884] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  422.215633][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  422.251839][ T9909] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1238'.
[  423.016577][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  423.017489][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout
[  423.022859][ T9755] Bluetooth: hci4: command 0x0c1a tx timeout
[  424.074042][ T9930] F2FS-fs (loop11): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  424.082471][ T9930] F2FS-fs (loop11): Can't find valid F2FS filesystem in 1th superblock
[  424.094795][ T9930] F2FS-fs (loop11): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  424.103171][ T9930] F2FS-fs (loop11): Can't find valid F2FS filesystem in 2th superblock
[  424.972756][ T9948] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  426.427019][ T9975] ufs: You didn't specify the type of your ufs filesystem
[  426.427019][ T9975] 
[  426.427019][ T9975] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  426.427019][ T9975] 
[  426.427019][ T9975] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  426.459979][ T9975] ufs: ufstype=old is supported read-only
[  426.472630][ T9975] ufs: ufs_fill_super(): bad magic number
[  426.493675][  T977] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  426.976710][  T977] usb 6-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c
[  427.065373][  T977] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.073420][  T977] usb 6-1: Product: syz
[  427.109926][  T977] usb 6-1: Manufacturer: syz
[  427.114584][  T977] usb 6-1: SerialNumber: syz
[  427.161287][  T977] usb 6-1: config 0 descriptor??
[  427.460637][ T9983] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  427.468765][ T9983] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  427.479070][ T9983] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  427.487347][ T9983] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  428.725567][  T977] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  428.768763][  T977] asix 6-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  428.843120][  T977] asix 6-1:0.0: probe with driver asix failed with error -71
[  428.895355][  T977] usb 6-1: USB disconnect, device number 3
[  429.075444][    T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  429.235443][    T9] usb 3-1: Using ep0 maxpacket: 8
[  429.244413][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  429.280426][    T9] usb 3-1: config 0 has no interfaces?
[  429.290985][    T9] usb 3-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=31.1f
[  429.301802][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.328722][    T9] usb 3-1: Product: syz
[  429.352319][    T9] usb 3-1: Manufacturer: syz
[  429.363589][    T9] usb 3-1: SerialNumber: syz
[  429.391242][    T9] usb 3-1: config 0 descriptor??
[  429.798080][    T9] usb 3-1: USB disconnect, device number 8
[  429.908010][T10031] ufs: You didn't specify the type of your ufs filesystem
[  429.908010][T10031] 
[  429.908010][T10031] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  429.908010][T10031] 
[  429.908010][T10031] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  429.939400][T10031] ufs: ufstype=old is supported read-only
[  429.951510][T10031] ufs: ufs_fill_super(): bad magic number
[  430.617940][T10030] F2FS-fs (loop13): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  430.626416][T10030] F2FS-fs (loop13): Can't find valid F2FS filesystem in 1th superblock
[  430.638967][T10030] F2FS-fs (loop13): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  430.648217][T10030] F2FS-fs (loop13): Can't find valid F2FS filesystem in 2th superblock
[  430.776569][ T5834] Bluetooth: hci5: command 0x1003 tx timeout
[  430.784404][ T9755] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  433.783132][T10080] ufs: You didn't specify the type of your ufs filesystem
[  433.783132][T10080] 
[  433.783132][T10080] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  433.783132][T10080] 
[  433.783132][T10080] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  433.814485][T10080] ufs: ufstype=old is supported read-only
[  433.827689][T10080] ufs: ufs_fill_super(): bad magic number
[  435.245501][T10095] Process accounting resumed
[  436.385020][ T9755] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  436.721730][T10095] lo speed is unknown, defaulting to 1000
[  438.017956][T10112] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  438.105182][T10112] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  438.293692][T10123] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  438.304160][T10123] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  438.383915][T10112] netdevsim netdevsim6: Falling back to sysfs fallback for: .
[  438.517348][T10123] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  438.528109][T10123] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  439.276691][T10139] ufs: You didn't specify the type of your ufs filesystem
[  439.276691][T10139] 
[  439.276691][T10139] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  439.276691][T10139] 
[  439.276691][T10139] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  439.309637][T10139] ufs: ufstype=old is supported read-only
[  439.323249][T10139] ufs: ufs_fill_super(): bad magic number
[  440.426479][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  440.433452][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  441.825318][T10150] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI
[  441.837931][T10150] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[  441.846359][T10150] CPU: 1 UID: 0 PID: 10150 Comm: syz.0.1299 Not tainted 6.14.0-rc2-next-20250210-syzkaller #0
[  441.856653][T10150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  441.866713][T10150] RIP: 0010:skb_queue_purge_reason+0xaa/0x500
[  441.872818][T10150] Code: 89 44 24 78 42 c6 44 30 13 f3 e8 c1 9e 03 f8 48 8d bc 24 b0 00 00 00 ba 48 00 00 00 31 f6 e8 bd 9c 6a f8 4d 89 ef 49 c1 ef 03 <43> 80 3c 37 00 74 08 4c 89 ef e8 d7 99 6a f8 49 8b 45 00 4c 39 e8
[  441.892528][T10150] RSP: 0018:ffffc900115dfa20 EFLAGS: 00010202
[  441.898598][T10150] RAX: ffffc900115dfad0 RBX: 0000000000000000 RCX: 0000000000000000
[  441.906572][T10150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc900115dfb18
[  441.914539][T10150] RBP: ffffc900115dfb90 R08: ffffc900115dfb17 R09: 0000000000000000
[  441.922563][T10150] R10: ffffc900115dfad0 R11: fffff520022bbf63 R12: dffffc0000000000
[  441.930541][T10150] R13: 0000000000000008 R14: dffffc0000000000 R15: 0000000000000001
[  441.938684][T10150] FS:  00005555859e9500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  441.947641][T10150] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  441.954248][T10150] CR2: 00007f876e7a0f98 CR3: 0000000024e70000 CR4: 00000000003526f0
[  441.962220][T10150] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  441.970210][T10150] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  441.978265][T10150] Call Trace:
[  441.981530][T10150]  <TASK>
[  441.984444][T10150]  ? __die_body+0x5f/0xb0
[  441.988774][T10150]  ? die_addr+0xb0/0xe0
[  441.992913][T10150]  ? exc_general_protection+0x3dd/0x5d0
[  441.998449][T10150]  ? asm_exc_general_protection+0x26/0x30
[  442.004158][T10150]  ? skb_queue_purge_reason+0xaa/0x500
[  442.009605][T10150]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  442.015925][T10150]  ? enable_work+0x22a/0x360
[  442.020510][T10150]  ? lockdep_hardirqs_on+0x99/0x150
[  442.025692][T10150]  ? __pfx_skb_queue_purge_reason+0x10/0x10
[  442.031569][T10150]  ? enable_work+0x2e3/0x360
[  442.036156][T10150]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  442.042491][T10150]  mrvl_close+0x8e/0x120
[  442.046743][T10150]  hci_uart_tty_close+0x205/0x290
[  442.051769][T10150]  tty_ldisc_kill+0xa3/0x1a0
[  442.056346][T10150]  tty_ldisc_release+0x1a1/0x200
[  442.061271][T10150]  tty_release_struct+0x2b/0xe0
[  442.066198][T10150]  tty_release+0xd06/0x12c0
[  442.070689][T10150]  ? __pfx_tty_release+0x10/0x10
[  442.075723][T10150]  __fput+0x3e9/0x9f0
[  442.079708][T10150]  task_work_run+0x24f/0x310
[  442.084280][T10150]  ? _raw_spin_unlock+0x28/0x50
[  442.089125][T10150]  ? __pfx_task_work_run+0x10/0x10
[  442.094226][T10150]  ? syscall_exit_to_user_mode+0xa3/0x340
[  442.100028][T10150]  syscall_exit_to_user_mode+0x13f/0x340
[  442.105675][T10150]  do_syscall_64+0x100/0x230
[  442.110264][T10150]  ? clear_bhb_loop+0x35/0x90
[  442.114935][T10150]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.120834][T10150] RIP: 0033:0x7fc8ff38cde9
[  442.125260][T10150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  442.144876][T10150] RSP: 002b:00007ffcb98d27d8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  442.153305][T10150] RAX: 0000000000000000 RBX: 000000000006b977 RCX: 00007fc8ff38cde9
[  442.161274][T10150] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  442.169235][T10150] RBP: 00007fc8ff5a7ba0 R08: 0000000000000001 R09: 00000010b98d2acf
[  442.177200][T10150] R10: 00007fc8ff200000 R11: 0000000000000246 R12: 00007fc8ff5a5fac
[  442.185248][T10150] R13: 00007fc8ff5a5fa0 R14: ffffffffffffffff R15: 00007ffcb98d28f0
[  442.193239][T10150]  </TASK>
[  442.196267][T10150] Modules linked in:
[  442.200685][T10150] ---[ end trace 0000000000000000 ]---
[  442.233895][T10150] RIP: 0010:skb_queue_purge_reason+0xaa/0x500
[  442.242528][T10150] Code: 89 44 24 78 42 c6 44 30 13 f3 e8 c1 9e 03 f8 48 8d bc 24 b0 00 00 00 ba 48 00 00 00 31 f6 e8 bd 9c 6a f8 4d 89 ef 49 c1 ef 03 <43> 80 3c 37 00 74 08 4c 89 ef e8 d7 99 6a f8 49 8b 45 00 4c 39 e8
[  442.300935][T10150] RSP: 0018:ffffc900115dfa20 EFLAGS: 00010202
[  442.310579][T10150] RAX: ffffc900115dfad0 RBX: 0000000000000000 RCX: 0000000000000000
[  442.343685][T10150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc900115dfb18
[  442.366389][T10150] RBP: ffffc900115dfb90 R08: ffffc900115dfb17 R09: 0000000000000000
[  442.381387][T10150] R10: ffffc900115dfad0 R11: fffff520022bbf63 R12: dffffc0000000000
[  442.424608][T10150] R13: 0000000000000008 R14: dffffc0000000000 R15: 0000000000000001
[  442.455485][T10150] FS:  00005555859e9500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  442.464465][T10150] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  442.498036][T10150] CR2: 00004000002ac030 CR3: 0000000024e70000 CR4: 00000000003526f0
[  442.548601][T10150] Kernel panic - not syncing: Fatal exception
[  442.554956][T10150] Kernel Offset: disabled
[  442.559278][T10150] Rebooting in 86400 seconds..