last executing test programs:

9.650623333s ago: executing program 3 (id=4120):
mkdir(&(0x7f0000000400)='./file0\x00', 0x84)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = syz_open_dev$evdev(&(0x7f0000000580), 0x1, 0x2800)
ioctl$EVIOCGKEYCODE(r1, 0x80084504, &(0x7f0000003000)=""/254)
open$dir(&(0x7f0000000100)='./file0/../file0/file0\x00', 0x40001, 0x80)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="240000001d00070f000200000000000007000000", @ANYRES32=r3, @ANYBLOB='\x00\x00g\x00\b\x00\b\x00', @ANYRES64=r3], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
read$FUSE(r0, &(0x7f000000e280)={0x2020, 0x0, <r4=>0x0}, 0x2020)
r5 = syz_open_dev$mouse(&(0x7f00000005c0), 0xcbf2, 0xd2001)
write$FUSE_INIT(r5, &(0x7f0000000380)={0x50, 0x0, r4, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0x50)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000400), 0x8002)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r6, 0x403c5404, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x3}, 0x0, 0x0, 'id0\x00', 'timer1\x00'})
syz_fuse_handle_req(r0, &(0x7f0000008280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5bd6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90cd585c5f1cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde9caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1b83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db10819af60599b5df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bce1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ec47716206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362370bcc98671a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4679f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76bcf2da1d01a0f258095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc0615ca342f43ca3b3d0cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f19d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865438b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72091b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e5", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0xffffffffffffffff, {0xfffffffffffffffd, 0x0, 0xffeffffffffffffa, 0x7, 0x0, 0x0, {0x0, 0x0, 0x100, 0xb}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r7, &(0x7f00000032c0)=[{&(0x7f0000000500)=@in6={0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, '\x00', 0x2c}, 0x1}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000540)="03", 0x1}], 0x1}], 0x1, 0x20000000)
r8 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_INC(r8, 0x40045701, 0x0)
sendmmsg$inet_sctp(r7, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)='a', 0x1}], 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="2c0000008400000001000000000000000c"], 0x2c}], 0x1, 0x20000040)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x80810000, &(0x7f0000000240)="abae3671a060f2772fb21cea222d83f8480a72d5fdd9fc47a8b2b5a3f61cff67c54ca094be90aedd0bd4afe6ffc9e5b502df4036d02555833bf94822ba9f04338b3e6fd9911692451c2a403bf8a0bef95eee416ce6044ea1374d3ca36d8e28cc7c1cce9990fed5b8270efb9078e235bf33e4a41c65d048c582d0d1581d7ac88953c8806ceb1c6a5cd49911a4b75b73a33b601f6cee0c3e459fa4aead5cc36e65", 0xa0, &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000480))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00', r9}, 0x10)
inotify_init1(0x800)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
io_uring_enter(r0, 0x5004, 0xc4e0, 0x1, &(0x7f0000000440)={[0x1, 0x7]}, 0x8)
r10 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x2)

8.748561755s ago: executing program 3 (id=4124):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x2c, r1, 0x1, 0x0, 0x80000004, {0x1b}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0)

8.703016367s ago: executing program 3 (id=4125):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$describe(0x6, r0, &(0x7f0000000680)=""/232, 0xe8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, 0x0, 0x8000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x844}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000500)={[&(0x7f0000000000)='.+-:\x00', &(0x7f0000000100)='security.', 0x0, &(0x7f0000000480)='+.\x00', 0x0]})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close(0xffffffffffffffff)
close(r6)

7.258384726s ago: executing program 3 (id=4133):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000003c0)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
pread64(r3, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@cgroup=r2, 0x2, 0x0, 0x0, &(0x7f0000001440)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'dummy0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40000, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8000}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_MACSEC_SCI={0xc, 0x1, 0xffffffffffffffff}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x48}}, 0x800)

6.858250636s ago: executing program 3 (id=4140):
socket$inet(0x2, 0x1, 0x100)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000005c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000c40)={'vxcan0\x00'})
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\b\x00'/20, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="d2ff030060010000009e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r5 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
tkill(r5, 0xb)
utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})

6.499471915s ago: executing program 3 (id=4143):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94)
prlimit64(0x0, 0xb, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6) (async)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000), 0x4) (async)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f0000002140)=[{{&(0x7f0000001900)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000003c0)=[{&(0x7f0000000280)="c20fac3997d916d918d456670726af231d6fbf0c4bf68e986c6b3937dcb6b84116c5480e46262e675fa8cc3cbe2299ed3e6c96d540a9d7784eb56f30", 0x3c}, {&(0x7f00000004c0)="6fb280d7a9d1161d4c8909e8281995facfe5b49d680a50b25d4d4d2ac5ab0687c8c961a4059297c12ebb9e2695c0ff51b7f0ce6aa0bc01131ca19381c90d470482b388729060365daaf8175e322a0e7c8d0066b43ea704130731460361638fef10f422346f93f9558ef756a107e02b961911049637d4bde4576416fb64e8711da500eb52df3397044879015cdf3117dec3b1c4bf4ef0f7ef1aa54f956f0bdc08a1", 0xa1}, {&(0x7f0000000580)="0d8adf8df7202be31f2a4380df036bbe14b73c364ec7d0b876222a85b286cf3d6752c0c088b40e0600f693bfcb732652707b6cb0efe131eabdb36974e9c2cba17edfdf39adfa081ff336e9", 0x4b}, {&(0x7f0000000600)="d28c4ecbcb4de31f6c3c3126ccf69b0266174eac940598ded0626ee9d425ffb4d9f298f9005d1dadac3b12419c4b600e7b238a16966d9f26c9b8d556304305f8c1514e86f828c7b57336e17a7a8ecd6b3a176f410885d4fd0cd109834c2217d55b1db81202e03381156ea7f3f0715e27c67f14b17e94b6f6cc38fdb5c9a5888be2dac7e1b086b6dc02fd1afb0a036a9cba4e9881d3c7546f93403465432fd5453441898f35e5b5b241b854cfaab5c0da8993b534306ca83ff17e4ae7b67516a87df124301a8c410a690ce84124a27a05d4883e536f2527707a8644e5196ad202929c199231fc90a0ba06c8aa59dbe6d5a3bd6436e7", 0xf5}, {&(0x7f0000000700)="9c7ca61f47dc0c32dec2539b086244b195c0dab5fddc7475dc5b13a72e6927bd0b227a674e2b82d87a8422a9c8cd43d5dd09f46d4d11e80f60128a720fda75f103144338f1bf68cfce886e80a52eda0a6001948c", 0x54}, {&(0x7f0000000780)="cb40cf9775b55f886f82b0f5041367cc39020f57191981d4896c3cfcc525bcd597ac05eece304e693d693e873dedc05713c42e8a6463dce2032191e3033d926fea2fe76d5ea3de42550298be194dc2f338075b0a9994f068e8f0", 0x5a}, {&(0x7f0000000900)="69c6e35db8c5a2c0ecdfddcd1174e2624c37b5278ec73ab948379dee4252e1d9d7c66a39ddec841d86a88398ac70ec13d83db47f9c0c5dfb38c68a3e6bdf6eb502be6bbd5471d0b096797692fc9937df881d8daa94f1ae5c26017ee2e90b888328e8a5de7eeb4d3228ff826f94b4eb1d35dcdfdf34f01250dd7d31f7768245a4ed00b15216e2d7e26a518151dbddff882d18850e62d18ef622ffbba7dcc1c8adaddb8134714d674dba5229e32953377eb7f7672c578f9b63c2997ff4acb3d6c1faae69325150bceb1fb15fa4ebdb25d1ea2470ae8a45feef2b4dfc16797b8024884dced2374f4520d20302acbcf7e81447438a303b7d6e65876a94b68ce41238a71a2d2d50779c131f68ed75bafae0999e809c3e7a70d7a4a01f61f33bb867d3d4aa5e7ba7a279b94dfe2e6a274007ab7e5f514c13a4ce35a43d848695c66cf71742da6ecd358d30c38d351d7ea044b1e5d7049fffde0005954b2bb74a5168e19549f7163e4a26dec8ce416f6034f33ef93e9123cfa21b67bf6909eb7b7cf610c0b0e2b3687244817605eeab7dbb675e0fbf0343ee2f7409dffbf23c57a487586413ee28ccc70876cfb553572483e10f8aba0d60f6c4e870affe04bea30408355b2c6c43886b36c9cde9578a16271b25ec7c87e4b773fa85b862873caee04973e2d234d1c014b80ec9a13f002abdb471e4f11d9d5ba5cfeb4fac0e62ad5084f886a10ecb00d3f324c50fda176682e825a07454303da790b594f3f159b2b6bf055673184843693f07f30a5dcb31c3f555932cbe23aa3107dd95300250fc0a44443dee4a813480037114e792871e53e0b9b90a7be1c9d8cf21212c752679cb1cae77c835bc64a19eece572193d2c2db4b4184b7086de78036f1666bd84c1420dca0463776e1054bfa20f4301b65c6890cf4d742f7fbfc66e7d480043598beb70691c7a7d57b4bee00b82568deed58f831075f1be831a7a232e774d973d63ac0609f830998b4b44f7116f326d98738f213e113a0ba0349abc1347fee0ce0d5bcb09259ece9dc68f5664d63ab4621aad69768b67e196a24e0bda0d85491bc2f36b624d66258feac3f38a3e788f37b5e5cf3befeece665b9b37b5bd450386cb3d43e3d40aa7a580f993b067f498dd35d787aa2ac622a38e42596b55f021d647b2e87ea262fff572f052d9e097dcbe47e51f8b87c81f85ffa3e68adca99d1f6b318c87d3e738cb5866ebee8a0ea12f215a65bb2f1306b02c3c453f0c466554f59400885f77c718295831516d44d1e4c4c9ed8c2a56b08b12df8a64df94c9977cc85fa71128e2fdb44df7320b7e1dc2fad09d5540211a7c35b4c47556ae0ed73f3e7019596d08fccd4059ecfcb9bdf87256ea00488953692d67abb77a791ee8156a9fe2eef4ee7413791c321935aa5d8974badbc829e1bdcd3a98365fc8760c06a205cd8a798fad5daac4da9061dd6d9ea403f51c5ac61c54d333a3884237333bbe1a2b675c3257d19165059e14d01aade66230605cee5e187a7e4c13ee3146be7e4b6a7d5e98e2b74651230d94f04c93fb24cc70c0ff5a9b42dba185effa890fcbdda62d96941f59f2c7ac9ab6c004a153562dfc28177673e91c80e27c6853e6e15fbb2f485c4a196c43394a69129718ebe994b51e9b72493035c7817094cdef090e2b7a74d7e50c16509e4c721be8ea5d8119b28d09acd5836e185f81a4978e167e141e76dd7f1dd4a1a9e870eb3a04f3f28964caf3e675d0af6f53b93d7e3a7f20ef64c0f763bded09bbfa7c2f7a51a639ed561d73ae3a82f764325c8f3549f9ddd7554580967cad451b8cecb74c9b8ab37bbf49fda92881d83c28289f4019a5adfb25b5e512604be4a2d6f5dbaac25dfc2c6573fd66f18ea5ad037fe2dd7679ef87cf2ff9b5ee6fdf5587c7514bf427f4d6d15ff53a31c3215fa956b0b33ffe5e7133954fe91d8fcd1a191427b06edf07cd94fcfcefbb91a784f19e3d8b41e5372b37a3cd9770079983747b5a9d2b6e8c8a8251ebeb8d73d799296b40594a006a8cf7b4130e629c09165f5d2fdcb20e9596f499fad688f2a12d47ea91871977e45500eb596212c172f92601b1c6f1f4d2ae2824260abb6313aef04ec4e1ce057c52012be21c3ea7211db4249e0248280c4b45144c0a434852e94fc313ac43b14e4b16391a28fb31b502e3501f8905e64f1ef870c2b64b41239cca9ac4f78a0ca30ce8c746caea816ed5f6e520119704a5f684791e137a0c035f1bf5def1146240eb2054e810e00ec1bee2addc6b513155b8b0b1ecc7f087a53e1dfdd457eef9f47f50610c53e5f69eb2c086c34e5742f47acbfab2a3bc5133555c5147626e880a6f29c654ce8121964699c2b8ea72a31697872602e612ef54ad72a5c1181c76d80ae81a33a332de97e42d1ab8d4556ecdda4cf60faf513e3d8e0559e73ea790b4c32c88b954c84f9f3be308ee33db6fa4e17d1862cd4b2e4254758f5497a851b001f6846f4076ff9d5d1802e6dccdb89a32709d9d2c4d746ea28d49f18d0b565386bf1df9582194e79e5b6babfe09c5ca00d81fe6f0ab6a4a148388e8ada084fa6d95d6efe08bedea0c0db6d5c9eb7d9608d6dcadbb9a99f1c18f34645b91b7f309b77cdddc0084c7fddb4b7030974e50970994022293d872f31b72e226652f08aafe3147697436a2322bd54970e2a175b3c84d0a35d4be32c6da60c7ddf4053e1a30b10d13efa1f4094b38fb0ac06bb470e2272d455c26cf9ac57c9f2f64622be6c681dcf055f144db75c3f1b63f114da969de556566543d403adecdf7d2b3df006f9ce02c3e1e5857a22c09561eaf5e48c0287875e570d491d920933019129adc844bb0d2d5e5b2b6cfcf2d800634dc3252e170fdb34e98c6c9585b30dd374491e684ab00c8568acd00bc25a49ca0ec4820b9f3824bc2c12f88edf2c476ee1acbec3281f8b21d637115344ed9a272322392bbe0aa439e9bdb5ad197a4cf68cf9834b9f9ec62bbb7a5e52e36ac839d03391e03872024526d16c1eff7b3e1e59966d124bcfd5448da55443afbe80cb54e001ac0e892aa98d36cccf0ccd47d85ae5d7b0e17f5b7439429acfa715ee19afbc2934ec4871ff2000ffe2a29106c0057d5c4ca380e531de5b148a2e8f160b91adc97b348cc77fb3062d9491be0af34909e0a76313b5b0406fec6fe2c253ac72dabfb22409c7e7174b5a8ea8f78df291e880f14f6f9977cb66e53920b05d330a921028631c2c22992245c91e849f7de3ec44d8684a2dc4b32c6e0812cb09faa119187f533fd3f05e59027e7fbcd35506319d0da0dbcd1eafea4377721ce341acf98e34e00cd27f472d9006accf62b527428a802fb56a9e1fcb3de41ae645c699a4035d1e54660d15e44eed7bb4203d724c256185ba9b40cf0c8826dee0178ace67286b71468689e5c5edd2ce89c6c0722e3d60aa0737f95a4e022a2b9b751138e853928cab28fa805235d11550216d5a4b33f702bc40be7f0dc5a6f5ac05fbd976069c7edcbe6c61100242bc84d216864180ede1cbd031a2d5c3823bafd8225e858ec15ab06fa8ecbe05e8edb212a78e15d5c08362f3e727bbfeda4f450e3949901af3d59532067177beaf2c27067ff1670a3de7787b4070407e84e47285a4588a7a2a3ebebf61a8b6da4ae79ff647fab812d6822711c975c88bd303d1a7c939923424950f32ca67bd8c5caa73ae0cff654e39321d5b3daab41a92dead22b0784c60a18ffafa542a7c60b3a718b9ba0fa80c4e1d2ad9deb9f5e01147c57e3f01f457b4a9aa76b753b79b6753164ef9377d2a508b0c786cb0f72922c068a0f9e2ab59fb7b4e4121b71feb2ba46881f20abc23e33142d6e464deb5194bed9a0190ec3b6c790501778fdb1cb52223ba5f824688426c54214c11c563b2013d5036f697fd9f671c755d787fa4c04f7378330836367040b62498eb778dad0ecbdbb263b74ac218f56223e827ae916b561513a695ecbe74bad7105185f1ed2e3232a82dbad23ebabef82e569de51032ff75debe4931ed4de46f0fc18526bd1d3b4c6912aa6a36d05a0e3904d04724ca81c439a1ba9383943e86fe314ce6bd0cf7b6b8af1f9db1556e3fe45fe07d39177e2b169ccd24d8fbadcfad708884838ea1136ad318276f8de11b2827bc646fde1b1a84709f02088076c916a1a72f0d743667fbf2c5b21a5d5d7bbf8a410dc5f2331dd83c7d2b79b0e5ec50fce4f3f611fa2f1ba61e194237975fecc8b3cc20dd6c1b0c4db65db1270455c0841801eba539be78b6aaa20998e2de1711ffa8224bc7fdc26534089796af15df9b7a99c05bc484b11b5bd8c31b69a0a4eb2148930d2029260d97be5d7e69b3d131adde944d6141fe89bd325b9b3317482063d8ae720048c8e9bea8c40a8af09af41a1010b01b11c4644d0a9cadad8d5bbdd77e047f2fe2da8ef87aeda9d43135e4f3aa9679d8cb0dc9bcbe6918c644f875ffec12d41377a82fa94d7529c0bea034de7561ab9d22839116f75387ab1f68644ad37c2374e90e12e5eea986afaa90f0b38f783175e45426b4c39717c34120d42df3c97122435761310ef437a88b1663a4d3ec7314e39614ad1eab74ab3a06dd5da89b1edbb42ec3b26c266d016609e2b8d503f65bab2cf0957b075badcba9781f7f5501e432f5f5e10b2d06015f9f1e3b22788afcc1e07dbf2f83e5e7d0ccef86a64e28ddc69f7d3f3f0a15e25e0583904a94709731ca12390437527fd133ac4e52f0b7f7c0c43511ff9ebfbc7f391d8415d9ebc2374f50e74e1fd08fd8690aa8da6f94384e19faaabd5b42c23678c33b847cc05ae24691c9ca93e30c08195d839515ec8eec71a3b67b2313ffd6968e67dd1a5506bba562f1e7f83411ff054e19eeb851117bd0ccc3043547f6aae0fd8b07e0b76fee0bb87d2ccef394d8af6147d85a0a05bf960eba3857d59ec1726dcadb00c127dae266fee25452779ceb06e0ddfb5a9e2b806349761a594458aa9f51e1274c22368736fb11ea0778399db65718a32f00e01bcc02ae0b8e14b46d50971ce38b69e025bba80b588a81c0e9d01bf114aba8c4fe6d9938d069c238cda1d37cb83847f96cad8681769165df16c94fc117f09b937f706fea3b3bb840554bbe39f83a7670877ed71b98819dc38128b5b66191e9849c73697ee4bee65f63d3a469362418e96975c36dd8c4e377219a1bde81acf970ffee501738fd96dd39b72c17d2872e7d662ed61216563b48070a57164f2aadcfa5540bc5f28324bcf31f6e3aaec362e5d02dd76fa1d2d54268b86b8f87109a4a6d04236ac69334dacda30bde4222c5137952bd13511e1a97376259ddbf2448dffa9ba4740c250127c1c98c4289988d21cc975a9d0dc578acbcf572ce04ac3530496d25a4a889b2093a4145cf4a29035506c08f99b5cecf45989b54509e05dec14156ca9c32f115a8249eb3f874399f4ee9ab8c44bd8b93d9062b5a7e9b83ec76cd1f09acee88077fb1cf9e43c773abb89414eb7745d90761b874cb033bec6d6c66687a0411a9d12cd1bc5b2e415e53ca025ba2ed54dc9fa34eea89e29203fab866a8b4cd83cb12f8fac1d4a05f18deb38328e28779b8ceda89881a1cdfda47f2a2882e64c1d2d564559b2020f20161fd208ca22b96725b8db79bf9ddced7018cd07adb22a264194e15a43ce85fd202e0dc36ceb74dd2ab4e28414821bad10f36b72fdde03750f4b1259f3f7432c5dfee42fc73aca82e241675eba834939b045dee9f9b9fe50470599a480d6385649a30e8b689e4a84d62617a72299fd95fd8a963c108d", 0x1000}], 0x7, &(0x7f0000001980)=[@cred={{0x18}}, @rights={{0x1c, 0x1, 0x1, [r1, r1, r0, r3]}}, @rights={{0x2c, 0x1, 0x1, [r3, 0xffffffffffffffff, r4, r0, r4, r4, 0xffffffffffffffff, r3]}}, @cred={{0x18, 0x1, 0x2, {r2}}}, @cred={{0x18, 0x1, 0x2, {r2}}}], 0x90}}, {{0x0, 0x0, &(0x7f0000002040)=[{&(0x7f0000001dc0)="16bf52001e7c06b02a3e8b3f795eb3ad82172ce85595302cf2c5e07b4d4afd50554692aa8e94e75558d41e4466298fbbb7cb58e9ed09585425eb2662fdcdb1725d41656f80670d47bb5ff4d72ba56d91205c794841fbef7451c115087dd18201486406bb2ae6351fc20e459f589ebb7a40d3135796aa5eb4cdcb44543ffd25fca3b47e637d02421b70cc03f5c269ea143eb36012df00df3d0d35cd97d667ffbe66be8227a763d5a88044078a5b4a0260006a02fb46d671dd9e2aaa6d3a44b8f59b0f621996938fd0db3e0320efaf01b88af9102b61750ca766faa18b366695bf9508e5a604ca350731f7a68f6ca93b1a8e14afe0eb4b", 0xf6}, {&(0x7f0000001ec0)="b8db550d77c8812d83982d026a5984a138760637a3010b9eb5e9733fc903713b7716c7f0a9ee5fcbcc1c1e7640ce63bb1a3c7c083af395d1f6148f4e0dbf0fd73f203b71bc6ee86dbada79ff0cdc601e47a58e88b6a92a32fa1e52e0993515f56e8a1a18bf86c8d5eee276696f08b2e03d36f23231b30615ca80b4cb1e51a8", 0x7f}, {&(0x7f0000001f40)="bbaea3b0156e38163fb5958e8d7c0896c7", 0x11}, {&(0x7f0000001f80)="84b726feb814c3e12b152aca533cc7038e9514ebb75b830e6ba6ac80516dfc7ea7e000bb182531f912b90ebbfcd35f65389866bd1f5a52e9f5e130199516194fa94c6604933fe78eb103f4a9e23e349688395215bd0708b0e82b7635e7f750b8f64d1a1f", 0x64}, {&(0x7f0000002000)="427f736067fc3843f46013a8fd993cb37dacfabce1c68cb927975c048138ce388dd33de96ee8778c79533112d79713153f6243de2d056093451208fa972bc9", 0x3f}], 0x5, &(0x7f0000002080)=[@cred={{0x18, 0x1, 0x2, {r2}}}, @rights={{0xc}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, r4, r4, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, r1]}}, @cred={{0x18, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @cred={{0x18}}], 0x98, 0x44048000}}], 0x2, 0x0) (async)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
read$FUSE(r5, &(0x7f0000009780)={0x2020, 0x0, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000400)=ANY=[@ANYBLOB="b0000000daffffff", @ANYRES64=0x3, @ANYBLOB="040000000000000000000000000000000000000000000080040000000000000000000000ff000000010000000000f900060000000000000005000000000000009c00000000000000f1525842000000007e0012000000000000000000070000006e04000000800000508c0000", @ANYRES32=r6, @ANYRESOCT=r6, @ANYBLOB], 0xb0)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f00000000c0)={0x0, 0x80600}) (async)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10) (async)
setsockopt$SO_BINDTODEVICE_wg(r7, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4) (async)
r8 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r9 = dup(r8) (async)
syz_emit_ethernet(0x17, &(0x7f0000000300)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x27}, @multicast, @void, {@llc={0x4, {@snap={0xab, 0x2, "6ef6", "0bccdb", 0x6000}}}}}, 0x0) (async)
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r10, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r11=>0x0})
sendto$packet(r10, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r11, 0x1, 0x0, 0x6, @link_local}, 0x14) (async)
write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffd74)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r9}, 0x4)

5.187948428s ago: executing program 1 (id=4152):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0xf6c447fee59251f4})
close(r1) (fail_nth: 1)

5.040655019s ago: executing program 1 (id=4153):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r3 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0xf6c447fee59251f4})
close(r3)

4.96063891s ago: executing program 1 (id=4154):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000080), r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x14)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e20, 0x80000000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xf}, 0x1c)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r7 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580)='X', 0x1, 0xfffffffffffffffe)
r8 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r7, r8, r6}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={'sha1-generic\x00'}})

4.960179334s ago: executing program 2 (id=4155):
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
add_key(&(0x7f0000000040)='pkcs7_test\x00', 0x0, &(0x7f00000000c0)="100c060863e57fb9b242fa6a73", 0xd, 0xfffffffffffffffe)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=@newtaction={0x88c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x9, 0xa, 0x1000008, 0xfff, 0x8001, 0x0, 0x4, 0x3, 0x4a82, 0x5, 0x100, 0xd, 0x4, 0x9, 0x4, 0x5, 0x1, 0xf17a, 0x6, 0x800080, 0x9, 0x80000001, 0x6e1e28f3, 0x9, 0x101, 0x9, 0x80, 0xad, 0x1, 0x0, 0x80, 0x0, 0x8, 0xfffffffc, 0x171d, 0x40, 0x2, 0x464, 0x40, 0x0, 0x4, 0x2, 0xa0000, 0x5, 0x8, 0x3, 0xffffff96, 0x7, 0x5, 0x8, 0x6, 0x9c4, 0x100, 0x3, 0x9, 0x7, 0x4ba, 0x8001, 0xd, 0x0, 0x8, 0x4, 0x16d, 0xbb, 0xfffffff5, 0x9, 0x1, 0xacf, 0xa, 0x3, 0x8001, 0x6, 0x2, 0xda9, 0x6, 0xf, 0x9e05, 0x2d1, 0x80000001, 0x5, 0xfff, 0x600, 0x3, 0x0, 0xc76, 0xe2, 0x9, 0xfffffff9, 0x0, 0x0, 0x6, 0x9, 0x5, 0xdbff, 0x5, 0x10, 0x7, 0xe7, 0xfffffffb, 0x8, 0x941e, 0x9, 0x0, 0x5, 0x9, 0x3, 0x3, 0x4, 0x3, 0xfffffff9, 0x10000, 0x0, 0x2, 0x80000000, 0x8001, 0xa, 0x52, 0x7b03, 0x6, 0xec00, 0xfffffffb, 0x5, 0x0, 0xb91470fb, 0x3, 0x3, 0x4, 0xa, 0x6d, 0x2, 0x3, 0x8, 0x8, 0x24, 0xfffffff7, 0x6, 0x9, 0x2, 0x6, 0x0, 0xeaf, 0x75a0, 0x8, 0x5, 0x268, 0x200, 0x1, 0x400, 0x167, 0x9, 0x7, 0x8, 0xf, 0xdf, 0x1, 0xb, 0xa4, 0x5, 0xc6, 0x5b0, 0x9, 0x8, 0x2, 0x4, 0x1ee, 0x8, 0x1, 0xf725, 0x6, 0x6bc, 0x5, 0x1, 0x0, 0x1baac88f, 0x5, 0x400, 0x5, 0xff, 0x3, 0x1ff, 0x4, 0xceb, 0x3, 0xff, 0x5, 0xdc, 0x9, 0xfffffff0, 0x0, 0x800, 0x6, 0x8eb, 0xfffffffc, 0x8, 0x36919bdd, 0x5, 0x2, 0x8, 0x5, 0x81, 0x892c, 0x3, 0x2, 0x7ff, 0xef83, 0x4, 0x80, 0xffff, 0xda, 0x0, 0x5, 0xa, 0x80000000, 0x93c, 0x0, 0xa, 0x0, 0x7, 0x7, 0x8, 0x100, 0x3, 0xfaa6, 0x1, 0x1, 0x5, 0x6, 0x1, 0x0, 0x0, 0x8, 0x7f, 0x9710, 0x6, 0x81, 0x2, 0x6, 0x401, 0x9, 0x7, 0x80000000, 0x5, 0x3, 0x6, 0x7ff00000, 0x401, 0xd3d, 0x3, 0x5, 0x203, 0xe, 0x7, 0x3, 0x9, 0x9, 0x2]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x10001, 0x59e9, 0x5, 0x1ffe, 0x7f, 0x1, 0x1000, 0xffffffff, 0x7, 0x1c00, 0x4, 0x6, 0x16c800, 0xf, 0x1, 0x81, 0xff, 0x9, 0xf760, 0x6, 0x2, 0x4, 0x0, 0x101, 0x7, 0x3f, 0x1, 0x655, 0x8c5f, 0x6, 0x7, 0x1, 0xb, 0x7077, 0x10, 0x0, 0x0, 0xffff, 0x200, 0x63a08ec6, 0x800, 0xa373762, 0x9, 0x6, 0x9, 0xffff2cbd, 0x6, 0x6, 0x4, 0xfffffffb, 0x7, 0x8, 0x1, 0xffff, 0x8, 0x7, 0x5, 0x5, 0x5a, 0x1, 0x0, 0x1, 0x3, 0x6, 0x3, 0x5, 0x597, 0x1, 0x1, 0x2, 0x8, 0x0, 0x8, 0x100, 0x6, 0xfffffff7, 0xa, 0x6, 0x401, 0x3, 0x0, 0x5, 0x5, 0x7ff, 0x1, 0x7, 0x2, 0x3ac, 0x3, 0x0, 0xe559, 0x4, 0x7fffffff, 0x39, 0x125e, 0x6, 0x1, 0xc5d5, 0x7, 0x0, 0x1, 0x0, 0x200, 0x8, 0xb5, 0x8001, 0x7, 0x4, 0x3, 0x2, 0xc48, 0x0, 0xe, 0x5, 0x800, 0x4c18575, 0xe, 0x2, 0x78000, 0x1000, 0x2e, 0x3, 0x6, 0x0, 0x88, 0x401, 0x8, 0xa, 0x94f, 0x3, 0xcf0, 0x22, 0x3, 0x0, 0x9, 0x27a, 0x10, 0x40, 0x3, 0x3, 0x9, 0x7, 0xe, 0x7fffffff, 0x8, 0x2e, 0x10000, 0x5, 0x8, 0xc0000000, 0x8, 0x8, 0xa8, 0xf, 0x4040, 0xfffffffb, 0x3, 0xc14, 0x6, 0xfffffffb, 0x1, 0x0, 0x9, 0x2, 0x8, 0x3, 0x1, 0xb, 0x4, 0x6, 0x3, 0x9, 0x2, 0xfffffe01, 0xa22, 0x7, 0xfffc, 0x6, 0x5c5e, 0x7, 0x4, 0x8, 0x5, 0x5, 0x9, 0x6, 0x5, 0x6, 0x2, 0x5, 0x0, 0x64, 0xb, 0x2, 0x3, 0x5, 0x42a1d4b5, 0x6, 0x4, 0x4, 0x5, 0x6, 0x834f, 0x4, 0x80000000, 0x5, 0x2, 0x101, 0x0, 0xfffffffe, 0xb, 0x8001, 0x8000, 0xfffffffd, 0x6, 0x80000001, 0x7a39f194, 0xcf, 0x5e249f10, 0x6, 0x1, 0x5e1b, 0x6, 0x3, 0x3, 0x8, 0x4, 0x6, 0x4cb, 0x3, 0xf0, 0xfffffffd, 0x0, 0x1, 0x8, 0x7, 0x6, 0x2, 0x4, 0xd56, 0xd, 0x275b, 0x9, 0x3ff, 0xfffff292, 0x3, 0x3, 0xffffff80, 0xf, 0xd9, 0x7a, 0x6, 0x7, 0x6, 0x1]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x10000000, 0xaf9, 0x60, 0x2, {0x6, 0x1, 0x4, 0xffff, 0xa, 0x9}, {0x7, 0x2, 0x3ff, 0x7ff, 0x7c, 0x3}, 0x890a, 0xb8, 0x6}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000440), 0x18, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x17, &(0x7f0000000000)={&(0x7f0000000100)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x25dfdbfb, {0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x24}}, 0x40)
sendmsg$IPSET_CMD_SAVE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000080601020000000000000000000000000500010007000000c6571bf2e7186ac883c237f47d4c44bc733dc30d8c5237d3f20b3f0cca634156a791193eb68a6285bd8feab5bed2ced12b3a993320e79e8b951a6af69dbbe867a3f24acd973eec476cc759e333efb1910bcd1f49f38ff1e3c1a786683bf3deb61e7b2e981d66dfa13fd20597a7775b1e561d576527b763126d05bf1efa0d4fd123b15146ff9f9e62d8e9cc8a0c6daa87fa035f6b7e66e9f84c1127c6cd52e97293d317a6c332e4b7ef51183a732749034e6b5ec426dd8aaf6d3be1e3aaefa19b1f12c95520abf8e2992ff90a132ae97c886605b4ea261d2b167ca52f34fb46d8955264f00334647d4420ffb6cfdc0e90b547c6dd2f57bc70c3ac68520a7ef7f0dcfe0567bc1e7b3c828976d450168179c0499bef21800034acaa9129c326dd917ac49a906f3432f64c87455575d85adeb108e44cf3af65ac24f0725d3f"], 0x1c}}, 0x0)
r1 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a45320, &(0x7f00000000c0)={{0x80, 0xf7}, 'port1\x00', 0x3ab, 0x2062f, 0x3, 0x7, 0x0, 0xc, 0x3fc, 0x0, 0x7, 0xfd})
openat$sequencer(0xffffff9c, &(0x7f0000000000), 0x2, 0x21)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x48, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, r2, 0x800, 0x55007}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x2}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x1}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0)

4.960026267s ago: executing program 0 (id=4156):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x22)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x7c}}, 0x40480d4)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000100001000000001d000000000000000a40000000060a0b060000000000000000020000001400048010000180090001006d617371000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x68}}, 0x4080)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

4.060520092s ago: executing program 0 (id=4157):
r0 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$describe(0x6, r0, &(0x7f0000000680)=""/232, 0xe8)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
socket$kcm(0x21, 0x2, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x844}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x80082, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000500)={[&(0x7f0000000000)='.+-:\x00', &(0x7f0000000540)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x13\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\\h\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc\xdc\n\x88\xfc\xcci\xc1\xe8\xf8\x1e6&\bE\x8f\x9b\xc6\x8d0\xa7 -\xecC8O*7\xfa&\xf9\aC\xab\x03g\x06<Z\x16\x94\x9a\xe6\x8d\x10Y-\xf9\xd1\x8a\x8e\xc8\x0f\x89<O>\xda\x8c)\xae\xe3\x16\x9dz\x87\xd6OZX\xa4\xee\xa7\xebe\x14Qp\x96\x00\xd0VK\xe2$i\xd4\xcb-\xd4\x82w\x13\x98\xfcW\x9d\xff\xed\xd4\x14;]\xf8\xccS\xddl\x96v\x97\x988\xa7sQ\x1aN\xbdU.\x89\\\xfa\xc2\xcd\xde', &(0x7f0000000100)='security.', 0x0, &(0x7f0000000480)='+.\x00', 0x0]})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)

2.127272701s ago: executing program 1 (id=4158):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)={0x14, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}]}, 0x14}], 0x1}, 0x300)

2.12363592s ago: executing program 2 (id=4159):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
syz_open_dev$vim2m(0x0, 0x3, 0x2)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x801}, 0x48050)
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x4, 0x7fff0006}]})
keyctl$dh_compute(0x17, &(0x7f0000000000)={r3, r3, r3}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha1-ssse3\x00'}})

2.063105578s ago: executing program 0 (id=4160):
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x46041, 0x0) (async)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000), 0x10) (async, rerun: 64)
setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000040), 0x4) (rerun: 64)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
setfsuid(0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) (async)
openat$misdntimer(0xffffff9c, 0x0, 0x143, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) (async, rerun: 32)
bpf$MAP_CREATE(0x0, 0x0, 0x50) (async, rerun: 32)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3, 0x0, 0x9}, 0x18) (async, rerun: 64)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) (rerun: 64)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
pselect6(0x40, &(0x7f00000001c0)={0x4, 0x0, 0x20000000000, 0x0, 0x100, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x23, 0x9, 0x86, 0xfffffffffffffffe, 0x80000002}, 0x0, 0x0) (async)
close_range(r0, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2c, &(0x7f00000006c0)={0x1, {{0xa, 0x4e24, 0x6, @mcast2, 0x4}}, {{0xa, 0x4e24, 0x9, @private2, 0x9}}}, 0x104)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, 0x0, 0x4000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) (async)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
socket$inet6_udplite(0xa, 0x2, 0x88)

2.060606054s ago: executing program 1 (id=4161):
r0 = creat(0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x4239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0xfa, 0x0, r0}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, 0x0)
io_uring_enter(r4, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
r8 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r8, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0xfffffffd}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x2, 0x2}, 0x10)
sendmsg$tipc(r7, &(0x7f0000002340)={0x0, 0x0, 0x0}, 0x1000000)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0xd, 0x6, 0x401, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x40000)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r10}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000003900)={0x0, 0x0, &(0x7f00000038c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010007bd7000fddbdf2555000000080001006400000008000300", @ANYRES32=0x0, @ANYBLOB="0c0099000b000000438000ef3c1134c1257b4d367ad22455b72697107b4ca5b8f77ac9028362d706c6e34be444762f0cfd368f6623ac7391b1882e8b21a28d930c8f7c35403cc37dcbdc55266ac468e3274b0b14538c68b1da856a775dc78083d98681d8797cd93970ff1a4eb92aa68c330d0b15f807c79b47b518bba2e4117f78a24113015805facb366d781cf3cc7ca766355514f5e30e540fcca3d30df05c3b299ef06d0ff705b34852a59667470e6322646b43700ce4fbcb58710a4993c23c68ae638d08e3b4d308bcad5e32cd4eddbd6806cb215fd3adaddcd55562ef533cb68ceab37f6f59dde9d8dd5dde4a378e098e059de590ea541541b78c9319d5d4639f157b1f7bcf5e7b9f15c0ade4b79891fd662fda4e71222e5a3208cd04906f934b9875c410e3e533990de5ceadec478e563b5f693ea37266"], 0x30}, 0x1, 0x0, 0x0, 0x40000a0}, 0x810)
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000000))
unshare(0x20000600)
socket$kcm(0x29, 0x2, 0x0)
r12 = syz_open_procfs(0x0, &(0x7f0000000240)='net/kcm\x00')
socket$nl_audit(0x10, 0x3, 0x9)
preadv(r12, &(0x7f0000000700)=[{&(0x7f0000000280)=""/124, 0x7c}], 0x1, 0x181, 0x0)

2.056956637s ago: executing program 0 (id=4162):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000002100)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x181200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$evdev(0x0, 0x0, 0x60000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="0815000000051104000000000000000001000005540201"], 0x1508}, 0x1, 0x0, 0x0, 0x24000080}, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
io_setup(0x6, &(0x7f0000001380)=<r5=>0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
socket$nl_generic(0x10, 0x3, 0x10)
io_submit(r5, 0x2, &(0x7f0000001140)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0])
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r8 = userfaultfd(0x801)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_WRITEPROTECT(r8, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f00000004c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x60}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9, 0x0, 0x0, 0x1ff}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8, 0x20}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x7, 0x0}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.160610429s ago: executing program 2 (id=4163):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1.007034701s ago: executing program 1 (id=4164):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x0, 0x97, 0x6, 0x7, 0x0, 0x5, 0xffff8a09, 0xfffffffd, 0x61}}}}]}, 0x58}}, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = userfaultfd(0x801)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x80})
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r7, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
r8 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TCSETS(r8, 0x5402, &(0x7f0000000380)={0x7, 0x7, 0x9, 0xc5, 0xf, "2b58a5cbe36309988ba2f9882afb3ab5053ca3"})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
r10 = syz_open_procfs(0x0, &(0x7f0000000140)='cgroup\x00')
pread64(r10, &(0x7f00000001c0)=""/36, 0x24, 0x200)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newtfilter={0x4c, 0x2c, 0xd2b, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0xb, 0xe}, {}, {0xe}}, [@filter_kind_options=@f_u32={{0x8}, {0x20, 0x2, [@TCA_U32_SEL={0x14, 0x5, {0x7, 0x6, 0x0, 0x9, 0x401, 0x1000, 0x8a0, 0xd5}}, @TCA_U32_CLASSID={0x8, 0x1, {0x6, 0xa}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x2, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="1802615fbf5ee6a86b1df93b97eef70000fcffffff0000000000000002850000005b000008c4aa3000f1ffffff0800000000000000"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40002, @void, @value}, 0x94)
r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r12 = openat$vimc2(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_usb_connect(0x5, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb2361000000010902"], 0x0)
r13 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$sock_inet6_tcp_SIOCINQ(r13, 0x541b, 0x0)
ioctl$VIDIOC_ENCODER_CMD(r12, 0xc028564d, &(0x7f0000000100)={0x0, 0x0, [0x2, 0x5, 0x3, 0x3, 0x3, 0x81, 0x2, 0x2]})
r14 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r14, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000e30500000000c9128745072c3ccd00000200000000000000"])
connect$phonet_pipe(r2, &(0x7f0000000340)={0x23, 0x9, 0x3, 0x2}, 0x10)

852.383716ms ago: executing program 0 (id=4165):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x22)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x7c}}, 0x40480d4)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000100001000000001d000000000000000a40000000060a0b060000000000000000020000001400048010000180090001006d617371000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x68}}, 0x4080)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

230.279601ms ago: executing program 2 (id=4166):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
getsockopt$sock_timeval(r0, 0x1, 0x43, 0x0, &(0x7f00000000c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000480)=ANY=[@ANYRES16, @ANYRES32, @ANYRES64, @ANYRES32, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x8, 0xaf, &(0x7f0000000140)=""/175, 0x82200, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8a, 0x200008b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) (async)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) (async)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, 0x0, 0x20048041) (async)
recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@xdp, 0x80, &(0x7f0000000600)=[{&(0x7f0000000300)=""/3, 0x3}, {&(0x7f0000000540)=""/110, 0x6e}, {&(0x7f0000000780)=""/204, 0xcc}, {&(0x7f00000005c0)=""/9, 0x9}, {&(0x7f0000000880)=""/230, 0xe6}], 0x5}, 0x5}, {{&(0x7f0000000c80)=@caif=@rfm, 0x80, &(0x7f0000000700)=[{&(0x7f0000000980)=""/246, 0xf6}, {&(0x7f0000000a80)=""/88, 0x58}, {&(0x7f0000000b00)=""/254, 0xfe}, {&(0x7f0000000c00)=""/85, 0x55}, {&(0x7f0000000f40)=""/4096, 0x1000}, {&(0x7f0000003880)=""/232, 0xe8}, {&(0x7f0000000d80)=""/88, 0x58}], 0x7, &(0x7f0000000e00)=""/100, 0x64}, 0x5}, {{&(0x7f0000000e80)=@l2tp={0x2, 0x0, @initdev}, 0x80, &(0x7f0000002040)=[{&(0x7f0000001f40)=""/190, 0xbe}, {&(0x7f0000002000)=""/42, 0x2a}], 0x2, &(0x7f0000002080)=""/53, 0x35}, 0x5}, {{&(0x7f00000020c0)=@phonet, 0x80, &(0x7f0000002180)=[{&(0x7f0000002240)=""/189, 0xbd}, {&(0x7f0000002300)=""/177, 0xb1}, {&(0x7f0000002140)=""/3, 0x3}, {&(0x7f00000023c0)=""/67, 0x43}, {&(0x7f0000002440)=""/179, 0xb3}], 0x5, &(0x7f0000002500)=""/4096, 0x1000}, 0x8}, {{&(0x7f0000003500)=@alg, 0x80, &(0x7f0000003700)=[{&(0x7f0000003580)=""/136, 0x88}, {&(0x7f0000003640)=""/164, 0xa4}], 0x2, &(0x7f0000003740)=""/76, 0x4c}, 0xa}], 0x5, 0x2, 0x0) (async)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) (async)
syz_init_net_socket$rose(0xb, 0x5, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="28000000120001002bbd7000ffdbdf25001f0000", @ANYRES32=0x0, @ANYBLOB="c0e200000020000008001c00", @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x40014}, 0x40)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7b, 0x0, &(0x7f0000000040)=0x700)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) (async)
mkdir(&(0x7f00000002c0)='./bus\x00', 0xa)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async)
chdir(&(0x7f0000000140)='./bus\x00') (async)
rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00') (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) (async)
mknod(&(0x7f0000000100)='./file1/file3\x00', 0xc000, 0x7) (async)
renameat2(0xffffffffffffff9c, &(0x7f0000002200)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000021c0)='./file1/file3\x00', 0x2)

60.521523ms ago: executing program 2 (id=4167):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0xfffffffd)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f1ff0000000071300000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe040400007203200000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffff20, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000001000), 0x581, 0x40000000, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f00000002c0)={0x3, 0x10, 0x2, 0xff, 0x5a, 0x0, 0x1, 0x0, 0x5, 0x8, 0x0, 0x0, 0x22, 0x20}, 0xe)

231.419µs ago: executing program 0 (id=4168):
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
add_key(&(0x7f0000000040)='pkcs7_test\x00', 0x0, &(0x7f00000000c0)="100c060863e57fb9b242fa6a73", 0xd, 0xfffffffffffffffe)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=@newtaction={0x88c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x9, 0xa, 0x1000008, 0xfff, 0x8001, 0x0, 0x4, 0x3, 0x4a82, 0x5, 0x100, 0xd, 0x4, 0x9, 0x4, 0x5, 0x1, 0xf17a, 0x6, 0x800080, 0x9, 0x80000001, 0x6e1e28f3, 0x9, 0x101, 0x9, 0x80, 0xad, 0x1, 0x0, 0x80, 0x0, 0x8, 0xfffffffc, 0x171d, 0x40, 0x2, 0x464, 0x40, 0x0, 0x4, 0x2, 0xa0000, 0x5, 0x8, 0x3, 0xffffff96, 0x7, 0x5, 0x8, 0x6, 0x9c4, 0x100, 0x3, 0x9, 0x7, 0x4ba, 0x8001, 0xd, 0x0, 0x8, 0x4, 0x16d, 0xbb, 0xfffffff5, 0x9, 0x1, 0xacf, 0xa, 0x3, 0x8001, 0x6, 0x2, 0xda9, 0x6, 0xf, 0x9e05, 0x2d1, 0x80000001, 0x5, 0xfff, 0x600, 0x3, 0x0, 0xc76, 0xe2, 0x9, 0xfffffff9, 0x0, 0x0, 0x6, 0x9, 0x5, 0xdbff, 0x5, 0x10, 0x7, 0xe7, 0xfffffffb, 0x8, 0x941e, 0x9, 0x0, 0x5, 0x9, 0x3, 0x3, 0x4, 0x3, 0xfffffff9, 0x10000, 0x0, 0x2, 0x80000000, 0x8001, 0xa, 0x52, 0x7b03, 0x6, 0xec00, 0xfffffffb, 0x5, 0x0, 0xb91470fb, 0x3, 0x3, 0x4, 0xa, 0x6d, 0x2, 0x3, 0x8, 0x8, 0x24, 0xfffffff7, 0x6, 0x9, 0x2, 0x6, 0x0, 0xeaf, 0x75a0, 0x8, 0x5, 0x268, 0x200, 0x1, 0x400, 0x167, 0x9, 0x7, 0x8, 0xf, 0xdf, 0x1, 0xb, 0xa4, 0x5, 0xc6, 0x5b0, 0x9, 0x8, 0x2, 0x4, 0x1ee, 0x8, 0x1, 0xf725, 0x6, 0x6bc, 0x5, 0x1, 0x0, 0x1baac88f, 0x5, 0x400, 0x5, 0xff, 0x3, 0x1ff, 0x4, 0xceb, 0x3, 0xff, 0x5, 0xdc, 0x9, 0xfffffff0, 0x0, 0x800, 0x6, 0x8eb, 0xfffffffc, 0x8, 0x36919bdd, 0x5, 0x2, 0x8, 0x5, 0x81, 0x892c, 0x3, 0x2, 0x7ff, 0xef83, 0x4, 0x80, 0xffff, 0xda, 0x0, 0x5, 0xa, 0x80000000, 0x93c, 0x0, 0xa, 0x0, 0x7, 0x7, 0x8, 0x100, 0x3, 0xfaa6, 0x1, 0x1, 0x5, 0x6, 0x1, 0x0, 0x0, 0x8, 0x7f, 0x9710, 0x6, 0x81, 0x2, 0x6, 0x401, 0x9, 0x7, 0x80000000, 0x5, 0x3, 0x6, 0x7ff00000, 0x401, 0xd3d, 0x3, 0x5, 0x203, 0xe, 0x7, 0x3, 0x9, 0x9, 0x2]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x10001, 0x59e9, 0x5, 0x1ffe, 0x7f, 0x1, 0x1000, 0xffffffff, 0x7, 0x1c00, 0x4, 0x6, 0x16c800, 0xf, 0x1, 0x81, 0xff, 0x9, 0xf760, 0x6, 0x2, 0x4, 0x0, 0x101, 0x7, 0x3f, 0x1, 0x655, 0x8c5f, 0x6, 0x7, 0x1, 0xb, 0x7077, 0x10, 0x0, 0x0, 0xffff, 0x200, 0x63a08ec6, 0x800, 0xa373762, 0x9, 0x6, 0x9, 0xffff2cbd, 0x6, 0x6, 0x4, 0xfffffffb, 0x7, 0x8, 0x1, 0xffff, 0x8, 0x7, 0x5, 0x5, 0x5a, 0x1, 0x0, 0x1, 0x3, 0x6, 0x3, 0x5, 0x597, 0x1, 0x1, 0x2, 0x8, 0x0, 0x8, 0x100, 0x6, 0xfffffff7, 0xa, 0x6, 0x401, 0x3, 0x0, 0x5, 0x5, 0x7ff, 0x1, 0x7, 0x2, 0x3ac, 0x3, 0x0, 0xe559, 0x4, 0x7fffffff, 0x39, 0x125e, 0x6, 0x1, 0xc5d5, 0x7, 0x0, 0x1, 0x0, 0x200, 0x8, 0xb5, 0x8001, 0x7, 0x4, 0x3, 0x2, 0xc48, 0x0, 0xe, 0x5, 0x800, 0x4c18575, 0xe, 0x2, 0x78000, 0x1000, 0x2e, 0x3, 0x6, 0x0, 0x88, 0x401, 0x8, 0xa, 0x94f, 0x3, 0xcf0, 0x22, 0x3, 0x0, 0x9, 0x27a, 0x10, 0x40, 0x3, 0x3, 0x9, 0x7, 0xe, 0x7fffffff, 0x8, 0x2e, 0x10000, 0x5, 0x8, 0xc0000000, 0x8, 0x8, 0xa8, 0xf, 0x4040, 0xfffffffb, 0x3, 0xc14, 0x6, 0xfffffffb, 0x1, 0x0, 0x9, 0x2, 0x8, 0x3, 0x1, 0xb, 0x4, 0x6, 0x3, 0x9, 0x2, 0xfffffe01, 0xa22, 0x7, 0xfffc, 0x6, 0x5c5e, 0x7, 0x4, 0x8, 0x5, 0x5, 0x9, 0x6, 0x5, 0x6, 0x2, 0x5, 0x0, 0x64, 0xb, 0x2, 0x3, 0x5, 0x42a1d4b5, 0x6, 0x4, 0x4, 0x5, 0x6, 0x834f, 0x4, 0x80000000, 0x5, 0x2, 0x101, 0x0, 0xfffffffe, 0xb, 0x8001, 0x8000, 0xfffffffd, 0x6, 0x80000001, 0x7a39f194, 0xcf, 0x5e249f10, 0x6, 0x1, 0x5e1b, 0x6, 0x3, 0x3, 0x8, 0x4, 0x6, 0x4cb, 0x3, 0xf0, 0xfffffffd, 0x0, 0x1, 0x8, 0x7, 0x6, 0x2, 0x4, 0xd56, 0xd, 0x275b, 0x9, 0x3ff, 0xfffff292, 0x3, 0x3, 0xffffff80, 0xf, 0xd9, 0x7a, 0x6, 0x7, 0x6, 0x1]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x10000000, 0xaf9, 0x60, 0x2, {0x6, 0x1, 0x4, 0xffff, 0xa, 0x9}, {0x7, 0x2, 0x3ff, 0x7ff, 0x7c, 0x3}, 0x890a, 0xb8, 0x6}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000440), 0x18, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x17, &(0x7f0000000000)={&(0x7f0000000100)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x25dfdbfb, {0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x24}}, 0x40)
sendmsg$IPSET_CMD_SAVE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000080601020000000000000000000000000500010007000000c6571bf2e7186ac883c237f47d4c44bc733dc30d8c5237d3f20b3f0cca634156a791193eb68a6285bd8feab5bed2ced12b3a993320e79e8b951a6af69dbbe867a3f24acd973eec476cc759e333efb1910bcd1f49f38ff1e3c1a786683bf3deb61e7b2e981d66dfa13fd20597a7775b1e561d576527b763126d05bf1efa0d4fd123b15146ff9f9e62d8e9cc8a0c6daa87fa035f6b7e66e9f84c1127c6cd52e97293d317a6c332e4b7ef51183a732749034e6b5ec426dd8aaf6d3be1e3aaefa19b1f12c95520abf8e2992ff90a132ae97c886605b4ea261d2b167ca52f34fb46d8955264f00334647d4420ffb6cfdc0e90b547c6dd2f57bc70c3ac68520a7ef7f0dcfe0567bc1e7b3c828976d450168179c0499bef21800034acaa9129c326dd917ac49a906f3432f64c87455575d85adeb108e44cf3af65ac24f0725d3f"], 0x1c}}, 0x0)
r1 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a45320, &(0x7f00000000c0)={{0x80, 0xf7}, 'port1\x00', 0x3ab, 0x2062f, 0x3, 0x7, 0x0, 0xc, 0x3fc, 0x0, 0x7, 0xfd})
openat$sequencer(0xffffff9c, &(0x7f0000000000), 0x2, 0x21)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x48, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, r2, 0x800, 0x55007}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x2}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x1}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0)

0s ago: executing program 2 (id=4169):
r0 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$describe(0x6, r0, &(0x7f0000000680)=""/232, 0xe8)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
socket$kcm(0x21, 0x2, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x844}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x80082, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000500)={[&(0x7f0000000000)='.+-:\x00', &(0x7f0000000540)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x13\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\\h\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc\xdc\n\x88\xfc\xcci\xc1\xe8\xf8\x1e6&\bE\x8f\x9b\xc6\x8d0\xa7 -\xecC8O*7\xfa&\xf9\aC\xab\x03g\x06<Z\x16\x94\x9a\xe6\x8d\x10Y-\xf9\xd1\x8a\x8e\xc8\x0f\x89<O>\xda\x8c)\xae\xe3\x16\x9dz\x87\xd6OZX\xa4\xee\xa7\xebe\x14Qp\x96\x00\xd0VK\xe2$i\xd4\xcb-\xd4\x82w\x13\x98\xfcW\x9d\xff\xed\xd4\x14;]\xf8\xccS\xddl\x96v\x97\x988\xa7sQ\x1aN\xbdU.\x89\\\xfa\xc2\xcd\xde', &(0x7f0000000100)='security.', 0x0, &(0x7f0000000480)='+.\x00', 0x0]})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)

kernel console output (not intermixed with test programs):

ldn't find an input interrupt endpoint
[  848.782800][   T59] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  849.014661][   T59] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  849.018899][   T59] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  849.022393][   T59] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  849.036634][   T59] usb 6-1: config 0 descriptor??
[  849.791018][T23331] binder: BINDER_SET_CONTEXT_MGR already set
[  849.795806][T23331] binder: 23330:23331 ioctl 4018620d 800000c0 returned -16
[  850.294314][T20151] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  851.008644][T20151] usb 7-1: USB disconnect, device number 42
[  851.332812][ T5942] Bluetooth: hci1: command 0x0406 tx timeout
[  851.709321][   T59] usbhid 6-1:0.0: can't add hid device: -71
[  851.711336][   T59] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  851.714989][   T59] usb 6-1: USB disconnect, device number 37
[  853.412959][ T5952] Bluetooth: hci1: command 0x0406 tx timeout
[  867.958808][T23417] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3242'.
[  867.972766][T22814] usb 6-1: new full-speed USB device number 38 using dummy_hcd
[  868.324839][T22814] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  868.327993][T22814] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  868.332308][T22814] usb 6-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  868.335249][T22814] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  868.340092][T22814] usb 6-1: config 0 descriptor??
[  868.343553][T22814] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  868.987736][T23430] bridge40: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  869.577012][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  869.579656][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  870.080668][T23447] netlink: 'syz.3.3250': attribute type 32 has an invalid length.
[  870.084581][T23447] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3250'.
[  870.088419][T23447] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  870.287129][T23443] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3248'.
[  870.302175][T23443] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3248'.
[  870.576402][T23458] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  871.098298][   T72] libceph: connect (1)[c::]:6789 error -101
[  871.115950][T23471] ceph: No mds server is up or the cluster is laggy
[  871.165655][   T72] libceph: mon0 (1)[c::]:6789 connect error
[  872.762763][ T6207] usb 5-1: new full-speed USB device number 38 using dummy_hcd
[  872.924270][ T6207] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  872.932903][ T6207] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  872.937871][ T6207] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  872.941634][ T6207] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  872.955276][ T6207] usb 5-1: config 0 descriptor??
[  872.966098][ T6207] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  873.182761][   T24] usb 8-1: new full-speed USB device number 15 using dummy_hcd
[  873.283806][T23508] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  873.334420][   T24] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  873.337551][   T24] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  873.342198][   T24] usb 8-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  873.345483][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  873.349025][   T24] usb 8-1: config 0 descriptor??
[  873.354982][   T24] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  873.935519][T23516] bridge27: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  875.114548][   T72] libceph: connect (1)[c::]:6789 error -101
[  875.116916][   T72] libceph: mon0 (1)[c::]:6789 connect error
[  875.168729][T23536] ceph: No mds server is up or the cluster is laggy
[  875.544483][ T6207] usb 5-1: USB disconnect, device number 38
[  875.982708][T22814] usb 8-1: USB disconnect, device number 15
[  876.568436][T23556] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  876.950433][T23575] bridge24: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  876.972700][ T6358] usb 7-1: new full-speed USB device number 43 using dummy_hcd
[  877.124152][ T6358] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  877.127862][ T6358] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  877.132187][ T6358] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  877.135127][ T6358] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  877.142909][ T6358] usb 7-1: config 0 descriptor??
[  877.147649][ T6358] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  877.513463][T23582] ceph: No mds server is up or the cluster is laggy
[  877.516891][   T72] libceph: connect (1)[c::]:6789 error -101
[  877.522220][   T72] libceph: mon0 (1)[c::]:6789 connect error
[  878.010524][T23594] bridge27: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  879.093360][T23611] bridge25: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  879.447770][ T5952] Bluetooth: hci3: SCO packet for unknown connection handle 200
[  879.856703][T23619] binder: 23618:23619 ioctl 4018620d 0 returned -22
[  879.945871][T22814] usb 7-1: USB disconnect, device number 43
[  880.186844][T23628] bridge28: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  882.239977][ T6358] usb 8-1: new full-speed USB device number 16 using dummy_hcd
[  882.417486][ T6358] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  882.428288][ T6358] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  882.434396][ T6358] usb 8-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  882.474450][ T6358] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  882.493331][ T6358] usb 8-1: config 0 descriptor??
[  882.498898][ T6358] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  883.203392][T20151] usb 7-1: new full-speed USB device number 44 using dummy_hcd
[  883.357137][T20151] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  883.361380][T20151] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  883.367453][T20151] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  883.371284][T20151] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  883.378052][T20151] usb 7-1: config 0 descriptor??
[  883.387793][T20151] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  885.017781][T20151] usb 8-1: USB disconnect, device number 16
[  885.993086][   T53] usb 7-1: USB disconnect, device number 44
[  886.029240][T23705] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3313'.
[  887.062482][T23727] bridge28: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  887.612630][T23738] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  887.615345][T23738] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  887.619315][T23738] vhci_hcd vhci_hcd.0: Device attached
[  887.635627][T23739] vhci_hcd: connection closed
[  887.645838][ T1149] vhci_hcd: stop threads
[  887.649562][ T1149] vhci_hcd: release socket
[  887.651173][ T1149] vhci_hcd: disconnect device
[  887.914680][T23744] bridge29: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  888.858491][T23755] bridge29: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  889.200463][   T24] libceph: connect (1)[c::]:6789 error -101
[  889.202466][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  889.474575][   T24] libceph: connect (1)[c::]:6789 error -101
[  889.476655][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  889.983985][   T24] libceph: connect (1)[c::]:6789 error -101
[  889.986105][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  890.026310][T23762] ceph: No mds server is up or the cluster is laggy
[  891.082375][T23796] trusted_key: syz.3.3338 sent an empty control message without MSG_MORE.
[  892.735690][T23823] bio_check_eod: 17 callbacks suppressed
[  892.735701][T23823] syz.0.3344: attempt to access beyond end of device
[  892.735701][T23823] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0
[  892.741711][T23823] syz.0.3344: attempt to access beyond end of device
[  892.741711][T23823] nbd0: rw=0, sector=512, nr_sectors = 2 limit=0
[  892.745939][T23823] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[  892.749273][T23823] syz.0.3344: attempt to access beyond end of device
[  892.749273][T23823] nbd0: rw=0, sector=1024, nr_sectors = 2 limit=0
[  892.753699][T23823] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[  892.758608][T23823] syz.0.3344: attempt to access beyond end of device
[  892.758608][T23823] nbd0: rw=0, sector=64, nr_sectors = 4 limit=0
[  892.763029][T23823] syz.0.3344: attempt to access beyond end of device
[  892.763029][T23823] nbd0: rw=0, sector=1024, nr_sectors = 4 limit=0
[  892.767142][T23823] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[  892.771002][T23823] syz.0.3344: attempt to access beyond end of device
[  892.771002][T23823] nbd0: rw=0, sector=2048, nr_sectors = 4 limit=0
[  892.776479][T23823] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[  892.779949][T23823] syz.0.3344: attempt to access beyond end of device
[  892.779949][T23823] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  892.784492][T23823] syz.0.3344: attempt to access beyond end of device
[  892.784492][T23823] nbd0: rw=0, sector=2048, nr_sectors = 8 limit=0
[  892.788796][T23823] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[  892.791938][T23823] syz.0.3344: attempt to access beyond end of device
[  892.791938][T23823] nbd0: rw=0, sector=4096, nr_sectors = 8 limit=0
[  892.796312][T23823] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[  892.799238][T23823] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1)
[  893.692816][   T24] usb 7-1: new full-speed USB device number 45 using dummy_hcd
[  893.874974][   T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  893.878330][   T24] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  893.882337][   T24] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  893.885399][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  893.893240][   T24] usb 7-1: config 0 descriptor??
[  893.900662][   T24] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  896.545904][ T5983] usb 7-1: USB disconnect, device number 45
[  898.922776][   T24] usb 8-1: new full-speed USB device number 17 using dummy_hcd
[  899.077059][   T24] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  899.080211][   T24] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  899.084265][   T24] usb 8-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  899.087061][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  899.090643][   T24] usb 8-1: config 0 descriptor??
[  899.098856][   T24] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  899.953559][   T24] libceph: connect (1)[c::]:6789 error -101
[  899.956334][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  900.214525][   T24] libceph: connect (1)[c::]:6789 error -101
[  900.216838][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  900.733796][   T24] libceph: connect (1)[c::]:6789 error -101
[  900.738875][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  900.776093][T23933] ceph: No mds server is up or the cluster is laggy
[  900.886136][T23948] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3378'.
[  901.733885][   T24] usb 8-1: USB disconnect, device number 17
[  901.803654][T23958] netlink: 'syz.3.3380': attribute type 1 has an invalid length.
[  902.974480][   T59] libceph: connect (1)[c::]:6789 error -101
[  902.977152][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  903.014714][T23987] ceph: No mds server is up or the cluster is laggy
[  903.032838][   T53] usb 5-1: new full-speed USB device number 39 using dummy_hcd
[  903.195756][   T53] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  903.199049][   T53] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  903.203198][   T53] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  903.206028][   T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  903.209932][   T53] usb 5-1: config 0 descriptor??
[  903.220404][   T53] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  903.960917][T24001] ceph: No mds server is up or the cluster is laggy
[  904.208848][   T59] libceph: connect (1)[c::]:6789 error -101
[  904.211869][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  905.043880][T24019] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  905.043914][T24019] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  905.044054][T24019] vhci_hcd vhci_hcd.0: Device attached
[  905.424732][    C3] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  905.487257][T24022] vhci_hcd: connection closed
[  905.487504][   T46] vhci_hcd: stop threads
[  905.487524][   T46] vhci_hcd: release socket
[  905.487533][   T46] vhci_hcd: disconnect device
[  905.933781][ T5756] usb 5-1: USB disconnect, device number 39
[  906.698747][T24058] binder: BINDER_SET_CONTEXT_MGR already set
[  906.700779][T24058] binder: 24057:24058 ioctl 4018620d 80000100 returned -16
[  907.255039][T24066] netlink: 'syz.0.3406': attribute type 2 has an invalid length.
[  907.257523][T24066] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.3406'.
[  907.260488][T24066] nbd: must specify a device to reconfigure
[  907.284761][T24066] random: crng reseeded on system resumption
[  907.627838][T24072] bridge26: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  907.730491][T24079] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[  907.733316][T24079] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  907.736740][T24079] vhci_hcd vhci_hcd.0: Device attached
[  907.892025][T24080] vhci_hcd: connection closed
[  907.895080][ T1149] vhci_hcd: stop threads
[  907.895092][ T1149] vhci_hcd: release socket
[  907.895826][ T1149] vhci_hcd: disconnect device
[  907.943427][ T6358] vhci_hcd: vhci_device speed not set
[  909.137343][T24090] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  909.140145][T24090] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  909.348881][T24090] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  909.352635][T24090] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  909.878724][T24100] bridge30: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  910.593193][ T5756] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  910.773460][T24115] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3418'.
[  911.220142][T24141] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  911.223001][T24141] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  911.226478][T24141] vhci_hcd vhci_hcd.0: Device attached
[  911.390577][T24142] vhci_hcd: connection closed
[  911.392218][   T73] vhci_hcd: stop threads
[  911.392232][   T73] vhci_hcd: release socket
[  911.392240][   T73] vhci_hcd: disconnect device
[  911.412742][ T5942] Bluetooth: hci1: command 0x0405 tx timeout
[  918.525481][T24178] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  918.527609][T24178] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  918.539548][T24178] vhci_hcd vhci_hcd.0: Device attached
[  918.592319][T24173] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  918.592516][T24173] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  918.684245][T24180] vhci_hcd: connection closed
[  918.685491][   T46] vhci_hcd: stop threads
[  918.685653][   T46] vhci_hcd: release socket
[  918.685718][   T46] vhci_hcd: disconnect device
[  918.713210][   T24] vhci_hcd: vhci_device speed not set
[  920.070652][T24194] ceph: No mds server is up or the cluster is laggy
[  920.073145][   T59] libceph: connect (1)[c::]:6789 error -101
[  920.075515][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  921.273965][T24227] @: renamed from vlan0 (while UP)
[  922.463193][   T24] usb 7-1: new full-speed USB device number 46 using dummy_hcd
[  922.623894][   T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  922.628111][   T24] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  922.636778][   T24] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  922.639739][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  922.644909][   T24] usb 7-1: config 0 descriptor??
[  922.648466][   T24] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  923.843105][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  923.891684][T24289] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3453'.
[  924.369836][T24308] overlayfs: overlapping lowerdir path
[  925.081316][T24316] ceph: No mds server is up or the cluster is laggy
[  925.196982][   T59] libceph: connect (1)[c::]:6789 error -101
[  925.212373][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  925.368770][   T24] usb 7-1: USB disconnect, device number 46
[  931.018920][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  931.021022][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  934.562858][T22814] usb 7-1: new high-speed USB device number 47 using dummy_hcd
[  934.724449][T22814] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  934.728841][T22814] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  934.732435][T22814] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  934.739654][T22814] usb 7-1: config 0 descriptor??
[  934.814633][T24361] ceph: No mds server is up or the cluster is laggy
[  934.817781][   T72] libceph: connect (1)[c::]:6789 error -101
[  934.821884][   T72] libceph: mon0 (1)[c::]:6789 connect error
[  934.829401][   T72] libceph: connect (1)[c::]:6789 error -101
[  934.832761][   T72] libceph: mon0 (1)[c::]:6789 connect error
[  934.928785][T24360] bridge27: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  934.952987][T22814] usbhid 7-1:0.0: can't add hid device: -71
[  934.955678][T22814] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  934.959727][T22814] usb 7-1: USB disconnect, device number 47
[  935.102934][   T72] libceph: connect (1)[c::]:6789 error -101
[  935.105238][   T72] libceph: mon0 (1)[c::]:6789 connect error
[  935.214558][T24362] ceph: No mds server is up or the cluster is laggy
[  935.392740][ T6358] usb 7-1: new high-speed USB device number 48 using dummy_hcd
[  935.566727][T24377] ceph: No mds server is up or the cluster is laggy
[  935.571332][   T59] libceph: connect (1)[c::]:6789 error -101
[  935.574679][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  935.578974][ T6358] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  935.585986][ T6358] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  935.589016][ T6358] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  935.592551][ T6358] usb 7-1: config 0 descriptor??
[  935.810761][   T59] libceph: connect (1)[c::]:6789 error -101
[  935.832423][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  935.862208][T24386] ceph: No mds server is up or the cluster is laggy
[  936.368367][T24394] bridge41: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  936.703291][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  936.934486][T20151] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  937.202914][   T24] usb 8-1: new full-speed USB device number 18 using dummy_hcd
[  937.383770][   T24] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  937.387056][   T24] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  937.390949][   T24] usb 8-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  937.394106][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  937.399283][   T24] usb 8-1: config 0 descriptor??
[  937.403530][   T24] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  937.761284][ T6358] usbhid 7-1:0.0: can't add hid device: -71
[  937.763340][ T6358] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  937.766843][ T6358] usb 7-1: USB disconnect, device number 48
[  938.114823][T24435] ceph: No mds server is up or the cluster is laggy
[  938.341953][   T72] libceph: connect (1)[c::]:6789 error -101
[  938.344131][   T72] libceph: mon0 (1)[c::]:6789 connect error
[  938.861013][T24447] bridge30: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  938.947712][T24453] ceph: No mds server is up or the cluster is laggy
[  938.952854][   T59] libceph: connect (1)[c::]:6789 error -101
[  938.955165][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  939.981558][T22814] usb 8-1: USB disconnect, device number 18
[  944.277170][T20151] libceph: connect (1)[c::]:6789 error -101
[  944.279680][T20151] libceph: mon0 (1)[c::]:6789 connect error
[  944.532940][T20151] libceph: connect (1)[c::]:6789 error -101
[  944.535001][T20151] libceph: mon0 (1)[c::]:6789 connect error
[  944.785728][T24480] ceph: No mds server is up or the cluster is laggy
[  945.212788][T22814] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  945.384199][T22814] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  945.387740][T22814] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  945.390596][T22814] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  945.395087][T22814] usb 8-1: config 0 descriptor??
[  945.606263][T22814] usbhid 8-1:0.0: can't add hid device: -71
[  945.608937][T22814] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  945.620067][T22814] usb 8-1: USB disconnect, device number 19
[  945.691239][T24502] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  945.698185][T24502] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  945.912069][T24502] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  945.917749][T24502] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  946.042773][T22814] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  946.196079][T22814] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  946.199632][T22814] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  946.202452][T22814] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  946.207313][T22814] usb 8-1: config 0 descriptor??
[  946.333183][T20151] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  946.342700][   T59] usb 5-1: new full-speed USB device number 40 using dummy_hcd
[  946.504224][   T59] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  946.512752][   T59] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  946.517903][   T59] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  946.524066][   T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  946.531678][   T59] usb 5-1: config 0 descriptor??
[  946.537688][   T59] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  946.783335][T20151] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  947.972711][ T5942] Bluetooth: hci1: command 0x0405 tx timeout
[  948.012267][T22814] usbhid 8-1:0.0: can't add hid device: -71
[  948.014363][T22814] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  948.019027][T22814] usb 8-1: USB disconnect, device number 20
[  948.356957][   T59] libceph: connect (1)[c::]:6789 error -101
[  948.361520][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  948.411943][T24545] ceph: No mds server is up or the cluster is laggy
[  948.452781][ T5942] Bluetooth: hci4: command 0x0406 tx timeout
[  949.144702][   T24] usb 5-1: USB disconnect, device number 40
[  949.780534][T24569] bridge31: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  950.052756][ T5942] Bluetooth: hci1: command 0x0405 tx timeout
[  957.852871][ T1341] usb 5-1: new full-speed USB device number 41 using dummy_hcd
[  958.014217][ T1341] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  958.022700][ T1341] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  958.027523][ T1341] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  958.031053][ T1341] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  958.035142][ T1341] usb 5-1: config 0 descriptor??
[  958.043216][ T1341] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  958.149264][T24629] bridge28: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  958.263586][   T59] libceph: connect (1)[c::]:6789 error -101
[  958.267132][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  958.522934][   T59] libceph: connect (1)[c::]:6789 error -101
[  958.525000][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  958.711870][T24640] bridge42: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  958.864185][T24632] ceph: No mds server is up or the cluster is laggy
[  959.807054][T24664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  959.810993][T24664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  959.861725][T24666] bridge43: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  960.796683][   T72] libceph: connect (1)[c::]:6789 error -101
[  960.805463][   T72] libceph: mon0 (1)[c::]:6789 connect error
[  960.874281][T20151] usb 5-1: USB disconnect, device number 41
[  961.063178][   T72] libceph: connect (1)[c::]:6789 error -101
[  961.065315][   T72] libceph: mon0 (1)[c::]:6789 connect error
[  961.166402][T24699] bridge31: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  961.302504][T24685] ceph: No mds server is up or the cluster is laggy
[  961.469742][T24703] mmap: syz.0.3520 (24703) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  962.062724][   T24] usb 5-1: new full-speed USB device number 42 using dummy_hcd
[  962.223248][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  962.226346][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  962.230335][   T24] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  962.233339][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  962.243010][   T24] usb 5-1: config 0 descriptor??
[  962.247589][   T24] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  962.409181][T24721] bridge44: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  962.542360][T24725] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  962.545363][T24725] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  963.855719][   T59] libceph: connect (1)[c::]:6789 error -101
[  963.866807][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  964.124893][   T72] libceph: connect (1)[c::]:6789 error -101
[  964.127028][   T72] libceph: mon0 (1)[c::]:6789 connect error
[  964.379223][T24746] ceph: No mds server is up or the cluster is laggy
[  964.494183][T24751] FAULT_INJECTION: forcing a failure.
[  964.494183][T24751] name failslab, interval 1, probability 0, space 0, times 0
[  964.499567][T24751] CPU: 3 UID: 0 PID: 24751 Comm: syz.3.3533 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[  964.499591][T24751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  964.499602][T24751] Call Trace:
[  964.499609][T24751]  <TASK>
[  964.499616][T24751]  dump_stack_lvl+0x16c/0x1f0
[  964.499640][T24751]  should_fail_ex+0x512/0x640
[  964.499658][T24751]  ? fs_reclaim_acquire+0xae/0x150
[  964.499670][T24751]  ? tomoyo_encode2+0x100/0x3e0
[  964.499686][T24751]  should_failslab+0xc2/0x120
[  964.499703][T24751]  __kmalloc_noprof+0xd2/0x510
[  964.499717][T24751]  ? d_absolute_path+0x136/0x1a0
[  964.499736][T24751]  tomoyo_encode2+0x100/0x3e0
[  964.499754][T24751]  tomoyo_encode+0x29/0x50
[  964.499769][T24751]  tomoyo_realpath_from_path+0x18f/0x6e0
[  964.499789][T24751]  tomoyo_path_number_perm+0x245/0x580
[  964.499803][T24751]  ? tomoyo_path_number_perm+0x237/0x580
[  964.499818][T24751]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  964.499846][T24751]  ? find_held_lock+0x2b/0x80
[  964.499861][T24751]  ? hook_file_ioctl_common+0x145/0x410
[  964.499877][T24751]  ? __fget_files+0x20e/0x3c0
[  964.499889][T24751]  ? fput+0x10/0xf0
[  964.499907][T24751]  security_file_ioctl_compat+0x9b/0x240
[  964.499923][T24751]  __ia32_compat_sys_ioctl+0xc3/0x370
[  964.499937][T24751]  __do_fast_syscall_32+0x7c/0x3a0
[  964.499954][T24751]  do_fast_syscall_32+0x32/0x80
[  964.499969][T24751]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  964.499983][T24751] RIP: 0023:0xf7f05579
[  964.499993][T24751] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  964.500004][T24751] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  964.500015][T24751] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000ab03
[  964.500022][T24751] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  964.500028][T24751] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  964.500035][T24751] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  964.500041][T24751] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  964.500054][T24751]  </TASK>
[  964.500069][T24751] ERROR: Out of memory at tomoyo_realpath_from_path.
[  964.546059][T24752] block nbd3: shutting down sockets
[  964.692879][ T5952] Bluetooth: hci1: command 0x0405 tx timeout
[  964.865747][ T1341] usb 5-1: USB disconnect, device number 42
[  964.932521][T24767] syz_tun: entered allmulticast mode
[  965.869796][T24766] syz_tun: left allmulticast mode
[  966.716259][T24799] block nbd3: shutting down sockets
[  966.992903][T22814] usb 8-1: new full-speed USB device number 21 using dummy_hcd
[  967.075398][T24812] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  967.079719][T24812] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  967.146584][T22814] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  967.150971][T22814] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  967.157494][T22814] usb 8-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  967.161222][T22814] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  967.167992][T22814] usb 8-1: config 0 descriptor??
[  967.173792][T22814] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  967.759508][T24823] block nbd0: shutting down sockets
[  969.801914][   T24] usb 8-1: USB disconnect, device number 21
[  969.923662][   T59] libceph: connect (1)[c::]:6789 error -101
[  969.926156][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  970.183216][   T59] libceph: connect (1)[c::]:6789 error -101
[  970.302990][   T24] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[  970.418150][   T59] libceph: mon0 (1)[c::]:6789 connect error
[  970.464289][   T24] usb 8-1: too many endpoints for config 26 interface 0 altsetting 0: 253, using maximum allowed: 30
[  970.467768][   T24] usb 8-1: config 26 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  970.471371][   T24] usb 8-1: config 26 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  970.475872][   T24] usb 8-1: config 26 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  970.480864][   T24] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  970.485089][   T24] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  970.488551][   T24] usb 8-1: Manufacturer: syz
[  970.531893][T24863] ceph: No mds server is up or the cluster is laggy
[  970.852774][   T59] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  970.904135][   T24] appleir 0003:05AC:8243.0067: unknown main item tag 0x0
[  970.907829][   T24] appleir 0003:05AC:8243.0067: No inputs registered, leaving
[  970.916175][   T24] appleir 0003:05AC:8243.0067: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  971.014037][   T59] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  971.017517][   T59] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  971.020316][   T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  971.025660][   T59] usb 5-1: config 0 descriptor??
[  971.238066][   T59] usbhid 5-1:0.0: can't add hid device: -71
[  971.241735][   T59] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  971.273349][   T59] usb 5-1: USB disconnect, device number 43
[  971.777338][ T5983] libceph: connect (1)[c::]:6789 error -101
[  971.779568][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  971.832730][   T59] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  972.005525][   T59] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  972.044887][   T59] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  972.050927][   T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  972.056830][ T5983] libceph: connect (1)[c::]:6789 error -101
[  972.060288][   T59] usb 5-1: config 0 descriptor??
[  972.061940][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[  972.399770][T24886] ceph: No mds server is up or the cluster is laggy
[  972.652714][T24903] binder: 24902:24903 ioctl 4018620d 0 returned -22
[  972.896386][T20151] usb 8-1: USB disconnect, device number 22
[  973.023204][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  973.034137][   T24] libceph: connect (1)[c::]:6789 error -101
[  973.036103][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  973.293005][T20151] libceph: connect (1)[c::]:6789 error -101
[  973.295112][T20151] libceph: mon0 (1)[c::]:6789 connect error
[  973.412713][ T1341] usb 7-1: new high-speed USB device number 49 using dummy_hcd
[  973.528850][T24907] ceph: No mds server is up or the cluster is laggy
[  973.574284][ T1341] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  973.578974][ T1341] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  973.584430][ T1341] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  973.589789][ T1341] usb 7-1: config 0 descriptor??
[  973.800866][ T1341] usbhid 7-1:0.0: can't add hid device: -71
[  973.802976][ T1341] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  973.807831][ T1341] usb 7-1: USB disconnect, device number 49
[  974.242838][ T6088] usb 7-1: new high-speed USB device number 50 using dummy_hcd
[  974.313197][   T59] usbhid 5-1:0.0: can't add hid device: -71
[  974.315184][   T59] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  974.323336][   T59] usb 5-1: USB disconnect, device number 44
[  974.382770][ T5942] Bluetooth: hci3: command 0x0406 tx timeout
[  974.414150][ T6088] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  974.417632][ T6088] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  974.420416][ T6088] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  974.431831][ T6088] usb 7-1: config 0 descriptor??
[  975.063095][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  975.916835][T24950] binder: 24949:24950 ioctl 4018620d 0 returned -22
[  976.352910][ T6088] usbhid 7-1:0.0: can't add hid device: -71
[  976.354857][ T6088] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  976.445342][ T6088] usb 7-1: USB disconnect, device number 50
[  976.836173][ T6088] usb 7-1: new full-speed USB device number 51 using dummy_hcd
[  977.122719][ T6088] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  977.125766][ T6088] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  977.129572][ T6088] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  977.132280][ T6088] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  977.156713][ T6088] usb 7-1: config 0 descriptor??
[  977.167556][ T6088] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  977.387085][T24977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  977.390750][T24977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  977.676595][T24983] binder: 24982:24983 ioctl 4018620d 0 returned -22
[  977.775593][T24988] bridge32: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  978.806290][T25001] bridge33: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  979.404138][T25017] binder: 25016:25017 ioctl 4018620d 0 returned -22
[  979.434472][T25019] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  979.438074][T25019] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  979.573276][   T10] usb 7-1: USB disconnect, device number 51
[  980.023258][ T5942] Bluetooth: hci4: unexpected cc 0x2039 length: 9 > 1
[  980.082410][T25046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3613'.
[  980.315909][T25050] binder: 25049:25050 ioctl 4018620d 0 returned -22
[  980.320753][T25050] binder: 25049:25050 ioctl c0306201 0 returned -14
[  980.813891][T20151] usb 7-1: new full-speed USB device number 52 using dummy_hcd
[  980.974808][T20151] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  980.979508][T20151] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  980.984057][T20151] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  980.987030][T20151] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  980.990783][T20151] usb 7-1: config 0 descriptor??
[  980.996944][T20151] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  981.718826][T25079] FAULT_INJECTION: forcing a failure.
[  981.718826][T25079] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  981.723366][T25079] CPU: 3 UID: 0 PID: 25079 Comm: syz.3.3622 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[  981.723382][T25079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  981.723389][T25079] Call Trace:
[  981.723393][T25079]  <TASK>
[  981.723398][T25079]  dump_stack_lvl+0x16c/0x1f0
[  981.723417][T25079]  should_fail_ex+0x512/0x640
[  981.723437][T25079]  should_fail_alloc_page+0xe7/0x130
[  981.723454][T25079]  prepare_alloc_pages+0x3c2/0x610
[  981.723467][T25079]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  981.723487][T25079]  ? __lock_acquire+0x622/0x1c90
[  981.723501][T25079]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  981.723522][T25079]  ? filemap_get_entry+0x1a7/0x3b0
[  981.723539][T25079]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  981.723555][T25079]  ? policy_nodemask+0xea/0x4e0
[  981.723572][T25079]  alloc_pages_mpol+0x1fb/0x550
[  981.723588][T25079]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  981.723604][T25079]  ? _raw_spin_unlock+0x28/0x50
[  981.723616][T25079]  ? swap_entry_swapped+0x122/0x190
[  981.723632][T25079]  ? __pfx_swap_entry_swapped+0x10/0x10
[  981.723649][T25079]  folio_alloc_mpol_noprof+0x36/0x2f0
[  981.723668][T25079]  __read_swap_cache_async+0x3b6/0x5a0
[  981.723683][T25079]  ? __pfx___read_swap_cache_async+0x10/0x10
[  981.723696][T25079]  ? __pfx_get_swap_device+0x10/0x10
[  981.723711][T25079]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  981.723727][T25079]  read_swap_cache_async+0xdc/0x1e0
[  981.723740][T25079]  ? __pfx_read_swap_cache_async+0x10/0x10
[  981.723753][T25079]  ? find_held_lock+0x2b/0x80
[  981.723768][T25079]  ? find_held_lock+0x2b/0x80
[  981.723783][T25079]  ? swapin_walk_pmd_entry+0x25d/0x5c0
[  981.723803][T25079]  swapin_walk_pmd_entry+0x281/0x5c0
[  981.723821][T25079]  ? __pfx_swapin_walk_pmd_entry+0x10/0x10
[  981.723842][T25079]  ? __pfx_swapin_walk_pmd_entry+0x10/0x10
[  981.723866][T25079]  walk_pgd_range+0xc56/0x1f60
[  981.723891][T25079]  ? __pfx_walk_pgd_range+0x10/0x10
[  981.723909][T25079]  __walk_page_range+0x163/0x820
[  981.723925][T25079]  ? find_vma+0xbf/0x140
[  981.723941][T25079]  ? __pfx_find_vma+0x10/0x10
[  981.723958][T25079]  ? walk_page_test+0x9b/0x180
[  981.723973][T25079]  walk_page_range_mm+0x54d/0x8a0
[  981.723990][T25079]  ? __pfx_walk_page_range_mm+0x10/0x10
[  981.724005][T25079]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  981.724028][T25079]  walk_page_range+0x63/0x90
[  981.724044][T25079]  madvise_vma_behavior+0x14b3/0x2890
[  981.724063][T25079]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  981.724081][T25079]  ? __pfx_mas_prev+0x10/0x10
[  981.724099][T25079]  ? find_vma_prev+0xda/0x160
[  981.724109][T25079]  ? __pfx_find_vma_prev+0x10/0x10
[  981.724127][T25079]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  981.724143][T25079]  madvise_walk_vmas+0x1d1/0x2c0
[  981.724160][T25079]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  981.724179][T25079]  madvise_do_behavior+0x15d/0x3f0
[  981.724196][T25079]  ? __pfx___might_resched+0x10/0x10
[  981.724214][T25079]  ? __pfx_madvise_do_behavior+0x10/0x10
[  981.724231][T25079]  ? down_read+0x13d/0x480
[  981.724253][T25079]  do_madvise+0x161/0x230
[  981.724270][T25079]  ? __pfx_do_madvise+0x10/0x10
[  981.724292][T25079]  ? ksys_write+0x1ac/0x250
[  981.724305][T25079]  ? __pfx_ksys_write+0x10/0x10
[  981.724321][T25079]  __ia32_sys_madvise+0xa7/0x110
[  981.724338][T25079]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  981.724355][T25079]  __do_fast_syscall_32+0x7c/0x3a0
[  981.724372][T25079]  do_fast_syscall_32+0x32/0x80
[  981.724387][T25079]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  981.724401][T25079] RIP: 0023:0xf7f05579
[  981.724411][T25079] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  981.724422][T25079] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 00000000000000db
[  981.724433][T25079] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000600000
[  981.724440][T25079] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000000
[  981.724446][T25079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  981.724452][T25079] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  981.724458][T25079] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  981.724471][T25079]  </TASK>
[  981.983639][T25086] binder: 25085:25086 ioctl 4018620d 0 returned -22
[  981.990885][T25086] binder: 25085:25086 ioctl c0306201 0 returned -14
[  983.332145][T25120] binder: 25119:25120 ioctl 4018620d 0 returned -22
[  983.339596][T25120] binder: 25119:25120 ioctl c0306201 0 returned -14
[  983.461044][T25118] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  983.463551][T25118] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  983.467237][T25118] vhci_hcd vhci_hcd.0: Device attached
[  983.504756][T25125] vhci_hcd: connection closed
[  983.505686][ T1136] vhci_hcd: stop threads
[  983.508590][ T1136] vhci_hcd: release socket
[  983.510007][ T1136] vhci_hcd: disconnect device
[  983.575952][T20151] usb 7-1: USB disconnect, device number 52
[  984.054313][ T5942] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  984.057157][ T5942] Bluetooth: hci4: Injecting HCI hardware error event
[  984.060195][ T5952] Bluetooth: hci4: hardware error 0x00
[  984.075567][T25135] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3636'.
[  984.078322][T25135] FAULT_INJECTION: forcing a failure.
[  984.078322][T25135] name failslab, interval 1, probability 0, space 0, times 0
[  984.082185][T25135] CPU: 2 UID: 0 PID: 25135 Comm: syz.1.3636 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[  984.082200][T25135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  984.082208][T25135] Call Trace:
[  984.082213][T25135]  <TASK>
[  984.082227][T25135]  dump_stack_lvl+0x16c/0x1f0
[  984.082248][T25135]  should_fail_ex+0x512/0x640
[  984.082266][T25135]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  984.082282][T25135]  should_failslab+0xc2/0x120
[  984.082299][T25135]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  984.082313][T25135]  ? consume_skb+0xcc/0x100
[  984.082330][T25135]  ? __alloc_skb+0x2b2/0x380
[  984.082346][T25135]  __alloc_skb+0x2b2/0x380
[  984.082360][T25135]  ? __pfx___alloc_skb+0x10/0x10
[  984.082379][T25135]  netlink_ack+0x15d/0xb80
[  984.082390][T25135]  ? __pfx___dev_queue_xmit+0x10/0x10
[  984.082406][T25135]  netlink_rcv_skb+0x332/0x420
[  984.082416][T25135]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  984.082431][T25135]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  984.082447][T25135]  ? ns_capable+0xd7/0x110
[  984.082465][T25135]  nfnetlink_rcv+0x1b3/0x430
[  984.082477][T25135]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  984.082489][T25135]  ? netlink_deliver_tap+0x1ae/0xd30
[  984.082509][T25135]  netlink_unicast+0x53a/0x7f0
[  984.082528][T25135]  ? __pfx_netlink_unicast+0x10/0x10
[  984.082549][T25135]  netlink_sendmsg+0x8d1/0xdd0
[  984.082562][T25135]  ? __pfx_netlink_sendmsg+0x10/0x10
[  984.082580][T25135]  ? __import_iovec+0x1dd/0x650
[  984.082595][T25135]  ____sys_sendmsg+0xa95/0xc70
[  984.082608][T25135]  ? __pfx_____sys_sendmsg+0x10/0x10
[  984.082618][T25135]  ? get_compat_msghdr+0x11a/0x170
[  984.082640][T25135]  ___sys_sendmsg+0x134/0x1d0
[  984.082656][T25135]  ? __pfx____sys_sendmsg+0x10/0x10
[  984.082678][T25135]  ? find_held_lock+0x2b/0x80
[  984.082702][T25135]  __sys_sendmsg+0x16d/0x220
[  984.082717][T25135]  ? __pfx___sys_sendmsg+0x10/0x10
[  984.082738][T25135]  ? rcu_is_watching+0x12/0xc0
[  984.082756][T25135]  __do_fast_syscall_32+0x7c/0x3a0
[  984.082773][T25135]  do_fast_syscall_32+0x32/0x80
[  984.082789][T25135]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  984.082803][T25135] RIP: 0023:0xf70ee579
[  984.082812][T25135] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  984.082823][T25135] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  984.082833][T25135] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200
[  984.082840][T25135] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  984.082846][T25135] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  984.082852][T25135] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  984.082858][T25135] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  984.082872][T25135]  </TASK>
[  984.182423][T25138] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3638'.
[  984.432880][   T10] usb 5-1: new full-speed USB device number 45 using dummy_hcd
[  984.513754][T25151] binder: 25150:25151 ioctl 4018620d 0 returned -22
[  984.605272][   T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  984.608511][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  984.612400][   T10] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  984.615341][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  984.622350][   T10] usb 5-1: config 0 descriptor??
[  984.628094][   T10] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  984.764388][   T53] libceph: connect (1)[c::]:6789 error -101
[  984.771776][   T53] libceph: mon0 (1)[c::]:6789 connect error
[  984.805915][T25158] ceph: No mds server is up or the cluster is laggy
[  985.336530][T25166] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3645'.
[  985.368436][T25166] ipt_rpfilter: unknown options
[  986.132725][ T5952] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  986.652906][T25196] binder: 25195:25196 ioctl 4018620d 0 returned -22
[  986.705774][T25198] netlink: 'syz.2.3653': attribute type 7 has an invalid length.
[  986.708701][T25198] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3653'.
[  987.196051][   T24] usb 5-1: USB disconnect, device number 45
[  987.204216][   T53] libceph: connect (1)[c::]:6789 error -101
[  987.206212][   T53] libceph: mon0 (1)[c::]:6789 connect error
[  987.235274][T25208] ceph: No mds server is up or the cluster is laggy
[  988.236829][T25239] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  988.239874][T25239] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  989.675736][   T10] libceph: connect (1)[c::]:6789 error -101
[  989.677958][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  989.720062][T25266] ceph: No mds server is up or the cluster is laggy
[  990.372803][ T5952] Bluetooth: hci1: command 0x0405 tx timeout
[  990.692727][   T10] usb 7-1: new high-speed USB device number 53 using dummy_hcd
[  990.844562][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  990.849026][   T10] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  990.852737][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  990.859365][   T10] usb 7-1: config 0 descriptor??
[  991.067350][   T10] usbhid 7-1:0.0: can't add hid device: -71
[  991.070196][   T10] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  991.075215][   T10] usb 7-1: USB disconnect, device number 53
[  991.532726][   T10] usb 7-1: new high-speed USB device number 54 using dummy_hcd
[  991.692732][   T10] usb 7-1: Using ep0 maxpacket: 32
[  991.695705][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  991.699067][   T10] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  991.701865][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  991.705894][   T10] usb 7-1: config 0 descriptor??
[  991.710595][   T10] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  991.716240][   T10] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  991.827626][   T24] libceph: connect (1)[c::]:6789 error -101
[  991.829580][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  991.874563][T25308] ceph: No mds server is up or the cluster is laggy
[  991.921871][   T10] usb 7-1: USB disconnect, device number 54
[  991.926611][   T10] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[  992.465543][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[  992.467561][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[  992.972829][   T24] usb 8-1: new full-speed USB device number 23 using dummy_hcd
[  993.124677][   T24] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  993.127794][   T24] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  993.131709][   T24] usb 8-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  993.134640][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  993.138388][   T24] usb 8-1: config 0 descriptor??
[  993.142465][   T24] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  996.112038][T22814] usb 8-1: USB disconnect, device number 23
[  996.644412][T25416] binder: 25415:25416 ioctl 4018620d 0 returned -22
[  997.278233][ T6358] libceph: connect (1)[c::]:6789 error -101
[  997.280253][ T6358] libceph: mon0 (1)[c::]:6789 connect error
[  997.326317][T25425] ceph: No mds server is up or the cluster is laggy
[  997.603324][   T10] usb 8-1: new full-speed USB device number 24 using dummy_hcd
[  997.773970][   T10] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  997.777218][   T10] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  997.782061][   T10] usb 8-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  997.785288][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  997.789208][   T10] usb 8-1: config 0 descriptor??
[  997.792334][T25439] bridge32: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  997.792897][   T10] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  998.743442][T22814] usb 7-1: new high-speed USB device number 55 using dummy_hcd
[  998.893989][T22814] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  998.896735][T22814] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  998.900200][T22814] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  998.905200][T22814] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  998.908568][T22814] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  998.916397][T22814] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  998.919216][T22814] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  998.921711][T22814] usb 7-1: Product: syz
[  998.929716][T22814] usb 7-1: Manufacturer: syz
[  998.936978][T22814] cdc_wdm 7-1:1.0: skipping garbage
[  998.940470][T22814] cdc_wdm 7-1:1.0: skipping garbage
[  998.944309][T22814] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  998.946247][T22814] cdc_wdm 7-1:1.0: Unknown control protocol
[  999.139051][    C1] raw-gadget.3 gadget.2: ignoring, device is not running
[  999.141749][    C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  999.144299][    C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  999.146415][    C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  999.148516][    C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  999.150589][    C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  999.152659][    C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  999.154762][    C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  999.156818][    C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  999.158884][    C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  999.160930][    C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  999.163179][    C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  999.165244][    C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  999.167311][    C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  999.169394][    C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  999.171476][    C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  999.173490][    C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  999.175591][    C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  999.177658][    C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  999.179782][    C1] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  999.181857][    C1] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  999.184745][ T5983] usb 7-1: USB disconnect, device number 55
[  999.186645][    C1] cdc_wdm 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[ 1000.134925][ T5983] libceph: connect (1)[c::]:6789 error -101
[ 1000.137382][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[ 1000.172906][T25473] ceph: No mds server is up or the cluster is laggy
[ 1000.397121][T22814] usb 8-1: USB disconnect, device number 24
[ 1000.425419][T25491] bridge33: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1001.975918][ T5983] libceph: connect (1)[c::]:6789 error -101
[ 1001.978032][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[ 1002.020837][T25511] ceph: No mds server is up or the cluster is laggy
[ 1002.334066][   T10] usb 7-1: new full-speed USB device number 56 using dummy_hcd
[ 1002.484943][   T10] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1002.489167][   T10] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1002.494735][   T10] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1002.498500][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1002.504924][   T10] usb 7-1: config 0 descriptor??
[ 1002.514185][   T10] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1004.261855][ T5983] libceph: connect (1)[c::]:6789 error -101
[ 1004.283651][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[ 1004.309815][T25557] ceph: No mds server is up or the cluster is laggy
[ 1005.135500][   T10] usb 7-1: USB disconnect, device number 56
[ 1005.794886][T25590] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1005.801208][T25590] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1006.009445][T25590] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1006.013943][T25590] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1006.543154][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1007.712929][   T72] usb 7-1: new full-speed USB device number 57 using dummy_hcd
[ 1007.874135][   T72] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1007.878173][   T72] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1007.884016][   T72] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1007.887871][   T72] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1007.893899][   T72] usb 7-1: config 0 descriptor??
[ 1007.900386][   T72] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1008.052798][ T5942] Bluetooth: hci1: command 0x0405 tx timeout
[ 1008.163449][T25629] bridge45: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1008.490344][T25631] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[ 1008.492407][T25631] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1008.496108][T25631] vhci_hcd vhci_hcd.0: Device attached
[ 1008.501676][T25631] netdevsim netdevsim0: Direct firmware load for @ failed with error -2
[ 1008.505182][T25631] netdevsim netdevsim0: Falling back to sysfs fallback for: @
[ 1008.732784][ T6358] usb 37-1: new low-speed USB device number 3 using vhci_hcd
[ 1009.152017][T25647] bridge46: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1009.205226][T25634] vhci_hcd: connection reset by peer
[ 1009.209025][T20384] vhci_hcd: stop threads
[ 1009.210681][T20384] vhci_hcd: release socket
[ 1009.212122][T20384] vhci_hcd: disconnect device
[ 1010.502595][T22814] usb 7-1: USB disconnect, device number 57
[ 1013.447198][T25732] netlink: 192 bytes leftover after parsing attributes in process `syz.1.3790'.
[ 1013.450318][T25732] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3790'.
[ 1013.882833][ T6358] vhci_hcd: vhci_device speed not set
[ 1014.092722][T22814] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[ 1014.119967][T25740] bridge34: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1014.254106][T22814] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1014.258515][T22814] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1014.261355][T22814] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1014.268909][T22814] usb 8-1: config 0 descriptor??
[ 1014.479656][T22814] usbhid 8-1:0.0: can't add hid device: -71
[ 1014.482090][T22814] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1014.488478][T22814] usb 8-1: USB disconnect, device number 25
[ 1014.882978][T25749] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3795'.
[ 1014.922753][T22814] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[ 1015.085259][T22814] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1015.089902][T22814] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1015.093991][T22814] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1015.100477][T22814] usb 8-1: config 0 descriptor??
[ 1016.102794][   T24] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[ 1016.265294][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1016.268651][   T24] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1016.271349][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1016.275181][   T24] usb 5-1: config 0 descriptor??
[ 1016.497063][   T24] usbhid 5-1:0.0: can't add hid device: -71
[ 1016.499145][   T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1016.502581][   T24] usb 5-1: USB disconnect, device number 46
[ 1016.689972][T25785] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3803'.
[ 1016.699363][T25785] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1016.942789][ T6358] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[ 1017.087903][T22814] usbhid 8-1:0.0: can't add hid device: -71
[ 1017.089866][T22814] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1017.098185][T22814] usb 8-1: USB disconnect, device number 26
[ 1017.142997][ T6358] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1017.146426][ T6358] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1017.149227][ T6358] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1017.153028][ T6358] usb 5-1: config 0 descriptor??
[ 1018.103184][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1018.372842][ T1341] usb 7-1: new high-speed USB device number 58 using dummy_hcd
[ 1018.523946][ T1341] usb 7-1: too many endpoints for config 26 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1018.528541][ T1341] usb 7-1: config 26 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1018.532875][ T1341] usb 7-1: config 26 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1018.536668][ T1341] usb 7-1: config 26 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1018.542431][ T1341] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1018.545999][ T1341] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1018.549253][ T1341] usb 7-1: Manufacturer: syz
[ 1018.958122][ T1341] appleir 0003:05AC:8243.0068: unknown main item tag 0x0
[ 1018.961542][ T1341] appleir 0003:05AC:8243.0068: No inputs registered, leaving
[ 1018.967650][ T1341] appleir 0003:05AC:8243.0068: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[ 1019.242872][ T1341] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[ 1019.303543][ T6358] usbhid 5-1:0.0: can't add hid device: -71
[ 1019.305522][ T6358] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1019.313802][ T6358] usb 5-1: USB disconnect, device number 47
[ 1019.403045][T25849] netlink: 'syz.0.3815': attribute type 1 has an invalid length.
[ 1019.412857][ T5942] Bluetooth: hci3: command 0x0406 tx timeout
[ 1019.424037][T25849] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[ 1019.434151][ T1341] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1019.437752][ T1341] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1019.441414][ T1341] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1019.445224][ T1341] usb 8-1: config 0 descriptor??
[ 1019.659651][ T1341] usbhid 8-1:0.0: can't add hid device: -71
[ 1019.662375][ T1341] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1019.669174][ T1341] usb 8-1: USB disconnect, device number 27
[ 1019.767619][T22814] usb 7-1: USB disconnect, device number 58
[ 1020.112791][   T24] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[ 1020.264074][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1020.267470][   T24] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1020.270286][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1020.275111][   T24] usb 8-1: config 0 descriptor??
[ 1022.151074][   T24] usbhid 8-1:0.0: can't add hid device: -71
[ 1022.153736][   T24] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1022.159355][   T24] usb 8-1: USB disconnect, device number 28
[ 1023.173546][    C2] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[ 1025.089922][T25890] bridge35: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1026.113842][T25910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1026.119161][T25910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1026.137995][T25901] 9pnet_fd: Insufficient options for proto=fd
[ 1026.333614][T25910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1026.338700][T25910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1026.373520][T25914] netlink: 3 bytes leftover after parsing attributes in process `syz.2.3828'.
[ 1026.392448][T25914] batadv1: entered allmulticast mode
[ 1026.739854][T25919] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11)
[ 1026.742055][T25919] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1026.744858][T25919] vhci_hcd vhci_hcd.0: Device attached
[ 1026.929148][T25921] vhci_hcd: connection closed
[ 1026.929476][ T1140] vhci_hcd: stop threads
[ 1026.933749][ T1140] vhci_hcd: release socket
[ 1026.933775][ T1140] vhci_hcd: disconnect device
[ 1026.934936][ T5756] vhci_hcd: vhci_device speed not set
[ 1027.680078][T25936] FAULT_INJECTION: forcing a failure.
[ 1027.680078][T25936] name failslab, interval 1, probability 0, space 0, times 0
[ 1027.684138][T25936] CPU: 3 UID: 0 PID: 25936 Comm: syz.0.3832 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[ 1027.684154][T25936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1027.684161][T25936] Call Trace:
[ 1027.684165][T25936]  <TASK>
[ 1027.684170][T25936]  dump_stack_lvl+0x16c/0x1f0
[ 1027.684188][T25936]  should_fail_ex+0x512/0x640
[ 1027.684206][T25936]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[ 1027.684223][T25936]  should_failslab+0xc2/0x120
[ 1027.684255][T25936]  __kmalloc_cache_node_noprof+0x6d/0x420
[ 1027.684271][T25936]  ? __get_vm_area_node+0x101/0x330
[ 1027.684284][T25936]  __get_vm_area_node+0x101/0x330
[ 1027.684297][T25936]  __vmalloc_node_range_noprof+0x271/0x14b0
[ 1027.684310][T25936]  ? bpf_prog_alloc_no_stats+0x54/0x630
[ 1027.684326][T25936]  ? kasan_save_stack+0x33/0x60
[ 1027.684340][T25936]  ? bpf_prog_alloc_no_stats+0x54/0x630
[ 1027.684352][T25936]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1027.684369][T25936]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1027.684386][T25936]  ? bpf_prog_alloc_no_stats+0x54/0x630
[ 1027.684398][T25936]  __vmalloc_node_noprof+0xad/0xf0
[ 1027.684409][T25936]  ? bpf_prog_alloc_no_stats+0x54/0x630
[ 1027.684423][T25936]  bpf_prog_alloc_no_stats+0x54/0x630
[ 1027.684437][T25936]  bpf_prog_alloc+0x3b/0x230
[ 1027.684450][T25936]  bpf_prog_create_from_user+0xb4/0x2f0
[ 1027.684468][T25936]  ? __pfx_seccomp_check_filter+0x10/0x10
[ 1027.684486][T25936]  do_seccomp+0x73a/0x2640
[ 1027.684503][T25936]  ? __fget_files+0x20e/0x3c0
[ 1027.684515][T25936]  ? handle_mm_fault+0x210/0xd10
[ 1027.684528][T25936]  ? __pfx_do_seccomp+0x10/0x10
[ 1027.684545][T25936]  ? fput+0x70/0xf0
[ 1027.684560][T25936]  ? ksys_write+0x1ac/0x250
[ 1027.684573][T25936]  ? __pfx_ksys_write+0x10/0x10
[ 1027.684587][T25936]  ? rcu_is_watching+0x12/0xc0
[ 1027.684606][T25936]  __do_fast_syscall_32+0x7c/0x3a0
[ 1027.684623][T25936]  do_fast_syscall_32+0x32/0x80
[ 1027.684638][T25936]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1027.684651][T25936] RIP: 0023:0xf7f61579
[ 1027.684660][T25936] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1027.684671][T25936] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000162
[ 1027.684681][T25936] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000000008
[ 1027.684688][T25936] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000
[ 1027.684695][T25936] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1027.684701][T25936] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1027.684707][T25936] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1027.684720][T25936]  </TASK>
[ 1027.684726][T25936] syz.0.3832: vmalloc error: size 4096, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1027.684800][T25936] CPU: 3 UID: 0 PID: 25936 Comm: syz.0.3832 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[ 1027.684813][T25936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1027.684820][T25936] Call Trace:
[ 1027.684823][T25936]  <TASK>
[ 1027.684827][T25936]  dump_stack_lvl+0x16c/0x1f0
[ 1027.684842][T25936]  warn_alloc+0x248/0x3a0
[ 1027.684856][T25936]  ? __pfx_warn_alloc+0x10/0x10
[ 1027.684870][T25936]  ? rcu_is_watching+0x12/0xc0
[ 1027.684885][T25936]  ? trace_kmalloc+0x2b/0xd0
[ 1027.684901][T25936]  ? __kmalloc_cache_node_noprof+0x272/0x420
[ 1027.684916][T25936]  ? __kasan_kmalloc+0x8a/0xb0
[ 1027.684929][T25936]  ? __get_vm_area_node+0x208/0x330
[ 1027.684943][T25936]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[ 1027.684958][T25936]  ? kasan_save_stack+0x33/0x60
[ 1027.684971][T25936]  ? bpf_prog_alloc_no_stats+0x54/0x630
[ 1027.684984][T25936]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1027.685000][T25936]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1027.685017][T25936]  ? bpf_prog_alloc_no_stats+0x54/0x630
[ 1027.685029][T25936]  __vmalloc_node_noprof+0xad/0xf0
[ 1027.685040][T25936]  ? bpf_prog_alloc_no_stats+0x54/0x630
[ 1027.685053][T25936]  bpf_prog_alloc_no_stats+0x54/0x630
[ 1027.685067][T25936]  bpf_prog_alloc+0x3b/0x230
[ 1027.685080][T25936]  bpf_prog_create_from_user+0xb4/0x2f0
[ 1027.685096][T25936]  ? __pfx_seccomp_check_filter+0x10/0x10
[ 1027.685114][T25936]  do_seccomp+0x73a/0x2640
[ 1027.685130][T25936]  ? __fget_files+0x20e/0x3c0
[ 1027.685141][T25936]  ? handle_mm_fault+0x210/0xd10
[ 1027.685154][T25936]  ? __pfx_do_seccomp+0x10/0x10
[ 1027.685170][T25936]  ? fput+0x70/0xf0
[ 1027.685186][T25936]  ? ksys_write+0x1ac/0x250
[ 1027.685198][T25936]  ? __pfx_ksys_write+0x10/0x10
[ 1027.685213][T25936]  ? rcu_is_watching+0x12/0xc0
[ 1027.685230][T25936]  __do_fast_syscall_32+0x7c/0x3a0
[ 1027.685246][T25936]  do_fast_syscall_32+0x32/0x80
[ 1027.685261][T25936]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1027.685274][T25936] RIP: 0023:0xf7f61579
[ 1027.685282][T25936] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1027.685297][T25936] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000162
[ 1027.685306][T25936] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000000008
[ 1027.685313][T25936] RDX: 0000000080000280 RSI: 0000000000000000 RDI: 0000000000000000
[ 1027.685319][T25936] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1027.685325][T25936] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1027.685331][T25936] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1027.685345][T25936]  </TASK>
[ 1027.685348][T25936] Mem-Info:
[ 1027.860115][T25936] active_anon:11432 inactive_anon:20 isolated_anon:0
[ 1027.860115][T25936]  active_file:18878 inactive_file:18312 isolated_file:0
[ 1027.860115][T25936]  unevictable:1768 dirty:323 writeback:0
[ 1027.860115][T25936]  slab_reclaimable:7138 slab_unreclaimable:59996
[ 1027.860115][T25936]  mapped:30677 shmem:8029 pagetables:1211
[ 1027.860115][T25936]  sec_pagetables:331 bounce:0
[ 1027.860115][T25936]  kernel_misc_reclaimable:0
[ 1027.860115][T25936]  free:31022 free_pcp:19208 free_cma:0
[ 1027.874870][T25936] Node 0 active_anon:48kB inactive_anon:80kB active_file:52kB inactive_file:148kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:4844kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7952kB pagetables:1348kB sec_pagetables:1148kB all_unreclaimable? yes Balloon:0kB
[ 1027.874920][T25936] Node 1 active_anon:45680kB inactive_anon:0kB active_file:75460kB inactive_file:73100kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:117864kB dirty:1284kB writeback:0kB shmem:28580kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4128kB pagetables:3496kB sec_pagetables:176kB all_unreclaimable? no Balloon:0kB
[ 1027.874967][T25936] Node 0 DMA free:2356kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:12kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:640kB local_pcp:104kB free_cma:0kB
[ 1027.875018][T25936] lowmem_reserve[]: 0 289 289 289 289
[ 1027.904765][T25936] Node 0 DMA32 free:28920kB boost:14336kB min:27668kB low:31000kB high:34332kB reserved_highatomic:4096KB free_highatomic:2484KB active_anon:48kB inactive_anon:68kB active_file:52kB inactive_file:148kB unevictable:3536kB writepending:8kB present:1032196kB managed:296860kB mlocked:0kB bounce:0kB free_pcp:13212kB local_pcp:2268kB free_cma:0kB
[ 1027.904823][T25936] lowmem_reserve[]: 0 0 0 0 0
[ 1027.904846][T25936] Node 1 DMA32 free:92812kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:45672kB inactive_anon:0kB active_file:75460kB inactive_file:73100kB unevictable:3536kB writepending:1284kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:62884kB local_pcp:12376kB free_cma:0kB
[ 1027.904877][T25936] lowmem_reserve[]: 0 0 0 0 0
[ 1027.904897][T25936] Node 0 DMA: 15*4kB (U) 11*8kB (U) 14*16kB (U) 16*32kB (U) 1*64kB (U) 3*128kB (U) 0*256kB 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 2356kB
[ 1027.904997][T25936] Node 0 DMA32: 812*4kB (UMEH) 183*8kB (UMEH) 57*16kB (UMEH) 300*32kB (UMEH) 102*64kB (UMH) 38*128kB (UMH) 9*256kB (UMH) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28920kB
[ 1027.905076][T25936] Node 1 DMA32: 583*4kB (ME) 226*8kB (UME) 632*16kB (UME) 209*32kB (UME) 66*64kB (UME) 55*128kB (UME) 37*256kB (UME) 18*512kB (UME) 13*1024kB (UME) 10*2048kB (UM) 2*4096kB (M) = 92876kB
[ 1027.905167][T25936] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1027.905176][T25936] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1027.905185][T25936] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1027.905194][T25936] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1027.905202][T25936] 45544 total pagecache pages
[ 1027.905207][T25936] 330 pages in swap cache
[ 1027.905211][T25936] Free swap  = 120580kB
[ 1027.905215][T25936] Total swap = 124996kB
[ 1027.905220][T25936] 524155 pages RAM
[ 1027.905224][T25936] 0 pages HighMem/MovableOnly
[ 1027.905228][T25936] 209033 pages reserved
[ 1027.905232][T25936] 0 pages cma reserved
[ 1028.372785][ T5942] Bluetooth: hci1: command 0x0405 tx timeout
[ 1029.457696][T25962] overlayfs: failed to clone lowerpath
[ 1031.017563][   T59] libceph: connect (1)[c::]:6789 error -101
[ 1031.019512][   T59] libceph: mon0 (1)[c::]:6789 connect error
[ 1031.072896][T26002] ceph: No mds server is up or the cluster is laggy
[ 1031.707065][T26017] 9pnet_fd: Insufficient options for proto=fd
[ 1032.557648][T26040] vlan0: entered promiscuous mode
[ 1032.559291][T26040] bridge0: entered promiscuous mode
[ 1032.827077][T26046] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[ 1032.829175][T26046] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1032.832602][T26046] vhci_hcd vhci_hcd.0: Device attached
[ 1033.073992][T26042] overlayfs: failed to clone lowerpath
[ 1033.312726][   T59] usb 37-1: new low-speed USB device number 4 using vhci_hcd
[ 1033.631555][T26047] vhci_hcd: connection reset by peer
[ 1033.634211][   T46] vhci_hcd: stop threads
[ 1033.635810][   T46] vhci_hcd: release socket
[ 1033.638055][   T46] vhci_hcd: disconnect device
[ 1033.708325][ T5983] libceph: connect (1)[c::]:6789 error -101
[ 1033.711120][ T5983] libceph: mon0 (1)[c::]:6789 connect error
[ 1033.792871][T26061] ceph: No mds server is up or the cluster is laggy
[ 1034.404435][T26075] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1034.407696][T26075] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1034.411329][T26075] FAULT_INJECTION: forcing a failure.
[ 1034.411329][T26075] name failslab, interval 1, probability 0, space 0, times 0
[ 1034.416771][T26075] CPU: 2 UID: 0 PID: 26075 Comm: syz.1.3873 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[ 1034.416795][T26075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1034.416807][T26075] Call Trace:
[ 1034.416814][T26075]  <TASK>
[ 1034.416821][T26075]  dump_stack_lvl+0x16c/0x1f0
[ 1034.416852][T26075]  should_fail_ex+0x512/0x640
[ 1034.416879][T26075]  ? fs_reclaim_acquire+0xae/0x150
[ 1034.416900][T26075]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1034.416927][T26075]  should_failslab+0xc2/0x120
[ 1034.416953][T26075]  __kmalloc_noprof+0xd2/0x510
[ 1034.416983][T26075]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1034.417012][T26075]  ? tomoyo_profile+0x47/0x60
[ 1034.417031][T26075]  tomoyo_path_number_perm+0x245/0x580
[ 1034.417052][T26075]  ? tomoyo_path_number_perm+0x237/0x580
[ 1034.417078][T26075]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1034.417128][T26075]  ? find_held_lock+0x2b/0x80
[ 1034.417154][T26075]  ? hook_file_ioctl_common+0x145/0x410
[ 1034.417181][T26075]  ? __fget_files+0x20e/0x3c0
[ 1034.417200][T26075]  ? fput+0x10/0xf0
[ 1034.417227][T26075]  security_file_ioctl_compat+0x9b/0x240
[ 1034.417252][T26075]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1034.417270][T26075]  __do_fast_syscall_32+0x7c/0x3a0
[ 1034.417294][T26075]  do_fast_syscall_32+0x32/0x80
[ 1034.417315][T26075]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1034.417335][T26075] RIP: 0023:0xf70ee579
[ 1034.417348][T26075] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1034.417364][T26075] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1034.417379][T26075] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080085502
[ 1034.417389][T26075] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1034.417398][T26075] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1034.417407][T26075] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1034.417416][T26075] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1034.417435][T26075]  </TASK>
[ 1034.417443][T26075] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1034.484870][ T6358] usb 5-1: new full-speed USB device number 48 using dummy_hcd
[ 1034.632831][   T24] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[ 1034.634122][ T6358] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1034.638441][ T6358] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1034.642395][ T6358] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1034.645472][ T6358] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1034.650354][ T6358] usb 5-1: config 0 descriptor??
[ 1034.655751][ T6358] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1034.782744][   T24] usb 8-1: Using ep0 maxpacket: 8
[ 1034.789157][   T24] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1034.792247][   T24] usb 8-1: unable to read config index 0 descriptor/start: -71
[ 1034.794706][   T24] usb 8-1: can't read configurations, error -71
[ 1035.114513][T26082] sg_write: data in/out 41084/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1035.114513][T26082]    program syz.1.3875 not setting count and/or reply_len properly
[ 1035.392590][T26090] netlink: 3 bytes leftover after parsing attributes in process `syz.1.3875'.
[ 1035.426522][T26090] batadv1: entered allmulticast mode
[ 1035.480330][T26091] input: syz1 as /devices/virtual/input/input170
[ 1036.343903][T26102] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1036.797558][T26119] futex_wake_op: syz.2.3882 tries to shift op by 144; fix this program
[ 1036.837857][T26119] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1036.999428][T26119] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1037.089358][T26119] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1037.197591][T26119] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1037.255444][ T5756] usb 5-1: USB disconnect, device number 48
[ 1037.289065][T26119] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1037.300472][T26119] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1037.308668][T26119] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1037.316879][T26119] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1037.350983][T26140] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1037.361245][T26140] bond0: (slave rose0): Enslaving as an active interface with an up link
[ 1037.791661][ T5756] libceph: connect (1)[c::]:6789 error -101
[ 1037.798555][ T5756] libceph: mon0 (1)[c::]:6789 connect error
[ 1037.838235][T26170] ceph: No mds server is up or the cluster is laggy
[ 1038.449769][T26194] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 1038.461938][   T59] vhci_hcd: vhci_device speed not set
[ 1038.593051][T26205] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3902'.
[ 1038.594124][T26209] netlink: 'syz.0.3903': attribute type 16 has an invalid length.
[ 1038.598370][T26209] netlink: 'syz.0.3903': attribute type 17 has an invalid length.
[ 1038.878716][T26209] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1038.881362][T26209] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1038.991802][T26209] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1038.999483][T26209] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1039.056091][T26209] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1039.058974][T26209] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1039.061831][T26209] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1039.065127][T26209] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1039.853613][   T59] libceph: connect (1)[c::]:6789 error -101
[ 1039.856064][   T59] libceph: mon0 (1)[c::]:6789 connect error
[ 1039.903512][T26238] ceph: No mds server is up or the cluster is laggy
[ 1040.626025][T26163] libceph: connect (1)[c::]:6789 error -101
[ 1040.644262][T26265] ceph: No mds server is up or the cluster is laggy
[ 1040.648919][T26163] libceph: mon0 (1)[c::]:6789 connect error
[ 1041.471065][T26290] FAULT_INJECTION: forcing a failure.
[ 1041.471065][T26290] name failslab, interval 1, probability 0, space 0, times 0
[ 1041.476262][T26290] CPU: 3 UID: 0 PID: 26290 Comm: syz.1.3922 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[ 1041.476279][T26290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1041.476286][T26290] Call Trace:
[ 1041.476290][T26290]  <TASK>
[ 1041.476295][T26290]  dump_stack_lvl+0x16c/0x1f0
[ 1041.476315][T26290]  should_fail_ex+0x512/0x640
[ 1041.476333][T26290]  ? fs_reclaim_acquire+0xae/0x150
[ 1041.476345][T26290]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1041.476375][T26290]  should_failslab+0xc2/0x120
[ 1041.476400][T26290]  __kmalloc_noprof+0xd2/0x510
[ 1041.476429][T26290]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1041.476459][T26290]  ? tomoyo_profile+0x47/0x60
[ 1041.476478][T26290]  tomoyo_path_number_perm+0x245/0x580
[ 1041.476491][T26290]  ? tomoyo_path_number_perm+0x237/0x580
[ 1041.476507][T26290]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1041.476534][T26290]  ? find_held_lock+0x2b/0x80
[ 1041.476550][T26290]  ? hook_file_ioctl_common+0x145/0x410
[ 1041.476566][T26290]  ? __fget_files+0x20e/0x3c0
[ 1041.476578][T26290]  ? fput+0x10/0xf0
[ 1041.476596][T26290]  security_file_ioctl_compat+0x9b/0x240
[ 1041.476612][T26290]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1041.476628][T26290]  __do_fast_syscall_32+0x7c/0x3a0
[ 1041.476646][T26290]  do_fast_syscall_32+0x32/0x80
[ 1041.476661][T26290]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1041.476675][T26290] RIP: 0023:0xf70ee579
[ 1041.476685][T26290] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1041.476696][T26290] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1041.476706][T26290] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[ 1041.476713][T26290] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1041.476720][T26290] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1041.476726][T26290] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1041.476732][T26290] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1041.476745][T26290]  </TASK>
[ 1041.476750][T26290] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1042.522532][T26311] ceph: No mds server is up or the cluster is laggy
[ 1042.527662][   T72] libceph: connect (1)[c::]:6789 error -101
[ 1042.530746][   T72] libceph: mon0 (1)[c::]:6789 connect error
[ 1043.720522][T26335] ceph: No mds server is up or the cluster is laggy
[ 1043.727137][   T59] libceph: connect (1)[c::]:6789 error -101
[ 1043.730696][   T59] libceph: mon0 (1)[c::]:6789 connect error
[ 1045.102082][   T72] libceph: connect (1)[c::]:6789 error -101
[ 1045.104680][   T72] libceph: mon0 (1)[c::]:6789 connect error
[ 1045.160247][T26357] ceph: No mds server is up or the cluster is laggy
[ 1045.354489][T26365] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[ 1045.356963][T26365] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1045.360125][T26365] vhci_hcd vhci_hcd.0: Device attached
[ 1045.365107][T26366] vhci_hcd: connection closed
[ 1045.365399][   T13] vhci_hcd: stop threads
[ 1045.368781][   T13] vhci_hcd: release socket
[ 1045.371303][   T13] vhci_hcd: disconnect device
[ 1046.224926][   T60] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[ 1046.374202][   T60] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1046.377619][   T60] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1046.380407][   T60] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1046.387702][   T60] usb 8-1: config 0 descriptor??
[ 1046.598121][   T60] usbhid 8-1:0.0: can't add hid device: -71
[ 1046.600053][   T60] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1046.609464][   T60] usb 8-1: USB disconnect, device number 31
[ 1047.052725][ T5756] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[ 1047.204176][ T5756] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1047.208412][ T5756] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1047.211875][ T5756] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1047.216277][ T5756] usb 8-1: config 0 descriptor??
[ 1047.615895][T26163] libceph: connect (1)[c::]:6789 error -101
[ 1047.618323][T26163] libceph: mon0 (1)[c::]:6789 connect error
[ 1047.657128][T26412] ceph: No mds server is up or the cluster is laggy
[ 1048.410658][T26428] bridge29: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1048.516977][   T72] libceph: connect (1)[c::]:6789 error -101
[ 1048.531252][   T72] libceph: mon0 (1)[c::]:6789 connect error
[ 1048.558110][T26439] ceph: No mds server is up or the cluster is laggy
[ 1048.779347][   T60] libceph: connect (1)[c::]:6789 error -101
[ 1048.781354][   T60] libceph: mon0 (1)[c::]:6789 connect error
[ 1048.848388][T26437] ceph: No mds server is up or the cluster is laggy
[ 1049.187096][ T5756] usbhid 8-1:0.0: can't add hid device: -71
[ 1049.193954][ T5756] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1049.201525][ T5756] usb 8-1: USB disconnect, device number 32
[ 1049.713155][   T53] usb 5-1: new full-speed USB device number 49 using dummy_hcd
[ 1049.864317][   T53] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1049.867432][   T53] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1049.871343][   T53] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1049.875274][   T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1049.881711][   T53] usb 5-1: config 0 descriptor??
[ 1049.885513][   T53] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1050.909065][   T72] libceph: connect (1)[c::]:6789 error -101
[ 1050.911391][   T72] libceph: mon0 (1)[c::]:6789 connect error
[ 1050.953634][T26481] ceph: No mds server is up or the cluster is laggy
[ 1051.448471][T26495] bridge34: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1051.807306][T26500] geneve2: entered promiscuous mode
[ 1051.809129][T26500] geneve2: entered allmulticast mode
[ 1052.459716][   T60] usb 5-1: USB disconnect, device number 49
[ 1052.926537][ T6358] libceph: connect (1)[c::]:6789 error -101
[ 1052.928375][ T6358] libceph: mon0 (1)[c::]:6789 connect error
[ 1052.965597][T26518] ceph: No mds server is up or the cluster is laggy
[ 1053.872773][ T6358] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[ 1053.894487][ T1419] ieee802154 phy0 wpan0: encryption failed: -22
[ 1053.896541][ T1419] ieee802154 phy1 wpan1: encryption failed: -22
[ 1053.924717][   T60] libceph: connect (1)[c::]:6789 error -101
[ 1053.926727][   T60] libceph: mon0 (1)[c::]:6789 connect error
[ 1053.971917][T26533] ceph: No mds server is up or the cluster is laggy
[ 1054.024312][ T6358] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1054.028282][ T6358] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1054.031995][ T6358] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1054.037635][ T6358] usb 5-1: config 0 descriptor??
[ 1054.293977][ T6358] usbhid 5-1:0.0: can't add hid device: -71
[ 1054.296272][ T6358] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1054.300777][ T6358] usb 5-1: USB disconnect, device number 50
[ 1054.390794][T26547] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1054.395400][T26547] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1054.550295][T26554] bridge35: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1054.782848][ T6358] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[ 1054.944888][ T6358] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1054.948293][ T6358] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1054.951066][ T6358] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1054.955572][ T6358] usb 5-1: config 0 descriptor??
[ 1055.742126][   T60] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1056.372785][ T5952] Bluetooth: hci1: command 0x0405 tx timeout
[ 1056.860674][ T6358] usbhid 5-1:0.0: can't add hid device: -71
[ 1056.862730][ T6358] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1056.868563][ T6358] usb 5-1: USB disconnect, device number 51
[ 1057.039897][T26603] bridge36: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1057.172750][ T5952] Bluetooth: hci3: command 0x0406 tx timeout
[ 1062.890521][T26620] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3992'.
[ 1064.136392][T26639] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3995'.
[ 1064.277693][T26646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1064.280922][T26646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1064.718992][T26669] bridge47: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1065.383615][   T72] libceph: connect (1)[c::]:6789 error -101
[ 1065.386323][   T72] libceph: mon0 (1)[c::]:6789 connect error
[ 1065.438555][T26682] ceph: No mds server is up or the cluster is laggy
[ 1066.382730][ T5942] Bluetooth: hci1: command 0x0405 tx timeout
[ 1066.434874][T26711] syzkaller0: entered promiscuous mode
[ 1066.436884][T26711] syzkaller0: entered allmulticast mode
[ 1066.560091][T26712] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(14)
[ 1066.562724][T26712] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1066.565571][T26712] vhci_hcd vhci_hcd.0: Device attached
[ 1067.347286][T26713] vhci_hcd: connection closed
[ 1067.362737][   T60] usb 43-1: new low-speed USB device number 4 using vhci_hcd
[ 1067.368669][T26714] vhci_hcd: sendmsg failed!, ret=-32 for 48
[ 1067.399028][ T1228] vhci_hcd: stop threads
[ 1067.400436][ T1228] vhci_hcd: release socket
[ 1067.402784][ T1228] vhci_hcd: disconnect device
[ 1067.542876][   T72] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[ 1067.684934][T26730] ceph: No mds server is up or the cluster is laggy
[ 1067.689846][   T59] libceph: connect (1)[c::]:6789 error -101
[ 1067.693127][   T59] libceph: mon0 (1)[c::]:6789 connect error
[ 1067.766459][   T72] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1067.777078][   T72] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1067.781640][   T72] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1067.790882][   T72] usb 5-1: config 0 descriptor??
[ 1068.008932][   T72] usbhid 5-1:0.0: can't add hid device: -71
[ 1068.012581][   T72] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1068.019982][   T72] usb 5-1: USB disconnect, device number 52
[ 1068.592818][   T72] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[ 1068.764367][   T72] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1068.767890][   T72] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1068.770835][   T72] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1068.778332][   T72] usb 5-1: config 0 descriptor??
[ 1069.433224][ T5756] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1070.178765][T26765] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1070.183297][T26765] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1070.612680][   T72] usbhid 5-1:0.0: can't add hid device: -71
[ 1070.614625][   T72] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1070.618464][   T72] usb 5-1: USB disconnect, device number 53
[ 1071.012801][ T5952] Bluetooth: hci3: command 0x0406 tx timeout
[ 1071.717478][T26798] FAULT_INJECTION: forcing a failure.
[ 1071.717478][T26798] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1071.723517][T26798] CPU: 0 UID: 0 PID: 26798 Comm: syz.3.4035 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[ 1071.723543][T26798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1071.723554][T26798] Call Trace:
[ 1071.723561][T26798]  <TASK>
[ 1071.723570][T26798]  dump_stack_lvl+0x16c/0x1f0
[ 1071.723599][T26798]  should_fail_ex+0x512/0x640
[ 1071.723631][T26798]  _copy_to_user+0x32/0xd0
[ 1071.723652][T26798]  simple_read_from_buffer+0xcb/0x170
[ 1071.723675][T26798]  proc_fail_nth_read+0x197/0x270
[ 1071.723696][T26798]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1071.723717][T26798]  ? rw_verify_area+0xcf/0x680
[ 1071.723737][T26798]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1071.723756][T26798]  vfs_read+0x1e1/0xc60
[ 1071.723777][T26798]  ? fdget_pos+0x2a2/0x370
[ 1071.723802][T26798]  ? __pfx_vfs_read+0x10/0x10
[ 1071.723821][T26798]  ? find_held_lock+0x2b/0x80
[ 1071.723874][T26798]  ? __fget_files+0x20e/0x3c0
[ 1071.723893][T26798]  ? handle_mm_fault+0x210/0xd10
[ 1071.723920][T26798]  ksys_read+0x12a/0x250
[ 1071.723941][T26798]  ? __pfx_ksys_read+0x10/0x10
[ 1071.723964][T26798]  ? rcu_is_watching+0x12/0xc0
[ 1071.723993][T26798]  __do_fast_syscall_32+0x7c/0x3a0
[ 1071.724020][T26798]  do_fast_syscall_32+0x32/0x80
[ 1071.724044][T26798]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1071.724066][T26798] RIP: 0023:0xf7f05579
[ 1071.724080][T26798] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1071.724097][T26798] RSP: 002b:00000000f5026590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 1071.724114][T26798] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5026620
[ 1071.724125][T26798] RDX: 000000000000000f RSI: 00000000f7392ff4 RDI: 0000000000000000
[ 1071.724136][T26798] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1071.724146][T26798] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1071.724156][T26798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1071.724180][T26798]  </TASK>
[ 1072.292798][ T5952] Bluetooth: hci1: command 0x0405 tx timeout
[ 1072.314355][ T5756] libceph: connect (1)[c::]:6789 error -101
[ 1072.316303][ T5756] libceph: mon0 (1)[c::]:6789 connect error
[ 1072.354518][T26808] ceph: No mds server is up or the cluster is laggy
[ 1072.442973][   T60] vhci_hcd: vhci_device speed not set
[ 1072.981440][T26825] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4043'.
[ 1073.496854][T26835] FAULT_INJECTION: forcing a failure.
[ 1073.496854][T26835] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1073.500896][T26835] CPU: 0 UID: 0 PID: 26835 Comm: syz.1.4045 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[ 1073.500911][T26835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1073.500918][T26835] Call Trace:
[ 1073.500923][T26835]  <TASK>
[ 1073.500927][T26835]  dump_stack_lvl+0x16c/0x1f0
[ 1073.500946][T26835]  should_fail_ex+0x512/0x640
[ 1073.500974][T26835]  _copy_from_user+0x2e/0xd0
[ 1073.500993][T26835]  generic_map_update_batch+0x3e9/0x610
[ 1073.501026][T26835]  ? __pfx_generic_map_update_batch+0x10/0x10
[ 1073.501056][T26835]  ? __pfx_generic_map_update_batch+0x10/0x10
[ 1073.501076][T26835]  bpf_map_do_batch+0x5b1/0x680
[ 1073.501090][T26835]  __sys_bpf+0x15f3/0x4d80
[ 1073.501107][T26835]  ? __pfx___sys_bpf+0x10/0x10
[ 1073.501122][T26835]  ? ksys_write+0x190/0x250
[ 1073.501138][T26835]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1073.501161][T26835]  ? fput+0x70/0xf0
[ 1073.501176][T26835]  ? ksys_write+0x1ac/0x250
[ 1073.501189][T26835]  ? __pfx_ksys_write+0x10/0x10
[ 1073.501204][T26835]  __ia32_sys_bpf+0x76/0xe0
[ 1073.501221][T26835]  __do_fast_syscall_32+0x7c/0x3a0
[ 1073.501239][T26835]  do_fast_syscall_32+0x32/0x80
[ 1073.501254][T26835]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1073.501268][T26835] RIP: 0023:0xf70ee579
[ 1073.501276][T26835] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1073.501292][T26835] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[ 1073.501302][T26835] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000080000200
[ 1073.501309][T26835] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000
[ 1073.501316][T26835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1073.501322][T26835] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1073.501328][T26835] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1073.501341][T26835]  </TASK>
[ 1073.822249][T26839] bridge30: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1075.195104][   T60] libceph: connect (1)[c::]:6789 error -101
[ 1075.197121][   T60] libceph: mon0 (1)[c::]:6789 connect error
[ 1075.232794][   T53] usb 8-1: new full-speed USB device number 33 using dummy_hcd
[ 1075.245237][T26860] ceph: No mds server is up or the cluster is laggy
[ 1075.384220][   T53] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1075.388300][   T53] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1075.392440][   T53] usb 8-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1075.395412][   T53] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1075.399888][   T53] usb 8-1: config 0 descriptor??
[ 1075.403568][   T53] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[ 1076.671287][T26898] wireguard: wg1: Could not create IPv4 socket
[ 1077.261592][T26907] bridge36: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1077.972932][   T72] libceph: connect (1)[c::]:6789 error -101
[ 1077.975250][   T72] libceph: mon0 (1)[c::]:6789 connect error
[ 1078.022502][T26917] ceph: No mds server is up or the cluster is laggy
[ 1078.064529][ T6358] usb 8-1: USB disconnect, device number 33
[ 1078.438280][T26924] syzkaller0: entered promiscuous mode
[ 1078.440059][T26924] syzkaller0: entered allmulticast mode
[ 1078.559835][T26927] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(14)
[ 1078.562635][T26927] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1078.567431][T26927] vhci_hcd vhci_hcd.0: Device attached
[ 1078.842902][ T5756] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[ 1078.862804][   T60] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[ 1078.992798][   T60] usb 8-1: device descriptor read/64, error -71
[ 1079.233438][   T60] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[ 1079.333115][T26928] vhci_hcd: connection reset by peer
[ 1079.336829][T19819] vhci_hcd: stop threads
[ 1079.338350][T19819] vhci_hcd: release socket
[ 1079.339903][T19819] vhci_hcd: disconnect device
[ 1079.362734][   T60] usb 8-1: device descriptor read/64, error -71
[ 1079.478101][   T60] usb usb8-port1: attempt power cycle
[ 1079.833818][   T60] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[ 1079.856441][   T60] usb 8-1: device descriptor read/8, error -71
[ 1080.103522][   T60] usb 8-1: new high-speed USB device number 37 using dummy_hcd
[ 1080.123271][   T60] usb 8-1: device descriptor read/8, error -71
[ 1080.235461][   T60] usb usb8-port1: unable to enumerate USB device
[ 1081.527260][T26952] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[ 1081.529415][T26952] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1081.531895][T26952] vhci_hcd vhci_hcd.0: Device attached
[ 1081.797437][T22814] usb 43-1: new low-speed USB device number 5 using vhci_hcd
[ 1081.930515][T26963] bridge37: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1082.082765][   T72] usb 5-1: new full-speed USB device number 54 using dummy_hcd
[ 1082.244680][   T72] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1082.244721][   T72] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1082.244756][   T72] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1082.244776][   T72] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1082.246982][   T72] usb 5-1: config 0 descriptor??
[ 1082.275165][   T72] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1082.357109][T26953] vhci_hcd: connection reset by peer
[ 1082.357310][ T1228] vhci_hcd: stop threads
[ 1082.357323][ T1228] vhci_hcd: release socket
[ 1082.357374][ T1228] vhci_hcd: disconnect device
[ 1082.426217][   T72] libceph: connect (1)[c::]:6789 error -101
[ 1082.426391][   T72] libceph: mon0 (1)[c::]:6789 connect error
[ 1082.467538][T26967] ceph: No mds server is up or the cluster is laggy
[ 1083.016191][   T40] kauditd_printk_skb: 10 callbacks suppressed
[ 1083.016208][   T40] audit: type=1326 audit(1748850484.510:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26979 comm="syz.3.4078" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7f7c0000
[ 1084.022732][ T5756] vhci_hcd: vhci_device speed not set
[ 1084.876841][   T60] usb 5-1: USB disconnect, device number 54
[ 1085.210315][T27011] bridge37: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1086.319066][T26163] libceph: connect (1)[c::]:6789 error -101
[ 1086.321088][T26163] libceph: mon0 (1)[c::]:6789 connect error
[ 1086.369550][T27030] ceph: No mds server is up or the cluster is laggy
[ 1086.942845][T22814] vhci_hcd: vhci_device speed not set
[ 1087.405052][T26163] usb 8-1: new full-speed USB device number 38 using dummy_hcd
[ 1087.555467][T26163] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1087.558936][T26163] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1087.563397][T26163] usb 8-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1087.567069][T26163] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1087.572080][T26163] usb 8-1: config 0 descriptor??
[ 1087.591146][T26163] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[ 1088.022861][   T60] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[ 1088.193939][   T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1088.197831][   T60] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1088.201466][   T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1088.207410][   T60] usb 5-1: config 0 descriptor??
[ 1088.264819][T27059] overlayfs: failed to clone lowerpath
[ 1088.415222][   T60] usbhid 5-1:0.0: can't add hid device: -71
[ 1088.417250][   T60] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1088.421802][   T60] usb 5-1: USB disconnect, device number 55
[ 1088.852718][T22814] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[ 1089.014675][T22814] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1089.019216][T22814] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1089.024047][T22814] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1089.030007][T22814] usb 5-1: config 0 descriptor??
[ 1089.703274][   T60] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 1089.838665][   T72] libceph: connect (1)[c::]:6789 error -101
[ 1089.840655][   T72] libceph: mon0 (1)[c::]:6789 connect error
[ 1089.892034][T27082] ceph: No mds server is up or the cluster is laggy
[ 1089.897864][   T60] usb 8-1: USB disconnect, device number 38
[ 1090.877300][T22814] usbhid 5-1:0.0: can't add hid device: -71
[ 1090.879319][T22814] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1090.883335][T22814] usb 5-1: USB disconnect, device number 56
[ 1090.931232][T27106] FAULT_INJECTION: forcing a failure.
[ 1090.931232][T27106] name failslab, interval 1, probability 0, space 0, times 0
[ 1090.935460][T27106] CPU: 2 UID: 0 PID: 27106 Comm: syz.0.4107 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[ 1090.935476][T27106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1090.935483][T27106] Call Trace:
[ 1090.935487][T27106]  <TASK>
[ 1090.935492][T27106]  dump_stack_lvl+0x16c/0x1f0
[ 1090.935511][T27106]  should_fail_ex+0x512/0x640
[ 1090.935529][T27106]  ? fs_reclaim_acquire+0xae/0x150
[ 1090.935541][T27106]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1090.935558][T27106]  should_failslab+0xc2/0x120
[ 1090.935575][T27106]  __kmalloc_noprof+0xd2/0x510
[ 1090.935592][T27106]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1090.935610][T27106]  ? tomoyo_profile+0x47/0x60
[ 1090.935622][T27106]  tomoyo_path_number_perm+0x245/0x580
[ 1090.935635][T27106]  ? tomoyo_path_number_perm+0x237/0x580
[ 1090.935650][T27106]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1090.935711][T27106]  ? find_held_lock+0x2b/0x80
[ 1090.935730][T27106]  ? hook_file_ioctl_common+0x145/0x410
[ 1090.935747][T27106]  ? __fget_files+0x20e/0x3c0
[ 1090.935762][T27106]  security_file_ioctl_compat+0x9b/0x240
[ 1090.935780][T27106]  __ia32_compat_sys_ioctl+0xc3/0x370
[ 1090.935794][T27106]  __do_fast_syscall_32+0x7c/0x3a0
[ 1090.935811][T27106]  do_fast_syscall_32+0x32/0x80
[ 1090.935826][T27106]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1090.935840][T27106] RIP: 0023:0xf7f61579
[ 1090.935850][T27106] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1090.935865][T27106] RSP: 002b:00000000f508655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[ 1090.935881][T27106] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b46
[ 1090.935891][T27106] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1090.935901][T27106] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1090.935913][T27106] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1090.935924][T27106] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1090.935950][T27106]  </TASK>
[ 1090.935957][T27106] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1091.238395][T27117] bridge38: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1091.252909][ T5942] Bluetooth: hci3: command 0x0406 tx timeout
[ 1091.593253][T27120] netlink: 'syz.1.4112': attribute type 5 has an invalid length.
[ 1091.595764][T27120] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4112'.
[ 1091.863921][   T72] libceph: connect (1)[c::]:6789 error -101
[ 1091.865902][   T72] libceph: mon0 (1)[c::]:6789 connect error
[ 1091.913855][T27130] ceph: No mds server is up or the cluster is laggy
[ 1094.759840][T26163] libceph: connect (1)[c::]:6789 error -101
[ 1094.762383][T26163] libceph: mon0 (1)[c::]:6789 connect error
[ 1094.820474][T27190] ceph: No mds server is up or the cluster is laggy
[ 1095.234540][T27209] netlink: 196 bytes leftover after parsing attributes in process `syz.0.4136'.
[ 1095.288027][T27198] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1095.290686][T27198] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1095.298765][T27198] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1095.300910][T27198] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1095.523240][T27222] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1095.525941][T27222] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1096.034624][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1096.038385][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1096.042004][ T5952] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1096.046857][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1096.049808][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1096.067025][    C2] Unknown status report in ack skb
[ 1096.104361][T27231] FAULT_INJECTION: forcing a failure.
[ 1096.104361][T27231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1096.108561][T27231] CPU: 3 UID: 0 PID: 27231 Comm: syz.1.4145 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[ 1096.108577][T27231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1096.108584][T27231] Call Trace:
[ 1096.108588][T27231]  <TASK>
[ 1096.108593][T27231]  dump_stack_lvl+0x16c/0x1f0
[ 1096.108611][T27231]  should_fail_ex+0x512/0x640
[ 1096.108632][T27231]  _copy_from_user+0x2e/0xd0
[ 1096.108644][T27231]  get_compat_msghdr+0xa7/0x170
[ 1096.108660][T27231]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 1096.108681][T27231]  ___sys_sendmsg+0x1ae/0x1d0
[ 1096.108698][T27231]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1096.108720][T27231]  ? find_held_lock+0x2b/0x80
[ 1096.108744][T27231]  __sys_sendmsg+0x16d/0x220
[ 1096.108760][T27231]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1096.108781][T27231]  ? rcu_is_watching+0x12/0xc0
[ 1096.108799][T27231]  __do_fast_syscall_32+0x7c/0x3a0
[ 1096.108816][T27231]  do_fast_syscall_32+0x32/0x80
[ 1096.108831][T27231]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1096.108845][T27231] RIP: 0023:0xf70ee579
[ 1096.108854][T27231] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1096.108865][T27231] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[ 1096.108876][T27231] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[ 1096.108883][T27231] RDX: 0000000024000080 RSI: 0000000000000000 RDI: 0000000000000000
[ 1096.108890][T27231] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1096.108896][T27231] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1096.108902][T27231] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1096.108915][T27231]  </TASK>
[ 1096.168641][    C3] vkms_vblank_simulate: vblank timer overrun
[ 1096.191517][T27225] chnl_net:caif_netlink_parms(): no params data found
[ 1096.261614][T27225] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1096.265609][T27225] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1096.267895][T27225] bridge_slave_0: entered allmulticast mode
[ 1096.275792][T27225] bridge_slave_0: entered promiscuous mode
[ 1096.280449][T27225] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1096.282919][T27225] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1096.285921][T27225] bridge_slave_1: entered allmulticast mode
[ 1096.288632][T27225] bridge_slave_1: entered promiscuous mode
[ 1096.400040][T27225] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1096.408352][T27225] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1096.447690][T27225] team0: Port device team_slave_0 added
[ 1096.451409][T27225] team0: Port device team_slave_1 added
[ 1096.493410][T27225] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1096.496623][T27225] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1096.507083][T27225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1096.511781][T27225] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1096.514067][T27225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1096.522518][T27225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1096.618287][T27225] hsr_slave_0: entered promiscuous mode
[ 1096.621429][T27225] hsr_slave_1: entered promiscuous mode
[ 1096.625685][T27225] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1096.628941][T27225] Cannot create hsr debugfs directory
[ 1096.764959][T27225] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.849781][T27251] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1096.880047][T27225] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.979259][T27225] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.071508][T27225] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.198682][T27225] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1097.212313][T27225] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1097.235343][T27225] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1097.239673][T27267] FAULT_INJECTION: forcing a failure.
[ 1097.239673][T27267] name failslab, interval 1, probability 0, space 0, times 0
[ 1097.244428][T27225] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1097.245421][T27267] CPU: 3 UID: 0 PID: 27267 Comm: syz.1.4152 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[ 1097.245446][T27267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1097.245458][T27267] Call Trace:
[ 1097.245465][T27267]  <TASK>
[ 1097.245472][T27267]  dump_stack_lvl+0x16c/0x1f0
[ 1097.245500][T27267]  should_fail_ex+0x512/0x640
[ 1097.245527][T27267]  ? fs_reclaim_acquire+0xae/0x150
[ 1097.245547][T27267]  should_failslab+0xc2/0x120
[ 1097.245572][T27267]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1097.245591][T27267]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1097.245616][T27267]  ? kobject_uevent_env+0x265/0x1870
[ 1097.245636][T27267]  kobject_uevent_env+0x265/0x1870
[ 1097.245653][T27267]  ? __pfx_dev_uevent_name+0x10/0x10
[ 1097.245681][T27267]  ? bus_to_subsys+0x131/0x160
[ 1097.245708][T27267]  device_del+0x623/0x9f0
[ 1097.245737][T27267]  ? __pfx_device_del+0x10/0x10
[ 1097.245772][T27267]  device_unregister+0x1d/0xc0
[ 1097.245798][T27267]  wakeup_source_unregister.part.0+0x192/0x570
[ 1097.245837][T27267]  wakeup_source_unregister+0x1f/0x30
[ 1097.245864][T27267]  __ep_remove+0x487/0xa70
[ 1097.245886][T27267]  ep_clear_and_put+0x226/0x440
[ 1097.245905][T27267]  ? __pfx_ep_eventpoll_release+0x10/0x10
[ 1097.245923][T27267]  ep_eventpoll_release+0x3e/0x60
[ 1097.245939][T27267]  __fput+0x3ff/0xb70
[ 1097.245972][T27267]  fput_close_sync+0x118/0x260
[ 1097.245998][T27267]  ? __pfx_fput_close_sync+0x10/0x10
[ 1097.246023][T27267]  ? dnotify_flush+0x79/0x4c0
[ 1097.246052][T27267]  __ia32_sys_close+0x8b/0x120
[ 1097.246070][T27267]  __do_fast_syscall_32+0x7c/0x3a0
[ 1097.246097][T27267]  do_fast_syscall_32+0x32/0x80
[ 1097.246121][T27267]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1097.246143][T27267] RIP: 0023:0xf70ee579
[ 1097.246158][T27267] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1097.246175][T27267] RSP: 002b:00000000f50de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000006
[ 1097.246193][T27267] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000
[ 1097.246204][T27267] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1097.246214][T27267] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1097.246225][T27267] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1097.246235][T27267] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1097.246260][T27267]  </TASK>
[ 1097.254601][ T5942] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1097.332514][   T13] bridge_slave_1: left allmulticast mode
[ 1097.337612][   T13] bridge_slave_1: left promiscuous mode
[ 1097.339516][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1097.344436][ T5942] Bluetooth: hci1: command 0x0405 tx timeout
[ 1097.345216][   T13] bridge_slave_0: left allmulticast mode
[ 1097.359109][   T13] bridge_slave_0: left promiscuous mode
[ 1097.360992][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1098.132982][ T5942] Bluetooth: hci2: command tx timeout
[ 1099.342806][ T5942] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1099.412786][ T5942] Bluetooth: hci1: command 0x0405 tx timeout
[ 1100.065184][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1100.071009][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1100.075144][   T13] bond0 (unregistering): Released all slaves
[ 1100.087157][   T13] bond1 (unregistering): Released all slaves
[ 1100.100030][   T13] bond2 (unregistering): Released all slaves
[ 1100.121981][T27273] bridge39: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1100.192577][T27225] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1100.212169][T27225] 8021q: adding VLAN 0 to HW filter on device team0
[ 1100.222860][ T5942] Bluetooth: hci2: command tx timeout
[ 1100.229290][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1100.231720][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1100.238400][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1100.240665][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1100.374842][T27304] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.4162'.
[ 1100.555746][T27225] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1100.728255][   T13] hsr_slave_0: left promiscuous mode
[ 1100.730514][   T13] hsr_slave_1: left promiscuous mode
[ 1100.732601][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1100.735558][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1100.739041][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1100.742015][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1100.772476][   T13] veth1_macvtap: left promiscuous mode
[ 1100.774746][   T13] veth0_macvtap: left promiscuous mode
[ 1100.776692][   T13] veth1_vlan: left promiscuous mode
[ 1100.778656][   T13] veth0_vlan: left promiscuous mode
[ 1101.646873][T27328] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1101.650464][T27328] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1101.677049][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1101.759161][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1102.293845][ T5942] Bluetooth: hci2: command tx timeout
[ 1102.311756][T27225] veth0_vlan: entered promiscuous mode
[ 1102.325880][T27225] veth1_vlan: entered promiscuous mode
[ 1102.360746][T27225] veth0_macvtap: entered promiscuous mode
[ 1102.365156][T27225] veth1_macvtap: entered promiscuous mode
[ 1102.404382][T27225] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1102.411551][T27225] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1102.421331][T27225] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1102.424941][T27225] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1102.428612][T27225] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1102.431335][T27225] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1102.511739][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1102.525548][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1102.558170][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1102.561323][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1102.585893][T27225] ==================================================================
[ 1102.588896][T27225] BUG: KASAN: slab-use-after-free in binder_add_device+0xa4/0xb0
[ 1102.591952][T27225] Write of size 8 at addr ffff888070301808 by task syz-executor/27225
[ 1102.596776][T27225] 
[ 1102.597815][T27225] CPU: 2 UID: 0 PID: 27225 Comm: syz-executor Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[ 1102.597838][T27225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1102.597850][T27225] Call Trace:
[ 1102.597857][T27225]  <TASK>
[ 1102.597864][T27225]  dump_stack_lvl+0x116/0x1f0
[ 1102.597891][T27225]  print_report+0xcd/0x680
[ 1102.597916][T27225]  ? __virt_addr_valid+0x81/0x610
[ 1102.597940][T27225]  ? __phys_addr+0xe8/0x180
[ 1102.597965][T27225]  ? binder_add_device+0xa4/0xb0
[ 1102.597982][T27225]  kasan_report+0xe0/0x110
[ 1102.598005][T27225]  ? binder_add_device+0xa4/0xb0
[ 1102.598024][T27225]  binder_add_device+0xa4/0xb0
[ 1102.598041][T27225]  binderfs_binder_device_create.isra.0+0xa03/0xc30
[ 1102.598068][T27225]  binderfs_fill_super+0x8d4/0x1360
[ 1102.598091][T27225]  ? __pfx_binderfs_fill_super+0x10/0x10
[ 1102.598120][T27225]  ? shrinker_register+0x1a8/0x260
[ 1102.598143][T27225]  ? sget_fc+0x808/0xc20
[ 1102.598162][T27225]  ? apparmor_capable+0x114/0x1d0
[ 1102.598180][T27225]  ? __pfx_set_anon_super_fc+0x10/0x10
[ 1102.598198][T27225]  ? __pfx_binderfs_fill_super+0x10/0x10
[ 1102.598218][T27225]  get_tree_nodev+0xda/0x190
[ 1102.598239][T27225]  vfs_get_tree+0x8b/0x340
[ 1102.598255][T27225]  path_mount+0x14d4/0x1f70
[ 1102.598278][T27225]  ? kmem_cache_free+0x2d1/0x4d0
[ 1102.598299][T27225]  ? __pfx_path_mount+0x10/0x10
[ 1102.598321][T27225]  ? getname_flags.part.0+0x1c5/0x550
[ 1102.598349][T27225]  ? putname+0x154/0x1a0
[ 1102.598373][T27225]  __ia32_sys_mount+0x28b/0x310
[ 1102.598395][T27225]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1102.598418][T27225]  ? rcu_is_watching+0x12/0xc0
[ 1102.598443][T27225]  __do_fast_syscall_32+0x7c/0x3a0
[ 1102.598467][T27225]  do_fast_syscall_32+0x32/0x80
[ 1102.598490][T27225]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1102.598512][T27225] RIP: 0023:0xf707e579
[ 1102.598526][T27225] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1102.598543][T27225] RSP: 002b:00000000ff9d58a0 EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[ 1102.598560][T27225] RAX: ffffffffffffffda RBX: 00000000f72764ed RCX: 00000000f7266be3
[ 1102.598572][T27225] RDX: 00000000f72764ed RSI: 0000000000000000 RDI: 0000000000000000
[ 1102.598583][T27225] RBP: 00000000f7244088 R08: 0000000000000000 R09: 0000000000000000
[ 1102.598594][T27225] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1102.598604][T27225] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1102.598621][T27225]  </TASK>
[ 1102.598627][T27225] 
[ 1102.663597][T27344] bridge38: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1102.664977][T27225] Allocated by task 1341:
[ 1102.704871][T27225]  kasan_save_stack+0x33/0x60
[ 1102.706823][T27225]  kasan_save_track+0x14/0x30
[ 1102.708807][T27225]  __kasan_kmalloc+0xaa/0xb0
[ 1102.710760][T27225]  drm_gem_duplicate_shadow_plane_state+0x7a/0x110
[ 1102.713504][T27225]  drm_atomic_get_plane_state+0x20e/0x590
[ 1102.715445][T27225]  drm_atomic_helper_dirtyfb+0x49c/0x780
[ 1102.717397][T27225]  drm_fbdev_shmem_helper_fb_dirty+0x1c9/0x340
[ 1102.719841][T27225]  drm_fb_helper_damage_work+0x27e/0x5f0
[ 1102.722108][T27225]  process_one_work+0x9cf/0x1b70
[ 1102.724200][T27225]  worker_thread+0x6c8/0xf10
[ 1102.726034][T27225]  kthread+0x3c2/0x780
[ 1102.727643][T27225]  ret_from_fork+0x5d4/0x6f0
[ 1102.729427][T27225]  ret_from_fork_asm+0x1a/0x30
[ 1102.731307][T27225] 
[ 1102.732272][T27225] Freed by task 1341:
[ 1102.733881][T27225]  kasan_save_stack+0x33/0x60
[ 1102.735757][T27225]  kasan_save_track+0x14/0x30
[ 1102.737628][T27225]  kasan_save_free_info+0x3b/0x60
[ 1102.739628][T27225]  __kasan_slab_free+0x51/0x70
[ 1102.741515][T27225]  kfree+0x2b4/0x4d0
[ 1102.743050][T27225]  drm_atomic_state_default_clear+0x69e/0xe40
[ 1102.745508][T27225]  __drm_atomic_state_free+0x185/0x2b0
[ 1102.747667][T27225]  drm_atomic_helper_dirtyfb+0x572/0x780
[ 1102.749878][T27225]  drm_fbdev_shmem_helper_fb_dirty+0x1c9/0x340
[ 1102.752300][T27225]  drm_fb_helper_damage_work+0x27e/0x5f0
[ 1102.754527][T27225]  process_one_work+0x9cf/0x1b70
[ 1102.756494][T27225]  worker_thread+0x6c8/0xf10
[ 1102.758326][T27225]  kthread+0x3c2/0x780
[ 1102.759941][T27225]  ret_from_fork+0x5d4/0x6f0
[ 1102.762480][T27225]  ret_from_fork_asm+0x1a/0x30
[ 1102.764427][T27225] 
[ 1102.765378][T27225] The buggy address belongs to the object at ffff888070301800
[ 1102.765378][T27225]  which belongs to the cache kmalloc-512 of size 512
[ 1102.771116][T27225] The buggy address is located 8 bytes inside of
[ 1102.771116][T27225]  freed 512-byte region [ffff888070301800, ffff888070301a00)
[ 1102.776731][T27225] 
[ 1102.777774][T27225] The buggy address belongs to the physical page:
[ 1102.780462][T27225] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888070301000 pfn:0x70300
[ 1102.784617][T27225] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1102.788112][T27225] flags: 0x4fff00000000240(workingset|head|node=1|zone=1|lastcpupid=0x7ff)
[ 1102.791687][T27225] page_type: f5(slab)
[ 1102.793394][T27225] raw: 04fff00000000240 ffff88801b442c80 ffffea00017fb110 ffffea000139b410
[ 1102.797011][T27225] raw: ffff888070301000 000000000010000c 00000000f5000000 0000000000000000
[ 1102.800532][T27225] head: 04fff00000000240 ffff88801b442c80 ffffea00017fb110 ffffea000139b410
[ 1102.804168][T27225] head: ffff888070301000 000000000010000c 00000000f5000000 0000000000000000
[ 1102.807769][T27225] head: 04fff00000000002 ffffea0001c0c001 00000000ffffffff 00000000ffffffff
[ 1102.811369][T27225] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 1102.814965][T27225] page dumped because: kasan: bad access detected
[ 1102.817651][T27225] page_owner tracks the page as allocated
[ 1102.819991][T27225] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 61, tgid 61 (kworker/u32:3), ts 310742323159, free_ts 310374123134
[ 1102.829077][T27225]  post_alloc_hook+0x1c0/0x230
[ 1102.831121][T27225]  get_page_from_freelist+0x1321/0x3890
[ 1102.833417][T27225]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1102.835631][T27225]  alloc_pages_mpol+0x1fb/0x550
[ 1102.837721][T27225]  new_slab+0x23b/0x330
[ 1102.839479][T27225]  ___slab_alloc+0xd9c/0x1940
[ 1102.841497][T27225]  __slab_alloc.constprop.0+0x56/0xb0
[ 1102.843774][T27225]  __kmalloc_cache_noprof+0xfb/0x3e0
[ 1102.845995][T27225]  fuse_writepage_args_setup+0xfd/0xb50
[ 1102.848356][T27225]  fuse_writepages_fill+0x82a/0x1500
[ 1102.850675][T27225]  write_cache_pages+0xaf/0x130
[ 1102.852751][T27225]  fuse_writepages+0x2de/0x460
[ 1102.854813][T27225]  do_writepages+0x277/0x600
[ 1102.856759][T27225]  __writeback_single_inode+0x160/0xfb0
[ 1102.859108][T27225]  writeback_sb_inodes+0x601/0xf90
[ 1102.861234][T27225]  __writeback_inodes_wb+0xf8/0x2d0
[ 1102.863406][T27225] page last free pid 10628 tgid 10617 stack trace:
[ 1102.866118][T27225]  __free_frozen_pages+0x7fe/0x1180
[ 1102.868309][T27225]  qlist_free_all+0x4d/0x120
[ 1102.870261][T27225]  kasan_quarantine_reduce+0x195/0x1e0
[ 1102.872479][T27225]  __kasan_slab_alloc+0x69/0x90
[ 1102.874042][T27225]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 1102.876093][T27225]  __kernfs_new_node+0xd2/0x8e0
[ 1102.877837][T27225]  kernfs_new_node+0x13c/0x1e0
[ 1102.879381][T27225]  __kernfs_create_file+0x53/0x350
[ 1102.881044][T27225]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1102.883265][T27225]  internal_create_group+0x578/0xf30
[ 1102.885196][T27225]  internal_create_groups+0x9d/0x150
[ 1102.886858][T27225]  device_add+0x6d1/0x1a70
[ 1102.888289][T27225]  netdev_register_kobject+0x182/0x3a0
[ 1102.890017][T27225]  register_netdevice+0x13dc/0x2270
[ 1102.892389][T27225]  __tun_chr_ioctl+0x1f59/0x47a0
[ 1102.893976][T27225]  __ia32_compat_sys_ioctl+0x242/0x370
[ 1102.895945][T27225] 
[ 1102.896717][T27225] Memory state around the buggy address:
[ 1102.898472][T27225]  ffff888070301700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1102.901047][T27225]  ffff888070301780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1102.904382][T27225] >ffff888070301800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1102.907705][T27225]                       ^
[ 1102.909524][T27225]  ffff888070301880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1102.912842][T27225]  ffff888070301900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1102.916162][T27225] ==================================================================
[ 1102.929090][T27225] Kernel panic - not syncing: KASAN: panic_on_warn set ...
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1102.931483][T27225] CPU: 2 UID: 0 PID: 27225 Comm: syz-executor Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) 
[ 1102.935590][T27225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1102.939034][T27225] Call Trace:
[ 1102.940169][T27225]  <TASK>
[ 1102.941149][T27225]  dump_stack_lvl+0x3d/0x1f0
[ 1102.942694][T27225]  panic+0x71c/0x800
[ 1102.944015][T27225]  ? __pfx_panic+0x10/0x10
[ 1102.945562][T27225]  ? mark_held_locks+0x49/0x80
[ 1102.947118][T27225]  ? preempt_schedule_thunk+0x16/0x30
[ 1102.948917][T27225]  ? binder_add_device+0xa4/0xb0
[ 1102.950506][T27225]  ? preempt_schedule_common+0x44/0xc0
[ 1102.952334][T27225]  ? check_panic_on_warn+0x1f/0xb0
[ 1102.954002][T27225]  ? binder_add_device+0xa4/0xb0
[ 1102.956480][T27225]  check_panic_on_warn+0xab/0xb0
[ 1102.958154][T27225]  end_report+0x107/0x170
[ 1102.959573][T27225]  kasan_report+0xee/0x110
[ 1102.961024][T27225]  ? binder_add_device+0xa4/0xb0
[ 1102.962676][T27225]  binder_add_device+0xa4/0xb0
[ 1102.964272][T27225]  binderfs_binder_device_create.isra.0+0xa03/0xc30
[ 1102.966483][T27225]  binderfs_fill_super+0x8d4/0x1360
[ 1102.968232][T27225]  ? __pfx_binderfs_fill_super+0x10/0x10
[ 1102.970019][T27225]  ? shrinker_register+0x1a8/0x260
[ 1102.971725][T27225]  ? sget_fc+0x808/0xc20
[ 1102.973107][T27225]  ? apparmor_capable+0x114/0x1d0
[ 1102.974989][T27225]  ? __pfx_set_anon_super_fc+0x10/0x10
[ 1102.977013][T27225]  ? __pfx_binderfs_fill_super+0x10/0x10
[ 1102.978792][T27225]  get_tree_nodev+0xda/0x190
[ 1102.980265][T27225]  vfs_get_tree+0x8b/0x340
[ 1102.981822][T27225]  path_mount+0x14d4/0x1f70
[ 1102.983820][T27225]  ? kmem_cache_free+0x2d1/0x4d0
[ 1102.985893][T27225]  ? __pfx_path_mount+0x10/0x10
[ 1102.987956][T27225]  ? getname_flags.part.0+0x1c5/0x550
[ 1102.990206][T27225]  ? putname+0x154/0x1a0
[ 1102.991978][T27225]  __ia32_sys_mount+0x28b/0x310
[ 1102.994036][T27225]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1102.996273][T27225]  ? rcu_is_watching+0x12/0xc0
[ 1102.998310][T27225]  __do_fast_syscall_32+0x7c/0x3a0
[ 1103.000459][T27225]  do_fast_syscall_32+0x32/0x80
[ 1103.002018][T27225]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1103.004028][T27225] RIP: 0023:0xf707e579
[ 1103.005323][T27225] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1103.011296][T27225] RSP: 002b:00000000ff9d58a0 EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[ 1103.014433][T27225] RAX: ffffffffffffffda RBX: 00000000f72764ed RCX: 00000000f7266be3
[ 1103.016905][T27225] RDX: 00000000f72764ed RSI: 0000000000000000 RDI: 0000000000000000
[ 1103.019369][T27225] RBP: 00000000f7244088 R08: 0000000000000000 R09: 0000000000000000
[ 1103.022771][T27225] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 1103.025263][T27225] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1103.027818][T27225]  </TASK>
[ 1103.029438][T27225] Kernel Offset: disabled
[ 1103.030848][T27225] Rebooting in 86400 seconds..

VM DIAGNOSIS:
07:48:24  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000001 RBX=ffff888023de22a8 RCX=ffffffff81983fd3 RDX=0000000000000000
RSI=0000000000000004 RDI=ffff888023de22a8 RBP=ffff888023de22b0 RSP=ffffc90006ad7380
R8 =0000000000000000 R9 =ffffed10047bc455 R10=ffff888023de22ab R11=0000000000000001
R12=ffff888023de22b8 R13=0000000000000002 R14=ffffc90006ad7698 R15=0000000000000014
RIP=ffffffff8b7c3f00 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097775000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f95ccea3286 CR3=00000000297b8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555aeddeac50 0000555aeddeac50
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdc2f95830 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6365727020676e 6973752053534249 2064657461657243 203a316e616c7720
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030203030203030 2030302036322034 6220643820303020 3030203030203030
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2036322034622064 3820303920303920 3039203039203363 203935206135203e
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 64353c2030382064 6320343320663020 3565203938203535 2032352031352030
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3020303020303020 3030203030203030 2030302030302030 3020303020303020
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000002e985f5 RBX=0000000000000001 RCX=ffffffff8b799c79 RDX=0000000000000000
RSI=ffffffff8dc02c0a RDI=ffffffff8bf52ee0 RBP=ffffed1003b5d488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed100566663d R10=ffff88802b3331eb R11=0000000000000001
R12=0000000000000001 R13=ffff88801daea440 R14=ffffffff9087ad50 R15=0000000000000000
RIP=ffffffff8b7987df RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097875000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3a7352 CR3=000000006be1b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85562565 RDI=ffffffff9ae599c0 RBP=ffffffff9ae59980 RSP=ffffc900047ff4f0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3330373038387257
R12=0000000000000000 R13=0000000000000074 R14=ffffffff9ae59980 R15=ffffffff85562500
RIP=ffffffff8556258f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097975000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000056123ccf8950 CR3=0000000075dba000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00007f4a396dafff RBX=00007f4a396dafff RCX=ffffffff8b7150e2 RDX=ffff888027832440
RSI=ffffffff8b714da8 RDI=0000000000000006 RBP=000000000000000e RSP=ffffc90006ac73d0
R8 =0000000000000006 R9 =00007f4a396dafff R10=00007f4a396dafff R11=0000000000000001
R12=dffffc0000000000 R13=0000000000000000 R14=0000000000000001 R15=0000000000000000
RIP=ffffffff81bb6db8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097a75000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f4a396cda10 CR3=0000000056598000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 637062696c2f3436 62696c2f7273752f
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000570 0000000000060a90
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffffffffffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001da0 0000000000033260
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000