last executing test programs:

2m31.04169551s ago: executing program 2 (id=193):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r1)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r1, &(0x7f00000005c0)={0x0, 0x6000, &(0x7f0000000580)={&(0x7f0000000500)={0x20, r2, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0904000000000000000002000000400004803c0001800a00010072616e67650000002c000280080001400000002408000240000000030c00048005000100690000000c00038005000100430000000900010073797a30000000000900020073797a3200000000140000001100010086904c8100000000"], 0x94}}, 0x0)

2m31.02954007s ago: executing program 2 (id=194):
rt_sigprocmask(0x0, &(0x7f0000000080)={[0xffffffff]}, 0x0, 0x8)
r0 = signalfd4(0xffffffffffffffff, &(0x7f00000001c0)={[0xffffffffffffffff]}, 0x8, 0x80800)
r1 = gettid()
r2 = getpid()
rt_tgsigqueueinfo(r2, r1, 0x1f, &(0x7f0000000140)={0x0, 0x0, 0x1})
read$FUSE(r0, &(0x7f0000003a40)={0x2020}, 0x2020)

2m30.940899517s ago: executing program 2 (id=196):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000340)={r0, r0, 0x8, 0x0, 0x0, 0x2, 0x11, 0x15be, 0x5886, 0x801, 0x0, 0x8, 'syz0\x00'})
shutdown(r0, 0x0)
write(r0, 0x0, 0x0)

2m30.884773674s ago: executing program 2 (id=200):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000400)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='.\x00')

2m30.790289879s ago: executing program 2 (id=201):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0x7, &(0x7f0000000100)=0x4000200, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc, 0x0, 0x1000, 0x800000}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2m24.66174724s ago: executing program 2 (id=278):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0)
clock_adjtime(0xffffffd3, &(0x7f0000000340)={0x1383})
sendmsg$AUDIT_TTY_SET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x18, 0x3f9, 0x100, 0x70bd27, 0x25dfdbfb, {0x1001}}, 0x18}, 0x1, 0x0, 0x0, 0x20040094}, 0x80)
r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x3}, &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r1}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha224-ssse3\x00'}})

2m24.598387354s ago: executing program 32 (id=278):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0)
clock_adjtime(0xffffffd3, &(0x7f0000000340)={0x1383})
sendmsg$AUDIT_TTY_SET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x18, 0x3f9, 0x100, 0x70bd27, 0x25dfdbfb, {0x1001}}, 0x18}, 0x1, 0x0, 0x0, 0x20040094}, 0x80)
r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x3}, &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r1}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha224-ssse3\x00'}})

2m14.850115099s ago: executing program 4 (id=457):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close_range(r2, r2, 0x2)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m14.700112986s ago: executing program 4 (id=458):
r0 = userfaultfd(0x801)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x40)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000600))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
syz_io_uring_submit(r1, 0x0, 0x0)

2m13.817164984s ago: executing program 4 (id=474):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={0xffffffffffffffff, 0x2000012, 0x0, 0x0, &(0x7f0000000c40), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x9}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='vegas\x00', 0x6)
sendto$inet6(r0, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)

2m13.74835509s ago: executing program 4 (id=476):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

2m13.69109988s ago: executing program 4 (id=477):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast6)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="ad733642561534f14257b6c5820fae9d6dcd3292eac8796a", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x40010}], 0x1, 0x0)
read$alg(r1, &(0x7f0000000180)=""/133, 0x85)

2m13.359535321s ago: executing program 4 (id=481):
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x2000)
read(r1, &(0x7f0000000200)=""/209, 0x128)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x335, @time={0x80, 0xff}})
tkill(r0, 0x7)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r1, 0xc02c5341, &(0x7f00000004c0))

2m13.267047071s ago: executing program 33 (id=481):
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x2000)
read(r1, &(0x7f0000000200)=""/209, 0x128)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x335, @time={0x80, 0xff}})
tkill(r0, 0x7)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r1, 0xc02c5341, &(0x7f00000004c0))

46.771541933s ago: executing program 5 (id=1841):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x2, 0x4, 0x6, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_io_uring_setup(0x117, &(0x7f0000000300), &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
socket$unix(0x1, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

46.71324822s ago: executing program 5 (id=1846):
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x189841, 0x11)
syz_fuse_handle_req(r0, &(0x7f0000004380)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734b5ecaf5e82983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1b8abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff19427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x4000000000000, {0x0, 0x0, 0x20000000, 0x4, 0x6, 0x0, {0x0, 0x100, 0x0, 0xd, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, r2, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004300)={0x50, 0x0, r1, {0x7, 0x26, 0x10001, 0x12007646, 0x0, 0x0, 0x0, 0x3}}, 0x50)

45.807257038s ago: executing program 5 (id=1861):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
iopl(0x3)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0xf3a, 0x0)

44.833989461s ago: executing program 5 (id=1868):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000001c0)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000200)='./file0\x00')

44.828849051s ago: executing program 5 (id=1871):
syz_usb_connect$cdc_ecm(0x4, 0x68, &(0x7f0000000000)=ANY=[@ANYBLOB="12010002020000102505a1a440"], 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0x7, &(0x7f0000000100)=0x4000200, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc, 0x0, 0x1000, 0x800000}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

44.601145297s ago: executing program 5 (id=1874):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r0, &(0x7f0000000480)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f535"], 0x72)

44.505388614s ago: executing program 34 (id=1874):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r0, &(0x7f0000000480)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f535"], 0x72)

28.96709065s ago: executing program 0 (id=2079):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setreuid(0xee01, 0xee00)
setns(r3, 0x80)

28.727463764s ago: executing program 0 (id=2085):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x20000003}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

28.662640626s ago: executing program 0 (id=2088):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404005400ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b70000000000000095000000000000003f0c54cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752688300000000dbc2777df150b7cdd77b85b941092314fd085f1b1b2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c830fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b8498aa787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28179f09943b1b0452d1b72183aacf4a84f9130b701b81675dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fd80f3876acb45821d0c48fb657c29b309c73f0977e7cde65a89d9458aac2795b2b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d2665016ac59dd20fde0745db06753a7ac7fe13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2084bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a3894696082417304fff0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bdb539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572ac45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af00200f900cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee78ebf9ef40662d7836961a8de6f2d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408816eae08cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb7819441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005391577f480000ea65559eb00e2b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e710d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d4ac534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f0300000000000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca396eeec1f53bb0bc1bc9ce45bb671f2dea5eafc74551cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b847e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fde46ad265983eb1b1c6adb1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0c5605000063902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f617396c18cc7130000fc000000210000006e00002000000000000027c9a46157a3ffff6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4472b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc4c860495b240e80063bde261fd000000000072f6df342f3e7071e28ef6806b6b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2b3a113e47edf76f7d116d2b0976cf2ec447c0309316d1dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a80500e92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949c68b7a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273061fc5c0e0a33db7f2d43ea8086cf059f40fa2645944cd9e7f2e6ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec50f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858e13e8f0ba9d1dec469dc71e998d99ebf7cfda638d7ce859acfec3f14ec2aa98b53cd68a0d99d62a5620b7c0f61dc386c449664a94bca09859a35760b7b818087347697c239990daec8384a12d973d5470efe5dae887be689c6b1551f4c5a649d9dc563d7049c91453facecbee789a1d5a4896b2b7bec3ec5e60c4916e5561888502a12f4985f9c7dab41cbf31c26cd12d5116de95b521a57408adbbac278be82fef3f9d8a51385b376b57e20be83e7b27460729a626250ccd7982eba588f86195e15119eca569bebba8514e5bfcbe51f1a628793b4ed4424c95a731628fa38e167b79affcd50b561d3a9cb4bea872d9e5a06a4201fd09eecfe283854837a65ecf8cd6cdaad4bf223db323de9d4854d66d324a0d125e3ebe2ed3c78e47392962860de6bb86759406e74335443407d9ee7d4a4430b60b6ef369604e1282b0c1aa8d4b18e8db32a0eeaaabc7f7b5c49bd88cfe860f69f5510179d867970f975169591908282cd4367f82e62e3fa37876f30934c23dc2d02a0c25839f008ec099503c8d1b3169aa9c5a7db7f0116d203ac6503596c3a5b063c28f84c9eb4200000000000000000000000000000000000009f491210abc6ed14c49e22898d449d435f7e0e94a6b8b37924f725c47d17471ea258133681ff4dca50beba02eacfe0910c1676bdff06e737e0d12878ab5366985c0e8245864b3abd02e81ba0638e4de4b2f62098108535546b58ae8baee1fcc301a3b4101588e60f6f7678b82aa80e37832a2f49744d23e3a11bd2282ec7ff3400e8748f91e247b80e1b65400"/3088], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040), 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = dup(r2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r3, r1, 0x25, 0x4, @val=@tracing={0x0, 0x8}}, 0x20)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)

28.570753965s ago: executing program 0 (id=2090):
syz_clone(0x20940200, 0x0, 0x9, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0x80049367, 0x0)

28.492929315s ago: executing program 0 (id=2091):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0x5, &(0x7f0000000180)=@framed={{0x18, 0x8}, [@initr0]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000100)=r1, 0x4)
utime(0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x7d)
syz_emit_ethernet(0x7e, &(0x7f0000000240)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x48, 0x11, 0x0, @private1, @mcast2, {[], {0x0, 0xe22, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "b2f7ef70173fa39de6133123d44695cd3d5f73a08c09d402", "f99dd0f92ca175d4acb6061892eb1ea2be3720309884551f94aaf5db8f7746d3"}}}}}}}, 0x0)

28.25965818s ago: executing program 0 (id=2093):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000080), 0x4)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a5fd03"}, 0x38)
recvmmsg(r0, &(0x7f0000003600), 0x58, 0x10020, 0x0)

28.131123078s ago: executing program 35 (id=2093):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000080), 0x4)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a5fd03"}, 0x38)
recvmmsg(r0, &(0x7f0000003600), 0x58, 0x10020, 0x0)

8.020570595s ago: executing program 3 (id=2470):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
close(r0)

7.967091364s ago: executing program 3 (id=2471):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

7.870640167s ago: executing program 3 (id=2473):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x25dfdbff, {}, [@NHA_OIF={0x8, 0x5, r3}]}, 0x20}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="2c0000001800090400000000000000000a090000000000000000000008001e0001"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x20, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x192}}, 0x20}}, 0x0)

7.770987715s ago: executing program 3 (id=2474):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000363000/0x18000)=nil, &(0x7f0000000440)=[@text32={0x20, &(0x7f0000000500)="66baf80cb8f42c2b80ef0fbafc0cb800000000c4e209b6e80f381d2ac4e265a68f631200000f01c2df0fb805000000b9cb9d00000f01d90f01b8921a000002e2080000b80a000000ba00000000c4e1b5d1da", 0x52}], 0x0, 0x1, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r2, 0x0)

7.661706722s ago: executing program 3 (id=2477):
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

7.598496412s ago: executing program 3 (id=2479):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})
r2 = syz_open_pts(r1, 0x141601)
fcntl$setstatus(r2, 0x4, 0x102800)
write(r2, &(0x7f0000000000)="d5", 0xfffffedf)
close_range(r0, 0xffffffffffffffff, 0x0)

2.752729649s ago: executing program 7 (id=2550):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000540)={&(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x1, {0x1, 0x0, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44004}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2.610538607s ago: executing program 7 (id=2545):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x7, 0x2)
pread64(r2, &(0x7f0000000080)=""/196, 0xc4, 0x3)

2.419938331s ago: executing program 7 (id=2548):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c0000000206050000000000fffff00000000000050001000600000005000405010000000900020073797a310000000005000400000000001100030068617368"], 0x4c}}, 0x4008)
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={0xffffffffffffffff, r2, 0x25, 0x0, @void}, 0x10)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f08000000480100100000000019002b000a000100050000000000007208", 0x31}], 0x1)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100feff000037153e370248018080351700d1bd", 0x33fe0}], 0x1}, 0x0)

2.330368609s ago: executing program 7 (id=2551):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x6, 0x8, 0x0, 0xf77}]}, 0x10)
close(r2)

2.299944052s ago: executing program 7 (id=2553):
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
r2 = syz_io_uring_complete(r0)
openat$cgroup_ro(r2, &(0x7f0000000000)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

2.20024918s ago: executing program 7 (id=2556):
r0 = socket(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r0, &(0x7f0000000040)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r0, &(0x7f00000005c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000b4bffc)=0x8, 0x4)
write(r0, &(0x7f0000000000)='\"', 0x1)
recvmmsg(r0, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)

2.030229481s ago: executing program 6 (id=2560):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000000b060108000000000000000006000002050001"], 0x54}, 0x1, 0x0, 0x0, 0x20008041}, 0x48990)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

1.799589636s ago: executing program 1 (id=2564):
r0 = socket$inet(0x2, 0x4000000805, 0x0)
sendto$inet(r0, &(0x7f00000002c0)="eb", 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
sendto$inet(r0, &(0x7f0000000280)='K', 0x1, 0x0, &(0x7f0000000100)={0x2, 0x0, @rand_addr=0x64010101}, 0x10)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = dup3(r0, r1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000080)=@assoc_value={<r3=>0x0}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000200)={r3}, 0x8)

1.710180029s ago: executing program 1 (id=2565):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x1, @empty, 0xf684}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="6c01"], 0x18)
connect$pppl2tp(r0, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000002140)='\f', 0x1}], 0x1)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000040)="94", 0x1}], 0x1)

1.650548725s ago: executing program 1 (id=2566):
io_setup(0x9, &(0x7f0000000080)=<r0=>0x0)
r1 = epoll_create1(0x0)
r2 = eventfd2(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000240)={0x2000000f})
io_submit(r0, 0x1, &(0x7f0000000e40)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
readv(r2, &(0x7f0000000500)=[{&(0x7f0000000380)=""/95, 0x5f}], 0x1)
write$eventfd(r2, &(0x7f0000000280)=0x9, 0x8)

1.450547996s ago: executing program 1 (id=2567):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
sendmsg$alg(r1, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10, 0xf55476e88d127abb}, 0x24010080)
sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006a00)=ANY=[], 0x1fc}, 0x1, 0x0, 0x0, 0x8010}, 0x20000001)

1.150249493s ago: executing program 6 (id=2568):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xc, 0xf}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_IIF={0x8, 0x4, r3}]}}]}, 0x3c}}, 0x20040054)

1.010444474s ago: executing program 6 (id=2569):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x3}}, 0x10)
bind$tipc(r1, 0x0, 0x0)

1.010214661s ago: executing program 6 (id=2570):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x20000004)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6cbecbf09d6dd7be5a06dfd64563f329c16f799d1836bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffd00fb243c3111dda42112650cc", 0x0, 0xfe2a)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})

549.740459ms ago: executing program 1 (id=2571):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0xfc, {"a2e3ad09ed1a09f91b5d090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f38306d090890e0879b0a0ac6e70a9b3348959b509a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$HIDIOCGUSAGE(r1, 0xd01c4813, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x2, 0xfffffffd, 0x2})

90.175936ms ago: executing program 6 (id=2572):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x800}, 0x4000010)
recvmsg$qrtr(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000008c0)=""/222, 0xde}], 0x1, 0x0, 0x0, 0x2000}, 0x38, 0x10000)
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000009c0)={0xc0, 0x0, 0x400, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_PMSR_ATTR_PEERS={0xa4, 0x5, 0x0, 0x1, [{0x60, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x44, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x769}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x12}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x20, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}]}]}]}]}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4}, 0x10)

424.491µs ago: executing program 1 (id=2573):
r0 = creat(&(0x7f00000005c0)='./file0\x00', 0x0)
close(r0)
syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100}, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
mount$9p_fd(0x0, &(0x7f0000000800)='./file0\x00', &(0x7f00000007c0), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)

0s ago: executing program 6 (id=2574):
r0 = syz_io_uring_setup(0x460, &(0x7f0000000480)={0x0, 0x40000020, 0x10, 0x2, 0x34f}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
socket$inet6(0xa, 0x2, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x2f, 0x1, 0x0, 0x4}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   65.946854][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[   65.946905][ T5985] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[   65.951242][ T5985] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[   66.241723][   T66] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.321993][   T66] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.401656][   T66] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.483332][ T5946] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.500160][ T5946] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   66.502340][   T66] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   66.504456][ T5946] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   66.512641][ T5946] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   66.516275][ T5946] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   66.519332][ T5946] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   66.525334][ T5952] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.528271][ T5952] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   66.532045][ T5952] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   66.535355][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   66.544514][ T5952] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   66.547865][ T5952] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   66.577468][   T66] bridge_slave_1: left allmulticast mode
[   66.579203][   T66] bridge_slave_1: left promiscuous mode
[   66.582201][   T66] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.590114][   T66] bridge_slave_0: left allmulticast mode
[   66.592191][   T66] bridge_slave_0: left promiscuous mode
[   66.594600][   T66] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.909817][   T66] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   66.914509][   T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   66.920092][   T66] bond0 (unregistering): Released all slaves
[   67.009830][ T6769] chnl_net:caif_netlink_parms(): no params data found
[   67.103471][ T6769] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.106527][ T6769] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.111197][ T6769] bridge_slave_0: entered allmulticast mode
[   67.114515][ T6769] bridge_slave_0: entered promiscuous mode
[   67.118478][ T6769] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.121271][ T6769] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.124158][ T6769] bridge_slave_1: entered allmulticast mode
[   67.127575][ T6769] bridge_slave_1: entered promiscuous mode
[   67.188122][ T6769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.193721][ T6769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.245432][ T6769] team0: Port device team_slave_0 added
[   67.259934][ T6769] team0: Port device team_slave_1 added
[   67.311278][   T66] hsr_slave_0: left promiscuous mode
[   67.313633][   T66] hsr_slave_1: left promiscuous mode
[   67.315465][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   67.317840][   T66] batman_adv: batadv0: Removing interface: batadv_slave_0
[   67.326231][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   67.329532][   T66] batman_adv: batadv0: Removing interface: batadv_slave_1
[   67.348587][   T66] veth1_macvtap: left promiscuous mode
[   67.350444][   T66] veth0_macvtap: left promiscuous mode
[   67.352692][   T66] veth1_vlan: left promiscuous mode
[   67.355120][   T66] veth0_vlan: left promiscuous mode
[   67.480742][   T40] audit: type=1326 audit(1742582661.891:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6771 comm="syz.0.281" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7fc00000
[   68.134569][   T66] team0 (unregistering): Port device team_slave_1 removed
[   68.223479][   T66] team0 (unregistering): Port device team_slave_0 removed
[   68.591572][ T5946] Bluetooth: hci0: command tx timeout
[   69.047234][ T6769] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.049823][ T6769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.059164][ T6769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.064441][ T6769] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.067051][ T6769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.076372][ T6769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.126268][ T6769] hsr_slave_0: entered promiscuous mode
[   69.129034][ T6769] hsr_slave_1: entered promiscuous mode
[   69.131417][ T6769] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   69.134191][ T6769] Cannot create hsr debugfs directory
[   69.311951][ T6769] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   69.320006][ T6769] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   69.326604][ T6769] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   69.334894][ T6769] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   69.402425][ T6769] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.425595][ T6769] 8021q: adding VLAN 0 to HW filter on device team0
[   69.437713][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.441311][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.448611][ T1137] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.451551][ T1137] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.504892][ T6842] netlink: 4 bytes leftover after parsing attributes in process `syz.0.307'.
[   69.657605][ T6769] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.684326][ T6861] netlink: 14 bytes leftover after parsing attributes in process `syz.0.313'.
[   69.817333][ T6866] trusted_key: syz.1.315 sent an empty control message without MSG_MORE.
[   69.833680][ T6861] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   69.840373][ T6861] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   69.844994][ T6861] bond0 (unregistering): Released all slaves
[   69.972779][ T6769] veth0_vlan: entered promiscuous mode
[   69.980914][ T6769] veth1_vlan: entered promiscuous mode
[   69.999106][ T6769] veth0_macvtap: entered promiscuous mode
[   70.007980][ T6769] veth1_macvtap: entered promiscuous mode
[   70.019055][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.022631][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.026054][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.031069][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.034605][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.038613][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.043803][ T6769] batman_adv: batadv0: Interface activated: batadv_slave_0
[   70.052440][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.056338][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.060571][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.064452][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.068261][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.071858][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.077938][ T6769] batman_adv: batadv0: Interface activated: batadv_slave_1
[   70.084517][ T6769] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.088420][ T6769] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.092377][ T6769] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.095749][ T6769] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.135161][   T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.142206][   T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.154061][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.157811][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.316313][   T36] IPVS: starting estimator thread 0...
[   70.408901][ T6895] usb 1-1: USB disconnect, device number 2
[   70.416893][ T6889] IPVS: using max 21 ests per chain, 50400 per kthread
[   70.676902][ T5946] Bluetooth: hci0: command tx timeout
[   70.830465][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[   70.832707][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[   70.963716][   T40] audit: type=1326 audit(1742582665.371:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6934 comm="syz.0.342" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[   71.879597][ T6987] netlink: 16 bytes leftover after parsing attributes in process `syz.1.363'.
[   71.889723][ T6987] batman_adv: batadv0: Adding interface: ipvlan2
[   71.892472][ T6987] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.904950][ T6987] batman_adv: batadv0: Not using interface ipvlan2 (retrying later): interface not active
[   72.033555][ T6924] Set syz1 is full, maxelem 65536 reached
[   72.043287][   T40] audit: type=1326 audit(1742582666.451:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6991 comm="syz.4.364" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f31579 code=0x0
[   72.421526][ T7024] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   72.425450][ T7024] batadv_slave_0: entered promiscuous mode
[   72.565748][ T5985] libceph: connect (1)[c::]:6789 error -22
[   72.568865][ T5985] libceph: mon0 (1)[c::]:6789 connect error
[   72.756847][ T5946] Bluetooth: hci0: command tx timeout
[   72.827372][  T145] libceph: connect (1)[c::]:6789 error -22
[   72.829868][  T145] libceph: mon0 (1)[c::]:6789 connect error
[   73.352699][  T145] libceph: connect (1)[c::]:6789 error -22
[   73.357128][  T145] libceph: mon0 (1)[c::]:6789 connect error
[   73.385398][ T7031] ceph: No mds server is up or the cluster is laggy
[   73.460413][ T7086] dccp_invalid_packet: P.type (SYNC) not Data || [Data]Ack, while P.X == 0
[   73.679326][   T36] kernel write not supported for file [eventfd] (pid: 36 comm: kworker/3:0)
[   73.951072][ T7101] input: syz1 as /devices/virtual/input/input9
[   74.095234][ T7113] netlink: 'syz.3.410': attribute type 12 has an invalid length.
[   74.829032][ T5946] Bluetooth: hci0: command tx timeout
[   75.254988][ T7156] netfs: Couldn't get user pages (rc=-14)
[   75.257501][ T7156] netfs: Zero-sized read [R=2]
[   75.360931][ T7158] syzkaller1: entered promiscuous mode
[   75.363359][ T7158] syzkaller1: entered allmulticast mode
[   75.519847][ T7173] netlink: 'syz.1.438': attribute type 1 has an invalid length.
[   75.522634][ T7173] netlink: 68 bytes leftover after parsing attributes in process `syz.1.438'.
[   75.547231][ T7175] pim6reg1: entered promiscuous mode
[   75.549541][ T7175] pim6reg1: entered allmulticast mode
[   75.824202][ T7201] netlink: 40 bytes leftover after parsing attributes in process `syz.4.451'.
[   76.098699][ T7214] KVM: debugfs: duplicate directory 7214-5
[   76.251223][ T7216] mmap: syz.4.458 (7216) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   76.556278][ T7226] netlink: 96 bytes leftover after parsing attributes in process `syz.1.464'.
[   77.379194][ T7249] cgroup: fork rejected by pids controller in /syz0
[   77.500259][ T7300] vxcan0: tx drop: invalid sa for name 0x0000000000000001
[   77.525998][   T46] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.630153][   T46] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.683142][   T40] audit: type=1326 audit(1742582672.091:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.1.484" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf741e579 code=0x0
[   77.720466][   T46] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.732453][ T6701] libceph: connect (1)[c::]:6789 error -101
[   77.734989][ T6701] libceph: mon0 (1)[c::]:6789 connect error
[   77.798304][   T46] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.801450][   T10] libceph: connect (1)[b::]:6789 error -101
[   77.804749][   T10] libceph: mon0 (1)[b::]:6789 connect error
[   77.816201][ T5952] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   77.822173][ T5952] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   77.825885][ T5952] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   77.830575][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.834079][ T5952] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   77.838163][ T5952] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   77.926002][   T46] bridge_slave_1: left allmulticast mode
[   77.928353][   T46] bridge_slave_1: left promiscuous mode
[   77.930703][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.947191][   T46] bridge_slave_0: left allmulticast mode
[   77.949011][   T46] bridge_slave_0: left promiscuous mode
[   77.950671][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.007205][ T1465] libceph: connect (1)[c::]:6789 error -101
[   78.009687][ T1465] libceph: mon0 (1)[c::]:6789 connect error
[   78.067185][   T10] libceph: connect (1)[b::]:6789 error -101
[   78.070068][   T10] libceph: mon0 (1)[b::]:6789 connect error
[   78.499431][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   78.506247][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   78.513180][   T46] bond0 (unregistering): Released all slaves
[   78.517127][   T58] libceph: connect (1)[c::]:6789 error -101
[   78.522663][   T58] libceph: mon0 (1)[c::]:6789 connect error
[   78.563049][ T7315] ceph: No mds server is up or the cluster is laggy
[   78.563056][ T7319] ceph: No mds server is up or the cluster is laggy
[   78.577196][   T10] libceph: connect (1)[b::]:6789 error -101
[   78.579691][   T10] libceph: mon0 (1)[b::]:6789 connect error
[   78.584538][ T7322] chnl_net:caif_netlink_parms(): no params data found
[   78.749028][ T7322] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.752191][ T7322] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.754938][ T7322] bridge_slave_0: entered allmulticast mode
[   78.761012][ T7322] bridge_slave_0: entered promiscuous mode
[   78.783101][ T7322] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.785946][ T7322] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.790326][ T7322] bridge_slave_1: entered allmulticast mode
[   78.794800][ T7322] bridge_slave_1: entered promiscuous mode
[   78.830031][ T7322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.835047][ T7322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.839150][ T5939] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   78.872418][ T7322] team0: Port device team_slave_0 added
[   78.879090][ T7322] team0: Port device team_slave_1 added
[   78.914570][ T7322] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.916461][ T7322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.922601][ T7360] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1558365176 (199470742528 ns) > initial count (55482769792 ns). Using initial count to start timer.
[   78.925226][ T7322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.935228][ T7322] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.938636][ T7322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.947890][ T7322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.953522][   T46] hsr_slave_0: left promiscuous mode
[   78.956094][   T46] hsr_slave_1: left promiscuous mode
[   78.963005][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   78.965385][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[   78.978128][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   78.980737][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[   78.999075][ T5939] usb 5-1: Using ep0 maxpacket: 8
[   79.007457][   T46] veth1_macvtap: left promiscuous mode
[   79.009391][   T46] veth0_macvtap: left promiscuous mode
[   79.011536][   T46] veth1_vlan: left promiscuous mode
[   79.012097][ T5939] usb 5-1: config 0 has no interfaces?
[   79.013632][   T46] veth0_vlan: left promiscuous mode
[   79.026628][ T5939] usb 5-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[   79.029812][ T5939] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   79.032410][ T5939] usb 5-1: Product: syz
[   79.033761][ T5939] usb 5-1: Manufacturer: syz
[   79.035192][ T5939] usb 5-1: SerialNumber: syz
[   79.041816][ T5939] usb 5-1: config 0 descriptor??
[   79.274186][    T9] usb 5-1: USB disconnect, device number 2
[   79.322395][ T7372] netlink: 4 bytes leftover after parsing attributes in process `syz.3.503'.
[   79.868406][ T5946] Bluetooth: hci0: command tx timeout
[   79.881418][ T7384] syz.1.509: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   79.890518][ T7384] CPU: 1 UID: 0 PID: 7384 Comm: syz.1.509 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[   79.890542][ T7384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.890564][ T7384] Call Trace:
[   79.890569][ T7384]  <TASK>
[   79.890576][ T7384]  dump_stack_lvl+0x16c/0x1f0
[   79.890610][ T7384]  warn_alloc+0x24d/0x3a0
[   79.890640][ T7384]  ? __pfx_warn_alloc+0x10/0x10
[   79.890663][ T7384]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[   79.890692][ T7384]  ? kasan_save_stack+0x42/0x60
[   79.890715][ T7384]  ? kasan_save_stack+0x33/0x60
[   79.890737][ T7384]  ? kasan_save_track+0x14/0x30
[   79.890760][ T7384]  ? __kasan_kmalloc+0xaa/0xb0
[   79.890782][ T7384]  ? xskq_create+0x52/0x1d0
[   79.890799][ T7384]  ? do_sock_setsockopt+0x222/0x480
[   79.890871][ T7384]  ? __sys_setsockopt+0x1a0/0x230
[   79.890896][ T7384]  ? __ia32_sys_setsockopt+0xbc/0x160
[   79.890926][ T7384]  __vmalloc_node_range_noprof+0x10dc/0x1530
[   79.890958][ T7384]  ? xskq_create+0xfb/0x1d0
[   79.890982][ T7384]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   79.891012][ T7384]  ? xskq_create+0xfb/0x1d0
[   79.891031][ T7384]  vmalloc_user_noprof+0x6b/0x90
[   79.891053][ T7384]  ? xskq_create+0xfb/0x1d0
[   79.891070][ T7384]  xskq_create+0xfb/0x1d0
[   79.891090][ T7384]  xsk_setsockopt+0x757/0xa10
[   79.891109][ T7384]  ? __pfx_xsk_setsockopt+0x10/0x10
[   79.891133][ T7384]  ? find_held_lock+0x2d/0x110
[   79.891155][ T7384]  ? __pfx_xsk_setsockopt+0x10/0x10
[   79.891174][ T7384]  do_sock_setsockopt+0x222/0x480
[   79.891192][ T7384]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   79.891212][ T7384]  ? lock_acquire+0x2f/0xb0
[   79.891248][ T7384]  __sys_setsockopt+0x1a0/0x230
[   79.891277][ T7384]  __ia32_sys_setsockopt+0xbc/0x160
[   79.891301][ T7384]  ? lockdep_hardirqs_on+0x7c/0x110
[   79.891325][ T7384]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   79.891350][ T7384]  __do_fast_syscall_32+0x73/0x120
[   79.891377][ T7384]  do_fast_syscall_32+0x32/0x80
[   79.891400][ T7384]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.891445][ T7384] RIP: 0023:0xf741e579
[   79.891460][ T7384] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   79.891477][ T7384] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[   79.891494][ T7384] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b
[   79.891505][ T7384] RDX: 0000000000000002 RSI: 0000000080000900 RDI: 0000000000000004
[   79.891515][ T7384] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   79.891525][ T7384] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   79.891534][ T7384] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.891564][ T7384]  </TASK>
[   79.891571][ T7384] Mem-Info:
[   80.000421][ T7384] active_anon:6260 inactive_anon:0 isolated_anon:0
[   80.000421][ T7384]  active_file:1269 inactive_file:38170 isolated_file:0
[   80.000421][ T7384]  unevictable:1768 dirty:228 writeback:8
[   80.000421][ T7384]  slab_reclaimable:10023 slab_unreclaimable:57581
[   80.000421][ T7384]  mapped:23328 shmem:3504 pagetables:668
[   80.000421][ T7384]  sec_pagetables:294 bounce:0
[   80.000421][ T7384]  kernel_misc_reclaimable:0
[   80.000421][ T7384]  free:62805 free_pcp:1783 free_cma:0
[   80.019008][ T7384] Node 0 active_anon:1296kB inactive_anon:0kB active_file:0kB inactive_file:14692kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:4612kB dirty:12kB writeback:0kB shmem:3928kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9104kB pagetables:640kB sec_pagetables:1108kB all_unreclaimable? yes
[   80.030298][ T7384] Node 1 active_anon:23744kB inactive_anon:0kB active_file:5076kB inactive_file:137988kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:88700kB dirty:1000kB writeback:32kB shmem:10088kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:2684kB pagetables:2032kB sec_pagetables:68kB all_unreclaimable? no
[   80.045173][ T7384] Node 0 DMA free:3416kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:280kB local_pcp:48kB free_cma:0kB
[   80.055306][ T7384] lowmem_reserve[]: 0 294 294 294 294
[   80.057694][ T7384] Node 0 DMA32 free:33720kB boost:14336kB min:27896kB low:31284kB high:34672kB reserved_highatomic:4096KB active_anon:1296kB inactive_anon:0kB active_file:0kB inactive_file:14688kB unevictable:3536kB writepending:12kB present:1032196kB managed:301724kB mlocked:0kB bounce:0kB free_pcp:1804kB local_pcp:640kB free_cma:0kB
[   80.070017][ T7384] lowmem_reserve[]: 0 0 0 0 0
[   80.071881][ T7384] Node 1 DMA32 free:214084kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:23744kB inactive_anon:0kB active_file:5076kB inactive_file:137988kB unevictable:3536kB writepending:1032kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:4932kB local_pcp:1628kB free_cma:0kB
[   80.084081][ T7384] lowmem_reserve[]: 0 0 0 0 0
[   80.086143][ T7384] Node 0 DMA: 106*4kB (UM) 36*8kB (UM) 11*16kB (UM) 21*32kB (UM) 5*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 3416kB
[   80.097425][ T7384] Node 0 DMA32: 740*4kB (UH) 333*8kB (UMEH) 96*16kB (UMEH) 238*32kB (UMEH) 86*64kB (UMEH) 27*128kB (UMEH) 13*256kB (UMEH) 7*512kB (UMH) 3*1024kB (UE) 0*2048kB 0*4096kB = 33720kB
[   80.104018][ T7384] Node 1 DMA32: 310*4kB (UE) 503*8kB (UME) 291*16kB (UME) 144*32kB (UME) 147*64kB (UME) 58*128kB (UME) 33*256kB (UME) 14*512kB (UM) 9*1024kB (UME) 5*2048kB (UE) 36*4096kB (M) = 213888kB
[   80.111624][ T7384] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   80.115589][ T7384] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   80.119489][ T7384] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   80.123008][ T7384] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   80.126304][ T7384] 42945 total pagecache pages
[   80.128510][ T7384] 0 pages in swap cache
[   80.129972][ T7384] Free swap  = 124748kB
[   80.131451][ T7384] Total swap = 124996kB
[   80.132919][ T7384] 524155 pages RAM
[   80.134136][ T7384] 0 pages HighMem/MovableOnly
[   80.135705][ T7384] 207821 pages reserved
[   80.137457][ T7384] 0 pages cma reserved
[   80.201452][   T46] team0 (unregistering): Port device team_slave_1 removed
[   80.327532][   T46] team0 (unregistering): Port device team_slave_0 removed
[   81.107093][   T64] cfg80211: failed to load regulatory.db
[   81.185197][ T7372] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   81.190197][ T7372] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   81.193772][ T7372] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   81.197330][ T7372] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   81.203100][ T7372] vxlan0: entered promiscuous mode
[   81.327569][ T7322] hsr_slave_0: entered promiscuous mode
[   81.330447][ T7322] hsr_slave_1: entered promiscuous mode
[   81.333053][ T7322] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   81.335987][ T7322] Cannot create hsr debugfs directory
[   81.346300][   T40] audit: type=1326 audit(1742582675.751:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7403 comm="syz.3.518" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x0
[   81.552015][ T7322] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   81.560653][ T7322] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   81.570778][ T7322] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   81.583377][ T7322] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   81.601197][   T46] IPVS: stop unused estimator thread 0...
[   81.704569][ T7322] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.734108][ T7322] 8021q: adding VLAN 0 to HW filter on device team0
[   81.740259][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.752511][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.761689][   T66] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.764312][   T66] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.947163][ T5952] Bluetooth: hci4: command 0x1003 tx timeout
[   81.947206][ T5311] Bluetooth: hci0: command tx timeout
[   81.950324][ T5946] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   82.001782][ T7322] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.196199][ T7322] veth0_vlan: entered promiscuous mode
[   82.231190][ T7322] veth1_vlan: entered promiscuous mode
[   82.251551][ T7322] veth0_macvtap: entered promiscuous mode
[   82.260511][ T7322] veth1_macvtap: entered promiscuous mode
[   82.285400][ T7322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.303805][ T7322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.308671][ T7322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.314499][ T7322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.340278][ T7322] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.348632][ T7322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.368641][ T7322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.389259][ T7322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.405203][ T7322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.410138][ T7322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.414642][ T7322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.420298][ T7322] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.429376][ T7322] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.433187][ T7322] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.466408][ T7322] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.471828][ T7322] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.568727][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.571887][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.642508][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.645792][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.045527][ T5946] Bluetooth: hci0: command tx timeout
[   84.596421][ T7526] netlink: 4 bytes leftover after parsing attributes in process `syz.3.558'.
[   84.621105][ T7524] netlink: 8 bytes leftover after parsing attributes in process `syz.5.556'.
[   84.643018][ T7524] netlink: 'syz.5.556': attribute type 1 has an invalid length.
[   85.232335][ T7545] lo: entered promiscuous mode
[   85.236137][ T7545] lo: entered allmulticast mode
[   85.239729][ T7545] lo: left allmulticast mode
[   85.243435][ T7545] lo: left promiscuous mode
[   85.360530][   T10] libceph: connect (1)[c::]:6789 error -101
[   85.363035][   T10] libceph: mon0 (1)[c::]:6789 connect error
[   85.415861][   T65] libceph: connect (1)[b::]:6789 error -101
[   85.426957][   T65] libceph: mon0 (1)[b::]:6789 connect error
[   85.637258][ T6005] libceph: connect (1)[c::]:6789 error -101
[   85.639884][ T6005] libceph: mon0 (1)[c::]:6789 connect error
[   85.687257][   T65] libceph: connect (1)[b::]:6789 error -101
[   85.689491][   T65] libceph: mon0 (1)[b::]:6789 connect error
[   86.106828][ T5946] Bluetooth: hci0: command tx timeout
[   86.148805][ T6005] libceph: connect (1)[c::]:6789 error -101
[   86.151363][ T6005] libceph: mon0 (1)[c::]:6789 connect error
[   86.179772][ T7554] ceph: No mds server is up or the cluster is laggy
[   86.187111][ T7549] ceph: No mds server is up or the cluster is laggy
[   86.202951][   T65] libceph: connect (1)[b::]:6789 error -101
[   86.206947][   T65] libceph: mon0 (1)[b::]:6789 connect error
[   87.697069][ T6005] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   87.870168][ T6005] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   87.875041][ T6005] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   87.882573][ T6005] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   87.885962][ T6005] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.892880][ T7634] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   87.900808][ T6005] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[   87.966616][ T7661] tls_set_device_offload: netdev not found
[   88.168576][ T6701] usb 8-1: USB disconnect, device number 2
[   88.314848][ T7677] vcan0 speed is unknown, defaulting to 1000
[   88.323112][ T7677] vcan0 speed is unknown, defaulting to 1000
[   88.330710][ T7677] vcan0 speed is unknown, defaulting to 1000
[   88.419729][ T7677] infiniband syz1: set active
[   88.423338][   T65] vcan0 speed is unknown, defaulting to 1000
[   88.426060][ T7677] infiniband syz1: added vcan0
[   88.467227][ T7677] RDS/IB: syz1: added
[   88.469644][ T7677] smc: adding ib device syz1 with port count 1
[   88.472212][ T7677] smc:    ib device syz1 port 1 has pnetid 
[   88.476931][   T65] vcan0 speed is unknown, defaulting to 1000
[   88.482596][ T7677] vcan0 speed is unknown, defaulting to 1000
[   88.560522][ T7677] vcan0 speed is unknown, defaulting to 1000
[   88.631190][ T7677] vcan0 speed is unknown, defaulting to 1000
[   88.632353][   T40] audit: type=1800 audit(1742582683.041:13): pid=7689 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.618" name="file1" dev="tmpfs" ino=972 res=0 errno=0
[   88.703980][ T7677] vcan0 speed is unknown, defaulting to 1000
[   89.131203][ T7718] overlayfs: failed to clone upperpath
[   89.134876][ T7718] overlayfs: failed to clone upperpath
[   89.262176][ T7724] netlink: 4 bytes leftover after parsing attributes in process `syz.0.635'.
[   89.368282][ T7729] netlink: del zone limit has 4 unknown bytes
[   89.418750][ T7724] hsr_slave_1 (unregistering): left promiscuous mode
[   90.103047][ T7779] Bluetooth: MGMT ver 1.23
[   90.255705][ T7785] vcan0 speed is unknown, defaulting to 1000
[   90.277122][ T1465] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[   90.439582][ T1465] usb 10-1: Using ep0 maxpacket: 8
[   90.443519][ T1465] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[   90.446920][ T1465] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[   90.450982][ T1465] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[   90.455828][ T1465] usb 10-1: config 250 has no interface number 0
[   90.458526][ T1465] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[   90.462828][ T1465] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[   90.466876][ T1465] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[   90.471422][ T1465] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[   90.476198][ T1465] usb 10-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[   90.481417][ T1465] usb 10-1: config 250 interface 228 has no altsetting 0
[   90.485382][ T1465] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[   90.490440][ T1465] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[   90.493927][ T1465] usb 10-1: Product: syz
[   90.495739][ T1465] usb 10-1: SerialNumber: syz
[   90.500653][ T1465] hub 10-1:250.228: bad descriptor, ignoring hub
[   90.504004][ T1465] hub 10-1:250.228: probe with driver hub failed with error -5
[   90.726894][ T1465] usblp 10-1:250.228: usblp0: USB Bidirectional printer dev 2 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[   90.858048][ T7800] 
@ÿ: renamed from bond_slave_0 (while UP)
[   91.036975][ T1465] usb 10-1: USB disconnect, device number 2
[   91.041688][ T1465] usblp0: removed
[   91.367017][ T1465] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[   91.516846][ T1465] usb 10-1: Using ep0 maxpacket: 8
[   91.520729][ T1465] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[   91.523974][ T1465] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[   91.526462][ T1465] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[   91.529476][ T1465] usb 10-1: config 250 has no interface number 0
[   91.531494][ T1465] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[   91.534885][ T1465] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[   91.538015][ T1465] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[   91.541146][ T1465] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[   91.544182][ T1465] usb 10-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[   91.548716][ T1465] usb 10-1: config 250 interface 228 has no altsetting 0
[   91.552019][ T1465] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[   91.554573][ T1465] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[   91.557156][ T1465] usb 10-1: Product: syz
[   91.558618][ T1465] usb 10-1: SerialNumber: syz
[   91.562782][ T1465] hub 10-1:250.228: bad descriptor, ignoring hub
[   91.564902][ T1465] hub 10-1:250.228: probe with driver hub failed with error -5
[   91.771162][ T1465] usblp 10-1:250.228: usblp0: USB Bidirectional printer dev 3 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[   91.797130][ T1465] usb 10-1: USB disconnect, device number 3
[   91.799717][ T1465] usblp0: removed
[   92.475110][ T7871] netlink: 4 bytes leftover after parsing attributes in process `syz.5.698'.
[   92.797446][ T7887] tipc: Started in network mode
[   92.799263][ T7887] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[   92.801804][ T7887] tipc: Enabled bearer <eth:team0>, priority 0
[   92.921980][ T7895] netlink: 28 bytes leftover after parsing attributes in process `syz.1.708'.
[   93.284872][ T7919] kvm: Disabled LAPIC found during irq injection
[   93.816781][   T65] tipc: Node number set to 11578026
[   94.095410][ T7986] netlink: 'syz.0.748': attribute type 27 has an invalid length.
[   94.135546][ T7986] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.139671][ T7986] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.204697][ T7986] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   94.214847][ T7986] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   94.270284][ T7986] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.273716][ T7986] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.278523][ T7986] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.282201][ T7986] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.287973][ T7986] batman_adv: batadv0: Interface deactivated: ip6gretap1
[   94.294283][ T7986] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[   94.298078][ T7986] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[   94.301318][ T7986] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[   94.304550][ T7986] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[   94.331060][ T7989] 8021q: adding VLAN 0 to HW filter on device team0
[   94.340675][ T7989] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   94.513088][   T40] audit: type=1326 audit(1742582688.921:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8000 comm="syz.0.754" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[   95.459905][ T8027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.763'.
[   95.467318][ T8027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.763'.
[   95.471575][ T8027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.763'.
[   95.838207][   T40] audit: type=1326 audit(1742582690.251:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8017 comm="syz.3.760" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x7fc00000
[   95.849442][ T8047] batadv_slave_1: entered promiscuous mode
[   95.854703][ T8046] batadv_slave_1: left promiscuous mode
[   96.268795][ T8109] random: crng reseeded on system resumption
[   96.271944][ T8108] netlink: 8 bytes leftover after parsing attributes in process `syz.5.798'.
[   96.580863][   T64] libceph: connect (1)[c::]:6789 error -101
[   96.582708][   T64] libceph: mon0 (1)[c::]:6789 connect error
[   96.593119][ T8138] 9pnet: p9_errstr2errno: server reported unknown error ¤ÑÅl0î„
[   96.737873][ T8134] ceph: No mds server is up or the cluster is laggy
[   96.974200][ T8160] netlink: 'syz.1.817': attribute type 27 has an invalid length.
[   97.011819][ T8160] bridge0: port 2(bridge_slave_1) entered disabled state
[   97.015078][ T8160] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.081611][ T8160] batadv_slave_0: left promiscuous mode
[   97.088722][ T8160] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.145195][ T8160] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   97.148182][ T8160] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   97.151643][ T8160] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   97.154155][ T8160] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   97.164624][ T8160] ip6erspan0: left promiscuous mode
[   97.169330][   T31] vcan0 speed is unknown, defaulting to 1000
[   97.187304][ T8162] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.190768][ T8162] 8021q: adding VLAN 0 to HW filter on device team0
[   97.195766][ T8162] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   97.204283][ T1465] vcan0 speed is unknown, defaulting to 1000
[   97.208541][   T64] vcan0 speed is unknown, defaulting to 1000
[   97.408734][ T8175] overlayfs: failed to clone lowerpath
[   98.062808][ T8198] 8021q: adding VLAN 0 to HW filter on device bond1
[   98.151595][ T8198] bond1 (unregistering): Released all slaves
[   98.376297][ T1465] libceph: connect (1)[c::]:6789 error -101
[   98.379222][ T1465] libceph: mon0 (1)[c::]:6789 connect error
[   98.430482][ T8220] Invalid ELF header len 8
[   98.430823][   T36] libceph: connect (1)[c::]:6789 error -101
[   98.434859][   T36] libceph: mon0 (1)[c::]:6789 connect error
[   98.506770][ T8228] netlink: 'syz.3.843': attribute type 27 has an invalid length.
[   98.551204][ T8228] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.554140][ T8228] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.637146][   T31] libceph: connect (1)[c::]:6789 error -101
[   98.639562][   T31] libceph: mon0 (1)[c::]:6789 connect error
[   98.641443][ T8228] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   98.653077][ T8228] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   98.697253][   T36] libceph: connect (1)[c::]:6789 error -101
[   98.700493][   T36] libceph: mon0 (1)[c::]:6789 connect error
[   98.730455][ T8228] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.733538][ T8228] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.736078][ T8228] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.740543][ T8228] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.760585][ T8228] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[   98.763736][ T8228] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[   98.767288][ T8228] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[   98.770127][ T8228] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[   98.775668][ T8228] vxlan0: left promiscuous mode
[   98.793370][ T8233] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.797212][ T8233] 8021q: adding VLAN 0 to HW filter on device team0
[   98.802990][ T8233] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   98.956745][   T31] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   98.990544][ T8253] overlay: filesystem on ./bus not supported
[   99.106792][   T31] usb 5-1: Using ep0 maxpacket: 16
[   99.109974][   T31] usb 5-1: config 0 has no interfaces?
[   99.111722][   T31] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   99.115028][   T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.118570][   T31] usb 5-1: config 0 descriptor??
[   99.147904][   T31] libceph: connect (1)[c::]:6789 error -101
[   99.150480][   T31] libceph: mon0 (1)[c::]:6789 connect error
[   99.189388][ T8205] ceph: No mds server is up or the cluster is laggy
[   99.191725][ T8214] ceph: No mds server is up or the cluster is laggy
[   99.347122][ T6005] usb 5-1: USB disconnect, device number 3
[  100.395966][ T8314] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  100.400692][ T8314] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0000
[  100.658358][ T8318] netlink: 'syz.5.879': attribute type 27 has an invalid length.
[  100.692899][ T8318] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.696017][ T8318] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.708737][ T8318] tipc: Resetting bearer <eth:team0>
[  100.788530][ T8318] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.798480][ T8318] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.872900][ T8318] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.875562][ T8318] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.878321][ T8318] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.880915][ T8318] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  100.934656][ T8325] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.937246][ T8325] 8021q: adding VLAN 0 to HW filter on device team0
[  100.939799][ T8325] tipc: Resetting bearer <eth:team0>
[  100.949814][ T8325] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  101.150779][  T837] vcan0 speed is unknown, defaulting to 1000
[  101.153367][  T837] vcan0 speed is unknown, defaulting to 1000
[  101.334083][ T8357] netlink: 'syz.5.896': attribute type 1 has an invalid length.
[  101.337517][ T8357] netlink: 'syz.5.896': attribute type 4 has an invalid length.
[  101.340615][ T8357] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.896'.
[  101.398763][ T8361] Invalid ELF header len 8
[  101.403471][ T8364] netlink: 830 bytes leftover after parsing attributes in process `syz.1.901'.
[  101.408621][ T8365] netlink: 'syz.5.899': attribute type 27 has an invalid length.
[  101.437110][ T8365] tipc: Resetting bearer <eth:team0>
[  101.492950][ T8365] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.497932][ T8365] 8021q: adding VLAN 0 to HW filter on device team0
[  101.501298][ T8365] tipc: Resetting bearer <eth:team0>
[  101.505530][ T8365] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  101.614863][ T5946] Bluetooth: hci0: Malformed LE Event: 0x0d
[  101.640481][ T8373] cgroup: fork rejected by pids controller in /syz1
[  103.033146][   T40] audit: type=1326 audit(1742582697.441:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.0.919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  103.039562][   T40] audit: type=1326 audit(1742582697.441:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.0.919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  103.046019][   T40] audit: type=1326 audit(1742582697.441:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.0.919" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  103.052731][   T40] audit: type=1326 audit(1742582697.441:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.0.919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  103.058923][   T40] audit: type=1326 audit(1742582697.441:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.0.919" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  103.064970][   T40] audit: type=1326 audit(1742582697.441:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.0.919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  103.071509][   T40] audit: type=1326 audit(1742582697.441:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.0.919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  103.077849][   T40] audit: type=1326 audit(1742582697.441:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.0.919" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  103.084283][   T40] audit: type=1326 audit(1742582697.441:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.0.919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  103.090187][   T40] audit: type=1326 audit(1742582697.441:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12505 comm="syz.0.919" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  103.839787][T12528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.927'.
[  104.256782][   T10] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  104.406798][   T10] usb 8-1: Using ep0 maxpacket: 16
[  104.410333][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.414039][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.419997][   T10] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  104.427961][   T10] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  104.431072][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.434795][   T10] usb 8-1: config 0 descriptor??
[  104.848062][   T10] shield 0003:0955:7214.0003: unknown main item tag 0x0
[  104.850237][   T10] shield 0003:0955:7214.0003: unknown main item tag 0x0
[  104.852295][   T10] shield 0003:0955:7214.0003: unknown main item tag 0x0
[  104.854213][   T10] shield 0003:0955:7214.0003: unknown main item tag 0x0
[  104.856293][   T10] shield 0003:0955:7214.0003: unknown main item tag 0x0
[  104.861215][   T10] input: HID 0955:7214 Haptics as /devices/virtual/input/input10
[  104.876101][   T10] shield 0003:0955:7214.0003: Registered Thunderstrike controller
[  104.878907][   T10] shield 0003:0955:7214.0003: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0
[  105.049271][T12546] random: crng reseeded on system resumption
[  105.072398][    T9] usb 8-1: USB disconnect, device number 3
[  105.074888][   T10] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  105.085229][   T10] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  105.090558][   T10] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  105.094875][   T10] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  105.730736][T12630] netlink: 12 bytes leftover after parsing attributes in process `syz.3.971'.
[  106.485042][T12650] netlink: 4 bytes leftover after parsing attributes in process `syz.0.981'.
[  106.491378][T12650] netlink: 4 bytes leftover after parsing attributes in process `syz.0.981'.
[  106.496487][T12650] netlink: 4 bytes leftover after parsing attributes in process `syz.0.981'.
[  106.657214][T12664] overlayfs: failed to clone upperpath
[  106.674650][T12663] cgroup: fork rejected by pids controller in /syz3
[  106.703758][T12667] overlayfs: failed to clone lowerpath
[  107.140690][ T5311] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  107.145682][ T5311] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  107.150110][ T5311] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  107.154707][ T5311] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  107.161079][ T5311] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  107.164069][ T5311] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  107.190868][T12673] vcan0 speed is unknown, defaulting to 1000
[  107.300606][T12673] chnl_net:caif_netlink_parms(): no params data found
[  107.382704][T12673] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.385815][T12673] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.389244][T12673] bridge_slave_0: entered allmulticast mode
[  107.393038][T12673] bridge_slave_0: entered promiscuous mode
[  107.397844][T12673] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.401063][T12673] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.404412][T12673] bridge_slave_1: entered allmulticast mode
[  107.407678][T12673] bridge_slave_1: entered promiscuous mode
[  107.481814][T12673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.488195][T12673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.538435][T12673] team0: Port device team_slave_0 added
[  107.541706][T12673] team0: Port device team_slave_1 added
[  107.570753][T12673] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.573424][T12673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.596403][T12673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.600911][T12673] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.602924][T12673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.611165][T12673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.651075][T12673] hsr_slave_0: entered promiscuous mode
[  107.653158][T12673] hsr_slave_1: entered promiscuous mode
[  107.655167][T12673] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  107.658682][T12673] Cannot create hsr debugfs directory
[  107.753147][T12696] capability: warning: `syz.1.997' uses deprecated v2 capabilities in a way that may be insecure
[  108.075228][T12714] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  108.078089][T12714] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  108.083811][T12714] vhci_hcd vhci_hcd.0: Device attached
[  108.091889][T12715] vhci_hcd: connection closed
[  108.094769][   T13] vhci_hcd: stop threads
[  108.099319][   T13] vhci_hcd: release socket
[  108.107580][   T13] vhci_hcd: disconnect device
[  108.184438][T12673] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  108.197311][T12673] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  108.203060][T12673] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  108.215361][T12673] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  108.267655][T12673] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.279825][T12673] 8021q: adding VLAN 0 to HW filter on device team0
[  108.285752][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.288768][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.295355][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.298031][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.473609][T12673] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.503091][T12673] veth0_vlan: entered promiscuous mode
[  108.509321][T12673] veth1_vlan: entered promiscuous mode
[  108.530452][T12673] veth0_macvtap: entered promiscuous mode
[  108.535670][T12673] veth1_macvtap: entered promiscuous mode
[  108.546940][T12673] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.558912][T12673] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.563179][T12673] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.566302][T12673] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.569918][T12673] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.573397][T12673] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.636848][   T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.639702][   T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.685238][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.688913][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.226856][ T5946] Bluetooth: hci3: command tx timeout
[  109.270209][T12806] netlink: 'syz.1.1030': attribute type 3 has an invalid length.
[  109.272658][T12806] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1030'.
[  109.432656][T12816] netlink: 1032 bytes leftover after parsing attributes in process `syz.1.1035'.
[  110.118378][T12855] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1054'.
[  110.381210][T12867] netlink: 'syz.1.1059': attribute type 1 has an invalid length.
[  110.384760][T12867] netlink: 16179 bytes leftover after parsing attributes in process `syz.1.1059'.
[  110.715616][T12890] all: renamed from bridge_slave_0 (while UP)
[  110.715833][T12892] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1068'.
[  110.727492][T12892] netlink: 'syz.5.1068': attribute type 7 has an invalid length.
[  110.731277][T12892] netlink: 'syz.5.1068': attribute type 8 has an invalid length.
[  110.735881][T12892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1068'.
[  111.307070][ T5946] Bluetooth: hci3: command tx timeout
[  111.348642][T12918] ptrace attach of "/syz-executor exec"[12919] was attempted by "/syz-executor exec"[12918]
[  111.646840][   T10] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[  111.799258][   T10] usb 8-1: config 0 has no interfaces?
[  111.804691][   T10] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  111.808000][   T10] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  111.810924][   T10] usb 8-1: Product: syz
[  111.812495][   T10] usb 8-1: Manufacturer: syz
[  111.813973][   T10] usb 8-1: SerialNumber: syz
[  111.816376][   T10] usb 8-1: config 0 descriptor??
[  112.029467][ T1332] usb 8-1: USB disconnect, device number 4
[  112.206019][   T40] kauditd_printk_skb: 33 callbacks suppressed
[  112.206031][   T40] audit: type=1804 audit(1742582706.611:59): pid=12951 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1096" name="/newroot/292/file0" dev="tmpfs" ino=1543 res=1 errno=0
[  112.364598][T12958] syz.0.1100 (12958) used greatest stack depth: 20048 bytes left
[  112.521060][T12967] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1104'.
[  112.677896][T12981] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1111'.
[  112.723605][T12983] vcan0 speed is unknown, defaulting to 1000
[  113.336799][   T10] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  113.387063][ T5946] Bluetooth: hci3: command tx timeout
[  113.416884][T13044] netfs: Couldn't get user pages (rc=-14)
[  113.496814][   T10] usb 10-1: Using ep0 maxpacket: 16
[  113.502821][   T10] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  113.507838][   T10] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  113.513612][   T10] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  113.517312][   T10] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.522962][   T10] usb 10-1: config 0 descriptor??
[  113.933624][   T10] HID 045e:07da: Invalid code 65791 type 1
[  113.938813][   T10] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:045E:07DA.0004/input/input11
[  113.945168][   T10] microsoft 0003:045E:07DA.0004: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  114.241309][T13079] netfs: Couldn't get user pages (rc=-14)
[  114.486455][T13091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1156'.
[  114.488037][T13089] vcan0 speed is unknown, defaulting to 1000
[  114.733629][T13105] netlink: 'syz.0.1161': attribute type 7 has an invalid length.
[  114.736759][T13105] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1161'.
[  114.742922][ T1465] usb 10-1: USB disconnect, device number 4
[  114.804967][T13107] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1162'.
[  114.923562][T13111] hsr_slave_0: left promiscuous mode
[  114.926452][T13111] hsr_slave_1: left promiscuous mode
[  115.355540][T13130] overlayfs: failed to clone upperpath
[  115.476777][ T5946] Bluetooth: hci3: command tx timeout
[  115.487599][   T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  115.597768][T13145] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1926430720 (3852861440 ns) > initial count (2369312970 ns). Using initial count to start timer.
[  115.607606][T13145] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4234274794 (67748396704 ns) > initial count (26801589552 ns). Using initial count to start timer.
[  115.636811][   T10] usb 5-1: Using ep0 maxpacket: 16
[  115.640350][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.644655][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  115.648967][   T10] usb 5-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  115.652817][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.657532][   T10] usb 5-1: config 0 descriptor??
[  115.977023][T13155] vcan0 speed is unknown, defaulting to 1000
[  116.026580][   T40] audit: type=1326 audit(1742582710.431:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13154 comm="syz.3.1185" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x0
[  116.071023][   T10] kye 0003:0458:5016.0005: control desc unexpectedly large
[  116.076057][   T10] input: HID 0458:5016 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5016.0005/input/input12
[  116.158331][   T10] input: HID 0458:5016 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5016.0005/input/input13
[  116.215967][   T10] kye 0003:0458:5016.0005: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.0-1/input0
[  116.278002][   T10] usb 5-1: USB disconnect, device number 4
[  116.321112][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.324128][   T40] audit: type=1326 audit(1742582710.731:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13164 comm="syz.1.1187" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x0
[  116.331405][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.334047][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.337341][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.340353][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.343233][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.345342][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.348375][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.350823][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.353425][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.360401][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.363504][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.366362][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.369705][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.372881][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.376042][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.380562][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.384011][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.387502][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.390585][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.393333][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.395697][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.400730][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.403851][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.409173][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.412060][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.414752][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.418075][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.421325][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.424411][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.428067][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.430804][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.433587][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.436495][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.439957][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.443417][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.447418][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.449644][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.451860][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.454074][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.456318][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.460076][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.463619][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: unknown main item tag 0x0
[  116.470980][ T1465] hid-generic 0000:007F:FFFFFFFE.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  116.648361][T13178] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1191'.
[  117.342349][T13212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1204'.
[  117.679898][T13225] syz.3.1210 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  118.052989][   T40] audit: type=1804 audit(1742582712.461:62): pid=13243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1219" name="/newroot/56/file0/file0" dev="9p" ino=36831309 res=1 errno=0
[  118.282772][T13254] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1224'.
[  118.766818][  T837] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  118.916730][  T837] usb 8-1: Using ep0 maxpacket: 8
[  118.922098][  T837] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  118.926192][  T837] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  118.930102][  T837] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.934572][  T837] usb 8-1: config 0 descriptor??
[  119.026878][T13282] netlink: 'syz.0.1237': attribute type 7 has an invalid length.
[  119.031034][T13282] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1237'.
[  119.091130][   T64] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  119.156916][  T837] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  119.213197][   T40] audit: type=1326 audit(1742582713.621:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13290 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  119.222277][   T40] audit: type=1326 audit(1742582713.621:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13290 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  119.231500][   T40] audit: type=1326 audit(1742582713.621:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13290 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  119.240344][   T40] audit: type=1326 audit(1742582713.621:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13290 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  119.249425][   T40] audit: type=1326 audit(1742582713.621:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13290 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=40000003 syscall=75 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  119.258234][   T40] audit: type=1326 audit(1742582713.621:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13290 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  119.269434][   T40] audit: type=1326 audit(1742582713.621:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13290 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  119.277889][   T40] audit: type=1326 audit(1742582713.621:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13290 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=40000003 syscall=181 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  119.278566][   T64] usb 10-1: Using ep0 maxpacket: 16
[  119.297828][   T64] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.303464][   T64] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.308593][   T64] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  119.313649][   T64] usb 10-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  119.317456][   T64] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.321547][   T64] usb 10-1: config 0 descriptor??
[  119.373281][   T10] usb 8-1: USB disconnect, device number 5
[  119.434854][   T40] audit: type=1326 audit(1742582713.841:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13290 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000
[  119.746089][   T64] shield 0003:0955:7214.0007: unknown main item tag 0x0
[  119.752215][   T64] shield 0003:0955:7214.0007: unknown main item tag 0x0
[  119.755922][   T64] shield 0003:0955:7214.0007: unknown main item tag 0x0
[  119.760892][   T64] shield 0003:0955:7214.0007: unknown main item tag 0x0
[  119.764197][   T64] shield 0003:0955:7214.0007: unknown main item tag 0x0
[  119.771666][   T64] input: HID 0955:7214 Haptics as /devices/virtual/input/input14
[  119.790964][   T64] shield 0003:0955:7214.0007: Registered Thunderstrike controller
[  119.795799][   T64] shield 0003:0955:7214.0007: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.5-1/input0
[  119.947006][ T5985] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  119.952530][ T5939] usb 10-1: USB disconnect, device number 5
[  119.956746][ T5985] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  119.960611][ T5985] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  119.965097][ T5985] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  120.103764][ T1465] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  120.164921][    C0] vkms_vblank_simulate: vblank timer overrun
[  120.256765][ T1465] usb 5-1: Using ep0 maxpacket: 32
[  120.269815][ T1465] usb 5-1: config 0 interface 0 has no altsetting 0
[  120.276402][ T1465] usb 5-1: New USB device found, idVendor=0a5c, idProduct=2033, bcdDevice=39.2b
[  120.281926][ T1465] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.295009][ T1465] usb 5-1: Product: syz
[  120.296490][ T1465] usb 5-1: Manufacturer: syz
[  120.298520][ T1465] usb 5-1: SerialNumber: syz
[  120.303027][ T1465] usb 5-1: config 0 descriptor??
[  120.317886][ T1465] usb 5-1: Direct firmware load for BCM2033-MD.hex failed with error -2
[  120.321414][ T1465] usb 5-1: Falling back to sysfs fallback for: BCM2033-MD.hex
[  120.384890][T13329] netlink: 'syz.1.1256': attribute type 1 has an invalid length.
[  120.416408][T13329] netlink: 'syz.1.1256': attribute type 1 has an invalid length.
[  120.478673][T13332] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  120.487755][T13332] batman_adv: batadv0: Adding interface: ip6gretap1
[  120.490603][T13332] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.503409][T13332] batman_adv: batadv0: Interface activated: ip6gretap1
[  120.854749][ T5939] libceph: connect (1)[c::]:6789 error -22
[  120.857978][ T5939] libceph: mon0 (1)[c::]:6789 connect error
[  120.891933][T13344] ceph: No mds server is up or the cluster is laggy
[  121.096485][    C0] vkms_vblank_simulate: vblank timer overrun
[  121.262576][T13357] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1267'.
[  121.445685][T13374] netlink: 'syz.3.1274': attribute type 1 has an invalid length.
[  121.475337][T13374] netlink: 'syz.3.1274': attribute type 4 has an invalid length.
[  121.481799][T13374] netlink: 15363 bytes leftover after parsing attributes in process `syz.3.1274'.
[  121.549564][T13380] Invalid ELF header magic: != ELF
[  121.694602][T13390] netlink: 'syz.0.1282': attribute type 4 has an invalid length.
[  121.699166][T13388] netfs: Couldn't get user pages (rc=-14)
[  121.735050][T13390] netlink: 'syz.0.1282': attribute type 4 has an invalid length.
[  122.174194][T13415] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1292'.
[  122.178320][T13415] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1292'.
[  122.181408][T13415] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1292'.
[  122.185509][T13415] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1292'.
[  122.261596][ T6701] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  122.454116][ T6701] usb 8-1: Using ep0 maxpacket: 16
[  122.471345][ T6701] usb 8-1: unable to get BOS descriptor or descriptor too short
[  122.475782][ T6701] usb 8-1: unable to read config index 0 descriptor/start: -71
[  122.480253][ T6701] usb 8-1: can't read configurations, error -71
[  122.503196][T13433] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1300'.
[  123.127058][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  123.127091][   T40] audit: type=1326 audit(1742582717.541:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13421 comm="syz.0.1295" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73fe579 code=0x7fc00000
[  123.388038][   T40] audit: type=1326 audit(1742582717.801:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13436 comm="syz.5.1302" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf742e579 code=0x7fc00000
[  123.514523][    C0] vkms_vblank_simulate: vblank timer overrun
[  123.544081][   T40] audit: type=1326 audit(1742582717.951:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13459 comm="syz.1.1311" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf741e579 code=0x0
[  123.849366][T13471] 9pnet: p9_errstr2errno: server reported unknown error ¤ÑÅl0î„&IØü0‚Ñ(|9Ê’å0%cÞ»ØÞ¿¢
[  124.064162][T13477] vcan0 speed is unknown, defaulting to 1000
[  124.577516][T13503] netlink: 'syz.1.1326': attribute type 1 has an invalid length.
[  124.604227][T13503] 8021q: adding VLAN 0 to HW filter on device bond2
[  124.641871][T13503] 8021q: adding VLAN 0 to HW filter on device bond2
[  124.645512][T13503] bond2: (slave vcan1): The slave device specified does not support setting the MAC address
[  124.665923][T13503] bond2: (slave vcan1): Error -95 calling set_mac_address
[  125.290064][T13515] overlayfs: failed to clone upperpath
[  126.300048][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  126.636893][T13548] netlink: 'syz.3.1346': attribute type 1 has an invalid length.
[  126.661008][T13548] 8021q: adding VLAN 0 to HW filter on device bond1
[  126.728569][T13548] 8021q: adding VLAN 0 to HW filter on device bond1
[  126.731645][T13548] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[  126.739317][T13548] bond1: (slave vcan1): Error -95 calling set_mac_address
[  126.869267][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  127.054839][ T6701] hid-generic 0000:0003:0000.0008: unknown main item tag 0x0
[  127.083214][ T6701] hid-generic 0000:0003:0000.0008: unknown main item tag 0x0
[  127.099481][ T6701] hid-generic 0000:0003:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  127.106900][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  127.467155][ T5946] Bluetooth: hci0: command tx timeout
[  128.117109][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  128.357734][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  128.599494][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  128.767259][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  128.827850][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  128.868107][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  128.907445][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  129.579362][T13583] netlink: 'syz.0.1359': attribute type 1 has an invalid length.
[  129.607590][T13583] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.635383][T13583] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.643104][T13583] bond0: (slave vcan1): The slave device specified does not support setting the MAC address
[  129.649807][T13583] bond0: (slave vcan1): Error -95 calling set_mac_address
[  130.148373][T13612] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  130.190761][T13612] evm: overlay not supported
[  130.275250][T13617] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1376'.
[  130.282704][T13617] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  130.285895][T13617] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  130.289441][T13617] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  130.293251][T13617] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  130.302674][T13617] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  130.306122][T13617] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  130.309463][T13617] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  130.313029][T13617] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  130.618039][   T40] audit: type=1800 audit(1742582725.031:79): pid=13632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1382" name="file1" dev="overlay" ino=1036 res=0 errno=0
[  130.696486][T13637] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1384'.
[  130.975082][T13649] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  131.552437][T13667] netlink: 'syz.0.1397': attribute type 4 has an invalid length.
[  131.588570][T13671] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1399'.
[  131.674901][T13679] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1403'.
[  131.681951][T13679] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  131.685293][T13679] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  131.688963][T13679] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  131.692551][T13679] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  131.698812][T13679] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  131.702713][T13679] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  131.706136][T13679] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  131.711201][T13679] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  132.151367][T13695] vcan0 speed is unknown, defaulting to 1000
[  132.188004][    T9] hid-generic 0000:0003:0000.0009: unknown main item tag 0x0
[  132.190811][    T9] hid-generic 0000:0003:0000.0009: unknown main item tag 0x0
[  132.195040][    T9] hid-generic 0000:0003:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  132.268550][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  132.271162][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  132.435295][T13709] 9pnet: p9_errstr2errno: server reported unknown error `©Ó>+&ë
[  132.821009][T13730] vcan0 speed is unknown, defaulting to 1000
[  132.856234][T13732] syzkaller0: entered promiscuous mode
[  132.859288][T13732] syzkaller0: entered allmulticast mode
[  135.521745][T13742] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  137.809110][T13840] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1464'.
[  137.858083][T13842] IPv4: Oversized IP packet from 127.202.26.0
[  138.435025][T13867] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  138.466955][  T837] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  138.887761][  T837] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  138.897527][T13895] netlink: 'syz.1.1489': attribute type 3 has an invalid length.
[  138.902559][T13895] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1489'.
[  138.968067][T13901] tc_dump_action: action bad kind
[  139.434715][T13933] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1503'.
[  139.664933][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.669043][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.672636][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.676058][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.679958][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.683134][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.686615][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.694854][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.699187][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.702290][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.705260][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.708975][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.712025][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.716428][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.720405][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.723561][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.727182][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.730293][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.733452][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.736762][   T31] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  139.738170][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.743665][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.747524][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.751645][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.755094][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.759177][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.762769][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.765640][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.769361][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.772906][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.776132][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.780432][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.784530][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.788204][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.791405][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.794573][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.802732][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.805876][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.809846][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.813512][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.817526][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.820534][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.823587][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.826294][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  139.830073][ T5939] hid-generic 0000:007F:FFFFFFFE.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  139.901348][   T40] audit: type=1326 audit(1742582734.311:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13957 comm="syz.3.1514" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x0
[  139.927641][   T31] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  139.932059][   T31] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  139.936779][   T31] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  139.941592][   T31] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  139.966730][   T31] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  139.970343][   T31] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.975254][   T31] usb 10-1: config 0 descriptor??
[  139.983722][T13936] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  140.161313][ T6701] kernel write not supported for file [eventfd] (pid: 6701 comm: kworker/1:3)
[  140.402986][   T31] plantronics 0003:047F:FFFF.000B: unknown main item tag 0xd
[  140.407438][   T31] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  140.412312][   T31] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  140.661022][   T31] usb 10-1: USB disconnect, device number 6
[  140.848993][T13969] "syz.1.1518" (13969) uses obsolete ecb(arc4) skcipher
[  143.058396][T14024] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1539'.
[  144.100018][T14057] netlink: 'syz.3.1554': attribute type 1 has an invalid length.
[  144.319919][T14070] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.1560'.
[  144.323815][T14070] openvswitch: netlink: Message has 44053 unknown bytes.
[  144.935102][T14104] overlayfs: failed to clone upperpath
[  147.025404][T14172] GUP no longer grows the stack in syz.3.1602 (14172): 80004000-8000a000 (80002000)
[  147.031006][T14172] CPU: 3 UID: 0 PID: 14172 Comm: syz.3.1602 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  147.031031][T14172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.031039][T14172] Call Trace:
[  147.031044][T14172]  <TASK>
[  147.031051][T14172]  dump_stack_lvl+0x16c/0x1f0
[  147.031094][T14172]  gup_vma_lookup+0x1d2/0x220
[  147.031115][T14172]  __get_user_pages+0x236/0x36f0
[  147.031136][T14172]  ? find_held_lock+0x2d/0x110
[  147.031155][T14172]  ? mtree_load+0x30a/0xa40
[  147.031174][T14172]  ? __pfx_lock_release+0x10/0x10
[  147.031194][T14172]  ? __pfx___get_user_pages+0x10/0x10
[  147.031219][T14172]  get_user_pages_remote+0x25e/0xb30
[  147.031241][T14172]  ? __pfx_get_user_pages_remote+0x10/0x10
[  147.031277][T14172]  __access_remote_vm+0x235/0x7a0
[  147.031297][T14172]  ? __pfx___access_remote_vm+0x10/0x10
[  147.031310][T14172]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  147.031327][T14172]  proc_pid_cmdline_read+0x4f5/0x900
[  147.031346][T14172]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  147.031363][T14172]  ? rw_verify_area+0xcf/0x680
[  147.031379][T14172]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  147.031394][T14172]  vfs_readv+0x6c2/0x8a0
[  147.031409][T14172]  ? __pfx___lock_acquire+0x10/0x10
[  147.031433][T14172]  ? __pfx_vfs_readv+0x10/0x10
[  147.031453][T14172]  ? __fget_files+0x1fc/0x3a0
[  147.031471][T14172]  ? __pfx_lock_release+0x10/0x10
[  147.031499][T14172]  ? __fget_files+0x206/0x3a0
[  147.031524][T14172]  ? do_preadv+0x1b1/0x270
[  147.031540][T14172]  do_preadv+0x1b1/0x270
[  147.031559][T14172]  ? __pfx_do_preadv+0x10/0x10
[  147.031583][T14172]  __do_fast_syscall_32+0x73/0x120
[  147.031606][T14172]  do_fast_syscall_32+0x32/0x80
[  147.031628][T14172]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.031651][T14172] RIP: 0023:0xf73ee579
[  147.031663][T14172] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  147.031678][T14172] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 000000000000014d
[  147.031694][T14172] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  147.031703][T14172] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000
[  147.031712][T14172] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.031720][T14172] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  147.031728][T14172] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.031745][T14172]  </TASK>
[  147.625971][T14200] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  147.634309][T14200] overlayfs: failed to set xattr on upper
[  147.636800][T14200] overlayfs: ...falling back to redirect_dir=nofollow.
[  147.640776][T14200] overlayfs: ...falling back to index=off.
[  147.642969][T14200] overlayfs: ...falling back to uuid=null.
[  147.645060][T14200] overlayfs: ...falling back to xino=off.
[  148.018493][T14225] syz.3.1626: attempt to access beyond end of device
[  148.018493][T14225] loop7: rw=0, sector=0, nr_sectors = 1 limit=0
[  148.023363][T14225] FAT-fs (loop7): unable to read boot sector
[  148.899904][T14291] vcan0 speed is unknown, defaulting to 1000
[  148.997938][T14300] netlink: 'syz.5.1655': attribute type 1 has an invalid length.
[  149.003182][T14300] netlink: 'syz.5.1655': attribute type 4 has an invalid length.
[  149.007078][T14300] netlink: 15334 bytes leftover after parsing attributes in process `syz.5.1655'.
[  150.794034][T14346] overlayfs: statfs failed on './file0'
[  151.720353][T14396] overlayfs: failed to clone upperpath
[  152.915917][T14451] vcan0 speed is unknown, defaulting to 1000
[  153.002644][T14456] overlayfs: failed to clone upperpath
[  153.679036][T14473] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1725'.
[  154.893909][T14504] "syz.5.1738" (14504) uses obsolete ecb(arc4) skcipher
[  155.055014][T14511] erofs (device loop11): cannot find valid erofs superblock
[  155.343919][   T40] audit: type=1326 audit(1742582749.751:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14526 comm="syz.1.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7fc00000
[  155.441329][   T40] audit: type=1326 audit(1742582749.851:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14526 comm="syz.1.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf741e579 code=0x7fc00000
[  155.467834][   T40] audit: type=1326 audit(1742582749.851:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14526 comm="syz.1.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf741e5a7 code=0x7fc00000
[  155.482340][   T40] audit: type=1326 audit(1742582749.851:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14526 comm="syz.1.1746" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf741e579 code=0x7fc00000
[  155.881411][T14546] erofs (device loop7): cannot find valid erofs superblock
[  156.129868][   T40] audit: type=1326 audit(1742582750.531:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14551 comm="syz.3.1756" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73ee579 code=0x0
[  156.191222][T14558] "syz.1.1759" (14558) uses obsolete ecb(arc4) skcipher
[  157.103903][T14596] vcan0 speed is unknown, defaulting to 1000
[  157.108214][T14597] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1770'.
[  157.276385][T14607] 9pnet: p9_errstr2errno: server reported unknown error `©Ó>+&ë
[  158.512070][T14649] 9pnet: p9_errstr2errno: server reported unknown error `©Ó>+&ë
[  158.812195][T14657] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1797'.
[  158.981479][    T9] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  159.137016][    T9] usb 8-1: Using ep0 maxpacket: 16
[  159.140756][    T9] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  159.144628][    T9] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  159.148293][    T9] usb 8-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  159.151919][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.157252][    T9] usb 8-1: config 0 descriptor??
[  159.365283][  T837] usb 8-1: USB disconnect, device number 8
[  161.397564][T14705] netlink: 'syz.5.1817': attribute type 4 has an invalid length.
[  161.428202][   T40] audit: type=1326 audit(1742582755.831:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14700 comm="syz.0.1814" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73fe579 code=0x0
[  163.516793][T14754] IPv4: Oversized IP packet from 127.202.26.0
[  164.774643][T14809] netlink: 'syz.0.1857': attribute type 3 has an invalid length.
[  164.777976][T14809] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1857'.
[  164.788295][T14809] tc_dump_action: action bad kind
[  164.961771][T14817] bond0: (slave rose0): Error: Device can not be enslaved while up
[  165.204401][T14828] netlink: 'syz.0.1862': attribute type 4 has an invalid length.
[  166.095317][   T40] audit: type=1800 audit(1742582760.501:87): pid=14839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1870" name="bus" dev="9p" ino=36831327 res=0 errno=0
[  166.620826][ T5311] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  166.627031][ T5311] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  166.635789][ T5311] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  166.641519][ T5311] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  166.646473][ T5311] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  166.650006][ T5311] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  166.685955][T14855] vcan0 speed is unknown, defaulting to 1000
[  166.721449][T14860] overlayfs: failed to decode file handle (len=6, type=0, flags=0, err=-22)
[  166.853319][T14855] chnl_net:caif_netlink_parms(): no params data found
[  167.084091][T14855] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.087437][T14855] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.090542][T14855] bridge_slave_0: entered allmulticast mode
[  167.094160][T14855] bridge_slave_0: entered promiscuous mode
[  167.099037][T14855] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.102582][T14855] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.110349][T14855] bridge_slave_1: entered allmulticast mode
[  167.113291][T14855] bridge_slave_1: entered promiscuous mode
[  167.162489][T14877] fuse: root generation should be zero
[  167.320145][T14855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  167.328609][T14855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  167.379757][T14855] team0: Port device team_slave_0 added
[  167.386563][T14855] team0: Port device team_slave_1 added
[  167.445559][T14855] batman_adv: batadv0: Adding interface: batadv_slave_0
[  167.448427][T14855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.457667][T14855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.463104][T14855] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.466190][T14855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.467027][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  167.478976][T14855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  167.534602][T14855] hsr_slave_0: entered promiscuous mode
[  167.537526][T14855] hsr_slave_1: entered promiscuous mode
[  167.717818][T14855] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  167.728022][T14855] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  167.749013][T14855] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  167.755079][T14855] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  167.812176][T14855] 8021q: adding VLAN 0 to HW filter on device bond0
[  167.883540][T14855] 8021q: adding VLAN 0 to HW filter on device team0
[  167.897518][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[  167.900535][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  167.907304][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[  167.910678][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.990452][T14897] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1893'.
[  168.125543][T14855] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.384829][T14855] veth0_vlan: entered promiscuous mode
[  168.392404][T14855] veth1_vlan: entered promiscuous mode
[  168.409836][T14855] veth0_macvtap: entered promiscuous mode
[  168.414167][T14855] veth1_macvtap: entered promiscuous mode
[  168.424412][T14855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.429092][T14855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.434097][T14855] batman_adv: batadv0: Interface activated: batadv_slave_0
[  168.442863][T14855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.448248][T14855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.453829][T14855] batman_adv: batadv0: Interface activated: batadv_slave_1
[  168.460664][T14855] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.464395][T14855] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.469881][T14855] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.473367][T14855] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  168.523009][  T101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.525876][  T101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.544599][   T84] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.548120][   T84] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.719039][T14930] netlink: 'syz.6.1876': attribute type 4 has an invalid length.
[  168.757216][ T5946] Bluetooth: hci0: command tx timeout
[  169.188719][T14946] "syz.3.1907" (14946) uses obsolete ecb(arc4) skcipher
[  170.648855][T14982] netlink: 'syz.1.1922': attribute type 4 has an invalid length.
[  170.665192][   T40] audit: type=1326 audit(1742582765.071:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14983 comm="syz.0.1923" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0
[  170.836848][ T5946] Bluetooth: hci0: command tx timeout
[  170.880407][T14957] Set syz1 is full, maxelem 65536 reached
[  172.906823][ T5946] Bluetooth: hci0: command tx timeout
[  173.223212][T15049] netfs: Couldn't get user pages (rc=-14)
[  174.986845][ T5946] Bluetooth: hci0: command tx timeout
[  175.029419][T15093] overlayfs: failed to clone upperpath
[  176.546914][   T10] usb 11-1: new high-speed USB device number 2 using dummy_hcd
[  176.696847][   T10] usb 11-1: Using ep0 maxpacket: 16
[  176.700740][   T10] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  176.705031][   T10] usb 11-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  176.709822][   T10] usb 11-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  176.716081][   T10] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.720993][   T10] usb 11-1: config 0 descriptor??
[  176.933992][ T8161] usb 11-1: USB disconnect, device number 2
[  177.052187][T15144] overlayfs: failed to clone upperpath
[  177.315784][T15152] gtp0: entered promiscuous mode
[  177.510610][T15161] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1993'.
[  177.519094][T15161] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.523642][T15162] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  177.526356][T15162] overlayfs: failed to set xattr on upper
[  177.528627][T15162] overlayfs: ...falling back to redirect_dir=nofollow.
[  177.531224][T15162] overlayfs: ...falling back to index=off.
[  177.533449][T15162] overlayfs: ...falling back to uuid=null.
[  177.535661][T15162] overlayfs: ...falling back to xino=off.
[  177.658284][T15161] bridge_slave_1 (unregistering): left allmulticast mode
[  177.662162][T15161] bridge_slave_1 (unregistering): left promiscuous mode
[  177.667860][T15161] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.688408][T15171] netfs: Couldn't get user pages (rc=-14)
[  177.986271][T15193] Bluetooth: MGMT ver 1.23
[  178.637783][T15228] gtp0: entered promiscuous mode
[  178.953311][T15244] netfs: Couldn't get user pages (rc=-14)
[  179.528624][T15283] overlayfs: failed to clone upperpath
[  180.010248][T15322] netlink: 'syz.1.2059': attribute type 1 has an invalid length.
[  180.013317][T15322] netlink: 'syz.1.2059': attribute type 4 has an invalid length.
[  180.016263][T15322] netlink: 15334 bytes leftover after parsing attributes in process `syz.1.2059'.
[  181.248252][T15346] netfs: Couldn't get user pages (rc=-14)
[  182.715837][T15406] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  182.720539][T15406] overlayfs: failed to set xattr on upper
[  182.724142][T15406] overlayfs: ...falling back to redirect_dir=nofollow.
[  182.728389][T15406] overlayfs: ...falling back to index=off.
[  182.730744][T15406] overlayfs: ...falling back to uuid=null.
[  183.030875][ T5311] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  183.035052][ T5311] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  183.041392][ T5311] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  183.051504][ T5311] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  183.054419][ T5311] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  183.062075][ T5311] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  183.090646][T15416] vcan0 speed is unknown, defaulting to 1000
[  183.255310][T15416] chnl_net:caif_netlink_parms(): no params data found
[  183.401132][T15416] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.405004][T15416] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.416873][T15416] bridge_slave_0: entered allmulticast mode
[  183.420711][T15416] bridge_slave_0: entered promiscuous mode
[  183.425965][T15416] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.428991][T15416] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.432110][T15416] bridge_slave_1: entered allmulticast mode
[  183.435805][T15416] bridge_slave_1: entered promiscuous mode
[  183.491350][ T1465] Bluetooth: Mini driver request failed
[  183.494660][ T1465] bcm203x 5-1:0.0: probe with driver bcm203x failed with error -5
[  183.509660][T15416] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  183.513591][ T1465] usb 5-1: USB disconnect, device number 5
[  183.524703][T15416] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  183.602771][T15416] team0: Port device team_slave_0 added
[  183.612640][T15416] team0: Port device team_slave_1 added
[  183.717069][T15416] batman_adv: batadv0: Adding interface: batadv_slave_0
[  183.720454][T15416] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.732230][T15416] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  183.759765][T15416] batman_adv: batadv0: Adding interface: batadv_slave_1
[  183.762677][T15416] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.773530][T15416] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  183.851812][T15416] hsr_slave_0: entered promiscuous mode
[  183.855308][T15416] hsr_slave_1: entered promiscuous mode
[  183.862896][T15416] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  183.866201][T15416] Cannot create hsr debugfs directory
[  184.025802][T15416] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  184.054836][T15416] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  184.071039][T15416] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  184.146521][T15457] overlayfs: failed to clone upperpath
[  184.148815][T15416] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  184.370349][T15416] 8021q: adding VLAN 0 to HW filter on device bond0
[  184.384844][T15416] 8021q: adding VLAN 0 to HW filter on device team0
[  184.478276][  T101] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.481007][  T101] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.484799][  T101] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.487283][  T101] bridge0: port 2(bridge_slave_1) entered forwarding state
[  184.533345][T15416] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  184.548090][T15416] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  184.793206][T15475] »»»»»»aaaaaaaaa: renamed from lo
[  184.824661][T15416] 8021q: adding VLAN 0 to HW filter on device batadv0
[  185.109173][T15416] veth0_vlan: entered promiscuous mode
[  185.121798][T15416] veth1_vlan: entered promiscuous mode
[  185.148183][ T5311] Bluetooth: hci1: command tx timeout
[  185.158465][T15416] veth0_macvtap: entered promiscuous mode
[  185.173169][T15416] veth1_macvtap: entered promiscuous mode
[  185.211178][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.231661][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.235733][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  185.240153][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.253924][T15416] batman_adv: batadv0: Interface activated: batadv_slave_0
[  185.281640][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.288026][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.296023][T15416] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  185.300839][T15416] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  185.306245][T15416] batman_adv: batadv0: Interface activated: batadv_slave_1
[  185.314617][T15416] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  185.320374][T15504] Invalid ELF header magic: != ELF
[  185.323894][T15416] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  185.328474][T15416] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  185.332627][T15416] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  185.400492][   T84] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  185.403733][   T84] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  185.409193][   T84] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  185.413629][   T84] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  185.633440][T15452] Set syz1 is full, maxelem 65536 reached
[  185.646323][T15513] Invalid ELF header magic: != ELF
[  186.784849][T15539] Set syz1 is full, maxelem 65536 reached
[  186.790905][T15541] »»»»»»aaaaaaaaa: renamed from lo (while UP)
[  187.030283][T15557] netlink: 'syz.6.2147': attribute type 1 has an invalid length.
[  187.055814][T15557] 8021q: adding VLAN 0 to HW filter on device bond1
[  187.062010][T15553] netlink: 'syz.7.2144': attribute type 1 has an invalid length.
[  187.066140][T15553] netlink: 208292 bytes leftover after parsing attributes in process `syz.7.2144'.
[  187.071356][T15553] netlink: 'syz.7.2144': attribute type 2 has an invalid length.
[  187.072653][T15559] vcan0 speed is unknown, defaulting to 1000
[  187.074266][T15553] netlink: 'syz.7.2144': attribute type 1 has an invalid length.
[  187.088361][T15557] bond1: (slave ip6gretap1): making interface the new active one
[  187.097013][T15557] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  187.227142][ T5311] Bluetooth: hci1: command tx timeout
[  187.433361][T15559] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2148'.
[  187.534891][T15590] netlink: 'syz.1.2160': attribute type 1 has an invalid length.
[  187.559374][T15590] 8021q: adding VLAN 0 to HW filter on device bond3
[  187.587681][T15590] bond3: (slave ip6gretap2): making interface the new active one
[  187.591350][T15590] bond3: (slave ip6gretap2): Enslaving as an active interface with an up link
[  188.893774][T15659] vcan0 speed is unknown, defaulting to 1000
[  189.118260][   T40] audit: type=1326 audit(1742582783.531:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15662 comm="syz.3.2190" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7fc00000
[  189.130864][   T40] audit: type=1326 audit(1742582783.541:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15662 comm="syz.3.2190" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73ee579 code=0x7fc00000
[  189.183549][T15659] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2189'.
[  189.306825][ T5311] Bluetooth: hci1: command tx timeout
[  189.435771][   T40] audit: type=1326 audit(1742582783.841:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.7.2192" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000
[  189.446714][   T40] audit: type=1326 audit(1742582783.841:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.7.2192" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000
[  189.456515][   T40] audit: type=1326 audit(1742582783.861:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.7.2192" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f06579 code=0x7ffc0000
[  189.467345][   T40] audit: type=1326 audit(1742582783.861:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.7.2192" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000
[  189.475462][   T40] audit: type=1326 audit(1742582783.861:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.7.2192" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000
[  189.484632][   T40] audit: type=1326 audit(1742582783.861:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.7.2192" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f06579 code=0x7ffc0000
[  189.492997][   T40] audit: type=1326 audit(1742582783.861:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.7.2192" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000
[  189.501239][   T40] audit: type=1326 audit(1742582783.861:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15670 comm="syz.7.2192" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000
[  189.670804][T15675] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  189.926487][T15689] overlayfs: failed to clone upperpath
[  190.186684][T15710] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2208'.
[  190.302821][T15718] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  190.355706][T15724] overlayfs: failed to clone upperpath
[  190.487893][T15729] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  190.492397][T15729] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  190.823998][T15748] Invalid option length (1025206) for dns_resolver key
[  191.090477][T15774] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input16
[  191.387767][ T5311] Bluetooth: hci1: command tx timeout
[  191.738114][T15810] Invalid ELF header magic: != ELF
[  192.291245][T15831] Invalid option length (1025206) for dns_resolver key
[  192.385383][T15838] Invalid ELF header magic: != ELF
[  192.451720][T15841] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  192.588447][T15853] overlayfs: failed to clone upperpath
[  192.775330][T15867] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2282'.
[  192.884014][T15877] overlayfs: failed to clone upperpath
[  192.961942][T15882] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input17
[  193.635022][T15928] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  193.708522][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  193.711233][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  194.680829][   T40] kauditd_printk_skb: 15 callbacks suppressed
[  194.680845][   T40] audit: type=1326 audit(1742582789.091:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15943 comm="syz.7.2316" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7fc00000
[  197.274088][T16009] overlayfs: failed to clone upperpath
[  197.557421][ T5311] Bluetooth: hci3: command 0x0c1a tx timeout
[  197.559199][T15985] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  198.385972][T15985] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  198.396293][T15985] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  198.403291][T15985] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  198.405638][T15985] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  198.413046][T15985] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  198.417005][T15985] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  198.419415][T15985] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  198.423732][T15985] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  198.748123][T16078] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2368'.
[  198.908045][T16091] overlayfs: failed to clone upperpath
[  199.008316][T16102] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 16102 comm: syz.6.2379)
[  199.014170][   T40] audit: type=1800 audit(1742582793.421:115): pid=16102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2379" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=36554 res=0 errno=0
[  199.305963][T16122] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2387'.
[  199.320845][T16122] bond1: entered promiscuous mode
[  199.322904][T16122] bond1: entered allmulticast mode
[  199.332465][T16122] batadv1: entered promiscuous mode
[  199.334589][T16122] batadv1: entered allmulticast mode
[  199.339294][T16122] 8021q: adding VLAN 0 to HW filter on device batadv1
[  199.342849][T16122] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  199.626897][ T5311] Bluetooth: hci3: command 0x0c1a tx timeout
[  199.712073][   T40] audit: type=1326 audit(1742582794.121:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16138 comm="syz.3.2394" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7fc00000
[  199.966749][T16153] Invalid ELF header magic: != ELF
[  200.426980][ T5311] Bluetooth: hci1: command 0x0c1a tx timeout
[  200.428145][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout
[  200.430822][   T40] audit: type=1326 audit(1742582794.841:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16138 comm="syz.3.2394" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73ee579 code=0x7fc00000
[  200.599684][T16186] netlink: 372 bytes leftover after parsing attributes in process `syz.3.2414'.
[  200.834562][T16200] netlink: 'syz.7.2419': attribute type 1 has an invalid length.
[  200.870446][T16200] 8021q: adding VLAN 0 to HW filter on device bond2
[  200.903043][T16209] Invalid ELF header magic: != ELF
[  200.984161][T16200] bond2: (slave gretap1): making interface the new active one
[  200.987642][T16200] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  201.040600][T16214] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2424'.
[  201.046305][T16214] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2424'.
[  201.052645][T16214] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2424'.
[  201.056911][T16214] netlink: 9 bytes leftover after parsing attributes in process `syz.6.2424'.
[  201.154537][ T5946] block nbd0: Receive control failed (result -32)
[  201.716788][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  202.203487][   T40] audit: type=1326 audit(1742582796.611:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16277 comm="syz.1.2453" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x0
[  202.219556][   T40] audit: type=1804 audit(1742582796.621:119): pid=16286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.2455" name="/newroot/130/file0" dev="tmpfs" ino=736 res=1 errno=0
[  202.507292][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout
[  202.512205][ T5946] Bluetooth: hci1: command 0x0c1a tx timeout
[  202.524953][ T5946] block nbd3: Receive control failed (result -107)
[  202.606976][T16303] nbd3: detected capacity change from 0 to 72456
[  202.611950][T16303] block nbd3: Dead connection, failed to find a fallback
[  202.615329][T16303] block nbd3: shutting down sockets
[  202.621485][T16303] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  202.630984][T16303] Buffer I/O error on dev nbd3, logical block 0, async page read
[  202.637879][T16303] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  202.641533][T16303] Buffer I/O error on dev nbd3, logical block 0, async page read
[  202.647071][T16303] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  202.651285][T16303] Buffer I/O error on dev nbd3, logical block 0, async page read
[  202.654463][T16303] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  202.658034][T16303] Buffer I/O error on dev nbd3, logical block 0, async page read
[  202.661211][T16303] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  202.664914][T16303] Buffer I/O error on dev nbd3, logical block 0, async page read
[  202.668557][T16303] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  202.672781][T16303] Buffer I/O error on dev nbd3, logical block 0, async page read
[  202.677054][T16303] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  202.680653][T16303] Buffer I/O error on dev nbd3, logical block 0, async page read
[  202.685617][T16303] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  202.689412][T16303] Buffer I/O error on dev nbd3, logical block 0, async page read
[  202.692957][T16303] ldm_validate_partition_table(): Disk read failed.
[  202.696109][T16303] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  202.707109][T16303] Buffer I/O error on dev nbd3, logical block 0, async page read
[  202.711469][T16303] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  202.715579][T16303] Buffer I/O error on dev nbd3, logical block 0, async page read
[  202.720884][T16303] Dev nbd3: unable to read RDB block 0
[  202.724782][T16303]  nbd3: unable to read partition table
[  202.908617][T16320] netlink: 'syz.3.2470': attribute type 10 has an invalid length.
[  202.913084][T16320] syz_tun: entered promiscuous mode
[  202.919852][T16320] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  203.080663][T16326] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2473'.
[  203.097912][T16326] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  203.104375][T16326] batadv_slave_0: entered promiscuous mode
[  203.120212][T16312] ptrace attach of ""[16313] was attempted by "/syz-executor exec"[16312]
[  203.529109][T16344] tap0: tun_chr_ioctl cmd 1074025677
[  203.532035][T16344] tap0: linktype set to 825
[  203.718272][   T40] audit: type=1800 audit(1742582798.131:120): pid=16350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2484" name="file1" dev="tmpfs" ino=779 res=0 errno=0
[  204.586941][ T5311] Bluetooth: hci1: command 0x0c1a tx timeout
[  204.587120][ T5952] Bluetooth: hci0: command 0x0c1a tx timeout
[  204.910611][   T65] libceph: connect (1)[c::]:6789 error -101
[  204.913071][   T65] libceph: mon0 (1)[c::]:6789 connect error
[  205.174636][   T65] libceph: connect (1)[c::]:6789 error -101
[  205.177569][   T65] libceph: mon0 (1)[c::]:6789 connect error
[  205.585990][T16387] ceph: No mds server is up or the cluster is laggy
[  206.667072][ T5952] Bluetooth: hci1: command 0x0c1a tx timeout
[  206.749928][T16464] Illegal XDP return value 4294967274 on prog  (id 478) dev syz_tun, expect packet loss!
[  206.922636][T16478] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2532'.
[  206.924852][   T40] audit: type=1326 audit(1742582801.331:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16472 comm="syz.7.2531" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x0
[  207.056273][  T836] libceph: connect (1)[c::]:6789 error -101
[  207.060270][  T836] libceph: mon0 (1)[c::]:6789 connect error
[  207.202421][T16482] ceph: No mds server is up or the cluster is laggy
[  208.527883][T16529] netlink: 'syz.7.2548': attribute type 1 has an invalid length.
[  208.530750][T16529] netlink: 134708 bytes leftover after parsing attributes in process `syz.7.2548'.
[  208.943630][T16560] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2560'.
[  210.976448][T16590] ------------[ cut here ]------------
[  210.980123][T16590] refcount_t: underflow; use-after-free.
[  210.983462][T16590] WARNING: CPU: 0 PID: 16590 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210
[  210.988363][T16590] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  210.990479][T16590] CPU: 0 UID: 0 PID: 16590 Comm: syz.6.2574 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  210.998293][T16590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  211.015036][T16590] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  211.017505][T16590] Code: ff 89 de e8 e8 34 f7 fc 84 db 0f 85 66 ff ff ff e8 3b 3a f7 fc c6 05 ef 62 88 0b 01 90 48 c7 c7 e0 06 d3 8b e8 27 6b b7 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 18 3a f7 fc 0f b6 1d ca 62 88 0b 31
[  211.028315][T16590] RSP: 0018:ffffc9000c66f9b8 EFLAGS: 00010282
[  211.030713][T16590] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc900264a9000
[  211.035719][T16590] RDX: 0000000000080000 RSI: ffffffff817a2276 RDI: 0000000000000001
[  211.039485][T16590] RBP: ffff88805d3ce150 R08: 0000000000000001 R09: 0000000000000000
[  211.042904][T16590] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[  211.047242][T16590] R13: 0000000000000000 R14: ffff88805d3ce150 R15: ffff88805f552000
[  211.050179][T16590] FS:  0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f5026b40
[  211.053720][T16590] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  211.056901][T16590] CR2: 00000000f5044da4 CR3: 0000000068f0a000 CR4: 0000000000352ef0
[  211.060867][T16590] DR0: 0000000000000003 DR1: 0000000000000002 DR2: 0000000000000008
[  211.064266][T16590] DR3: 1000000100000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  211.069251][T16590] Call Trace:
[  211.071372][T16590]  <TASK>
[  211.072915][T16590]  ? __warn+0xea/0x3c0
[  211.074961][T16590]  ? preempt_schedule_notrace+0x62/0xe0
[  211.077871][T16590]  ? refcount_warn_saturate+0x14a/0x210
[  211.080833][T16590]  ? report_bug+0x3c0/0x580
[  211.084925][T16590]  ? handle_bug+0x54/0xa0
[  211.087412][T16590]  ? exc_invalid_op+0x17/0x50
[  211.090666][T16590]  ? asm_exc_invalid_op+0x1a/0x20
[  211.093367][T16590]  ? __warn_printk+0x1a6/0x350
[  211.096101][T16590]  ? refcount_warn_saturate+0x14a/0x210
[  211.098744][T16590]  ? refcount_warn_saturate+0x149/0x210
[  211.101085][T16590]  io_tx_ubuf_complete+0x236/0x280
[  211.103340][T16590]  ? __io_submit_flush_completions+0xb85/0x1df0
[  211.105788][T16590]  io_send_zc_cleanup+0x8a/0x1c0
[  211.108151][T16590]  ? __pfx_io_send_zc_cleanup+0x10/0x10
[  211.110380][T16590]  __io_submit_flush_completions+0xcb3/0x1df0
[  211.112827][T16590]  ctx_flush_and_put.constprop.0+0x9a/0x410
[  211.115225][T16590]  io_handle_tw_list+0x3df/0x540
[  211.117521][T16590]  ? __pfx_io_handle_tw_list+0x10/0x10
[  211.120677][T16590]  ? lock_acquire.part.0+0x11b/0x380
[  211.123974][T16590]  ? find_held_lock+0x2d/0x110
[  211.126194][T16590]  tctx_task_work_run+0xac/0x390
[  211.128303][T16590]  tctx_task_work+0x7b/0xd0
[  211.130246][T16590]  ? __pfx_tctx_task_work+0x10/0x10
[  211.132397][T16590]  ? _raw_spin_unlock_irq+0x23/0x50
[  211.134715][T16590]  ? lockdep_hardirqs_on+0x7c/0x110
[  211.137546][T16590]  task_work_run+0x14e/0x250
[  211.140071][T16590]  ? __pfx_task_work_run+0x10/0x10
[  211.142390][T16590]  get_signal+0x1d3/0x26c0
[  211.144778][T16590]  ? __pfx_get_signal+0x10/0x10
[  211.147459][T16590]  ? fput+0x67/0x440
[  211.149481][T16590]  ? __do_sys_io_uring_enter+0x60f/0x1670
[  211.152880][T16590]  arch_do_signal_or_restart+0x90/0x7e0
[  211.156285][T16590]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  211.160764][T16590]  ? __sys_setsockopt+0x1cd/0x230
[  211.164138][T16590]  syscall_exit_to_user_mode+0x150/0x2a0
[  211.167471][T16590]  __do_fast_syscall_32+0x80/0x120
[  211.170482][T16590]  do_fast_syscall_32+0x32/0x80
[  211.173389][T16590]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  211.177294][T16590] RIP: 0023:0xf7f08579
[  211.179808][T16590] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  211.191169][T16590] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  211.195220][T16590] RAX: 0000000000000800 RBX: 0000000000000003 RCX: 00000000000047bc
[  211.199058][T16590] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  211.202144][T16590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  211.204766][T16590] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  211.207250][T16590] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  211.210066][T16590]  </TASK>
[  211.211240][T16590] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  211.213662][T16590] CPU: 0 UID: 0 PID: 16590 Comm: syz.6.2574 Not tainted 6.14.0-rc7-syzkaller-00186-gd07de43e3f05 #0
[  211.216412][T16590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  211.219902][T16590] Call Trace:
[  211.220887][T16590]  <TASK>
[  211.221809][T16590]  dump_stack_lvl+0x3d/0x1f0
[  211.223166][T16590]  panic+0x71d/0x800
[  211.224290][T16590]  ? __pfx_panic+0x10/0x10
[  211.225711][T16590]  ? show_trace_log_lvl+0x29d/0x3d0
[  211.227384][T16590]  ? refcount_warn_saturate+0x14a/0x210
[  211.229091][T16590]  check_panic_on_warn+0xab/0xb0
[  211.230781][T16590]  __warn+0xf6/0x3c0
[  211.232198][T16590]  ? preempt_schedule_notrace+0x62/0xe0
[  211.234181][T16590]  ? refcount_warn_saturate+0x14a/0x210
[  211.235955][T16590]  report_bug+0x3c0/0x580
[  211.237374][T16590]  handle_bug+0x54/0xa0
[  211.238629][T16590]  exc_invalid_op+0x17/0x50
[  211.239804][T16590]  asm_exc_invalid_op+0x1a/0x20
[  211.241220][T16590] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  211.243150][T16590] Code: ff 89 de e8 e8 34 f7 fc 84 db 0f 85 66 ff ff ff e8 3b 3a f7 fc c6 05 ef 62 88 0b 01 90 48 c7 c7 e0 06 d3 8b e8 27 6b b7 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 18 3a f7 fc 0f b6 1d ca 62 88 0b 31
[  211.249769][T16590] RSP: 0018:ffffc9000c66f9b8 EFLAGS: 00010282
[  211.251916][T16590] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc900264a9000
[  211.254141][T16590] RDX: 0000000000080000 RSI: ffffffff817a2276 RDI: 0000000000000001
[  211.256680][T16590] RBP: ffff88805d3ce150 R08: 0000000000000001 R09: 0000000000000000
[  211.259587][T16590] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[  211.262641][T16590] R13: 0000000000000000 R14: ffff88805d3ce150 R15: ffff88805f552000
[  211.265779][T16590]  ? __warn_printk+0x1a6/0x350
[  211.267650][T16590]  ? refcount_warn_saturate+0x149/0x210
[  211.269860][T16590]  io_tx_ubuf_complete+0x236/0x280
[  211.271905][T16590]  ? __io_submit_flush_completions+0xb85/0x1df0
[  211.274296][T16590]  io_send_zc_cleanup+0x8a/0x1c0
[  211.276192][T16590]  ? __pfx_io_send_zc_cleanup+0x10/0x10
[  211.278297][T16590]  __io_submit_flush_completions+0xcb3/0x1df0
[  211.280558][T16590]  ctx_flush_and_put.constprop.0+0x9a/0x410
[  211.282850][T16590]  io_handle_tw_list+0x3df/0x540
[  211.284916][T16590]  ? __pfx_io_handle_tw_list+0x10/0x10
[  211.287275][T16590]  ? lock_acquire.part.0+0x11b/0x380
[  211.289488][T16590]  ? find_held_lock+0x2d/0x110
[  211.291405][T16590]  tctx_task_work_run+0xac/0x390
[  211.293247][T16590]  tctx_task_work+0x7b/0xd0
[  211.294987][T16590]  ? __pfx_tctx_task_work+0x10/0x10
[  211.296974][T16590]  ? _raw_spin_unlock_irq+0x23/0x50
[  211.298968][T16590]  ? lockdep_hardirqs_on+0x7c/0x110
[  211.300959][T16590]  task_work_run+0x14e/0x250
[  211.302803][T16590]  ? __pfx_task_work_run+0x10/0x10
[  211.304748][T16590]  get_signal+0x1d3/0x26c0
[  211.306546][T16590]  ? __pfx_get_signal+0x10/0x10
[  211.308520][T16590]  ? fput+0x67/0x440
[  211.310043][T16590]  ? __do_sys_io_uring_enter+0x60f/0x1670
[  211.312338][T16590]  arch_do_signal_or_restart+0x90/0x7e0
[  211.314467][T16590]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  211.316867][T16590]  ? __sys_setsockopt+0x1cd/0x230
[  211.318838][T16590]  syscall_exit_to_user_mode+0x150/0x2a0
[  211.321077][T16590]  __do_fast_syscall_32+0x80/0x120
[  211.323152][T16590]  do_fast_syscall_32+0x32/0x80
[  211.324848][T16590]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  211.327279][T16590] RIP: 0023:0xf7f08579
[  211.328855][T16590] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  211.336491][T16590] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[  211.339687][T16590] RAX: 0000000000000800 RBX: 0000000000000003 RCX: 00000000000047bc
[  211.342640][T16590] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  211.345507][T16590] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  211.348494][T16590] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  211.351462][T16590] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  211.354703][T16590]  </TASK>
[  211.356535][T16590] Kernel Offset: disabled
[  211.358329][T16590] Rebooting in 86400 seconds..

VM DIAGNOSIS:
18:46:45  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff853eaa70 RDI=ffffffff9ab72ea0 RBP=ffffffff9ab72e60 RSP=ffffc9000c66f2e0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff356e626 R15=dffffc0000000000
RIP=ffffffff853eaa97 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5044da4 CR3=0000000068f0a000 CR4=00352ef0
DR0=0000000000000003 DR1=0000000000000002 DR2=0000000000000008 DR3=1000000100000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000000 RBX=ffff888026027588 RCX=ffffffff81973053 RDX=1ffff11004c04eb3
RSI=0000000000000004 RDI=ffff888026027588 RBP=ffff888026027590 RSP=ffffc9000739f818
R8 =0000000000000000 R9 =ffffed1004c04eb1 R10=ffff88802602758b R11=0000000000000000
R12=ffff888026027598 R13=0000000000000246 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff819730fe RFL=00000802 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080d4f018 CR3=000000005f3f2000 CR4=00352ef0
DR0=0000000000000003 DR1=0000000000000002 DR2=0000000000000008 DR3=1000000100000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff82030d0f RDX=ffff888022e84880
RSI=ffffffff82030d19 RDI=0000000000000005 RBP=000fffffa8a0d120 RSP=ffffc900033ff830
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000003
R12=0000000000000000 R13=0000000000000000 R14=ffff88804ac5e7c0 R15=dffffc0000000000
RIP=ffffffff81b9f036 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f66e40 CR3=000000000df80000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73fcff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000148a1b RBX=0000000000000003 RCX=ffffffff8b557469 RDX=0000000000000000
RSI=ffffffff8b6cfc80 RDI=ffffffff8bd359e0 RBP=ffffed100376e910 RSP=ffffc900004afe08
R8 =0000000000000001 R9 =ffffed10056e6f85 R10=ffff88802b737c2b R11=0000000000000000
R12=0000000000000003 R13=ffff88801bb74880 R14=ffffffff90628e10 R15=0000000000000000
RIP=ffffffff8b55884f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f72dd194 CR3=0000000068f0a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000