last executing test programs:

1m37.410886581s ago: executing program 0 (id=1061):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)={0x22c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x24, 0xc, 0x0, 0x1, [{0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1837bb88}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x202c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x44b5}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0xa0, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7232d3fd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xfffffffd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe8}]}, {0x4}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x87}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf6}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x68, 0xc, 0x0, 0x1, [{0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x555d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x848a411}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9dbc}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf19a}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4d2d5b85}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xe05d931}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3a1f}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xdc41}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x39b4fd59}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3caa962c}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5}, {0x5}, {0x5}, {0x5, 0x3, 0x3}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x22c}}, 0x0)

1m37.410412337s ago: executing program 0 (id=1062):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
chroot(0x0)
io_setup(0x4, &(0x7f00000014c0)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
io_submit(r0, 0x1, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
mount$binderfs(0x0, &(0x7f0000000000)='./binderfs\x00', 0x0, 0x10068, 0x0)

1m36.825065184s ago: executing program 0 (id=1066):
r0 = socket(0x2, 0x2, 0x1)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
close(0x3)
ioctl$COMEDI_INSN(0xffffffffffffffff, 0x8028640c, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10)
sendmsg$tipc(r3, 0x0, 0x80)
r4 = dup3(r2, r3, 0x0)
write$P9_RGETATTR(r4, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r4, 0x10f, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000080))

1m36.439869683s ago: executing program 0 (id=1067):
clock_gettime(0x8, &(0x7f0000000280))
r0 = socket$inet6(0xa, 0x5, 0x0)
connect$llc(0xffffffffffffffff, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/ipc\x00')
r2 = socket(0x8, 0x3, 0x3)
r3 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r3, &(0x7f0000000140)={0x18, 0x2, {0x3, @private=0xa010100}}, 0x1e)
connect$pptp(r3, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
syz_emit_ethernet(0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x4000)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000015c0), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r5, 0x40047438, &(0x7f0000000040)=0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'virt_wifi0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2facb058c8da8858c3e51fe6f7614946db91e4e5e7a165d2c4a6b8b6271e9cce6a9dbec46637c69894910e", @ANYRES64=r6, @ANYBLOB="00a300000000b54879fbb00000020000000b0001006d617173656300001808028005000500010000000c00010000c11278010005", @ANYRESDEC=r1, @ANYRESDEC=r0], 0x50}, 0x1, 0x0, 0x0, 0x240481d4}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1a, 0x10, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r7, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xebf}, 0x94)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000000)=0x3)
socket$nl_rdma(0x10, 0x3, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x140)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
ioctl$PPPIOCUNBRIDGECHAN(r5, 0x7434)
sendmmsg$alg(r2, &(0x7f0000000840), 0x0, 0x0)
socket(0xa, 0x5, 0x0)
socket(0x1d, 0x2, 0x6)

1m36.320940001s ago: executing program 0 (id=1068):
r0 = socket(0x2, 0x2, 0x1)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
close(0x3)
socket$kcm(0x2b, 0x1, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r4 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r4, 0x0, 0x80)
write$P9_RGETATTR(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})

1m35.928850508s ago: executing program 0 (id=1073):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)={0x1f4, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x24, 0xc, 0x0, 0x1, [{0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1837bb88}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x202c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x44b5}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0xa0, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7232d3fd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xfffffffd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe8}]}, {0x4}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x87}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf6}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x44, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x68, 0xc, 0x0, 0x1, [{0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x555d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x848a411}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9dbc}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf19a}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4d2d5b85}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xe05d931}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3a1f}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xdc41}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x39b4fd59}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3caa962c}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5}]}]}, 0x1f4}}, 0x0)

1m35.928064971s ago: executing program 32 (id=1073):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)={0x1f4, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x24, 0xc, 0x0, 0x1, [{0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1837bb88}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x202c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x44b5}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0xa0, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7232d3fd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xfffffffd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe8}]}, {0x4}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x87}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf6}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x44, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x68, 0xc, 0x0, 0x1, [{0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x555d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x848a411}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9dbc}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf19a}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4d2d5b85}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xe05d931}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3a1f}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xdc41}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x39b4fd59}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3caa962c}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5}]}]}, 0x1f4}}, 0x0)

17.434662374s ago: executing program 3 (id=1305):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x78, 0xa0, 0x3f, 0x32, 0x1c0, 0x0, 0x0, {0x0, 0x100000, 0x3}, {0x0, 0x0, 0x100000}, {}, {}, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x1, 0x1, 0x0, 0xfffffffd, 0x2, 0x8, 0x4, 0x100, 0x2, 0xa})
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x1)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4842, 0x0)
writev(r4, &(0x7f0000000a40)=[{0x0}, {&(0x7f0000000e00)='t', 0x2fd200}, {0x0, 0x2200}, {&(0x7f0000001000)="d6", 0x20c00}], 0x21)
r5 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d00011000"], 0x0)
syz_usb_control_io$rtl8150(r5, 0x0, 0x0)
ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x40025b0c, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
ioctl$FBIOGETCMAP(r0, 0x4604, &(0x7f0000000380)={0x8, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000100), 0x0})

11.9543487s ago: executing program 3 (id=1316):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1b4}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000000)={0x7fff, 0x4, 0xfff, 0xfbd, 0x14, "f797e9a6da4e0de0"})
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200000000622c, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000000c0)='/dev/cpu/#/msr\x00', 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xffffffbc}, 0x10)
write(r2, &(0x7f0000000000)="240000001a00570214f9f407000904ff81000000fe0000ff0000000008000f00fd000000", 0x24)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000040000701feffffff00000000017c0000040042800c00018006000600800a0000100002800c00148008000d00bd"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xf)
accept4$unix(r4, 0x0, 0x0, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610424000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)

11.242646087s ago: executing program 2 (id=1321):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)={0x22c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x24, 0xc, 0x0, 0x1, [{0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1837bb88}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x202c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x44b5}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x60, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7232d3fd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xfffffffd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe8}]}, {0x4}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x87}]}, {0x4}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x44, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x68, 0xc, 0x0, 0x1, [{0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x555d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x848a411}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9dbc}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf19a}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4d2d5b85}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xe05d931}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3a1f}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xdc41}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x39b4fd59}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3caa962c}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5}, {0x5}, {0x5}, {0x5, 0x3, 0x3}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x22c}}, 0x0)

10.089753505s ago: executing program 3 (id=1322):
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
openat$kvm(0xffffff9c, 0x0, 0x450901, 0x0)
r0 = socket$l2tp(0x2, 0x2, 0x73)
prctl$PR_SCHED_CORE(0x39, 0x0, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xb}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0900000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
socket$xdp(0x2c, 0x3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)="5c00000014006b030231a6080c000af32c00000000f800250502000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1bdd700e6657594f1817d", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmmsg(r4, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f00000047c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x18, 0x7a, 0x601, 0x4000000, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\x00\x00\x00'}]}, 0x18}], 0x1}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000600)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="b1db2000000000000000060000000c0001800800030006000000"], 0x20}}, 0x0)
getsockopt$inet_int(r0, 0x0, 0x16, 0x0, &(0x7f0000003f80))

10.081394199s ago: executing program 2 (id=1330):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x101, 0x0)
ioctl$SNAPSHOT_FREE_SWAP_PAGES(r0, 0x3309)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8001}, 0x94)
open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYRES32, @ANYRESHEX], 0x20)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351", 0x41, 0x0, 0x0, 0x0)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r2, r2, r2}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0xa0000, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mmap(&(0x7f0000fe6000/0x2000)=nil, 0x2000, 0x2000004, 0x10, r4, 0x75cc2000)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000140)={0x1fe, 0x2, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0xd1, 0x0, 0x0, @loopback, @multicast1}}}})

9.02512913s ago: executing program 4 (id=1325):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = io_uring_setup(0x2cc2, &(0x7f0000000240)={0x0, 0x3ae9, 0x1000, 0x1, 0x3de})
io_uring_register$IORING_REGISTER_FILES(r1, 0x1e, &(0x7f0000000000), 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x5, &(0x7f00000000c0)=0xc)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000100)=0x2, 0x4)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps_rollup\x00')
exit(0xb9b)
read$FUSE(r3, &(0x7f00000027c0)={0x2020}, 0x2020)
setresuid(0xee01, 0xee01, 0xee00)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = getpgid(0x0)
fcntl$setownex(r4, 0xf, &(0x7f0000000100)={0x0, r5})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000140)={'gretap0\x00', <r6=>0x0, 0x700, 0x7800, 0x3, 0x4, {{0x6, 0x4, 0x1, 0x6, 0x18, 0x65, 0x0, 0x6, 0x4, 0x0, @remote, @loopback, {[@ra={0x94, 0x4}]}}}}})
r7 = socket$xdp(0x2c, 0x3, 0x0)
bind$xdp(r0, &(0x7f00000001c0)={0x2c, 0x2, r6, 0x17, r7}, 0x10)
prlimit64(0x0, 0xb, &(0x7f0000000000)={0x5, 0x88}, 0x0)
r8 = getpid()
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x2000009, 0x4d032, 0xffffffffffffffff, 0x0)
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
r9 = socket(0x2, 0x2, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r9)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, r9, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x20000000)
fsopen(&(0x7f0000000100)='bdev\x00', 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x3}, 0x94)

9.024864535s ago: executing program 1 (id=1326):
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
close(0x3)
socket$kcm(0x2b, 0x1, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r4 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r4, 0x0, 0x80)
write$P9_RGETATTR(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})

8.149442024s ago: executing program 4 (id=1327):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1b4}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000000)={0x7fff, 0x4, 0xfff, 0xfbd, 0x14, "f797e9a6da4e0de0"})
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200000000622c, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000200)='\x00', 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xffffffbc}, 0x10)
write(r2, &(0x7f0000000000)="240000001a00570214f9f407000904ff81000000fe0000ff0000000008000f00fd000000", 0x24)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000040000701feffffff00000000017c0000040042800c00018006000600800a0000100002800c00148008000d00bd"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xf)
accept4$unix(r4, 0x0, 0x0, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610424000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)

5.968369186s ago: executing program 4 (id=1328):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)={0x158, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x24, 0xc, 0x0, 0x1, [{0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1837bb88}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x202c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x44b5}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0xa0, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7232d3fd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xfffffffd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe8}]}, {0x4}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x87}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf6}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5}, {0x5, 0x3, 0x7}, {0x5}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x158}}, 0x0)

5.90917369s ago: executing program 3 (id=1329):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1b4}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000000)={0x7fff, 0x4, 0xfff, 0xfbd, 0x14, "f797e9a6da4e0de0"})
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200000000622c, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000200)='\x00', 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xffffffbc}, 0x10)
write(r2, &(0x7f0000000000)="240000001a00570214f9f407000904ff81000000fe0000ff0000000008000f00fd000000", 0x24)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000040000701feffffff00000000017c0000040042800c00018006000600800a0000100002800c00148008000d00bd"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xf)
accept4$unix(r4, 0x0, 0x0, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610424000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)

5.908506499s ago: executing program 4 (id=1331):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1b4}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000000)={0x7fff, 0x4, 0xfff, 0xfbd, 0x14, "f797e9a6da4e0de0"})
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200000000622c, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000000c0)='/dev/cpu/#/msr\x00', 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xffffffbc}, 0x10)
write(r2, &(0x7f0000000000)="240000001a00570214f9f407000904ff81000000fe0000ff0000000008000f00fd000000", 0x24)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000040000701feffffff00000000017c0000040042800c00018006000600800a0000100002800c00148008000d00bd"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xf)
accept4$unix(r4, 0x0, 0x0, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610424000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)

5.800397799s ago: executing program 1 (id=1332):
r0 = socket(0x2, 0x2, 0x1)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
close(0x3)
ioctl$COMEDI_INSN(0xffffffffffffffff, 0x8028640c, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
r4 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r4, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10)
sendmsg$tipc(r5, 0x0, 0x80)
r6 = dup3(r4, r5, 0x0)
write$P9_RGETATTR(r6, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r6, 0x10f, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r7, 0xc004743e, &(0x7f0000000080))

4.592951276s ago: executing program 4 (id=1333):
r0 = socket(0x2, 0x2, 0x1)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
close(0x3)
ioctl$COMEDI_INSN(0xffffffffffffffff, 0x8028640c, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
r4 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r4, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10)
sendmsg$tipc(r5, 0x0, 0x80)
r6 = dup3(r4, r5, 0x0)
write$P9_RGETATTR(r6, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r6, 0x10f, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r7, 0xc004743e, &(0x7f0000000080))

4.587882753s ago: executing program 2 (id=1341):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)={0x158, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x24, 0xc, 0x0, 0x1, [{0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1837bb88}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x202c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x44b5}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0xa0, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7232d3fd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xfffffffd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe8}]}, {0x4}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x87}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf6}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5}, {0x5, 0x3, 0x7}, {0x5}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x158}}, 0x0)

4.390667639s ago: executing program 3 (id=1334):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1b4}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000000)={0x7fff, 0x4, 0xfff, 0xfbd, 0x14, "f797e9a6da4e0de0"})
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200000000622c, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000000c0)='/dev/cpu/#/msr\x00', &(0x7f0000000200)='\x00', 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, 0x0, 0x0)
write(r2, &(0x7f0000000000)="240000001a00570214f9f407000904ff81000000fe0000ff0000000008000f00fd000000", 0x24)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000040000701feffffff00000000017c0000040042800c00018006000600800a0000100002800c00148008000d00bd"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xf)
accept4$unix(r4, 0x0, 0x0, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610424000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)

4.382467362s ago: executing program 2 (id=1343):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)={0x158, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x24, 0xc, 0x0, 0x1, [{0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1837bb88}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x202c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x44b5}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0xa0, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7232d3fd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xfffffffd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe8}]}, {0x4}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x87}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf6}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x158}}, 0x0)

4.028128639s ago: executing program 2 (id=1335):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1b4}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000000)={0x7fff, 0x4, 0xfff, 0xfbd, 0x14, "f797e9a6da4e0de0"})
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200000000622c, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000000c0)='/dev/cpu/#/msr\x00', &(0x7f0000000200)='\x00', 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, 0x0, 0x0)
write(r2, &(0x7f0000000000)="240000001a00570214f9f407000904ff81000000fe0000ff0000000008000f00fd000000", 0x24)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000040000701feffffff00000000017c0000040042800c00018006000600800a0000100002800c00148008000d00bd"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xf)
accept4$unix(r4, 0x0, 0x0, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610424000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)

4.024700603s ago: executing program 1 (id=1345):
r0 = socket(0x2, 0x2, 0x1)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
close(0x3)
ioctl$COMEDI_INSN(0xffffffffffffffff, 0x8028640c, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
r4 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r4, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10)
sendmsg$tipc(r5, 0x0, 0x80)
r6 = dup3(r4, r5, 0x0)
write$P9_RGETATTR(r6, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r6, 0x10f, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r7, 0xc004743e, &(0x7f0000000080))

1.71452466s ago: executing program 4 (id=1336):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x78, 0xa0, 0x3f, 0x32, 0x1c0, 0x0, 0x0, {0x0, 0x100000, 0x3}, {0x0, 0x0, 0x100000}, {}, {}, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x1, 0x1, 0x0, 0xfffffffd, 0x2, 0x8, 0x4, 0x100, 0x2, 0xa})
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x1)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4842, 0x0)
writev(r4, &(0x7f0000000a40)=[{0x0}, {&(0x7f0000000e00)='t', 0x2fd200}, {0x0, 0x2200}, {&(0x7f0000001000)="d6", 0x20c00}], 0x21)
r5 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d00011000"], 0x0)
syz_usb_control_io$rtl8150(r5, 0x0, 0x0)
ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x40025b0c, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
ioctl$FBIOGETCMAP(r0, 0x4604, &(0x7f0000000380)={0x8, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000100), 0x0})

1.71432534s ago: executing program 3 (id=1337):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x78, 0xa0, 0x3f, 0x32, 0x1c0, 0x0, 0x0, {0x0, 0x100000, 0x3}, {0x0, 0x0, 0x100000}, {}, {}, 0x0, 0x40, 0x0, 0x0, 0x0, 0x6, 0x1, 0x1, 0x0, 0xfffffffd, 0x2, 0x8, 0x4, 0x100, 0x2, 0xa})
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x1)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4842, 0x0)
writev(r4, &(0x7f0000000a40)=[{0x0}, {&(0x7f0000000e00)='t', 0x2fd200}, {0x0, 0x2200}, {&(0x7f0000001000)="d6", 0x20c00}], 0x21)
r5 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d00011000"], 0x0)
syz_usb_control_io$rtl8150(r5, 0x0, 0x0)
ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x40025b0c, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
ioctl$FBIOGETCMAP(r0, 0x4604, &(0x7f0000000380)={0x8, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000100), 0x0})

1.710214898s ago: executing program 2 (id=1347):
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x450901, 0x0)
r0 = socket$l2tp(0x2, 0x2, 0x73)
prctl$PR_SCHED_CORE(0x39, 0x0, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0900000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
socket$xdp(0x2c, 0x3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)="5c00000014006b030231a6080c000af32c00000000f800250502000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1bdd700e6657594f1817d", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmmsg(r4, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f00000047c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)={0x18, 0x7a, 0x601, 0x4000000, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\x00\x00\x00'}]}, 0x18}], 0x1}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000600)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="b1db2000000000000000060000000c0001800800030006000000"], 0x20}}, 0x0)
getsockopt$inet_int(r0, 0x0, 0x16, 0x0, &(0x7f0000003f80))

950.336758ms ago: executing program 1 (id=1338):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1b4}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x2)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000000)={0x7fff, 0x4, 0xfff, 0xfbd, 0x14, "f797e9a6da4e0de0"})
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200000000622c, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000200)='\x00', 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xffffffbc}, 0x10)
write(r2, &(0x7f0000000000)="240000001a00570214f9f407000904ff81000000fe0000ff0000000008000f00fd000000", 0x24)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000040000701feffffff00000000017c0000040042800c00018006000600800a0000100002800c00148008000d00bd"], 0x34}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xf)
accept4$unix(r4, 0x0, 0x0, 0x80000)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610424000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)

103.718265ms ago: executing program 1 (id=1339):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)={0x22c, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x2}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x24, 0xc, 0x0, 0x1, [{0x4}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1837bb88}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x202c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x44b5}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0xa0, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7232d3fd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xfffffffd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xe8}]}, {0x4}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x87}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf6}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x68, 0xc, 0x0, 0x1, [{0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x555d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x848a411}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9dbc}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf19a}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4d2d5b85}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xe05d931}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3a1f}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xdc41}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x39b4fd59}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3caa962c}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0x5}, {0x5}, {0x5}, {0x5, 0x3, 0x3}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x34, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5}, {0x5, 0x3, 0x7}, {0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x22c}}, 0x0)

0s ago: executing program 1 (id=1340):
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
close(0x3)
socket$kcm(0x2b, 0x1, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
r4 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r4, 0x0, 0x80)
write$P9_RGETATTR(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})

kernel console output (not intermixed with test programs):

t power cycle
[  173.053085][ T5980] usb usb44-port1: unable to enumerate USB device
[  173.472935][ T7110] netlink: 28 bytes leftover after parsing attributes in process `syz.3.294'.
[  173.475786][ T7110] netlink: 28 bytes leftover after parsing attributes in process `syz.3.294'.
[  173.483550][ T7110] netlink: 16 bytes leftover after parsing attributes in process `syz.3.294'.
[  173.667314][ T7113] infiniband syz0: set active
[  173.670049][ T7113] infiniband syz0: added bond0
[  173.709219][ T7113] RDS/IB: syz0: added
[  173.711015][ T7113] smc: adding ib device syz0 with port count 1
[  173.714274][ T7113] smc:    ib device syz0 port 1 has no pnetid
[  173.797993][ T7117] binder: 7116:7117 ioctl 4018620d 0 returned -22
[  174.246468][ T7125] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  174.248783][ T7125] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  174.252618][ T7125] vhci_hcd vhci_hcd.0: Device attached
[  174.443853][ T7129] binder: 7128:7129 ioctl 4018620d 0 returned -22
[  174.552886][ T5980] usb 38-1: SetAddress Request (15) to port 0
[  174.555578][ T5980] usb 38-1: new SuperSpeed USB device number 15 using vhci_hcd
[  177.863005][ T7126] vhci_hcd: connection reset by peer
[  177.865319][ T1141] vhci_hcd vhci_hcd.0: stop threads
[  177.867584][ T1141] vhci_hcd vhci_hcd.0: release socket
[  177.872613][ T1141] vhci_hcd vhci_hcd.0: disconnect device
[  178.426438][ T7155] netlink: 200 bytes leftover after parsing attributes in process `syz.1.306'.
[  179.417780][ T7162] mkiss: ax0: crc mode is auto.
[  179.474150][ T7153] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  179.476328][ T7153] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  179.479422][ T7153] vhci_hcd vhci_hcd.0: Device attached
[  179.945676][ T7164] vhci_hcd: connection reset by peer
[  179.947698][   T13] vhci_hcd vhci_hcd.0: stop threads
[  179.950003][   T13] vhci_hcd vhci_hcd.0: release socket
[  180.015325][   T13] vhci_hcd vhci_hcd.0: disconnect device
[  180.042556][ T7170] binder: BINDER_SET_CONTEXT_MGR already set
[  180.044761][ T7170] binder: 7169:7170 ioctl 4018620d 80004a80 returned -16
[  180.047301][ T7170] binder: 7169:7170 ioctl c0306201 0 returned -14
[  180.218254][ T5980] usb 38-1: device descriptor read/8, error -110
[  180.603461][ T5980] usb usb38-port1: attempt power cycle
[  180.972667][ T7177] binder: 7176:7177 ioctl 4018620d 0 returned -22
[  181.975040][ T7188] Invalid source name
[  181.976684][ T7188] UBIFS error (pid: 7188): cannot open "/dev/sg0", error -22
[  182.107469][ T5980] usb usb38-port1: unable to enumerate USB device
[  182.756469][ T7198] netlink: 200 bytes leftover after parsing attributes in process `syz.1.317'.
[  182.904106][ T7201] binder: 7200:7201 ioctl c0306201 0 returned -14
[  182.982592][   T24] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  183.112560][   T24] usb 7-1: device descriptor read/64, error -71
[  183.362701][   T24] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  183.514811][   T24] usb 7-1: device descriptor read/64, error -71
[  183.624895][   T24] usb usb7-port1: attempt power cycle
[  183.982605][   T24] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  184.003086][   T24] usb 7-1: device descriptor read/8, error -71
[  184.212976][    T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  184.246734][   T24] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  184.263486][   T24] usb 7-1: device descriptor read/8, error -71
[  184.362656][    T9] usb 5-1: Using ep0 maxpacket: 8
[  184.373079][   T24] usb usb7-port1: unable to enumerate USB device
[  184.380980][    T9] usb 5-1: config 0 has no interfaces?
[  184.401096][    T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  184.407521][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.410884][    T9] usb 5-1: Product: syz
[  184.412424][    T9] usb 5-1: Manufacturer: syz
[  184.414049][    T9] usb 5-1: SerialNumber: syz
[  184.432303][    T9] usb 5-1: config 0 descriptor??
[  184.717362][ T1462] usb 5-1: USB disconnect, device number 2
[  185.543694][ T7227] Invalid source name
[  185.545406][ T7227] UBIFS error (pid: 7227): cannot open "/dev/sg0", error -22
[  186.029517][ T7235] binder: 7234:7235 ioctl c0306201 0 returned -14
[  186.287193][ T7242] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  186.290573][ T7242] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  186.295213][ T7242] vhci_hcd vhci_hcd.0: Device attached
[  186.501023][ T7249] netlink: 200 bytes leftover after parsing attributes in process `syz.0.332'.
[  186.563118][ T6271] usb 40-1: SetAddress Request (14) to port 0
[  186.565221][ T6271] usb 40-1: new SuperSpeed USB device number 14 using vhci_hcd
[  186.912593][ T7243] vhci_hcd: connection closed
[  186.912909][ T1155] vhci_hcd vhci_hcd.1: stop threads
[  186.916287][ T1155] vhci_hcd vhci_hcd.1: release socket
[  186.919396][ T1155] vhci_hcd vhci_hcd.1: disconnect device
[  187.245864][ T6271] usb 40-1: enqueue for inactive port 0
[  187.288406][    T9] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  187.492779][    T9] usb 7-1: Using ep0 maxpacket: 8
[  187.499237][    T9] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  187.502336][    T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  187.522749][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  187.532608][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  187.535796][    T9] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  187.549285][    T9] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  187.552414][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.633697][ T6271] usb usb40-port1: attempt power cycle
[  187.835305][ T7258] netlink: 200 bytes leftover after parsing attributes in process `syz.1.343'.
[  188.193425][ T6271] usb usb40-port1: unable to enumerate USB device
[  188.421360][ T7264] usbtmc 7-1:16.0: simple usb_control_msg failed -32
[  188.426689][ T6271] usb 7-1: USB disconnect, device number 7
[  190.147355][ T7283] Invalid source name
[  190.149523][ T7283] UBIFS error (pid: 7283): cannot open "/dev/sg0", error -22
[  193.546193][ T7308] mkiss: ax0: crc mode is auto.
[  193.644877][ T7314] Invalid source name
[  193.646292][ T7314] UBIFS error (pid: 7314): cannot open "/dev/sg0", error -22
[  196.379544][ T7333] netlink: 28 bytes leftover after parsing attributes in process `syz.2.356'.
[  196.611579][ T7335] Zero length message leads to an empty skb
[  197.602522][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  198.854231][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  198.856340][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  199.605227][ T7368] fuse: Unknown parameter 'user_id00000000000000000000'
[  204.520737][ T7381] netlink: 200 bytes leftover after parsing attributes in process `syz.2.374'.
[  205.644857][ T7393] wg2 speed is unknown, defaulting to 1000
[  205.672738][ T7395] overlayfs: statfs failed on './file0'
[  205.841722][ T7402] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 33554436, id = 0
[  206.358548][ T5295] Bluetooth: unknown link type 134
[  206.360389][ T5295] Bluetooth: hci3: connection err: -111
[  206.468491][ T7407] netlink: 'syz.3.381': attribute type 1 has an invalid length.
[  206.538106][ T7410] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  206.541733][ T7410] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  206.591493][ T7407] =======================================================
[  206.591493][ T7407] WARNING: The mand mount option has been deprecated and
[  206.591493][ T7407]          and is ignored by this kernel. Remove the mand
[  206.591493][ T7407]          option from the mount to silence this warning.
[  206.591493][ T7407] =======================================================
[  206.663767][ T7407] bond1: (slave gretap1): making interface the new active one
[  206.666697][ T7407] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  206.720131][ T7418] netlink: 200 bytes leftover after parsing attributes in process `syz.1.385'.
[  207.078811][ T7426] binder: 7424:7426 ioctl c0306201 0 returned -14
[  208.227261][ T7434] netlink: 220 bytes leftover after parsing attributes in process `syz.3.389'.
[  208.230401][ T7434] netlink: 220 bytes leftover after parsing attributes in process `syz.3.389'.
[  209.529298][ T7456] netlink: 'syz.1.394': attribute type 3 has an invalid length.
[  210.080587][ T7451] netlink: 'syz.0.395': attribute type 1 has an invalid length.
[  210.156086][ T7455] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  210.161444][ T7455] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  210.558564][ T7451] bond1: (slave gretap1): making interface the new active one
[  210.563541][ T7451] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  210.653162][ T7477] netlink: 200 bytes leftover after parsing attributes in process `syz.3.401'.
[  214.306113][ T7527] netlink: 200 bytes leftover after parsing attributes in process `syz.0.416'.
[  216.775057][ T7544] overlayfs: failed to resolve 'uid>00000000000000000000': -2
[  216.794795][ T7546] syzkaller0: entered promiscuous mode
[  216.796857][ T7546] syzkaller0: entered allmulticast mode
[  216.912551][ T7551] ata1.00: invalid multi_count 128 ignored
[  217.217092][ T7567] netlink: 4 bytes leftover after parsing attributes in process `syz.3.426'.
[  217.229732][ T7567] netlink: 220 bytes leftover after parsing attributes in process `syz.3.426'.
[  217.232882][ T7567] netlink: 220 bytes leftover after parsing attributes in process `syz.3.426'.
[  218.548768][ T7575] netlink: 4 bytes leftover after parsing attributes in process `syz.0.428'.
[  220.813939][ T7585] netlink: 200 bytes leftover after parsing attributes in process `syz.3.430'.
[  221.100636][ T7595] warning: `syz.2.434' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  221.119399][ T7595] netlink: 'syz.2.434': attribute type 61 has an invalid length.
[  221.241624][ T7600] Invalid source name
[  221.243095][ T7600] UBIFS error (pid: 7600): cannot open "/dev/sg0", error -22
[  221.328401][ T7604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.437'.
[  221.459359][ T7609] netlink: 28 bytes leftover after parsing attributes in process `syz.1.436'.
[  221.473777][ T7609] netlink: 20 bytes leftover after parsing attributes in process `syz.1.436'.
[  221.512541][ T7609] netlink: 28 bytes leftover after parsing attributes in process `syz.1.436'.
[  222.314745][ T7620] netlink: 200 bytes leftover after parsing attributes in process `syz.2.441'.
[  224.354077][ T7635] netlink: 4 bytes leftover after parsing attributes in process `syz.2.445'.
[  224.360242][ T7635] netlink: 220 bytes leftover after parsing attributes in process `syz.2.445'.
[  224.364263][ T7635] netlink: 220 bytes leftover after parsing attributes in process `syz.2.445'.
[  224.837150][ T7638] netlink: 4 bytes leftover after parsing attributes in process `syz.1.446'.
[  225.760562][ T7649] Invalid source name
[  225.763995][ T7649] UBIFS error (pid: 7649): cannot open "/dev/sg0", error -22
[  226.345732][ T7661] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  226.351638][ T7661] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  226.387211][ T7661] vhci_hcd vhci_hcd.0: Device attached
[  226.664939][ T6021] usb 42-1: SetAddress Request (26) to port 0
[  226.667783][ T6021] usb 42-1: new SuperSpeed USB device number 26 using vhci_hcd
[  226.774812][ T7671] ata1.00: invalid multi_count 128 ignored
[  226.900866][ T7662] vhci_hcd: connection reset by peer
[  226.904378][ T1141] vhci_hcd vhci_hcd.2: stop threads
[  226.906499][ T1141] vhci_hcd vhci_hcd.2: release socket
[  226.908713][ T1141] vhci_hcd vhci_hcd.2: disconnect device
[  227.098831][ T7674] netlink: 4 bytes leftover after parsing attributes in process `syz.0.456'.
[  227.213212][ T7678] netlink: 4 bytes leftover after parsing attributes in process `syz.0.465'.
[  227.859033][ T7689] mkiss: ax0: crc mode is auto.
[  231.732600][ T6021] usb 42-1: device descriptor read/8, error -110
[  232.943605][ T6021] usb usb42-port1: attempt power cycle
[  234.079127][ T7710] netlink: 4 bytes leftover after parsing attributes in process `syz.1.467'.
[  234.462703][ T6271] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  234.565225][ T6021] usb usb42-port1: unable to enumerate USB device
[  234.613415][ T6271] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  234.618845][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  234.622996][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  234.627825][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  234.631600][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  234.635701][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  234.640290][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  234.644109][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  234.648037][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  234.652596][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  234.656858][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  234.660709][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  234.665186][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  234.668779][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  234.673724][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  234.678256][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  234.682125][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  234.688859][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  234.693831][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  234.697977][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  234.701756][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  234.706721][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  234.710884][ T6271] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  234.715026][ T6271] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  234.719721][ T6271] usb 7-1: config 0 interface 0 has no altsetting 0
[  234.725222][ T6271] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  234.729295][ T6271] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  234.733093][ T6271] usb 7-1: Product: syz
[  234.734987][ T6271] usb 7-1: Manufacturer: syz
[  234.737112][ T6271] usb 7-1: SerialNumber: syz
[  234.809532][ T7733] process 'syz.3.476' launched './file0' with NULL argv: empty string added
[  234.946439][ T6271] usb 7-1: config 0 descriptor??
[  234.956731][ T6271] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[  236.576854][ T7737] netlink: 4 bytes leftover after parsing attributes in process `syz.3.477'.
[  238.054442][ T7751] mkiss: ax0: crc mode is auto.
[  240.617789][ T6017] usb 7-1: USB disconnect, device number 8
[  240.627045][ T6017] yurex 7-1:0.0: USB YUREX #0 now disconnected
[  240.716080][ T7760] program syz.3.485 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  240.853896][ T7762] netlink: 4 bytes leftover after parsing attributes in process `syz.3.486'.
[  240.961903][ T7770] fuse: Unknown parameter 'user_id00000000000000000000'
[  241.124356][ T7778] Invalid source name
[  241.126183][ T7778] UBIFS error (pid: 7778): cannot open "/dev/sg0", error -22
[  243.296506][ T7795] Invalid source name
[  243.300890][ T7795] UBIFS error (pid: 7795): cannot open "/dev/sg0", error -22
[  243.433151][ T6017] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  243.583337][ T6017] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  243.588937][ T6017] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.594098][ T6017] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.598231][ T6017] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.604242][ T6017] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.608615][ T6017] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.615035][ T6017] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.622649][ T6017] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.627161][ T6017] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.631828][ T6017] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.641659][ T6017] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.645897][ T6017] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.650768][ T6017] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.655722][ T6017] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.659479][ T6017] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.664384][ T6017] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.669734][ T6017] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.674735][ T6017] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.685418][ T7800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.498'.
[  243.740181][ T6017] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.759394][ T6017] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.879838][ T6017] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.884952][ T6017] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.890568][ T6017] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.895346][ T6017] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.899796][ T6017] usb 8-1: config 0 interface 0 has no altsetting 0
[  243.904513][ T6017] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  243.908172][ T6017] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  243.911752][ T6017] usb 8-1: Product: syz
[  243.913856][ T6017] usb 8-1: Manufacturer: syz
[  243.915573][ T6017] usb 8-1: SerialNumber: syz
[  243.921579][ T6017] usb 8-1: config 0 descriptor??
[  243.928928][ T6017] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0
[  245.217204][ T7809] fuse: Unknown parameter 'user_id00000000000000000000'
[  247.209364][ T7831] netlink: 24 bytes leftover after parsing attributes in process `syz.2.507'.
[  247.267159][ T6017] usb 8-1: USB disconnect, device number 4
[  247.270370][ T6017] yurex 8-1:0.0: USB YUREX #0 now disconnected
[  247.515951][ T7838] fuse: Unknown parameter 'user_id00000000000000000000'
[  247.642659][ T5980] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  247.704349][ T7841] fuse: Unknown parameter 'user_id00000000000000000000'
[  247.742241][ T7844] wg2 speed is unknown, defaulting to 1000
[  247.787068][ T7847] vcan0: tx drop: invalid da for name 0x0000000000000001
[  247.872635][ T5980] usb 7-1: Using ep0 maxpacket: 8
[  247.906960][ T5980] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  247.909928][ T5980] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  247.947028][ T5980] usb 7-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  247.949890][ T5980] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.952370][ T5980] usb 7-1: Product: syz
[  247.962555][ T5980] usb 7-1: Manufacturer: syz
[  247.964175][ T5980] usb 7-1: SerialNumber: syz
[  247.968284][ T5980] usb 7-1: config 0 descriptor??
[  248.023526][ T7854] Invalid source name
[  248.024888][ T7854] UBIFS error (pid: 7854): cannot open "/dev/sg0", error -22
[  248.919501][   T10] usb 7-1: USB disconnect, device number 9
[  249.026075][ T7859] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  249.028253][ T7859] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  249.041721][ T7859] vhci_hcd vhci_hcd.0: Device attached
[  249.312939][ T5980] usb 38-1: SetAddress Request (19) to port 0
[  249.316328][ T5980] usb 38-1: new SuperSpeed USB device number 19 using vhci_hcd
[  249.645419][ T7860] vhci_hcd: connection reset by peer
[  249.648274][ T1141] vhci_hcd vhci_hcd.0: stop threads
[  249.650522][ T1141] vhci_hcd vhci_hcd.0: release socket
[  249.656965][ T1141] vhci_hcd vhci_hcd.0: disconnect device
[  249.785578][ T7870] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  249.787730][ T7870] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  249.791349][ T7870] vhci_hcd vhci_hcd.0: Device attached
[  250.002590][ T6271] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  250.062809][ T6017] usb 42-1: SetAddress Request (30) to port 0
[  250.065641][ T6017] usb 42-1: new SuperSpeed USB device number 30 using vhci_hcd
[  250.153340][ T6271] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  250.157811][ T6271] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  250.161832][ T6271] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  250.166354][ T6271] usb 6-1: config 0 interface 0 has no altsetting 0
[  250.170466][ T6271] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  250.173745][ T6271] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  250.178275][ T6271] usb 6-1: config 0 interface 0 has no altsetting 0
[  250.184949][ T6271] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  250.187857][ T6271] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  250.192451][ T6271] usb 6-1: config 0 interface 0 has no altsetting 0
[  250.195805][ T6271] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  250.198654][ T6271] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  250.202778][ T6271] usb 6-1: config 0 interface 0 has no altsetting 0
[  250.206407][ T6271] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  250.209223][ T6271] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  250.213765][ T6271] usb 6-1: config 0 interface 0 has no altsetting 0
[  250.216647][ T6271] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  250.219435][ T6271] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  250.224710][ T6271] usb 6-1: config 0 interface 0 has no altsetting 0
[  250.228751][ T6271] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  250.232729][ T6271] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  250.238207][ T6271] usb 6-1: config 0 interface 0 has no altsetting 0
[  250.241664][ T6271] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  250.244874][ T6271] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  250.248505][ T6271] usb 6-1: config 0 interface 0 has no altsetting 0
[  250.253440][ T6271] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  250.258009][ T6271] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  250.261895][ T6271] usb 6-1: Product: syz
[  250.263806][ T6271] usb 6-1: Manufacturer: syz
[  250.265616][ T6271] usb 6-1: SerialNumber: syz
[  250.268979][ T6271] usb 6-1: config 0 descriptor??
[  250.275328][ T6271] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  250.371406][ T7881] fuse: Unknown parameter 'user_id00000000000000000000'
[  250.432222][ T7871] vhci_hcd: connection reset by peer
[  250.439592][   T13] vhci_hcd vhci_hcd.2: stop threads
[  250.442677][   T13] vhci_hcd vhci_hcd.2: release socket
[  250.445316][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  251.131330][ T7883] netlink: 'syz.0.522': attribute type 1 has an invalid length.
[  251.189449][ T7884] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  251.203373][ T7884] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  251.421490][ T7891] netlink: 'syz.2.524': attribute type 1 has an invalid length.
[  251.462665][ T7891] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  251.466992][ T7891] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  251.684742][ T7895] netlink: 'syz.3.525': attribute type 1 has an invalid length.
[  251.737089][ T7895] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  251.740983][ T7895] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  252.785809][ T1331] usb 6-1: USB disconnect, device number 3
[  252.792861][ T1331] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  252.978761][ T7909] fuse: Unknown parameter 'user_id00000000000000000000'
[  253.921178][ T7916] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  253.923378][ T7916] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  253.945407][ T7916] vhci_hcd vhci_hcd.0: Device attached
[  254.239769][   T54] usb 40-1: SetAddress Request (18) to port 0
[  254.242370][   T54] usb 40-1: new SuperSpeed USB device number 18 using vhci_hcd
[  254.382652][ T5980] usb 38-1: device descriptor read/8, error -110
[  254.653212][ T7928] netlink: 'syz.3.535': attribute type 1 has an invalid length.
[  254.705054][ T7928] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  254.708714][ T7928] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  254.783066][ T5980] usb usb38-port1: attempt power cycle
[  254.943117][ T7936] netlink: set zone limit has 4 unknown bytes
[  254.983131][ T7932] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  254.986288][ T7932] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  255.045984][ T7917] vhci_hcd: connection reset by peer
[  255.049478][ T1141] vhci_hcd vhci_hcd.1: stop threads
[  255.051757][ T1141] vhci_hcd vhci_hcd.1: release socket
[  255.055549][ T1141] vhci_hcd vhci_hcd.1: disconnect device
[  255.055799][ T7932] vhci_hcd vhci_hcd.0: Device attached
[  255.122728][ T5980] usb 38-1: SetAddress Request (21) to port 0
[  255.124770][ T5980] usb 38-1: new SuperSpeed USB device number 21 using vhci_hcd
[  255.172617][ T6017] usb 42-1: device descriptor read/8, error -110
[  255.365616][ T7945] fuse: Unknown parameter 'user_id00000000000000000000'
[  255.378654][ T7935] vhci_hcd: connection reset by peer
[  255.381408][  T154] vhci_hcd vhci_hcd.0: stop threads
[  255.383726][  T154] vhci_hcd vhci_hcd.0: release socket
[  255.386376][  T154] vhci_hcd vhci_hcd.0: disconnect device
[  255.520808][ T7952] FAULT_INJECTION: forcing a failure.
[  255.520808][ T7952] name failslab, interval 1, probability 0, space 0, times 0
[  255.525547][ T7952] CPU: 3 UID: 0 PID: 7952 Comm: syz.3.542 Not tainted syzkaller #0 PREEMPT(full) 
[  255.525563][ T7952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  255.525570][ T7952] Call Trace:
[  255.525574][ T7952]  <TASK>
[  255.525579][ T7952]  dump_stack_lvl+0x100/0x190
[  255.525602][ T7952]  should_fail_ex.cold+0x5/0xa
[  255.525616][ T7952]  ? tomoyo_encode2+0xfb/0x3c0
[  255.525632][ T7952]  should_failslab+0xc2/0x120
[  255.525646][ T7952]  __kmalloc_noprof+0xe0/0x850
[  255.525664][ T7952]  ? rcu_is_watching+0x12/0xc0
[  255.525685][ T7952]  tomoyo_encode2+0xfb/0x3c0
[  255.525702][ T7952]  tomoyo_encode+0x29/0x50
[  255.525717][ T7952]  tomoyo_realpath_from_path+0x18c/0x690
[  255.525738][ T7952]  tomoyo_path_number_perm+0x23c/0x580
[  255.525751][ T7952]  ? tomoyo_path_number_perm+0x22e/0x580
[  255.525765][ T7952]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  255.525794][ T7952]  ? find_held_lock+0x2b/0x80
[  255.525806][ T7952]  ? hook_file_ioctl_common+0x146/0x410
[  255.525820][ T7952]  ? __fget_files+0x215/0x3d0
[  255.525835][ T7952]  ? __fget_files+0x21f/0x3d0
[  255.525849][ T7952]  security_file_ioctl_compat+0xd3/0x230
[  255.525864][ T7952]  __ia32_compat_sys_ioctl+0xc2/0x360
[  255.525884][ T7952]  __do_fast_syscall_32+0xe3/0x8c0
[  255.525906][ T7952]  do_fast_syscall_32+0x32/0x70
[  255.525917][ T7952]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  255.525932][ T7952] RIP: 0023:0xf7f42f6c
[  255.525941][ T7952] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  255.525952][ T7952] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  255.525964][ T7952] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0105702
[  255.525971][ T7952] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000
[  255.525977][ T7952] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  255.525989][ T7952] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  255.525996][ T7952] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  255.526010][ T7952]  </TASK>
[  255.526021][ T7952] ERROR: Out of memory at tomoyo_realpath_from_path.
[  255.563444][ T6017] usb usb42-port1: attempt power cycle
[  255.973546][ T7961] netlink: 'syz.1.546': attribute type 1 has an invalid length.
[  255.995986][ T7961] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  256.001321][ T7961] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  256.233421][ T6017] usb usb42-port1: unable to enumerate USB device
[  256.279511][ T7972] fuse: Unknown parameter 'user_id00000000000000000000'
[  256.433373][ T7978] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  256.436107][ T7978] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  256.439445][ T7978] vhci_hcd vhci_hcd.0: Device attached
[  257.054844][   T10] usb 44-1: SetAddress Request (18) to port 0
[  257.057396][   T10] usb 44-1: new SuperSpeed USB device number 18 using vhci_hcd
[  257.225982][ T7979] vhci_hcd: connection reset by peer
[  257.278030][  T154] vhci_hcd vhci_hcd.3: stop threads
[  257.281042][  T154] vhci_hcd vhci_hcd.3: release socket
[  257.299516][  T154] vhci_hcd vhci_hcd.3: disconnect device
[  258.231112][ T8004] binder: 8003:8004 ioctl c0306201 0 returned -14
[  258.463840][ T8013] Invalid source name
[  258.466057][ T8013] UBIFS error (pid: 8013): cannot open "/dev/sg0", error -22
[  258.516089][ T8014] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  258.522424][ T8014] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  258.526813][ T8014] vhci_hcd vhci_hcd.0: Device attached
[  258.620419][ T8007] netlink: 'syz.2.557': attribute type 1 has an invalid length.
[  258.663614][ T8007] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  258.667503][ T8007] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  258.676571][ T8020] fuse: Unknown parameter 'user_id00000000000000000000'
[  259.083511][ T8015] vhci_hcd: connection closed
[  259.083798][   T13] vhci_hcd vhci_hcd.1: stop threads
[  259.088984][   T13] vhci_hcd vhci_hcd.1: release socket
[  259.092961][   T13] vhci_hcd vhci_hcd.1: disconnect device
[  259.332661][   T54] usb 40-1: device descriptor read/8, error -110
[  259.737702][   T54] usb usb40-port1: attempt power cycle
[  260.003230][ T8034] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  260.005318][ T8034] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  260.056067][ T8034] vhci_hcd vhci_hcd.0: Device attached
[  260.102572][   T54] usb 40-1: SetAddress Request (20) to port 0
[  260.104605][   T54] usb 40-1: new SuperSpeed USB device number 20 using vhci_hcd
[  260.212667][ T5980] usb 38-1: device descriptor read/8, error -110
[  260.270497][ T8039] binder: 8038:8039 ioctl c0306201 0 returned -14
[  260.313088][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  260.315131][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  260.391722][ T8045] Invalid source name
[  260.393755][ T8045] UBIFS error (pid: 8045): cannot open "/dev/sg0", error -22
[  260.633040][ T5980] usb usb38-port1: unable to enumerate USB device
[  260.707812][ T8035] vhci_hcd: connection reset by peer
[  260.710313][ T1141] vhci_hcd vhci_hcd.1: stop threads
[  260.712984][ T1141] vhci_hcd vhci_hcd.1: release socket
[  260.715255][ T1141] vhci_hcd vhci_hcd.1: disconnect device
[  261.204933][ T8048] /dev/sr0: Can't open blockdev
[  261.234291][ T8051] fuse: Unknown parameter 'user_id00000000000000000000'
[  261.536583][ T8060] fuse: Unknown parameter 'user_id00000000000000000000'
[  261.553248][ T8061] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  261.556166][ T8061] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  261.560514][ T8061] vhci_hcd vhci_hcd.0: Device attached
[  261.633248][ T8053] netlink: 'syz.0.569': attribute type 1 has an invalid length.
[  261.654255][ T8053] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  261.658532][ T8053] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  262.065135][ T8075] binder: 8074:8075 ioctl c0306201 0 returned -14
[  262.159784][ T8062] vhci_hcd: connection reset by peer
[  262.165944][ T1141] vhci_hcd vhci_hcd.3: stop threads
[  262.168925][ T1141] vhci_hcd vhci_hcd.3: release socket
[  262.172152][ T1141] vhci_hcd vhci_hcd.3: disconnect device
[  262.172641][   T10] usb 44-1: device descriptor read/8, error -110
[  262.294182][ T8079] fuse: Unknown parameter 'user_id00000000000000000000'
[  262.299179][ T8081] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  262.564031][ T8083] /dev/sr0: Can't open blockdev
[  262.589099][ T8088] Invalid source name
[  262.593659][ T8088] UBIFS error (pid: 8088): cannot open "/dev/sg0", error -22
[  262.605660][   T10] usb usb44-port1: attempt power cycle
[  262.999110][ T8094] wg2 speed is unknown, defaulting to 1000
[  263.067014][ T8097] netlink: 4 bytes leftover after parsing attributes in process `syz.1.581'.
[  263.075801][ T8097] netlink: 4 bytes leftover after parsing attributes in process `syz.1.581'.
[  263.263068][   T10] usb usb44-port1: unable to enumerate USB device
[  263.305817][ T8099] netlink: 'syz.1.582': attribute type 1 has an invalid length.
[  263.364368][ T8099] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  263.368813][ T8099] bond4: (slave vxcan3): Error -95 calling set_mac_address
[  263.666072][ T8113] fuse: Unknown parameter 'user_id00000000000000000000'
[  265.172597][   T54] usb 40-1: device descriptor read/8, error -110
[  265.305071][ T8132] Invalid source name
[  265.307059][ T8132] UBIFS error (pid: 8132): cannot open "/dev/sg0", error -22
[  265.574186][   T54] usb usb40-port1: unable to enumerate USB device
[  265.840951][ T8139] fuse: Unknown parameter 'user_id00000000000000000000'
[  265.859923][ T8136] netlink: 'syz.1.594': attribute type 1 has an invalid length.
[  265.940067][ T8145] netlink: 8 bytes leftover after parsing attributes in process `syz.0.596'.
[  265.943232][ T8145] netlink: 8 bytes leftover after parsing attributes in process `syz.0.596'.
[  265.946232][ T8142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.596'.
[  265.949605][ T8142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.596'.
[  265.956498][ T8136] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  265.969386][ T8136] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  266.336836][ T8160] mmap: syz.3.603 (8160) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  266.480868][ T8164] fuse: Unknown parameter 'user_id00000000000000000000'
[  267.422603][   T40] audit: type=1326 audit(1774337547.032:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.3.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7fc00000
[  267.442453][   T40] audit: type=1326 audit(1774337547.032:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.3.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7fc00000
[  267.450583][   T40] audit: type=1326 audit(1774337547.032:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.3.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7fc00000
[  267.457734][   T40] audit: type=1326 audit(1774337547.032:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.3.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7fc00000
[  267.467417][   T40] audit: type=1326 audit(1774337547.032:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.3.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7fc00000
[  267.481481][   T40] audit: type=1326 audit(1774337547.032:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.3.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7fc00000
[  267.488658][   T40] audit: type=1326 audit(1774337547.032:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.3.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7fc00000
[  267.498978][   T40] audit: type=1326 audit(1774337547.032:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.3.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7fc00000
[  267.512545][   T40] audit: type=1326 audit(1774337547.042:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.3.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7fc00000
[  267.528617][   T40] audit: type=1326 audit(1774337547.042:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8159 comm="syz.3.603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x7fc00000
[  267.625189][ T8173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.606'.
[  267.758076][ T8177] Invalid ELF header type: 3 != 1
[  267.911585][ T8189] fuse: Unknown parameter 'user_id00000000000000000000'
[  269.559435][ T8222] fuse: Unknown parameter 'user_id00000000000000000000'
[  269.608182][ T6021] libceph: connect (1)[c::]:6789 error -101
[  269.611417][ T6021] libceph: mon0 (1)[c::]:6789 connect error
[  269.774987][   T10] libceph: connect (1)[c::]:6789 error -101
[  269.777553][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  269.786358][ T8233] netfs: Couldn't get user pages (rc=-14)
[  269.814131][ T8231] ceph: No mds server is up or the cluster is laggy
[  269.846030][ T8230] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  269.848534][ T8230] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  269.862228][ T8230] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  269.865338][ T8230] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  269.884382][ T6021] libceph: connect (1)[c::]:6789 error -101
[  269.887081][ T6021] libceph: mon0 (1)[c::]:6789 connect error
[  270.122667][   T54] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  270.297434][   T54] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  270.301453][   T54] usb 8-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  270.305411][   T54] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  270.309756][   T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.412790][ T6021] libceph: connect (1)[c::]:6789 error -101
[  270.414873][ T6021] libceph: mon0 (1)[c::]:6789 connect error
[  270.428218][ T8227] ceph: No mds server is up or the cluster is laggy
[  271.813979][ T5947] Bluetooth: hci0: command 0x040f tx timeout
[  271.902751][ T5947] Bluetooth: hci3: command 0x040f tx timeout
[  271.902796][ T5937] Bluetooth: hci2: command 0x040f tx timeout
[  271.902819][ T5944] Bluetooth: hci1: command 0x040f tx timeout
[  272.215230][ T8256] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  272.218735][ T8256] overlayfs: NFS export requires an index dir, falling back to nfs_export=off.
[  272.536387][ T8270] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  272.549959][ T8269] syz.2.637 uses obsolete (PF_INET,SOCK_PACKET)
[  273.065687][ T7160] usb 8-1: USB disconnect, device number 5
[  273.715878][ T8286] syz.2.651 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  273.948438][ T8298] Invalid source name
[  273.950411][ T8298] UBIFS error (pid: 8298): cannot open "/dev/sg0", error -22
[  273.972885][ T5295] Bluetooth: hci3: command 0x040f tx timeout
[  277.452611][ T5295] Bluetooth: hci0: unexpected event for opcode 0x2006
[  277.508642][ T8319] 9p: Bad value for 'rfdno'
[  277.534983][   T40] kauditd_printk_skb: 58 callbacks suppressed
[  277.534996][   T40] audit: type=1326 audit(1774337557.152:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.3.654" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f42f6c code=0x0
[  277.633197][ T8326] netlink: 8 bytes leftover after parsing attributes in process `syz.3.654'.
[  277.637510][ T8326] netlink: 8 bytes leftover after parsing attributes in process `syz.3.654'.
[  277.641450][ T8326] netlink: 8 bytes leftover after parsing attributes in process `syz.3.654'.
[  277.646174][ T8326] netlink: 8 bytes leftover after parsing attributes in process `syz.3.654'.
[  277.714030][ T8335] Invalid source name
[  277.715814][ T8335] UBIFS error (pid: 8335): cannot open "/dev/sg0", error -22
[  277.737893][ T8334] Invalid source name
[  277.753763][ T8334] UBIFS error (pid: 8334): cannot open "/dev/sg0", error -22
[  277.850911][ T8336] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  277.855314][ T8336] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  277.858545][ T8336] vhci_hcd vhci_hcd.0: Device attached
[  278.122829][ T7160] usb 38-1: SetAddress Request (23) to port 0
[  278.125069][ T7160] usb 38-1: new SuperSpeed USB device number 23 using vhci_hcd
[  278.426513][ T8337] vhci_hcd: connection reset by peer
[  278.433764][ T6840] vhci_hcd vhci_hcd.0: stop threads
[  278.437189][ T6840] vhci_hcd vhci_hcd.0: release socket
[  278.440003][ T6840] vhci_hcd vhci_hcd.0: disconnect device
[  279.447074][ T8351] netlink: 'syz.2.663': attribute type 4 has an invalid length.
[  279.458400][ T8351] netlink: 'syz.2.663': attribute type 4 has an invalid length.
[  280.755330][ T8375] random: crng reseeded on system resumption
[  281.410744][   T40] audit: type=1800 audit(1774337561.022:73): pid=8385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.674" name="bus" dev="tmpfs" ino=1131 res=0 errno=0
[  281.430163][   T40] audit: type=1800 audit(1774337561.022:74): pid=8385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.674" name="bus" dev="tmpfs" ino=1131 res=0 errno=0
[  281.442556][   T40] audit: type=1800 audit(1774337561.022:75): pid=8385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.674" name="bus" dev="tmpfs" ino=1131 res=0 errno=0
[  281.461652][   T40] audit: type=1800 audit(1774337561.022:76): pid=8385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.674" name="bus" dev="tmpfs" ino=1131 res=0 errno=0
[  281.481973][   T40] audit: type=1800 audit(1774337561.042:77): pid=8385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.674" name="bus" dev="tmpfs" ino=1131 res=0 errno=0
[  281.490659][   T40] audit: type=1800 audit(1774337561.042:78): pid=8385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.674" name="bus" dev="tmpfs" ino=1131 res=0 errno=0
[  281.503561][   T40] audit: type=1800 audit(1774337561.042:79): pid=8385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.674" name="bus" dev="tmpfs" ino=1131 res=0 errno=0
[  281.512854][   T40] audit: type=1800 audit(1774337561.042:80): pid=8385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.674" name="bus" dev="tmpfs" ino=1131 res=0 errno=0
[  281.521616][   T40] audit: type=1800 audit(1774337561.042:81): pid=8385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.674" name="bus" dev="tmpfs" ino=1131 res=0 errno=0
[  281.727398][ T8393] Invalid source name
[  281.729535][ T8393] UBIFS error (pid: 8393): cannot open "/dev/sg0", error -22
[  282.808233][ T8395] netlink: 40 bytes leftover after parsing attributes in process `syz.0.677'.
[  283.328835][ T7160] usb 38-1: device descriptor read/8, error -110
[  283.733073][ T7160] usb usb38-port1: attempt power cycle
[  284.115920][ T8421] x_tables: duplicate underflow at hook 3
[  284.234370][ T8426] netlink: 48 bytes leftover after parsing attributes in process `syz.0.690'.
[  284.295514][ T7160] usb usb38-port1: unable to enumerate USB device
[  284.498293][ T8439] tmpfs: Bad value for 'mpol'
[  284.667025][ T8445] bond1: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  284.672389][ T8445] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  284.950135][ T8457] 8021q: adding VLAN 0 to HW filter on device bond0
[  284.959049][ T8457] bond0: (slave rose0): Enslaving as an active interface with an up link
[  285.476640][ T8490] faux_driver vkms: [drm] Unknown color mode 9; guessing buffer size.
[  286.552320][ T8521] random: crng reseeded on system resumption
[  286.997721][ T8533] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  286.999830][ T8533] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  287.026832][ T8533] vhci_hcd vhci_hcd.0: Device attached
[  287.302638][ T6271] usb 42-1: SetAddress Request (34) to port 0
[  287.305657][ T6271] usb 42-1: new SuperSpeed USB device number 34 using vhci_hcd
[  287.365438][ T8539] FAULT_INJECTION: forcing a failure.
[  287.365438][ T8539] name failslab, interval 1, probability 0, space 0, times 0
[  287.369530][ T8539] CPU: 2 UID: 0 PID: 8539 Comm: syz.3.718 Not tainted syzkaller #0 PREEMPT(full) 
[  287.369544][ T8539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  287.369550][ T8539] Call Trace:
[  287.369555][ T8539]  <TASK>
[  287.369559][ T8539]  dump_stack_lvl+0x100/0x190
[  287.369580][ T8539]  should_fail_ex.cold+0x5/0xa
[  287.369594][ T8539]  ? tomoyo_realpath_from_path+0xb6/0x690
[  287.369609][ T8539]  should_failslab+0xc2/0x120
[  287.369621][ T8539]  __kmalloc_noprof+0xe0/0x850
[  287.369640][ T8539]  tomoyo_realpath_from_path+0xb6/0x690
[  287.369658][ T8539]  tomoyo_path_number_perm+0x23c/0x580
[  287.369669][ T8539]  ? tomoyo_path_number_perm+0x22e/0x580
[  287.369682][ T8539]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  287.369708][ T8539]  ? find_held_lock+0x2b/0x80
[  287.369719][ T8539]  ? hook_file_ioctl_common+0x146/0x410
[  287.369731][ T8539]  ? __fget_files+0x215/0x3d0
[  287.369744][ T8539]  ? __fget_files+0x21f/0x3d0
[  287.369756][ T8539]  security_file_ioctl_compat+0xd3/0x230
[  287.369770][ T8539]  __ia32_compat_sys_ioctl+0xc2/0x360
[  287.369789][ T8539]  __do_fast_syscall_32+0xe3/0x8c0
[  287.369808][ T8539]  do_fast_syscall_32+0x32/0x70
[  287.369818][ T8539]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  287.369836][ T8539] RIP: 0023:0xf7f42f6c
[  287.369845][ T8539] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  287.369855][ T8539] RSP: 002b:00000000f53e550c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  287.369866][ T8539] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  287.369872][ T8539] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  287.369878][ T8539] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  287.369884][ T8539] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  287.369890][ T8539] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  287.369905][ T8539]  </TASK>
[  287.369909][ T8539] ERROR: Out of memory at tomoyo_realpath_from_path.
[  287.980745][ T8534] vhci_hcd: connection reset by peer
[  287.983131][  T154] vhci_hcd vhci_hcd.2: stop threads
[  287.984849][  T154] vhci_hcd vhci_hcd.2: release socket
[  287.987424][  T154] vhci_hcd vhci_hcd.2: disconnect device
[  288.842229][ T8563] netlink: 4 bytes leftover after parsing attributes in process `syz.0.726'.
[  288.865681][ T8565] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  290.135918][ T8569] wg2 speed is unknown, defaulting to 1000
[  290.386583][ T8586] Invalid source name
[  290.388163][ T8586] UBIFS error (pid: 8586): cannot open "/dev/sg0", error -22
[  290.722948][ T8593] ip6t_srh: unknown srh match flags  448C
[  290.957505][ T8602] tmpfs: Bad value for 'mpol'
[  291.756189][ T8617] overlayfs: failed to resolve './bus': -2
[  292.372708][ T6271] usb 42-1: device descriptor read/8, error -110
[  292.670328][ T8628] netlink: 'syz.0.742': attribute type 4 has an invalid length.
[  292.684165][ T8628] netlink: 'syz.0.742': attribute type 4 has an invalid length.
[  292.763594][ T6271] usb usb42-port1: attempt power cycle
[  292.970756][ T8633] netlink: 55 bytes leftover after parsing attributes in process `syz.3.745'.
[  292.973981][ T8633] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  292.976808][ T8633] IPv6: NLM_F_CREATE should be set when creating new route
[  293.343416][ T6271] usb usb42-port1: unable to enumerate USB device
[  293.394981][ T8639] fuse: Unknown parameter '000000000000000000030x0000000000000003'
[  293.630558][ T8647] Invalid source name
[  293.631977][ T8647] UBIFS error (pid: 8647): cannot open "/dev/sg0", error -22
[  294.257591][ T8658] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  294.262210][ T8658] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  294.298742][ T8658] vhci_hcd vhci_hcd.0: Device attached
[  294.463040][ T8662] netlink: 8 bytes leftover after parsing attributes in process `syz.2.752'.
[  294.486731][ T8662] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  294.583835][ T6271] usb 44-1: SetAddress Request (22) to port 0
[  294.586465][ T6271] usb 44-1: new SuperSpeed USB device number 22 using vhci_hcd
[  295.723430][ T8659] vhci_hcd: connection reset by peer
[  295.725553][  T154] vhci_hcd vhci_hcd.3: stop threads
[  295.792574][  T154] vhci_hcd vhci_hcd.3: release socket
[  295.802766][  T154] vhci_hcd vhci_hcd.3: disconnect device
[  295.966661][ T8683] Invalid source name
[  295.968773][ T8683] UBIFS error (pid: 8683): cannot open "/dev/sg0", error -22
[  296.563965][ T8696] Invalid source name
[  296.575092][ T8696] UBIFS error (pid: 8696): cannot open "/dev/sg0", error -22
[  296.660850][ T8700] random: crng reseeded on system resumption
[  296.710176][ T8702] binder: 8701:8702 ioctl c0306201 80000080 returned -14
[  297.967511][ T8725] wg2 speed is unknown, defaulting to 1000
[  298.987118][ T8734] ptrace attach of "/syz-executor exec"[5935] was attempted by ""[8734]
[  299.518701][ T8740] x_tables: duplicate underflow at hook 2
[  299.663837][ T6271] usb 44-1: device descriptor read/8, error -110
[  299.900800][ T8754] netlink: 60 bytes leftover after parsing attributes in process `syz.0.779'.
[  299.915956][ T8751] syzkaller0: entered promiscuous mode
[  299.918253][ T8751] syzkaller0: entered allmulticast mode
[  300.053618][ T6271] usb usb44-port1: attempt power cycle
[  300.633743][ T6271] usb usb44-port1: unable to enumerate USB device
[  301.434607][ T8774] random: crng reseeded on system resumption
[  301.495631][ T8775] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  301.497734][ T8775] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  301.502218][ T8775] vhci_hcd vhci_hcd.0: Device attached
[  301.620741][ T8780] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  301.812810][ T1021] usb 40-1: SetAddress Request (22) to port 0
[  301.815710][ T1021] usb 40-1: new SuperSpeed USB device number 22 using vhci_hcd
[  303.218263][ T8776] vhci_hcd: connection reset by peer
[  303.220079][   T12] vhci_hcd vhci_hcd.1: stop threads
[  303.221638][   T12] vhci_hcd vhci_hcd.1: release socket
[  303.224217][   T12] vhci_hcd vhci_hcd.1: disconnect device
[  304.006542][ T8806] wg2 speed is unknown, defaulting to 1000
[  305.078111][ T8813] wg2 speed is unknown, defaulting to 1000
[  305.870404][ T8830] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  305.872773][ T8830] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  305.876920][ T8830] vhci_hcd vhci_hcd.0: Device attached
[  306.092639][   T50] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  306.152598][   T50] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  306.162679][   T54] usb 7-1: new full-speed USB device number 10 using dummy_hcd
[  306.314616][   T54] usb 7-1: config 0 has no interfaces?
[  306.317409][   T54] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  306.321663][   T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.328923][   T54] usb 7-1: config 0 descriptor??
[  306.543198][ T8831] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1
[  306.548721][ T5295] Bluetooth: hci0: unexpected event for opcode 0x0c03
[  306.551217][ T6270] usb 7-1: USB disconnect, device number 10
[  306.551999][   T12] vhci_hcd vhci_hcd.2: stop threads
[  306.557549][   T12] vhci_hcd vhci_hcd.2: release socket
[  306.560543][   T12] vhci_hcd vhci_hcd.2: disconnect device
[  306.863158][ T1021] usb 40-1: device descriptor read/8, error -110
[  307.431382][ T8849] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  307.433695][ T8849] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  308.143703][ T1021] usb usb40-port1: attempt power cycle
[  308.243447][ T8853] syzkaller0: entered promiscuous mode
[  308.246295][ T8853] syzkaller0: entered allmulticast mode
[  308.374444][ T8855] netlink: 4 bytes leftover after parsing attributes in process `syz.2.809'.
[  308.703603][ T1021] usb usb40-port1: unable to enumerate USB device
[  308.762958][ T8875] syzkaller0: entered promiscuous mode
[  308.765166][ T8875] syzkaller0: entered allmulticast mode
[  308.923692][ T8881] wg2 speed is unknown, defaulting to 1000
[  310.429523][   T40] kauditd_printk_skb: 56 callbacks suppressed
[  310.429538][   T40] audit: type=1326 audit(1774337590.042:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8905 comm="syz.0.827" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f17f6c code=0x0
[  311.153268][ T8918] bridge0: port 1(bridge_slave_0) entered forwarding state
[  311.244044][ T8921] random: crng reseeded on system resumption
[  311.252947][   T50] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  313.794725][ T8957] wg2 speed is unknown, defaulting to 1000
[  315.060290][ T8981] Bluetooth: MGMT ver 1.23
[  315.108470][ T8983] fuse: Unknown parameter '00000000000000000000000'
[  315.252619][ T8988] binder: 8987:8988 unknown command 0
[  315.254382][ T8988] binder: 8987:8988 ioctl c0306201 80000080 returned -22
[  315.592684][   T54] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  315.742564][   T54] usb 8-1: Using ep0 maxpacket: 32
[  315.745695][   T54] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  315.748635][   T54] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  315.752226][   T54] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  315.757446][   T54] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  315.761185][   T54] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  315.767106][   T54] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  315.772794][   T54] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  315.776599][   T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.780967][   T54] usb 8-1: config 0 descriptor??
[  315.996886][   T54] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  316.225207][ T9050] netlink: 4 bytes leftover after parsing attributes in process `syz.1.862'.
[  316.250994][ T9054] netlink: 12 bytes leftover after parsing attributes in process `syz.3.857'.
[  316.262916][ T9050] veth3: entered promiscuous mode
[  316.289421][   T54] usb 8-1: USB disconnect, device number 6
[  316.296671][   T54] usblp0: removed
[  316.893471][ T9070] netlink: 8 bytes leftover after parsing attributes in process `syz.3.867'.
[  317.101036][ T9079] netlink: 4 bytes leftover after parsing attributes in process `syz.1.870'.
[  317.446006][ T9092] wg2 speed is unknown, defaulting to 1000
[  317.493274][ T9093] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  317.495671][ T9093] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  317.499287][ T9093] vhci_hcd vhci_hcd.0: Device attached
[  317.732537][ T5980] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  318.189449][ T9094] vhci_hcd: connection reset by peer
[  318.191972][  T106] vhci_hcd vhci_hcd.3: stop threads
[  318.194666][  T106] vhci_hcd vhci_hcd.3: release socket
[  318.197418][  T106] vhci_hcd vhci_hcd.3: disconnect device
[  320.219779][ T9130] random: crng reseeded on system resumption
[  320.480830][ T9140] ipvlan2: entered promiscuous mode
[  320.484592][ T9140] ipvlan2: entered allmulticast mode
[  320.487252][ T9140] gretap0: entered allmulticast mode
[  320.491728][ T9140] team0: Device ipvlan2 failed to register rx_handler
[  321.738244][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  321.740373][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  322.190269][ T9159] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  322.192378][ T9159] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  322.195812][ T9159] vhci_hcd vhci_hcd.0: Device attached
[  322.458455][ T9171] wg2 speed is unknown, defaulting to 1000
[  322.468154][ T9162] vhci_hcd: connection closed
[  322.468387][ T1155] vhci_hcd vhci_hcd.3: stop threads
[  322.471668][ T1155] vhci_hcd vhci_hcd.3: release socket
[  322.500723][ T1155] vhci_hcd vhci_hcd.3: disconnect device
[  322.842623][ T5980] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  323.145607][ T9181] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  323.148473][ T9181] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  323.455275][   T40] audit: type=1800 audit(1774337603.072:139): pid=9185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.902" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  323.476626][ T9184] netfs: Couldn't get user pages (rc=-14)
[  323.484158][ T9181] vhci_hcd vhci_hcd.0: Device attached
[  323.738785][ T9182] vhci_hcd: connection closed
[  323.739028][ T1141] vhci_hcd vhci_hcd.1: stop threads
[  323.742375][ T1141] vhci_hcd vhci_hcd.1: release socket
[  323.744528][   T10] usb 40-1: SetAddress Request (26) to port 0
[  323.746579][ T1141] vhci_hcd vhci_hcd.1: disconnect device
[  323.748860][   T10] usb 40-1: new SuperSpeed USB device number 26 using vhci_hcd
[  323.774623][   T10] usb 40-1: enqueue for inactive port 0
[  324.475416][   T10] usb usb40-port1: attempt power cycle
[  324.640632][ T9198] random: crng reseeded on system resumption
[  325.043516][   T10] usb usb40-port1: unable to enumerate USB device
[  325.422285][ T9210] EXT4-fs: Conflicting test_dummy_encryption options
[  325.551832][ T9212] infiniband syz1: set active
[  325.553609][ T9212] infiniband syz1: added syz_tun
[  325.577237][ T9212] RDS/IB: syz1: added
[  325.578763][ T9212] smc: adding ib device syz1 with port count 1
[  325.580765][ T9212] smc:    ib device syz1 port 1 has no pnetid
[  325.764645][ T9213] overlayfs: invalid origin (0000)
[  327.335812][ T9225] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  327.362170][ T9225] macvtap1: entered promiscuous mode
[  327.364472][ T9225] macvtap1: entered allmulticast mode
[  327.367874][ T9225] dummy0: entered promiscuous mode
[  327.369753][ T9225] dummy0: entered allmulticast mode
[  327.375504][ T9225] team0: Device macvtap1 failed to register rx_handler
[  327.574593][ T9225] dummy0: left allmulticast mode
[  327.577429][ T9225] dummy0: left promiscuous mode
[  327.644450][ T9228] fuse: Unknown parameter 'user_id00000000000000000000'
[  327.649889][ T9228] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  327.654290][ T9228] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  328.288285][ T9244] wg2 speed is unknown, defaulting to 1000
[  328.520552][ T9251] fuse: Unknown parameter 'user_id00000000000000000000'
[  328.526327][ T9251] overlayfs: missing 'lowerdir'
[  329.205277][   T40] audit: type=1800 audit(1774337608.822:140): pid=9270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.932" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  329.210502][ T9274] fuse: Unknown parameter 'user_id00000000000000000000'
[  329.218818][ T9274] overlayfs: missing 'lowerdir'
[  332.317223][ T9305] fuse: Unknown parameter 'user_id00000000000000000000'
[  332.329777][ T9305] overlayfs: missing 'lowerdir'
[  332.408799][ T9309] Invalid source name
[  332.410401][ T9309] UBIFS error (pid: 9309): cannot open "/dev/sg0", error -22
[  333.443372][ T9318] wg2 speed is unknown, defaulting to 1000
[  335.015830][ T9336] fuse: Unknown parameter 'user_id00000000000000000000'
[  335.432987][ T9345] Illegal XDP return value 51 on prog  (id 100) dev syz_tun, expect packet loss!
[  335.486622][ T9345] Bluetooth: hci0: unsupported parameter 255
[  335.488632][ T9345] Bluetooth: hci0: unsupported parameter 255
[  335.750897][ T9357] Invalid source name
[  335.752943][ T9357] UBIFS error (pid: 9357): cannot open "/dev/sg0", error -22
[  335.858672][ T9359] fuse: Unknown parameter 'user_id00000000000000000000'
[  336.681738][ T9381] fuse: Unknown parameter 'user_id00000000000000000000'
[  336.905864][ T9395] netlink: 8 bytes leftover after parsing attributes in process `syz.2.982'.
[  336.908810][ T9395] netlink: 4 bytes leftover after parsing attributes in process `syz.2.982'.
[  337.092152][ T9401] Invalid source name
[  337.094421][ T9401] UBIFS error (pid: 9401): cannot open "/dev/sg0", error -22
[  337.632153][ T9405] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  337.636448][ T9405] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  337.698666][ T9405] vhci_hcd vhci_hcd.0: Device attached
[  337.956175][ T9406] vhci_hcd: connection closed
[  337.956379][ T1180] vhci_hcd vhci_hcd.2: stop threads
[  337.961220][ T1180] vhci_hcd vhci_hcd.2: release socket
[  337.963114][ T1180] vhci_hcd vhci_hcd.2: disconnect device
[  337.982756][ T6021] usb 42-1: enqueue for inactive port 0
[  338.500804][ T6021] usb usb42-port1: attempt power cycle
[  338.834637][ T9428] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  338.836743][ T9428] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  338.843417][ T9428] vhci_hcd vhci_hcd.0: Device attached
[  339.006952][   T40] audit: type=1800 audit(1774337618.582:141): pid=9436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.990" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  339.010269][ T9429] netfs: Couldn't get user pages (rc=-14)
[  339.073392][ T6021] usb usb42-port1: unable to enumerate USB device
[  339.122993][   T54] usb 40-1: SetAddress Request (30) to port 0
[  339.125715][   T54] usb 40-1: new SuperSpeed USB device number 30 using vhci_hcd
[  339.352633][ T5980] usb 8-1: new full-speed USB device number 7 using dummy_hcd
[  339.529504][ T5980] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  339.532946][ T5980] usb 8-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  339.535945][ T5980] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  339.538897][ T5980] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.429191][ T9430] vhci_hcd: connection reset by peer
[  340.431562][ T1155] vhci_hcd vhci_hcd.1: stop threads
[  340.433369][ T1155] vhci_hcd vhci_hcd.1: release socket
[  340.436345][ T1155] vhci_hcd vhci_hcd.1: disconnect device
[  340.744652][ T9446] netlink: 8 bytes leftover after parsing attributes in process `syz.0.995'.
[  341.943873][ T9463] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  341.946193][ T9463] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  341.986462][ T9463] vhci_hcd vhci_hcd.0: Device attached
[  342.268901][ T6017] usb 8-1: USB disconnect, device number 7
[  342.306021][ T9465] vhci_hcd: connection closed
[  342.312658][ T1180] vhci_hcd vhci_hcd.1: stop threads
[  342.316446][ T1180] vhci_hcd vhci_hcd.1: release socket
[  342.318623][ T1180] vhci_hcd vhci_hcd.1: disconnect device
[  343.253224][ T9485] binder: 9484:9485 ioctl c0306201 0 returned -14
[  343.278717][ T9483] wg2 speed is unknown, defaulting to 1000
[  344.047485][   T40] audit: type=1800 audit(1774337623.662:142): pid=9496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1012" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  344.055064][ T9496] netfs: Couldn't get user pages (rc=-14)
[  344.312714][   T54] usb 40-1: device descriptor read/8, error -110
[  344.357100][ T6004] usb 7-1: new full-speed USB device number 11 using dummy_hcd
[  344.549095][ T6004] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  344.555145][ T6004] usb 7-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  344.559497][ T6004] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  344.564511][ T6004] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.705405][   T54] usb usb40-port1: attempt power cycle
[  345.265618][   T54] usb usb40-port1: unable to enumerate USB device
[  345.621050][ T9513] fuse: Unknown parameter 'user_id00000000000000000000'
[  346.595456][ T9528] netlink: 'syz.1.1023': attribute type 1 has an invalid length.
[  346.618052][ T9528] 8021q: adding VLAN 0 to HW filter on device bond6
[  346.634010][ T9528] bond6: (slave gretap1): making interface the new active one
[  346.638084][ T9528] bond6: (slave gretap1): Enslaving as an active interface with an up link
[  347.000611][ T9540] fuse: Unknown parameter 'user_id00000000000000000000'
[  347.426198][ T6017] usb 7-1: USB disconnect, device number 11
[  347.786833][ T9545] wg2 speed is unknown, defaulting to 1000
[  348.905003][ T9565] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1034'.
[  349.511786][ T9571] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  349.514540][ T9571] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  349.520811][ T9571] vhci_hcd vhci_hcd.0: Device attached
[  349.782756][   T34] usb 38-1: SetAddress Request (27) to port 0
[  349.785241][   T34] usb 38-1: new SuperSpeed USB device number 27 using vhci_hcd
[  349.941594][   T40] audit: type=1800 audit(1774337629.552:143): pid=9578 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1036" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  349.959094][ T9578] netfs: Couldn't get user pages (rc=-14)
[  350.342674][ T6021] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[  350.575102][ T9573] vhci_hcd: connection reset by peer
[  350.597858][ T6021] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  350.603262][ T6021] usb 7-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  350.607395][ T6021] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  350.611610][ T6021] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.616965][ T1180] vhci_hcd vhci_hcd.0: stop threads
[  350.619038][ T1180] vhci_hcd vhci_hcd.0: release socket
[  350.622569][ T1180] vhci_hcd vhci_hcd.0: disconnect device
[  352.979798][ T9617] wg2 speed is unknown, defaulting to 1000
[  353.620518][   T54] usb 7-1: USB disconnect, device number 12
[  354.889421][   T34] usb 38-1: device descriptor read/8, error -110
[  355.283150][   T34] usb usb38-port1: attempt power cycle
[  355.415343][ T9649] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1058'.
[  355.480119][ T9651] 8021q: adding VLAN 0 to HW filter on device bond4
[  355.492914][ T9651] bond_slave_0: entered promiscuous mode
[  355.494996][ T9651] bond_slave_1: entered promiscuous mode
[  355.497485][ T9651] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  355.502601][ T9651] bond4: (slave macvlan2): making interface the new active one
[  355.506239][ T9651] bond4: (slave macvlan2): Enslaving as an active interface with an up link
[  355.566422][ T9656] rdma_rxe: rxe_newlink: failed to add bond0
[  355.843458][   T34] usb usb38-port1: unable to enumerate USB device
[  355.997659][   T40] audit: type=1326 audit(1774337635.612:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9669 comm="syz.1.1065" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708ef6c code=0x0
[  356.024320][ T9671] Invalid source name
[  356.026072][ T9671] UBIFS error (pid: 9671): cannot open "/dev/sg0", error -22
[  356.322664][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  356.877666][ T9683] random: crng reseeded on system resumption
[  357.064768][ T1155] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.206566][ T5937] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  357.210445][ T5937] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  357.220233][ T5937] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  357.225133][ T1155] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.231089][ T5937] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  357.237178][ T5937] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  357.265139][ T9694] wg2 speed is unknown, defaulting to 1000
[  357.314004][ T1155] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.524986][ T1155] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.639865][ T1155] bridge_slave_1: left allmulticast mode
[  357.641914][ T1155] bridge_slave_1: left promiscuous mode
[  357.654216][ T1155] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.667584][ T1155] bridge_slave_0: left allmulticast mode
[  357.669558][ T1155] bridge_slave_0: left promiscuous mode
[  357.671602][ T1155] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.686756][ T1155] bond_slave_0: left promiscuous mode
[  357.688945][ T1155] bond_slave_1: left promiscuous mode
[  357.780618][ T1155] bond1 (unregistering): (slave gretap1): Releasing active interface
[  357.789484][ T9709] Invalid source name
[  357.791028][ T9709] UBIFS error (pid: 9709): cannot open "/dev/sg0", error -22
[  357.867792][ T1155] bond4 (unregistering): (slave macvlan2): Releasing active interface
[  357.877961][ T1155] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  357.884494][ T1155] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  357.888315][ T1155] bond0 (unregistering): Released all slaves
[  357.892917][ T1155] bond1 (unregistering): Released all slaves
[  357.901453][ T1155] bond2 (unregistering): Released all slaves
[  357.908412][ T1155] bond3 (unregistering): Released all slaves
[  357.918843][ T1155] bond4 (unregistering): Released all slaves
[  358.043416][ T1155] IPVS: stopping master sync thread 7402 ...
[  358.283356][ T9694] chnl_net:caif_netlink_parms(): no params data found
[  358.431901][ T9694] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.442576][ T9694] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.444964][ T9694] bridge_slave_0: entered allmulticast mode
[  358.454026][ T9694] bridge_slave_0: entered promiscuous mode
[  358.457267][ T9694] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.459598][ T9694] bridge0: port 2(bridge_slave_1) entered disabled state
[  358.461923][ T9694] bridge_slave_1: entered allmulticast mode
[  358.473876][ T9694] bridge_slave_1: entered promiscuous mode
[  358.503917][ T9694] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  358.523451][ T9694] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  358.569227][ T9694] team0: Port device team_slave_0 added
[  358.583007][ T9694] team0: Port device team_slave_1 added
[  358.661261][ T9694] batman_adv: batadv0: Adding interface: batadv_slave_0
[  358.663956][ T9694] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  358.680533][ T9694] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  358.696173][ T9694] batman_adv: batadv0: Adding interface: batadv_slave_1
[  358.698541][ T9694] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  358.708051][ T9694] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  358.716641][ T1155] hsr_slave_0: left promiscuous mode
[  358.720163][ T1155] hsr_slave_1: left promiscuous mode
[  358.722439][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  358.726072][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_0
[  358.745786][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  358.751254][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_1
[  358.763035][ T1155] veth1_macvtap: left promiscuous mode
[  358.765693][ T1155] veth0_macvtap: left promiscuous mode
[  358.768210][ T1155] veth1_vlan: left promiscuous mode
[  358.770185][ T1155] veth0_vlan: left promiscuous mode
[  359.071647][ T1155] team0 (unregistering): Port device team_slave_1 removed
[  359.085404][ T1155] team0 (unregistering): Port device team_slave_0 removed
[  359.219961][ T9694] hsr_slave_0: entered promiscuous mode
[  359.222865][ T9694] hsr_slave_1: entered promiscuous mode
[  359.225094][ T9694] debugfs: 'hsr0' already exists in 'hsr'
[  359.227281][ T9694] Cannot create hsr debugfs directory
[  359.253610][ T5295] Bluetooth: hci3: command tx timeout
[  359.363785][ T9694] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  359.370006][ T9694] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  359.376257][ T9694] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  359.387468][ T9694] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  359.571917][ T9694] 8021q: adding VLAN 0 to HW filter on device bond0
[  359.642376][ T9694] 8021q: adding VLAN 0 to HW filter on device team0
[  359.661353][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  359.663784][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  359.674353][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  359.677376][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  359.933956][ T9694] 8021q: adding VLAN 0 to HW filter on device batadv0
[  360.218253][ T9694] veth0_vlan: entered promiscuous mode
[  360.227946][ T9694] veth1_vlan: entered promiscuous mode
[  360.251338][ T9694] veth0_macvtap: entered promiscuous mode
[  360.253742][   T40] audit: type=1800 audit(1774337639.862:145): pid=9782 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1087" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  360.257429][ T9694] veth1_macvtap: entered promiscuous mode
[  360.263515][ T9782] netfs: Couldn't get user pages (rc=-14)
[  360.274438][ T9694] batman_adv: batadv0: Interface activated: batadv_slave_0
[  360.284273][ T9694] batman_adv: batadv0: Interface activated: batadv_slave_1
[  360.296045][  T106] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  360.299268][  T106] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  360.302911][  T106] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  360.306144][  T106] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  360.357597][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  360.360399][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  360.380078][  T106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  360.383901][  T106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  360.393799][ T9694] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137
[  360.632669][   T50] usb 8-1: new full-speed USB device number 8 using dummy_hcd
[  360.910171][   T50] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  360.914093][   T50] usb 8-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  360.917252][   T50] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  360.920205][   T50] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.332697][ T5295] Bluetooth: hci3: command tx timeout
[  361.843788][ T9795] random: crng reseeded on system resumption
[  362.463373][ T9798] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  362.465523][ T9798] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  362.468734][ T9798] vhci_hcd vhci_hcd.0: Device attached
[  362.597306][ T9799] vhci_hcd: connection closed
[  362.597520][  T154] vhci_hcd vhci_hcd.4: stop threads
[  362.600762][  T154] vhci_hcd vhci_hcd.4: release socket
[  362.602610][  T154] vhci_hcd vhci_hcd.4: disconnect device
[  363.311072][ T7160] usb 8-1: USB disconnect, device number 8
[  363.361576][ T9810] 9pnet_virtio: no channels available for device syz
[  363.422791][ T5295] Bluetooth: hci3: command tx timeout
[  363.754783][   T50] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  363.865995][ T9819] pim6reg1: entered promiscuous mode
[  363.867829][ T9819] pim6reg1: entered allmulticast mode
[  363.951887][   T50] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  363.955198][   T50] usb 6-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  363.958129][   T50] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  363.971538][   T50] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.059174][ T9822] capability: warning: `syz.3.1096' uses deprecated v2 capabilities in a way that may be insecure
[  365.492615][ T5295] Bluetooth: hci3: command tx timeout
[  365.589380][   T40] audit: type=1800 audit(1774337645.202:146): pid=9839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1101" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  365.614068][ T9839] netfs: Couldn't get user pages (rc=-14)
[  366.022627][ T6004] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  366.184605][ T6004] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  366.188980][ T6004] usb 7-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  366.193583][ T6004] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  366.197940][ T6004] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.232820][ T9845] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  366.235607][ T9845] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  366.239186][ T9845] vhci_hcd vhci_hcd.0: Device attached
[  366.271848][ T7160] usb 6-1: USB disconnect, device number 4
[  366.366630][ T9846] vhci_hcd: connection closed
[  366.375673][ T1180] vhci_hcd vhci_hcd.3: stop threads
[  366.378992][ T1180] vhci_hcd vhci_hcd.3: release socket
[  366.380979][ T1180] vhci_hcd vhci_hcd.3: disconnect device
[  367.225256][ T9868] Invalid source name
[  367.227274][ T9868] UBIFS error (pid: 9868): cannot open "/dev/sg0", error -22
[  368.090695][ T9871] random: crng reseeded on system resumption
[  368.226233][ T9878] Invalid source name
[  368.228148][ T9878] UBIFS error (pid: 9878): cannot open "/dev/sg0", error -22
[  369.247791][ T7160] usb 7-1: USB disconnect, device number 13
[  369.596280][ T9890] bridge0: port 2(bridge_slave_1) entered disabled state
[  369.600783][ T9890] bridge0: port 1(bridge_slave_0) entered disabled state
[  369.726515][ T9890] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  369.740919][ T9890] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  369.788681][ T9897] Invalid source name
[  369.790951][ T9897] UBIFS error (pid: 9897): cannot open "/dev/sg0", error -22
[  369.922055][   T50] syz1: Port: 1 Link DOWN
[  369.931882][   T54] wg2 speed is unknown, defaulting to 1000
[  369.931911][ T1180] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  369.934752][   T54] syz2: Port: 1 Link DOWN
[  369.946000][ T1180] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  369.957431][   T34] wg2 speed is unknown, defaulting to 1000
[  369.960636][ T1180] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  369.969629][ T1180] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  371.663274][ T9926] FAULT_INJECTION: forcing a failure.
[  371.663274][ T9926] name failslab, interval 1, probability 0, space 0, times 0
[  371.668309][ T9926] CPU: 2 UID: 0 PID: 9926 Comm: syz.3.1117 Not tainted syzkaller #0 PREEMPT(full) 
[  371.668325][ T9926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  371.668331][ T9926] Call Trace:
[  371.668335][ T9926]  <TASK>
[  371.668340][ T9926]  dump_stack_lvl+0x100/0x190
[  371.668360][ T9926]  should_fail_ex.cold+0x5/0xa
[  371.668374][ T9926]  should_failslab+0xc2/0x120
[  371.668387][ T9926]  __kmalloc_cache_noprof+0x7a/0x6f0
[  371.668401][ T9926]  ? snd_rawmidi_open+0x3b3/0xba0
[  371.668416][ T9926]  ? _raw_spin_unlock+0x28/0x50
[  371.668430][ T9926]  ? snd_card_file_add+0x26e/0x340
[  371.668446][ T9926]  snd_rawmidi_open+0x3b3/0xba0
[  371.668464][ T9926]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  371.668481][ T9926]  ? soundcore_open+0x231/0x5a0
[  371.668491][ T9926]  ? soundcore_open+0x231/0x5a0
[  371.668503][ T9926]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  371.668519][ T9926]  soundcore_open+0x2e3/0x5a0
[  371.668531][ T9926]  ? __pfx_soundcore_open+0x10/0x10
[  371.668542][ T9926]  chrdev_open+0x234/0x6a0
[  371.668554][ T9926]  ? __pfx_chrdev_open+0x10/0x10
[  371.668566][ T9926]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  371.668581][ T9926]  do_dentry_open+0x6d8/0x1660
[  371.668592][ T9926]  ? __pfx_chrdev_open+0x10/0x10
[  371.668612][ T9926]  vfs_open+0x82/0x3f0
[  371.668628][ T9926]  path_openat+0x208c/0x31a0
[  371.668642][ T9926]  ? asm_int80_emulation+0x1a/0x20
[  371.668654][ T9926]  ? __pfx_path_openat+0x10/0x10
[  371.668671][ T9926]  do_file_open+0x20e/0x430
[  371.668683][ T9926]  ? __pfx_do_file_open+0x10/0x10
[  371.668704][ T9926]  ? _raw_spin_unlock+0x28/0x50
[  371.668718][ T9926]  ? alloc_fd+0x476/0x790
[  371.668732][ T9926]  do_sys_openat2+0x10d/0x1e0
[  371.668747][ T9926]  ? __pfx_do_sys_openat2+0x10/0x10
[  371.668760][ T9926]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  371.668779][ T9926]  ? __fget_files+0x21f/0x3d0
[  371.668792][ T9926]  __ia32_compat_sys_openat+0x12d/0x210
[  371.668808][ T9926]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  371.668823][ T9926]  ? ksys_write+0x1ac/0x250
[  371.668838][ T9926]  do_int80_emulation+0x141/0x6b0
[  371.668849][ T9926]  asm_int80_emulation+0x1a/0x20
[  371.668859][ T9926] RIP: 0023:0xf7145cab
[  371.668869][ T9926] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[  371.668879][ T9926] RSP: 002b:00000000f53e503c EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  371.668889][ T9926] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f53e5100
[  371.668896][ T9926] RDX: 0000000000028002 RSI: 0000000000000000 RDI: 0000000000000000
[  371.668902][ T9926] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  371.668907][ T9926] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  371.668913][ T9926] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  371.668927][ T9926]  </TASK>
[  371.682560][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  371.879043][ T9935] random: crng reseeded on system resumption
[  372.123424][ T6004] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  373.293004][ T6004] usb 7-1: Using ep0 maxpacket: 8
[  373.774018][ T6004] usb 7-1: config index 0 descriptor too short (expected 74, got 45)
[  373.787003][ T6004] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  373.790973][ T6004] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  373.902902][ T6004] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  373.907226][ T6004] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  373.911168][ T6004] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  373.916892][ T6004] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  373.920183][ T6004] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.083382][ T9969] Invalid source name
[  374.084847][ T9969] UBIFS error (pid: 9969): cannot open "/dev/sg0", error -22
[  374.145124][ T6004] usb 7-1: GET_CAPABILITIES returned 0
[  374.148933][ T6004] usbtmc 7-1:16.0: can't read capabilities
[  374.346558][    C0] usbtmc 7-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  374.350628][ T9930] usbtmc 7-1:16.0: Unable to send data, error -71
[  374.366745][ T6004] usb 7-1: USB disconnect, device number 14
[  376.285250][ T9985] random: crng reseeded on system resumption
[  377.073126][ T9992] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  377.075224][ T9992] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  377.077865][ T9994] vhci_hcd: connection closed
[  377.078070][ T9992] vhci_hcd vhci_hcd.0: Device attached
[  377.083033][  T154] vhci_hcd vhci_hcd.4: stop threads
[  377.084581][  T154] vhci_hcd vhci_hcd.4: release socket
[  377.086188][  T154] vhci_hcd vhci_hcd.4: disconnect device
[  377.189774][T10005] Invalid source name
[  377.236815][T10005] UBIFS error (pid: 10005): cannot open "/dev/sg0", error -22
[  378.026643][   T40] audit: type=1800 audit(1774337657.642:147): pid=10017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1139" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  378.037685][T10017] netfs: Couldn't get user pages (rc=-14)
[  380.149770][T10018] 9pnet_virtio: no channels available for device syz
[  380.412557][   T50] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  381.102590][   T34] usb 7-1: new full-speed USB device number 15 using dummy_hcd
[  381.125394][T10027] random: crng reseeded on system resumption
[  381.577406][   T34] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  381.580885][   T34] usb 7-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  381.584094][   T34] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  381.587291][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  381.773012][T10037] FAULT_INJECTION: forcing a failure.
[  381.773012][T10037] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  381.777752][T10037] CPU: 1 UID: 0 PID: 10037 Comm: syz.4.1147 Not tainted syzkaller #0 PREEMPT(full) 
[  381.777775][T10037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  381.777786][T10037] Call Trace:
[  381.777791][T10037]  <TASK>
[  381.777798][T10037]  dump_stack_lvl+0x100/0x190
[  381.777825][T10037]  should_fail_ex.cold+0x5/0xa
[  381.777839][T10037]  _copy_from_user+0x2e/0xd0
[  381.777853][T10037]  bpf_prog_create_from_user+0x109/0x2f0
[  381.777873][T10037]  ? __pfx_seccomp_check_filter+0x10/0x10
[  381.777888][T10037]  do_seccomp+0x7f7/0x2740
[  381.777902][T10037]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  381.777921][T10037]  ? __fget_files+0x21f/0x3d0
[  381.777933][T10037]  ? __pfx_do_seccomp+0x10/0x10
[  381.777948][T10037]  ? fput+0x79/0x100
[  381.777961][T10037]  ? ksys_write+0x1ac/0x250
[  381.777975][T10037]  __do_fast_syscall_32+0xe3/0x8c0
[  381.777993][T10037]  do_fast_syscall_32+0x32/0x70
[  381.778003][T10037]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  381.778018][T10037] RIP: 0023:0xf7fb3f6c
[  381.778027][T10037] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  381.778038][T10037] RSP: 002b:00000000f547650c EFLAGS: 00000292 ORIG_RAX: 0000000000000162
[  381.778049][T10037] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 000000000000001d
[  381.778056][T10037] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  381.778062][T10037] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  381.778067][T10037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  381.778073][T10037] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  381.778087][T10037]  </TASK>
[  381.858840][T10039] wg2 speed is unknown, defaulting to 1000
[  381.917648][ T6423] usb 7-1: USB disconnect, device number 15
[  382.593619][T10052] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  382.595893][T10052] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  382.598678][T10052] vhci_hcd vhci_hcd.0: Device attached
[  382.862636][ T7160] usb 42-1: SetAddress Request (42) to port 0
[  382.872074][ T7160] usb 42-1: new SuperSpeed USB device number 42 using vhci_hcd
[  382.888392][T10053] vhci_hcd: connection closed
[  382.890154][ T1180] vhci_hcd vhci_hcd.2: stop threads
[  382.893743][ T1180] vhci_hcd vhci_hcd.2: release socket
[  382.895598][ T1180] vhci_hcd vhci_hcd.2: disconnect device
[  383.176393][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  383.178957][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  383.181706][T10059] Invalid source name
[  383.183308][T10059] UBIFS error (pid: 10059): cannot open "/dev/sg0", error -22
[  383.827169][T10069] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1155'.
[  383.982186][T10074] random: crng reseeded on system resumption
[  383.988084][T10069] bond4 (unregistering): Released all slaves
[  384.883050][T10086] wg2 speed is unknown, defaulting to 1000
[  387.117420][T10099] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  387.119536][T10099] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  387.122689][T10099] vhci_hcd vhci_hcd.0: Device attached
[  387.258744][T10100] vhci_hcd: connection closed
[  387.343551][   T12] vhci_hcd vhci_hcd.1: stop threads
[  387.347983][   T12] vhci_hcd vhci_hcd.1: release socket
[  387.352927][   T12] vhci_hcd vhci_hcd.1: disconnect device
[  387.360558][T10111] Invalid source name
[  387.362038][T10111] UBIFS error (pid: 10111): cannot open "/dev/sg0", error -22
[  387.490004][T10115] wg2 speed is unknown, defaulting to 1000
[  387.972851][ T7160] usb 42-1: device descriptor read/8, error -110
[  388.393332][ T7160] usb usb42-port1: attempt power cycle
[  388.819781][   T40] audit: type=1800 audit(1774337668.432:148): pid=10129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1169" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  388.834035][T10129] netfs: Couldn't get user pages (rc=-14)
[  389.015481][ T7160] usb usb42-port1: unable to enumerate USB device
[  389.142597][   T34] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  389.314655][   T34] usb 9-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  389.318860][   T34] usb 9-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  389.355031][   T34] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  389.359141][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.764437][T10141] FAULT_INJECTION: forcing a failure.
[  389.764437][T10141] name failslab, interval 1, probability 0, space 0, times 0
[  389.768867][T10141] CPU: 2 UID: 0 PID: 10141 Comm: syz.3.1174 Not tainted syzkaller #0 PREEMPT(full) 
[  389.768885][T10141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  389.768892][T10141] Call Trace:
[  389.768898][T10141]  <TASK>
[  389.768903][T10141]  dump_stack_lvl+0x100/0x190
[  389.768925][T10141]  should_fail_ex.cold+0x5/0xa
[  389.768940][T10141]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[  389.768956][T10141]  should_failslab+0xc2/0x120
[  389.768969][T10141]  __kmalloc_noprof+0xe0/0x850
[  389.768986][T10141]  ? rcu_is_watching+0x12/0xc0
[  389.769006][T10141]  genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[  389.769023][T10141]  genl_family_rcv_msg_doit+0xc7/0x300
[  389.769037][T10141]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  389.769050][T10141]  ? genl_get_cmd+0x3ef/0x720
[  389.769066][T10141]  ? bpf_lsm_capable+0x9/0x10
[  389.769139][T10141]  ? security_capable+0x80/0x260
[  389.769164][T10141]  genl_rcv_msg+0x560/0x800
[  389.769181][T10141]  ? __pfx_genl_rcv_msg+0x10/0x10
[  389.769194][T10141]  ? __pfx_team_nl_port_list_get_doit+0x10/0x10
[  389.769211][T10141]  ? __lock_acquire+0x4a5/0x2630
[  389.769229][T10141]  netlink_rcv_skb+0x159/0x420
[  389.769239][T10141]  ? __pfx_genl_rcv_msg+0x10/0x10
[  389.769252][T10141]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  389.769269][T10141]  ? netlink_deliver_tap+0x1ae/0xcc0
[  389.769337][T10141]  genl_rcv+0x28/0x40
[  389.769353][T10141]  netlink_unicast+0x5aa/0x870
[  389.769374][T10141]  ? __pfx_netlink_unicast+0x10/0x10
[  389.769393][T10141]  ? __pfx___might_resched+0x10/0x10
[  389.769417][T10141]  netlink_sendmsg+0x8b0/0xda0
[  389.769430][T10141]  ? __pfx_netlink_sendmsg+0x10/0x10
[  389.769443][T10141]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  389.769466][T10141]  ____sys_sendmsg+0x9e1/0xb70
[  389.769478][T10141]  ? __pfx_netlink_sendmsg+0x10/0x10
[  389.769490][T10141]  ? __pfx_____sys_sendmsg+0x10/0x10
[  389.769510][T10141]  ___sys_sendmsg+0x190/0x1e0
[  389.769524][T10141]  ? __pfx____sys_sendmsg+0x10/0x10
[  389.769557][T10141]  __sys_sendmsg+0x170/0x220
[  389.769574][T10141]  ? __pfx___sys_sendmsg+0x10/0x10
[  389.769597][T10141]  ? __pfx_ksys_write+0x10/0x10
[  389.769613][T10141]  __do_fast_syscall_32+0xe3/0x8c0
[  389.769634][T10141]  do_fast_syscall_32+0x32/0x70
[  389.769645][T10141]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  389.769662][T10141] RIP: 0023:0xf7f42f6c
[  389.769673][T10141] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  389.769684][T10141] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  389.769696][T10141] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000480
[  389.769703][T10141] RDX: 0000000000008000 RSI: 0000000000000000 RDI: 0000000000000000
[  389.769709][T10141] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  389.769715][T10141] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  389.769722][T10141] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  389.769736][T10141]  </TASK>
[  390.206570][T10156] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  390.208763][T10156] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  390.212873][T10156] vhci_hcd vhci_hcd.0: Device attached
[  390.502654][   T34] usb 40-1: SetAddress Request (34) to port 0
[  390.504744][   T34] usb 40-1: new SuperSpeed USB device number 34 using vhci_hcd
[  390.688532][T10157] vhci_hcd: connection reset by peer
[  390.690651][  T106] vhci_hcd vhci_hcd.1: stop threads
[  390.695916][  T106] vhci_hcd vhci_hcd.1: release socket
[  390.698328][  T106] vhci_hcd vhci_hcd.1: disconnect device
[  391.087641][T10166] wg2 speed is unknown, defaulting to 1000
[  391.948275][   T40] audit: type=1326 audit(1774337671.562:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  391.958026][   T40] audit: type=1326 audit(1774337671.562:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.2.1183" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  391.972661][   T40] audit: type=1326 audit(1774337671.562:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.2.1183" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  391.982814][   T40] audit: type=1326 audit(1774337671.562:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  392.001374][   T40] audit: type=1326 audit(1774337671.562:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  392.010636][   T40] audit: type=1326 audit(1774337671.562:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.2.1183" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  392.020236][   T40] audit: type=1326 audit(1774337671.562:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm="syz.2.1183" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2f6c code=0x7ffc0000
[  392.027372][   T40] audit: type=1326 audit(1774337671.562:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf71d5cab code=0x7ffc0000
[  392.034570][   T40] audit: type=1326 audit(1774337671.562:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10174 comm=22 exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf71d5cab code=0x7ffc0000
[  392.184312][ T6423] usb 9-1: USB disconnect, device number 2
[  392.767256][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.769693][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.774638][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.780888][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.785664][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.789403][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.792197][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.795935][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.800164][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.804080][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.807897][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.810665][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.813885][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.816440][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.819417][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.822064][T10187] binder: 10185:10187 ioctl c0306201 80000080 returned -14
[  392.932692][   T54] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  393.068005][T10194] wg2 speed is unknown, defaulting to 1000
[  393.082673][   T54] usb 9-1: Using ep0 maxpacket: 8
[  393.097987][   T54] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  393.101388][   T54] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  393.104969][   T54] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  393.108942][   T54] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  393.113591][   T54] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  393.118923][   T54] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  393.126259][   T54] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  393.169224][T10196] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  393.171746][T10196] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  393.186772][T10196] vhci_hcd vhci_hcd.0: Device attached
[  393.340239][   T54] usb 9-1: usb_control_msg returned -32
[  393.343998][   T54] usbtmc 9-1:16.0: can't read capabilities
[  393.462789][ T6021] usb 44-1: SetAddress Request (27) to port 0
[  393.465245][ T6021] usb 44-1: new SuperSpeed USB device number 27 using vhci_hcd
[  393.709587][T10197] vhci_hcd: connection reset by peer
[  393.711891][   T12] vhci_hcd vhci_hcd.3: stop threads
[  393.717890][   T12] vhci_hcd vhci_hcd.3: release socket
[  393.720003][   T12] vhci_hcd vhci_hcd.3: disconnect device
[  395.572642][   T34] usb 40-1: device descriptor read/8, error -110
[  395.983393][   T34] usb usb40-port1: attempt power cycle
[  396.426223][T10237] wg2 speed is unknown, defaulting to 1000
[  396.573360][   T34] usb usb40-port1: unable to enumerate USB device
[  397.774053][T10252] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  397.776204][T10252] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  397.776534][T10251] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1205'.
[  397.778825][T10252] vhci_hcd vhci_hcd.0: Device attached
[  398.082641][ T6004] usb 40-1: SetAddress Request (38) to port 0
[  398.085207][ T6004] usb 40-1: new SuperSpeed USB device number 38 using vhci_hcd
[  398.103458][ T5980] IPVS: starting estimator thread 0...
[  398.192698][T10260] IPVS: using max 44 ests per chain, 105600 per kthread
[  398.360389][T10253] vhci_hcd: connection reset by peer
[  398.362324][ T1155] vhci_hcd vhci_hcd.1: stop threads
[  398.364369][ T1155] vhci_hcd vhci_hcd.1: release socket
[  398.366272][ T1155] vhci_hcd vhci_hcd.1: disconnect device
[  398.502046][   T40] kauditd_printk_skb: 24 callbacks suppressed
[  398.502112][   T40] audit: type=1800 audit(1774337678.112:182): pid=10278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1208" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  398.521263][T10278] netfs: Couldn't get user pages (rc=-14)
[  398.542563][ T6021] usb 44-1: device descriptor read/8, error -110
[  398.832607][ T5980] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[  398.953719][ T6021] usb usb44-port1: attempt power cycle
[  399.227587][ T5980] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  399.231408][ T5980] usb 7-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  399.234593][ T5980] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  399.237791][ T5980] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.272061][T10283] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  399.412834][T10182] usbtmc 9-1:16.0: usb_control_msg returned -110
[  399.424173][   T10] usb 9-1: USB disconnect, device number 3
[  399.533528][ T6021] usb usb44-port1: unable to enumerate USB device
[  400.336848][T10300] netlink: 144 bytes leftover after parsing attributes in process `syz.1.1213'.
[  400.456939][T10306] random: crng reseeded on system resumption
[  401.854106][T10321] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  401.856539][T10321] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  401.859221][T10321] vhci_hcd vhci_hcd.0: Device attached
[  402.372709][ T1331] usb 7-1: USB disconnect, device number 16
[  402.488493][T10322] vhci_hcd: connection closed
[  402.488661][ T1155] vhci_hcd vhci_hcd.1: stop threads
[  402.492074][ T1155] vhci_hcd vhci_hcd.1: release socket
[  402.494452][ T1155] vhci_hcd vhci_hcd.1: disconnect device
[  402.911096][T10328] EXT4-fs error (device sda1): ext4_lookup:1785: inode #448: comm syz.4.1221: iget: checksum invalid
[  402.916321][T10328] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  402.919484][T10328] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  402.922665][T10328] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  403.457154][T10327] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  403.459179][T10327] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  403.461119][T10327] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  403.463244][T10327] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  403.465140][T10327] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  403.473543][T10327] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  403.568475][T10336] FAULT_INJECTION: forcing a failure.
[  403.568475][T10336] name failslab, interval 1, probability 0, space 0, times 0
[  403.572848][T10336] CPU: 2 UID: 0 PID: 10336 Comm: syz.1.1224 Not tainted syzkaller #0 PREEMPT(full) 
[  403.572864][T10336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  403.572870][T10336] Call Trace:
[  403.572874][T10336]  <TASK>
[  403.572878][T10336]  dump_stack_lvl+0x100/0x190
[  403.572899][T10336]  should_fail_ex.cold+0x5/0xa
[  403.572912][T10336]  ? nft_set_elem_init+0xd6/0x630
[  403.572926][T10336]  should_failslab+0xc2/0x120
[  403.572938][T10336]  __kmalloc_noprof+0xe0/0x850
[  403.572958][T10336]  nft_set_elem_init+0xd6/0x630
[  403.572976][T10336]  nft_add_set_elem+0x1965/0x4050
[  403.572993][T10336]  ? netlink_unicast+0x580/0x870
[  403.573010][T10336]  ? insn_get_displacement+0x210/0x960
[  403.573026][T10336]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  403.573042][T10336]  ? __pfx_nft_add_set_elem+0x10/0x10
[  403.573066][T10336]  ? __lock_acquire+0x4a5/0x2630
[  403.573088][T10336]  ? find_held_lock+0x2b/0x80
[  403.573098][T10336]  ? net_generic+0xea/0x2a0
[  403.573117][T10336]  ? net_generic+0xea/0x2a0
[  403.573149][T10336]  ? __nla_validate_parse+0x1e7/0x28b0
[  403.573185][T10336]  ? nla_strcmp+0xff/0x130
[  403.573211][T10336]  ? nft_set_lookup_global+0x163/0x390
[  403.573235][T10336]  nf_tables_newsetelem+0x721/0xa60
[  403.573253][T10336]  ? __pfx_nf_tables_newsetelem+0x10/0x10
[  403.573272][T10336]  ? __nla_parse+0x40/0x60
[  403.573290][T10336]  nfnetlink_rcv_batch+0x1418/0x2880
[  403.573313][T10336]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  403.573327][T10336]  ? find_held_lock+0x2b/0x80
[  403.573339][T10336]  ? __local_bh_enable_ip+0x9e/0x120
[  403.573351][T10336]  ? lockdep_hardirqs_on+0x78/0x100
[  403.573367][T10336]  ? __dev_queue_xmit+0x8a0/0x4800
[  403.573399][T10336]  ? __nla_parse+0x40/0x60
[  403.573417][T10336]  nfnetlink_rcv+0x3bd/0x440
[  403.573430][T10336]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  403.573460][T10336]  netlink_unicast+0x5aa/0x870
[  403.573481][T10336]  ? __pfx_netlink_unicast+0x10/0x10
[  403.573498][T10336]  ? __pfx___might_resched+0x10/0x10
[  403.573519][T10336]  netlink_sendmsg+0x8b0/0xda0
[  403.573531][T10336]  ? __pfx_netlink_sendmsg+0x10/0x10
[  403.573543][T10336]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  403.573564][T10336]  ____sys_sendmsg+0x9e1/0xb70
[  403.573578][T10336]  ? __pfx_netlink_sendmsg+0x10/0x10
[  403.573589][T10336]  ? __pfx_____sys_sendmsg+0x10/0x10
[  403.573608][T10336]  ___sys_sendmsg+0x190/0x1e0
[  403.573621][T10336]  ? __pfx____sys_sendmsg+0x10/0x10
[  403.573650][T10336]  __sys_sendmsg+0x170/0x220
[  403.573666][T10336]  ? __pfx___sys_sendmsg+0x10/0x10
[  403.573687][T10336]  ? __pfx_ksys_write+0x10/0x10
[  403.573700][T10336]  __do_fast_syscall_32+0xe3/0x8c0
[  403.573719][T10336]  do_fast_syscall_32+0x32/0x70
[  403.573729][T10336]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  403.573742][T10336] RIP: 0023:0xf708ef6c
[  403.573755][T10336] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  403.573771][T10336] RSP: 002b:00000000f547d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  403.573788][T10336] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080009b40
[  403.573801][T10336] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  403.573812][T10336] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  403.573820][T10336] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  403.573828][T10336] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  403.573851][T10336]  </TASK>
[  403.684437][ T6004] usb 40-1: device descriptor read/8, error -110
[  404.899767][ T6004] usb usb40-port1: attempt power cycle
[  404.975661][   T40] audit: type=1800 audit(1774337684.592:183): pid=10347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1226" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  404.980751][T10347] netfs: Couldn't get user pages (rc=-14)
[  405.076592][T10350] wg2 speed is unknown, defaulting to 1000
[  405.086648][T10352] random: crng reseeded on system resumption
[  405.191303][ T5295] Bluetooth: hci0: command 0x040f tx timeout
[  405.472668][ T5980] usb 8-1: new full-speed USB device number 9 using dummy_hcd
[  405.473054][ T6004] usb usb40-port1: unable to enumerate USB device
[  405.557302][T10359] 9pnet_virtio: no channels available for device syz
[  405.644974][ T5295] Bluetooth: hci3: command 0x0c1a tx timeout
[  405.647027][ T5295] Bluetooth: hci2: command 0x040f tx timeout
[  405.648966][ T5295] Bluetooth: hci1: command 0x040f tx timeout
[  405.809007][ T5980] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  405.817984][ T5980] usb 8-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  405.821182][ T5980] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  405.824461][ T5980] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.882616][ T6271] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[  406.058298][ T6271] usb 9-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  406.072936][ T6271] usb 9-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  406.076654][ T6271] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  406.085713][ T6271] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.672549][ T5295] Bluetooth: hci3: command 0x0c1a tx timeout
[  408.219870][   T34] usb 8-1: USB disconnect, device number 9
[  408.567935][T10367] wg2 speed is unknown, defaulting to 1000
[  408.602694][T10371] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1232'.
[  408.668625][T10372] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1232'.
[  408.952782][T10373] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  408.955292][T10373] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  408.958485][T10373] vhci_hcd vhci_hcd.0: Device attached
[  409.045902][T10374] vhci_hcd: connection closed
[  409.046248][ T1141] vhci_hcd vhci_hcd.1: stop threads
[  409.050567][ T1141] vhci_hcd vhci_hcd.1: release socket
[  409.056080][T10368]  pmem0: AHDI p1
[  409.058941][ T1141] vhci_hcd vhci_hcd.1: disconnect device
[  409.213974][ T5343]  pmem0: AHDI p1
[  409.608843][   T50] usb 9-1: USB disconnect, device number 4
[  409.729556][T10387] binder: 10386:10387 ioctl c0306201 80000080 returned -14
[  409.742660][ T5937] Bluetooth: hci3: command 0x0c1a tx timeout
[  409.816468][T10391] random: crng reseeded on system resumption
[  410.436757][   T40] audit: type=1800 audit(1774337690.052:184): pid=10402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1240" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  410.456662][T10402] netfs: Couldn't get user pages (rc=-14)
[  410.736246][T10400] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(12)
[  410.739898][T10400] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  410.746985][T10400] vhci_hcd vhci_hcd.0: Device attached
[  410.893837][ T6004] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  411.032823][ T5980] usb 46-1: SetAddress Request (2) to port 0
[  411.035450][ T5980] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  411.086292][ T6004] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  411.090698][ T6004] usb 6-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  411.094785][ T6004] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  411.098486][ T6004] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.197246][T10405] vhci_hcd: connection reset by peer
[  411.200366][ T1141] vhci_hcd vhci_hcd.4: stop threads
[  411.212521][ T1141] vhci_hcd vhci_hcd.4: release socket
[  411.215241][ T1141] vhci_hcd vhci_hcd.4: disconnect device
[  411.895463][T10413] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  412.734181][T10432] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  412.736837][T10432] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  412.741411][T10432] vhci_hcd vhci_hcd.0: Device attached
[  412.813195][T10436] Invalid source name
[  412.814667][T10436] UBIFS error (pid: 10436): cannot open "/dev/sg0", error -22
[  412.986696][T10433] vhci_hcd: connection closed
[  412.991346][ T1141] vhci_hcd vhci_hcd.2: stop threads
[  413.000280][ T1141] vhci_hcd vhci_hcd.2: release socket
[  413.002370][ T1141] vhci_hcd vhci_hcd.2: disconnect device
[  413.042975][   T50] usb 42-1: enqueue for inactive port 0
[  413.486982][ T6004] usb 6-1: USB disconnect, device number 6
[  413.543109][   T50] usb usb42-port1: attempt power cycle
[  414.103507][   T50] usb usb42-port1: unable to enumerate USB device
[  414.291979][T10455] random: crng reseeded on system resumption
[  414.982965][   T40] audit: type=1800 audit(1774337694.602:185): pid=10443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1248" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  416.132597][ T5980] usb 46-1: device descriptor read/8, error -110
[  416.543685][ T5980] usb usb46-port1: attempt power cycle
[  416.977507][T10473] wg2 speed is unknown, defaulting to 1000
[  417.133128][ T5980] usb usb46-port1: unable to enumerate USB device
[  417.281348][T10469] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  417.283499][T10469] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  417.290068][T10469] vhci_hcd vhci_hcd.0: Device attached
[  417.445098][T10475] vhci_hcd: connection closed
[  417.445347][  T154] vhci_hcd vhci_hcd.1: stop threads
[  417.450330][  T154] vhci_hcd vhci_hcd.1: release socket
[  417.483246][  T154] vhci_hcd vhci_hcd.1: disconnect device
[  417.919413][T10489] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  417.921597][T10489] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  417.924637][T10489] vhci_hcd vhci_hcd.0: Device attached
[  418.192649][ T6021] usb 42-1: SetAddress Request (50) to port 0
[  418.202611][ T6021] usb 42-1: new SuperSpeed USB device number 50 using vhci_hcd
[  418.932128][T10490] vhci_hcd: connection reset by peer
[  418.937747][ T1155] vhci_hcd vhci_hcd.2: stop threads
[  418.939479][ T1155] vhci_hcd vhci_hcd.2: release socket
[  418.941292][ T1155] vhci_hcd vhci_hcd.2: disconnect device
[  421.446559][T10524] wg2 speed is unknown, defaulting to 1000
[  422.315643][T10535] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  422.317743][T10535] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  422.320354][T10535] vhci_hcd vhci_hcd.0: Device attached
[  422.474703][T10536] vhci_hcd: connection closed
[  422.475136][ T1141] vhci_hcd vhci_hcd.1: stop threads
[  422.482536][ T1141] vhci_hcd vhci_hcd.1: release socket
[  422.484882][ T1141] vhci_hcd vhci_hcd.1: disconnect device
[  422.992627][ T6271] usb 8-1: new full-speed USB device number 10 using dummy_hcd
[  423.252698][ T6021] usb 42-1: device descriptor read/8, error -110
[  423.427980][ T6271] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  423.431268][ T6271] usb 8-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  423.435260][ T6271] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  423.439288][ T6271] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  423.663204][ T6021] usb usb42-port1: attempt power cycle
[  424.233405][ T6021] usb usb42-port1: unable to enumerate USB device
[  424.296833][T10563] 9pnet_virtio: no channels available for device syz
[  424.647806][T10565] 9pnet_virtio: no channels available for device syz
[  425.634585][T10564] 9pnet_virtio: no channels available for device syz
[  426.282614][ T6004] usb 9-1: new full-speed USB device number 5 using dummy_hcd
[  426.402603][T10292] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  426.497238][ T6004] usb 9-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  426.500649][ T6004] usb 9-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  426.504056][ T6004] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  426.507022][ T6004] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.660012][T10292] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  426.667747][T10292] usb 6-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  426.675566][T10292] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  426.678608][T10292] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.067960][   T54] usb 9-1: USB disconnect, device number 5
[  427.172300][ T6423] usb 8-1: USB disconnect, device number 10
[  427.201596][ T5980] usb 6-1: USB disconnect, device number 7
[  427.592780][T10575] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  427.594897][T10575] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  427.598242][T10575] vhci_hcd vhci_hcd.0: Device attached
[  427.862755][T10292] usb 46-1: SetAddress Request (6) to port 0
[  427.865673][T10292] usb 46-1: new SuperSpeed USB device number 6 using vhci_hcd
[  428.032604][T10576] vhci_hcd: connection reset by peer
[  428.034809][   T12] vhci_hcd vhci_hcd.4: stop threads
[  428.037081][   T12] vhci_hcd vhci_hcd.4: release socket
[  428.039865][   T12] vhci_hcd vhci_hcd.4: disconnect device
[  428.371835][T10584] tipc: Started in network mode
[  428.374849][T10584] tipc: Node identity , cluster identity 4711
[  428.381630][T10584] tipc: Failed to obtain node identity
[  428.384209][T10584] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  428.595493][T10589] random: crng reseeded on system resumption
[  431.324928][   T40] audit: type=1800 audit(1774337710.942:186): pid=10618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1291" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  431.335977][T10618] netfs: Couldn't get user pages (rc=-14)
[  432.740394][T10635] 9pnet_virtio: no channels available for device syz
[  432.944139][T10292] usb 46-1: device descriptor read/8, error -110
[  433.212571][ T6004] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[  433.375086][T10292] usb usb46-port1: attempt power cycle
[  433.465199][ T6004] usb 9-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  433.576342][ T6004] usb 9-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  433.585035][ T6004] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  433.588101][ T6004] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.265578][T10292] usb usb46-port1: unable to enumerate USB device
[  434.459175][T10652] fuse: Unknown parameter 'user_id00000000000000000000'
[  434.488117][T10653] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  434.491476][T10653] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  434.496029][T10653] vhci_hcd vhci_hcd.0: Device attached
[  434.812787][ T6423] usb 42-1: SetAddress Request (54) to port 0
[  434.835172][ T6423] usb 42-1: new SuperSpeed USB device number 54 using vhci_hcd
[  435.269198][T10654] vhci_hcd: connection reset by peer
[  435.271306][  T154] vhci_hcd vhci_hcd.2: stop threads
[  435.275300][  T154] vhci_hcd vhci_hcd.2: release socket
[  435.277687][  T154] vhci_hcd vhci_hcd.2: disconnect device
[  435.590305][ T6271] usb 9-1: USB disconnect, device number 6
[  436.453579][   T40] audit: type=1800 audit(1774337716.042:187): pid=10669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1305" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  436.932590][ T5980] usb 8-1: new full-speed USB device number 11 using dummy_hcd
[  437.182213][ T5980] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  437.186583][ T5980] usb 8-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  437.189619][ T5980] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  437.196589][ T5980] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  437.319196][T10679] 9pnet_virtio: no channels available for device syz
[  439.904792][ T6423] usb 42-1: device descriptor read/8, error -110
[  440.176960][T10699] Invalid source name
[  440.178622][T10699] UBIFS error (pid: 10699): cannot open "/dev/sg0", error -22
[  440.203248][ T6021] usb 8-1: USB disconnect, device number 11
[  440.405270][ T6423] usb usb42-port1: attempt power cycle
[  441.020329][ T6423] usb usb42-port1: unable to enumerate USB device
[  441.160741][T10702] EXT4-fs: Conflicting test_dummy_encryption options
[  443.005649][T10724] random: crng reseeded on system resumption
[  444.673225][ T1415] ieee802154 phy0 wpan0: encryption failed: -22
[  444.675441][ T1415] ieee802154 phy1 wpan1: encryption failed: -22
[  445.114769][T10726] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  445.117598][T10726] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  445.144457][T10726] vhci_hcd vhci_hcd.0: Device attached
[  445.422680][ T6021] usb 44-1: SetAddress Request (31) to port 0
[  445.424964][ T6021] usb 44-1: new SuperSpeed USB device number 31 using vhci_hcd
[  447.094608][T10746] vhci_hcd: connection reset by peer
[  447.097487][  T106] vhci_hcd vhci_hcd.3: stop threads
[  447.099643][  T106] vhci_hcd vhci_hcd.3: release socket
[  447.108254][  T106] vhci_hcd vhci_hcd.3: disconnect device
[  450.462692][ T6021] usb 44-1: device descriptor read/8, error -110
[  450.855253][ T6021] usb usb44-port1: attempt power cycle
[  451.423175][ T6021] usb usb44-port1: unable to enumerate USB device
[  452.302552][T10798] 9pnet_virtio: no channels available for device syz
[  452.470564][   T40] audit: type=1800 audit(1774337732.082:188): pid=10800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1337" name="file0" dev="9p" ino=74186837 res=0 errno=0
[  452.961982][T10793] netfs: Couldn't get user pages (rc=-14)
[  453.002727][ T5980] usb 9-1: new full-speed USB device number 7 using dummy_hcd
[  453.205994][ T5980] usb 9-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  453.210459][ T5980] usb 9-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  453.222611][ T5980] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  453.225836][ T5980] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.432766][   T10] usb 8-1: new full-speed USB device number 12 using dummy_hcd
[  453.441123][T10808] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  453.443536][T10808] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  453.448824][T10808] vhci_hcd vhci_hcd.0: Device attached
[  453.722701][T10292] usb 42-1: SetAddress Request (58) to port 0
[  453.724719][T10292] usb 42-1: new SuperSpeed USB device number 58 using vhci_hcd
[  454.165373][T10809] vhci_hcd: connection reset by peer
[  454.167611][   T13] vhci_hcd vhci_hcd.2: stop threads
[  454.169402][   T13] vhci_hcd vhci_hcd.2: release socket
[  454.172226][   T13] vhci_hcd vhci_hcd.2: disconnect device
[  454.176717][   T10] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  454.180646][   T10] usb 8-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[  454.185558][   T10] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  454.189451][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  454.391583][T10793] BUG: kernel NULL pointer dereference, address: 0000000000000000
[  454.395549][T10793] #PF: supervisor instruction fetch in kernel mode
[  454.398994][T10793] #PF: error_code(0x0010) - not-present page
[  454.403505][T10793] PGD 71e3e067 P4D 71e3e067 PUD 5ee87067 PMD 0 
[  454.406283][T10793] Oops: Oops: 0010 [#1] SMP KASAN NOPTI
[  454.408618][T10793] CPU: 1 UID: 0 PID: 10793 Comm: syz.3.1337 Not tainted syzkaller #0 PREEMPT(full) 
[  454.412416][T10793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  454.416629][T10793] RIP: 0010:0x0
[  454.418139][T10793] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  454.420587][T10793] RSP: 0000:ffffc90000bf79c8 EFLAGS: 00010246
[  454.422763][T10793] RAX: 0000000000000000 RBX: ffff888029ba8830 RCX: ffffc900277b9000
[  454.425676][T10793] RDX: 0000000000080000 RSI: ffffffff82c2df7c RDI: ffff888029ba8780
[  454.428934][T10793] RBP: 000000000013d200 R08: 0000000000000001 R09: 0000000000000000
[  454.432564][T10793] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888029ba8818
[  454.435459][T10793] R13: dffffc0000000000 R14: ffff888029ba8780 R15: ffff88807135cb40
[  454.438395][T10793] FS:  0000000000000000(0000) GS:ffff888097246000(0063) knlGS:00000000f53c4b40
[  454.441471][T10793] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  454.443586][T10793] CR2: ffffffffffffffd6 CR3: 0000000071e3f000 CR4: 0000000000352ef0
[  454.446106][T10793] Call Trace:
[  454.447240][T10793]  <TASK>
[  454.448255][T10793]  netfs_unbuffered_write+0xae5/0x2080
[  454.450212][T10793]  netfs_unbuffered_write_iter_locked+0x801/0xab0
[  454.452630][T10793]  netfs_unbuffered_write_iter+0x40c/0x710
[  454.454730][T10793]  v9fs_file_write_iter+0xbf/0x100
[  454.456505][T10793]  do_iter_readv_writev+0x6ee/0x920
[  454.458203][T10793]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  454.459948][T10793]  vfs_writev+0x360/0xe10
[  454.461333][T10793]  ? rcu_is_watching+0x12/0xc0
[  454.462882][T10793]  ? __pfx_vfs_writev+0x10/0x10
[  454.464441][T10793]  ? fdget_pos+0x2aa/0x380
[  454.465917][T10793]  ? __fget_files+0x21f/0x3d0
[  454.467441][T10793]  ? do_writev+0x13e/0x340
[  454.468904][T10793]  do_writev+0x13e/0x340
[  454.470309][T10793]  ? __pfx_do_writev+0x10/0x10
[  454.471915][T10793]  __do_fast_syscall_32+0xe3/0x8c0
[  454.473643][T10793]  do_fast_syscall_32+0x32/0x70
[  454.475268][T10793]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  454.477305][T10793] RIP: 0023:0xf7f42f6c
[  454.478605][T10793] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  454.484576][T10793] RSP: 002b:00000000f53c450c EFLAGS: 00000292 ORIG_RAX: 0000000000000092
[  454.487287][T10793] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000a40
[  454.489976][T10793] RDX: 0000000000000021 RSI: 0000000000000000 RDI: 0000000000000000
[  454.492784][T10793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  454.495445][T10793] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  454.497914][T10793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  454.500413][T10793]  </TASK>
[  454.501408][T10793] Modules linked in:
[  454.502682][T10793] CR2: 0000000000000000
[  454.504072][T10793] ---[ end trace 0000000000000000 ]---
[  454.505888][T10793] RIP: 0010:0x0
[  454.507060][T10793] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  454.509371][T10793] RSP: 0000:ffffc90000bf79c8 EFLAGS: 00010246
[  454.511309][T10793] RAX: 0000000000000000 RBX: ffff888029ba8830 RCX: ffffc900277b9000
[  454.513947][T10793] RDX: 0000000000080000 RSI: ffffffff82c2df7c RDI: ffff888029ba8780
[  454.516635][T10793] RBP: 000000000013d200 R08: 0000000000000001 R09: 0000000000000000
[  454.519349][T10793] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888029ba8818
[  454.522016][T10793] R13: dffffc0000000000 R14: ffff888029ba8780 R15: ffff88807135cb40
[  454.524585][T10793] FS:  0000000000000000(0000) GS:ffff888097246000(0063) knlGS:00000000f53c4b40
[  454.527357][T10793] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  454.529427][T10793] CR2: ffffffffffffffd6 CR3: 0000000071e3f000 CR4: 0000000000352ef0
[  454.532091][T10793] Kernel panic - not syncing: Fatal exception
[  454.534998][T10793] Kernel Offset: disabled
[  454.536528][T10793] Rebooting in 86400 seconds..

VM DIAGNOSIS:
07:35:34  Registers:
info registers vcpu 0

CPU#0
RAX=0000000001521124 RBX=ffffffff8e4975c0 RCX=ffffffff8b8ddc75 RDX=0000000000000001
RSI=ffffffff8c1b1120 RDI=ffffffff81de0f14 RBP=0000000000000000 RSP=ffffffff8e407e00
R8 =0000000000000000 R9 =ffffed100564679d R10=ffff88802b233ceb R11=0000000000000000
R12=0000000000000000 R13=fffffbfff1c92eb8 R14=0000000000000000 R15=ffffffff90d9d910
RIP=ffffffff8b8dc5df RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097146000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffefb47a8e8 CR3=0000000067ff4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000014000000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8577d975 RDI=ffffffff9b492180 RBP=ffffffff9b492140 RSP=ffffc90000bf7248
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=727265203a465023
R12=0000000000000000 R13=0000000000000039 R14=0000000000000010 R15=ffffffff8577d910
RIP=ffffffff8577d99f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097246000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000071e3f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000014000000000 0000000400000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=1ffff9200496bebf RCX=0000000000000000 RDX=0000000000000000
RSI=000000000000024f RDI=ffff88801cf64e44 RBP=0000000000000000 RSP=ffffc90024b5f5f0
R8 =ffffffff8a2e70d5 R9 =0000000000000000 R10=ffffc90024b5f810 R11=0000000000000000
R12=ffffffff8bafada0 R13=000000000000024f R14=ffff88801cf64980 R15=0000000000000000
RIP=ffffffff81d54547 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097346000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080bb0018 CR3=0000000052b5e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000073a024 RBX=ffff88801c7d24c0 RCX=ffffffff8b8ddc75 RDX=0000000000000001
RSI=ffffffff8c1b1120 RDI=ffffffff81de0f14 RBP=0000000000000000 RSP=ffffc9000048fdf0
R8 =0000000000000000 R9 =ffffed10056a679d R10=ffff88802b533ceb R11=0000000000000003
R12=0000000000000003 R13=ffffed10038fa498 R14=0000000000000003 R15=ffffffff90d9d910
RIP=ffffffff8b8dc5df RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097446000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7476285 CR3=000000004c4f1000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000