last executing test programs:

4.789051876s ago: executing program 2 (id=1142):
r0 = syz_open_dev$vcsa(&(0x7f0000000180), 0x400000, 0x2a741)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000020a01010000000000000000000000004900010073797a3002000000140000001100010000000000000000000000000a"], 0x48}}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000004c0)=ANY=[@ANYRES8=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x1b, 0x0, 0x0, 0x4, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200000, @void, @value}, 0x90)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
r2 = syz_io_uring_setup(0x5aa9, &(0x7f0000000440)={0x0, 0x0, 0x10, 0x3, 0x1f2}, &(0x7f0000000100), &(0x7f0000000140))
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000000)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c707fe81436b024c2574980397bc49d70c060d57bc88fbe3bbaa058b040362ab926150763fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f91b18725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x2, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
unshare(0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, 0x0)
pipe(&(0x7f0000000040)={<r4=>0xffffffffffffffff})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0xfe, 0xfffff010}, {0x6, 0xfd, 0x7}]}, 0x8)
splice(r4, 0x0, r5, 0x0, 0x8, 0x0)
io_uring_enter(r2, 0x5b43, 0x0, 0x0, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
socket$nl_netfilter(0x10, 0x3, 0xc)

4.249616196s ago: executing program 1 (id=1145):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r0, 0x0, 0x8}, 0x7)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r1, 0x0)
listen(r1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
socket$nl_route(0x10, 0x3, 0x0)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[], 0x1c}}, 0x4)
unshare(0x28000600)
msgget$private(0x0, 0x31)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x2000, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/19}, 0x2000, 0x0, 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x9362, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r4, 0x5421, &(0x7f0000000100)=0x100000001)
connect$inet(r4, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
unshare(0x8000500)
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/mnt\x00')
r5 = fsopen(&(0x7f00000002c0)='ocfs2_dlmfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
fsmount(r5, 0x0, 0x0)

3.934114569s ago: executing program 2 (id=1147):
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = memfd_create(&(0x7f00000024c0)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?&^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xe3\xe5\x19T\xff\x01\x00\x00\xe2\x9f\xd9\xae\xcf>/\x05V%$6\x9fU\x86\xbe\xcbx\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xb2\xae\xda\xa9\xf6\x92\xaf4\xb5|W\r0{\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\xaa\xe6\x05\xe4\xc3\x90\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\x97.A\x84\x1d\xc2\x86\x89{\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\x9d\xce\xb3%QF\x03\b\x9dh\xfd\x91\xea\xce\x06\a\xba`\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8\x83\x87+nM\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?\x87\x84\\/y\xed\x01#?\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\xa3\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x10M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xdc\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5W\xfb\x82\xac\x19,\\D\x91T\xfd\x9c\xb8\x8b\x88\xa5\xcc\x8fI\x00\xf0\xc9%\n\xa7\xd6\x0f:\xb0\xf5?\xc3\x88\x1e\xbb-\xa6\xecA\x92\xaf\xa4Xl\v\xa5\xca\v|\xe2L\xac\x80\xc7\x15\x96fh\x83\x15\xc7\xea\xd5\xe8\x89W\x11\xd7oC\xe4\x06\xa8[O\xe6\x1d=\x87\x93\x0f\x87I\xdf\xb1\xeb\x89\x11.\x01\x00\r`\x1e8\x94\xb7\xbc\xc3\xad\xf1\x92/(A=A\x8b\xa5I\xd7\xd3#\xb0\x89\x9e5\x12\xa4\x9a\va\xdf\xf4\xea\xc6\xc7\x10g\x1d\xd5\xb0\xbb\xd2\xfc]fC\x8d\x0f\xa6q\x0f\xef\x90\xfe\x94k\xf1\x98\xfa\xbbb\xb1\x00\x99\xf7\xfd\'\xae\x906\xe0\xaa\xdbtWWH\xa4L\xb5po,\xdfN\x0f8\t\xe7X_H\xd4\xe3\xb2,oj\xac\xd7\xbd\xd0\xadW\x1f<\xd0s\xa8\x1f(\x00/ \xe4]@\xf7mA\xe8\xd1\xf4:\xb3\xeb\x81\xb9\x018\x1c\x95%o\x13\xa4\xad\xd8\xf9\xd2\x95\xa8\x81\xbe\xbc\xa6\x14_o\xfb\xdaL\xcb\xda\x9a\xec\xce\xd18&\xfbG\xa1\f\xf4\xd5u\xb0xE)j\x1b\xecL\xa1\xdc\xabUiN\xdet\xc7Q\xe6\xa4\x99-\xba\x16\xe5\xba!\xbdCI#\x03', 0x0)
r2 = openat$hpet(0xffffff9c, &(0x7f0000000180), 0x400, 0x0)
sendmmsg$inet6(r2, &(0x7f0000002940)=[{{&(0x7f0000000600)={0xa, 0x4e21, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c, &(0x7f0000000300)=[{&(0x7f00000002c0)}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="abc7c26729000000370000002c03000000000000c910ff01000000000000000000000000000105020008040106c204000000010014000000290000003700000011000000000000001000000029000000430000000a0000005400000029000000370000003c08000000000000c91000000000000000000000000000000001c910fc020000000000000000000000000000c910ff02000000000000000000000000000104013d010500000000003c00000029000000360000001004000000000000c910ff010000000000000000000000000001040104050200070001000001000401000000000000000029000000390000007106020500000000fc020000000000000000000000000001fe880000000000000000000000000101fe880000000000000000000000000101000000"], 0x12c}}, {{&(0x7f0000000480)={0xa, 0x4e21, 0xffffffff, @ipv4={'\x00', '\xff\xff', @loopback}, 0x9d}, 0x1c, &(0x7f00000005c0)=[{&(0x7f00000004c0)="58fd78f85c8c2b39d826495eddc4a23e735d95fe3bba949f44b7167275303bb758d3f3664b5094ce8c65d928651698c4f144ea3e58c9db586dfd680dae7b7b8d76f5837ce3f9a38859d91d6a5d54341376b86d5253e98579dfdf170f6ac67baa6aa8d7834665ac13538db8e240b46a99337b4a35fd1ddf7012290f8ce9de4e1f06c2408a0ffef9e2f8cc76d79c0ee6252b95f4cb6e1dc0796b060788c83d5341c1108b841339033faf9bfeced6eced4ad7cf174aadab3cba04d4edea6c05e134ba896865607be70df9aa7c23c881df79c3586c26ac0d3d1a989795064700658340e7f7172490f674d7f1d50c13", 0xed}], 0x1, &(0x7f00000002c0)=[@hopopts_2292={{0x1c, 0x29, 0x36, {0x3a, 0x0, '\x00', [@padn={0x1, 0x2, [0x0, 0x0]}]}}}], 0x1c}}, {{&(0x7f0000000640)={0xa, 0x4e20, 0xb, @rand_addr=' \x01\x00', 0xa}, 0x1c, &(0x7f0000001740)=[{&(0x7f0000000680)="e2319cb43bf5ac140fbf2ff257c7165dc9de01be2ea595946ed16aec1d0f2ccb36dea287978fe461ff7dee8c", 0x2c}, {&(0x7f00000006c0)="cec174c366e84bc241d196f236d6ed0a3297723978c6da3cdf6d95405dccaddce3722be60d6f744c9673b1b60f53755a99a58991fb1732cc2c60125697f6500367b3efe263ac07396c0eb1e0b7496e81516301c2be7e60d5bc06d76c64d5c87e6e582161f55c7bee869e2115c40b533e8087f019d3c71c352a5aae1dab5ce5bc3e0827f8a8a3d9bb123dbd8790d67e1eabc6524aaf5331b7a583bd84f4f2be7b5c4dac41366d29c770a73ae254c1b5e021abdc8b4381320fdfe41a9cb2f1e0a3e932ae03c91639fa7e85f603c096881c0326a127e763696dccb11c5fc10138470a48bab4f1b1963b49ea6be068909e7751040b7a07506b0ebf7400065d84f0c28c2624d0f7dccadb7ec9372b1eb4add083e7ddb1de654b09ad233587df8ed366028f239d7351ec249abd32387fd12943db1e2cc08552278abf0ba3ec6e672769c1e5f51e60877c0cf49177ab1b883b3b42bf7ccb3bd0aa6f461b892c6d2d3ef2fd345ca54b18587e401a5a0b80da8e35d0c142a7dbd43c93fdf1659dc02fb42ac2c6ec9d2d2754d5176a0f19b6ded72ff23c260669bacde847fb1c0ca69799bea9bac44b2ca71fa78f4192a3aa2087b347ca6a6cbaa274314f39e58e2316d2416435e5dfcaf21c31deb6d108e789c0f7ee97ddeabeceea27e4ea8bd8387a20f08163a18834e00de6919533fbd98559a46eb755f7ce8a482c4290ead063a877958f759501eede41401ad36b388d9faaedf3d82b3138ea145897834e01aa8497eef76191003d0b0bb42b2704acb571be0048342bd8d968fd01335aed248f47e7870db91feaee2ae7bcf990768f097d94f3a09f877db5f06cdd0b718003872e8609fcb683e2b38793ec41dc0dc0035b377189706dd56b255438ecd65bb8d72db771a7fca850164f21d206afa774f0368a4ecf4b58e8b460f381362ac1a61007e23fe2e11f89b371f339f6f9dbd3551418ea22ab7d83ca8d7ddcad66aef679729ef50b682c5fc93690fbd0714ea99a775452c8554fb9a7e727468c8dd37c64cc46ff001690858e978afc64a2721cafb699ccb6d4ad50db6698b36a4e1a28ed9801b5f21af88c65f851b9d47c723f92198899416b01d88221ee2125356f1d2a6e439420a1dcf54771e493de8e860f9832a09b1499897964a679d8664887c5adedb8c94903e81d8a70a446eb9f3a55b52dbe388b1834273b5a39a730f996d314fa3f2019c4707e5980cbeaa7439d9fb734ff0af1da676248ff90400f7664ec4ed7c23a00ad0de0265749eff51e0eda890170938fd4bc2da23edae0deaa9b15dc17a04b34c46ab970316ce712add5dc2e4b4225ff5fad5b5a5ee03a55802649009406151e7f50c89b220cbdf608712ed107a76eb74e10073405c98eec350e0fd84fa11619b5f27de0fcbc3fb19ba68a5b3cfc383c261cfa405c80d1f881ae18b3497542877b1fdaf8fb0d27f5fcf2c448754b48805c87b22eda29a1f2b90b9655655aedcf274bcccb9f52cdd7f63d56a7eb65322bfd8c9bc33299c97e6a67be89b82322feb522be59718c0a6d9944604b079227809efab7a8d29ce6d7d6709dfd2cc34eae201923067d9a537a9b322473bfe832f944f6a8696ed8626df64448244f22f76c83daa46e53b3bc671323195e0dd80a6f2c86e74924587d4ae2439d2271887e4dafbfab5789fad4705439a593700a40ebbb4220a9dc0f785993b15c0bb5553fdc824261e2ed4a2217624029a538068f868c54bbedf05af89452c0485c89784f6b5f9f265755d8d03d94aaff45639e7162729da7ddd37df2697241b6913e7bde1a5cb0d06b339677cbd454042ccb3397ee04fee96776d7ba8da3f36c36e76b57b1acbc51e8bed5fa134163a50daab723421ee0f2b3f3e6de5aab73a223edeb6648bb831b334d2ffe6cf08616752285d9f7ac06fd24f225f65988c131f94cbd8441782b60b0fa8c7163491603b786c604b9aff99c44f49fc089eab95c92b75308d4d6393d1a4e01b7f0f405dd7bc5ea3690f6fc3e4be72b1904eed9d10717d7210e574a1057ed6b441d8437f8cbe1a9149681d6fa0591312bce07274ea0d29124055b3a9ba074c6b6bbf63269900abf461944e58b60732d5a987b4f8f016773073d936d7b1337e04f17a22d4a4acd1c0723278c41653135b67ad9aa8617e6aed236cc2b0dd84abb8fa03e4f7001d3637a3ec7b70a2e4c6debf7f11e559933e152173ecc9a0c7434cec2fed2c473de5622a6c1b4f057b24dc22f21513cf4afc0d1d8359bc1ee703297790135cede1f25278c65b5c378b31f277f1b083a5fea650c541687fff932191af34c4c0aa745943de1c92b593ada9b7f2a6edf6c681174952c057bc43b96c276b6c6416048f7e97f056171fd70b317802157b38e969ee7e9ecb2b556b0d8f299b3484f24d8993e57c0080ff3e3f4d4421b8d2235258f2f5834b0a4dc78a0e4acc7002b9b0d88058b68fb04a30979d734ac003f56b8b2012ccaf4e853de142f946ebc95ad9cd972e234c37bb6a06cb52a325b404fbbd24b69b6e3d3e4cb6005a60ab47f3df62226998d78ecd4eae7c21522519b5a2656123ffc812899f7796e854d371bc48ea0c367de6bfaba8a666dc82083472f4eec2dc18245e80b452f838a56d921979f9320234476dc78956c639b0abbb7c70c59fe3f833c3521f60e2aeafcd31f3506938253105300ef75d1eca7bee6b883f1129d45ea9d1b131810d4aec18d14ec162035b6b30df82fb721751d222968644e335e313b897da44b9fb18471a76e29b11b78de96f2b0da48d6cf4b21747a4971951e80d0eb69bfed6f66378c3190d9bceb94e9082e4de8d117616e96805dbd526190d961a2391ff10b30c729b1deba1ba3e99122c633343b0a2e3383478d9cc473fa80397ed3d3a30cb0d2ae69530c3064e7e2eb8dddd975fc8bd3ad32021f0f88462cf4c8138d49b09d7e0c55bb2b64e69d2c84e10c880c25d306009cc61d2b01a700fb4be70df26ab6846a4dcd91fc6af351e90f864d3d7be6fd630060387d4d6557f06f84b4c251fb03da592cb99a70d43d073a47636d64f922dc1a29b968e8e59991dded0c63a99fafa590ab2b61473543069e8e72c665d203d012c9099bd7f10dec4fcee7a0eab9ef1e58f84784745bea96f04cf5586ac7319f79e2ce141627cdf51df1a90c62f0c2976e7f218e05d3ff4afb45a49988ef90a66c9ef8eb3081c0ee83f2897f948e1734d8e1a5b53be0963bd39fa9d3098b511fdd407458038cd544d71ce40c2da4e17cd26c663602cbbb894971b6c7784fcc5fd19f799b60bd1c938f6a56795aa853d4d9ce10a71513af27f96b1d0620e54a7f4bac73de651268216d35ea9d3cba41c3954a63f69ee3dbc376028879a795e8e0ab9c886448d4aa34bcf452ae4321f0b2e33d575aa4e7f2d0dd446e9b85661e5575b45210adb0d1be2fd43fdcdbea4759f7deb7592b4fc4058c977873d072bf32edc0f9188f09b788eeaad3a249f029ddf1a9689cbcfb3584c8c764530385c4aad61f04a083b3de27cc1243038355c305bfafe86196693720f60c677af909aea94ff170342b4bbd9d650f5db46d37b01eba58b41820e735cde7b3aaaaf4b1b0419d3d30d9136d1b1fb878ea48858efdf98e06f18fd0e223c8f4b165badc79c656f61cddfb54839ba6f3085f262dafdbfdf0aa5b652f49c54ae0783b6ddac93fd43297207138ee755161185d2937e80ffc5d05c717c8f7342e54a170f5cb6f3d8950320fd7f11e1d5a9749a6942a79435233b7cded4c2bbf3712956a4f3a17cf23b5024ddfa1d0dbbbe46a8d1f3903737410a11838aeda34b3cab8e064b0e2eae420140ab8002b4b10ed998ae32955dc0dff7fbd630be0f2c70f3ce84e884754293e2a26b60114eba5097d8ab54f07601dd68fba7575c0bb196e307fa8fda531de2e7817d04730fb140e0270111aa8af3f547b52b86a6f515b2bd8d5c3877108c2e8c3f48c0a2ed3849cce539464e3cf0839e5c1a434fe040c6cadd05410b62d76dc5c1a07b69ed840ba9ebdc7ab9f1134d518aae3ce54cd96ec97a2e715be56479ce8968ce6ef38493d69f8cffcf2fe17b6d74c5c52cf2a48f00beb67b58808ec3cd15ecba39e3c0b4b38ae9e99acec10f6b66812a3aca866cc4e111ee3f6d914f1ac522eaa68be4fa1680fc4f78deca8f1c5aa62f350f7d5270171ae058483be20847f7e4a16fba1e8b5551c1ff1a5802e840ba89cdcefc21275133178113588aa88e40538b615aebb61eb2b7079fa37679584ca9df4e4c8e977190f1c6d5cd5d228a06825467eeaedad0d5b9244ff29bde6d143200c3687ac86754083dadb9dff4e93e1c122f74006ff7a1fb3b04ff96c515fb18740b39c4c0021561a288ea6283e8645581325d01eafb054aad3bbed26c4beb171eebece4d2119b6d159486125464dd62e8cf132a5494c0f1fc5dd10a05101b6731cbd20fce714ec81ac349b55e6b160ca6defe2c0da5470f5b28296f22e612faec76731bdb1f38a185f03e22cd4b2bd953e539b6f2b753fcebff4c9bf4d11817870b29ec7ddd6ea8e37621e3f1237e35168a159ed842aa8961480e0c4e89c48767f44504259aa218c5d7bf6b33e5cfdc7b937870cb80a3eaabc63693f78753031f7ee274425b025433f9caf39b575269b79afc833779752138fe26d77ea614e4259f948a3ce12bd3e7d29203ec79fd26f6b1c232136699f9660e7db1cbcb29fc2b3e9067dee4d036708da8d24930760c573e6bc19d7b5705d7a466435e2b3fb05132d94019e57aef9dcb2ea653e9506e16d03ccd1be33345f80999ddd78feb74580e81d0a7b0dd3812788c5d395dd0ce547a059ee507c78d050b56e81168ae55fce7a5b8f912f642623295ef30c3618cd860721cf7a789e292994d8fbd7b7811162d53f3211138bfe240790b255d9f871b0b9f007c0add2dc8c4f18f68c6e89b27bb09164d8ecdf319f00bcb222b33fe6b28a9088f0f844cd796e71ad1c50ffaa701f04d61dd7ee3583d1551691a62098ef46909053eaa8b32fe78e75e3176876924ed6c9a4259cd6964d02f2f669ab653efae1fef9eb32afe4fd58a54a703baf5f2e2e983468e2b0cbe8926301c2ea56d762a468691abd7c613f4223a95da555a93bd03432e7d1deba50188dd64ad94183fe1b420ef9eaf2f9056fd03781b61218f5b05346ffb60e3a1d99eb705abfd93dc1ee1c859bc184d021f4163347654d98e3ed5a0fa796a15ff6deac075be2f8849f990b40e5da37e2104f23b1bea7068c555543e93149f8728bba1f48ade60d03957b897f203250db34a8e1b30c4d142ed1b6d71cad2e7f1028a4fea7ed38f7a25d716cb848e291b435f3eb135261064de347417c7b10a4d15b9a465fd9e53efe0b8e304b5da5ad294c91a227131e904b8d0e6e663d78e0154d27a0acc669d017ec3b5bf44dbcb1577712ea8e3fdf2baa8e3d3ba81a788f2adab196014738f5e7e63ae7a373129e1434270ad831f3e145ffa6ca198e5dfc191179f798cff81e04726e47cb85fa61c028c703ef258d323acca1e954cb38671b194437700af0222e3b16e7bde59516f6153a569d101c72c2443fdc698902c95f5e45871e930cd83355fcc410800511e8c42cc0600261f52618a03763eedfb6e9cc768db9b7a0150a592613761e91ca910f68321dfff367f520a0f69752a259d9a0083ebfc0f294b588bf0654947d7f357ea9bb898d4c0772feed029c1c6f05bb132800212b1fe80e6fb3c2ba1aa53a38a95772fee0eb48143d3ea043d65bc9b5baffe77c2084cf4a3b", 0x1000}, {&(0x7f00000016c0)="391a042f2d43b30e3679e481a9501448d47f5bb11429359dce2591", 0x1b}, {&(0x7f0000001700)="2e33ede8f1fd9c87cde601f2a815ebbd57be91a8966f", 0x16}], 0x4}}, {{&(0x7f0000001780)={0xa, 0x4e22, 0xb, @private2, 0xcb9}, 0x1c, &(0x7f0000001b40)=[{&(0x7f00000017c0)="8acb2d1cca9bd5877b1c6473be8fa8abba4f505dd44b4f9f9660fe88793b198767f4d567aca8f627056408a181eee5c4e8b61404892fabe25fbf620051030b3943e5f3415bae314de1d9bc599dae0e6fcab80abaac6c122d2ccce72bfad98ddcd83028e43c269158d7727aceb73b85250e8b78a2e2cfaeea36dd75132bb0176b86d1a60b092de8765451160a36dabec932ab3d64b29cf4041217c5", 0x9b}, {&(0x7f0000002a00)="20e4eeefde8fc7bdc0762737fe5e9cb3f3c934b3a00013b17c4ab82a2cd32ceaa0472e1b42f216085c2a663491a4ff3d87ffd57274fe7c93a94492b94d98e2e7a6cc40f0b4a31b08b5633fd2e3000c72ccce8916713743f5372da257d90b47332378d25d78a93709612a19b308c1aca9fd4cc634596a5773b54e16a5f7150ac0d6e0a1a1368a4477be623eaa952692526d0c69acf37b31c63754241f75819984dfc88bb5a11789ad716f17ca8b7ff31d8338b168896343f386cfad0e6012de49477c132d40a1257fbdaacc0924bc406e6aa99182c96f88c3ee67b1a0a71aad6cb25b875f8773fb2e1665f62bf7cfd198413d5d73a7c3929c2ab2a2c4", 0xfc}, {&(0x7f0000002b00)="e3ed28834b55b4a6431fe829044028986c7eb2952bb07a6ab4fcf300900db8ff91f8f420a26a52a84323e1228198e9aa4f9b7468c0a6af942136d1c055d6cf92fe42e07567f24fb3fc1ea1a2d48cb27861acea47436c1bc82c3e1d8c97ef915ede3d04637829bb85cea4262d25e69f134be3107e865e1063d001d8069c5b73e65ee93b5f076746fac9eea9d68eb577ed4ea0192ff5b225cc2f2147b9a42069a6e8e4e227c036ad4e7ecb63a40ae0c89215542ef3435fdf112df48ce2e78893519dd45106065f2f5131d1851dbf566a9d5d5407c8bd7f05e186cbc232f64acf8c26a3e19c39dba4eb200b44d63dcac01ac4dc885576273c4fc3e0827c1b99abf6be7e526044f8a8f87d343f80ea5b7069afa5e88e939e9002e2989d8a3473554011876f2c906d726e83c2ccf65cb965799c2b5c74713cfaadf00488c0fd916d2a137818b0fef35beffaab9f621c576242bd331e05bac9d79263a401343eb9516ce9bb3219c37dd1058d40d1f4ac0d60fd48bc67a99fe9d2b8e6b2e7d3d8ad1f677afc2e30f5bf756bb3046da6e61c0d5a78aa35b18b0e2a749594c2ccbfd4aac3a1eff5c8a6d34d59c915b7356365281dd553982ccfd355709d0ab67a2de8fd123567", 0x1c2}, {&(0x7f0000001a40)="7c6f70988b619e3f14417fe3f0c1c989b68cf3e2020867f8ae14e0df424b37f092818275e68879e008c7fcdea81b036a50c86597b9bd1037f2e202e871dbb263999a7d300037f5861970b28f38b9724fe155c86cf109e90842ab5b5d9a20519e24022110b7ceb5f82ad853af3b9ab84912466aa412d4ae735e1ff2a5dfc6f65d55ed45f674bafca1e897bb3aa65f5c17e8f8b1d08b56e851b6d02106b3c3774374c84da418b7e7d64bcf8f4121818171d78c1e2eb5527cd73f02d586a521fdbef4ab235dde29791d452b7e9363e99c52254894c4b53ac06544be2c442a", 0xdd}], 0x4, &(0x7f0000001b80)=[@tclass={{0x10, 0x29, 0x43, 0x6}}, @tclass={{0x10}}, @rthdr={{0x94, 0x29, 0x39, {0x73, 0x10, 0x1, 0x7, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, @ipv4={'\x00', '\xff\xff', @loopback}, @private1={0xfc, 0x1, '\x00', 0x1}, @empty, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local]}}}, @hoplimit_2292={{0x10, 0x29, 0x8, 0xe504}}], 0xc4}}, {{&(0x7f0000001c80)={0xa, 0x4e23, 0x5, @private1, 0x2}, 0x1c, &(0x7f00000027c0)=[{&(0x7f0000001cc0)="e7bd04f2f1e64e4d9b7e2f7a7266195a14856b9a402b5348949e683eadcaa78afd92a034e7470bf3d46dab716d6d197ea5729691bf58b917ce5b872333ce78337510ea18f570de6ef994e928c8f3a6f0540b099a1b2333990b33d851b9f05d1313b8dc88f353acd81ea70b246610b47fc4524cf3117e684e9b78e1d662391d82a9a83cee9079a656b73bd2c36e25c2c8d95789c1be7f3a09658c71e412e33e109a91", 0xa2}, {&(0x7f0000001d80)="c268a6082031ef8509c2b1b1409cdcccff7d73d6263433687f4deb39d3cf3cd0f7e6d98d5dd015e7d8243231787a3b22b0914dbebb31b7042f1cd256e7319e08dba8933cc6bf97a9e6fdaea99f68d024a7fd45fc", 0x54}, {&(0x7f0000001e00)="659a9f7e4268abb67f9bda69a38b72a9da230a9b1e572d9d7d52848e61ddfe126b342fa210a1794d9c49924cf6a87e4881f802971c7e15151a6fc1ecfb9b6a8a1a897184ce6ed72d4b7d69f10ab05e70950f81dccc0f8d1b182c6665876a4678608266f5d1aad4768b250c3cdcb78e36ecd941fc3816d9ec40c208a402f6faba6001c8fd920abdf006e62ddbacba6b87b628307bd797ed32634a76483e4ff60c6acd81d9b0d208594c14678cbf35ad7897d65b828462de15820baa3ef1d7b07311068b34883e5fcb911e7c54b2d8fcbbd9897d", 0xd3}, {&(0x7f0000001f00)="f62c1afa71031eb9db6478d1747657790d3ff05c71f7927ce776e2cae59dc539dce2a2dee3f0be8fef5573fbae01ec7e042153ce8f7aa4a209df330233591e89867dd02807f0811452e2272470a0ee984230e04d45dc1b0e01659c2836e8e06a4a75e50291cb28a5c9d1f492cd50f9e6448dc22d9b92a610aa9a8c3b77d267c86e6d272f552d31bd400a5753b16899d1027e01677901e4b7e5b9df7adc7a7b3d4414a1df6da0da45f53b0093633f8ed84ac0344cb5dd12ae6868277a7f6e6f289c7c49bffefc3634de9f552e5ca58bc2afe2a342b870dc2877bf0010bdd6e5ba6c237d7f", 0xe4}, {&(0x7f0000002000)="98876669f4e96e3a61ebd2692ee4c8e5fcfc1784c5854f87d431704afa6c17cc94af5ef5f70c27b31dd386a6c050283ff17d498a3a994ecde13bcbbe2b66d6830360fa5920da7f2f36a331a40a84eb11f07f745e35ac5f41895ad020d04166a0d8d5715f80ee6c2cedc55774b601944e51293aba4b56a11868d364e1719a04974dc50694b8fa8ccf110852518d95ce92e83c72b8f14177ef62b76935bf7397e97ee30f352cb9ba3b137eed080198f8b9a4671a2d61efd0bfc66f7fd086f5dbdf", 0xc0}, {&(0x7f00000020c0)="ee0e1ced1bf48ae15e342b6349598d7734032b80bda3ed6430f539b1797c3882f199fe4edc4656e7f9b3b008ac94a473aed70a29b519dec80e09a840da23a1d84266058f80b930f84889bb8a2a4fce73", 0x50}, {&(0x7f0000002140)="2184144e2c9572d3e6bfe0b75c184cc2175944c5375678d618d2381c65872572e4bea14f37d11c088f7836fee7170b144a20d63b87df26b8250c307cf8d1b4a25fe20e4c253d4f4976c3c163907aea6a349ea055ecef9d24f33e9c94affbdc8bcf51221ae051e5ba204e29b6a20c2fc2ae1b25a7c4c152692d807fc3a7d07956bfc6acf4ab31357e545d813daf6e66f32df5f3830a37c53a173af35e17126885d743c2904f160ff2190c0c868e3e9e01dd6902f64fcc166311e9e047657924f7fd58666a6fe3ef005409122b820a025325660231af92cb88e0c12317c5bd696b66164bb37d164fe1e2c6ed9ffcc76040", 0xf0}, {&(0x7f0000002240)="97df2f880b8cf7c0dd80521fe180ccc5ced2d7b62996d0208bcf07a4ea7ff9ced482784a4fe5952848dfd798bb3240f6c00ff755740d4cb0d77294e3cbfea66d83f2798a8ce5b7eff5fef7d4e2f9048df9b8078e9978bd9397e6ecba23ddc1cde0b55421172e73bfd8e755003af109d0119fe65bb4f188eefb89a607033fec25a9c0a1a20ef912cb7340dca57e908f56f166ef2729ec31e17a1dc7abf986f66ade99b6b6208f44dcf59ce51ac634b74fc4a4db782bdbf0", 0xb7}, {&(0x7f0000002300)="9701d5b2c50919050618a4406b364740da953f1a463c67d8c1671afa5faee7dc1e74b1c70e60b8bcfd79bd923c4685e3744b7942871e6b666f0563725ea5334cf17724a7799438bb7faf479a862d07cc5db630006a693768662563ea6fc111cb8f6f0cfd7557a62c06031972f05e97bfd23224a822e7330578b1fbc862cdaa3a78d6e6987896ddbac2a75d21a2f12486499f0c8017843592fc21ca670958c73865fd6363b235854241c319c4c88b06d891dddca7f10ff976272707d70f", 0xbd}, {&(0x7f00000023c0)="3418179435ce076817bd738629a45382af18ebc2e03b5c7adda931862f10b28b4cf0ef9f66caded18da74d351dadd94bd16a0bdc9442901be8ff2ce451a76d70864f4f64d50c3cb341006c697784bf609923d026d4dfe96bebc038f26a22d853709c435b40ee00282a2a949b7a2255b85675337774020ce9f17bcd1b1379f6f34967796e360a28a22baa1c9d65bcbc46b5774e686909e44fcb71c954a70cbc456a5f949a0260b9047ec9374dcbb7278aef866c6463dfc68a1b065723851be0a1c126578baa5397c5d10092bdec799268a3e43cfce32c14f40aa389230e41edebe689430738ae64651b08aec227e6d81a57", 0xf1}], 0xa, &(0x7f0000002840)=[@dstopts={{0xdc, 0x29, 0x37, {0x33, 0x18, '\x00', [@pad1, @jumbo={0xc2, 0x4, 0x9e15}, @hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @enc_lim={0x4, 0x1, 0x5e}, @padn={0x1, 0x2, [0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x2}, @pad1, @generic={0x4, 0x8f, "e876250eaa5f2feaf42c5f83e55f27200ac8b494c605f447ccaa75f8e43cff2e9fa4298fc370c1415834e7ab230ef5f1f458730e65679d63bc4b7ea08a0ef9ba4abdde63b4f8ef2dd3b13155f0505416c57cf43f1d634ffb2ae2529bc2a0120b11f80916dc0d0f9c30befaae041b56850caeca7954478a291371830fea676fb2358aee4d96daaa7adad669397a6c99"}]}}}], 0xdc}}], 0x5, 0x20004000)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
r6 = socket$caif_stream(0x25, 0x1, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r6, 0x0, 0x0})
io_uring_enter(r3, 0x7f5f, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x20051, r1, 0xce9e1000)
syz_emit_ethernet(0x1a, &(0x7f0000000500)=ANY=[@ANYBLOB="ffffffffffff000000003d2db45ac74f"], 0x0)
r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r7, 0x40186f40, 0x20000502)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{}, [@call]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = fsopen(&(0x7f0000000080)='binder\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r8, 0x6, 0x0, 0x0, 0x0)

3.729090328s ago: executing program 3 (id=1148):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000300))
getdents64(r0, &(0x7f0000003f80)=""/4098, 0x1002)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = getuid()
r5 = socket(0x1, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r6, 0x0)
r7 = getuid()
setresuid(0xee00, r7, 0x0)
mount$cgroup(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000000640)={[{@xattr}, {@favordynmods}, {@nofavordynmods}, {@xattr}, {@release_agent={'release_agent', 0x3d, './file0'}}, {@noprefix}, {}, {@nofavordynmods}, {@name={'name', 0x3d, '/dev/kvm\x00'}}], [{@obj_user={'obj_user', 0x3d, 'y):.{'}}, {@euid_gt={'euid>', r4}}, {@permit_directio}, {@fsuuid={'fsuuid', 0x3d, {[0x64, 0x37, 0x69, 0x65, 0x66, 0x39, 0x64, 0x62], 0x2d, [0x62, 0x57, 0x39, 0x39], 0x2d, [0x38, 0x66, 0x31, 0x38], 0x2d, [0x31, 0x64, 0x31, 0x62], 0x2d, [0x33, 0x39, 0x35, 0x33, 0x31, 0x30, 0x31, 0x64]}}}, {@uid_lt={'uid<', r6}}, {@pcr={'pcr', 0x3d, 0x2c}}, {@hash}, {@euid_lt={'euid<', r7}}, {@smackfsdef={'smackfsdef', 0x3d, '})[*-['}}, {@pcr={'pcr', 0x3d, 0x22}}]})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0)
r8 = userfaultfd(0x801)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r10, 0xae60)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9b000/0x2000)=nil})
r12 = dup(r11)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="449fa00908c01f0894adebc3816a1b4970f0779780c263bb97186b6b1301e73c23aaa78e97ca5fa6ff021a3bf1c3fd08d604e470da872a48fdfc225965a9bb39f7db7fab9000d49a57c0efc3910875213403c32873b8840b315068a0819380ee2a91506a05e07606edc2c1b6bfe9fad30e8ad721c9df73eb8c4a2dd07a99d2947392a5ac7b74a497aefdf5f6090c2da417ed248ede20de39170c44e95ac1a499ea331590eaf1d0a1388a8085805069a0b275", 0xb2}], 0x1, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r11, 0x4400ae8f, &(0x7f0000000040))
ioctl$KVM_SET_VAPIC_ADDR(r12, 0x4008ae93, &(0x7f00000000c0)=0x10000)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)='\x00', 0x1}], 0x1}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8905, &(0x7f0000000040)={'syzkaller1\x00', @remote})
getdents64(r0, 0x0, 0x0)

3.204622708s ago: executing program 3 (id=1149):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BATADV_ALGO_NAME={0x10, 0x1, 'BATMAN_V'}]}}}]}, 0xfd12}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800006, 0x10, 0xffffffffffffffff, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x20, 0x0, 0x7, 0x301, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0)
sendmsg$NFNL_MSG_ACCT_DEL(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0xfffffffffffffc7c, 0x3, 0x7, 0x301, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0)
r5 = eventfd(0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000380)=""/138, 0x0})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r5, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x0, r5})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0})
recvmmsg$unix(r2, &(0x7f0000004ac0)=[{{0x0, 0x0, &(0x7f0000004a40)=[{&(0x7f0000000500)=""/193, 0xc1}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000001a40)=""/4096, 0x1000}, {&(0x7f0000000600)=""/77, 0x4d}, {&(0x7f00000006c0)=""/175, 0xaf}, {&(0x7f0000000780)=""/181, 0xb5}, {&(0x7f0000002a40)=""/4096, 0x1000}, {&(0x7f0000003a40)=""/4096, 0x1000}, {&(0x7f0000000840)=""/238, 0xee}, {&(0x7f0000000940)=""/32, 0x20}], 0xa, &(0x7f0000000980)=[@rights={{0xc}}, @rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}], 0x1c}}], 0x1, 0x23, &(0x7f0000004b00))
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f0000000180))
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x20000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = socket(0x10, 0x80803, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000005e00010200"/18, @ANYRES32=0x0, @ANYBLOB="d21ca5"], 0x1c}}, 0x0)
recvmmsg(r7, &(0x7f0000001bc0)=[{{0x0, 0x0, 0x0}}], 0x7, 0x0, 0x0)
bind$bt_hci(r6, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6)
write(r6, &(0x7f00000000c0)="510003000000", 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

3.020007843s ago: executing program 1 (id=1150):
r0 = fsopen(&(0x7f0000000000)='pipefs\x00', 0x0) (async)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0)
fcntl$lock(r1, 0x25, &(0x7f0000002380)) (async)
write$cgroup_freezer_state(r1, &(0x7f0000000040)='FREEZING\x00', 0x9)
preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4094, 0xffe}], 0x1, 0x0, 0x0) (async, rerun: 64)
r2 = socket(0x10, 0x3, 0x0) (rerun: 64)
sendmsg$nl_generic(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000001900010000000000000000001d010900500010"], 0x64}}, 0x0) (async)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = openat$pmem0(0xffffff9c, &(0x7f0000000100), 0x101042, 0x0)
write$binfmt_aout(r3, &(0x7f0000000480)=ANY=[], 0x20)

2.940457244s ago: executing program 2 (id=1151):
io_uring_setup(0x410f, &(0x7f0000001280)={0x0, 0x6060, 0x2})
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x4})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0200000004000000060000000500000000100000", @ANYRES32, @ANYBLOB="0000000000000000002a46f56406b00000008000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000340)=ANY=[@ANYRESDEC=r0, @ANYRES64=r1], 0x0, 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$tun(0xffffffffffffff9c, 0x0, 0xaa00, 0x0)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0)
memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50}, 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r4}, 0x10)
r5 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_DEL(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x14, r5, 0x1, 0x0, 0x25dfdbfb, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)
gettid()
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
sendfile(r8, r7, &(0x7f00000000c0)=0x8e, 0x180000504)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)

2.93580607s ago: executing program 1 (id=1152):
r0 = socket$packet(0x11, 0x3, 0x300)
fchmod(r0, 0x101)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f03fe7f0300120006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0xfdef, &(0x7f0000001b80)=ANY=[@ANYRESDEC=r2], 0x0)

2.876479297s ago: executing program 0 (id=1153):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000100)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000180)='tlb_flush\x00', r0, 0x0, 0x49}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = open(0x0, 0x0, 0x0)
mmap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x0, 0x80010, r2, 0x3014c000)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000049c0), 0x0, 0x0, &(0x7f0000004a40)={0x77359400})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0, 0x0, 0x8001}, 0x18)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000040e0008001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0], 0xfc}, 0x1, 0x0, 0x0, 0x4004}, 0x80)
socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000280)={0xa, 0x1, 0x0, @remote, 0x1}, 0x1c)
syz_emit_vhci(&(0x7f00000009c0)=ANY=[], 0xc)
creat(0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="c80000000002010400000000000000000a0000003c0001800c00028005000100010000002c00018014000300fc00000000000000000000000000000014000400fe8800000000000000000000000000013c0003800c00028005000100000000002c00018014000300fc00000000000000000000000000000014000400000000000000000000000000000000013c0002800c00028005000100000000002c00018014000300fe8000000000000000000000000000bb14000400ff020000000000000000000000000001dca434bda38c8debb44f61d8e7e0ed0da8cc0402617071848e24273996e2a4ec02935b7ea8d361fbb01c76227bdd4d47049e886493583398d423b4633090904a7c31f64bd68c751592360c55f877cc16795ada1d90a2816d118cbaffbc3d5097910ce7fb88c17c609fb87d670d69ba84e3a6f843d978c8ccc6a54321c6b2c4707692b2da6564c48918495276ee184885b7f3357168b4d3aa97c14baf27e537446655354950883a471d94c4bb4abbdad3ab13731e400d5853cec460859b666f6f4cb427c3e16cfb3ba88c49021a768a6579482607f9625e8d07"], 0xc8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x11, 0x80a, 0xfffffffd)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000300)={'bond0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="540007001000010400"/20, @ANYRES32=r8, @ANYBLOB="00000000001400003400128009000100626f6e64000000002400028008000300000000080017000100000005000e000200"/60], 0x54}}, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

2.736751823s ago: executing program 1 (id=1154):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000100)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000180)='tlb_flush\x00', r0, 0x0, 0x49}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = open(0x0, 0x0, 0x0)
mmap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x0, 0x80010, r2, 0x3014c000)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000049c0), 0x0, 0x0, &(0x7f0000004a40)={0x77359400})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0, 0x0, 0x8001}, 0x18)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000040e0008001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0], 0xfc}, 0x1, 0x0, 0x0, 0x4004}, 0x80)
socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000280)={0xa, 0x1, 0x0, @remote, 0x1}, 0x1c)
syz_emit_vhci(&(0x7f00000009c0)=ANY=[], 0xc)
creat(0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="c80000000002010400000000000000000a0000003c0001800c00028005000100010000002c00018014000300fc00000000000000000000000000000014000400fe8800000000000000000000000000013c0003800c00028005000100000000002c00018014000300fc00000000000000000000000000000014000400000000000000000000000000000000013c0002800c00028005000100000000002c00018014000300fe8000000000000000000000000000bb14000400ff020000000000000000000000000001dca434bda38c8debb44f61d8e7e0ed0da8cc0402617071848e24273996e2a4ec02935b7ea8d361fbb01c76227bdd4d47049e886493583398d423b4633090904a7c31f64bd68c751592360c55f877cc16795ada1d90a2816d118cbaffbc3d5097910ce7fb88c17c609fb87d670d69ba84e3a6f843d978c8ccc6a54321c6b2c4707692b2da6564c48918495276ee184885b7f3357168b4d3aa97c14baf27e537446655354950883a471d94c4bb4abbdad3ab13731e400d5853cec460859b666f6f4cb427c3e16cfb3ba88c49021a768a6579482607f9625e8d07"], 0xc8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x11, 0x80a, 0xfffffffd)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000300)={'bond0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="540000071000010400"/20, @ANYRES32=r8, @ANYBLOB="00000000001400003400128009000100626f6e64000000002400028008000300000000080017000100000005000e000200"/60], 0x54}}, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

2.691818431s ago: executing program 3 (id=1155):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000002c00)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
add_key(&(0x7f0000000080)='rxrpc\x00', 0x0, &(0x7f0000000000)="b7", 0x1, 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r5, &(0x7f0000000100)={'syz1\x00', {0x0, 0xffff}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200], [0x0, 0x0, 0x4, 0x20, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x765e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x400000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3], [0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd]}, 0x45c)
ioctl$UI_DEV_SETUP(r5, 0x5501, 0x0)
readv(r5, &(0x7f0000000600)=[{&(0x7f0000000640)=""/89, 0x59}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$tipc(r0, 0x0, &(0x7f0000002c80))
r6 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r6)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r8, <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$getown(r10, 0x404)
ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f0000000600)={r9, 0x0, 0x0, 0x0, 0x3, [<r11=>0x0], [0x800000], [0x0, 0x1001000], [0x0, 0x0, 0xe8a6]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r6, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r11], [0x2b8], [], [0x0, 0x0, 0xfffffffffffffffd]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000000)={r11, 0x80000})

2.082104075s ago: executing program 2 (id=1156):
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000017c0)=ANY=[@ANYBLOB="4000000010000304000000000000000000000400", @ANYRES32=0x0, @ANYBLOB="00000000000000002000128008000100677470001400000105000500"/40], 0x40}}, 0x0) (async)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0) (async, rerun: 64)
socket$kcm(0x29, 0x5, 0x0) (async, rerun: 64)
getsockopt$inet6_mreq(r0, 0x29, 0x12, &(0x7f0000000080)={@private2}, &(0x7f0000000140)=0x14) (async)
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 64)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0081, 0x0) (async, rerun: 64)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002a80)=ANY=[@ANYBLOB], 0x18}}, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00'}, 0x10)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
ioctl$FIBMAP(0xffffffffffffffff, 0x401870c8, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000015640)=""/102400, 0x19000)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) (async, rerun: 64)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0) (async, rerun: 64)
r7 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
bind$ax25(r7, 0x0, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f0000000380), 0x4)
socket$inet6(0x10, 0x80002, 0x4)
getpriority(0x2, 0x0) (async)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, 0x0)

2.003056142s ago: executing program 2 (id=1157):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r0}, 0x38)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)={0x38, 0x0, 0x9, 0x401, 0x0, 0x0, {}, [@NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x14, r3, 0x1, 0x0, 0x0, {0x3}}, 0x14}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)={0x54, r5, 0x1, 0x0, 0x0, {0x2d}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xff12}, {0x2}, {0xc}}]}, 0xa0}}, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x159080, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000001180)='./bus\x00')
chdir(&(0x7f0000000100)='./file0\x00')
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f0000000080)=""/43, 0x2b)
close(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id='])
setxattr$trusted_overlay_opaque(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0, 0x0)

1.753640266s ago: executing program 0 (id=1158):
r0 = socket$nl_route(0x10, 0x3, 0x0)
move_pages(0x0, 0x2, &(0x7f0000000180)=[&(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ff9000/0x2000)=nil], &(0x7f0000000140)=[0x1ff, 0x6], &(0x7f0000000000), 0x0)
capset(&(0x7f00000000c0)={0x20080522}, &(0x7f0000000280))
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000080)={0x0, "83e624170a2005004d5e9ac5be09e4bae4ffffffe900000000000000001300", <r2=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f0000000280)={"840d6042cee820000028000000e8ff0000002000000000000000000f00", r2, <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r3, 0x40103e05, &(0x7f0000000140)={"e3fe98873d275ac4650da6ff0d7ee4c0cda5a703827becb26eba2497c5271959", 0xffffffffffffffff, 0xffffffffffffffff, 0x2})
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
r5 = io_uring_setup(0x18ef, &(0x7f0000000000))
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r8 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r8)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="0f6ab90ab87abdaa5aa7ac9ebd6a49479cc5ca60644bd16ac719fafc44cc58fcc69552e6de1b9ec78eaa9194e262d8080f578cf1769df5f1e43d6aa22f0f74d0b8f784e56411727c63022f7642e3ec87938a8f388ca17a950e58dbb020bdf6040b326806111110ee063360ec4afda04befbfbd9ed8bf15c88eb968d76bd69aff795d9f85c6e42a21deb871504860b2191cdbe224fe6d9f364e39d4da385a030cade0b653408b9a88d2161c0f96040dbf5a6840a2bec5bd328dc547b7d5f29becb6f9666cdbd06cb9b11e8354516464922e8b49c0a40ab9476eaf8f502dc59c89f491269412eca4382ec7c71a7d6b8c6e55a9c377b76895b3c5ef8fa52e0a9bda71391c64300ed0c7fd75f20b0bf14fffedf27dc95028fb92bf38936834750cbed9ab66e52282c43e353bf98a16992c97d3f2715536a8f5c0a608afcb6a231d", @ANYRES16=r7, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00", @ANYRES32=r9, @ANYBLOB], 0x38}}, 0x0)
io_uring_register$IORING_REGISTER_FILES(r5, 0x2, &(0x7f00000001c0)=[0xffffffffffffffff], 0x1)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r5, 0x6, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000340)=[r5, r5]}, 0x2)
fcntl$getownex(r4, 0x10, &(0x7f0000000380)={0x0, <r10=>0x0})
move_pages(r10, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000001a0001000000000000000a0080"], 0x38}, 0x1, 0x0, 0x0, 0x11}, 0x0)

1.749759182s ago: executing program 2 (id=1159):
r0 = getpid()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYRES32=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_open_dev$usbfs(0x0, 0x5, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x9801)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
socket(0x15, 0x5, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
getsockopt(r2, 0x200000000114, 0x9, &(0x7f00000002c0)=""/33, &(0x7f0000000000)=0x21)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_type(r3, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_type(r4, &(0x7f0000000280), 0x9)
r5 = openat$cgroup_procs(r3, &(0x7f0000000240)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r6, 0x0)
connect$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_clone(0x24084200, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001a40))
syz_clone(0x40020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$int_in(r7, 0x5421, &(0x7f0000001100)=0x9)
connect$bt_sco(r7, &(0x7f0000000040)={0x1f, @fixed}, 0x8)

1.620334703s ago: executing program 3 (id=1160):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021500000000c0a01010000000000000000070000000900020073797a31000000000900010073797a300000000024000380f2fe008008000340000000000b801000018000000100667764000000028000000340000000000000024000000000000003400000000000000340000000000000024000000000000002400000000000000140000000000000014000000000140000001000010000000000000000000084000a"], 0xd4}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = gettid()
prctl$PR_SCHED_CORE(0x3e, 0x3, r2, 0x2, 0x0)
gettid()
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x6, 0x6, 0x80, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket$rxrpc(0x21, 0x2, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="05000000000000e000000600000008000300", @ANYRES32=r6, @ANYBLOB="080005000200"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="05000000000000d717657b36a0b8ae000300", @ANYRES32=r6, @ANYBLOB="fc00b1328738356b340002020202020200000a000600080211000000000008001bd6e282a5488b94c689a8eadd4d581304e41ff24fd12a014c5781a55e1776931dc5270ec68c5f22d8ee6c93a1128c6959e1618d1c62df42838818221c5aabb52df6c9118795d9345a644680b4bc61ca384d03dd40f7430940ad2ec004cfd3dac8a5f3f29a610c5eeb2704bebd63e450a89148b40eb89764331cd5c2977737a236f3677bf8e1330f18407499619e8b4e2e5fa4895a4c382aaa59bb3bcb53231947321d8c1c3f3df4ca698cbd3084483e4a3287a2ce13f948e0c1156ce9a48fb7069208fe3647d29de66d3197ab5f5a572d0f"], 0x3c}}, 0x240400c1)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
socketpair(0x29, 0x2, 0x0, &(0x7f0000000a40))
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000040)=ANY=[@ANYRES16=r3], 0x28)
sendto$inet(0xffffffffffffffff, &(0x7f0000000300)="e229fc04553d512e813124f99b80d5326782df004e2e54705982f0cb77cbbd52fceda2a7fedf3595e4ab7737f1e7fde3c3892bf4f107e2131e94fd9810ed68f7c9c22efc8c8cfa17fe00336361fee07d9d50c4c13b5e5bfba541a8d0ce278affdcd0625e649d17829a2d5a63131de996e92909871f6b01ec1b1a04375b96e2ce5b9100f6ff0000000000000000000000000087941817a3496c400d95b24a55f53551c1699ec7868f36f10fa2c68a03592e3c4a48f8a21715120bf6f4126e3747d1359e39cf6e095718ef36e2f61dbad20f8b3d4ee9cf4b55a1487835021d520ab85ef59b60580b4ed75e727bd76f47ab6bb2e631e1a1a45ab2d0db275cc3633f12aa7ce126c318616bb54f9bae2e2311daad7b254448e552bda71cdc3aa6fe18537822d6fc30114d83bfd5d6aa027f0a146206ceead6d5b347619419d5881ee325672b7476afcdfade51b9ae568b40c2fc91a52d29c7e5e596610cb36edc8116000dd8a93a9551f7d7d2d62a56939938a171c1ed960f59a6e013e557fad71b3b8986d14dbaf649f5340f75ffa296eec9d8b788623901aca301c07124efee955f1a7cde6c8931b13b3eb3ec", 0xffffff6d, 0x4048041, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_emit_vhci(&(0x7f00000005c0)=ANY=[@ANYBLOB="042c113edbff7fb0b5fe03100007080200010109346d80b3c78925da2b993d4f259a41c9ceea536928ec1bbb96e94f2961264264f077173b890c0fd5600c2210463fabf319204d78e1d9fa02826ffe25df4fd3477b9031ade3fc0316fe568a3cb5e44079f41a3600c4bc8ddb742d802500154c831e9bd6ce88c8c471d3210b955aa1b3b9a42e53190db0fc0a9e20c1d4b836c0915f26d62ff504330f2da84ba0bc4f4d54e89357d14281b58bc91fed7a3c401f06c362690402cb621ae445dc0c78fab9df3141b959bcefe8e42921"], 0x14)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$key(0xf, 0x3, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
sendmsg$RDMA_NLDEV_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="00000000000000205f0eb243e5e81c004b8b1a24f1ec2c7bb64231e09ecc678de0671293845e1fffec9b220780608403d3432b9a6113dc3551f94f9178fd97d1aba0d7e4cb63b140e38b3b3ccc3f5a3928b6c89ac87e9cdd59ba"], 0x10}}, 0x0)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000140)='asymmetric\x00', &(0x7f0000000440)=@secondary)

1.61995573s ago: executing program 0 (id=1161):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$cdrom(0xffffff9c, &(0x7f0000000080), 0x181880, 0x0)
ioctl$CDROM_CHANGER_NSLOTS(r1, 0x5328)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000024001280090001007866cacf000000000400028008000300040000000800020002000000"], 0x44}}, 0x0)

1.538121052s ago: executing program 1 (id=1162):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={0xffffffffffffffff, 0xf, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x4c)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x20e, 0x126, 0x99, &(0x7f0000000600)="b9180bb76003070c009e40f086dd1fff290000003c0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7472ce0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000}, 0x4c)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0x541b, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000000))
request_key(&(0x7f00000013c0)='big_key\x00', &(0x7f0000001400)={'syz', 0x1}, &(0x7f0000001440)='/\x00', 0xfffffffffffffffe)
add_key(&(0x7f00000018c0)='big_key\x00', &(0x7f0000001900)={'syz', 0x1}, &(0x7f0000001940)='\f', 0x1, 0xfffffffffffffffe)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xf87, &(0x7f0000001980)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60640ca60f510000fc020000000000000000000000000001fe8000000000000000000000000000aa8400000000000000223427d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24ab05db63cfdcde7b3cac2248c9d1c73d0d4382b3f520ad6e9be698eaa9bf5b939ce09919c9485c4725690ee2483315829a196f85a5ae552ebe19a2d6768ce2a6bf60fbb53104c7919b7cf28fa555fc9460df11e72eddebb2fc4eb6f83b16e0d65307e4210dfc209f0c68df65b57f420fd215546b798af6b6ab7bfb2fe6bd6142f877852717370b1ca39d199c149c3ead97c4e16229ce4c08a111a0fc64651c21e9174dd72442a9ae2a42d9433c7b54c8dd4b59203f9a2e227e9b043eb430e606cf98f3428ac8511948dd553bc0728c0626fbda71bd2a1d734d605e27bdb0be93b7b91284689e31fccb70c15f2c39da9011c84d36fe4b4b36ff26e45a34685fc638dbdaa068a3d3d4f5d44b74afc0fc7956e5f57f18fe14a3192d28ed369956aa2f91f9fee773cf7fb5d90705347eeadc1af86de78a498fa1a20e5b3f4c1a0595769654d969299506d8ffbc172a7fb9453a8a3787e80b167936863f2cc16c1d03481bd40e1abcf87a292559771572136932bf30e48174012a1d4d5f138f93140af2ceb9c821c7966ea7592d762975b5b33ef141b6b91eb388c91b924945c3231d0f299adb5a36e0c95a17872e7ebf0bc0e33baf5c46f9e2087b77bad0794d519ce7bc8674a70f3545d020454ded22f164185df3b4f952b132947b75333993fd73a6bac5836dd5720e559bcb82a4926734c5c3b1287c5fec219a99f71eb398430001f007306e9232c269c2886357f75d935e8de054341ac36f1df1fc77fbc347d90660f4d5658cfeb9e289f70968a7c0b38ae34c4bfa46b47964e223ac34f472e3231e8c285add5713592c76c062c3477beb55b279846f04f8d6a5ce2743c6a2020f0c5164953b8dca7e57239dc8a7f507bcf77767ab0b4602437171a09c8e80f5a165c4c37eaae386cfcb927dd1a935fa717fa1608792b34bafbc20cf11a678455894ede62788309ab7a7075535847a2b48260a613e521b01d75648263ad78e6176528dbf3e6c4e4d72066e617be5387183a51dd97d2e846c5d173b51e17a4c8d78a49c914cbe44236c52c78de45b44f9d80bc6f77c75135922a84579bce77baa71311889f5b7b90c5124b8298d5e9c81c442d60df00795854d3213a1ac254c8963c109f68b3ff5451c381f6fb56c116f86b71f988d1e9f732280cbf3d4e9791fefc4bdec5dc293fb77b02d5aab6bd8cd179b7e425126b7f78c0d004bc6470ecc2bbc422bd06a6bd8f717009509e6a88b01347b7a62b9dea6f7a7446a371f422499a6e66eeb6a7b0beb4a86a61f875a9bfe0f5d5f0d0e4c85852afaea97d74ebc80d6491a8a1c998c4b5bc34b3edaeba2df902cd5e14e016720e6c3c8b15287b2471c34251e26dc442720cd5d984e30b110b7370f233f865b9ac129fdf49ff02b303d7d4f91039d3bb58a9d64d7a72d8b8eba6b45a000370d4f0e9c0d411768441372e7112e5d4e7d70a9d6b428b8b85ee6209d6f73e7b024740c052166deeb843e4ab78d1d354d75a5827ff0d49d8964e75785f3594c7299c0917b48f3b2efb81a4c3a7d6e0f1cf50efe0360963c2e3ee390ed2a4c39f42e856eced0f2ee7beacd2ecbece493e911ca0460584323ea6d4a0c00864693c979cae38f0c5841bfaeebf609d1075163c120fea0bd0207d2dd07e5e2e0a5afe3efee0ee6bb9a926a8dba7a27a82c5421a5b20bfb5dbdef532a12435fcd899f15603209831711e0dcfaaf2104b2016f087fce44848c70b65a34b9be83df2064391fc5a8d169dc1943d226e57ab5ba06c656273d4efba73a8a61aae19df4d2445f3ce7e649af1b4ffc86106c9092ddd0aafeb45653d181cb32b06a1dd41573495f15c3b8c0019ba72a2eb163dfcbdbb235322ae27d7116af506f295c2424ab9191aa8ce0e4617b212af21983f8d2b19d7fdeec881f6fa448acc7c3e133b6f281583fad4467c05801e69f6ffc1ae2e1f54655534d884c2f8f60303da33ccbe47a293643edb61c7d9fad4e3e54028bc64be8e5b1da53446869b136660b8e96ff96c48641ece275967b27b291c5c240b3399b5b901b699227735f821938bc88ded45bada2b257b1a4bcab7ed6647f2027e5680c87329e9cfdba6bde2f2a9b676be016001702bebbabb2eae3eba01d6f49ab70245a4c5ef0e136b531e1843487b3f69c5b811217d6d2f5e71b47f40c28117bd09a88bb21887a06e2cc164d4281d0df47cbd5781f1524098d89ccae32f24c5f9d86469106685fdc683ad5e873030b621dc00354e0621106da90aca69bb53848dd57251a45bc1898aca9bc84c9a8d2f8aabeed888560771c8cb03aab02620430fec8e9740880790060ccbffd5b8edaa219ca61587eff1b1b03ae8af53059f121efdec8b3ee8aba06f494a5b4575bc848d5a9773d2346f75811cb82a078fc960c9bd374555d78b1b4ba0b438ef00e8aa75810ca5efc5c70936e2cb0e515912cb7f625a2130a9ad58f29e58ae6eac5c3f15f22f0163ee6dead6947c4390b92c8d0c30f2d8b5e334107f9835bc47fbc193c60ebd5ac4e677c7fd5b6261ff96e97c185c726ec02941bc2336946f181fd2aff43f0e95f06105a049fcb8e4e3738407d6356856f533f17fae281a3be9f2050ae3d19d1b8350d424087ac9b7875824a9b7e098775b53d6ec960fc052ecd165d17a7897de75f15316a072bb9ccf6ce1ec085bb5356c271b985a437a32f12308fc927410fd444bcded9859e7b8a3cfaaf29ebfb92cc7cbfad2559bbe4f90e189e8708e93827b221869cc78fa41fd5bcb6577b7dfe4c3927dc25a58aa84419f76e71d1f3c10cbb5e52ab2bebe0d39bdffda0fa1b55fe3a03683f882a82dd58498d62b101acd710fd436aa7409fe3cf5352dffb399d560323e14d564bdb3121b89c1f43fc9a892b799cd32f7ce2ededb868920b4547735ef0bf3e148251a4f65dddb7f96b2f33734522a8cffdc51520ac98926b3406e96618cf15a042a67239e755afc70ec6a9c99f8e08ec2946e5901364d85223a63d49572519137d93b6b0798e72acf9da120e706ee73367dec1450a68def886c149bcd734469e10b933899501011cd548e99d638821d5709fde050ab382d4896ecfd7999d40ea9c690c26d396545224c8f9e19705593df2688eb592e2476a0193f7054ab6f703d41c545a80bf285bbc7cc735bd306c9ea5eb64f40752fd4c741d9b6e03cd41b636ef8f5e810047a21c0b24c6fde1f2e98f2f27730c90d93af9e7564e4e209a61ff626b666fcc4f75f7d560da688169ff0af5e674a0b89a99fb54bb438a65f953c2db0faec2ce09cec33b6d25620b5a0393ac473fed48a38beaca5223997419876d571ce969b83b5b3ae54de83dd89fd92ed2a93c087828bef49a24ed1a97778c47fdc691a94fd5b437dfe494b5c6fadf499d9d15583b0439d3d5ecb61a32a2508a6960be6009accfd1d5d75a16dbc4121c6ef07bda12646792449c18a56e7aa3893f3f0e55a8e09ca64193dd29ea24ed8614ee8e717f046dd99a8e3750506655331125a502aa89c0d7e8e30c36a4be22cd911322695144d3bf034f38ef32d49431d50da583d08a3e4c5862483cdd52d031b12c89fdaafc3334e877e464134baece883d301193a9c27311a987d4dae82a061f48182cc747cd64441e88b68e26e4975f0fdde3129a9e6af80009962581d5349676df9c73b81514b175709d9193749660f480bd4009b528c1db4f76f42b6a175126603c39a374e890f871c97b2eebb4500451d827cc15497dc5ae89edc6f47f25db7efa4b4b2afbbb2ee543e3db8d20fe93faf300247f59075921e8b2f2a025af8a1d46f274e0c6cb4be0293c7c16c88e98d7d189e9733e4c0e3b96be4aa3fa6ecf42732e0b1432d38aeaf2330d92713cd5580ce42bfe47fb98fea64783de23f456300dd193008211a5ba408d32df63cb96b4b09ab4705edbf12aa8237a6e1a2c9890a2c1011855241fea186906a5139d1c300be57dc7ff493de80010520d10fc3eda0ee9cd413e075d3dc02258fdab567a16e43edbeecc366a69d8d75512f43a2b79cbb9132cdcd00c531730d05f1eabf66613d6e7ebb8c4c3f4f7efd415d41049786352808b22a3bde40121968af39c8f00296001662adc72b7963c8bafab4a496b50f3237a29d19ad4a51a62b1c77a04c14004734189cf7ec49e3d041a1e5658d080f09df77f39782e7133968c1f39ab3ae2a5f24a60073288f3c5825dafd614a379b8b905aaf961caa14ffa38de0d632918d31e4a9291b0f0789248e232e4276840a1ed0257300e522d83111dffd424b1b33148981e3794b2b649ba9174e6697bcc96049f4f3dcc7cf4ca97e2006ec8a146014bb49184632e4fb159a34b6530e959e60a6b4e0427cc697f14cfe6bb7a662a6f5012744f3cf2307abc19c58449864d98fcfebc5d598cd32a1c38c207896468fe8da75eb1edb1d6e7cb1eab671e4e92f139c81d79f15df2a2dc075acc982dec769e2f49aad0fdf594cb590e054616e4f4582b6c4a149ae45d844903ef68d211df2a180178e178b7c7a5012ccf8a1e677586588620365e6111f5192ecfdbd97e2284128de02e08ebc13d4bb4d114faa1e6c16c51c12da2c52d68f73640ce866ce4e794b9fafdc392c91c1f824bc301b3069a02b9c86d2ffac3ed63ddee130cbc248d6a3345d3f9553db78077072d569a6633f8bdbdb1a209a8be9b6830225994f9021b57ddd6a44e8ea40b205c6cf437f45bffaef053a5916dcc6de62ee02bdb8ce3acec8ad97fc95dab1307d254790c71f32e4678957cf0121dccabe73a03c6cacbcbdaad8801b04d9836555a982c357a06e2db7e9bf62aed8cdebbb7a71a2410b929015b61f16e54bffd038996a717b9c7cc3696d8a1205e8266bf782c3a45b0e31461d6a3ed62396088833f69248b24fbf6f81dcc08b98826c3bd2325ade54f614f2d4a153e3e3527d93978483f2bfeada6b64bc43f2a725c30e843d13e6ab34cfc38d488b3ef50cd04318fac1f89905f017644cfa2de058ad399871d1316264813c2289d0b6cfeddfbca36ce93fd4a1bfc93bb74453cfbb9c6ca22320ffc9cb0a3fff046a5678c066e617cd3ac024dfead04b99877f448b78208938585c7563efe815ff0cc47da5fff521d9730ddc89f4aeceadd06f2ea6b9ae72c9407aa550a0155db3b4bc6aaa382a30552f699cb6a1af9972a8ccc483f98952dfbde3d712ea8673eacdbb77490d833fc90f0f02e7c073d2917db70831496a88defc10667dc4c1b7399191bdc7857eb090e79c332bf9f71bb5377178e6232800c93d22318dc5ab8d5dfa2f074a6c23acb61c89f2f078ec91e9817e11a4c8295c19634b5ca2df74000000000000000000"], 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@empty, @in6=@local, 0x1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3b}, {}, {0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x32}, 0x0, @in=@local, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2000}}, 0xe4)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000440)=[{0x6, 0x0, 0x7, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r8, 0xc0502100, &(0x7f0000000380))
openat(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x41, 0x0)
write$sndseq(r0, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000140)={0x0, 0xc, 0x15d})

1.399386588s ago: executing program 0 (id=1163):
r0 = syz_open_dev$vcsa(&(0x7f0000000180), 0x400000, 0x2a741)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000020a01010000000000000000000000004900010073797a3002000000140000001100010000000000000000000000000a"], 0x48}}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000004c0)=ANY=[@ANYRES8=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x1b, 0x0, 0x0, 0x4, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200000, @void, @value}, 0x90)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
r2 = syz_io_uring_setup(0x5aa9, &(0x7f0000000440)={0x0, 0x0, 0x10, 0x3, 0x1f2}, &(0x7f0000000100), &(0x7f0000000140))
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000000)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c707fe81436b024c2574980397bc49d70c060d57bc88fbe3bbaa058b040362ab926150763fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f91b18725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x2, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
unshare(0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, 0x0)
pipe(&(0x7f0000000040)={<r4=>0xffffffffffffffff})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
close(r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0xfe, 0xfffff010}, {0x6, 0xfd, 0x7}]}, 0x8)
splice(r4, 0x0, r5, 0x0, 0x8, 0x0)
io_uring_enter(r2, 0x5b43, 0x0, 0x0, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
socket$nl_netfilter(0x10, 0x3, 0xc)

559.675102ms ago: executing program 3 (id=1164):
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x3, &(0x7f00000010c0)=""/4083, &(0x7f0000000000)=0xff3)
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) (async)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='nilfs2\x00', 0x1018d41, 0x0) (async)
syz_init_net_socket$llc(0x1a, 0x1, 0x0) (async)
clock_adjtime(0x0, &(0x7f00000006c0)={0x7fff, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2902, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$UI_DEV_DESTROY(r1, 0x5502)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) (async)
r3 = socket$l2tp(0x2, 0x2, 0x73) (async)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0) (async)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') (async)
chdir(&(0x7f0000000140)='./file1\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r4, 0x80000300, 0x0, 0x0)
quotactl_fd$Q_QUOTAON(r4, 0xffffffff80000200, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000140)={'macvlan0\x00', &(0x7f0000000100)=@ethtool_rxfh={0x46, 0x0, 0x0, 0x0, 0x0, "492ea9"}}) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) (async)
syz_open_dev$video(&(0x7f0000000240), 0x200, 0x200440)
sendmsg$NL80211_CMD_ADD_TX_TS(r5, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB], 0x38}}, 0x4000050)

410.114691ms ago: executing program 0 (id=1165):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
bind$inet(r1, 0x0, 0x0) (async)
setsockopt$sock_int(r1, 0x1, 0x28, &(0x7f0000000200)=0x5, 0x4)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x38}}, 0x10) (async)
recvmsg(r1, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
r2 = getpid() (async)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe55, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10) (async)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) (async)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$inet_udp(0x2, 0x2, 0x0) (async)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) (async)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x4e22, @multicast2}, 0x10) (async)
setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x2}, @in=@private=0xa010101, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xc, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x100000001, 0x10000000, 0x3ffffffffffffffd}, {0x0, 0x2, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x1}, {{@in=@private=0xa010102, 0x0, 0x33}, 0x0, @in6=@remote, 0x0, 0x0, 0x0, 0x1, 0xffffffff, 0xcc}}, 0xe4) (async)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000ac0)={0x2, &(0x7f0000000a80)=[{0x40}, {0x16}]}, 0x8) (async)
sendmmsg(r4, &(0x7f0000003180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
r8 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r8, 0x7a7, &(0x7f0000000740)=0xa0000) (async)
dup(r8) (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r9=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0xee01, r9, 0xffffffffffffffff)

409.309992ms ago: executing program 3 (id=1166):
r0 = openat$sndseq(0xffffff9c, &(0x7f0000000000), 0x20a00)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f0000000040)={0x7, 0x7, 0x0, 'queue1\x00', 0x8})
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000100)={{0xcc, 0x9}, 0x0, 0x8, 0x5, {0x7, 0x9}, 0x9, 0x200})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x60, r1, 0x100, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x1, 0x1e}}}}, [@NL80211_ATTR_BANDS={0x8, 0xef, 0x8}, @NL80211_ATTR_BANDS={0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x1}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xa}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x2}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x8}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x801)
r3 = socket(0x0, 0x1, 0x5)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000380), r3)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x34, r4, 0x4, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x6}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0xc004000}, 0x24000004)
r5 = openat$tun(0xffffff9c, &(0x7f0000000480), 0x10000, 0x0)
ioctl$TUNGETDEVNETNS(r5, 0x54e3, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = openat$cgroup_int(0xffffffffffffffff, &(0x7f00000004c0)='cpuset.mems\x00', 0x2, 0x0)
sendmsg$DEVLINK_CMD_PORT_GET(r3, &(0x7f0000000740)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000700)={&(0x7f0000000540)={0x188, 0x0, 0x300, 0x70bd28, 0x25dfdbff, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}]}, 0x188}}, 0x24000800)
io_setup(0x5, &(0x7f0000000780)=<r7=>0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000007c0)={{0x1, 0x1, 0x18, <r8=>r3, {0x1}}, './file0\x00'})
r9 = eventfd(0x6)
io_cancel(r7, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x5, 0xa8b, r8, &(0x7f0000000800)="b6cb799390b656cc393f326ae8e76860a9cb06abdec01a399d8266c4263f512d7c087216a07a5d7fc355f52a5ced03871321b3dae8788ade6f9906a46ef9f541e133cc1e8a46d6b58c7662fd8c3434f9f747db57051faa86baa001093ff59e4761616ec75750f67c82c1fd1d2e0e7c65e443571a202c6e431eb62a4274e2be7802f064e23c77fe6c2160fe4fd6c8d2a33e21aa5aa3afe0a0a87cb36f49a175e38506e77ace9cd7ce65c6017d34d6488b0102e229722b98d51d4070c7d6c6e3bef42db7762a521654cf65f910a2ad95656d5005afdc37b22c68", 0xd9, 0x1000, 0x0, 0x2, r9}, &(0x7f0000000940))
socket$alg(0x26, 0x5, 0x0)
inotify_init1(0x80000)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r8, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x38, r1, 0x4, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x7, 0x74}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x2e}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x78}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x20004040)
r10 = openat$tun(0xffffff9c, &(0x7f0000000a80), 0x400000, 0x0)
ioctl$TUNGETSNDBUF(r10, 0x800454d3, &(0x7f0000000ac0))
r11 = openat$rfkill(0xffffff9c, &(0x7f0000000b00), 0x240, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(r11, 0x5201)
socket(0x2a, 0x800, 0x7fffffff)
dup2(r8, r6)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000b80)={0x1, &(0x7f0000000b40)=[{0x60, 0x2, 0x7, 0x8}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000c00)={0x5, &(0x7f0000000bc0)=[{0x4, 0x0, 0x8, 0x5}, {0xffff, 0x0, 0xa, 0x9}, {0xfff7, 0x5, 0x3, 0x3}, {0xb, 0xb9, 0xe, 0x3}, {0x8001, 0x6, 0x3, 0x6}]})
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r8, &(0x7f0000000d00)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)={0x24, r1, 0x200, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x40)

246.039253ms ago: executing program 1 (id=1167):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x2, 0xffffffff, 0x0, 0x1, 0x4})
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r0 = openat$nullb(0xffffff9c, &(0x7f0000000040), 0x80680, 0x0)
ioctl$BLKALIGNOFF(r0, 0x40041271, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xb, 0x0, 0x7ffc1ffb}]})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x2e8, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2bc, 0x4, 0x0, 0x1, [{0x2b8, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x2a8, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8}, @NFTA_RANGE_OP={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RANGE_FROM_DATA={0x288, 0x3, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VALUE={0xef, 0x1, "054e1b7f044d651b9b29a645a5ce7c4d75ff8b7a4dff0418cfba2d02745d4388d94349e65534e97036bdec6fd7f9c090275e7d29bef283a276ef0103e20cff09b176671cd0de3b634d3f0779c95372b85b9d1d82c44d7e98272f929d31d8a3018b5b556234bd361c1a30d4a891ef7d19b5dc81908f625824711e129f0ac3dc9c62ecf359d5d1b66aaf643e497e8d78573729d0e2fe8051818b170eb7bb8d37d956a0b537e49314b33d8f2c09db3672f96b55d0d66b17da463f964830851bd6eaf2ec740556dd166ac4af6785f4befbdb62d55f29086d7cbc997ede498464fd2324730719194a9603323e21"}, @NFTA_DATA_VALUE={0xd9, 0x1, "1154ec73c87c5bc9097e2ddfed3179cc879583e5be755caf72c051448bc458ed4ed54dc37b13a1a6d4cc0957aa7aa6a4f06a572a7d855b878474eebd809ec257a84e3df85ccd9165f693470387315c9741bdce2a9edf7eabf593f4333ba171742c0d6ca87e66a7a6de08ee047b2d83f5ac81fbe637f12f83bde08a7833c063016dc3712bcb4fa033067e693e917c4489a0b0be6a47c638eab63ecebd790aa43426166871301a21a38a530742b1d0b452cab1f9d421f4aa4f8cb00cb6ea8ef457682d1b1dfebaa4e38c23b1ca2364fa0bf9f727e828"}, @NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x48, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}]}, @NFTA_RANGE_FROM_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, 'C'}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x310}}, 0x0)
setgroups(0x0, 0x0)

0s ago: executing program 0 (id=1168):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={0x0, r1}, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000580)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$alg(0x26, 0x5, 0x0)
mlockall(0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x100000}], 0x2, 0x0, 0x0, 0xb)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r2, 0x941c, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
socketpair(0x1a, 0x100000005, 0x0, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

46][ T7247] Node 0 DMA32: 107*4kB (UMEH) 24*8kB (UMEH) 12*16kB (MH) 91*32kB (UMEH) 35*64kB (UME) 17*128kB (UME) 6*256kB (UM) 9*512kB (UM) 5*1024kB (UM) 1*2048kB (M) 0*4096kB = 21452kB
[  152.631989][ T7247] Node 1 DMA32: 4*4kB (UME) 5*8kB (ME) 117*16kB (ME) 426*32kB (UME) 279*64kB (UME) 111*128kB (UME) 11*256kB (UM) 8*512kB (UME) 10*1024kB (UM) 5*2048kB (UM) 21*4096kB (UME) = 161032kB
[  152.647125][ T7247] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  152.659237][ T7247] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  152.662835][ T7247] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  152.666829][ T7247] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  152.679304][ T7247] 52371 total pagecache pages
[  152.681694][ T7247] 713 pages in swap cache
[  152.684027][ T7247] Free swap  = 114704kB
[  152.686368][ T7247] Total swap = 124996kB
[  152.688527][ T7247] 524155 pages RAM
[  152.690392][ T7247] 0 pages HighMem/MovableOnly
[  152.693171][ T7247] 206685 pages reserved
[  152.695491][ T7247] 0 pages cma reserved
[  153.268047][ T7266] netlink: 72 bytes leftover after parsing attributes in process `syz.0.497'.
[  153.295369][ T7266] netlink: 4 bytes leftover after parsing attributes in process `syz.0.497'.
[  153.299944][ T7266] netlink: 'syz.0.497': attribute type 10 has an invalid length.
[  153.739518][ T7269] FAULT_INJECTION: forcing a failure.
[  153.739518][ T7269] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.759740][ T7269] CPU: 2 UID: 0 PID: 7269 Comm: syz.2.498 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  153.762998][ T7269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.766609][ T7269] Call Trace:
[  153.767531][ T7269]  <TASK>
[  153.768410][ T7269]  dump_stack_lvl+0x16c/0x1f0
[  153.770015][ T7269]  should_fail_ex+0x497/0x5b0
[  153.771617][ T7269]  _copy_from_iter+0x48b/0x13f0
[  153.773249][ T7269]  ? __pfx__copy_from_iter+0x10/0x10
[  153.774998][ T7269]  ? __virt_addr_valid+0x5e/0x590
[  153.776785][ T7269]  ? const_folio_flags.constprop.0+0x56/0x150
[  153.778863][ T7269]  ? __phys_addr_symbol+0x30/0x80
[  153.780472][ T7269]  ? __check_object_size+0x497/0x720
[  153.781791][ T7269]  af_alg_sendmsg+0x1212/0x2a80
[  153.783038][ T7269]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  153.784704][ T7269]  ? __pfx_aa_sk_perm+0x10/0x10
[  153.786259][ T7269]  ? __import_iovec+0x1fd/0x6e0
[  153.787852][ T7269]  ____sys_sendmsg+0x9ae/0xb40
[  153.789317][ T7269]  ? __pfx_____sys_sendmsg+0x10/0x10
[  153.790721][ T7269]  ? get_compat_msghdr+0x11b/0x170
[  153.792016][ T7269]  ? __pfx___lock_acquire+0x10/0x10
[  153.793392][ T7269]  ___sys_sendmsg+0x135/0x1e0
[  153.794914][ T7269]  ? __pfx____sys_sendmsg+0x10/0x10
[  153.796939][ T7269]  ? find_held_lock+0x2d/0x110
[  153.798556][ T7269]  ? __pfx_lock_release+0x10/0x10
[  153.800167][ T7269]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  153.802036][ T7269]  ? __fget_light+0x173/0x210
[  153.803623][ T7269]  __sys_sendmmsg+0x2a5/0x450
[  153.805144][ T7269]  ? __pfx___sys_sendmmsg+0x10/0x10
[  153.806597][ T7269]  ? vfs_write+0x14d/0x1140
[  153.807986][ T7269]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  153.809715][ T7269]  ? fput+0x30/0x390
[  153.810763][ T7269]  ? ksys_write+0x1ab/0x260
[  153.811988][ T7269]  ? __pfx_ksys_write+0x10/0x10
[  153.813279][ T7269]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  153.814814][ T7269]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  153.816519][ T7269]  __do_fast_syscall_32+0x73/0x120
[  153.817850][ T7269]  do_fast_syscall_32+0x32/0x80
[  153.819269][ T7269]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  153.820928][ T7269] RIP: 0023:0xf744e579
[  153.821999][ T7269] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  153.827140][ T7269] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  153.829372][ T7269] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002b00
[  153.831556][ T7269] RDX: 0000000000000002 RSI: 0000000000008850 RDI: 0000000000000000
[  153.833640][ T7269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  153.835649][ T7269] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  153.837569][ T7269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  153.839611][ T7269]  </TASK>
[  154.050345][ T7280] virtio-fs: tag <(null)> not found
[  154.114468][ T1289] kernel write not supported for file /cpu/0/msr (pid: 1289 comm: kworker/1:2)
[  154.810434][ T7289] mkiss: ax0: crc mode is auto.
[  155.088460][ T7289] mkiss: ax0: crc mode is auto.
[  155.209679][ T5355] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  155.209811][ T5355] Bluetooth: hci3: Injecting HCI hardware error event
[  155.211024][ T5355] Bluetooth: hci3: hardware error 0x00
[  155.565874][   T39] audit: type=1326 audit(1726623068.943:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  155.572493][   T39] audit: type=1326 audit(1726623068.943:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  155.580019][   T39] audit: type=1326 audit(1726623068.943:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=132 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  155.586539][   T39] audit: type=1326 audit(1726623068.943:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  155.592522][   T39] audit: type=1326 audit(1726623068.943:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  155.599866][   T39] audit: type=1326 audit(1726623068.943:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  155.605592][   T39] audit: type=1326 audit(1726623068.943:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  155.611545][   T39] audit: type=1326 audit(1726623068.943:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  155.866622][ T1289] usb 8-1: new low-speed USB device number 5 using dummy_hcd
[  155.868009][ T7302] FAULT_INJECTION: forcing a failure.
[  155.868009][ T7302] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.873023][ T7302] CPU: 0 UID: 0 PID: 7302 Comm: syz.0.509 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  155.875719][ T7302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.878613][ T7302] Call Trace:
[  155.879507][ T7302]  <TASK>
[  155.880289][ T7302]  dump_stack_lvl+0x16c/0x1f0
[  155.881610][ T7302]  should_fail_ex+0x497/0x5b0
[  155.882911][ T7302]  _copy_from_iter+0x48b/0x13f0
[  155.884217][ T7302]  ? __pfx__copy_from_iter+0x10/0x10
[  155.885640][ T7302]  ? __virt_addr_valid+0x5e/0x590
[  155.887074][ T7302]  ? const_folio_flags.constprop.0+0x56/0x150
[  155.889626][ T7302]  ? __phys_addr_symbol+0x30/0x80
[  155.891079][ T7302]  ? __check_object_size+0x497/0x720
[  155.892655][ T7302]  af_alg_sendmsg+0x1212/0x2a80
[  155.893972][ T7302]  ? __pfx_af_alg_sendmsg+0x10/0x10
[  155.895418][ T7302]  ? __pfx_aa_sk_perm+0x10/0x10
[  155.896874][ T7302]  ? __import_iovec+0x1fd/0x6e0
[  155.898320][ T7302]  ____sys_sendmsg+0x9ae/0xb40
[  155.899950][ T7302]  ? __pfx_____sys_sendmsg+0x10/0x10
[  155.901750][ T7302]  ? get_compat_msghdr+0x11b/0x170
[  155.903525][ T7302]  ? __pfx___lock_acquire+0x10/0x10
[  155.905295][ T7302]  ___sys_sendmsg+0x135/0x1e0
[  155.906967][ T7302]  ? __pfx____sys_sendmsg+0x10/0x10
[  155.908879][ T7302]  ? find_held_lock+0x2d/0x110
[  155.910535][ T7302]  ? __pfx_lock_release+0x10/0x10
[  155.912232][ T7302]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  155.914311][ T7302]  ? __fget_light+0x173/0x210
[  155.916150][ T7302]  __sys_sendmmsg+0x2a5/0x450
[  155.918361][ T7302]  ? __pfx___sys_sendmmsg+0x10/0x10
[  155.920293][ T7302]  ? vfs_write+0x14d/0x1140
[  155.921881][ T7302]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  155.923941][ T7302]  ? fput+0x30/0x390
[  155.925297][ T7302]  ? ksys_write+0x1ab/0x260
[  155.926860][ T7302]  ? __pfx_ksys_write+0x10/0x10
[  155.928539][ T7302]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  155.930547][ T7302]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  155.932829][ T7302]  __do_fast_syscall_32+0x73/0x120
[  155.934568][ T7302]  do_fast_syscall_32+0x32/0x80
[  155.936220][ T7302]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  155.938381][ T7302] RIP: 0023:0xf743e579
[  155.939774][ T7302] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  155.946224][ T7302] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  155.949073][ T7302] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002b00
[  155.951752][ T7302] RDX: 0000000000000002 RSI: 0000000000008850 RDI: 0000000000000000
[  155.954442][ T7302] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  155.957097][ T7302] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  155.959782][ T7302] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  155.962460][ T7302]  </TASK>
[  155.963670][    C0] vkms_vblank_simulate: vblank timer overrun
[  156.007966][ T7303] netlink: 72 bytes leftover after parsing attributes in process `syz.2.508'.
[  156.028967][ T7303] netlink: 'syz.2.508': attribute type 10 has an invalid length.
[  156.066578][ T1289] usb 8-1: Invalid ep0 maxpacket: 16
[  156.111345][ T7307] virtio-fs: tag <(null)> not found
[  156.126237][ T5392] kernel write not supported for file /cpu/0/msr (pid: 5392 comm: kworker/3:3)
[  156.139037][ T7307] FAULT_INJECTION: forcing a failure.
[  156.139037][ T7307] name failslab, interval 1, probability 0, space 0, times 0
[  156.143813][ T7307] CPU: 3 UID: 0 PID: 7307 Comm: syz.0.510 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  156.146620][ T7307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.149660][ T7307] Call Trace:
[  156.150740][ T7307]  <TASK>
[  156.151624][ T7307]  dump_stack_lvl+0x16c/0x1f0
[  156.152997][ T7307]  should_fail_ex+0x497/0x5b0
[  156.154334][ T7307]  ? fs_reclaim_acquire+0xae/0x160
[  156.155771][ T7307]  should_failslab+0xc2/0x120
[  156.157022][ T7307]  kmem_cache_alloc_node_noprof+0x71/0x310
[  156.158773][ T7307]  ? alloc_vmap_area+0x636/0x2a70
[  156.160159][ T7307]  alloc_vmap_area+0x636/0x2a70
[  156.161593][ T7307]  ? __pfx_alloc_vmap_area+0x10/0x10
[  156.163083][ T7307]  __get_vm_area_node+0x17e/0x2d0
[  156.164439][ T7307]  __vmalloc_node_range_noprof+0x270/0x14e0
[  156.166005][ T7307]  ? xt_compat_init_offsets+0xe1/0x1f0
[  156.167463][ T7307]  ? lock_acquire+0x1b1/0x560
[  156.168705][ T7307]  ? xt_compat_init_offsets+0xe1/0x1f0
[  156.170139][ T7307]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  156.171802][ T7307]  ? rcu_is_watching+0x12/0xc0
[  156.173058][ T7307]  ? __mutex_lock+0x1a6/0x9c0
[  156.174385][ T7307]  ? xt_compat_init_offsets+0xe1/0x1f0
[  156.175968][ T7307]  vmalloc_noprof+0x6b/0x90
[  156.177286][ T7307]  ? xt_compat_init_offsets+0xe1/0x1f0
[  156.178850][ T7307]  xt_compat_init_offsets+0xe1/0x1f0
[  156.180240][ T7307]  ? __pfx___might_resched+0x10/0x10
[  156.181636][ T7307]  compat_table_info+0x11b/0x830
[  156.182963][ T7307]  ? __might_fault+0xe3/0x190
[  156.184205][ T7307]  compat_do_ebt_get_ctl+0x26c/0xb90
[  156.185590][ T7307]  ? find_held_lock+0x2d/0x110
[  156.186855][ T7307]  ? __pfx_compat_do_ebt_get_ctl+0x10/0x10
[  156.188432][ T7307]  ? bpf_lsm_capable+0x9/0x10
[  156.189885][ T7307]  ? security_capable+0x7e/0x260
[  156.191202][ T7307]  do_ebt_get_ctl+0x321/0x7b0
[  156.192457][ T7307]  ? __pfx_do_ebt_get_ctl+0x10/0x10
[  156.193816][ T7307]  ? find_held_lock+0x2d/0x110
[  156.195093][ T7307]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  156.196637][ T7307]  nf_getsockopt+0x79/0xe0
[  156.197777][ T7307]  ip_getsockopt+0x18e/0x1e0
[  156.199071][ T7307]  ? __pfx_ip_getsockopt+0x10/0x10
[  156.200420][ T7307]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  156.201928][ T7307]  tcp_getsockopt+0x9e/0x100
[  156.203162][ T7307]  smc_getsockopt+0x163/0x360
[  156.204396][ T7307]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  156.205946][ T7307]  ? __pfx_smc_getsockopt+0x10/0x10
[  156.207323][ T7307]  ? __pfx_smc_getsockopt+0x10/0x10
[  156.208864][ T7307]  do_sock_getsockopt+0x3fe/0x870
[  156.210369][ T7307]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  156.211824][ T7307]  ? __fget_light+0x173/0x210
[  156.213215][ T7307]  __sys_getsockopt+0x1a1/0x270
[  156.214552][ T7307]  ? __pfx___sys_getsockopt+0x10/0x10
[  156.215970][ T7307]  ? fput+0x30/0x390
[  156.217094][ T7307]  ? ksys_write+0x1ab/0x260
[  156.218344][ T7307]  ? __pfx_ksys_write+0x10/0x10
[  156.219641][ T7307]  __ia32_sys_getsockopt+0xbc/0x160
[  156.221014][ T7307]  ? lockdep_hardirqs_on+0x7c/0x110
[  156.222411][ T7307]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  156.224152][ T7307]  __do_fast_syscall_32+0x73/0x120
[  156.225511][ T7307]  do_fast_syscall_32+0x32/0x80
[  156.226806][ T7307]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  156.228516][ T7307] RIP: 0023:0xf743e579
[  156.229803][ T7307] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  156.234941][ T7307] RSP: 002b:00000000f570556c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  156.237247][ T7307] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000000000
[  156.239413][ T7307] RDX: 0000000000000080 RSI: 0000000020000900 RDI: 0000000020000980
[  156.241598][ T7307] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  156.243695][ T7307] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  156.245799][ T7307] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  156.247914][ T7307]  </TASK>
[  156.256909][ T1289] usb 8-1: new low-speed USB device number 6 using dummy_hcd
[  156.456606][ T1289] usb 8-1: Invalid ep0 maxpacket: 16
[  156.460782][   T39] kauditd_printk_skb: 59 callbacks suppressed
[  156.460795][   T39] audit: type=1326 audit(1726623069.833:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  156.470593][ T1289] usb usb8-port1: attempt power cycle
[  156.473992][   T39] audit: type=1326 audit(1726623069.843:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  156.507404][   T39] audit: type=1326 audit(1726623069.883:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  156.588143][   T39] audit: type=1326 audit(1726623069.963:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  156.596822][   T39] audit: type=1326 audit(1726623069.963:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  156.816962][   T39] audit: type=1326 audit(1726623070.193:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  156.886704][ T1289] usb 8-1: new low-speed USB device number 7 using dummy_hcd
[  156.903594][ T7315] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  156.928201][ T1289] usb 8-1: Invalid ep0 maxpacket: 16
[  156.930036][   T39] audit: type=1326 audit(1726623070.303:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  156.937660][   T39] audit: type=1326 audit(1726623070.303:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  156.941072][ T4779] Bluetooth: hci3: Malformed LE Event: 0x02
[  156.945455][   T39] audit: type=1326 audit(1726623070.313:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  156.952712][   T39] audit: type=1326 audit(1726623070.313:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7297 comm="syz.3.507" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb8579 code=0x7ffc0000
[  157.086856][ T1289] usb 8-1: new low-speed USB device number 8 using dummy_hcd
[  157.118186][ T1289] usb 8-1: Invalid ep0 maxpacket: 16
[  157.121346][ T1289] usb usb8-port1: unable to enumerate USB device
[  157.276777][ T5355] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  158.787299][ T7334] virtio-fs: tag <(null)> not found
[  158.909158][ T5785] kernel write not supported for file /cpu/0/msr (pid: 5785 comm: kworker/0:3)
[  159.546513][ T5785] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  159.696600][ T5785] usb 5-1: device descriptor read/64, error -71
[  159.797210][ T7339] netlink: 12 bytes leftover after parsing attributes in process `syz.3.519'.
[  159.935855][ T7341] netlink: 173452 bytes leftover after parsing attributes in process `syz.3.519'.
[  159.986739][ T5785] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  160.156611][ T5785] usb 5-1: device descriptor read/64, error -71
[  160.276702][ T5785] usb usb5-port1: attempt power cycle
[  160.696570][ T5785] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  160.739643][ T5785] usb 5-1: device descriptor read/8, error -71
[  160.794273][ T7348] netlink: 4 bytes leftover after parsing attributes in process `syz.3.521'.
[  161.056817][ T5785] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  161.107273][ T5785] usb 5-1: device descriptor read/8, error -71
[  161.236960][ T5785] usb usb5-port1: unable to enumerate USB device
[  162.412239][ T7353] virtio-fs: tag <(null)> not found
[  162.433163][ T1289] kernel write not supported for file /cpu/0/msr (pid: 1289 comm: kworker/1:2)
[  162.438405][ T7353] FAULT_INJECTION: forcing a failure.
[  162.438405][ T7353] name failslab, interval 1, probability 0, space 0, times 0
[  162.441593][ T7353] CPU: 1 UID: 0 PID: 7353 Comm: syz.2.522 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  162.444288][ T7353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.446878][ T7353] Call Trace:
[  162.447728][ T7353]  <TASK>
[  162.448488][ T7353]  dump_stack_lvl+0x16c/0x1f0
[  162.449661][ T7353]  should_fail_ex+0x497/0x5b0
[  162.450856][ T7353]  ? fs_reclaim_acquire+0xae/0x160
[  162.452199][ T7353]  should_failslab+0xc2/0x120
[  162.453384][ T7353]  __kmalloc_node_noprof+0xd1/0x440
[  162.454713][ T7353]  ? __vmalloc_node_range_noprof+0x3de/0x14e0
[  162.456260][ T7353]  __vmalloc_node_range_noprof+0x3de/0x14e0
[  162.457748][ T7353]  ? xt_compat_init_offsets+0xe1/0x1f0
[  162.459147][ T7353]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  162.460701][ T7353]  ? rcu_is_watching+0x12/0xc0
[  162.461938][ T7353]  ? __mutex_lock+0x1a6/0x9c0
[  162.463143][ T7353]  ? xt_compat_init_offsets+0xe1/0x1f0
[  162.464538][ T7353]  vmalloc_noprof+0x6b/0x90
[  162.465723][ T7353]  ? xt_compat_init_offsets+0xe1/0x1f0
[  162.467100][ T7353]  xt_compat_init_offsets+0xe1/0x1f0
[  162.468448][ T7353]  ? __pfx___might_resched+0x10/0x10
[  162.469792][ T7353]  compat_table_info+0x11b/0x830
[  162.471055][ T7353]  ? __might_fault+0xe3/0x190
[  162.472292][ T7353]  compat_do_ebt_get_ctl+0x26c/0xb90
[  162.473638][ T7353]  ? find_held_lock+0x2d/0x110
[  162.474874][ T7353]  ? __pfx_compat_do_ebt_get_ctl+0x10/0x10
[  162.476323][ T7353]  ? bpf_lsm_capable+0x9/0x10
[  162.477508][ T7353]  ? security_capable+0x7e/0x260
[  162.478744][ T7353]  do_ebt_get_ctl+0x321/0x7b0
[  162.479919][ T7353]  ? __pfx_do_ebt_get_ctl+0x10/0x10
[  162.481219][ T7353]  ? find_held_lock+0x2d/0x110
[  162.482438][ T7353]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  162.483960][ T7353]  nf_getsockopt+0x79/0xe0
[  162.485083][ T7353]  ip_getsockopt+0x18e/0x1e0
[  162.486270][ T7353]  ? __pfx_ip_getsockopt+0x10/0x10
[  162.487532][ T7353]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  162.488978][ T7353]  tcp_getsockopt+0x9e/0x100
[  162.490190][ T7353]  smc_getsockopt+0x163/0x360
[  162.491643][ T7353]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  162.493258][ T7353]  ? __pfx_smc_getsockopt+0x10/0x10
[  162.494687][ T7353]  ? __pfx_smc_getsockopt+0x10/0x10
[  162.496363][ T7353]  do_sock_getsockopt+0x3fe/0x870
[  162.497791][ T7353]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  162.499285][ T7353]  ? __fget_light+0x173/0x210
[  162.500666][ T7353]  __sys_getsockopt+0x1a1/0x270
[  162.501994][ T7353]  ? __pfx___sys_getsockopt+0x10/0x10
[  162.503497][ T7353]  ? fput+0x30/0x390
[  162.504569][ T7353]  ? ksys_write+0x1ab/0x260
[  162.505803][ T7353]  ? __pfx_ksys_write+0x10/0x10
[  162.507210][ T7353]  __ia32_sys_getsockopt+0xbc/0x160
[  162.508650][ T7353]  ? lockdep_hardirqs_on+0x7c/0x110
[  162.510066][ T7353]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  162.511907][ T7353]  __do_fast_syscall_32+0x73/0x120
[  162.513414][ T7353]  do_fast_syscall_32+0x32/0x80
[  162.514846][ T7353]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  162.516619][ T7353] RIP: 0023:0xf744e579
[  162.517756][ T7353] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  162.522979][ T7353] RSP: 002b:00000000f571556c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  162.525237][ T7353] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000000000
[  162.527416][ T7353] RDX: 0000000000000080 RSI: 0000000020000900 RDI: 0000000020000980
[  162.529565][ T7353] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  162.531745][ T7353] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  162.533929][ T7353] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  162.536126][ T7353]  </TASK>
[  162.541491][ T7353] warn_alloc: 1 callbacks suppressed
[  162.542564][ T7353] syz.2.522: vmalloc error: size 4096, failed to allocated page array size 8, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  162.552694][ T7353] CPU: 1 UID: 0 PID: 7353 Comm: syz.2.522 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  162.555948][ T7353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.558782][ T7353] Call Trace:
[  162.559666][ T7353]  <TASK>
[  162.560447][ T7353]  dump_stack_lvl+0x16c/0x1f0
[  162.561688][ T7353]  warn_alloc+0x24d/0x3a0
[  162.562876][ T7353]  ? __pfx_warn_alloc+0x10/0x10
[  162.564176][ T7353]  ? dump_stack_lvl+0x1a1/0x1f0
[  162.565478][ T7353]  ? dump_stack_lvl+0x1a3/0x1f0
[  162.566774][ T7353]  ? rcu_is_watching+0x12/0xc0
[  162.568045][ T7353]  ? __kmalloc_node_noprof+0x22f/0x440
[  162.569484][ T7353]  __vmalloc_node_range_noprof+0xfe8/0x14e0
[  162.571075][ T7353]  ? xt_compat_init_offsets+0xe1/0x1f0
[  162.572528][ T7353]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  162.574242][ T7353]  ? rcu_is_watching+0x12/0xc0
[  162.575530][ T7353]  ? __mutex_lock+0x1a6/0x9c0
[  162.576779][ T7353]  ? xt_compat_init_offsets+0xe1/0x1f0
[  162.578260][ T7353]  vmalloc_noprof+0x6b/0x90
[  162.579477][ T7353]  ? xt_compat_init_offsets+0xe1/0x1f0
[  162.580921][ T7353]  xt_compat_init_offsets+0xe1/0x1f0
[  162.582343][ T7353]  ? __pfx___might_resched+0x10/0x10
[  162.583775][ T7353]  compat_table_info+0x11b/0x830
[  162.585101][ T7353]  ? __might_fault+0xe3/0x190
[  162.586388][ T7353]  compat_do_ebt_get_ctl+0x26c/0xb90
[  162.587794][ T7353]  ? find_held_lock+0x2d/0x110
[  162.589066][ T7353]  ? __pfx_compat_do_ebt_get_ctl+0x10/0x10
[  162.590626][ T7353]  ? bpf_lsm_capable+0x9/0x10
[  162.591899][ T7353]  ? security_capable+0x7e/0x260
[  162.593319][ T7353]  do_ebt_get_ctl+0x321/0x7b0
[  162.594584][ T7353]  ? __pfx_do_ebt_get_ctl+0x10/0x10
[  162.595986][ T7353]  ? find_held_lock+0x2d/0x110
[  162.597267][ T7353]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  162.598879][ T7353]  nf_getsockopt+0x79/0xe0
[  162.600074][ T7353]  ip_getsockopt+0x18e/0x1e0
[  162.601302][ T7353]  ? __pfx_ip_getsockopt+0x10/0x10
[  162.602676][ T7353]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  162.604200][ T7353]  tcp_getsockopt+0x9e/0x100
[  162.605378][ T7353]  smc_getsockopt+0x163/0x360
[  162.606579][ T7353]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  162.608004][ T7353]  ? __pfx_smc_getsockopt+0x10/0x10
[  162.609339][ T7353]  ? __pfx_smc_getsockopt+0x10/0x10
[  162.610657][ T7353]  do_sock_getsockopt+0x3fe/0x870
[  162.611983][ T7353]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  162.613451][ T7353]  ? __fget_light+0x173/0x210
[  162.614705][ T7353]  __sys_getsockopt+0x1a1/0x270
[  162.615998][ T7353]  ? __pfx___sys_getsockopt+0x10/0x10
[  162.617396][ T7353]  ? fput+0x30/0x390
[  162.618456][ T7353]  ? ksys_write+0x1ab/0x260
[  162.619658][ T7353]  ? __pfx_ksys_write+0x10/0x10
[  162.620952][ T7353]  __ia32_sys_getsockopt+0xbc/0x160
[  162.622336][ T7353]  ? lockdep_hardirqs_on+0x7c/0x110
[  162.623736][ T7353]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  162.625454][ T7353]  __do_fast_syscall_32+0x73/0x120
[  162.626820][ T7353]  do_fast_syscall_32+0x32/0x80
[  162.628068][ T7353]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  162.629693][ T7353] RIP: 0023:0xf744e579
[  162.630772][ T7353] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  162.635792][ T7353] RSP: 002b:00000000f571556c EFLAGS: 00000296 ORIG_RAX: 000000000000016d
[  162.638008][ T7353] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000000000
[  162.640083][ T7353] RDX: 0000000000000080 RSI: 0000000020000900 RDI: 0000000020000980
[  162.642158][ T7353] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  162.644265][ T7353] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  162.646340][ T7353] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  162.648420][ T7353]  </TASK>
[  162.680586][ T7353] Mem-Info:
[  162.681492][ T7353] active_anon:8098 inactive_anon:4 isolated_anon:0
[  162.681492][ T7353]  active_file:17060 inactive_file:33557 isolated_file:0
[  162.681492][ T7353]  unevictable:768 dirty:237 writeback:0
[  162.681492][ T7353]  slab_reclaimable:6315 slab_unreclaimable:63452
[  162.681492][ T7353]  mapped:24615 shmem:1054 pagetables:741
[  162.681492][ T7353]  sec_pagetables:316 bounce:0
[  162.681492][ T7353]  kernel_misc_reclaimable:0
[  162.681492][ T7353]  free:47791 free_pcp:1089 free_cma:0
[  162.708814][ T7353] Node 0 active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:12kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:2752kB dirty:12kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9344kB pagetables:1004kB sec_pagetables:1196kB all_unreclaimable? no
[  162.731268][ T7353] Node 1 active_anon:32372kB inactive_anon:16kB active_file:68232kB inactive_file:134216kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:95708kB dirty:936kB writeback:0kB shmem:2684kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2468kB pagetables:1988kB sec_pagetables:68kB all_unreclaimable? no
[  162.739991][ T7353] Node 0 DMA free:912kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:4kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:144kB local_pcp:88kB free_cma:0kB
[  162.747520][ T7353] lowmem_reserve[]: 0 275 0 0 0
[  162.749008][ T7353] Node 0 DMA32 free:21588kB boost:0kB min:14004kB low:17504kB high:21004kB reserved_highatomic:4096KB active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:8kB unevictable:1536kB writepending:8kB present:1032192kB managed:308312kB mlocked:0kB bounce:0kB free_pcp:648kB local_pcp:208kB free_cma:0kB
[  162.758296][ T7353] lowmem_reserve[]: 0 0 0 0 0
[  162.762151][ T7353] Node 1 DMA32 free:169700kB boost:0kB min:47044kB low:58804kB high:70564kB reserved_highatomic:0KB active_anon:32472kB inactive_anon:16kB active_file:68232kB inactive_file:134216kB unevictable:1536kB writepending:936kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:3356kB local_pcp:700kB free_cma:0kB
[  162.772083][ T7353] lowmem_reserve[]: 0 0 0 0 0
[  162.773497][ T7353] Node 0 DMA: 6*4kB (U) 1*8kB (U) 1*16kB (U) 27*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 912kB
[  162.777467][ T7353] Node 0 DMA32: 61*4kB (UMEH) 16*8kB (MEH) 18*16kB (MH) 94*32kB (UMEH) 40*64kB (UME) 18*128kB (UME) 7*256kB (UM) 10*512kB (UM) 6*1024kB (UM) 0*2048kB 0*4096kB = 21588kB
[  162.782366][ T7353] Node 1 DMA32: 2*4kB (ME) 158*8kB (UME) 596*16kB (UME) 435*32kB (UME) 280*64kB (UME) 108*128kB (UME) 10*256kB (UM) 6*512kB (UME) 3*1024kB (UM) 1*2048kB (M) 25*4096kB (UME) = 169624kB
[  162.787851][ T7353] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  162.790534][ T7353] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  162.793071][ T7353] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  162.795628][ T7353] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  162.802451][ T7353] 52388 total pagecache pages
[  162.803787][ T7353] 716 pages in swap cache
[  162.805009][ T7353] Free swap  = 115448kB
[  162.806121][ T7353] Total swap = 124996kB
[  162.807735][ T7353] 524155 pages RAM
[  162.808749][ T7353] 0 pages HighMem/MovableOnly
[  162.810107][ T7353] 206685 pages reserved
[  162.811253][ T7353] 0 pages cma reserved
[  163.122565][ T7361] usb usb8: usbfs: process 7361 (syz.3.524) did not claim interface 0 before use
[  164.405602][ T7373] virtio-fs: tag <(null)> not found
[  164.481038][ T1289] kernel write not supported for file /cpu/0/msr (pid: 1289 comm: kworker/1:2)
[  165.429819][ T7380] netlink: 204 bytes leftover after parsing attributes in process `syz.2.529'.
[  167.253793][ T7393] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  167.637397][ T4779] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  167.642229][ T4779] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  167.645373][ T4779] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  167.657436][ T4779] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  167.660975][ T4779] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  167.666702][ T4779] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  167.744198][ T7399] lo speed is unknown, defaulting to 1000
[  167.824420][ T7405] netlink: 'syz.2.534': attribute type 2 has an invalid length.
[  167.826412][ T7405] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.534'.
[  168.143934][ T7406] netlink: 'syz.3.536': attribute type 10 has an invalid length.
[  168.146081][ T7406] netlink: 40 bytes leftover after parsing attributes in process `syz.3.536'.
[  168.506187][ T7399] chnl_net:caif_netlink_parms(): no params data found
[  168.820076][ T7399] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.822002][ T7399] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.823983][ T7399] bridge_slave_0: entered allmulticast mode
[  168.828036][ T7399] bridge_slave_0: entered promiscuous mode
[  168.831941][ T7399] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.834299][ T7399] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.836703][ T7399] bridge_slave_1: entered allmulticast mode
[  168.839617][ T7399] bridge_slave_1: entered promiscuous mode
[  168.924064][ T7399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  168.929037][ T7399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.967146][ T7422] netlink: 72 bytes leftover after parsing attributes in process `syz.2.539'.
[  169.009865][ T7399] team0: Port device team_slave_0 added
[  169.017193][ T7422] netlink: 'syz.2.539': attribute type 10 has an invalid length.
[  169.021708][ T7399] team0: Port device team_slave_1 added
[  169.102425][ T7399] batman_adv: batadv0: Adding interface: batadv_slave_0
[  169.104272][ T7399] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.112294][ T7399] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  169.116859][ T7399] batman_adv: batadv0: Adding interface: batadv_slave_1
[  169.118688][ T7399] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.126737][ T7399] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  169.220586][ T7399] hsr_slave_0: entered promiscuous mode
[  169.226775][ T7399] hsr_slave_1: entered promiscuous mode
[  169.230046][ T7399] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  169.236876][ T7399] Cannot create hsr debugfs directory
[  169.756692][ T5355] Bluetooth: hci6: command tx timeout
[  169.921674][ T7399] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.097782][ T7399] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.230603][ T7399] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.375491][ T7399] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.556409][ T7399] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  170.572326][ T7399] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  170.582617][ T7399] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  170.588427][ T7399] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  170.725310][ T7430] virtio-fs: tag <(null)> not found
[  170.822051][ T7399] 8021q: adding VLAN 0 to HW filter on device bond0
[  170.823025][ T5785] kernel write not supported for file /cpu/0/msr (pid: 5785 comm: kworker/0:3)
[  170.880847][ T7399] 8021q: adding VLAN 0 to HW filter on device team0
[  170.888303][   T39] kauditd_printk_skb: 5 callbacks suppressed
[  170.888314][   T39] audit: type=1326 audit(1726623084.263:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7431 comm="syz.0.542" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0
[  170.899803][ T3210] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.902538][ T3210] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.911644][ T1004] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.913573][ T1004] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.288230][ T7399] 8021q: adding VLAN 0 to HW filter on device batadv0
[  171.425388][ T7399] veth0_vlan: entered promiscuous mode
[  171.479541][ T7399] veth1_vlan: entered promiscuous mode
[  171.518558][ T7399] veth0_macvtap: entered promiscuous mode
[  171.550166][ T7399] veth1_macvtap: entered promiscuous mode
[  171.571425][ T7399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.574224][ T7399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.586715][ T7399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.589450][ T7399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.592004][ T7399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.594720][ T7399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.606504][ T7399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.609242][ T7399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.611797][ T7399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.614523][ T7399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.648243][ T7399] batman_adv: batadv0: Interface activated: batadv_slave_0
[  171.660483][ T7399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.663267][ T7399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.665865][ T7399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.696504][ T7399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.700428][ T7399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.703309][ T7399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.705903][ T7399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.730416][ T7399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.733841][ T7399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  171.746491][ T7399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.750162][ T7399] batman_adv: batadv0: Interface activated: batadv_slave_1
[  171.759084][ T7399] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  171.761482][ T7399] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  171.763823][ T7399] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  171.766125][ T7399] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  171.836705][ T5355] Bluetooth: hci6: command tx timeout
[  171.886404][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.889564][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  171.930930][ T6251] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.933024][ T6251] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.053670][ T7464] netlink: 'syz.0.546': attribute type 10 has an invalid length.
[  173.057982][ T7464] netlink: 40 bytes leftover after parsing attributes in process `syz.0.546'.
[  173.867990][ T5364] Bluetooth: hci2: unexpected event 0x30 length: 56 > 3
[  173.868095][ T5364] Bluetooth: hci2: unexpected event 0x30 length: 56 > 3
[  173.916660][ T5364] Bluetooth: hci6: command tx timeout
[  174.468073][ T7482] netlink: 'syz.3.551': attribute type 10 has an invalid length.
[  174.470786][ T7482] netlink: 40 bytes leftover after parsing attributes in process `syz.3.551'.
[  175.434177][ T7489] virtio-fs: tag <(null)> not found
[  175.439972][ T5363] Bluetooth: hci1: command 0x0406 tx timeout
[  175.441665][ T5363] Bluetooth: hci0: command 0x0c20 tx timeout
[  175.443435][ T5364] Bluetooth: hci2: command 0x0406 tx timeout
[  175.709481][   T10] kernel write not supported for file /cpu/0/msr (pid: 10 comm: kworker/0:1)
[  176.006631][ T4779] Bluetooth: hci6: command tx timeout
[  176.766743][ T1289] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  176.953856][ T1289] usb 6-1: config 1 interface 0 altsetting 5 endpoint 0x81 has invalid maxpacket 1088, setting to 1024
[  176.962984][ T1289] usb 6-1: config 1 interface 0 has no altsetting 0
[  177.159211][ T7519] virtio-fs: tag <(null)> not found
[  177.336679][    T8] kernel write not supported for file /cpu/0/msr (pid: 8 comm: kworker/0:0)
[  179.376593][ T5392] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  179.475862][ T1289] usb 6-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.40
[  179.478587][ T1289] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.481992][ T1289] usb 6-1: Product: ᰱ
[  179.499869][ T1289] usb 6-1: can't set config #1, error -71
[  179.518172][ T1289] usb 6-1: USB disconnect, device number 8
[  179.559122][ T5392] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  179.562642][ T5392] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  179.596967][ T5392] usb 5-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  179.606789][ T5392] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.617870][ T5392] usb 5-1: config 0 descriptor??
[  179.622306][ T5392] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  179.633252][ T5819] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  179.889210][ T5819] usb 5-1: USB disconnect, device number 11
[  180.183942][ T7559] netlink: 'syz.1.573': attribute type 10 has an invalid length.
[  180.186821][ T7559] netlink: 40 bytes leftover after parsing attributes in process `syz.1.573'.
[  180.216527][ T1429] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  180.406653][ T1429] usb 7-1: Using ep0 maxpacket: 32
[  180.411138][ T1429] usb 7-1: unable to get BOS descriptor or descriptor too short
[  180.415372][ T1429] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.439187][ T1429] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  180.442692][ T1429] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  180.446077][ T1429] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  180.476532][ T1429] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  180.489289][ T1429] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  180.492533][ T1429] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.495411][ T1429] usb 7-1: Product: syz
[  180.504214][ T7561] netlink: 4 bytes leftover after parsing attributes in process `syz.0.574'.
[  180.516722][ T1429] usb 7-1: Manufacturer: syz
[  180.520159][ T7561] input: syz1 as /devices/virtual/input/input9
[  180.525201][ T1429] usb 7-1: SerialNumber: syz
[  180.698828][   T39] audit: type=1326 audit(1726623094.073:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7541 comm="syz.3.570" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7fc00000
[  180.744035][ T7551] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.756336][ T7569] netlink: 12 bytes leftover after parsing attributes in process `syz.3.576'.
[  180.759597][ T7568] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.761606][ T7551] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.786920][ T7568] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.828748][ T7551] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.857426][ T7551] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.896789][ T1429] cdc_ncm 7-1:1.0: bind() failure
[  180.900490][ T1429] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found
[  180.906651][ T1429] cdc_ncm 7-1:1.1: bind() failure
[  180.916768][ T1429] usb 7-1: USB disconnect, device number 5
[  180.937253][ T7572] netlink: 173452 bytes leftover after parsing attributes in process `syz.3.576'.
[  181.039647][ T7573] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0
[  182.137812][ T7584] virtio-fs: tag <(null)> not found
[  182.245686][   T10] kernel write not supported for file /cpu/0/msr (pid: 10 comm: kworker/0:1)
[  182.989634][ T7600] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  183.428090][ T7624] sock: sock_timestamping_bind_phc: sock not bind to device
[  184.453287][ T6251] bridge_slave_1: left allmulticast mode
[  184.455512][ T6251] bridge_slave_1: left promiscuous mode
[  184.459303][ T6251] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.468914][ T6251] bridge_slave_0: left allmulticast mode
[  184.470976][ T6251] bridge_slave_0: left promiscuous mode
[  184.472554][ T6251] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.756782][ T6251] dvmrp1 (unregistering): left allmulticast mode
[  184.814107][ T6251] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  185.000413][ T7650] netlink: 72 bytes leftover after parsing attributes in process `syz.0.595'.
[  185.245922][ T6251] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  185.253646][ T6251] bond0 (unregistering): Released all slaves
[  185.266905][ T7650] netlink: 52 bytes leftover after parsing attributes in process `syz.0.595'.
[  185.269737][ T7652] netlink: 'syz.0.595': attribute type 10 has an invalid length.
[  185.469300][ T7658] netlink: 40 bytes leftover after parsing attributes in process `syz.3.597'.
[  186.066243][ T7670] netlink: 28 bytes leftover after parsing attributes in process `syz.3.600'.
[  186.193705][ T6251] hsr_slave_0: left promiscuous mode
[  186.212603][ T6251] hsr_slave_1: left promiscuous mode
[  186.215265][ T6251] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.217449][ T6251] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.225343][ T6251] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.228692][ T6251] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.299942][ T6251] veth1_macvtap: left promiscuous mode
[  186.301896][ T6251] veth0_macvtap: left promiscuous mode
[  186.317496][ T6251] veth1_vlan: left promiscuous mode
[  186.321290][ T6251] veth0_vlan: left promiscuous mode
[  186.700149][ T7678] syz.0.602: attempt to access beyond end of device
[  186.700149][ T7678] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  186.704617][ T7678] SQUASHFS error: Failed to read block 0x0: -5
[  186.706572][ T7678] unable to read squashfs_super_block
[  187.139714][ T7683] netlink: 72 bytes leftover after parsing attributes in process `syz.1.604'.
[  187.708620][ T7688] netlink: 28 bytes leftover after parsing attributes in process `syz.0.606'.
[  187.880731][ T7696] netlink: 16 bytes leftover after parsing attributes in process `syz.0.606'.
[  188.481086][ T6251] team0 (unregistering): Port device team_slave_1 removed
[  188.486593][   T39] audit: type=1326 audit(1726623101.843:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.2.609" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  188.492319][   T39] audit: type=1326 audit(1726623101.843:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.2.609" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  188.498537][   T39] audit: type=1326 audit(1726623101.843:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.2.609" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  188.504903][   T39] audit: type=1326 audit(1726623101.843:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.2.609" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  188.514009][   T39] audit: type=1326 audit(1726623101.843:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.2.609" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  188.521381][   T39] audit: type=1326 audit(1726623101.843:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.2.609" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  188.529282][   T39] audit: type=1326 audit(1726623101.843:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.2.609" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  188.537523][   T39] audit: type=1326 audit(1726623101.843:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.2.609" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  188.544714][   T39] audit: type=1326 audit(1726623101.853:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.2.609" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  188.551448][   T39] audit: type=1326 audit(1726623101.863:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.2.609" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf744e579 code=0x7ffc0000
[  188.700351][ T6251] team0 (unregistering): Port device team_slave_0 removed
[  188.846887][ T7704] overlayfs: upper fs does not support tmpfile.
[  189.543187][ T7683] netlink: 52 bytes leftover after parsing attributes in process `syz.1.604'.
[  189.545705][ T7684] netlink: 'syz.1.604': attribute type 10 has an invalid length.
[  189.571591][ T7684] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  189.844142][ T7715] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  189.869860][ T7716] netlink: 12 bytes leftover after parsing attributes in process `syz.1.613'.
[  190.056225][ T7719] netlink: 173452 bytes leftover after parsing attributes in process `syz.1.613'.
[  190.114410][ T7722] fuse: Unknown parameter 'SootVode'
[  190.307121][ T7728] overlayfs: overlapping lowerdir path
[  190.712391][ T7731] netlink: 9 bytes leftover after parsing attributes in process `syz.0.617'.
[  191.185573][ T7742] netlink: 72 bytes leftover after parsing attributes in process `syz.2.620'.
[  191.248879][ T7742] netlink: 52 bytes leftover after parsing attributes in process `syz.2.620'.
[  191.269104][ T7742] netlink: 'syz.2.620': attribute type 10 has an invalid length.
[  191.355375][ T4779] Bluetooth: hci5: unexpected event 0x03 length: 16 > 11
[  192.073779][ T7753] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  192.368203][    T8] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  192.566984][    T8] usb 5-1: Using ep0 maxpacket: 8
[  192.581461][    T8] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  192.591182][    T8] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[  192.602542][    T8] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[  192.604979][    T8] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  192.624400][    T8] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  192.634268][    T8] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  192.639280][    T8] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  192.643220][    T8] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[  192.645183][    T8] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[  192.648026][    T8] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  192.651058][    T8] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  192.657484][    T8] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  192.664022][    T8] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  192.668999][    T8] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[  192.670959][    T8] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[  192.673412][    T8] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  192.677075][    T8] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11
[  192.683268][    T8] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  192.704773][    T8] usb 5-1: string descriptor 0 read error: -22
[  192.707861][    T8] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  192.714124][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.752050][    T8] adutux 5-1:246.0: interrupt endpoints not found
[  193.094385][   T30] usb 5-1: USB disconnect, device number 12
[  193.292652][ T7766] __find_get_block_slow() failed. block=144115188075855872, b_blocknr=0, b_state=0x00106019, b_size=4096, device sda1 blocksize: 4096
[  193.298137][ T5392] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  193.300264][ T7766] grow_buffers: requested out-of-range block 144115188075855872 for device sda1
[  193.303536][ T7766] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted
[  193.489090][ T5392] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  193.493188][ T5392] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  193.496338][ T5392] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  193.499250][ T5392] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.505469][ T7771] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  193.518553][ T5392] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  193.763611][ T1429] usb 6-1: USB disconnect, device number 9
[  193.806196][ T7790] netlink: 72 bytes leftover after parsing attributes in process `syz.3.632'.
[  193.831945][ T7790] netlink: 52 bytes leftover after parsing attributes in process `syz.3.632'.
[  193.835873][ T7790] netlink: 'syz.3.632': attribute type 10 has an invalid length.
[  193.839139][ T1378] ieee802154 phy0 wpan0: encryption failed: -22
[  193.839248][ T1378] ieee802154 phy1 wpan1: encryption failed: -22
[  194.673763][ T7806] netlink: 'syz.0.638': attribute type 2 has an invalid length.
[  194.741483][ T7448] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  194.960022][ T7448] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  194.963231][ T7448] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  194.967165][ T7448] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  194.969977][ T7448] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  194.976608][ T7448] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  194.979308][ T7448] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  194.981478][ T7448] usb 6-1: Manufacturer: syz
[  194.984303][ T7448] usb 6-1: config 0 descriptor??
[  195.220389][ T7448] appleir 0003:05AC:8243.0004: unknown main item tag 0x0
[  195.227935][ T7448] appleir 0003:05AC:8243.0004: No inputs registered, leaving
[  195.250976][ T7448] appleir 0003:05AC:8243.0004: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  195.273453][ T7821] netlink: 72 bytes leftover after parsing attributes in process `syz.0.641'.
[  195.328759][ T7821] netlink: 52 bytes leftover after parsing attributes in process `syz.0.641'.
[  195.335541][ T7821] netlink: 'syz.0.641': attribute type 10 has an invalid length.
[  195.396842][ T1429] usb 6-1: USB disconnect, device number 10
[  195.515355][ T7825] virtio-fs: tag <(null)> not found
[  195.553037][ T7448] kernel write not supported for file /cpu/0/msr (pid: 7448 comm: kworker/0:4)
[  195.917965][ T7829] netlink: 12 bytes leftover after parsing attributes in process `syz.0.644'.
[  195.930804][ T7827] netlink: 4 bytes leftover after parsing attributes in process `syz.3.643'.
[  196.117853][ T7837] netlink: 173452 bytes leftover after parsing attributes in process `syz.0.644'.
[  196.386095][ T7843] usb usb9: usbfs: interface 0 claimed by hub while 'syz.3.646' sets config #0
[  196.474319][ T7844] bridge0: port 3(syz_tun) entered blocking state
[  196.480109][ T7844] bridge0: port 3(syz_tun) entered disabled state
[  197.564139][ T7873] netlink: 12 bytes leftover after parsing attributes in process `syz.3.656'.
[  197.699514][ T7883] netlink: 173452 bytes leftover after parsing attributes in process `syz.3.656'.
[  197.885441][ T7894] netlink: 72 bytes leftover after parsing attributes in process `syz.2.659'.
[  198.021339][ T7900] netlink: 'syz.2.659': attribute type 10 has an invalid length.
[  199.099202][ T7932] kvm: pic: level sensitive irq not supported
[  199.099474][ T7932] kvm: pic: non byte read
[  199.103091][ T7932] kvm: pic: level sensitive irq not supported
[  199.103366][ T7932] kvm: pic: non byte read
[  199.114886][ T7932] kvm: pic: level sensitive irq not supported
[  199.115144][ T7932] kvm: pic: non byte read
[  199.126178][ T7932] kvm: pic: level sensitive irq not supported
[  199.126715][ T7932] kvm: pic: non byte read
[  199.391781][ T7943] netlink: 12 bytes leftover after parsing attributes in process `syz.3.671'.
[  199.514579][ T7951] netlink: 173452 bytes leftover after parsing attributes in process `syz.3.671'.
[  199.676823][ T7957] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_to_bridge, syncid = 0, id = 0
[  199.744534][ T7960] binder: 7959:7960 ioctl 6611 0 returned -22
[  199.748397][ T7960] binder: 7959:7960 ioctl c0306201 200003c0 returned -22
[  199.750781][ T7960] binder: 7959:7960 ioctl c0306201 0 returned -14
[  200.095389][ T7961] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  200.381794][ T7971] overlayfs: failed to resolve './file0': -2
[  200.637831][ T7979] netlink: 4 bytes leftover after parsing attributes in process `syz.2.681'.
[  200.686619][    T8] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  200.873109][    T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.875906][    T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  200.896932][    T8] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  200.900347][    T8] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.912564][    T8] usb 8-1: config 0 descriptor??
[  201.409461][    T8] usbhid 8-1:0.0: can't add hid device: -71
[  201.411149][    T8] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  201.436562][    T8] usb 8-1: USB disconnect, device number 9
[  201.971521][ T8004] netlink: 12 bytes leftover after parsing attributes in process `syz.2.688'.
[  202.116820][ T8012] virtio-fs: tag <(null)> not found
[  202.136568][   T58] kernel write not supported for file /cpu/0/msr (pid: 58 comm: kworker/2:1)
[  202.165745][ T8014] netlink: 173452 bytes leftover after parsing attributes in process `syz.2.688'.
[  202.709927][ T8002] Cannot find set identified by id 0 to match
[  202.911064][ T8018] syz.2.691: attempt to access beyond end of device
[  202.911064][ T8018] nbd2: rw=2048, sector=2, nr_sectors = 1 limit=0
[  202.916264][ T8018] hfsplus: unable to find HFS+ superblock
[  203.276526][ T5392] usb 7-1: new low-speed USB device number 6 using dummy_hcd
[  203.315321][ T8021] IPv6: Can't replace route, no match found
[  203.319497][   T39] kauditd_printk_skb: 45 callbacks suppressed
[  203.319508][   T39] audit: type=1326 audit(1726623116.703:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8020 comm="syz.0.692" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0
[  203.707505][ T8028] virtio-fs: tag <(null)> not found
[  203.733863][ T7448] kernel write not supported for file /cpu/0/msr (pid: 7448 comm: kworker/0:4)
[  203.783236][ T8031] netlink: 'syz.1.695': attribute type 1 has an invalid length.
[  203.980537][ T8035] 9pnet: p9_errstr2errno: server reported unknown error �^P�
[  204.460620][ T8047] netlink: 72 bytes leftover after parsing attributes in process `syz.1.699'.
[  204.501578][ T8047] netlink: 24 bytes leftover after parsing attributes in process `syz.1.699'.
[  204.556158][   T65] bond0: (slave netdevsim0): link status definitely down, disabling slave
[  205.437818][ T8067] netlink: 288 bytes leftover after parsing attributes in process `syz.3.705'.
[  205.476613][   T59] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  205.666846][   T59] usb 6-1: Using ep0 maxpacket: 8
[  205.679087][   T59] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  205.681650][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  205.685431][   T59] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  205.691848][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  205.694869][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  205.709235][   T59] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  205.711318][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  205.714525][   T59] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  205.720143][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  205.723057][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  205.737404][   T59] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  205.739402][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  205.742745][   T59] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  205.746205][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  205.766562][   T59] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  205.784798][   T59] usb 6-1: string descriptor 0 read error: -22
[  205.786639][   T59] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  205.789334][   T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.800522][   T59] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  206.068284][ T8075] /dev/sr0: Can't open blockdev
[  206.183660][ T7448] usb 6-1: USB disconnect, device number 11
[  206.197999][ T8077] /dev/sr0: Can't open blockdev
[  206.411501][ T8056] adutux: No device or device unplugged -19
[  206.683636][ T8087] netlink: 72 bytes leftover after parsing attributes in process `syz.2.710'.
[  206.706718][ T8087] netlink: 24 bytes leftover after parsing attributes in process `syz.2.710'.
[  207.037224][ T8094] virtio-fs: tag <(null)> not found
[  207.095792][    T8] kernel write not supported for file /cpu/0/msr (pid: 8 comm: kworker/0:0)
[  207.476712][ T8110] capability: warning: `syz.0.715' uses deprecated v2 capabilities in a way that may be insecure
[  207.522740][ T8099] fuse: Bad value for 'fd'
[  208.207972][   T39] audit: type=1326 audit(1726623121.583:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.2.716" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[  208.312601][ T8113] could not open pipe file descriptor
[  208.694553][ T8128] tmpfs: Bad value for 'mpol'
[  208.928037][ T8135] netlink: 72 bytes leftover after parsing attributes in process `syz.1.721'.
[  208.939542][ T8135] netlink: 24 bytes leftover after parsing attributes in process `syz.1.721'.
[  209.317556][ T8144] netlink: 36 bytes leftover after parsing attributes in process `syz.3.723'.
[  209.347322][ T8145] netlink: 36 bytes leftover after parsing attributes in process `syz.3.723'.
[  209.715342][ T8151] netlink: 'syz.0.726': attribute type 10 has an invalid length.
[  209.745874][ T8151] 8021q: adding VLAN 0 to HW filter on device batadv0
[  209.759610][ T8151] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  210.297287][ T8166] fuse: Unknown parameter ''
[  210.306932][ T8167] fuse: Unknown parameter ''
[  210.602107][ T8173] virtio-fs: tag <(null)> not found
[  210.637860][   T59] kernel write not supported for file /cpu/0/msr (pid: 59 comm: kworker/3:1)
[  211.506911][ T8189] netlink: 12 bytes leftover after parsing attributes in process `syz.0.736'.
[  211.986580][ T8201] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  211.991237][ T8203] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 2
[  211.996478][ T8202] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 1
[  211.996708][ T8204] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 3
[  212.253867][ T8208] virtio-fs: tag <(null)> not found
[  212.333472][ T8208] 9pnet_fd: Insufficient options for proto=fd
[  212.354390][   T59] kernel read not supported for file /amidi2 (pid: 59 comm: kworker/3:1)
[  213.285017][ T8233] virtio-fs: tag <(null)> not found
[  213.305013][    T8] kernel write not supported for file /cpu/0/msr (pid: 8 comm: kworker/0:0)
[  213.473988][ T8241] netlink: 12 bytes leftover after parsing attributes in process `syz.3.751'.
[  213.615365][ T8243] netlink: 173452 bytes leftover after parsing attributes in process `syz.3.751'.
[  213.827311][ T8246] random: crng reseeded on system resumption
[  214.383147][ T8248] netlink: 4 bytes leftover after parsing attributes in process `syz.3.753'.
[  215.418250][ T5394] libceph: connect (1)[c::]:6789 error -101
[  215.429167][ T5394] libceph: mon0 (1)[c::]:6789 connect error
[  215.439165][ T5394] libceph: connect (1)[c::]:6789 error -101
[  215.440878][ T5394] libceph: mon0 (1)[c::]:6789 connect error
[  215.483137][ T8280] netlink: 12 bytes leftover after parsing attributes in process `syz.3.761'.
[  215.627070][ T8289] netlink: 173452 bytes leftover after parsing attributes in process `syz.3.761'.
[  215.699547][   T30] libceph: connect (1)[c::]:6789 error -101
[  215.701965][   T30] libceph: mon0 (1)[c::]:6789 connect error
[  216.260430][ T8275] ceph: No mds server is up or the cluster is laggy
[  216.578007][   T30] libceph: connect (1)[c::]:6789 error -101
[  216.580248][   T30] libceph: mon0 (1)[c::]:6789 connect error
[  216.710375][ T8315] netlink: 3 bytes leftover after parsing attributes in process `syz.0.769'.
[  216.907191][   T30] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  216.928797][ T8315] netlink: 56 bytes leftover after parsing attributes in process `syz.0.769'.
[  217.077808][ T8315] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  217.119005][   T30] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  217.122204][   T30] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  217.130436][   T30] usb 8-1: New USB device found, idVendor=0451, idProduct=3410, bcdDevice=ef.1e
[  217.133386][   T30] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.135983][   T30] usb 8-1: Product: syz
[  217.145680][   T30] usb 8-1: Manufacturer: syz
[  217.149022][   T30] usb 8-1: SerialNumber: syz
[  217.178588][   T30] usb 8-1: config 0 descriptor??
[  217.188950][   T30] ti_usb_3410_5052 8-1:0.0: required endpoints missing
[  217.466333][    T8] usb 8-1: USB disconnect, device number 10
[  218.071616][ T8336] netlink: 12 bytes leftover after parsing attributes in process `syz.3.775'.
[  218.177339][ T8339] netlink: 173452 bytes leftover after parsing attributes in process `syz.3.775'.
[  218.313197][ T8341] netlink: 4 bytes leftover after parsing attributes in process `syz.2.776'.
[  218.438558][ T8349] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  219.188714][ T8373] netlink: 16 bytes leftover after parsing attributes in process `syz.0.784'.
[  219.548084][ T1289] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  219.568039][ T8388] netlink: 173452 bytes leftover after parsing attributes in process `syz.0.789'.
[  219.729143][ T1289] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  219.732307][ T1289] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  219.735425][ T1289] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  219.738385][ T1289] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  219.742144][ T1289] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  219.750004][ T1289] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  219.753341][ T1289] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  219.755780][ T1289] usb 8-1: Product: syz
[  219.757763][ T1289] usb 8-1: Manufacturer: syz
[  219.765014][ T1289] cdc_wdm 8-1:1.0: skipping garbage
[  219.767219][ T1289] cdc_wdm 8-1:1.0: skipping garbage
[  219.773882][ T1289] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  219.776224][ T1289] cdc_wdm 8-1:1.0: Unknown control protocol
[  219.972302][   T59] usb 8-1: USB disconnect, device number 11
[  220.605534][ T8402] netlink: 'syz.2.793': attribute type 4 has an invalid length.
[  220.636588][   T59] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  220.818702][   T59] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  220.825707][   T59] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  220.832963][   T59] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  220.836421][   T59] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  220.840844][   T59] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  220.849289][   T59] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  220.852542][   T59] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  220.859822][   T59] usb 8-1: Product: syz
[  220.861392][   T59] usb 8-1: Manufacturer: syz
[  220.868467][   T59] cdc_wdm 8-1:1.0: skipping garbage
[  220.870893][   T59] cdc_wdm 8-1:1.0: skipping garbage
[  220.874763][   T59] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  220.877384][   T59] cdc_wdm 8-1:1.0: Unknown control protocol
[  221.218148][ T8411] lo speed is unknown, defaulting to 1000
[  221.356832][   T58] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  221.558413][   T58] usb 7-1: Using ep0 maxpacket: 8
[  221.564661][   T58] usb 7-1: config 0 has no interfaces?
[  221.573147][   T58] usb 7-1: New USB device found, idVendor=e7f9, idProduct=ffff, bcdDevice=ff.ff
[  221.575649][   T58] usb 7-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  221.578081][   T58] usb 7-1: Product: syz
[  221.579354][   T58] usb 7-1: Manufacturer: syz
[  221.590150][   T58] usb 7-1: config 0 descriptor??
[  222.091564][   T58] usb 7-1: USB disconnect, device number 7
[  222.118661][ T8424] netlink: 12 bytes leftover after parsing attributes in process `syz.0.799'.
[  222.228329][ T8425] netlink: 173452 bytes leftover after parsing attributes in process `syz.0.799'.
[  222.723509][ T8444] netlink: 72 bytes leftover after parsing attributes in process `syz.2.805'.
[  222.738280][ T8444] netlink: 24 bytes leftover after parsing attributes in process `syz.2.805'.
[  222.842073][   T59] usb 8-1: USB disconnect, device number 12
[  222.990741][ T8448] netlink: 72 bytes leftover after parsing attributes in process `syz.3.806'.
[  223.055905][ T8448] netlink: 24 bytes leftover after parsing attributes in process `syz.3.806'.
[  223.468892][ T8451] cannot load conntrack support for proto=3
[  223.815315][ T8462] netlink: 830 bytes leftover after parsing attributes in process `syz.3.810'.
[  223.864710][ T8467] netlink: 12 bytes leftover after parsing attributes in process `syz.3.811'.
[  223.948359][ T8470] netlink: 173452 bytes leftover after parsing attributes in process `syz.3.811'.
[  224.938853][ T8492] virtio-fs: tag <(null)> not found
[  225.040669][ T5785] kernel write not supported for file /cpu/0/msr (pid: 5785 comm: kworker/0:3)
[  225.333224][ T8498] virtio-fs: tag <(null)> not found
[  225.340339][   T39] audit: type=1326 audit(1726623138.713:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8491 comm="syz.1.820" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x0
[  225.424475][ T5785] kernel write not supported for file /cpu/0/msr (pid: 5785 comm: kworker/0:3)
[  225.896755][ T8497] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  225.906039][ T8497] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  225.913633][ T8497] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  225.928295][ T8497] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  225.941034][ T8497] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  225.944269][ T8497] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  225.953470][ T8497] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  225.955154][ T8497] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  225.973746][ T8497] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  226.148289][ T8510] [U] ��rb�%�F
[  226.562434][ T8528] __nla_validate_parse: 1 callbacks suppressed
[  226.562445][ T8528] netlink: 12 bytes leftover after parsing attributes in process `syz.3.829'.
[  226.674085][ T8531] netlink: 173452 bytes leftover after parsing attributes in process `syz.3.829'.
[  227.357970][ T4779] Bluetooth: hci2: command 0x0406 tx timeout
[  227.393117][ T8543] netlink: 20 bytes leftover after parsing attributes in process `syz.1.832'.
[  227.562468][ T8554] sctp: [Deprecated]: syz.3.835 (pid 8554) Use of int in max_burst socket option deprecated.
[  227.562468][ T8554] Use struct sctp_assoc_value instead
[  227.604472][ T8559] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  227.607572][ T8559] overlayfs: missing 'lowerdir'
[  227.917509][ T4779] Bluetooth: hci1: command 0x0406 tx timeout
[  227.930417][ T8565] virtio-fs: tag <(null)> not found
[  227.943409][ T5785] kernel write not supported for file /cpu/0/msr (pid: 5785 comm: kworker/0:3)
[  227.996748][ T4779] Bluetooth: hci5: command 0x041b tx timeout
[  227.996766][ T5355] Bluetooth: hci6: command 0x0c1a tx timeout
[  228.144107][ T8568] netlink: 72 bytes leftover after parsing attributes in process `syz.3.838'.
[  228.216062][ T8568] netlink: 24 bytes leftover after parsing attributes in process `syz.3.838'.
[  228.240133][ T8570] netlink: 12 bytes leftover after parsing attributes in process `syz.1.839'.
[  228.310328][ T8571] netlink: 173452 bytes leftover after parsing attributes in process `syz.1.839'.
[  228.918394][ T5785] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[  229.133553][ T5785] usb 6-1: config 0 has no interfaces?
[  229.135103][ T5785] usb 6-1: New USB device found, idVendor=1668, idProduct=0323, bcdDevice=5f.ca
[  229.137800][ T5785] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.141571][ T5785] usb 6-1: config 0 descriptor??
[  229.351131][    T8] usb 6-1: USB disconnect, device number 12
[  229.436626][ T5355] Bluetooth: hci2: command 0x0406 tx timeout
[  229.928091][ T8593] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  230.008050][ T5355] Bluetooth: hci1: command 0x0406 tx timeout
[  230.076627][ T4779] Bluetooth: hci5: command 0x041b tx timeout
[  230.078254][ T5355] Bluetooth: hci6: command 0x0c1a tx timeout
[  230.197798][ T8608] netlink: 12 bytes leftover after parsing attributes in process `syz.2.850'.
[  230.286162][ T8609] netlink: 173452 bytes leftover after parsing attributes in process `syz.2.850'.
[  230.877204][ T8620] virtio-fs: tag <(null)> not found
[  230.920904][ T8621] netlink: 36 bytes leftover after parsing attributes in process `syz.3.854'.
[  230.932045][    T8] kernel write not supported for file /cpu/0/msr (pid: 8 comm: kworker/0:0)
[  231.136124][   T39] audit: type=1326 audit(1726623144.503:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.3.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7fc00000
[  231.577510][ T8630] netlink: 32 bytes leftover after parsing attributes in process `syz.2.856'.
[  231.583183][   T39] audit: type=1326 audit(1726623144.953:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.3.854" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7fb8579 code=0x7fc00000
[  231.603729][   T39] audit: type=1326 audit(1726623144.953:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.3.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7fc00000
[  231.632341][   T39] audit: type=1326 audit(1726623144.953:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.3.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7fc00000
[  231.647489][   T39] audit: type=1326 audit(1726623144.953:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.3.854" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8579 code=0x7fc00000
[  232.156641][ T5355] Bluetooth: hci6: command 0x0c1a tx timeout
[  232.460666][ T8639] netlink: 'syz.2.858': attribute type 4 has an invalid length.
[  232.526332][ T8639] netlink: 'syz.2.858': attribute type 4 has an invalid length.
[  233.545003][ T8676] virtio-fs: tag <(null)> not found
[  233.567141][ T1429] kernel write not supported for file /cpu/0/msr (pid: 1429 comm: kworker/2:2)
[  234.150332][ T8686] netlink: 72 bytes leftover after parsing attributes in process `syz.3.870'.
[  234.235299][ T8686] netlink: 24 bytes leftover after parsing attributes in process `syz.3.870'.
[  234.927034][ T8704] syz.0.875(8704): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  235.326616][   T58] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  235.507761][   T58] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  235.510105][   T58] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  235.512894][   T58] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  235.515257][   T58] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xF7, changing to 0x87
[  235.518579][   T58] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  235.522970][   T58] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  235.526541][   T58] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  235.528655][   T58] usb 5-1: Product: syz
[  235.529770][   T58] usb 5-1: Manufacturer: syz
[  235.542986][   T58] cdc_wdm 5-1:1.0: skipping garbage
[  235.544435][   T58] cdc_wdm 5-1:1.0: skipping garbage
[  235.547355][   T58] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  235.548979][   T58] cdc_wdm 5-1:1.0: Unknown control protocol
[  235.657889][ T8734] netlink: 72 bytes leftover after parsing attributes in process `syz.3.882'.
[  235.671895][ T8734] netlink: 24 bytes leftover after parsing attributes in process `syz.3.882'.
[  235.749303][   T58] usb 5-1: USB disconnect, device number 13
[  235.939287][ T1429] kernel write not supported for file /cpu/0/msr (pid: 1429 comm: kworker/2:2)
[  237.315212][ T8760] binder: BINDER_SET_CONTEXT_MGR already set
[  237.328535][ T8760] binder: 8758:8760 ioctl 4018620d 20000100 returned -16
[  237.539428][ T8773] netlink: 72 bytes leftover after parsing attributes in process `syz.2.892'.
[  237.569972][ T8773] netlink: 24 bytes leftover after parsing attributes in process `syz.2.892'.
[  237.636699][ T8772] netlink: 16 bytes leftover after parsing attributes in process `syz.0.891'.
[  237.712446][ T8781] netlink: 72 bytes leftover after parsing attributes in process `syz.1.894'.
[  237.787278][ T8781] netlink: 24 bytes leftover after parsing attributes in process `syz.1.894'.
[  237.821846][ T8783] netlink: 'syz.0.895': attribute type 3 has an invalid length.
[  237.824545][ T8783] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.895'.
[  237.996896][ T8786] sp0: Synchronizing with TNC
[  238.037905][ T8789] sp0: Found TNC
[  238.040892][ T8788] netlink: 84 bytes leftover after parsing attributes in process `syz.3.897'.
[  238.395016][ T8796] qrtr: Invalid version 48
[  238.563701][ T8801] netlink: 4 bytes leftover after parsing attributes in process `syz.3.901'.
[  238.598329][ T8801] netlink: 12 bytes leftover after parsing attributes in process `syz.3.901'.
[  238.751960][ T8784] [U] �`
[  239.079500][ T8810] virtio-fs: tag <(null)> not found
[  239.110350][ T5394] kernel write not supported for file /cpu/0/msr (pid: 5394 comm: kworker/1:3)
[  239.515779][ T8820] tipc: Can't bind to reserved service type 2
[  239.549123][ T8820] netlink: 16 bytes leftover after parsing attributes in process `syz.1.907'.
[  240.836905][ T8877] netlink: 'syz.3.923': attribute type 6 has an invalid length.
[  241.225005][   T39] audit: type=1326 audit(1726623154.593:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8886 comm="syz.2.926" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0
[  241.354351][ T8890] lo speed is unknown, defaulting to 1000
[  241.667902][ T8895] input: syz0 as /devices/virtual/input/input11
[  242.464765][ T8930] No control pipe specified
[  242.491439][ T8930] o2cb: This node has not been configured.
[  242.493859][ T8930] o2cb: Cluster check failed. Fix errors before retrying.
[  242.494519][ T8931] virtio-fs: tag <(null)> not found
[  242.495882][ T8930] (syz.1.938,8930,1):user_dlm_register:674 ERROR: status = -22
[  242.499435][ T8930] (syz.1.938,8930,1):dlmfs_mkdir:436 ERROR: Error -22 could not register domain "file0"
[  242.532616][ T1289] kernel write not supported for file /cpu/0/msr (pid: 1289 comm: kworker/1:2)
[  242.604832][ T8933] __nla_validate_parse: 5 callbacks suppressed
[  242.604842][ T8933] netlink: 4 bytes leftover after parsing attributes in process `syz.1.939'.
[  243.018786][ T5355] Bluetooth: hci2: unexpected event for opcode 0x0000
[  243.243962][ T8954] netlink: 12 bytes leftover after parsing attributes in process `syz.3.942'.
[  244.585740][ T8985] overlayfs: conflicting lowerdir path
[  246.016537][ T5785] psmouse serio2: Failed to reset mouse on : -5
[  246.673725][ T9041] netlink: 12 bytes leftover after parsing attributes in process `syz.3.968'.
[  246.684113][ T9041] netlink: 4 bytes leftover after parsing attributes in process `syz.3.968'.
[  247.037754][ T5355] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  247.041395][ T5355] Bluetooth: hci2: Injecting HCI hardware error event
[  247.046238][ T4779] Bluetooth: hci2: hardware error 0x00
[  247.164091][ T9063] netlink: 20 bytes leftover after parsing attributes in process `syz.0.975'.
[  247.791433][   T39] audit: type=1326 audit(1726623161.163:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9070 comm="syz.1.977" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x0
[  247.892952][ T9075] netlink: 76 bytes leftover after parsing attributes in process `syz.1.977'.
[  247.896866][ T9075] netlink: 12 bytes leftover after parsing attributes in process `syz.1.977'.
[  248.269243][ T9083] 9pnet_fd: Insufficient options for proto=fd
[  248.982420][ T9095] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  248.994449][ T9102] netlink: 12 bytes leftover after parsing attributes in process `syz.1.984'.
[  249.116707][ T4779] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  249.778090][ T5785] misc userio: Buffer overflowed, userio client isn't keeping up
[  251.019887][ T5785] input: PS/2 Generic Mouse as /devices/serio2/input/input12
[  251.236932][ T9171] netlink: 64 bytes leftover after parsing attributes in process `syz.1.996'.
[  251.256694][ T5785] psmouse serio2: Failed to enable mouse on 
[  251.356643][ T9174] netlink: 'syz.0.995': attribute type 21 has an invalid length.
[  251.398018][ T4779] Bluetooth: hci5: unexpected event for opcode 0x2012
[  251.882459][ T9187] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1000'.
[  251.929804][ T9187] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1000'.
[  251.934810][ T9187] netlink: 'syz.2.1000': attribute type 10 has an invalid length.
[  252.592190][ T9202] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1003'.
[  252.693340][   T39] audit: type=1326 audit(1726625744.070:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.707913][   T39] audit: type=1326 audit(1726625744.070:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.726796][   T39] audit: type=1326 audit(1726625744.070:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.749670][   T39] audit: type=1326 audit(1726625744.110:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9209 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.773033][   T39] audit: type=1326 audit(1726625744.110:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.781256][   T39] audit: type=1326 audit(1726625744.110:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.789220][   T39] audit: type=1326 audit(1726625744.140:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=26 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.797578][   T39] audit: type=1326 audit(1726625744.140:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf748e598 code=0x7ffc0000
[  252.805001][   T39] audit: type=1326 audit(1726625744.140:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.811541][   T39] audit: type=1326 audit(1726625744.140:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.811611][   T39] audit: type=1326 audit(1726625744.140:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=26 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.811711][   T39] audit: type=1326 audit(1726625744.140:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.811737][   T39] audit: type=1326 audit(1726625744.140:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.811761][   T39] audit: type=1326 audit(1726625744.140:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.811908][   T39] audit: type=1326 audit(1726625744.140:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.811976][   T39] audit: type=1326 audit(1726625744.140:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000
[  252.812094][   T39] audit: type=1326 audit(1726625744.150:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9204 comm="syz.1.1005" exe="/syz-executor" sig=0 arch=40000003 syscall=284 compat=1 ip=0xf748e579 code=0x7ffc0000
[  253.549603][ T9222] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1008'.
[  253.583482][ T9222] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1008'.
[  254.123472][   T65] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.277767][   T65] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.344256][ T9230] virtio-fs: tag <(null)> not found
[  254.428917][ T5355] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  254.437773][ T5355] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  254.450761][ T5355] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  254.453894][ T5355] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  254.455076][   T65] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.460292][ T5355] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  254.462701][ T5355] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  254.472497][   T10] kernel write not supported for file /cpu/0/msr (pid: 10 comm: kworker/0:1)
[  254.529537][ T9231] lo speed is unknown, defaulting to 1000
[  254.567768][   T65] bond0: (slave netdevsim0): Releasing backup interface
[  254.575750][   T65] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.780979][   T65] bridge_slave_1: left allmulticast mode
[  254.783065][   T65] bridge_slave_1: left promiscuous mode
[  254.785379][   T65] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.794477][   T65] bridge_slave_0: left allmulticast mode
[  254.795990][   T65] bridge_slave_0: left promiscuous mode
[  254.801248][   T65] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.826622][ T9234] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1014'.
[  254.889906][ T9242] input: syz0 as /devices/virtual/input/input13
[  255.284523][ T1378] ieee802154 phy0 wpan0: encryption failed: -22
[  255.286981][ T1378] ieee802154 phy1 wpan1: encryption failed: -22
[  255.304933][   T65] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  255.312711][   T65] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  255.318396][   T65] bond0 (unregistering): Released all slaves
[  255.428207][   T65] IPVS: stopping master sync thread 7957 ...
[  255.447199][ T4779] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  255.459801][ T4779] Bluetooth: hci5: Injecting HCI hardware error event
[  255.464878][ T4779] Bluetooth: hci5: hardware error 0x00
[  255.469942][ T9257] Cannot find set identified by id 0 to match
[  255.620715][ T9264] netlink: 288 bytes leftover after parsing attributes in process `syz.0.1019'.
[  255.681799][ T9231] chnl_net:caif_netlink_parms(): no params data found
[  255.887587][ T9231] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.894156][ T9231] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.898511][ T9231] bridge_slave_0: entered allmulticast mode
[  255.906182][ T9231] bridge_slave_0: entered promiscuous mode
[  255.932219][   T65] hsr_slave_0: left promiscuous mode
[  255.946664][   T65] hsr_slave_1: left promiscuous mode
[  255.953509][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.955521][   T65] batman_adv: batadv0: Removing interface: batadv_slave_0
[  255.967547][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.969507][   T65] batman_adv: batadv0: Removing interface: batadv_slave_1
[  256.021223][   T65] veth1_macvtap: left promiscuous mode
[  256.022870][   T65] veth0_macvtap: left promiscuous mode
[  256.024674][   T65] veth1_vlan: left promiscuous mode
[  256.026314][   T65] veth0_vlan: left promiscuous mode
[  256.282671][ T9283] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1023'.
[  256.484256][ T5355] Bluetooth: hci4: command tx timeout
[  256.527193][ T9285] netlink: 173452 bytes leftover after parsing attributes in process `syz.2.1023'.
[  257.388448][ T9299] syz.2.1026: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  257.388737][ T9299] CPU: 3 UID: 0 PID: 9299 Comm: syz.2.1026 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  257.388750][ T9299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  257.388756][ T9299] Call Trace:
[  257.388760][ T9299]  <TASK>
[  257.388765][ T9299]  dump_stack_lvl+0x16c/0x1f0
[  257.388862][ T9299]  warn_alloc+0x24d/0x3a0
[  257.388879][ T9299]  ? __pfx_warn_alloc+0x10/0x10
[  257.388892][ T9299]  ? stack_depot_save_flags+0x28/0x900
[  257.388928][ T9299]  ? kasan_save_stack+0x42/0x60
[  257.388939][ T9299]  ? kasan_save_stack+0x33/0x60
[  257.388949][ T9299]  ? kasan_save_track+0x14/0x30
[  257.388960][ T9299]  ? __kasan_kmalloc+0xaa/0xb0
[  257.388971][ T9299]  ? xskq_create+0x52/0x1d0
[  257.388982][ T9299]  ? xsk_setsockopt+0x8b0/0xac0
[  257.388999][ T9299]  ? __sys_setsockopt+0x1a4/0x270
[  257.389014][ T9299]  ? __ia32_sys_setsockopt+0xbc/0x160
[  257.389027][ T9299]  ? __do_fast_syscall_32+0x73/0x120
[  257.389041][ T9299]  __vmalloc_node_range_noprof+0x10a3/0x14e0
[  257.389059][ T9299]  ? xskq_create+0xfb/0x1d0
[  257.389076][ T9299]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  257.389093][ T9299]  ? xskq_create+0xfb/0x1d0
[  257.389104][ T9299]  vmalloc_user_noprof+0x6b/0x90
[  257.389117][ T9299]  ? xskq_create+0xfb/0x1d0
[  257.389127][ T9299]  xskq_create+0xfb/0x1d0
[  257.389139][ T9299]  xsk_setsockopt+0x8b0/0xac0
[  257.389162][ T9299]  ? __pfx_xsk_setsockopt+0x10/0x10
[  257.389182][ T9299]  ? __fget_files+0x23a/0x3f0
[  257.389198][ T9299]  ? __pfx_xsk_setsockopt+0x10/0x10
[  257.389216][ T9299]  do_sock_setsockopt+0x222/0x480
[  257.389234][ T9299]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  257.389252][ T9299]  ? __fget_files+0x244/0x3f0
[  257.389268][ T9299]  ? __fget_light+0x173/0x210
[  257.389285][ T9299]  __sys_setsockopt+0x1a4/0x270
[  257.389300][ T9299]  ? __pfx___sys_setsockopt+0x10/0x10
[  257.389333][ T9299]  ? kcov_ioctl+0x265/0x730
[  257.389357][ T9299]  __ia32_sys_setsockopt+0xbc/0x160
[  257.389371][ T9299]  ? lockdep_hardirqs_on+0x7c/0x110
[  257.389388][ T9299]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  257.389406][ T9299]  __do_fast_syscall_32+0x73/0x120
[  257.389419][ T9299]  do_fast_syscall_32+0x32/0x80
[  257.389431][ T9299]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  257.389444][ T9299] RIP: 0023:0xf744e579
[  257.389455][ T9299] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  257.389464][ T9299] RSP: 002b:00000000f571556c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  257.389476][ T9299] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 000000000000011b
[  257.389483][ T9299] RDX: 0000000000000002 RSI: 00000000200000c0 RDI: 0000000000000020
[  257.389489][ T9299] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  257.389496][ T9299] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  257.389502][ T9299] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  257.389514][ T9299]  </TASK>
[  257.389519][ T9299] Mem-Info:
[  257.389524][ T9299] active_anon:6296 inactive_anon:27 isolated_anon:0
[  257.389524][ T9299]  active_file:18390 inactive_file:28552 isolated_file:0
[  257.389524][ T9299]  unevictable:768 dirty:276 writeback:0
[  257.389524][ T9299]  slab_reclaimable:6415 slab_unreclaimable:63608
[  257.389524][ T9299]  mapped:23976 shmem:1045 pagetables:654
[  257.389524][ T9299]  sec_pagetables:321 bounce:0
[  257.389524][ T9299]  kernel_misc_reclaimable:0
[  257.389524][ T9299]  free:54143 free_pcp:351 free_cma:0
[  257.389550][ T9299] Node 0 active_anon:8kB inactive_anon:92kB active_file:0kB inactive_file:12kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:2748kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9360kB pagetables:1156kB sec_pagetables:1196kB all_unreclaimable? no
[  257.389573][ T9299] Node 1 active_anon:25176kB inactive_anon:16kB active_file:73560kB inactive_file:114196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:93156kB dirty:1100kB writeback:0kB shmem:2644kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2652kB pagetables:1460kB sec_pagetables:88kB all_unreclaimable? no
[  257.389597][ T9299] Node 0 DMA free:944kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:208kB local_pcp:128kB free_cma:0kB
[  257.389626][ T9299] lowmem_reserve[]: 0 275 0 0 0
[  257.389646][ T9299] Node 0 DMA32 free:21624kB boost:0kB min:14004kB low:17504kB high:21004kB reserved_highatomic:4096KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:12kB unevictable:1536kB writepending:4kB present:1032192kB managed:308312kB mlocked:0kB bounce:0kB free_pcp:640kB local_pcp:96kB free_cma:0kB
[  257.389675][ T9299] lowmem_reserve[]: 0 0 0 0 0
[  257.389695][ T9299] Node 1 DMA32 free:194004kB boost:2048kB min:49092kB low:60852kB high:72612kB reserved_highatomic:0KB active_anon:25176kB inactive_anon:16kB active_file:73560kB inactive_file:114196kB unevictable:1536kB writepending:1100kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:556kB local_pcp:96kB free_cma:0kB
[  257.389721][ T9299] lowmem_reserve[]: 0 0 0 0 0
[  257.389740][ T9299] Node 0 DMA: 6*4kB (U) 3*8kB (U) 0*16kB 28*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 944kB
[  257.389862][ T9299] Node 0 DMA32: 98*4kB (UMEH) 76*8kB (UMEH) 32*16kB (UMH) 78*32kB (UMEH) 36*64kB (UME) 14*128kB (ME) 5*256kB (UM) 8*512kB (UM) 4*1024kB (UM) 2*2048kB (UM) 0*4096kB = 21672kB
[  257.389957][ T9299] Node 1 DMA32: 1237*4kB (UME) 899*8kB (UME) 750*16kB (UME) 597*32kB (UME) 318*64kB (UME) 101*128kB (UME) 39*256kB (UME) 52*512kB (UM) 33*1024kB (UM) 7*2048kB (UM) 8*4096kB (UM) = 194028kB
[  257.390054][ T9299] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  257.390063][ T9299] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  257.390071][ T9299] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  257.390078][ T9299] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  257.390086][ T9299] 48667 total pagecache pages
[  257.390090][ T9299] 682 pages in swap cache
[  257.390093][ T9299] Free swap  = 116888kB
[  257.390097][ T9299] Total swap = 124996kB
[  257.390101][ T9299] 524155 pages RAM
[  257.390105][ T9299] 0 pages HighMem/MovableOnly
[  257.390108][ T9299] 206685 pages reserved
[  257.390112][ T9299] 0 pages cma reserved
[  257.457827][ T9293] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  257.518050][ T4779] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  257.753726][   T65] team0 (unregistering): Port device team_slave_1 removed
[  257.912837][   T65] team0 (unregistering): Port device team_slave_0 removed
[  258.379537][ T9317] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1032'.
[  258.477398][ T9318] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1031'.
[  258.570258][ T4779] Bluetooth: hci4: command tx timeout
[  258.607128][ T9322] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1033'.
[  258.770387][ T9324] netlink: 173452 bytes leftover after parsing attributes in process `syz.3.1033'.
[  259.340242][ T9231] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.342967][ T9231] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.345674][ T9231] bridge_slave_1: entered allmulticast mode
[  259.350208][ T9231] bridge_slave_1: entered promiscuous mode
[  259.386029][ T9317] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1032'.
[  259.390983][ T9318] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1031'.
[  259.540929][ T9231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  259.557959][ T9231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  259.694329][ T9231] team0: Port device team_slave_0 added
[  259.702970][ T9231] team0: Port device team_slave_1 added
[  259.775237][ T9231] batman_adv: batadv0: Adding interface: batadv_slave_0
[  259.778519][ T9231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.786552][ T9231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  259.792124][ T9231] batman_adv: batadv0: Adding interface: batadv_slave_1
[  259.794582][ T9231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.804107][ T9231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  259.875066][ T9231] hsr_slave_0: entered promiscuous mode
[  259.878606][ T9231] hsr_slave_1: entered promiscuous mode
[  259.881856][ T9231] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  259.884119][ T9231] Cannot create hsr debugfs directory
[  259.914240][ T9340] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1039'.
[  260.128235][ T1140] bond0: (slave netdevsim0): link status definitely down, disabling slave
[  260.537605][ T9231] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  260.552677][ T9231] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  260.558768][ T9231] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  260.569061][ T9231] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  260.646544][ T4779] Bluetooth: hci4: command tx timeout
[  260.660032][ T9231] 8021q: adding VLAN 0 to HW filter on device bond0
[  260.671669][ T9231] 8021q: adding VLAN 0 to HW filter on device team0
[  260.708343][ T6251] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.710434][ T6251] bridge0: port 1(bridge_slave_0) entered forwarding state
[  260.714962][ T6251] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.717582][ T6251] bridge0: port 2(bridge_slave_1) entered forwarding state
[  260.820576][ T9363] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1043'.
[  260.903045][ T9231] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.958206][ T9231] veth0_vlan: entered promiscuous mode
[  260.965986][ T9231] veth1_vlan: entered promiscuous mode
[  261.005618][ T9231] veth0_macvtap: entered promiscuous mode
[  261.019084][ T9231] veth1_macvtap: entered promiscuous mode
[  261.021594][ T9371] netlink: 173452 bytes leftover after parsing attributes in process `syz.3.1043'.
[  261.036383][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.040308][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.042927][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.045698][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.048521][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.051212][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.053789][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.059604][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.063666][ T9231] batman_adv: batadv0: Interface activated: batadv_slave_0
[  261.071074][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.073935][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.077295][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.080258][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.082946][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.085627][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.088541][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.091454][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.096665][ T9231] batman_adv: batadv0: Interface activated: batadv_slave_1
[  261.115997][ T9231] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  261.128747][ T9231] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  261.131695][ T9231] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  261.134507][ T9231] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  261.243123][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  261.245815][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  261.292201][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  261.296509][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  261.457008][   T58] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  261.675868][   T58] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  261.691377][   T58] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  261.697163][   T58] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  261.707355][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.737942][ T9374] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  261.742515][   T58] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  261.747162][ T9388] fuse: Bad value for 'group_id'
[  261.748544][ T9388] fuse: Bad value for 'group_id'
[  261.767867][ T9388] netlink: 16126 bytes leftover after parsing attributes in process `syz.2.1048'.
[  261.770510][ T9388] netlink: 183228 bytes leftover after parsing attributes in process `syz.2.1048'.
[  261.779076][ T9383] Process accounting resumed
[  262.091799][   T39] kauditd_printk_skb: 27 callbacks suppressed
[  262.091815][   T39] audit: type=1800 audit(1726625753.470:308): pid=9403 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1051" name="bus" dev="overlay" ino=42 res=0 errno=0
[  262.254123][ T9373] syz.0.1044 (9373): drop_caches: 1
[  262.273671][ T9373] syz.0.1044 (9373): drop_caches: 1
[  262.282197][ T5819] usb 5-1: USB disconnect, device number 14
[  262.316723][ T5394] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[  262.512408][ T5394] usb 7-1: config 0 has no interfaces?
[  262.514605][ T5394] usb 7-1: New USB device found, idVendor=1668, idProduct=0323, bcdDevice=5f.ca
[  262.518861][ T5394] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.523845][ T5394] usb 7-1: config 0 descriptor??
[  262.692681][ T9413] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1054'.
[  262.717191][ T4779] Bluetooth: hci4: command tx timeout
[  262.729165][ T5394] usb 7-1: USB disconnect, device number 8
[  263.197686][   T57] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  263.403060][   T57] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  263.406869][   T57] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  263.415327][   T57] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  263.419415][   T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  263.422631][   T57] usb 8-1: SerialNumber: syz
[  263.443051][   T57] usb 8-1: bad CDC descriptors
[  263.444702][ T9434] overlayfs: failed to resolve './file1': -2
[  263.644566][ T9439] netlink: 'syz.1.1058': attribute type 16 has an invalid length.
[  263.647178][ T9439] __nla_validate_parse: 1 callbacks suppressed
[  263.647186][ T9439] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1058'.
[  263.651811][ T9439] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.660052][ T5394] usb 8-1: USB disconnect, device number 13
[  264.434123][ T9454] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1063'.
[  264.634987][ T9464] fuse: Bad value for 'user_id'
[  264.636484][ T9464] fuse: Bad value for 'user_id'
[  264.852273][ T3210] Bluetooth: hci6: Frame reassembly failed (-84)
[  265.138798][ T9474] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  265.162622][ T9474] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  265.726601][   T58] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  265.806661][   T57] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  265.874614][ T9487] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  265.896609][   T58] usb 6-1: device descriptor read/64, error -71
[  265.946418][ T9488] iou-wrk-9487 (9488): drop_caches: 1
[  265.996670][   T57] usb 8-1: Using ep0 maxpacket: 8
[  266.004467][   T57] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  266.007084][   T57] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.009308][   T57] usb 8-1: Product: ဇ
[  266.010474][   T57] usb 8-1: Manufacturer: у
[  266.011671][   T57] usb 8-1: SerialNumber: Д
[  266.166567][   T58] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  266.256646][ T9478] input: syz0 as /devices/virtual/input/input14
[  266.326658][   T58] usb 6-1: device descriptor read/64, error -71
[  266.446903][   T58] usb usb6-port1: attempt power cycle
[  266.876738][ T4779] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  266.877596][ T5355] Bluetooth: hci6: command 0x1003 tx timeout
[  266.880276][   T58] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  266.929481][   T58] usb 6-1: device descriptor read/8, error -71
[  267.018055][ T9503] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1077'.
[  267.216563][   T58] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  267.249115][   T58] usb 6-1: device descriptor read/8, error -71
[  267.369067][   T58] usb usb6-port1: unable to enumerate USB device
[  268.681334][   T57] cdc_ncm 8-1:1.0: bind() failure
[  268.684664][   T57] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[  268.687041][   T57] cdc_ncm 8-1:1.1: bind() failure
[  268.703686][   T57] usb 8-1: USB disconnect, device number 14
[  268.972613][ T9537] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1086'.
[  269.570317][ T9555] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1091'.
[  269.581950][ T9555] FAULT_INJECTION: forcing a failure.
[  269.581950][ T9555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.587450][ T9555] CPU: 2 UID: 0 PID: 9555 Comm: syz.1.1091 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  269.591413][ T9555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  269.595603][ T9555] Call Trace:
[  269.596831][ T9555]  <TASK>
[  269.597929][ T9555]  dump_stack_lvl+0x16c/0x1f0
[  269.599670][ T9555]  should_fail_ex+0x497/0x5b0
[  269.601526][ T9555]  _copy_from_iter+0x29b/0x13f0
[  269.603347][ T9555]  ? __alloc_skb+0x200/0x380
[  269.605135][ T9555]  ? __pfx__copy_from_iter+0x10/0x10
[  269.607307][ T9555]  ? __virt_addr_valid+0x5e/0x590
[  269.609384][ T9555]  ? __phys_addr_symbol+0x30/0x80
[  269.611290][ T9555]  ? __check_object_size+0x497/0x720
[  269.613240][ T9555]  netlink_sendmsg+0x813/0xd70
[  269.614988][ T9555]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.616954][ T9555]  ____sys_sendmsg+0x9ae/0xb40
[  269.618739][ T9555]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.620755][ T9555]  ? get_compat_msghdr+0x11b/0x170
[  269.622808][ T9555]  ? __pfx___lock_acquire+0x10/0x10
[  269.624912][ T9555]  ___sys_sendmsg+0x135/0x1e0
[  269.626824][ T9555]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.628804][ T9555]  ? find_held_lock+0x2d/0x110
[  269.630587][ T9555]  ? ksys_write+0x21c/0x260
[  269.632268][ T9555]  ? __fget_light+0x173/0x210
[  269.634015][ T9555]  __sys_sendmsg+0x117/0x1f0
[  269.635778][ T9555]  ? __pfx___sys_sendmsg+0x10/0x10
[  269.637778][ T9555]  __do_fast_syscall_32+0x73/0x120
[  269.639841][ T9555]  do_fast_syscall_32+0x32/0x80
[  269.641939][ T9555]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  269.644364][ T9555] RIP: 0023:0xf7f30579
[  269.645868][ T9555] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  269.652692][ T9555] RSP: 002b:00000000f569556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  269.655718][ T9555] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000340
[  269.658586][ T9555] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  269.661516][ T9555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  269.664788][ T9555] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  269.667875][ T9555] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  269.670900][ T9555]  </TASK>
[  269.674705][ T9560] netlink: 'syz.1.1091': attribute type 10 has an invalid length.
[  269.685248][ T9559] virtio-fs: tag <(null)> not found
[  269.726794][   T10] kernel write not supported for file /cpu/0/msr (pid: 10 comm: kworker/0:1)
[  269.742972][ T9560] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  270.672503][ T9584] 9p: Unknown Cache mode or invalid value mmapA
[  270.750117][ T9586] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1102'.
[  271.367915][   T39] audit: type=1326 audit(1726625762.750:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9593 comm="syz.0.1104" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0
[  271.684536][ T9597] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1105'.
[  271.697403][ T9597] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1105'.
[  271.850702][ T9601] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1106'.
[  271.880016][ T9601] FAULT_INJECTION: forcing a failure.
[  271.880016][ T9601] name failslab, interval 1, probability 0, space 0, times 0
[  271.884820][ T9601] CPU: 2 UID: 0 PID: 9601 Comm: syz.1.1106 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  271.888514][ T9601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  271.892007][ T9601] Call Trace:
[  271.893098][ T9601]  <TASK>
[  271.894201][ T9601]  dump_stack_lvl+0x16c/0x1f0
[  271.895986][ T9601]  should_fail_ex+0x497/0x5b0
[  271.897855][ T9601]  should_failslab+0xc2/0x120
[  271.899602][ T9601]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  271.901587][ T9601]  ? skb_clone+0x190/0x3f0
[  271.903208][ T9601]  skb_clone+0x190/0x3f0
[  271.904745][ T9601]  netlink_deliver_tap+0xb26/0xcf0
[  271.906149][ T9601]  netlink_unicast+0x5e1/0x7f0
[  271.907415][ T9601]  ? __pfx_netlink_unicast+0x10/0x10
[  271.908837][ T9601]  ? __phys_addr_symbol+0x30/0x80
[  271.910444][ T9601]  ? __check_object_size+0x4b0/0x720
[  271.912375][ T9601]  netlink_sendmsg+0x8b8/0xd70
[  271.914137][ T9601]  ? __pfx_netlink_sendmsg+0x10/0x10
[  271.916053][ T9601]  ____sys_sendmsg+0x9ae/0xb40
[  271.917823][ T9601]  ? __pfx_____sys_sendmsg+0x10/0x10
[  271.919747][ T9601]  ? get_compat_msghdr+0x11b/0x170
[  271.921572][ T9601]  ? __pfx___lock_acquire+0x10/0x10
[  271.923406][ T9601]  ___sys_sendmsg+0x135/0x1e0
[  271.925083][ T9601]  ? __pfx____sys_sendmsg+0x10/0x10
[  271.926911][ T9601]  ? find_held_lock+0x2d/0x110
[  271.928684][ T9601]  ? ksys_write+0x21c/0x260
[  271.930365][ T9601]  ? __fget_light+0x173/0x210
[  271.932077][ T9601]  __sys_sendmsg+0x117/0x1f0
[  271.933795][ T9601]  ? __pfx___sys_sendmsg+0x10/0x10
[  271.935684][ T9601]  __do_fast_syscall_32+0x73/0x120
[  271.937512][ T9601]  do_fast_syscall_32+0x32/0x80
[  271.939216][ T9601]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  271.941385][ T9601] RIP: 0023:0xf7f30579
[  271.942886][ T9601] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  271.949742][ T9601] RSP: 002b:00000000f569556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  271.952760][ T9601] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000340
[  271.955625][ T9601] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  271.958575][ T9601] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  271.961494][ T9601] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  271.964381][ T9601] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  271.966690][ T9601]  </TASK>
[  271.968956][ T9601] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1106'.
[  271.977951][ T9602] netlink: 'syz.1.1106': attribute type 10 has an invalid length.
[  272.008948][ T3210] bond0: (slave netdevsim0): link status definitely down, disabling slave
[  272.513370][ T9619] Device name cannot be null; rc = [-22]
[  272.685570][ T9635] overlay: Unknown parameter 'smackfsdef'
[  273.086205][ T9651] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1118'.
[  273.108565][ T9651] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1118'.
[  273.121556][ T9651] netlink: 'syz.0.1118': attribute type 10 has an invalid length.
[  273.610511][ T9665] ata3.00: invalid multi_count 1 ignored
[  273.813617][ T9679] lo speed is unknown, defaulting to 1000
[  274.257283][   T10] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  274.443269][   T10] usb 7-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d
[  274.453032][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.458962][   T10] usb 7-1: config 0 descriptor??
[  274.498248][ T9701] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1132'.
[  274.726361][ T9685] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[  274.731523][ T9685] PKCS7: Only support pkcs7_signedData type
[  274.745075][   T10] hackrf 7-1:0.0: usb_control_msg() failed -71 request 0e
[  274.747533][   T10] hackrf 7-1:0.0: Could not detect board
[  274.750131][   T10] hackrf 7-1:0.0: probe with driver hackrf failed with error -71
[  274.756282][   T10] usb 7-1: USB disconnect, device number 9
[  276.167044][ T9741] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1142'.
[  277.138415][ T9765] No control pipe specified
[  278.132472][ T9782] smc: ib device syz1 ibport 1 erased user defined pnetid SYZ0
[  278.281734][ T9789] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1153'.
[  278.292995][ T9790] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1154'.
[  278.321879][ T9790] netlink: 'syz.1.1154': attribute type 10 has an invalid length.
[  278.376031][ T9789] netlink: 'syz.0.1153': attribute type 10 has an invalid length.
[  278.574418][ T9791] input: syz1 as /devices/virtual/input/input15
[  279.007044][ T9799] netlink: 'syz.2.1157': attribute type 2 has an invalid length.
[  279.050717][ T9799] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1157'.
[  279.125523][ T9799] fuse: Bad value for 'group_id'
[  279.127037][ T9799] fuse: Bad value for 'group_id'
[  279.531810][ T9812] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  279.562910][ T9813] lo speed is unknown, defaulting to 1000
[  279.590226][ T9816] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1163'.
[  280.256680][   T39] audit: type=1326 audit(1726625771.630:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.1.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7fc00000
[  280.276221][   T39] audit: type=1326 audit(1726625771.630:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.1.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f30579 code=0x7fc00000
[  280.284243][   T39] audit: type=1326 audit(1726625771.630:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.1.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7fc00000
[  280.304325][   T39] audit: type=1326 audit(1726625771.640:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.1.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7fc00000
[  280.320060][   T39] audit: type=1326 audit(1726625771.640:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.1.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7fc00000
[  280.328403][   T39] audit: type=1326 audit(1726625771.640:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.1.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7fc00000
[  280.335953][   T39] audit: type=1326 audit(1726625771.640:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.1.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7fc00000
[  280.344558][   T39] audit: type=1326 audit(1726625771.640:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.1.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7fc00000
[  280.352929][   T39] audit: type=1326 audit(1726625771.640:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.1.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7fc00000
[  280.360922][   T39] audit: type=1326 audit(1726625771.650:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.1.1162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7fc00000
[  281.071587][ T9842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x20564 pfn:0x6af20
[  281.074489][ T9842] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  281.087697][ T9842] raw: 04fff00000000000 ffffea0001abc848 ffffea0001ace7c8 0000000000000000
[  281.090638][ T9842] raw: 0000000000020564 0000000000000000 00000000ffffffff 0000000000000000
[  281.092896][ T9842] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u))
[  281.095606][ T9842] page_owner tracks the page as freed
[  281.110320][ T9842] page last allocated via order 0, migratetype Movable, gfp_mask 0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), pid 9788, tgid 9787 (syz.3.1155), ts 279078134210, free_ts 279202285354
[  281.123306][ T9842]  post_alloc_hook+0x2d1/0x350
[  281.124625][ T9842]  get_page_from_freelist+0x1351/0x2e50
[  281.126167][ T9842]  __alloc_pages_noprof+0x22b/0x2460
[  281.127618][ T9842]  alloc_pages_mpol_noprof+0x275/0x610
[  281.129206][ T9842]  folio_alloc_mpol_noprof+0x36/0xd0
[  281.131376][ T9842]  vma_alloc_folio_noprof+0xee/0x1b0
[  281.132813][ T9842]  do_wp_page+0xf59/0x3360
[  281.134020][ T9842]  __handle_mm_fault+0x23c4/0x5470
[  281.135934][ T9842]  handle_mm_fault+0x498/0xa60
[  281.144963][ T9842]  do_user_addr_fault+0x7a3/0x13f0
[  281.146674][ T9842]  exc_page_fault+0x5c/0xc0
[  281.147893][ T9842]  asm_exc_page_fault+0x26/0x30
[  281.149202][ T9842] page last free pid 9788 tgid 9787 stack trace:
[  281.150873][ T9842]  free_unref_folios+0x9e9/0x1390
[  281.155569][ T9842]  folios_put_refs+0x560/0x760
[  281.160800][ T9842]  free_pages_and_swap_cache+0x36d/0x510
[  281.165628][ T9842]  __tlb_batch_free_encoded_pages+0xf9/0x290
[  281.167998][ T9842]  tlb_flush_mmu+0xe9/0x590
[  281.169629][ T9842]  unmap_page_range+0x1c74/0x3bf0
[  281.171128][ T9842]  unmap_single_vma+0x194/0x2b0
[  281.174305][ T9842]  unmap_vmas+0x22f/0x490
[  281.175475][ T9842]  exit_mmap+0x1b8/0xb20
[  281.182944][ T9842]  __mmput+0x12a/0x480
[  281.184088][ T9842]  mmput+0x62/0x70
[  281.185189][ T9842]  do_exit+0x9bf/0x2bb0
[  281.186306][ T9842]  do_group_exit+0xd3/0x2a0
[  281.190181][ T9842]  get_signal+0x2658/0x26d0
[  281.191404][ T9842]  arch_do_signal_or_restart+0x90/0x7e0
[  281.192869][ T9842]  syscall_exit_to_user_mode+0x150/0x2a0
[  281.196734][ T9842] ------------[ cut here ]------------
[  281.198224][ T9842] kernel BUG at include/linux/mm.h:1460!
[  281.200441][ T9842] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  281.203678][ T9842] CPU: 0 UID: 0 PID: 9842 Comm: syz.0.1168 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0
[  281.207671][ T9842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  281.210464][ T9842] RIP: 0010:__iov_iter_get_pages_alloc+0x1d1e/0x2240
[  281.212315][ T9842] Code: b0 8b 48 89 df e8 32 4b 4e fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 f2 db 09 fd 48 c7 c6 20 44 b0 8b 4c 89 e7 e8 13 4b 4e fd 90 <0f> 0b e8 db db 09 fd 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  281.217677][ T9842] RSP: 0018:ffffc90000efe028 EFLAGS: 00010246
[  281.219476][ T9842] RAX: 0000000000040000 RBX: 000000000000000c RCX: ffffc900270a3000
[  281.221653][ T9842] RDX: 0000000000040000 RSI: ffffffff848148dd RDI: ffff88802348ccc4
[  281.223894][ T9842] RBP: ffffea0001abc834 R08: 0000000000000001 R09: fffffbfff2d27911
[  281.225962][ T9842] R10: ffffffff9693c88f R11: ffff88802b628a40 R12: ffffea0001abc800
[  281.228047][ T9842] R13: ffff888023635400 R14: 0000000000001000 R15: 0000000000001000
[  281.230040][ T9842] FS:  0000000000000000(0000) GS:ffff88802b600000(0063) knlGS:00000000f5705b40
[  281.232358][ T9842] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  281.234089][ T9842] CR2: 0000000020ff7000 CR3: 0000000060d3e000 CR4: 0000000000350ef0
[  281.236159][ T9842] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  281.238523][ T9842] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  281.240748][ T9842] Call Trace:
[  281.241773][ T9842]  <TASK>
[  281.242647][ T9842]  ? show_regs+0x8c/0xa0
[  281.243842][ T9842]  ? die+0x36/0xa0
[  281.244830][ T9842]  ? do_trap+0x232/0x430
[  281.245976][ T9842]  ? __iov_iter_get_pages_alloc+0x1d1e/0x2240
[  281.247636][ T9842]  ? __iov_iter_get_pages_alloc+0x1d1e/0x2240
[  281.249360][ T9842]  ? do_error_trap+0xf4/0x230
[  281.250678][ T9842]  ? __iov_iter_get_pages_alloc+0x1d1e/0x2240
[  281.252264][ T9842]  ? handle_invalid_op+0x34/0x40
[  281.253739][ T9842]  ? __iov_iter_get_pages_alloc+0x1d1e/0x2240
[  281.255353][ T9842]  ? exc_invalid_op+0x2e/0x50
[  281.256635][ T9842]  ? asm_exc_invalid_op+0x1a/0x20
[  281.258120][ T9842]  ? __iov_iter_get_pages_alloc+0x1d1d/0x2240
[  281.259664][ T9842]  ? __iov_iter_get_pages_alloc+0x1d1e/0x2240
[  281.261257][ T9842]  ? __iov_iter_get_pages_alloc+0x1d1d/0x2240
[  281.262840][ T9842]  ? __pfx___iov_iter_get_pages_alloc+0x10/0x10
[  281.264586][ T9842]  ? delete_node+0x207/0x8e0
[  281.266126][ T9842]  iov_iter_get_pages_alloc2+0x53/0xf0
[  281.267564][ T9842]  p9_get_mapped_pages.part.0.constprop.0+0x4ca/0x7d0
[  281.269346][ T9842]  ? p9pdu_vwritef+0x368/0x21d0
[  281.270607][ T9842]  ? __pfx_p9_get_mapped_pages.part.0.constprop.0+0x10/0x10
[  281.272670][ T9842]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  281.274146][ T9842]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  281.275621][ T9842]  ? p9_tag_alloc+0x4cc/0x870
[  281.277058][ T9842]  ? __pfx_lock_release+0x4/0x10
[  281.278518][ T9842]  p9_virtio_zc_request+0x991/0x1460
[  281.279887][ T9842]  ? p9pdu_writef+0xc4/0x100
[  281.281130][ T9842]  ? __pfx_p9pdu_writef+0x10/0x10
[  281.282464][ T9842]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  281.284098][ T9842]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  281.285620][ T9842]  ? rcu_is_watching+0x12/0xc0
[  281.286902][ T9842]  ? trace_9p_protocol_dump+0x192/0x220
[  281.288363][ T9842]  ? rcu_is_watching+0x12/0xc0
[  281.289635][ T9842]  ? p9_client_prepare_req+0x111/0x4d0
[  281.291090][ T9842]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  281.292708][ T9842]  p9_client_zc_rpc.constprop.0+0x29a/0x880
[  281.294388][ T9842]  ? __pfx_p9_client_zc_rpc.constprop.0+0x10/0x10
[  281.296095][ T9842]  ? find_held_lock+0x2d/0x110
[  281.297309][ T9842]  ? netfs_load_buffer_from_ra.isra.0+0x737/0x12f0
[  281.298899][ T9842]  ? __pfx_lock_release+0x10/0x10
[  281.300200][ T9842]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  281.301655][ T9842]  p9_client_read_once+0x443/0x820
[  281.302953][ T9842]  ? __pfx_p9_client_read_once+0x10/0x10
[  281.304336][ T9842]  p9_client_read+0x13f/0x1b0
[  281.305551][ T9842]  v9fs_issue_read+0x115/0x310
[  281.306791][ T9842]  ? __pfx_v9fs_issue_read+0x10/0x10
[  281.308100][ T9842]  netfs_read_to_pagecache+0x5c9/0x9a0
[  281.309524][ T9842]  netfs_readahead+0x7fa/0xaa0
[  281.310753][ T9842]  ? __pfx_netfs_readahead+0x10/0x10
[  281.312074][ T9842]  read_pages+0x1a8/0xd80
[  281.313193][ T9842]  ? const_folio_flags+0x71/0x1f0
[  281.314417][ T9842]  ? __pfx_read_pages+0x10/0x10
[  281.315587][ T9842]  ? find_held_lock+0x2d/0x110
[  281.316906][ T9842]  page_cache_ra_unbounded+0x2d8/0x5a0
[  281.318476][ T9842]  page_cache_ra_order+0x6b5/0xb80
[  281.319765][ T9842]  page_cache_async_ra+0x5cb/0x820
[  281.321120][ T9842]  filemap_get_pages+0x351/0x1830
[  281.322447][ T9842]  ? ktime_get_coarse_real_ts64+0x1b7/0x200
[  281.324003][ T9842]  ? atime_needs_update+0xd1/0x7c0
[  281.325370][ T9842]  ? __pfx_filemap_get_pages+0x10/0x10
[  281.326779][ T9842]  ? __pfx___might_resched+0x10/0x10
[  281.328151][ T9842]  filemap_read+0x3a9/0xd00
[  281.329292][ T9842]  ? __pfx_filemap_read+0x10/0x10
[  281.330537][ T9842]  ? __pfx___up_read+0x10/0x10
[  281.331717][ T9842]  netfs_buffered_read_iter+0x117/0x190
[  281.333125][ T9842]  netfs_file_read_iter+0x10f/0x190
[  281.334521][ T9842]  v9fs_file_read_iter+0x9b/0x100
[  281.335913][ T9842]  __kernel_read+0x3f1/0xb50
[  281.337294][ T9842]  ? __pfx___kernel_read+0x10/0x10
[  281.338666][ T9842]  ? kernel_fpu_begin_mask+0x168/0x270
[  281.340092][ T9842]  integrity_kernel_read+0x7f/0xb0
[  281.341419][ T9842]  ? __pfx_integrity_kernel_read+0x10/0x10
[  281.342874][ T9842]  ? _sha256_update+0x93/0x220
[  281.344113][ T9842]  ? __pfx_sha256_ni_transform+0x10/0x10
[  281.345537][ T9842]  ? kasan_save_track+0x14/0x30
[  281.347000][ T9842]  ima_calc_file_hash_tfm+0x2c9/0x3e0
[  281.348323][ T9842]  ? __pfx_ima_calc_file_hash_tfm+0x10/0x10
[  281.349800][ T9842]  ? arch_stack_walk+0x118/0x170
[  281.351169][ T9842]  ? generic_fillattr+0x663/0x8c0
[  281.352593][ T9842]  ? ima_alloc_tfm+0x21d/0x2d0
[  281.353952][ T9842]  ima_calc_file_hash+0x1ba/0x490
[  281.355305][ T9842]  ima_collect_measurement+0x8a7/0xa10
[  281.356756][ T9842]  ? __pfx_ima_collect_measurement+0x10/0x10
[  281.358285][ T9842]  ? lock_acquire+0x1f2/0x560
[  281.359461][ T9842]  ? rcu_is_watching+0x12/0xc0
[  281.360744][ T9842]  ? trace_contention_end+0xea/0x140
[  281.362039][ T9842]  ? is_bad_inode+0xd/0x40
[  281.363131][ T9842]  ? xattr_resolve_name+0x27b/0x3f0
[  281.364433][ T9842]  ? vfs_getxattr_alloc+0xf1/0x340
[  281.365730][ T9842]  ? ima_get_hash_algo+0x27d/0x410
[  281.367014][ T9842]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  281.368379][ T9842]  ? process_measurement+0x1271/0x2370
[  281.369691][ T9842]  process_measurement+0x1271/0x2370
[  281.371203][ T9842]  ? __pfx_process_measurement+0x10/0x10
[  281.373032][ T9842]  ? lock_acquire+0x1b1/0x560
[  281.374312][ T9842]  ? find_held_lock+0x2d/0x110
[  281.375470][ T9842]  ? v9fs_open_fid_add+0x102/0x190
[  281.376709][ T9842]  ? __pfx_lock_release+0x10/0x10
[  281.378002][ T9842]  ? do_raw_spin_lock+0x12d/0x2c0
[  281.379245][ T9842]  ? __pfx_v9fs_file_open+0x10/0x10
[  281.380505][ T9842]  ? bpf_lsm_file_open+0x9/0x10
[  281.381709][ T9842]  ? inode_to_bdi+0x9e/0x160
[  281.382839][ T9842]  ima_file_check+0xc1/0x110
[  281.383952][ T9842]  ? __pfx_ima_file_check+0x10/0x10
[  281.385215][ T9842]  ? inode_permission+0xdd/0x5f0
[  281.386422][ T9842]  security_file_post_open+0x8e/0x210
[  281.387723][ T9842]  path_openat+0x1419/0x2d60
[  281.388879][ T9842]  ? __pfx_path_openat+0x10/0x10
[  281.390126][ T9842]  ? __pfx___lock_acquire+0x10/0x10
[  281.391381][ T9842]  ? find_held_lock+0x2d/0x110
[  281.392525][ T9842]  do_filp_open+0x1dc/0x430
[  281.393692][ T9842]  ? __pfx_do_filp_open+0x10/0x10
[  281.395078][ T9842]  ? find_held_lock+0x2d/0x110
[  281.396403][ T9842]  ? _raw_spin_unlock+0x28/0x50
[  281.397645][ T9842]  ? alloc_fd+0x2d7/0x6c0
[  281.398788][ T9842]  do_sys_openat2+0x17a/0x1e0
[  281.400171][ T9842]  ? __pfx_do_sys_openat2+0x10/0x10
[  281.401580][ T9842]  __ia32_compat_sys_openat+0x16e/0x210
[  281.403076][ T9842]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[  281.404582][ T9842]  __do_fast_syscall_32+0x73/0x120
[  281.405858][ T9842]  do_fast_syscall_32+0x32/0x80
[  281.407073][ T9842]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  281.408577][ T9842] RIP: 0023:0xf743e579
[  281.409630][ T9842] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  281.410537][ T9826] rfkill: input handler enabled
[  281.414729][ T9842] RSP: 002b:00000000f570556c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[  281.418801][ T9842] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000280
[  281.420860][ T9842] RDX: 000000000000275a RSI: 0000000000000000 RDI: 0000000000000000
[  281.422932][ T9842] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  281.425151][ T9842] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  281.427262][ T9842] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  281.429390][ T9842]  </TASK>
[  281.430217][ T9842] Modules linked in:
[  281.437188][ T9842] ---[ end trace 0000000000000000 ]---
[  281.438695][ T9842] RIP: 0010:__iov_iter_get_pages_alloc+0x1d1e/0x2240
[  281.440569][ T9842] Code: b0 8b 48 89 df e8 32 4b 4e fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 f2 db 09 fd 48 c7 c6 20 44 b0 8b 4c 89 e7 e8 13 4b 4e fd 90 <0f> 0b e8 db db 09 fd 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c
[  281.446304][ T9842] RSP: 0018:ffffc90000efe028 EFLAGS: 00010246
[  281.448912][ T9842] RAX: 0000000000040000 RBX: 000000000000000c RCX: ffffc900270a3000
[  281.451018][ T9842] RDX: 0000000000040000 RSI: ffffffff848148dd RDI: ffff88802348ccc4
[  281.453150][ T9842] RBP: ffffea0001abc834 R08: 0000000000000001 R09: fffffbfff2d27911
[  281.455258][ T9842] R10: ffffffff9693c88f R11: ffff88802b628a40 R12: ffffea0001abc800
[  281.457422][ T9842] R13: ffff888023635400 R14: 0000000000001000 R15: 0000000000001000
[  281.459520][ T9842] FS:  0000000000000000(0000) GS:ffff88802b700000(0063) knlGS:00000000f5705b40
[  281.461870][ T9842] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  281.463606][ T9842] CR2: 0000000057f3b4ac CR3: 0000000060d3e000 CR4: 0000000000350ef0
[  281.465684][ T9842] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  281.469276][ T9842] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  281.471399][ T9842] Kernel panic - not syncing: Fatal exception
[  281.473427][ T9842] Kernel Offset: disabled
[  281.474575][ T9842] Rebooting in 86400 seconds..

VM DIAGNOSIS:
01:28:58  Registers:
info registers vcpu 0

CPU#0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff84fcd470 RDI=ffffffff9a5e9460 RBP=ffffffff9a5e9420 RSP=ffffc90000efd9a8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6e69203a73706f4f
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff34bd2de R15=dffffc0000000000
RIP=ffffffff84fcd497 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020ff7000 CR3=0000000060d3e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffea0001fb2e00 RCX=ffffffff81d9592c RDX=ffff88801c3ca440
RSI=0000000000000000 RDI=0000000000000007 RBP=ffffea0001fb2d88 RSP=ffffc9000343fb00
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000001 R14=ffffea0001fb2e30 R15=0000000000000001
RIP=ffffffff818b2582 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f465a88ed00 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000056376dca9000 CR3=0000000042e18000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=5571481f5571481f 5571481f5571481f 5571481f5571481f 5571481f5571481f 5571481f5571481f 5571481f5571481f 5571481f5571481f 5571481f5571481f
ZMM22=4c951d264c951d26 4c951d264c951d26 4c951d264c951d26 4c951d264c951d26 4c951d264c951d26 4c951d264c951d26 4c951d264c951d26 4c951d264c951d26
ZMM23=d716793ed716793e d716793ed716793e d716793ed716793e d716793ed716793e d716793ed716793e d716793ed716793e d716793ed716793e d716793ed716793e
ZMM24=3e09089d3e09089d 3e09089d3e09089d 3e09089d3e09089d 3e09089d3e09089d 3e09089d3e09089d 3e09089d3e09089d 3e09089d3e09089d 3e09089d3e09089d
ZMM25=40d2c28b40d2c28b 40d2c28b40d2c28b 40d2c28b40d2c28b 40d2c28b40d2c28b 40d2c28b40d2c28b 40d2c28b40d2c28b 40d2c28b40d2c28b 40d2c28b40d2c28b
ZMM26=0283def90283def9 0283def90283def9 0283def90283def9 0283def90283def9 0283def90283def9 0283def90283def9 0283def90283def9 0283def90283def9
ZMM27=67701ebd67701ebd 67701ebd67701ebd 67701ebd67701ebd 67701ebd67701ebd 67701ebd67701ebd 67701ebd67701ebd 67701ebd67701ebd 67701ebd67701ebd
ZMM28=000000700000006f 0000006e0000006d 0000006c0000006b 0000006a00000069 0000006800000067 0000006600000065 0000006400000063 0000006200000061
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=b7080000b7080000 b7080000b7080000 b7080000b7080000 b7080000b7080000 b7080000b7080000 b7080000b7080000 b7080000b7080000 b7080000b7080000
info registers vcpu 2

CPU#2
RAX=000000000031bb24 RBX=0000000000000002 RCX=ffffffff8b094f29 RDX=ffffed1005706fda
RSI=ffffffff8bb09d00 RDI=ffffffff816353dc RBP=ffffed10037e8000 RSP=ffffc90000487e08
R8 =0000000000000000 R9 =ffffed1005706fd9 R10=ffff88802b837ecb R11=ffff88801bebbc00
R12=0000000000000002 R13=ffff88801bf40000 R14=ffffffff901b3398 R15=0000000000000000
RIP=ffffffff8b09630f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f74311e8 CR3=000000000db7c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000080000001 RBX=ffffffff90a12aa8 RCX=ffffffff813c9334 RDX=ffff88802496a440
RSI=ffffffff8b201e90 RDI=0000000000000006 RBP=ffffffff90a12ac0 RSP=ffffc900266feff0
R8 =0000000000000006 R9 =ffffffff8b201e90 R10=ffffffff8b201e99 R11=ffffffff8b4e58c0
R12=ffffffff8b201e90 R13=ffffffff8b201e99 R14=dffffc0000000000 R15=ffffffff90a12ab4
RIP=ffffffff818b24d8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b900000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002cc11ff8 CR3=00000000750de000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000