last executing test programs:

37.641869469s ago: executing program 2 (id=424):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="00001000252155b21c0012000c000100626f6e64"], 0x3c}}, 0x40000) (async)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c000000100003050000003efcffffff00000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e64000000000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x3, 0x4) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) (async)
r6 = socket$packet(0x11, 0x2, 0x300)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000180)=r7, 0x4)
syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0) (async, rerun: 32)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x59) (async, rerun: 32)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r9, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r9, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r9, 0x11a, 0x1, &(0x7f0000000280)=@gcm_256={{0x304}, "38b1acb1812aceed", "be6be3349bf6781aa925736d4238a19268a4f736feceb0837781f81ad518bb6e", "05ba26bf", "e5c8a6a300"}, 0x38) (async)
setsockopt$inet6_tcp_TLS_TX(r9, 0x11a, 0x1, &(0x7f0000000080)=@ccm_128={{0x303}, "621a4cc607dac200", "93904000b127e67ad3def79e7f363aa7", "b7d245b4", "bae99831061b00"}, 0x28) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x4, 0x0, {0x0, 0x0, 0x0, r8}}, 0x24}}, 0x0)

37.607094723s ago: executing program 2 (id=427):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000300)=0xa8)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000))
r1 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x3)
add_key$keyring(&(0x7f0000000280), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
socket(0x1c, 0x803, 0x400)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_usb_connect(0x6, 0x36, &(0x7f0000000000)=ANY=[@ANYRESDEC=r2], &(0x7f0000000280)={0x0, 0x0, 0xfffffdbe, 0x0, 0x3, [{0x0, 0x0}, {0x4, &(0x7f0000000080)=@lang_id={0x4, 0x3, 0x457}}, {0x2, &(0x7f0000000500)=ANY=[@ANYBLOB="02030df217eb85a072595aae89578cdb49c107a8bc391753c50dd0c62c1f354faeb9429d001701ff1689a527a57d8f50dc97fa2c486827d9315db7a6aab1db91827238c8e0080a9aadfe432895927071347853d72114b45fa9123580ab67171ed00cedefa2ca5ea3c7de640368358de7ea85213a1f31e648a9e41dac1d59cc1b59e5ce"]}]})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r3 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r3, 0xf4240, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r4, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r4, 0x5001, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
write$dsp(r4, &(0x7f0000000100)="97", 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
ioctl$TIOCGPTPEER(r0, 0x5441, 0xb3d)

34.453583785s ago: executing program 2 (id=447):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fchmodat(0xffffffffffffff9c, 0x0, 0x20)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffff9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58)
r4 = syz_open_procfs(r1, &(0x7f0000000300)='smaps\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r5)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r6 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r6)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000640)={0x2020}, 0x2020)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01', &(0x7f0000000a40)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
recvmsg(r0, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001540)=ANY=[@ANYBLOB="1c0000000706010800000000000000000a0000040500"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)

33.521472046s ago: executing program 2 (id=454):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = add_key(&(0x7f0000000080)='rxrpc\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$read(0xb, r0, &(0x7f0000000100)=""/4096, 0x1000)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
futex_waitv(0x0, 0x40, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1a1011, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f00000003c0)='./file0\x00', 0xa)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$rdma_cm(0xffffff9c, &(0x7f0000001100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000001180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001140)={<r4=>0xffffffffffffffff}, 0x13f, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r3, &(0x7f00000011c0)={0x4, 0x8, 0xfa00, {r4, 0xa1}}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a68000000060a0b040000000000000000020000003c000480200001800a00010071756f7461000000100002800c00014000000000000004011800018011000100666c6f775f6f66666c6f6164000000000900010073797a30000000000900020073797a3200000000000000000000000a"], 0x90}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)

33.512007069s ago: executing program 2 (id=455):
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000040)=0x2)
ioctl$F2FS_IOC_DEFRAGMENT(r0, 0xc010f508, &(0x7f0000000080)={0x4, 0x9})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
getsockopt$IPT_SO_GET_INFO(r2, 0x0, 0x40, &(0x7f0000000100)={'nat\x00', 0x0, [0x9, 0x6, 0x2, 0x233, 0x9]}, &(0x7f0000000180)=0x54) (async)
r3 = syz_genetlink_get_family_id$fou(&(0x7f00000001c0), r1)
sendmsg$FOU_CMD_ADD(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x30, r3, 0x200, 0x70bd25, 0x25dfdbff, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @private1}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0x18}}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x40)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000340), r1)
sendmsg$L2TP_CMD_TUNNEL_MODIFY(r2, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x64, r4, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x70}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'bond0\x00'}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e22}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0xf}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x9}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x7e65}]}, 0x64}, 0x1, 0x0, 0x0, 0x20008004}, 0x20000044) (async)
ioctl$FS_IOC_MEASURE_VERITY(r1, 0xc0046686, &(0x7f0000000480)={0x1, 0x1000, "9ea68925c990a43398c4cbc4ed6eb9fb02b89aa30a1845fd6e5fac56f74b37ab48844ffeb09a9c270eb990695a67fb6a9d0a27a5c613d84548be6c1eb3225f7e16900862eed3f45711a491a086856aa80809d6232046170d424712ef9cbf142c62e0ac23ef0d60796bc0af116bebd34e9b05af6798b05843679fc764f895c0c8fd31dd3a80735c5e57cf657c3cb9ea42c4caac179c3c7e52d3128355f16a686566b7ad7f07408b383a2821f75684eac5d683b49ed51cd568d207baf6fa5569b857867b96160cfe2ff6cd79d7f153e6cc86e4d76806c4d87aee067d99ea2d265c02113e913204b03656634a0475da8e74b35a549e9f58376be79e7aaa71a6c982ea7c67ed8a2cce59623f1e6af445f6750a51310b503267cc04671cedd69d2020011dba53353bf3d1f4c95081b82979b80aa83d271fb0392183502d4df16fdeb1fe3b5f8f9634cbcaeb7733472ecbeb90b1e5eca5db3c85337e7c5f56adc65f3c6cf86443d476827901af23df88feede4e0926c6ddeb72944e41715db206d05e1f741a976f744303b97c0a14fce82433d0d11baed9a1818226a0ac8dbd488ed062abec6da09c3d16dca2c5387343a585da216080891b63cf766da46a563eab4ea26f88f4e466fd9bb35c1ebee9a0ba16c3509f5c3fc4ced74f95a18b3c89ca922f93c194af11e2a25abf1372ce98004449f856acbfd7fd07209a3f32d2b9dc8e9c7f1a299f8ce079f2babaa6590761d7f54d8515940633f6790817d8491cb01d6059f241aefe84f253c268ed2c8fc226f4aea8cd32d767a32d1e417ff5ea88752d424ca461348f672592709e78e6f4ad755c4e75db5f647b03ca9307b2f694289363a0bb5367f6f1df849414dc466c262f4069b6e5c1973f0d8ad061b2bbfaa356930911d077bde37fd74806f431bd8a3eb1ee66f89d08a78fa04df55722e0159cd1674a8c18f6f2ac6fbab4e613e31f61000e1e72020d013b5dd1bef474866ba3d4f39f716f22fa7b716ebb191373950f0d65f28fe9eb2415afc26e3835bd39e9e1344763659ab44435fd7546db3df6deca653b5877071fe382e46299751e56bfb4c05710b89b80b9a2b9a49b116639e6c7c9077b5cd36d9a7e5a2a5bbfa2e7406cf6e67663f9235350a586ed8779787bbdc082bdec8623d2cb9bf7800ef582580887bbed7ddacd0951ce98cd9ed1c3bad29c2699e4ab4dd11d4d17b8d57f13554bdb2718a844fa9ef5b1324c025df4cdb68465ce89e4c7385143717eae587c47faf5ad1aa50ea67ba282fbe44a577b4dea757b0cd419d62882ac172de21cdd6de4bae7da4559a75ef2d4b0e215ebeb23fb9bb50e446c3eea626515814c07b9dee7444b55da299d1c3d9bda4ee342d474daabc18af3f3613beccf10b1f96183091994c576d2eda4a01fc4bf466c798e1b05801df8e4f7b154f0b3aacdc5bba092bb2815d7958dd3b2a8bb67a63efae87810455972747801fe5e0d0fd3366018a97fccad6e78f886b9a92d43cb15c66647efc936bb353b48c904dbe210b819991c3d427fa4909ed0d2e63e5a8f80433f7abea53793ea84fb673884a152aa1d6e42d50c2bb38a5eae089bc3a61f1aad7450da517f3d4c9ece02b6ddfa4efc2fbe4ec0082364437c4889913e7ff130d54d1ae0c8288482582bc4bd1278d67ccf74cd9a8ed6bf9c4b4f78991124fe128f8239bc5a96473eb05d71f1fa97a7763e8f5ed4b6ff2cf5464bb37e77416bfd72370a38ae2a1ced093727fcaf4e863986a9778dec7c4948e7733883f3c3427f739034f7808d527f7a6d44ee151be22672065f72501c26efe794210fa5a9ceb0e51ca0a0d99a27d496c9319467afdc3caaaecd7bbfc6b8956ef3735d19261346db6f160f725c8759ad0e368c176579785fb0477c372c9c45e97f7eb67a12bd5ebee86371789ae6abb07263c758d7cfadd6f2f44b05c5f02f7b4eae10dd2fb2c8d404360bdc878896e7f91c62b61f65b1f1fdd157c0c7d3267ff21ea84dcb71c8749b6c1f42c61fea774f042598ce7ee6c33d55a29cb5a65f4f618d9355d017a8308a5769c118cb5aea2c5cb5b0c9fa7d35e4de04d3733e9c394f53232436aa056b0c45d33a757901cc7ead06fff5efb469ba31ffe5c8df2b9374d9aae88398ddb4c483fcf8e950631f0ff5e49b21a56f5cd174ffdf6ac2bc16d96029aef731ce01a601fb375e60931ec1f6862536f5d66ab403e4ec2f645171b2f6cd6ea6932f012f79694d4ababbf6aae0427ddb2f84c9d488aad4e92f74fe4d2dfb4b5dc1e3066ac5d78a200194074e60326137e878ff41a39b874030648f732b1f2f0f06ca865f133994883a7821699cbb20b06622d17d7402a94af0712da1a249a671253c2839ed9a8e8c0d0e6f48f6ea8a6e738b6180d8ae8ee756aebb4a354280284ec2264dfc0ada20903b5aa6aa1234a87a3506835f538574a32a08e2b8106bdfd4a7e186cf2f7400bfcd5a3c06212d7332c9b3b9cc4e069eb8f55a461fdb76e136c501849afa186a4b27475821fc23cef05852826f02d3a885aba297a90709993434e1869ddf8626a9830998cb5ab1566d604d507ab8fa5453a6eed2407dc79134680d64fca21f091c6d8899af960bf4d019c878ad65e58683922f3f2ee405c05a93250ecc1938275899e2333b33172d7443f955dd15f3b11fe928284e15ec3ff8cd859ff28d25af24c72db10782cf0b3bb16943cac2f05d1da96ba4c6a5e144073181e78ce65f30949d8f543db9af2ff974ec7fb614b72ac1f68dee0f710d47bd2273d4f24149659317111f119e1a4fc625c51a8901c0da500b7a08b78731e7615e394c8f2bdb0e0b9b1325456e3fc191d695b2ee8ff747373fcf68d443ec9f4ba7552fc90f04168920445e6bb899f5d80a02572737afcec98a98d4eb87dc4b6730d2a9ec202b9f036fc80f4d69d0f4066a19cf9b6142c4b2d2d26cbbff915b5bc86c8333b52e636610258bd93073b755ae223f64e27aee24afe262449829a4d294ee4c65965f35e9a2921513ca05ab2fa774aa0eab740ae37f73426cea2a48eb85ea0b51146454443ebb2ebe735cd20653819984deac9a00967a248e7629522a4cd0d2bd080dbb0914545be7347100c8d1061a8251df7ea592eabd5f79076112ffdfa2474044c8bec934ee2070a8e5b0ac742760899179da128a3c3e40ad211a5c74d8542d8a0b42717506b3e837980a42cbbd4f2876cb8f294cb56eebdf54fdba10735d6d0c0455a678b6535ea2602aad283dce57f66ab5347a8990ebd0e8c7fe47fe5201584ffa243132e7102046707db4320d6194ceb91c42701fa939b5abf7f0d8ff1f7202920d0ed88dd962c4151f8238d13a53e768b06645675011aa8c6722bd298d4cb6157c08145e78572a0d25174d4f394ed4d19c3a4b2c2d6349e0113e027994d22d8ded084ead1e4097b928e664b44b68c7fb3300fbac7614814a03c88e4b93e7c907893029ca9a6b097be2c57e48929e914d2853733fed04db93fdefd223ca89381897d625e066968bb51c55bcc83af154b1e6f183040ca0a1b3464c66a48638b64107d381cefd4be8d273904f9b547aa7a4be163bbc952c3ec99c2a48a39e590b690e8d7a7f0e0bd8c9ea39d6981497de0ad384882750965f82ae722a7f17bd8971c6538c17ab3ba70e8d18d0f022dba85b742cf8ba29079194a9ba335dd87fa059dc4187ee4f7adb8c31aaef68e666a9325175e32c7a78ae6b7a3f4b37e540dd17ad0ec1fe0145f9a48ebe59e4d94c1640ae40f39c2ab3ce6aefdef36d7ad85234a99b87a4fd2179b3f9d0c973bc5985005049c43e3e79ac6025ac1a29e2beded820beea2c103d6a2f6c432d60b6820c78e9fb84c1f43f3dae5a3f3b1497d88833ef4d674d459824731897ee8da7c56ca78bda33101aaf7201af17a6c13c9f45836d15a00650eea6f544dfc1455120395ccb2c61f7f85f7625b3564d57a90f83bc090a0d703d95f51fdfa6bc9a731d0eae53cbdce3767f1ec8a99c8116dced56a73fc1b4f8d046570c06d5e2a4109197abfc0291dcc4cc45f383557cfe8a2e1e29c08ae0d0f1b111d46057096bc4a3fed99691a063cda46885acb5085c74fabc4fbb07c941cedaa35b83a80da33e4006119226afbddeea0df7ec8d105b4d29463a71e12813bc71344c1f11dc650239817e8719ab20eea2cd61b4d2cfd8e5beeb921f38d79d91028ebbe25e7d547dda178f3e66163a4dbac9c152196caaad7c977880fe4a0d191e3c62b5a77e74636cba147e3a6994b08f7845a12b01735fc54349bfca875150a268aae803cbf239f49a789468c2261ae228babdc31b652d1a27c29ce4f6fc6301cb68fb319eefe63a5cac1f7c49fa750939e2ffb1ca7713ab25967489ac337a02343b1e6654cc18219f3d98c2c5c19972099d586d7a68ecd6d29f8f8dc18f28adaec993c2f0c17921d2cc400c3775fd308aae0eb8fa97c4d01d0d570100be7f966e52cf735d2ce442f59fd4333f19d82e6d41ddbe272550b7c1dc751e4e4af985f89b00cd8d4336f574ba576a9b412b5e15ee06526fb4e4b2935db00ef7fa9bba3f0f1c943bb64f8ef13d07f25552164f6df8fb3d9652a55ae1c49e00642770376f488fac0e45e6c3bd45c9749a74c0e7791c31b914f94cc5a153aff5df66b62a3372167a9ecddce4d5a3937408c5cafd028e56f23dbeb108dcbb377e84d263850184fddb33c1e7299311be21b6eb2ba0a02598265626b86e7e3bf986c98f82997c527ade3f724c8052b170b799c6e2fc03d342c527815b6db50c5348c926a040674e6d19a2db9926339dbbe185b9ee9ec3521fd12aa9d0fceddbd64d7c751bf2406a54bb437db4c38e60c923f4873d9e5f17ef409a2a0a3aea2551893c0f502f3a6427b06237b6e853cddf06fb03174f897bf07dcc0771452f4535484b9d023d2286450fce3458d38c29ff6072c59f044fdbc424e0a0a0fbdeac44c134242cb9aaf1a0f8d0c4a2ab7c73eb4dce43018e2f5bd5aff75b6f3cfe3f26e18856f5f523983e1e2e1732de34287d5b26be09738be844e653848cb876e4ec7b1199c859b8f4dcc446bb88d8980b215da8c29d2d5653ae6a85e14e8ea21410082ec009680365cd169ab9937272fc66531b7a0f0adf2d7d8c519f478fda128bf808fa794b96ebe70ec75185e5e64965156ee408c8fb2511788edff5b0f8c082b2dde8cba9f7be93beb100d42da8fd581037e17e55d5301c1f226728da69f2fa75576e8961c97d7e440ca25ba97882f8274ad57159cc82d1a2294f0e8987d35ba09613a0b6091d4ef14f352944116f417cbe48cd9ceb213f4fa7831475e0d33af01ef25c0d570f4f1141d4f3969ba2ef73eb1c529a0b78afc82e317c7477e1923998c7d90a29301952e32e50e3e755a9c232a3a50bd339faadc302d9c63bf4377545c2683872a88c809c93137df58ee731cd27e93642a4226326ec066a9d361b95752909fc75e5ffaca07ca4fbd46b88aa8cffb78284451ed20fe78f34c622e245c9c194428cf5981c5a2e841d337d8684bdd3f78bc9edee14bd786a52a11dc7f9e7d2690a4de900454a65f988c2a6f239adf9896bcf9fe4e9d5797f52699274219fca8afaa8501e5b916ee78b9bdaba944c4a6a8d350c42a5c5581010b5cbdbb14dfb15e8a829ac747db275422743b4d16a74a2741828ee699b1032072ff7acbde1da3b0e073fec72bd5c5692e6b9f72f774c90bb25464fd94b4c0fddcbed3c1b734b4b8d0e233911ffd529d04256f88d3ca007527619bdd55a547370292c9de55f44e0d7921839b8d22"}) (async)
ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f00000014c0)={r1, 0x5, 0x8bb, "d0327d99772ee8873e9d886b729584b85f7081fa9933afb5d10f172f4eb2ab2533cf932b5c36d437e1903c335202ad1dbeb90d6e70b021fe8982"}) (async)
write$binfmt_elf64(r1, &(0x7f0000001540)={{0x7f, 0x45, 0x4c, 0x46, 0x6, 0x10, 0x5, 0x1, 0x12a7, 0x2, 0x3, 0x10001, 0x39f, 0x40, 0x39f, 0xa048, 0x3, 0x38, 0x4, 0x8, 0x1, 0x713}, [{0x70000000, 0x27edf2c3, 0x2, 0xfffffffffffffff7, 0x1000, 0x0, 0x6, 0x1}, {0x6, 0x8, 0x7fffffffffffffff, 0x6, 0x2, 0x8000, 0x4e13, 0x1}, {0x3, 0x76d, 0xb15d, 0x8, 0xc, 0x55de, 0x0, 0x6}, {0x3, 0x7f, 0xd39, 0x8, 0x910d, 0x80, 0x8000000000000000, 0xc2}], "951b5c007bc7054a309e920c6a0ee287967f099c68165a56d98f402db84c917258d3c10b129e5d1e06ea66722adb2153115bf413fe1526fb032368e8ee6322f14ac809786315fef5730d88251adff142214c91d0e5101fa1e0efc914dfc461504e3949c4391ee3a1795bd28f9c1977d78b997af3a5ad8605c8ee08dd151c29b40657ba8f89de3667b395fb49bb7ab443c75527206ed4d31bc444314d6408", ['\x00', '\x00']}, 0x3be) (async)
inotify_add_watch(r2, &(0x7f0000001900)='./file0\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000001940)={{0x1, 0x1, 0x18, <r5=>r0, {0x4}}, './file0\x00'}) (async)
r6 = openat$vicodec1(0xffffff9c, &(0x7f0000001980), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r6, 0xc0305615, &(0x7f00000019c0)={0x0, {0x8, 0x2}}) (async)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001a40), r5)
sendmsg$NL80211_CMD_LEAVE_IBSS(0xffffffffffffffff, &(0x7f0000001b00)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001ac0)={&(0x7f0000001a80)={0x14, r7, 0x4, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x60000840}, 0x4000005)
r8 = syz_genetlink_get_family_id$SEG6(&(0x7f0000001b80), r5)
sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f0000001c80)={&(0x7f0000001b40)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001c40)={&(0x7f0000001bc0)={0x44, r8, 0x1, 0x40, 0x25dfdbfe, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x80}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x4}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0xe7f6}, @SEG6_ATTR_SECRET={0x10, 0x4, [0x7, 0x1, 0x7ff]}]}, 0x44}, 0x1, 0x0, 0x0, 0x84}, 0x800) (async)
renameat2(r2, &(0x7f0000001cc0)='./file0\x00', r0, &(0x7f0000001d00)='./file0\x00', 0x4) (async)
getsockname$packet(r1, &(0x7f0000001d40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001d80)=0x14)
fgetxattr(r6, &(0x7f0000001dc0)=@random={'btrfs.', '\x00'}, &(0x7f0000001e00)=""/139, 0x8b)
getsockopt$IP_SET_OP_VERSION(r2, 0x1, 0x53, &(0x7f0000001ec0), &(0x7f0000001f00)=0x8)
sendmsg(r1, &(0x7f0000002880)={&(0x7f0000001f40)=@l2={0x1f, 0x7, @none, 0x2}, 0x80, &(0x7f0000002340)=[{&(0x7f0000001fc0)="24203d1a3dd7cd2b3258b55009aacc7cfb18c8529801ca7df72631c9741a7010a5f00cea60036ae65d3a233e9970e6bd3c701318d22498527e7041330834b08afbec20486ee9b7a529ee95e4059f79248e1b633daee9418ea38121915d078e6b2ce59582370877d29f037bbcfce2692c6e295081a2c1", 0x76}, {&(0x7f0000002040)="ee9b58b4b820f5d36fe5fbf2c27e12151fdd5f45e0853e1fc1eafc96eca2d1368bd01b638bd211a94e5908dcfdef23db102b1fa9b219e174eaa24afd2196144af8d6c266d5dcca25c7e627edb3028ccb243c2afd9f0a89b3a4ffcbe069bafb5e5bedea", 0x63}, {&(0x7f00000020c0)="95aa11dfb2e1775bde61f1b6082586202c3140aee5e9ed8c0836ecdf0383a8d8353db3bb9feb1efd7a9be2cbed80a7a282de168edd66b8d2e6e97898cfb425d55115f2828e86a076d97a9339e613845537fca23750514cf4c4aba8bd75141702b51eecc848ba6b4dfe5241b4fbf1390b0829800d9b151e540a104959aea4178cae654a345c6ac3ca0d6a9366fcd5b560ed05bf71d8e10bc854d8d7b1852f8e43b7ed75a07f06f6294a6993d366205050e924d114c53b34d56eb38618f5b34f8fae5f3b23426d40800451e7f80e94eff45656dd", 0xd3}, {&(0x7f00000021c0)="767e0ffd1fb13afa3a06cc5a6bf3e8577bd7feaadabe8605468c22fc1a63ee1677e9eb0377d4216680431730e9e6c54d44ca72b1b47a476e0858c3982cf7bd6ccf3a87749eb1074e3d4d8206bab61c156c89f420a41162062635180a5ff6439ea3c8ab7852163543ea30460697a3e0302dbd0bcf7439959d6286e1ccf6f40e1ed4c0f8ef0f48322db325ca0d75ea579203a0d19fc248412be8c5249ff9e7adba13c530e1de79203c9aaf3029669b4b73e24a8663c69a6259719387", 0xbb}, {&(0x7f0000002280)="cd5e3540c2349c5cda1746c605de11a9d2db4bf2268ffb154af6164b8028008e73a49f48a7baabc6db9bd0db4cd6441a83aef2dafe5d496b1e952c741ecac378d12cafcf238673795516225a213bec5f832232481e1278dbad1d636775f5aaec96aa579d3aed4633723f253b5f91e11655b0948aff0be1d61901ebbf63d81be57db1f01601fd82d0ddd240190111f135d4ba5cf316979fbe5bb9681f", 0x9c}], 0x5, &(0x7f0000002380)=[{0xf0, 0x10b, 0xd8, "f15adff186e4f6a03093d0b57d13d44d74e4eb06638449ea291c67bc5e954d71f831f3aba8d6867ab322eaa6176eb84edf570abc5bd4451e0bd6be7ec6cbe9041d03d75b98d2ccb88e6013adccfac7df1c8e46b743010445c833fffb954f882fc2a87949bc236dd40ebb556d836f5f6d7dc2a71562fb1ed0109ece4d712a62f9cb6a6cf14948dff19d9be86fa6b714a7d804cde4e030a103fdeb48b6f70f3521dbd969fe1fe395f6bd39b6ec6f4e0b76105fe0adc4418fea8720f5c4fe0b3c601b54eb962af28dd3a107cdc0ad54c38f0f5f31a6a7518a86033d8623d78969919a1e"}, {0x70, 0x3a, 0x4a, "ccc69670df5e0af04a396cf03549dab896c034792c61915c2e15aa2caeab7d6bbdc405ed7543df9c5be08c330aa4d6e3941865a5cdd1cbb1c9145ddad0e103cd9ea534915eea6915a6c10128c09bad65ac05d0e511c1d87041cf132b7bcfe1ccf21f1c28"}, {0x38, 0xff, 0x6, "e30fe4f8252225ea97742fc15198a8389133b20f108e9f6e58daf72eccfdca9da0b12284378b38926d"}, {0x78, 0x119, 0x7ad, "63549e035ba4227f7a628fe351c4d7016b682f5412ec8a60b1e2195180c8a9a10706cb7d18d6b8f1d613c78794d17bee71897fa08d8110171c0b0ef42188e04354790ace91d57b5cb2949c48249edce5a44c2a564465846086f1416cb6ddb064e217ce8a028d557adb61"}, {0x38, 0x109, 0x8, "2393587e6911f7f71bfd36292319f73bb3cc4f9772e21ebc91f92497cf8b989031e5df9815e1bed8cf537b3e"}, {0xac, 0x88, 0x4, "bed60eb7a7468293bf247299d899c77ef767cecbc73e8e1675161bc2a30022e14719afe379fc19e9b394d7a62834bb303db75d59dd1128896fe05f58deb85407cedea4aa40043a4744df55ab50b6a3e20c59ff02db42479367b2130a95602e26e278a1302af5c6fb266abce904352d465c57c36e521eb9af6a3399db1f895c4731a180437123ebc329395127920e5f598227f412932304d3859d719d1fde648d"}, {0xf8, 0x10d, 0x2, "c02f7164cb594cb1effda3a9c9857ccb594250cd177e00778d91b71a6301fb6380c0c70c674bb0571d9786c87f22807117aab34d42681c3358365121c04d0c850f55d31d581f36e14ca059563d76dd2316352265bbec6b276a69721a3a1e060dae9547fe52ed058b9da52886a48d84095dde8a0de2a2368d280244f49f1f72a32bc5ef51aba04d05ddb4d1ee3ff8860e7464d933d89214d1cfc2feaae3f43a38f5bc32af9a58d46c83d93b9fefa45deaa157d310525148b85fcfe7ed032003a8812635113010f3d497be588dc464329dff20f0b85f10554150e9917809512399f5eb73c7c1ee7ae3b0"}, {0x34, 0x10c, 0x4, "5dab000aa5ac2b9dcbb671c8835c134d80f5f32a47980b5755a1d3a11d8ee2afebc65b3d9d"}, {0xbc, 0x10b, 0x9c7, "30cf81403732bf202f7f133a39b29d1f2fd244289986f752fec20df327c1d058515c3ebc397aa69aca1c9e5b8bb186b1f5685a802886fea267cd21889b95a956fd5821041bcd543108a8099a041023609e948db2857785c587baa79cb55cf31fd99a518b5f2b670e975b25707b5c6234ca5ddefe024ba07ad889b7f454fcef15966be4244b01bf5d3271dc180a188f50582ee3242a1fbe32aec8cf8479f09b8e4ab91683260e760378361e6b242758"}], 0x4dc}, 0x80000) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002980)={&(0x7f00000028c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@ptr={0x7, 0x0, 0x0, 0x2, 0x4}]}, {0x0, [0x2e, 0x60c8e6ccb4f4d239, 0x2e, 0x51]}}, &(0x7f0000002900)=""/124, 0x2a, 0x7c, 0x0, 0x90, 0x10000, @value=r5}, 0x28) (async)
ioctl$TIOCL_GETSHIFTSTATE(r1, 0x541c, &(0x7f00000029c0)={0x6, 0xe0}) (async)
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r2, 0x7af, &(0x7f0000002a00)={@hyper, 0x5}) (async)
r9 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_DONE(r9, 0x0, 0xc9, 0x0, 0x0)

33.177164092s ago: executing program 2 (id=457):
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc3}, &(0x7f0000000080)={0x0, "d4dfeb1ceb40eeefe68d6cf265b68e88a8bb314f3c0f82df67e25dad70d6b31e036f9f20b70c42a4dc5b21aa28f606af1557115f56805a217afe6b467cb413b3"}, 0x48, 0xffffffffffffffff)
keyctl$negate(0x4, r0, 0x0, 0xfffffffffffffffe)
r1 = syz_io_uring_setup(0x49b, &(0x7f0000000180)={0x0, 0x44885, 0x1000, 0x6, 0x1d}, &(0x7f00000005c0), &(0x7f0000000480))
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000040)={0x0, 0x0, 0x1}, 0xf2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file1\x00', 0x81c0, 0x0)
io_uring_setup(0x1349, &(0x7f00000000c0)={0x0, 0xd414, 0x10, 0x0, 0x1ec})
r2 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$IMGETCOUNT(r2, 0x80044943, &(0x7f0000000340))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8953, &(0x7f0000000c40)={'wg1\x00', {0x2, 0x0, @empty}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019540)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_CMAP(r5, 0x4b71, 0x0)
ioctl$GIO_FONTX(r5, 0x4b6b, &(0x7f0000000180)={0x156, 0x1a, &(0x7f0000000380)})
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
write$dsp(r6, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
r7 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SYNC(r6, 0x5001, 0x0)

33.070906536s ago: executing program 32 (id=457):
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc3}, &(0x7f0000000080)={0x0, "d4dfeb1ceb40eeefe68d6cf265b68e88a8bb314f3c0f82df67e25dad70d6b31e036f9f20b70c42a4dc5b21aa28f606af1557115f56805a217afe6b467cb413b3"}, 0x48, 0xffffffffffffffff)
keyctl$negate(0x4, r0, 0x0, 0xfffffffffffffffe)
r1 = syz_io_uring_setup(0x49b, &(0x7f0000000180)={0x0, 0x44885, 0x1000, 0x6, 0x1d}, &(0x7f00000005c0), &(0x7f0000000480))
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000040)={0x0, 0x0, 0x1}, 0xf2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file1\x00', 0x81c0, 0x0)
io_uring_setup(0x1349, &(0x7f00000000c0)={0x0, 0xd414, 0x10, 0x0, 0x1ec})
r2 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$IMGETCOUNT(r2, 0x80044943, &(0x7f0000000340))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8953, &(0x7f0000000c40)={'wg1\x00', {0x2, 0x0, @empty}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8b}, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019540)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_CMAP(r5, 0x4b71, 0x0)
ioctl$GIO_FONTX(r5, 0x4b6b, &(0x7f0000000180)={0x156, 0x1a, &(0x7f0000000380)})
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
write$dsp(r6, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
r7 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SYNC(r6, 0x5001, 0x0)

5.120869994s ago: executing program 3 (id=679):
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x42, 0x45, 0xc, 0x5886, 0x7, 0x1, 0x8, 'syz1\x00'})
mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x6)
ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f00000000c0)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

5.063594541s ago: executing program 3 (id=680):
r0 = syz_open_dev$sg(0x0, 0x400009, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, 0x0, 0x0)
read$snapshot(r1, 0x0, 0xffffffbf)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(0xffffffffffffffff, 0x2, 0x0, 0xfe)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, 0x0, 0x8, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x82e, 0x0, &(0x7f0000000100), 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_usb_connect(0x6, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x24, &(0x7f0000001500)=ANY=[@ANYBLOB="1800000000000000000000000000000085200000040000008520000003e9e2d029598b8815000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000098630000110000000000000001000100b7080000000000007b8af8ff00000000b7080000070000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="00004e330b84db00385e000000000000b7050000080000008500000085100000030000001803600000060000000000000003000000cc67300008000000181200b792decf4bbdb4cee39748ce9569cd34a6c173b8f152e3b6fcef8d57ca78fdf242283eb93e17eae295677c62a8bf8a7bd83eded0321a6a2a50f97701ea9760f396f7c504657d16e76b92bd6265f02dfbf3fa2c80869aab9db57835c7a51dfae59cd8522eb76b555db31be16857e39c60c0bf48769919afd4062a5ec7fdbe2bd9ddeb49cad10f5eb7a31a2e458b0ccd00b1095c0ea75e4bef0c1b9accc512995c44790a01155cc577feba4921ac57e8525f73a000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, @sock_ops, r1}, 0x94)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='sessionid\x00')
read$FUSE(r4, 0x0, 0x0)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x2, 0x7, 0x1})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2002)

4.956159178s ago: executing program 0 (id=682):
preadv(0xffffffffffffffff, 0x0, 0x0, 0x300, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xfbc6, 0x10100, 0x8000003}, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
unshare(0x28000600)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=<r5=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
close(r6)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYRES16=r5, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r7}, 0x38)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r8, 0x2000002, 0xe, 0xfffffffffffffda9, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
fcntl$addseals(0xffffffffffffffff, 0x409, 0xe)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
syz_open_dev$media(&(0x7f00000000c0), 0x80000004000003f2, 0x0)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0x9, 0x4, 0x2, 0x0, 0x2, 0x7}, 0x0, 0x0)
r9 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r9, 0x0, &(0x7f00000000c0)=@chain)
keyctl$invalidate(0x15, r9)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
syz_usb_connect(0x5, 0x0, 0x0, 0x0)
poll(&(0x7f00000000c0)=[{0xffffffffffffffff, 0x3388}], 0x1, 0x800)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1b0000000000000000000000ff00000000000000", @ANYRES32, @ANYBLOB="01011000000000000900"/20, @ANYRES32=0x0, @ANYBLOB="03000000000000000300"/22], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000180)=[{0x2, 0x100005, 0xd, 0x6}, {0x4, 0x5, 0x4, 0x3}], 0x10, 0x6}, 0x94)

2.67759529s ago: executing program 4 (id=692):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000180)={0xfffffffffffffffc, 0x0, 0x2})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000010401010000000000000000000004000500010001"], 0x1c}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000000104"], 0x20}, 0x1, 0x0, 0x0, 0x20048805}, 0x0)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000040)=0xc)
ioctl$SNDCTL_DSP_SETFMT(r5, 0xc0045005, &(0x7f0000000640)=0x10)
close(r5)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
gettid()
fsopen(&(0x7f0000000200)='befs\x00', 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r0, &(0x7f0000000380)=[{&(0x7f00000005c0)=""/96, 0xb3}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x2, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000284484c0e3251f11000063010000000000009500000000000000af5859a89eb7e8ff510a826e5b572ef846e565eef6d54cfc05742e24bff87122e8d205495d7c0fddaf2b70b3b43aa7254391010a07475f7dd3c28c2f01f2b2c623579c23ea85fea2615aca23392d1502c4ee6f728b48eae1b3642fb397a79ed141bd8c1ed8fd67a8504e54f9ea51ca367b"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = inotify_init()
inotify_add_watch(r6, &(0x7f0000000000)='./file0\x00', 0x20)

2.000834161s ago: executing program 3 (id=700):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)
bind$inet(r0, 0x0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'dvmrp0\x00'})
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x4, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000019580)=@newqdisc={0x40, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_MEMORY_LIMIT={0x8, 0x9, 0x7}]}}]}, 0x40}}, 0x800)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r5, 0x40383d0c, &(0x7f0000000980)={{0x0, 0x2000004}, {0x0, 0x1}, 0x6, 0x6})
sendto$inet(r1, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fc", 0x11, 0x11, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r2)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f00000008c0)=ANY=[@ANYBLOB="38020000", @ANYRES16=r6, @ANYBLOB="000228bd7000fedbdf253a00000008000300cdc5b7c1838c076eb40adccf04f573a4960da4002982967a4742c4155d938fc0d7b1591b6d53d693f6af345cb38c54606c709a6c4c7ddcb52bf1294b739bc3f73eab017b7320d5", @ANYRES32, @ANYBLOB="0c009900ff7f00005c000000e9005b0046d15bf4af0c9205352471baf74eba5379f13973072bb04a7f846cf00df8018c2c8adb66c3b108c95818f72cfd7a146c39f1be0fa689fa1676a002dd3987592f801e823c6a1336b588f3ba39b86d9a36ebba882516fb38ec5cc56c62107387db60b6a268944ac264d55fbd64378f229a2a5100a2413485ad59c015468b1f5b900d2cf0135dafd2d959a6d863552c07e21ce9439e5db6a5cdce835dbab1e237a29125d9c6074dc7d57dfe3fc619228ff2f8b024e22e5712cb73415743d30f061eeb51bff5aa95637056e8f485d7"], 0x238}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
r7 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000840)="89000000120081ae08060cdc030000fe7f036e04000000000001ffca1b1f0000000024c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00150c00014003080c00bdad446b31007a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947e", 0x75}, {&(0x7f0000000140)="11d6cb557c8496a2fe7a81f38210bfa9b70ee09c", 0x14}], 0x2}, 0x0)

1.743844854s ago: executing program 4 (id=701):
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x16)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
syz_io_uring_setup(0x5b0e, &(0x7f0000000000)={0x0, 0xfffffffc, 0x2000, 0x0, 0x359}, &(0x7f00000002c0), &(0x7f0000ff4000))
close_range(r0, r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@netfilter={0xa, 0x0, 0xfffff800, 0x1}}, 0x20)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000208000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002802000024000000000000000230c0001400000000000000101500000000c0a010100000000000000000700fffc0900020073797a31000000000900010073797a300000000024000380200000800800034000000002140007800c000100636f756e7465720004000280140000001000010000000000000000000084000a"], 0x100}, 0x1, 0x0, 0x0, 0x4040854}, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r4 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x121000)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r7, 0xc0f85403, &(0x7f0000000300)={{0x2, 0x2, 0xfffffffd, 0x1, 0xffc00000}, 0x3, 0x19c, 0x40})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r6, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket(0x400000000010, 0x3, 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r7, 0x40045402, &(0x7f0000000040)=0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x13, 0x2a, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)

1.362425919s ago: executing program 1 (id=704):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) (async, rerun: 32)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) (rerun: 32)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x8, &(0x7f00000003c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x87}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0692105002d8d00000000000000", 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) (async, rerun: 32)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, 0x0) (async, rerun: 32)
r3 = socket$igmp(0x2, 0x3, 0x2)
setreuid(0xee00, 0xee00) (async, rerun: 64)
setsockopt$MRT_ADD_MFC(r3, 0x0, 0xcc, 0x0, 0x0) (rerun: 64)
r4 = openat$vcs(0xffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'})

1.260828712s ago: executing program 1 (id=705):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x5, 0x802, 0xff, 0x1b, 0x402, 0x1c49}) (async)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x5, 0x802, 0xff, 0x1b, 0x402, 0x1c49})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setxattr$incfs_metadata(0x0, 0x0, &(0x7f0000000880)="22cff5", 0x3, 0x1)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000003c0), 0x121000)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r2, 0xc0f85403, &(0x7f0000000180)={{0x3, 0x2, 0x1, 0x3, 0xffbffffc}, 0x3, 0x1019c, 0x40})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket(0x400000000010, 0x3, 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r2, 0x40045402, &(0x7f0000000040)=0x1) (async)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r2, 0x40045402, &(0x7f0000000040)=0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000), 0x4) (async)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000), 0x4)
r3 = socket$packet(0x11, 0x3, 0x300)
socket(0x1000000010, 0x80000, 0x0) (async)
socket(0x1000000010, 0x80000, 0x0)
getsockname(r3, &(0x7f0000000300)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
socket(0x2, 0x80805, 0x0) (async)
r5 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r5, &(0x7f0000001d80)=[{{&(0x7f0000000280)={0x2, 0x4e22, @private=0xa010101}, 0x10, &(0x7f0000000980)=[{&(0x7f0000000200)="9c", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000000c0)="99", 0x1}], 0x1}}], 0x2, 0x48000)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xc, 0x0, &(0x7f0000000000))
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x42000, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f00000002c0)=0xfffffffe)
ioctl$PPPIOCSMAXCID(r6, 0x40047451, &(0x7f0000000100)=0xffff0080)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, 0x0, 0x0)
close(r3)
unshare(0x42000000) (async)
unshare(0x42000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)

1.167333537s ago: executing program 0 (id=706):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={&(0x7f00000004c0)="08e2", &(0x7f0000000000)=""/28, &(0x7f0000000700), &(0x7f0000000040), 0x5, r2}, 0x38)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x38, r6, 0xc4fc9e906872338b, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0xfffffffa}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0x6, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x0, 0x9, 0x1}]}]}]}, 0x38}}, 0x0) (async)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x3, 0x0, 0x3, 0x2, 0x0, 0x700}, 0x10}, 0x1, 0x7}, 0x0) (async)
fsopen(0x0, 0xb4144cd82476cadd)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) (async)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newlink={0x34, 0x10, 0x401, 0x0, 0x25dfdbfc, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0) (async)
chdir(&(0x7f0000000100)='./file0\x00')
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r8, 0x25, &(0x7f0000000000)={0x1}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'dummy0\x00', <r9=>0x0}) (async)
r10 = socket$kcm(0x10, 0x2, 0x0)
accept4$packet(0xffffffffffffffff, &(0x7f0000000200), &(0x7f0000000280)=0x14, 0x0) (async)
sendmsg$kcm(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d083911000000000000a1180015000600142603600e120900210000000401a80016000400144006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@getchain={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xa}, {0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0xc000) (async)
syz_init_net_socket$rose(0xb, 0x5, 0xf0)

1.130686717s ago: executing program 3 (id=707):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, &(0x7f00000001c0)={0xc, &(0x7f00000000c0)={0x20, 0x8, 0xe2, {0xe2, 0x2c, "3f340bd95476436de4bc9f74691467616800e5c64f53c8c4445d0676c42285487de2c363d0a391bc6414f47ab9fe2165b12f4dc91b2160ba447aaee8bfd23e926c89d65315414728ee3a21a6962937fbdafd78829b2b12fd819ac2669d071513683374bf3e0270b65cfc42d360ad628552431445344e69f5c748c44a7d4eb39879293b0615592a22cd35fa2dba56ac6c69c6d94406ab64ab96645d06b2efba3efeb4cb4f1a3a7c807319df7a39e7621691a7ce90121717b2de957cebfc155d18801c9c94e5db1cff4bf2dc6492d0cec4108868f5d476e82e2b68f72e1b883577"}}, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000600)={0x24, &(0x7f0000000240)={0x0, 0x16, 0xb4, "76620649b5ae14bf7750fbe4084d1978aabf17515aa157e66451eed33d8e3f5557a01ec57453da2d232b28713f811f79ee9f6d40cf989f7a51544fa5ef996ea8e017bd59a7c7f3dc3b6ce4fac095512ac3064121dea1c6064257b61b4433e25ce13f95653fb759e85ee22decc9750e80ecf80d42922bd405d427c153f9e09657eff8980b70ba03a1012a47f5255a2d1ca73fcb4a5f9bcfbe0776e2cde8ff795c4b5d1ac948e716cf1f1492c43f6493520b9a0120"}, &(0x7f0000000300)={0x0, 0xa, 0x1, 0x4}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000400)={0x20, 0x80, 0x1c, {0xfe00, 0x6, 0x4, 0x7, 0xcfd, 0x5, 0x0, 0x1, 0x6, 0x2, 0x501, 0x1513}}, &(0x7f0000000500)={0x20, 0x85, 0x4, 0x3}, &(0x7f0000000540)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000000580)={0x20, 0x87, 0x2, 0xa97}, &(0x7f00000005c0)={0x20, 0x89, 0x2, 0x1}}) (async, rerun: 32)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async, rerun: 32)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000003c0)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000000c0)="b9da06ce171c2e7cc2a25d589ccd75d0275367048f46e1d1833f0b225d71e6aeeafac6b1195e3a2a07b7e7608b3a26ff", 0x30)
r2 = accept4(r1, 0x0, 0x0, 0x80000)
recvmsg$can_raw(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000140)=""/103, 0x67}], 0x1}, 0x40010022) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x18, 0x3, "c6a41d106c72fffffff500000000000002000000"}, @NFTA_MATCH_NAME={0xa, 0x1, 'owner\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}]}], {0x14}}, 0xa4}, 0x1, 0x0, 0x0, 0x4c000}, 0x4048010)

1.128845125s ago: executing program 0 (id=708):
bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
mount$cgroup(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x480, &(0x7f0000000140)={[{@release_agent={'release_agent', 0x3d, './file1'}}], [{@permit_directio}, {@smackfstransmute={'smackfstransmute', 0x3d, '$'}}, {@euid_eq}, {@dont_hash}]})
chdir(&(0x7f0000000080)='./file1\x00')
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = open(&(0x7f0000000000)='.\x00', 0x40000, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r4=>r3}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, r4, {0x4}}, './file0\x00'})
r5 = openat$autofs(0xffffff9c, &(0x7f00000001c0), 0x40600, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r5, 0xc0189373, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0, {0x5}}, './file1/file0\x00'})

1.049448858s ago: executing program 1 (id=709):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0xd, 0x8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000810000000000000018000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='contention_end\x00', r0, 0x0, 0x40000000}, 0x61)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
fcntl$setpipe(r1, 0x407, 0x0)
write$FUSE_INIT(r1, &(0x7f0000000340)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x0, 0xe497, 0x0, 0x4}}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1e000000100000007d5fffff0000000000200000", @ANYRES32=r1, @ANYBLOB="090000000000edffffffffffffffe20000000000", @ANYRES32=0x0, @ANYBLOB], 0x50)
vmsplice(r1, &(0x7f0000000140), 0x0, 0x0)
fcntl$setpipe(r1, 0x407, 0x2000000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x304000, 0x800, 0x0, 0x3}, 0x1c)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000000))
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000000000a6c000000060a09040000000000000000020000000900020073797a"], 0x94}}, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'erspan0\x00', <r8=>0x0})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
sendmsg$unix(r9, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@cred={{0x18}}], 0x18, 0x91}, 0x0)
recvmmsg(r10, &(0x7f0000001ec0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=""/15, 0xf}, 0x80000000}], 0x1, 0x0, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0xfffffffd, 0x2, {0x0, 0x0, 0x0, r8, {0x0, 0xc}, {0xffff, 0xffff}, {0x8, 0xfff1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x8, 0x7, 0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x200000c0}, 0x68000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)

999.665576ms ago: executing program 0 (id=710):
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
epoll_create(0xc)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x2, 0x4)
syz_io_uring_setup(0x19f2, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0x8000000}, &(0x7f0000000140), &(0x7f0000000100))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x8, 0x0, 0x1, 0xffffff01, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, &(0x7f0000000100), &(0x7f0000000140)}, 0x1c)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x0)
r1 = creat(0x0, 0x0)
splice(r0, 0x0, r1, 0x0, 0x10000000000016, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x4, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x1c, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x4, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x4}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x0)
modify_ldt$write2(0x11, &(0x7f0000000100)={0x1d30, 0x0, 0x2003, 0x1}, 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000380)=@o_path={0x0}, 0x14)

860.538943ms ago: executing program 4 (id=711):
r0 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00'}, 0x14)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000002d00010026bd7000fcdbdf250400000004000e800c00098008"], 0x24}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)=@generic={&(0x7f0000000040)='./file0\x00', r0}, 0x14)
r2 = creat(0x0, 0x1a8)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write(r3, &(0x7f0000000300)="88b321d22f5b3566b7f860340bdb11dd351a5a29eb3cd8aebe1793f793f6f1cc291471755bb420ddbb0e1ba332ddfe2868dec477", 0x34)
mmap$qrtrtun(&(0x7f0000ff8000/0x5000)=nil, 0x5000, 0x0, 0x4010, r3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a0000000400000008000000"], 0x48)
r5 = openat$hpet(0xffffff9c, &(0x7f00000009c0), 0x0, 0x0)
r6 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
recvmsg(r6, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x140)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x38, 0x140e, 0x100, 0x70bd2a, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_RES_PDN={0x8, 0x3c, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x0, 0x3, 0x3}, @RDMA_NLDEV_ATTR_RES_PDN={0x0, 0x3c, 0x10000}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x39, 0x1, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x810}, 0x44000)
preadv(r5, &(0x7f0000000c00)=[{&(0x7f0000000a00)=""/152, 0x98}], 0x1, 0xc096, 0x2)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = epoll_create1(0x80000)
epoll_pwait(r8, &(0x7f00000000c0)=[{}], 0x1, 0x9, &(0x7f0000000300), 0x8)
sendmsg$nl_xfrm(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@newpolicy={0xf8, 0x13, 0x1, 0x0, 0x0, {{@in6=@loopback, @in=@multicast2, 0x0, 0x0, 0x400, 0x9, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x2, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xfffffffffffffffc}, 0xfffffffe}, [@tmpl={0x44, 0x5, [{{@in6=@private2, 0x0, 0x33}, 0x2, @in6=@ipv4}]}]}, 0xf8}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r4}, &(0x7f0000000000), 0x0}, 0x1c)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000010429bd7000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0000000000200000140012800b00010067656e65766500006ce930ac376440c497958e38f60400028008001f0df881289c640bf52ec82517c1685bd33bc02b7253395641267f556a5328fa61fcb8e8bc9f68bce93f524dfd6b3dd6e593d721fabf6d109a7786703e0d5f5753ea9b467a"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
r10 = getpid()
sched_setaffinity(r10, 0x8, &(0x7f0000000240)=0x2)
tkill(r10, 0x14)

650.737769ms ago: executing program 4 (id=712):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x0, 0x10)
open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_fh={0x8, 0xfe, {0x40}}, 0x305680)

566.765505ms ago: executing program 4 (id=713):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, &(0x7f00000002c0)=0x3df, 0x4)
getsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, 0x0, &(0x7f0000000080))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a6c000000060a010400000000000000000200000a400004803cfd00800b00010065787468647200002c000280050002008300000008000340000000680800044000000001080006400000000208000140000000130900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x94}, 0x1, 0x0, 0x0, 0x24040000}, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x10000000, 0x0)

565.172583ms ago: executing program 3 (id=714):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000fedbdf25030000000800090002"], 0x3c}, 0x1, 0x0, 0x0, 0x20006911}, 0x0)
r4 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r4, 0xc0045627, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x93, 0x1, 0x2, 0xd59f80, 0x19ef, 0x80000008, 0xffff, 0x1000006, 0x4, 0x27ff, 0x2800, 0x42, 0xbb6, 0x19, 0x8, {0x8, 0x802}, 0xd0, 0x7}})

564.017556ms ago: executing program 4 (id=715):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002240)={&(0x7f0000002200)=@newspdinfo={0x1c, 0x24, 0x1, 0x70bd28, 0x25dfdbfc, 0x1, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x8080)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
readv(r3, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/214, 0xd6}], 0x1)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001e0001eb25bd70000000000001"], 0x114}], 0x1}, 0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r2)
epoll_create1(0x80000)
r5 = gettid()
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
fcntl$setown(r6, 0x8, r5)
exit(0x7)
sendmsg$inet(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000780)='\x00', 0x1}], 0x1}, 0x4044881)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000540)={0x0, 0xa1ff, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r2)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0xc4, r8, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}, @TIPC_NLA_MEDIA={0x94, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200000}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8b8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x20000000}, 0x408d1)

526.995982ms ago: executing program 3 (id=716):
socket(0x1, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_open_dev$video4linux(0x0, 0x5d7, 0x0)
r2 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_inet_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000040)={'bridge_slave_1\x00', {0x2, 0x9, @broadcast}})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
openat$audio(0xffffffffffffff9c, 0x0, 0xa002, 0x0)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r7, 0x4040ae77, &(0x7f0000000280)={0x80000001})
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000000)={{0xffffffffffffffff, 0x0, 0x9}, 0x3, 0x0, 0x1})
syz_kvm_setup_cpu$x86(r7, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0xf, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x21, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000600)={0x11, 0xff7ffffffffffffd, 0x2, 0xffffffffffffffff, 0xfffffffffffffffe, 0x9, 0x2, 0x8}, 0x0, &(0x7f0000000400)={0x7fc, 0x2, 0x800000, 0x0, 0x0, 0xc3ad, 0x0, 0xc2c5}, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000f00)=ANY=[@ANYBLOB="1201500200000020ac055202400001020301020000000101b580f70904000901030100000921ff07020122e40b1f058103bf03d00804"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './mnt\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
syz_socket_connect_nvme_tcp()

92.093529ms ago: executing program 0 (id=717):
r0 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd) (async)
pipe2$watch_queue(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x0) (async)
keyctl$set_timeout(0xf, r0, 0x4e0) (async)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000300)={0x57, 0x0, 0x8, {0x0, 0x1}, {0x74, 0x2}, @rumble={0x1, 0x8}})
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r3}, 0x18)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
ioctl$EVIOCGVERSION(r1, 0x80044501, &(0x7f0000000100)=""/191) (async)
ioctl$EVIOCSMASK(r5, 0x40104593, &(0x7f00000001c0)={0x1, 0x10, &(0x7f00000024c0)="739c17c2c2cc029eecad068741dfda99"}) (async)
write$char_usb(r5, &(0x7f0000000040)="e2", 0xff0f)

44.843458ms ago: executing program 1 (id=718):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$poke(0x1, r0, &(0x7f0000000000), 0x80000006)

44.572277ms ago: executing program 0 (id=719):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x50)
socket$kcm(0x10, 0x2, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x608141)
syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000540)='syzkaller\x00', 0x80006, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000012c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d02409819180179714ed0a6e1f0f755d8583da60f27c162dbba0706002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cece48c38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5ff01000000000000b69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b4073f300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b87234a30900000000000068133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf11211"], 0x0}, 0x94)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="2703022b590200c90000002f1eafbcf706e105000000894f000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada33cc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b3178c965c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xfe69}], 0x4}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x800, 0x0, 0x5, 0x0, 0xcb})
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
madvise(&(0x7f0000f0f000/0x2000)=nil, 0x2000, 0x15)
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x2})
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454c9, 0xba98575a95aeb70d)

18.908434ms ago: executing program 1 (id=720):
r0 = io_uring_setup(0xf08, &(0x7f000000c480)={0x0, 0xc46e, 0x400, 0x20001, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000440)=""/187, 0xcc}], 0x35)
r1 = io_uring_setup(0x6f9e, &(0x7f0000000600)={0x0, 0x1e28, 0x0, 0x3, 0x28b})
io_uring_register$IORING_REGISTER_FILES(r1, 0x1e, &(0x7f0000000000)=[r0], 0x1)
r2 = openat$sequencer2(0xffffff9c, &(0x7f00000011c0), 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r2, 0xc0045103, &(0x7f0000000040))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x0, 0x10)
open_by_handle_at(r3, &(0x7f0000000040)=@ceph_nfs_snapfh={0x1c, 0x4e, {0x6, 0x6, 0x2000007, 0xb}}, 0x214fc0)

0s ago: executing program 1 (id=721):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1f00000004000000ff0f00000600000040000600", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000a352f1f9e8ac14520000000000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xa, 0xc, &(0x7f0000000340)=ANY=[@ANYRES16=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
r3 = socket(0x10, 0x3, 0x0) (async, rerun: 32)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 32)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000100001000000000000000000000000c37176ec5d039f4b040000000000000000020000003c000480380001800b00010064796e7365740000280002800900010073797a3000000000080004400000000a080009400000000308000340000000000900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x90}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000f00)=ANY=[@ANYBLOB="300000001800dd8d0000000000000000020000000000000900000000060015000a0000000c00168008000100bc"], 0x30}}, 0x0)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='4', @ANYRES16=r7, @ANYBLOB="010026bd7000ffdbdf25010700000000000001410000001800170000001d000869623a"], 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x20020c0) (async, rerun: 64)
r8 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x181440, 0x0) (rerun: 64)
ioctl$FIONREAD(r8, 0x541b, 0x0) (async, rerun: 32)
gettid() (async, rerun: 32)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r9, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) (async, rerun: 32)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (rerun: 32)
ioctl$TIOCSETD(r10, 0x5423, &(0x7f00000000c0)=0xf)
r11 = fcntl$dupfd(r10, 0x0, r10)
ioctl$TCFLSH(r11, 0x400455c8, 0x2) (async)
ioctl$TIOCSETD(r11, 0x5412, &(0x7f0000000140)=0xffffffc0)
ioctl$TIOCSTI(r11, 0x5412, &(0x7f0000000040)=0xfc)
ioctl$TIOCSTI(r10, 0x5412, &(0x7f0000000280)=0x4) (async)
ioctl$TIOCSTI(r11, 0x5412, &(0x7f0000000180)=0x98) (async, rerun: 32)
ioctl$TIOCSTI(r10, 0x5412, &(0x7f0000000380)=0xff) (rerun: 32)
ioctl$TIOCSTI(r10, 0x5412, &(0x7f00000002c0)=0xff) (async)
connect$inet(r9, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:24081' (ED25519) to the list of known hosts.
[   40.867233][ T5885] cgroup: Unknown subsys name 'net'
[   41.026351][ T5885] cgroup: Unknown subsys name 'cpuset'
[   41.032475][ T5885] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   41.907515][ T5885] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   45.609283][ T5972] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   45.613253][ T5972] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   45.616580][ T5972] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   45.617273][ T5976] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   45.620666][ T5972] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   45.623094][ T5978] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   45.625050][ T5972] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   45.628286][ T5981] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   45.632201][ T5972] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   45.633458][ T5981] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   45.638307][ T5981] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   45.640881][ T5981] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   45.642385][ T5972] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   45.646783][ T5972] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   45.650920][ T5972] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   45.654276][ T5972] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   45.655595][ T5978] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   45.666275][ T5978] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   45.675728][ T5978] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   45.678677][ T5978] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   45.939296][ T5973] chnl_net:caif_netlink_parms(): no params data found
[   45.977429][ T5969] chnl_net:caif_netlink_parms(): no params data found
[   46.025073][ T5980] chnl_net:caif_netlink_parms(): no params data found
[   46.133999][ T5973] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.137781][ T5973] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.141099][ T5973] bridge_slave_0: entered allmulticast mode
[   46.145016][ T5973] bridge_slave_0: entered promiscuous mode
[   46.210083][ T5969] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.213141][ T5969] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.216218][ T5969] bridge_slave_0: entered allmulticast mode
[   46.220292][ T5969] bridge_slave_0: entered promiscuous mode
[   46.224961][ T5973] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.227301][ T5973] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.230355][ T5973] bridge_slave_1: entered allmulticast mode
[   46.234021][ T5973] bridge_slave_1: entered promiscuous mode
[   46.270860][ T5969] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.273742][ T5969] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.276404][ T5969] bridge_slave_1: entered allmulticast mode
[   46.279285][ T5969] bridge_slave_1: entered promiscuous mode
[   46.376246][ T5969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.382876][ T5969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.389136][ T5973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.393187][ T5977] chnl_net:caif_netlink_parms(): no params data found
[   46.399971][ T5973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.476559][ T5969] team0: Port device team_slave_0 added
[   46.502531][ T5980] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.504933][ T5980] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.507308][ T5980] bridge_slave_0: entered allmulticast mode
[   46.510294][ T5980] bridge_slave_0: entered promiscuous mode
[   46.521355][ T5969] team0: Port device team_slave_1 added
[   46.542201][ T5980] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.544489][ T5980] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.546746][ T5980] bridge_slave_1: entered allmulticast mode
[   46.549682][ T5980] bridge_slave_1: entered promiscuous mode
[   46.589879][ T5973] team0: Port device team_slave_0 added
[   46.649892][ T5973] team0: Port device team_slave_1 added
[   46.659306][ T5980] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.662566][ T5969] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.664829][ T5969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.673332][ T5969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.722456][ T5980] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.725621][ T5969] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.727867][ T5969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.736102][ T5969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.740053][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.742670][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.752986][ T5973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.819028][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.821819][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.830087][ T5973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.834460][ T5977] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.836739][ T5977] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.839206][ T5977] bridge_slave_0: entered allmulticast mode
[   46.842151][ T5977] bridge_slave_0: entered promiscuous mode
[   46.864881][ T5977] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.867183][ T5977] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.870112][ T5977] bridge_slave_1: entered allmulticast mode
[   46.873147][ T5977] bridge_slave_1: entered promiscuous mode
[   46.876781][ T5980] team0: Port device team_slave_0 added
[   46.881413][ T5980] team0: Port device team_slave_1 added
[   46.957416][ T5977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.014646][ T5969] hsr_slave_0: entered promiscuous mode
[   47.017004][ T5969] hsr_slave_1: entered promiscuous mode
[   47.022470][ T5977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.043907][ T5980] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.046866][ T5980] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.059306][ T5980] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.082739][ T5973] hsr_slave_0: entered promiscuous mode
[   47.085019][ T5973] hsr_slave_1: entered promiscuous mode
[   47.087160][ T5973] debugfs: 'hsr0' already exists in 'hsr'
[   47.089451][ T5973] Cannot create hsr debugfs directory
[   47.093658][ T5980] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.096353][ T5980] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.104528][ T5980] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.165363][ T5977] team0: Port device team_slave_0 added
[   47.202236][ T5977] team0: Port device team_slave_1 added
[   47.290216][ T5977] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.292641][ T5977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.300754][ T5977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.306746][ T5980] hsr_slave_0: entered promiscuous mode
[   47.309151][ T5980] hsr_slave_1: entered promiscuous mode
[   47.311324][ T5980] debugfs: 'hsr0' already exists in 'hsr'
[   47.313211][ T5980] Cannot create hsr debugfs directory
[   47.327302][ T5977] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.329998][ T5977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.338742][ T5977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.441376][ T5977] hsr_slave_0: entered promiscuous mode
[   47.444529][ T5977] hsr_slave_1: entered promiscuous mode
[   47.447467][ T5977] debugfs: 'hsr0' already exists in 'hsr'
[   47.452032][ T5977] Cannot create hsr debugfs directory
[   47.601979][ T5969] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   47.618064][ T5969] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   47.626866][ T5969] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   47.633404][ T5969] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   47.648928][ T5978] Bluetooth: hci1: command tx timeout
[   47.648989][ T5976] Bluetooth: hci0: command tx timeout
[   47.700401][ T5973] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.706978][ T5973] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.712638][ T5973] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.718309][ T5973] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   47.728344][ T5976] Bluetooth: hci3: command tx timeout
[   47.728988][ T5978] Bluetooth: hci2: command tx timeout
[   47.767278][ T5980] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   47.772532][ T5980] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.776991][ T5980] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.781793][ T5980] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.845664][ T5977] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   47.850464][ T5977] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   47.859308][ T5969] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.861586][ T5977] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   47.865639][ T5977] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   47.902689][ T5969] 8021q: adding VLAN 0 to HW filter on device team0
[   47.920277][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.922625][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.926562][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.928903][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.941941][ T5973] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.975890][ T5973] 8021q: adding VLAN 0 to HW filter on device team0
[   47.992907][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.996001][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.007378][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.010473][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.019813][ T5980] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.048742][ T5977] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.064982][ T5980] 8021q: adding VLAN 0 to HW filter on device team0
[   48.071733][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.074039][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.077878][ T5977] 8021q: adding VLAN 0 to HW filter on device team0
[   48.087676][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.090096][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.104577][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.107051][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.114552][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.116805][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.145296][ T5969] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.157142][ T5980] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   48.190925][ T5969] veth0_vlan: entered promiscuous mode
[   48.196539][ T5969] veth1_vlan: entered promiscuous mode
[   48.202468][ T5973] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.221871][ T5969] veth0_macvtap: entered promiscuous mode
[   48.232450][ T5969] veth1_macvtap: entered promiscuous mode
[   48.242978][ T5969] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.250752][ T5973] veth0_vlan: entered promiscuous mode
[   48.257200][ T5969] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.265816][ T5973] veth1_vlan: entered promiscuous mode
[   48.271490][   T68] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.274319][   T68] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.279924][   T68] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.282656][   T68] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.302446][ T5980] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.325903][ T5977] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.346818][ T5973] veth0_macvtap: entered promiscuous mode
[   48.358909][ T5973] veth1_macvtap: entered promiscuous mode
[   48.362009][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.365042][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.366296][ T5980] veth0_vlan: entered promiscuous mode
[   48.388429][ T5980] veth1_vlan: entered promiscuous mode
[   48.394647][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.395873][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.397112][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.428737][ T5980] veth0_macvtap: entered promiscuous mode
[   48.435018][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.439594][ T5980] veth1_macvtap: entered promiscuous mode
[   48.449040][   T60] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.449483][ T5969] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   48.452844][ T5977] veth0_vlan: entered promiscuous mode
[   48.462396][   T68] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.465135][   T68] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.473906][   T68] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.481214][ T5980] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.493859][ T5977] veth1_vlan: entered promiscuous mode
[   48.498759][ T5980] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.514374][   T95] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.528504][   T95] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.540250][   T95] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.550928][   T95] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.564977][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.568093][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.591565][ T5977] veth0_macvtap: entered promiscuous mode
[   48.600456][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.603898][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.629505][ T5977] veth1_macvtap: entered promiscuous mode
[   48.653625][ T5977] percpu: allocation failed, size=8 align=8 atomic=1, atomic alloc failed, no space left
[   48.657456][ T5977] IPv6: macsec0: Failed to add prefix route for address fe80::3b; dropping
[   48.707896][ T6060] process 'syz.3.4' launched '/dev/fd/11' with NULL argv: empty string added
[   48.720203][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.725430][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.768674][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.835578][ T6061] syz.3.4 uses obsolete (PF_INET,SOCK_PACKET)
[   48.933432][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.937911][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.972891][ T5977] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.003055][ T5977] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.029611][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.044417][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.048127][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.057925][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.246555][ T6068] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   49.290329][ T6068] 9pnet: Could not find request transport: ����uP��2˸�|xr
[   49.313853][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.329985][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.599929][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.602457][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.608340][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.611975][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.614678][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.628569][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.728871][ T5978] Bluetooth: hci1: command tx timeout
[   49.738875][ T5978] Bluetooth: hci0: command tx timeout
[   49.808353][ T5978] Bluetooth: hci3: command tx timeout
[   49.810117][ T5978] Bluetooth: hci2: command tx timeout
[   50.349225][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.351837][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.354535][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.357538][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.361487][ T6089] netlink: 'syz.1.9': attribute type 6 has an invalid length.
[   50.365802][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.374279][ T6089] =======================================================
[   50.374279][ T6089] WARNING: The mand mount option has been deprecated and
[   50.374279][ T6089]          and is ignored by this kernel. Remove the mand
[   50.374279][ T6089]          option from the mount to silence this warning.
[   50.374279][ T6089] =======================================================
[   50.679851][ T5978] Bluetooth: hci2: Received unexpected HCI Event 0x00
[   51.081158][ T6105] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11'.
[   51.092598][ T6105] loop7: detected capacity change from 0 to 7
[   51.128317][  T840] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   51.255401][ T6105] Dev loop7: unable to read RDB block 7
[   51.256849][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[   51.257598][ T6105]  loop7: unable to read partition table
[   51.260890][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[   51.262533][    C2] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[   51.263409][ T6105] loop7: partition table beyond EOD, 
[   51.266047][    C2] Buffer I/O error on dev loop7, logical block 0, lost async page write
[   51.273851][ T6105] truncated
[   51.274888][ T6105] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[   51.477731][ T6116] netlink: 'syz.2.13': attribute type 2 has an invalid length.
[   51.480944][ T6116] kvm: apic: phys broadcast and lowest prio
[   51.571826][ T6115] 8021q: adding VLAN 0 to HW filter on device bond1
[   51.633201][ T6054] libceph: connect (1)[c::]:6789 error -101
[   51.635486][ T6054] libceph: mon0 (1)[c::]:6789 connect error
[   51.671490][   T40] audit: type=1326 audit(1756804064.084:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6118 comm="syz.3.14" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x0
[   51.779492][ T6121] ceph: No mds server is up or the cluster is laggy
[   51.822846][ T5978] Bluetooth: hci0: command tx timeout
[   51.822870][ T5978] Bluetooth: hci1: command tx timeout
[   51.888380][ T5976] Bluetooth: hci2: command tx timeout
[   51.890325][ T5976] Bluetooth: hci3: command tx timeout
[   51.963298][ T6135] lo speed is unknown, defaulting to 1000
[   51.966068][ T6135] lo speed is unknown, defaulting to 1000
[   51.975060][ T6135] lo speed is unknown, defaulting to 1000
[   51.993406][ T6135] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   52.011419][ T6135] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   52.027776][ T6054] libceph: connect (1)[c::]:6789 error -101
[   52.033999][ T6054] libceph: mon0 (1)[c::]:6789 connect error
[   52.267114][ T6136] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15'.
[   52.293940][ T6141] netlink: 16 bytes leftover after parsing attributes in process `syz.3.17'.
[   52.296810][ T6141] netlink: 260 bytes leftover after parsing attributes in process `syz.3.17'.
[   52.793165][ T6135] lo speed is unknown, defaulting to 1000
[   52.796390][ T6135] lo speed is unknown, defaulting to 1000
[   52.811048][ T6135] lo speed is unknown, defaulting to 1000
[   52.814315][ T6135] lo speed is unknown, defaulting to 1000
[   52.819600][ T6135] lo speed is unknown, defaulting to 1000
[   53.394769][ T6157] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[   53.434744][ T6161] bridge_slave_0: left allmulticast mode
[   53.436691][ T6161] bridge_slave_0: left promiscuous mode
[   53.438975][ T6161] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.888962][ T5978] Bluetooth: hci0: command tx timeout
[   53.891817][ T5976] Bluetooth: hci1: command tx timeout
[   53.937283][ T6161] bridge_slave_1: left allmulticast mode
[   53.940422][ T6161] bridge_slave_1: left promiscuous mode
[   53.943333][ T6161] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.956105][ T6161] bond0: (slave bond_slave_0): Releasing backup interface
[   53.969446][ T5976] Bluetooth: hci3: command tx timeout
[   53.971690][ T5978] Bluetooth: hci2: command tx timeout
[   53.976577][ T6161] bond0: (slave bond_slave_1): Releasing backup interface
[   53.994944][ T6161] team0: Port device team_slave_0 removed
[   54.011628][ T6161] team0: Port device team_slave_1 removed
[   54.015684][ T6161] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   54.018756][ T6161] batman_adv: batadv0: Removing interface: batadv_slave_0
[   54.025258][ T6161] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   54.027742][ T6161] batman_adv: batadv0: Removing interface: batadv_slave_1
[   54.227448][ T6182] overlayfs: failed to resolve './file1': -2
[   54.237777][ T6182] netlink: 'syz.0.20': attribute type 1 has an invalid length.
[   54.564626][ T6197] netlink: 68 bytes leftover after parsing attributes in process `syz.3.21'.
[   54.832376][   T61] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x7
[   54.834820][   T61] hid-generic 00A0:0008:0003.0002: item fetching failed at offset 14/15
[   54.841557][   T61] hid-generic 00A0:0008:0003.0002: probe with driver hid-generic failed with error -22
[   54.858395][ T2293] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   55.008307][ T2293] usb 8-1: Using ep0 maxpacket: 8
[   55.012831][ T2293] usb 8-1: config 0 interface 0 has no altsetting 0
[   55.015232][ T2293] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[   55.018093][ T2293] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   55.023667][ T2293] usb 8-1: config 0 descriptor??
[   55.141628][ T6209] netlink: 'syz.2.25': attribute type 3 has an invalid length.
[   55.434243][ T2293] mcp2221 0003:04D8:00DD.0003: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[   55.643013][ T6200] tipc: Invalid UDP bearer configuration
[   55.643161][ T6200] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   55.676704][ T6241] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   55.763985][   T61] usb 8-1: USB disconnect, device number 2
[   56.417294][ T6246] syz.1.34 (6246): drop_caches: 1
[   56.439555][ T6246] syz.1.34 (6246): drop_caches: 1
[   56.561323][ T6274] netlink: 8 bytes leftover after parsing attributes in process `syz.1.38'.
[   56.596874][ T6274] netlink: 8 bytes leftover after parsing attributes in process `syz.1.38'.
[   56.782848][ T6279] warning: `syz.3.39' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   56.790988][ T6279] Zero length message leads to an empty skb
[   57.294946][ T6289] loop6: detected capacity change from 0 to 524287999
[   57.306150][ T6289] netlink: 24 bytes leftover after parsing attributes in process `syz.2.41'.
[   57.608103][ T6292] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[   57.611276][ T6292] /dev/nullb0: Can't open blockdev
[   57.644262][ T6294] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   57.887754][ T6305] netlink: 12 bytes leftover after parsing attributes in process `syz.1.47'.
[   57.948260][   T24] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   58.128553][   T24] usb 8-1: Using ep0 maxpacket: 16
[   58.133271][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[   58.139570][   T24] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[   58.142724][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   58.145279][   T24] usb 8-1: Product: syz
[   58.146606][   T24] usb 8-1: Manufacturer: syz
[   58.148082][   T24] usb 8-1: SerialNumber: syz
[   58.152066][   T24] usb 8-1: config 0 descriptor??
[   58.157160][   T24] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[   58.161103][   T24] em28xx 8-1:0.0: DVB interface 0 found: bulk
[   58.179602][ T6314] unknown channel width for channel at 909000KHz?
[   58.181720][ T6314] unknown channel width for channel at 909000KHz?
[   58.183825][ T6314] unknown channel width for channel at 909000KHz?
[   58.185771][ T6314] unknown channel width for channel at 909000KHz?
[   58.190537][ T6315] mmap: syz.2.49 (6315) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   58.190537][ T6314] mmap: syz.2.49 (6314) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   58.223449][ T6323] comedi comedi3: driver 'ni_daq_700' does not support attach using comedi_config
[   58.227312][   T40] audit: type=1326 audit(1756804070.634:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7ffc0000
[   58.234683][   T40] audit: type=1326 audit(1756804070.634:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7ffc0000
[   58.241763][   T40] audit: type=1326 audit(1756804070.634:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7ffc0000
[   58.249692][   T40] audit: type=1326 audit(1756804070.634:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.52" exe="/syz-executor" sig=0 arch=40000003 syscall=258 compat=1 ip=0xf7f28579 code=0x7ffc0000
[   58.256380][   T40] audit: type=1326 audit(1756804070.634:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7ffc0000
[   58.263168][   T40] audit: type=1326 audit(1756804070.634:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7ffc0000
[   58.269761][   T40] audit: type=1326 audit(1756804070.644:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.52" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f28579 code=0x7ffc0000
[   58.276230][   T40] audit: type=1326 audit(1756804070.644:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7ffc0000
[   58.283559][   T40] audit: type=1326 audit(1756804070.644:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.52" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7ffc0000
[   58.291789][   T40] audit: type=1326 audit(1756804070.644:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6321 comm="syz.2.52" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f28579 code=0x7ffc0000
[   58.413120][ T6330] binder: 6329:6330 ioctl c0306201 800002c0 returned -14
[   58.490728][ T6333] overlay: Unknown parameter 'defcontext'
[   58.760949][   T24] em28xx 8-1:0.0: unknown em28xx chip ID (0)
[   58.903838][ T6350] netlink: 12 bytes leftover after parsing attributes in process `syz.0.58'.
[   59.958954][ T6361] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.964793][ T6361] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   60.169290][ T6369] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.62'.
[   60.263154][ T6381] netlink: 20 bytes leftover after parsing attributes in process `syz.0.65'.
[   60.370701][ T6370] netlink: 48 bytes leftover after parsing attributes in process `syz.2.61'.
[   60.835762][ T6395] fuse: Unknown parameter 'group_id00000000000000000000'
[   60.844175][ T6395] lo speed is unknown, defaulting to 1000
[   60.850732][ T6395] lo speed is unknown, defaulting to 1000
[   60.852259][   T24] em28xx 8-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[   60.855122][ T6395] lo speed is unknown, defaulting to 1000
[   60.858110][ T6296] em28xx 8-1:0.0: reading from i2c device at 0x0 failed (error=-5)
[   60.860977][   T24] em28xx 8-1:0.0: board has no eeprom
[   60.944811][   T24] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[   60.954873][   T24] em28xx 8-1:0.0: dvb set to bulk mode.
[   60.957997][ T6054] em28xx 8-1:0.0: Binding DVB extension
[   60.972462][   T24] usb 8-1: USB disconnect, device number 3
[   60.974931][   T24] em28xx 8-1:0.0: Disconnecting em28xx
[   61.006960][ T6054] em28xx 8-1:0.0: Registering input extension
[   61.009764][   T24] em28xx 8-1:0.0: Closing input extension
[   61.017100][   T24] em28xx 8-1:0.0: Freeing device
[   61.165643][   T61] lo speed is unknown, defaulting to 1000
[   61.167815][ T6395] infiniband s
z1: set active
[   61.169570][ T6395] infiniband s
z1: added lo
[   61.224126][ T6395] RDS/IB: s
z1: added
[   61.226202][ T6395] smc: adding ib device s
z1 with port count 1
[   61.229750][ T6395] smc:    ib device s
z1 port 1 has pnetid 
[   61.233809][   T61] lo speed is unknown, defaulting to 1000
[   61.237652][ T6395] lo speed is unknown, defaulting to 1000
[   61.288239][ T5994] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   61.523083][ T5994] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[   61.588299][ T5994] usb 6-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[   61.591169][ T5994] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   61.593995][ T5994] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.652462][ T6395] lo speed is unknown, defaulting to 1000
[   61.745439][ T6395] lo speed is unknown, defaulting to 1000
[   61.859169][ T6054] usb 6-1: USB disconnect, device number 3
[   61.995829][ T6395] lo speed is unknown, defaulting to 1000
[   62.049986][ T6436] bridge_slave_0: left allmulticast mode
[   62.051903][ T6436] bridge_slave_0: left promiscuous mode
[   62.053759][ T6436] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.057875][ T6436] bridge_slave_1: left allmulticast mode
[   62.060532][ T6436] bridge_slave_1: left promiscuous mode
[   62.062437][ T6436] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.067304][ T6436] bond0: (slave bond_slave_0): Releasing backup interface
[   62.072321][ T6436] bond0: (slave bond_slave_1): Releasing backup interface
[   62.079526][ T6436] team0: Port device team_slave_0 removed
[   62.084832][ T6436] team0: Port device team_slave_1 removed
[   62.087134][ T6436] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   62.090306][ T6436] batman_adv: batadv0: Removing interface: batadv_slave_0
[   62.093265][ T6436] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   62.095737][ T6436] batman_adv: batadv0: Removing interface: batadv_slave_1
[   62.099114][ T6438] netlink: 'syz.3.75': attribute type 10 has an invalid length.
[   62.123693][ T6438] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   62.889008][ T6458] lo speed is unknown, defaulting to 1000
[   62.947520][ T6456] block device autoloading is deprecated and will be removed.
[   63.564310][ T6483] openvswitch: netlink: Geneve opt len 126 is not a multiple of 4.
[   63.789960][ T6497] netlink: 12 bytes leftover after parsing attributes in process `syz.1.90'.
[   63.793332][ T6497] comedi comedi3: comedi_config --init_data is deprecated
[   64.392768][ T6512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.94'.
[   64.406564][ T6514] capability: warning: `syz.3.95' uses 32-bit capabilities (legacy support in use)
[   64.417192][ T6514] binder: BINDER_SET_CONTEXT_MGR already set
[   64.422781][ T6514] binder: 6513:6514 ioctl 4018620d 800002c0 returned -16
[   64.428590][ T6514] binder: 6513:6514 unknown command 0
[   64.430741][ T6514] binder: 6513:6514 ioctl c0306201 80000300 returned -22
[   64.524192][ T6518] netlink: 8 bytes leftover after parsing attributes in process `syz.3.97'.
[   64.882201][ T6524] lo speed is unknown, defaulting to 1000
[   64.914186][ T6532] netlink: 16 bytes leftover after parsing attributes in process `syz.2.101'.
[   65.036172][ T6538] block nbd3: Attempted send on invalid socket
[   65.187784][ T6538] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   65.196160][ T6538] vxfs: unable to read disk superblock at 1
[   65.201902][ T6538] block nbd3: Attempted send on invalid socket
[   65.204973][ T6546] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   65.208236][ T6538] I/O error, dev nbd3, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   65.212289][ T6538] vxfs: unable to read disk superblock at 8
[   65.214586][ T6538] vxfs: can't find superblock.
[   65.307491][ T6519] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   65.484037][ T6558] netlink: 4 bytes leftover after parsing attributes in process `syz.1.107'.
[   66.242504][ T6587] binder: 6586:6587 ioctl c0306201 800004c0 returned -22
[   67.587288][ T6632] netlink: 'syz.0.118': attribute type 1 has an invalid length.
[   67.612240][ T6632] 8021q: adding VLAN 0 to HW filter on device bond2
[   67.701966][ T6632] bond2: (slave veth3): Enslaving as an active interface with a down link
[   67.711644][ T6637] bond2: (slave veth0_to_bond): Enslaving as an active interface with a down link
[   67.727059][ T6632] vlan2: entered allmulticast mode
[   67.728968][ T6632] bond2: entered allmulticast mode
[   67.731271][ T6632] bond2: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[   67.774866][ T6637] netlink: 16 bytes leftover after parsing attributes in process `syz.0.118'.
[   67.781238][ T6637] I/O error, dev loop0, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[   67.785731][ T6637] EXT4-fs (loop0): unable to read superblock
[   67.836952][   T40] kauditd_printk_skb: 80 callbacks suppressed
[   67.836963][   T40] audit: type=1326 audit(1756804309.244:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.1.120" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   67.845490][ T6645] netlink: 'syz.1.120': attribute type 3 has an invalid length.
[   67.845835][   T40] audit: type=1326 audit(1756804309.254:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.1.120" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   67.855965][ T6645] netlink: 68 bytes leftover after parsing attributes in process `syz.1.120'.
[   67.859192][   T40] audit: type=1326 audit(1756804309.254:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.1.120" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70be579 code=0x7ffc0000
[   67.866841][   T40] audit: type=1326 audit(1756804309.254:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.1.120" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   67.874223][   T40] audit: type=1326 audit(1756804309.254:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.1.120" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70be579 code=0x7ffc0000
[   67.881146][   T40] audit: type=1326 audit(1756804309.254:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.1.120" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   67.888014][   T40] audit: type=1326 audit(1756804309.254:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.1.120" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000
[   67.894983][   T40] audit: type=1326 audit(1756804309.254:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.1.120" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000
[   67.901549][   T40] audit: type=1326 audit(1756804309.254:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.1.120" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000
[   67.908018][   T40] audit: type=1326 audit(1756804309.254:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6642 comm="syz.1.120" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf70be579 code=0x7ffc0000
[   68.221020][ T6663] loop6: detected capacity change from 0 to 2560
[   68.224665][ T5984] Buffer I/O error on dev loop6, logical block 0, async page read
[   68.227283][ T5984] Buffer I/O error on dev loop6, logical block 0, async page read
[   68.230650][ T5984] Buffer I/O error on dev loop6, logical block 0, async page read
[   68.233928][ T5984] Buffer I/O error on dev loop6, logical block 0, async page read
[   68.236455][ T5984] Buffer I/O error on dev loop6, logical block 0, async page read
[   68.239067][ T5984] Buffer I/O error on dev loop6, logical block 0, async page read
[   68.241566][ T5984] Buffer I/O error on dev loop6, logical block 0, async page read
[   68.244074][ T5984] Buffer I/O error on dev loop6, logical block 0, async page read
[   68.246528][ T5984] ldm_validate_partition_table(): Disk read failed.
[   68.248904][ T5984] Buffer I/O error on dev loop6, logical block 0, async page read
[   68.252173][ T5984] Buffer I/O error on dev loop6, logical block 0, async page read
[   68.255503][ T5984] Dev loop6: unable to read RDB block 0
[   68.257477][ T5984]  loop6: unable to read partition table
[   68.262566][ T6663] ldm_validate_partition_table(): Disk read failed.
[   68.264833][ T6663] Dev loop6: unable to read RDB block 0
[   68.266771][ T6663]  loop6: unable to read partition table
[   68.268751][ T6663] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[   68.669765][ T6672] netlink: 28 bytes leftover after parsing attributes in process `syz.0.124'.
[   70.102838][ T6719] binder: 6714:6719 ioctl c0109428 80000140 returned -22
[   70.162590][ T6719] lo speed is unknown, defaulting to 1000
[   70.193292][ T6723] : entered promiscuous mode
[   70.201607][ T6723] : left promiscuous mode
[   70.606422][ T6735] netlink: 128 bytes leftover after parsing attributes in process `syz.1.137'.
[   70.615219][ T6735] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[   70.799066][ T6735] wireguard0: entered promiscuous mode
[   70.800825][ T6735] wireguard0: entered allmulticast mode
[   70.943509][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[   70.946129][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[   71.438606][ T6764] netlink: 24 bytes leftover after parsing attributes in process `syz.0.145'.
[   71.469386][ T6761] delete_channel: no stack
[   71.533259][ T6768] block nbd1: shutting down sockets
[   71.544039][ T6779] mkiss: ax0: crc mode is auto.
[   71.704369][ T6792] lo speed is unknown, defaulting to 1000
[   71.911615][ T6800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.154'.
[   72.029422][ T6800] bridge_slave_1: left allmulticast mode
[   72.031748][ T6800] bridge_slave_1: left promiscuous mode
[   72.033669][ T6800] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.044968][ T6800] bridge_slave_0: left allmulticast mode
[   72.046868][ T6800] bridge_slave_0: left promiscuous mode
[   72.049750][ T6800] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.539050][ T6806] evm: overlay not supported
[   72.980685][ T6821] netlink: 'syz.2.161': attribute type 12 has an invalid length.
[   72.984073][ T6821] netlink: 132 bytes leftover after parsing attributes in process `syz.2.161'.
[   73.033029][ T6829] netlink: 'syz.2.163': attribute type 1 has an invalid length.
[   73.050937][ T6829] 8021q: adding VLAN 0 to HW filter on device bond2
[   73.110527][ T6829] bond2: (slave veth3): Enslaving as an active interface with a down link
[   73.152071][ T6829] bond2: (slave dummy0): making interface the new active one
[   73.158990][ T6829] dummy0: entered promiscuous mode
[   73.160961][ T6829] bond2: (slave dummy0): Enslaving as an active interface with an up link
[   73.278059][ T6841] befs: (nbd3): No write support. Marking filesystem read-only
[   73.281921][ T6841] block nbd3: Attempted send on invalid socket
[   73.283902][ T6841] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   73.287534][ T6841] befs: (nbd3): unable to read superblock
[   73.386270][ T6856] fuse: Bad value for 'fd'
[   73.600743][ T6867] CUSE: unknown device info "�
"
[   73.602862][ T6867] CUSE: zero length info key specified
[   73.653445][ T6870] netlink: 'syz.1.174': attribute type 12 has an invalid length.
[   73.661424][ T6871] netlink: 'syz.1.174': attribute type 12 has an invalid length.
[   73.705512][ T6875] veth1_to_bond: entered allmulticast mode
[   73.714518][ T6874] veth1_to_bond: left allmulticast mode
[   73.867490][ T6886] netlink: 'syz.1.179': attribute type 4 has an invalid length.
[   73.870470][ T6885] netlink: 'syz.1.179': attribute type 4 has an invalid length.
[   73.888021][ T6054] lo speed is unknown, defaulting to 1000
[   73.892684][ T6886] netlink: 'syz.1.179': attribute type 4 has an invalid length.
[   73.897029][ T6054] s
z1: Port: 1 Link DOWN
[   73.914017][ T6054] lo speed is unknown, defaulting to 1000
[   73.916444][   T24] lo speed is unknown, defaulting to 1000
[   73.918117][   T24] s
z1: Port: 1 Link ACTIVE
[   73.926026][ T6054] lo speed is unknown, defaulting to 1000
[   73.928935][ T6054] s
z1: Port: 1 Link DOWN
[   73.931018][ T6054] lo speed is unknown, defaulting to 1000
[   74.270048][ T6896] netlink: 'syz.3.181': attribute type 9 has an invalid length.
[   74.478581][ T6901] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[   74.481304][ T6901] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[   74.490416][ T6901] vhci_hcd vhci_hcd.0: Device attached
[   74.553352][   T40] kauditd_printk_skb: 11 callbacks suppressed
[   74.553362][   T40] audit: type=1326 audit(1756804315.964:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6879 comm="syz.2.178" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f28579 code=0x0
[   74.808317][ T6054] usb 42-1: SetAddress Request (2) to port 0
[   74.814110][ T6054] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[   74.863973][ T6902] vhci_hcd: connection reset by peer
[   74.867281][   T95] vhci_hcd: stop threads
[   74.872071][   T95] vhci_hcd: release socket
[   74.884062][   T95] vhci_hcd: disconnect device
[   76.970458][ T6929] netlink: 9 bytes leftover after parsing attributes in process `syz.2.188'.
[   76.980451][ T6929] gretap0: entered promiscuous mode
[   77.010913][ T6931] netlink: 4 bytes leftover after parsing attributes in process `syz.3.189'.
[   77.026668][ T6931] netlink: 12 bytes leftover after parsing attributes in process `syz.3.189'.
[   77.107582][ T6936] netlink: 20 bytes leftover after parsing attributes in process `syz.3.192'.
[   77.211946][ T6943] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13)
[   77.214738][ T6943] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   77.227559][ T6943] vhci_hcd vhci_hcd.0: Device attached
[   77.233830][ T6945] sch_tbf: peakrate 2147483643 is lower than or equals to rate 2831599472947593698 !
[   77.233932][ T6949] netlink: 52 bytes leftover after parsing attributes in process `syz.3.195'.
[   77.236847][ T6943] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(15)
[   77.241586][ T6943] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   77.245178][ T6943] vhci_hcd vhci_hcd.0: Device attached
[   77.256706][ T6943] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   77.268265][ T6943] vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(20)
[   77.271068][ T6943] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   77.274618][ T6943] vhci_hcd vhci_hcd.0: Device attached
[   77.284854][ T6943] vhci_hcd vhci_hcd.0: pdev(0) rhport(4) sockfd(22)
[   77.287678][ T6943] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   77.291771][ T6943] vhci_hcd vhci_hcd.0: Device attached
[   77.296919][ T6943] vhci_hcd vhci_hcd.0: pdev(0) rhport(5) sockfd(24)
[   77.300429][ T6943] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   77.304963][ T6943] vhci_hcd vhci_hcd.0: Device attached
[   77.309319][ T6943] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   77.314043][ T6943] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   77.323643][ T6943] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   77.448318][   T10] vhci_hcd: vhci_device speed not set
[   77.448738][ T6957] vhci_hcd: connection closed
[   77.449221][ T6946] vhci_hcd: connection closed
[   77.449405][ T6951] vhci_hcd: connection closed
[   77.450436][ T6955] vhci_hcd: connection closed
[   77.458259][ T6953] vhci_hcd: connection closed
[   77.463410][ T1145] vhci_hcd: stop threads
[   77.466261][ T1145] vhci_hcd: release socket
[   77.468960][ T1145] vhci_hcd: disconnect device
[   77.471366][ T1145] vhci_hcd: stop threads
[   77.473136][ T1145] vhci_hcd: release socket
[   77.474763][ T1145] vhci_hcd: disconnect device
[   77.476485][ T1145] vhci_hcd: stop threads
[   77.479592][ T1145] vhci_hcd: release socket
[   77.481055][ T1145] vhci_hcd: disconnect device
[   77.482656][ T1145] vhci_hcd: stop threads
[   77.484022][ T1145] vhci_hcd: release socket
[   77.485462][ T1145] vhci_hcd: disconnect device
[   77.487344][ T1145] vhci_hcd: stop threads
[   77.488826][ T1145] vhci_hcd: release socket
[   77.490262][ T1145] vhci_hcd: disconnect device
[   77.519278][   T10] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[   77.528526][   T10] usb 37-1: enqueue for inactive port 0
[   77.598724][   T10] vhci_hcd: vhci_device speed not set
[   77.722500][ T6970] netlink: 'syz.2.197': attribute type 4 has an invalid length.
[   77.803996][ T6971] netlink: 'syz.2.197': attribute type 4 has an invalid length.
[   78.145638][ T6979] netlink: 4 bytes leftover after parsing attributes in process `syz.0.199'.
[   78.264028][ T6982] netlink: 32 bytes leftover after parsing attributes in process `syz.3.198'.
[   78.380421][ T6986] lo speed is unknown, defaulting to 1000
[   78.536564][ T6987] lo speed is unknown, defaulting to 1000
[   78.926032][ T7010] netlink: 80 bytes leftover after parsing attributes in process `syz.0.204'.
[   79.199398][ T7013] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[   79.201441][ T7013] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   79.204603][ T7013] vhci_hcd vhci_hcd.0: Device attached
[   79.209953][ T7014] vhci_hcd: connection closed
[   79.212511][ T1145] vhci_hcd: stop threads
[   79.215926][ T1145] vhci_hcd: release socket
[   79.217460][ T1145] vhci_hcd: disconnect device
[   79.308529][ T7019] netlink: 20 bytes leftover after parsing attributes in process `syz.0.207'.
[   79.760869][ T7031] block nbd2: Attempted send on invalid socket
[   79.763137][ T7031] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   79.766438][ T7031] FAT-fs (nbd2): unable to read boot sector
[   79.802514][ T7036] netlink: 6 bytes leftover after parsing attributes in process `syz.2.211'.
[   79.806687][ T7036] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   79.815684][ T7037] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   79.832549][  T840] IPVS: starting estimator thread 0...
[   79.889451][ T6054] usb 42-1: device descriptor read/8, error -110
[   79.918360][ T7039] IPVS: using max 46 ests per chain, 110400 per kthread
[   80.289515][ T6054] usb usb42-port1: attempt power cycle
[   80.381075][ T7049] netlink: 'syz.2.214': attribute type 10 has an invalid length.
[   80.392715][ T7049] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   80.804132][ T7073] bridge_slave_0: default FDB implementation only supports local addresses
[   80.849245][ T6054] usb usb42-port1: unable to enumerate USB device
[   81.329688][ T1327] cfg80211: failed to load regulatory.db
[   81.513028][ T7093] trusted_key: syz.3.225 sent an empty control message without MSG_MORE.
[   81.772619][ T7098] lo speed is unknown, defaulting to 1000
[   81.988819][ T7112] loop0: Can't mount, would change RO state
[   82.173281][ T7121] __nla_validate_parse: 8 callbacks suppressed
[   82.173296][ T7121] netlink: 2028 bytes leftover after parsing attributes in process `syz.2.231'.
[   82.173597][ T7121] netlink: 24 bytes leftover after parsing attributes in process `syz.2.231'.
[   82.630831][ T7132] syz_tun: entered allmulticast mode
[   82.636612][ T7132] syz_tun: left allmulticast mode
[   82.936886][ T7134] netlink: 96 bytes leftover after parsing attributes in process `syz.0.234'.
[   83.307426][ T7143] lo speed is unknown, defaulting to 1000
[   83.310283][ T7143] lo speed is unknown, defaulting to 1000
[   83.317759][ T7143] lo speed is unknown, defaulting to 1000
[   83.363474][ T7143] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   83.452138][ T7143] lo speed is unknown, defaulting to 1000
[   83.454728][ T7143] lo speed is unknown, defaulting to 1000
[   83.457733][ T7143] lo speed is unknown, defaulting to 1000
[   83.460727][ T7143] lo speed is unknown, defaulting to 1000
[   83.825645][   T40] audit: type=1326 audit(1756804325.234:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.1.238" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   83.834193][   T40] audit: type=1326 audit(1756804325.244:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.1.238" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   83.841088][   T40] audit: type=1326 audit(1756804325.254:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.1.238" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf70be579 code=0x7ffc0000
[   83.847935][   T40] audit: type=1326 audit(1756804325.254:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.1.238" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   83.855254][   T40] audit: type=1326 audit(1756804325.264:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.1.238" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70be579 code=0x7ffc0000
[   83.864856][   T40] audit: type=1326 audit(1756804325.274:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.1.238" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   83.872749][   T40] audit: type=1326 audit(1756804325.284:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.1.238" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70be579 code=0x7ffc0000
[   83.964495][   T40] audit: type=1326 audit(1756804325.374:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.1.238" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   83.974502][   T40] audit: type=1326 audit(1756804325.384:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.1.238" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000
[   83.985760][   T40] audit: type=1326 audit(1756804325.394:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.1.238" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf70be579 code=0x7ffc0000
[   84.031780][ T7154] pim6reg: entered allmulticast mode
[   84.041196][ T7154] pim6reg: left allmulticast mode
[   84.250284][ T7185] netlink: 'syz.0.249': attribute type 10 has an invalid length.
[   84.255314][ T7185] team0: Device hsr_slave_0 failed to register rx_handler
[   84.416561][ T7187] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   84.475322][ T7187] lo speed is unknown, defaulting to 1000
[   84.594635][ T7187] lo speed is unknown, defaulting to 1000
[   84.733779][ T7195] netlink: 8 bytes leftover after parsing attributes in process `syz.1.251'.
[   84.826306][ T7195] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   84.840917][ T7195] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   84.918535][ T1140] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   84.921367][ T1140] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   84.924492][ T1140] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   84.927338][ T1140] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   85.049180][   T12] dummy0: left promiscuous mode
[   85.145783][ T7210] sp0: Synchronizing with TNC
[   85.174318][ T7212] [U] �
[   85.442959][ T7223] Invalid logical block size (64)
[   85.460027][ T7218] netlink: 12 bytes leftover after parsing attributes in process `syz.2.253'.
[   85.718373][ T1327] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   85.881540][ T1327] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   85.885778][ T1327] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   85.889476][ T1327] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   85.892888][ T1327] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.897912][ T7226] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   85.906844][ T1327] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[   86.424627][ T7250] netlink: 24 bytes leftover after parsing attributes in process `syz.0.265'.
[   86.492475][ T7256] netlink: 12 bytes leftover after parsing attributes in process `syz.0.267'.
[   86.610004][ T5976] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[   86.612814][ T5976] Bluetooth: hci2: Injecting HCI hardware error event
[   86.615281][ T5976] Bluetooth: hci2: hardware error 0x00
[   86.628341][   T59] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   86.788863][   T59] usb 6-1: too many configurations: 9, using maximum allowed: 8
[   86.801487][   T59] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9
[   86.804248][   T59] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   86.807839][   T59] usb 6-1: config 64 interface 0 has no altsetting 0
[   86.811026][   T59] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9
[   86.818314][   T59] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   86.828401][   T59] usb 6-1: config 64 interface 0 has no altsetting 0
[   86.839604][   T59] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9
[   86.842405][   T59] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   86.845791][   T59] usb 6-1: config 64 interface 0 has no altsetting 0
[   86.852000][   T59] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9
[   86.854824][   T59] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   86.858557][   T59] usb 6-1: config 64 interface 0 has no altsetting 0
[   86.861851][   T59] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9
[   86.864682][   T59] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   86.878242][   T59] usb 6-1: config 64 interface 0 has no altsetting 0
[   86.880824][   T59] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9
[   86.884903][   T59] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   86.908455][   T59] usb 6-1: config 64 interface 0 has no altsetting 0
[   86.919074][   T59] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9
[   86.922035][   T59] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   86.925653][   T59] usb 6-1: config 64 interface 0 has no altsetting 0
[   86.942242][   T59] usb 6-1: config 64 has 1 interface, different from the descriptor's value: 9
[   86.945215][   T59] usb 6-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   86.948910][   T59] usb 6-1: config 64 interface 0 has no altsetting 0
[   86.953501][   T59] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   86.956750][   T59] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   86.968272][   T59] usb 6-1: Product: syz
[   86.969914][   T59] usb 6-1: Manufacturer: syz
[   86.971950][   T59] usb 6-1: SerialNumber: syz
[   87.002913][   T59] yurex 6-1:64.0: USB YUREX device now attached to Yurex #0
[   87.194907][ T7274] netlink: 'syz.3.270': attribute type 12 has an invalid length.
[   87.441394][ T7281] netlink: 8 bytes leftover after parsing attributes in process `syz.0.273'.
[   87.503589][ T7282] netlink: 'syz.0.273': attribute type 10 has an invalid length.
[   87.513747][ T7282] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.516765][ T7282] team0: Port device bond0 added
[   87.525371][ T7282] netlink: 4 bytes leftover after parsing attributes in process `syz.0.273'.
[   87.912098][ T1327] usb 7-1: USB disconnect, device number 2
[   88.221084][ T7298] netlink: 'syz.2.277': attribute type 1 has an invalid length.
[   88.226698][ T7298] netlink: 8 bytes leftover after parsing attributes in process `syz.2.277'.
[   88.688244][ T5976] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[   89.248742][    C3] usb 6-1: yurex_control_callback - control failed: -2
[   89.255160][ T6054] usb 6-1: USB disconnect, device number 4
[   89.260443][ T6054] yurex 6-1:64.0: USB YUREX #0 now disconnected
[   90.741183][ T7339] netlink: 60 bytes leftover after parsing attributes in process `syz.1.288'.
[   90.745455][ T7339] netlink: 20 bytes leftover after parsing attributes in process `syz.1.288'.
[   90.850577][ T7345] capability: warning: `syz.1.290' uses deprecated v2 capabilities in a way that may be insecure
[   91.024759][ T7349] lo speed is unknown, defaulting to 1000
[   91.079734][ T7351] binder: 7350:7351 ioctl c0306201 80000080 returned -14
[   91.084646][ T7351] netlink: 48 bytes leftover after parsing attributes in process `syz.2.292'.
[   91.229239][ T7349] lo speed is unknown, defaulting to 1000
[   91.995712][ T7361] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   92.243337][ T7383] netlink: 'syz.2.299': attribute type 9 has an invalid length.
[   92.510026][   T59] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   92.530437][ T7402] nr0: entered promiscuous mode
[   92.660678][   T59] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   92.665596][   T59] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   92.673563][   T59] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   92.677613][   T59] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   92.683058][   T59] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   92.686382][   T59] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.691580][   T59] usb 7-1: config 0 descriptor??
[   93.019384][ T7410] netlink: 20 bytes leftover after parsing attributes in process `syz.3.306'.
[   93.109922][   T59] plantronics 0003:047F:FFFF.0004: ignoring exceeding usage max
[   93.142307][   T59] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   93.267060][ T7426] netlink: 8 bytes leftover after parsing attributes in process `syz.3.310'.
[   93.297150][ T7426] netlink: 8 bytes leftover after parsing attributes in process `syz.3.310'.
[   93.321727][ T7429] team0: No ports can be present during mode change
[   93.324617][ T7429] vlan0: entered promiscuous mode
[   93.327699][ T7429] tipc: Started in network mode
[   93.332901][ T7429] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[   93.335192][ T7429] tipc: Enabled bearer <eth:team0>, priority 0
[   93.432065][ T7438] netlink: 8 bytes leftover after parsing attributes in process `syz.2.300'.
[   93.585800][ T7441] netlink: 'syz.0.313': attribute type 1 has an invalid length.
[   93.588629][ T7441] netlink: 224 bytes leftover after parsing attributes in process `syz.0.313'.
[   93.738297][   T59] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   93.908232][   T59] usb 6-1: Using ep0 maxpacket: 32
[   93.911391][   T59] usb 6-1: config 239 has an invalid interface number: 45 but max is 0
[   93.913940][   T59] usb 6-1: config 239 has no interface number 0
[   93.921277][   T59] usb 6-1: config 239 interface 45 has no altsetting 0
[   93.928899][   T59] usb 6-1: New USB device found, idVendor=048d, idProduct=9135, bcdDevice=ff.f3
[   93.933300][   T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.940294][   T59] usb 6-1: Product: syz
[   93.942011][   T59] usb 6-1: Manufacturer: syz
[   93.943936][   T59] usb 6-1: SerialNumber: syz
[   94.009046][ T7454] netlink: 'syz.3.316': attribute type 10 has an invalid length.
[   94.186850][   T59] usb 6-1: USB disconnect, device number 5
[   94.328840][   T34] tipc: Node number set to 11578026
[   94.996632][   T40] kauditd_printk_skb: 4378 callbacks suppressed
[   94.996649][   T40] audit: type=1326 audit(2000000009.599:4503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.0.321" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[   95.005724][   T40] audit: type=1326 audit(2000000009.609:4504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.0.321" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf7f01579 code=0x7ffc0000
[   95.023504][   T40] audit: type=1326 audit(2000000009.609:4505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.0.321" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[   95.038266][   T40] audit: type=1326 audit(2000000009.609:4506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.0.321" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[   95.047365][   T40] audit: type=1326 audit(2000000009.609:4507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.0.321" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f01579 code=0x7ffc0000
[   95.056748][   T40] audit: type=1326 audit(2000000009.609:4508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.0.321" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[   95.064796][   T40] audit: type=1326 audit(2000000009.609:4509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.0.321" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f01579 code=0x7ffc0000
[   95.072786][   T40] audit: type=1326 audit(2000000009.609:4510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.0.321" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[   95.079763][   T40] audit: type=1326 audit(2000000009.609:4511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.0.321" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7f01579 code=0x7ffc0000
[   95.086469][   T40] audit: type=1326 audit(2000000009.609:4512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7475 comm="syz.0.321" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[   95.091666][ T7495] pim6reg: entered allmulticast mode
[   95.110650][ T7495] pim6reg: left allmulticast mode
[   95.132242][ T6057] usb 7-1: USB disconnect, device number 3
[   95.190529][ T7504] tipc: Started in network mode
[   95.192142][ T7504] tipc: Node identity 22ede426ba0e, cluster identity 4711
[   95.194691][ T7504] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   95.197649][ T7502] syzkaller0: entered promiscuous mode
[   95.199695][ T7502] syzkaller0: entered allmulticast mode
[   95.217341][ T7504] tipc: Resetting bearer <eth:syzkaller0>
[   95.234335][ T7504] tipc: Disabling bearer <eth:syzkaller0>
[   95.923489][ T7522] netlink: 88 bytes leftover after parsing attributes in process `syz.2.332'.
[   95.967576][ T7531] No control pipe specified
[   96.218239][ T6057] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   96.287958][ T5976] Bluetooth: hci3: link tx timeout
[   96.290097][ T5976] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[   96.388974][ T6057] usb 6-1: too many configurations: 9, using maximum allowed: 8
[   96.392886][ T6057] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.395763][ T6057] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.399504][ T6057] usb 6-1: config 0 interface 0 has no altsetting 0
[   96.402349][ T6057] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.405115][ T6057] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.408778][ T6057] usb 6-1: config 0 interface 0 has no altsetting 0
[   96.411673][ T6057] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.414452][ T6057] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.417817][ T6057] usb 6-1: config 0 interface 0 has no altsetting 0
[   96.428824][ T6057] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.432008][ T6057] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.440691][ T6057] usb 6-1: config 0 interface 0 has no altsetting 0
[   96.444347][ T6057] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.447173][ T6057] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.450793][ T6057] usb 6-1: config 0 interface 0 has no altsetting 0
[   96.453720][ T6057] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.456529][ T6057] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.460299][ T6057] usb 6-1: config 0 interface 0 has no altsetting 0
[   96.463164][ T6057] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.465950][ T6057] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.469985][ T6057] usb 6-1: config 0 interface 0 has no altsetting 0
[   96.473154][ T6057] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   96.476108][ T6057] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   96.479868][ T6057] usb 6-1: config 0 interface 0 has no altsetting 0
[   96.484313][ T6057] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   96.487130][ T6057] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   96.489908][ T6057] usb 6-1: Product: syz
[   96.491277][ T6057] usb 6-1: Manufacturer: syz
[   96.492750][ T6057] usb 6-1: SerialNumber: syz
[   96.498111][ T6057] usb 6-1: config 0 descriptor??
[   96.504710][ T6057] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[   96.861543][    C3] usb 6-1: yurex_control_callback - control failed: -71
[   96.865073][ T6057] usb 6-1: USB disconnect, device number 6
[   96.867900][ T6057] yurex 6-1:0.0: USB YUREX #0 now disconnected
[   97.090919][ T7575] 9pnet_fd: p9_fd_create_tcp (7575): problem connecting socket to 127.0.0.1
[   98.344442][ T7615] fuse: Bad value for 'group_id'
[   98.346296][ T7615] fuse: Bad value for 'group_id'
[   98.368399][ T5978] Bluetooth: hci3: command 0x0406 tx timeout
[   98.648253][ T6057] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   98.798270][ T6057] usb 6-1: Using ep0 maxpacket: 32
[   98.802071][ T6057] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   98.805296][ T6057] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   98.808036][ T6057] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[   98.812420][ T6057] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.815980][ T6057] usb 6-1: config 0 descriptor??
[   98.955222][ T7630] netlink: 'syz.2.357': attribute type 4 has an invalid length.
[   99.410796][ T7644] netlink: 32 bytes leftover after parsing attributes in process `syz.3.361'.
[   99.842183][ T7657] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[   99.887949][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.891038][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.071959][   T40] kauditd_printk_skb: 66 callbacks suppressed
[  100.071969][   T40] audit: type=1326 audit(2000000014.679:4579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7659 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7ffc0000
[  100.081103][   T40] audit: type=1326 audit(2000000014.679:4580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7659 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7ffc0000
[  100.087699][   T40] audit: type=1326 audit(2000000014.679:4581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7659 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f28598 code=0x7ffc0000
[  100.095067][   T40] audit: type=1326 audit(2000000014.679:4582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7659 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f28598 code=0x7ffc0000
[  100.102962][   T40] audit: type=1326 audit(2000000014.679:4583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7659 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f28598 code=0x7ffc0000
[  100.110101][   T40] audit: type=1326 audit(2000000014.679:4584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7659 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f28598 code=0x7ffc0000
[  100.116549][   T40] audit: type=1326 audit(2000000014.679:4585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7659 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7ffc0000
[  100.123958][   T40] audit: type=1326 audit(2000000014.679:4586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7659 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f28598 code=0x7ffc0000
[  100.133381][   T40] audit: type=1326 audit(2000000014.679:4587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7659 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f28598 code=0x7ffc0000
[  100.143706][   T40] audit: type=1326 audit(2000000014.679:4588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7659 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f28598 code=0x7ffc0000
[  100.715541][ T7669] netlink: 12 bytes leftover after parsing attributes in process `syz.3.367'.
[  101.302512][   T53] usb 6-1: USB disconnect, device number 7
[  101.433273][ T7681] lo speed is unknown, defaulting to 1000
[  101.574117][ T7681] lo speed is unknown, defaulting to 1000
[  101.729615][ T7690] Driver unsupported XDP return value 0 on prog  (id 114) dev N/A, expect packet loss!
[  101.932108][ T7705] veth1_to_bond: entered allmulticast mode
[  101.935260][ T7705] dvmrp1: tun_chr_ioctl cmd 1074025676
[  101.937210][ T7705] dvmrp1: owner set to 0
[  101.939143][ T7704] veth1_to_bond: left allmulticast mode
[  102.064198][ T7707] netlink: 72 bytes leftover after parsing attributes in process `syz.0.376'.
[  102.153382][ T7721] netlink: 36 bytes leftover after parsing attributes in process `syz.1.380'.
[  102.516657][ T7738] Bluetooth: MGMT ver 1.23
[  102.635793][ T7756] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  103.515173][ T7809] netlink: 28 bytes leftover after parsing attributes in process `syz.3.394'.
[  104.430227][ T7835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  104.436146][ T7835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  104.649350][ T7839] lo speed is unknown, defaulting to 1000
[  104.792423][ T7839] lo speed is unknown, defaulting to 1000
[  105.270758][ T7850] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  105.449823][ T7854] syz_tun: entered allmulticast mode
[  105.473501][ T7854] pimreg: entered allmulticast mode
[  105.505363][ T7853] syz_tun: left allmulticast mode
[  105.639340][ T7873] lo speed is unknown, defaulting to 1000
[  105.640087][ T7875] devpts: Bad value for 'max'
[  105.641226][ T7873] lo speed is unknown, defaulting to 1000
[  105.643813][ T7875] devpts: Bad value for 'max'
[  105.645301][ T7873] lo speed is unknown, defaulting to 1000
[  105.653590][ T7873] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  105.673285][ T7873] lo speed is unknown, defaulting to 1000
[  105.676269][ T7873] lo speed is unknown, defaulting to 1000
[  105.685229][ T7878] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  105.689304][ T7873] lo speed is unknown, defaulting to 1000
[  105.692695][ T7873] lo speed is unknown, defaulting to 1000
[  105.841346][   T10] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  105.988405][   T10] usb 7-1: Using ep0 maxpacket: 16
[  106.008478][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  106.014719][   T10] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  106.017611][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.028407][   T10] usb 7-1: Product: syz
[  106.029871][   T10] usb 7-1: Manufacturer: syz
[  106.038216][   T10] usb 7-1: SerialNumber: syz
[  106.059688][   T10] usb 7-1: config 0 descriptor??
[  106.078761][   T10] hub 7-1:0.0: bad descriptor, ignoring hub
[  106.080678][   T10] hub 7-1:0.0: probe with driver hub failed with error -5
[  106.084725][   T10] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input6
[  106.391535][   T40] kauditd_printk_skb: 115 callbacks suppressed
[  106.391564][   T40] audit: type=1326 audit(2000000021.001:4704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.418" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  106.403465][   T40] audit: type=1326 audit(2000000021.011:4705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.418" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  106.410762][   T40] audit: type=1326 audit(2000000021.011:4706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.418" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  106.417710][   T40] audit: type=1326 audit(2000000021.011:4707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.418" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  106.425408][   T40] audit: type=1326 audit(2000000021.011:4708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.418" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  106.433574][   T40] audit: type=1326 audit(2000000021.011:4709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.418" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  106.447201][ T7900] pim6reg: entered allmulticast mode
[  106.449090][   T40] audit: type=1326 audit(2000000021.011:4710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.418" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  106.456307][ T7900] pim6reg: left allmulticast mode
[  106.461401][   T40] audit: type=1326 audit(2000000021.021:4711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.418" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  106.469192][   T40] audit: type=1326 audit(2000000021.021:4712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.418" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  106.476224][   T40] audit: type=1326 audit(2000000021.021:4713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.0.418" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  106.579456][   T10] usb 7-1: USB disconnect, device number 4
[  107.221495][ T7923] netlink: 12 bytes leftover after parsing attributes in process `syz.2.424'.
[  107.222406][ T7924] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  107.227813][ T7923] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  107.417731][ T7939] netlink: 4 bytes leftover after parsing attributes in process `syz.0.425'.
[  107.568453][ T5978] Bluetooth: hci3: command 0x0406 tx timeout
[  107.737918][ T7966] netlink: 24 bytes leftover after parsing attributes in process `syz.1.432'.
[  107.766456][ T7966] netlink: 4 bytes leftover after parsing attributes in process `syz.1.432'.
[  107.837729][ T7974] netlink: 32 bytes leftover after parsing attributes in process `syz.3.429'.
[  107.884610][ T7968] lo speed is unknown, defaulting to 1000
[  107.959556][ T7968] lo speed is unknown, defaulting to 1000
[  107.961985][ T7968] lo speed is unknown, defaulting to 1000
[  108.703408][ T7990] fuse: Bad value for 'fd'
[  109.270640][ T7983] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  109.273903][ T7983] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  109.281320][ T7983] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  109.287689][ T7983] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  109.289960][ T7983] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  109.456591][ T5978] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  109.476131][ T8000] binder_alloc: binder_alloc_mmap_handler: 7999 80ffd000-80ffe000 already mapped failed -16
[  109.540121][ T8012] veth1_macvtap: left promiscuous mode
[  109.541745][ T8012] macsec0: entered promiscuous mode
[  109.543459][ T8012] macsec0: entered allmulticast mode
[  109.551729][ T8012] veth1_macvtap: entered promiscuous mode
[  109.553622][ T8012] veth1_macvtap: entered allmulticast mode
[  109.555717][ T8012] macsec0: left promiscuous mode
[  109.557486][ T8012] macsec0: left allmulticast mode
[  109.559519][ T8012] veth1_macvtap: left allmulticast mode
[  109.784918][ T8035] netlink: 4 bytes leftover after parsing attributes in process `syz.3.445'.
[  110.528306][ T5978] Bluetooth: hci1: command 0x0c1a tx timeout
[  110.942595][ T8071] libceph: resolve '
[  110.942595][ T8071] -&���f�Y�ǝ�a���2i�
[  110.942595][ T8071] .���?��&�*��&' (ret=-3): failed
[  111.010987][ T8074] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  111.338390][ T5978] Bluetooth: hci3: command 0x0406 tx timeout
[  111.433216][ T8089] syz.3.456: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  111.440747][ T8089] CPU: 1 UID: 0 PID: 8089 Comm: syz.3.456 Not tainted syzkaller #0 PREEMPT(full) 
[  111.440769][ T8089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.440779][ T8089] Call Trace:
[  111.440784][ T8089]  <TASK>
[  111.440792][ T8089]  dump_stack_lvl+0x16c/0x1f0
[  111.440820][ T8089]  warn_alloc+0x248/0x3a0
[  111.440844][ T8089]  ? __pfx_warn_alloc+0x10/0x10
[  111.440875][ T8089]  ? bpf_uprobe_multi_link_attach+0x4fd/0x12d0
[  111.440905][ T8089]  ? __vmalloc_node_noprof+0xad/0xf0
[  111.440926][ T8089]  __vmalloc_node_range_noprof+0x101b/0x14b0
[  111.440943][ T8089]  ? __ia32_sys_bpf+0x76/0xe0
[  111.440968][ T8089]  ? __do_fast_syscall_32+0x7c/0x3a0
[  111.441005][ T8089]  ? bpf_uprobe_multi_link_attach+0x4fd/0x12d0
[  111.441041][ T8089]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  111.441062][ T8089]  ? ___kmalloc_large_node+0xed/0x160
[  111.441093][ T8089]  __kvmalloc_node_noprof+0x30a/0x620
[  111.441113][ T8089]  ? bpf_uprobe_multi_link_attach+0x4fd/0x12d0
[  111.441142][ T8089]  ? bpf_uprobe_multi_link_attach+0x4fd/0x12d0
[  111.441175][ T8089]  ? bpf_uprobe_multi_link_attach+0x4fd/0x12d0
[  111.441202][ T8089]  bpf_uprobe_multi_link_attach+0x4fd/0x12d0
[  111.441239][ T8089]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[  111.441265][ T8089]  ? __fget_files+0x20e/0x3c0
[  111.441289][ T8089]  ? fput+0x9b/0xd0
[  111.441311][ T8089]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  111.441341][ T8089]  __sys_bpf+0x3f3c/0x4de0
[  111.441369][ T8089]  ? __pfx___sys_bpf+0x10/0x10
[  111.441395][ T8089]  ? do_raw_spin_lock+0x12c/0x2b0
[  111.441420][ T8089]  ? find_held_lock+0x2b/0x80
[  111.441441][ T8089]  ? rcu_is_watching+0x12/0xc0
[  111.441459][ T8089]  ? _raw_spin_unlock_irq+0x23/0x50
[  111.441482][ T8089]  ? _raw_spin_unlock_irq+0x2e/0x50
[  111.441513][ T8089]  ? __ia32_compat_sys_rt_sigprocmask+0x19e/0x2e0
[  111.441534][ T8089]  ? __pfx___ia32_compat_sys_rt_sigprocmask+0x10/0x10
[  111.441562][ T8089]  __ia32_sys_bpf+0x76/0xe0
[  111.441589][ T8089]  __do_fast_syscall_32+0x7c/0x3a0
[  111.441616][ T8089]  do_fast_syscall_32+0x32/0x80
[  111.441640][ T8089]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  111.441663][ T8089] RIP: 0023:0xf707e579
[  111.441677][ T8089] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  111.441692][ T8089] RSP: 002b:00000000f542c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  111.441710][ T8089] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 00000000800005c0
[  111.441720][ T8089] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  111.441730][ T8089] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  111.441739][ T8089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  111.441749][ T8089] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  111.441771][ T8089]  </TASK>
[  111.441778][ T8089] Mem-Info:
[  111.535011][ T8089] active_anon:8099 inactive_anon:0 isolated_anon:0
[  111.535011][ T8089]  active_file:16661 inactive_file:3354 isolated_file:0
[  111.535011][ T8089]  unevictable:1768 dirty:589 writeback:0
[  111.535011][ T8089]  slab_reclaimable:11069 slab_unreclaimable:56211
[  111.535011][ T8089]  mapped:25081 shmem:2394 pagetables:1141
[  111.535011][ T8089]  sec_pagetables:305 bounce:0
[  111.535011][ T8089]  kernel_misc_reclaimable:0
[  111.535011][ T8089]  free:61929 free_pcp:17738 free_cma:0
[  111.549049][ T8089] Node 0 active_anon:3724kB inactive_anon:0kB active_file:1852kB inactive_file:7872kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7844kB dirty:4kB writeback:0kB shmem:4064kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7996kB pagetables:1132kB sec_pagetables:1128kB all_unreclaimable? yes Balloon:0kB
[  111.558896][ T8089] Node 1 active_anon:28672kB inactive_anon:0kB active_file:64792kB inactive_file:5544kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:92480kB dirty:2352kB writeback:0kB shmem:5512kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4912kB pagetables:3432kB sec_pagetables:92kB all_unreclaimable? no Balloon:0kB
[  111.569116][ T8089] Node 0 DMA free:2528kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:188kB local_pcp:0kB free_cma:0kB
[  111.578390][ T8089] lowmem_reserve[]: 0 288 288 288 288
[  111.580267][ T8089] Node 0 DMA32 free:20332kB boost:2048kB min:15268kB low:18572kB high:21876kB reserved_highatomic:4096KB free_highatomic:1976KB active_anon:3724kB inactive_anon:0kB active_file:1852kB inactive_file:7872kB unevictable:3536kB writepending:4kB present:1032196kB managed:295132kB mlocked:0kB bounce:0kB free_pcp:12692kB local_pcp:2948kB free_cma:0kB
[  111.590538][ T8089] lowmem_reserve[]: 0 0 0 0 0
[  111.592089][ T8089] Node 1 DMA32 free:224856kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28672kB inactive_anon:0kB active_file:64792kB inactive_file:5544kB unevictable:3536kB writepending:2352kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:58404kB local_pcp:21940kB free_cma:0kB
[  111.602471][ T8089] lowmem_reserve[]: 0 0 0 0 0
[  111.604197][ T8089] Node 0 DMA: 12*4kB (U) 18*8kB (UM) 4*16kB (UM) 11*32kB (U) 0*64kB 1*128kB (M) 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2528kB
[  111.610430][ T8089] Node 0 DMA32: 599*4kB (UMH) 146*8kB (UMEH) 50*16kB (MEH) 139*32kB (UEH) 92*64kB (UMH) 12*128kB (UMH) 8*256kB (UME) 4*512kB (UME) 0*1024kB 0*2048kB 0*4096kB = 20332kB
[  111.617014][ T8089] Node 1 DMA32: 1593*4kB (UME) 551*8kB (UME) 92*16kB (UME) 461*32kB (UME) 227*64kB (UME) 137*128kB (UME) 38*256kB (UME) 37*512kB (UME) 30*1024kB (UM) 6*2048kB (UM) 23*4096kB (UM) = 224956kB
[  111.624908][ T8089] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  111.628940][ T8089] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  111.632785][ T8089] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  111.636737][ T8089] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  111.640791][ T8089] 22405 total pagecache pages
[  111.642779][ T8089] 0 pages in swap cache
[  111.644556][ T8089] Free swap  = 124996kB
[  111.646324][ T8089] Total swap = 124996kB
[  111.648045][ T8089] 524155 pages RAM
[  111.649853][ T8089] 0 pages HighMem/MovableOnly
[  111.651868][ T8089] 209477 pages reserved
[  111.653564][ T8089] 0 pages cma reserved
[  111.699545][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.783480][ T8093] netlink: 8 bytes leftover after parsing attributes in process `syz.3.458'.
[  111.790990][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.870683][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.916813][ T5976] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  111.923261][ T5976] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  111.928512][ T5976] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  111.936478][ T5976] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  111.939699][   T13] bond0: (slave netdevsim0): Releasing backup interface
[  111.940054][ T5976] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  111.950313][   T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.970956][ T8095] lo speed is unknown, defaulting to 1000
[  112.036696][   T13] bridge_slave_1: left allmulticast mode
[  112.038781][   T13] bridge_slave_1: left promiscuous mode
[  112.041837][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.046673][   T13] bridge_slave_0: left allmulticast mode
[  112.051415][   T13] bridge_slave_0: left promiscuous mode
[  112.053284][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.300963][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  112.305435][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  112.309456][   T13] bond0 (unregistering): Released all slaves
[  112.315618][   T13] bond1 (unregistering): Released all slaves
[  112.373647][   T13] bond2 (unregistering): (slave veth3): Releasing active interface
[  112.376380][   T13] dummy0: entered promiscuous mode
[  112.380812][   T13] bond2 (unregistering): (slave dummy0): Releasing active interface
[  112.387542][   T13] bond2 (unregistering): Released all slaves
[  112.394347][ T8095] lo speed is unknown, defaulting to 1000
[  112.397841][ T8095] lo speed is unknown, defaulting to 1000
[  112.495522][ T8095] chnl_net:caif_netlink_parms(): no params data found
[  112.591515][ T8095] bridge0: port 1(bridge_slave_0) entered blocking state
[  112.594449][ T8095] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.596736][ T8095] bridge_slave_0: entered allmulticast mode
[  112.600057][ T8095] bridge_slave_0: entered promiscuous mode
[  112.615101][ T8095] bridge0: port 2(bridge_slave_1) entered blocking state
[  112.617451][ T8095] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.619964][ T8095] bridge_slave_1: entered allmulticast mode
[  112.623194][ T8095] bridge_slave_1: entered promiscuous mode
[  112.685389][ T8095] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  112.693840][ T8095] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  112.746601][ T8095] team0: Port device team_slave_0 added
[  112.752579][ T8095] team0: Port device team_slave_1 added
[  112.826622][ T8095] batman_adv: batadv0: Adding interface: batadv_slave_0
[  112.829921][ T8095] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.839957][ T8095] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  112.845157][ T8095] batman_adv: batadv0: Adding interface: batadv_slave_1
[  112.848017][ T8095] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.857235][ T8095] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  112.910296][ T8095] hsr_slave_0: entered promiscuous mode
[  112.912914][ T8095] hsr_slave_1: entered promiscuous mode
[  112.915122][ T8095] debugfs: 'hsr0' already exists in 'hsr'
[  112.916746][ T8095] Cannot create hsr debugfs directory
[  113.021542][   T13] hsr_slave_0: left promiscuous mode
[  113.023599][   T13] hsr_slave_1: left promiscuous mode
[  113.025558][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  113.028036][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  113.031234][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  113.033524][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  113.052388][   T13] veth1_macvtap: left promiscuous mode
[  113.054286][   T13] veth0_macvtap: left promiscuous mode
[  113.056187][   T13] veth1_vlan: left promiscuous mode
[  113.058571][   T13] veth0_vlan: left promiscuous mode
[  113.111070][   T13] pimreg (unregistering): left allmulticast mode
[  113.418548][ T5978] Bluetooth: hci3: command 0x0406 tx timeout
[  113.445470][ T8120] block nbd3: Attempted send on invalid socket
[  113.450325][ T8120] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  113.456218][ T8120] hpfs: hpfs_map_sector(): read error
[  113.657959][ T8132] netlink: 48 bytes leftover after parsing attributes in process `syz.0.462'.
[  113.670928][   T13] team0 (unregistering): Port device team_slave_1 removed
[  113.729461][   T13] team0 (unregistering): Port device team_slave_0 removed
[  113.981388][ T5978] Bluetooth: hci1: command tx timeout
[  114.322933][ T8095] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  114.331730][ T8095] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  114.339870][ T8095] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  114.351477][ T8095] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  114.436399][ T8095] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.447892][ T8095] 8021q: adding VLAN 0 to HW filter on device team0
[  114.457292][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.459634][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  114.467712][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.470035][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  114.487172][ T8095] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  114.492043][ T8095] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  114.534868][   T13] IPVS: stop unused estimator thread 0...
[  114.826804][ T8095] 8021q: adding VLAN 0 to HW filter on device batadv0
[  115.054558][ T8095] veth0_vlan: entered promiscuous mode
[  115.060549][ T8095] veth1_vlan: entered promiscuous mode
[  115.083666][ T8095] veth0_macvtap: entered promiscuous mode
[  115.089778][ T8095] veth1_macvtap: entered promiscuous mode
[  115.100323][ T8095] batman_adv: batadv0: Interface activated: batadv_slave_0
[  115.107355][ T8095] batman_adv: batadv0: Interface activated: batadv_slave_1
[  115.115435][   T46] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  115.124297][   T46] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  115.128009][   T46] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  115.135966][   T46] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.187306][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  115.193238][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  115.214317][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  115.217200][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  115.344791][ T8176] netlink: 12 bytes leftover after parsing attributes in process `syz.4.459'.
[  115.404599][ T8179] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  115.552238][ T8192] netlink: 12 bytes leftover after parsing attributes in process `syz.0.472'.
[  115.556159][   T40] kauditd_printk_skb: 20 callbacks suppressed
[  115.556173][   T40] audit: type=1326 audit(2000000030.161:4734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.4.473" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  115.569650][   T40] audit: type=1326 audit(2000000030.161:4735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.4.473" exe="/syz-executor" sig=0 arch=40000003 syscall=45 compat=1 ip=0xf702e579 code=0x7ffc0000
[  115.577345][   T40] audit: type=1326 audit(2000000030.161:4736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.4.473" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  115.587651][   T40] audit: type=1326 audit(2000000030.161:4737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.4.473" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf702e579 code=0x7ffc0000
[  115.595800][   T40] audit: type=1326 audit(2000000030.161:4738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.4.473" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  115.603650][   T40] audit: type=1326 audit(2000000030.161:4739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.4.473" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  115.614743][   T40] audit: type=1326 audit(2000000030.161:4740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.4.473" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000
[  115.623521][   T40] audit: type=1326 audit(2000000030.221:4741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8190 comm="syz.0.472" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f01579 code=0x0
[  115.799868][ T8200] bond0: (slave macvlan2): Error -22 calling dev_set_mtu
[  115.814445][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  115.822722][ T8215] input input7: cannot allocate more than FF_MAX_EFFECTS effects
[  116.048322][ T5978] Bluetooth: hci1: command tx timeout
[  116.818052][ T8242] syz.0.482 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  116.979361][ T8257] netlink: 4 bytes leftover after parsing attributes in process `syz.1.485'.
[  117.317007][ T8260] netlink: 'syz.3.486': attribute type 10 has an invalid length.
[  117.328650][ T8260] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  117.332117][ T8260] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  117.335819][ T8260] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  117.368564][ T8256] netlink: 160 bytes leftover after parsing attributes in process `syz.3.486'.
[  118.045078][ T8289] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  118.062248][ T8292] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  118.065104][ T8292] IPv6: NLM_F_CREATE should be set when creating new route
[  118.138606][ T5978] Bluetooth: hci1: command tx timeout
[  118.207380][ T8304] affs: No valid root block on device sr0
[  118.457008][ T8323] netlink: 'syz.3.503': attribute type 2 has an invalid length.
[  118.459685][ T8323] netlink: 'syz.3.503': attribute type 8 has an invalid length.
[  118.462065][ T8323] netlink: 1148 bytes leftover after parsing attributes in process `syz.3.503'.
[  118.867629][   T40] audit: type=1326 audit(2000000033.471:4742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8329 comm="syz.0.505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  118.888353][   T40] audit: type=1326 audit(2000000033.471:4743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8329 comm="syz.0.505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  118.903545][ T8330] loop6: detected capacity change from 0 to 63
[  118.907254][ T8330] buffer_io_error: 27 callbacks suppressed
[  118.907267][ T8330] Buffer I/O error on dev loop6, logical block 0, async page read
[  118.913740][ T8330] Buffer I/O error on dev loop6, logical block 0, async page read
[  118.917122][ T8330] Buffer I/O error on dev loop6, logical block 0, async page read
[  118.922861][ T8330] Buffer I/O error on dev loop6, logical block 0, async page read
[  118.925499][ T8330] Buffer I/O error on dev loop6, logical block 0, async page read
[  118.928028][ T8330] Buffer I/O error on dev loop6, logical block 0, async page read
[  118.931480][ T8330] Buffer I/O error on dev loop6, logical block 0, async page read
[  118.934623][ T8330] Buffer I/O error on dev loop6, logical block 0, async page read
[  118.937103][ T8330] ldm_validate_partition_table(): Disk read failed.
[  118.939422][ T8330] Buffer I/O error on dev loop6, logical block 0, async page read
[  118.941965][ T8330] Buffer I/O error on dev loop6, logical block 0, async page read
[  118.944774][ T8330] Dev loop6: unable to read RDB block 0
[  118.946749][ T8330]  loop6: unable to read partition table
[  118.949534][ T8330] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[  118.964562][ T8330] netlink: 12 bytes leftover after parsing attributes in process `syz.0.505'.
[  118.979686][ T8330] 8021q: adding VLAN 0 to HW filter on device bond3
[  118.989108][ T8330] macvlan2: entered promiscuous mode
[  118.991086][ T8330] macvlan2: entered allmulticast mode
[  118.993338][ T8330] bond3: entered promiscuous mode
[  118.995458][ T8330] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  119.001329][ T8330] bond3: left promiscuous mode
[  119.282189][ T8350] netlink: 12 bytes leftover after parsing attributes in process `syz.0.510'.
[  119.288379][ T8351] netlink: 12 bytes leftover after parsing attributes in process `syz.0.510'.
[  119.733792][ T8369] netlink: 'syz.3.515': attribute type 6 has an invalid length.
[  119.741653][ T8369] IPv6: syztnl2: Disabled Multicast RS
[  119.812658][ T8377] netlink: 28 bytes leftover after parsing attributes in process `syz.3.518'.
[  119.959829][ T8379] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  119.962508][ T8379] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  119.973119][ T8379] vhci_hcd vhci_hcd.0: Device attached
[  120.014790][ T8380] vhci_hcd: connection closed
[  120.015793][   T60] vhci_hcd: stop threads
[  120.019163][   T60] vhci_hcd: release socket
[  120.020656][   T60] vhci_hcd: disconnect device
[  120.208268][ T5978] Bluetooth: hci1: command tx timeout
[  120.793132][ T8391] input: syz1 as /devices/virtual/input/input9
[  121.613521][ T8418] lo speed is unknown, defaulting to 1000
[  121.733695][ T8418] lo speed is unknown, defaulting to 1000
[  121.736030][ T8418] lo speed is unknown, defaulting to 1000
[  122.389333][ T8430] : entered promiscuous mode
[  122.393089][ T8433] team0: No ports can be present during mode change
[  122.399290][ T8433] vlan0: entered promiscuous mode
[  122.405381][ T8433] team0: Port device vlan0 added
[  122.424134][ T8433] tipc: Started in network mode
[  122.425660][ T8433] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  122.428828][ T8433] tipc: Enabled bearer <eth:team0>, priority 0
[  122.641080][ T8445] netlink: 4 bytes leftover after parsing attributes in process `syz.0.537'.
[  122.688415][ T8448] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  122.691148][ T8448] IPv6: NLM_F_CREATE should be set when creating new route
[  122.694017][ T8448] IPv6: NLM_F_CREATE should be set when creating new route
[  122.696464][ T8448] IPv6: NLM_F_CREATE should be set when creating new route
[  123.290374][ T8467] /dev/sr0: Can't open blockdev
[  123.368692][ T8451] /dev/sr0: Can't open blockdev
[  123.485925][ T8473] netlink: 'syz.4.542': attribute type 7 has an invalid length.
[  123.552935][ T8474] input: syz0 as /devices/virtual/input/input10
[  123.560329][ T6054] tipc: Node number set to 11578026
[  123.911897][ T8497] netlink: 8 bytes leftover after parsing attributes in process `syz.4.544'.
[  124.665918][ T8493] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  124.667909][ T8493] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  124.670114][ T8493] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  124.673500][ T8493] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  124.797721][ T8516] netlink: 4 bytes leftover after parsing attributes in process `syz.3.551'.
[  125.408431][ T5994] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  125.439146][ T8541] overlay: ./file1 is not a directory
[  125.592551][ T5994] usb 6-1: config 1 has an invalid interface number: 7 but max is 0
[  125.595999][ T5994] usb 6-1: config 1 has no interface number 0
[  125.598505][ T5994] usb 6-1: config 1 interface 7 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  125.601915][ T5994] usb 6-1: config 1 interface 7 altsetting 0 bulk endpoint 0xE has invalid maxpacket 0
[  125.605906][ T5994] usb 6-1: config 1 interface 7 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 8
[  125.613804][ T5994] usb 6-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  125.617002][ T5994] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.620607][ T5994] usb 6-1: Product: syz
[  125.622188][ T5994] usb 6-1: Manufacturer: syz
[  125.623927][ T5994] usb 6-1: SerialNumber: syz
[  125.648587][ T8530] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  125.661826][ T5994] usb 6-1: Error in usbnet_get_endpoints (-22)
[  125.862308][   T59] usb 6-1: USB disconnect, device number 8
[  125.968561][ T5978] Bluetooth: hci3: command 0x0406 tx timeout
[  125.972277][ T8546] IPVS: set_ctl: invalid protocol: 50 255.255.255.255:20002
[  126.066730][ T8530] trusted_key: encrypted_key: master key parameter '��ظ�a_;�' is invalid
[  126.392105][ T8563] netlink: 'syz.4.564': attribute type 1 has an invalid length.
[  126.398228][ T8563] netlink: 'syz.4.564': attribute type 2 has an invalid length.
[  126.688786][ T5978] Bluetooth: hci1: command 0x0c1a tx timeout
[  128.638220][ T6057] usb 8-1: new low-speed USB device number 4 using dummy_hcd
[  128.768299][ T5978] Bluetooth: hci1: command 0x0c1a tx timeout
[  128.799919][ T6057] usb 8-1: config 0 has an invalid interface number: 1 but max is 0
[  128.803569][ T6057] usb 8-1: config 0 has no interface number 0
[  128.805996][ T8621] autofs: Unknown parameter 'Z�qD���C�7D��&C$��뙾�4�_�4DY!�I�u���&�}Ƌ�m{DL�"fa&�]���J��A'
[  128.806466][ T6057] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  128.814714][ T6057] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  128.820167][ T6057] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  128.823914][ T6057] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.830028][ T6057] usb 8-1: config 0 descriptor??
[  128.835860][ T8609] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  128.844075][ T6057] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  129.773918][ T6054] libceph: connect (1)[c::]:6789 error -101
[  129.777088][ T6054] libceph: mon0 (1)[c::]:6789 connect error
[  129.805674][ T6054] libceph: connect (1)[c::]:6789 error -101
[  129.809159][ T6054] libceph: mon0 (1)[c::]:6789 connect error
[  129.916058][ T8643] ceph: No mds server is up or the cluster is laggy
[  130.380246][ T8668] lo speed is unknown, defaulting to 1000
[  130.497006][ T8668] lo speed is unknown, defaulting to 1000
[  130.499968][ T8668] lo speed is unknown, defaulting to 1000
[  130.762969][ T8678] netlink: 'syz.4.587': attribute type 7 has an invalid length.
[  130.765369][ T8678] netlink: 8 bytes leftover after parsing attributes in process `syz.4.587'.
[  130.817095][ T8667] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  130.854563][ T5978] Bluetooth: hci1: command 0x0c1a tx timeout
[  130.930517][ T8685] netlink: 28 bytes leftover after parsing attributes in process `syz.0.589'.
[  131.184771][ T8698] mmap: syz.4.593 (8698): VmData 37769216 exceed data ulimit 32768. Update limits or use boot option ignore_rlimit_data.
[  131.440431][ T8705] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(15)
[  131.442574][ T8705] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  131.446850][ T8705] vhci_hcd vhci_hcd.0: Device attached
[  131.613011][ T8709] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  131.615108][ T8709] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  131.619604][ T8709] vhci_hcd vhci_hcd.0: Device attached
[  131.708125][ T8706] vhci_hcd: connection closed
[  131.709417][   T13] vhci_hcd: stop threads
[  131.712944][   T13] vhci_hcd: release socket
[  131.715923][   T13] vhci_hcd: disconnect device
[  131.738306][   T10] usb 40-1: enqueue for inactive port 0
[  131.889748][ T1327] usb 46-1: SetAddress Request (2) to port 0
[  131.903098][ T8716] netlink: 40 bytes leftover after parsing attributes in process `syz.0.596'.
[  131.924334][ T8716] netlink: 'syz.0.596': attribute type 1 has an invalid length.
[  131.926781][ T8716] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  131.933409][ T8716] netlink: 32 bytes leftover after parsing attributes in process `syz.0.596'.
[  131.938417][ T1327] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  132.231516][ T6057] usb 8-1: USB disconnect, device number 4
[  132.251710][ T8710] vhci_hcd: connection reset by peer
[  132.261197][   T10] usb usb40-port1: attempt power cycle
[  132.264050][   T12] vhci_hcd: stop threads
[  132.265577][   T12] vhci_hcd: release socket
[  132.267563][   T12] vhci_hcd: disconnect device
[  132.849553][   T10] usb usb40-port1: unable to enumerate USB device
[  132.886110][ T8732] netlink: 8 bytes leftover after parsing attributes in process `syz.3.602'.
[  132.890427][ T8732] netlink: 4 bytes leftover after parsing attributes in process `syz.3.602'.
[  132.984327][ T8738] lo speed is unknown, defaulting to 1000
[  133.191223][ T8751] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[  133.195160][ T8738] lo speed is unknown, defaulting to 1000
[  133.199436][ T8738] lo speed is unknown, defaulting to 1000
[  133.446468][ T8770] netlink: 16 bytes leftover after parsing attributes in process `syz.1.613'.
[  133.582172][ T8777] netlink: 'syz.0.617': attribute type 1 has an invalid length.
[  133.595198][ T8777] 8021q: adding VLAN 0 to HW filter on device bond4
[  133.607710][ T8777] bond4: (slave geneve2): making interface the new active one
[  133.611337][ T8777] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  133.619442][ T8777] bond4: entered promiscuous mode
[  133.621105][ T8777] geneve2: entered promiscuous mode
[  133.889008][   T40] kauditd_printk_skb: 47 callbacks suppressed
[  133.889019][   T40] audit: type=1326 audit(2000000048.501:4791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8781 comm="syz.0.620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  133.897671][   T40] audit: type=1326 audit(2000000048.501:4792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8781 comm="syz.0.620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  133.905021][   T40] audit: type=1326 audit(2000000048.511:4793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8781 comm="syz.0.620" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  133.913127][   T40] audit: type=1326 audit(2000000048.511:4794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8781 comm="syz.0.620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  133.920236][   T40] audit: type=1326 audit(2000000048.511:4795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8781 comm="syz.0.620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  133.930083][   T40] audit: type=1326 audit(2000000048.511:4796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8781 comm="syz.0.620" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  133.939615][   T40] audit: type=1326 audit(2000000048.511:4797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8781 comm="syz.0.620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  133.944357][ T8790] pim6reg: entered allmulticast mode
[  133.948563][   T40] audit: type=1326 audit(2000000048.511:4798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8781 comm="syz.0.620" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  133.953814][ T8790] pim6reg: left allmulticast mode
[  133.958657][   T40] audit: type=1326 audit(2000000048.511:4799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8781 comm="syz.0.620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  133.970654][   T40] audit: type=1326 audit(2000000048.511:4800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8781 comm="syz.0.620" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000
[  134.304161][ T8803] syz.3.626 (8803) used greatest stack depth: 19560 bytes left
[  134.434351][ T8813] 9pnet_fd: Insufficient options for proto=fd
[  134.479359][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  134.482004][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  134.489860][ T8816] netlink: 8 bytes leftover after parsing attributes in process `syz.3.630'.
[  134.493512][ T8816] netlink: 4 bytes leftover after parsing attributes in process `syz.3.630'.
[  134.608262][   T61] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  134.856123][ T8832] usb usb8: usbfs: process 8832 (syz.0.634) did not claim interface 0 before use
[  134.915761][ T8832] netlink: 40 bytes leftover after parsing attributes in process `syz.0.634'.
[  135.851381][ T8843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.637'.
[  136.022067][ T8844] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  137.008279][ T1327] usb 46-1: device descriptor read/8, error -110
[  137.429049][ T1327] usb usb46-port1: attempt power cycle
[  137.663590][ T8882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.647'.
[  137.666506][ T8885] netlink: 'syz.3.649': attribute type 10 has an invalid length.
[  137.676036][ T8885] 8021q: adding VLAN 0 to HW filter on device team0
[  137.680924][ T8885] bond0: (slave team0): Enslaving as an active interface with an up link
[  137.685958][ T8885] netlink: 'syz.3.649': attribute type 10 has an invalid length.
[  137.695070][ T8885] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  137.760434][ T8885] 8021q: adding VLAN 0 to HW filter on device bond1
[  137.769927][ T8885] syz_tun: entered promiscuous mode
[  137.772941][ T8885] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  137.778690][ T8885] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  137.926772][ T8918] lo speed is unknown, defaulting to 1000
[  138.025110][ T8918] lo speed is unknown, defaulting to 1000
[  138.027712][ T8918] lo speed is unknown, defaulting to 1000
[  138.058340][ T1327] usb usb46-port1: unable to enumerate USB device
[  138.575703][ T8935] netlink: 'syz.1.663': attribute type 10 has an invalid length.
[  138.682422][ T8939] loop7: detected capacity change from 0 to 8
[  138.794963][ T8944] netlink: 1041 bytes leftover after parsing attributes in process `syz.1.665'.
[  138.971316][ T8939] Dev loop7: unable to read RDB block 8
[  138.973743][ T8939]  loop7: unable to read partition table
[  138.975810][ T8960] netlink: 'syz.1.670': attribute type 10 has an invalid length.
[  138.975997][ T8939] loop7: partition table beyond EOD, 
[  138.980048][ T8960] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.984692][ T8939] truncated
[  138.986102][ T8960] team0: Port device bond0 added
[  138.987327][ T8939] loop_reread_partitions: partition scan of loop7 (���������C�jm�m���ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  139.001649][ T8960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.670'.
[  139.444988][ T5978] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  139.446063][ T5978] Bluetooth: hci3: SCO packet for unknown connection handle 201
[  139.824965][ T8991] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  139.838426][ T8991] CIFS mount error: No usable UNC path provided in device string!
[  139.838426][ T8991] 
[  139.843023][ T8991] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  139.863103][ T8991] openvswitch: netlink: IP tunnel dst address not specified
[  140.294324][ T9007] netlink: 12 bytes leftover after parsing attributes in process `syz.4.684'.
[  141.069640][ T9020] bridge0: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[  141.324318][ T9032] netlink: 4 bytes leftover after parsing attributes in process `syz.1.691'.
[  141.380010][ T9034] netlink: 4 bytes leftover after parsing attributes in process `syz.1.691'.
[  142.462189][ T9054] netlink: 12 bytes leftover after parsing attributes in process `syz.4.692'.
[  142.569502][   T53] libceph: connect (1)[c::]:6789 error -101
[  142.571518][   T53] libceph: mon0 (1)[c::]:6789 connect error
[  142.586534][ T9058] overlay: Unknown parameter '/'
[  142.840255][   T53] libceph: connect (1)[c::]:6789 error -101
[  142.847809][   T53] libceph: mon0 (1)[c::]:6789 connect error
[  143.040575][ T9077] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  143.063072][ T9046] ceph: No mds server is up or the cluster is laggy
[  143.179316][ T9082] netlink: 24 bytes leftover after parsing attributes in process `syz.4.701'.
[  144.000913][ T9126] netlink: 'syz.4.711': attribute type 9 has an invalid length.
[  144.035710][ T9126] netlink: 8 bytes leftover after parsing attributes in process `syz.4.711'.
[  144.038959][ T9126] netlink: 4 bytes leftover after parsing attributes in process `syz.4.711'.
[  144.299175][ T9133] netlink: 32 bytes leftover after parsing attributes in process `syz.3.714'.
[  144.455314][ T9138] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.525863][ T9138] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.614354][ T9138] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.714924][ T9138] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.788860][ T6057] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  144.821005][ T1145] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.836979][ T1145] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.840276][ T1145] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.849269][ T1145] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.903571][ T9155] Oops: general protection fault, probably for non-canonical address 0xdffffc000000005f: 0000 [#1] SMP KASAN NOPTI
[  144.907306][ T9155] KASAN: null-ptr-deref in range [0x00000000000002f8-0x00000000000002ff]
[  144.910488][ T9155] CPU: 3 UID: 0 PID: 9155 Comm: syz.1.721 Not tainted syzkaller #0 PREEMPT(full) 
[  144.914037][ T9155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.917389][ T9155] RIP: 0010:h5_recv+0x104/0x950
[  144.919022][ T9155] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 71 21 43 f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00
[  144.924948][ T9155] RSP: 0018:ffffc900033bfba8 EFLAGS: 00010293
[  144.926879][ T9155] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff8877e91a
[  144.929325][ T9155] RDX: ffff888023aec880 RSI: ffffffff8877e95f RDI: 0000000000000005
[  144.931811][ T9155] RBP: ffffc900033bfd30 R08: 0000000000000005 R09: 0000000000000000
[  144.934292][ T9155] R10: 0000000000000001 R11: 000000000000001e R12: 0000000000000001
[  144.936757][ T9155] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8cb47f20
[  144.939226][ T9155] FS:  0000000000000000(0000) GS:ffff8880977c0000(0063) knlGS:00000000f548db40
[  144.942160][ T9155] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  144.944275][ T9155] CR2: 000000002efcdffc CR3: 00000000750a5000 CR4: 0000000000352ef0
[  144.946802][ T9155] DR0: 0000000000000006 DR1: 0000000000000000 DR2: 0000000000000000
[  144.949286][ T9155] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  144.951798][ T9155] Call Trace:
[  144.952870][ T9155]  <TASK>
[  144.953831][ T9155]  ? __pfx_h5_recv+0x10/0x10
[  144.955393][ T9155]  ? lock_acquire+0x62/0x350
[  144.956925][ T9155]  hci_uart_tty_receive+0x254/0x7e0
[  144.958598][ T9155]  ? __pfx_hci_uart_tty_receive+0x10/0x10
[  144.960805][ T9155]  tty_ioctl+0x580/0x1680
[  144.962553][ T9155]  ? __pfx_tty_ioctl+0x10/0x10
[  144.964261][ T9155]  ? do_vfs_ioctl+0x128/0x14f0
[  144.965987][ T9155]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  144.967980][ T9155]  ? find_held_lock+0x2b/0x80
[  144.969844][ T9155]  ? hook_file_ioctl_common+0x145/0x410
[  144.972015][ T9155]  ? __fget_files+0x20e/0x3c0
[  144.973858][ T9155]  ? __ia32_compat_sys_openat+0x130/0x210
[  144.976065][ T9155]  tty_compat_ioctl+0x24a/0x4d0
[  144.978097][ T9155]  ? __pfx_tty_compat_ioctl+0x10/0x10
[  144.980230][ T9155]  __ia32_compat_sys_ioctl+0x23f/0x370
[  144.981937][ T9155]  __do_fast_syscall_32+0x7c/0x3a0
[  144.983550][ T9155]  do_fast_syscall_32+0x32/0x80
[  144.985086][ T9155]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.987110][ T9155] RIP: 0023:0xf70be579
[  144.988398][ T9155] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  144.994314][ T9155] RSP: 002b:00000000f548d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  144.996573][ T9155] RAX: ffffffffffffffda RBX: 0000000000000069 RCX: 0000000000005412
[  144.998841][ T9155] RDX: 0000000080000140 RSI: 0000000000000000 RDI: 0000000000000000
[  145.001295][ T9155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  145.003780][ T9155] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  145.006283][ T9155] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  145.008749][ T9155]  </TASK>
[  145.009749][ T9155] Modules linked in:
[  145.011262][ T9155] ---[ end trace 0000000000000000 ]---
[  145.013212][ T9155] RIP: 0010:h5_recv+0x104/0x950
[  145.014816][ T9155] Code: c1 e8 03 4c 01 f0 48 89 44 24 08 48 8d 83 08 03 00 00 48 89 44 24 30 48 c1 e8 03 48 89 44 24 10 e8 71 21 43 f9 48 8b 44 24 08 <80> 38 00 0f 85 ae 01 00 00 48 89 ea 48 89 e9 4c 8b bb f8 02 00 00
[  145.021458][ T9155] RSP: 0018:ffffc900033bfba8 EFLAGS: 00010293
[  145.023375][ T9155] RAX: dffffc000000005f RBX: 0000000000000000 RCX: ffffffff8877e91a
[  145.025801][ T9155] RDX: ffff888023aec880 RSI: ffffffff8877e95f RDI: 0000000000000005
[  145.028504][ T9155] RBP: ffffc900033bfd30 R08: 0000000000000005 R09: 0000000000000000
[  145.029698][ T6057] usb 8-1: unable to get BOS descriptor or descriptor too short
[  145.031002][ T9155] R10: 0000000000000001 R11: 000000000000001e R12: 0000000000000001
[  145.031011][ T9155] R13: 0000000000000001 R14: dffffc0000000000 R15: ffffffff8cb47f20
[  145.031018][ T9155] FS:  0000000000000000(0000) GS:ffff8880976c0000(0063) knlGS:00000000f548db40
[  145.033734][ T6057] usb 8-1: not running at top speed; connect to a high speed hub
[  145.035843][ T9155] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  145.039412][ T6057] usb 8-1: unable to read config index 0 descriptor/start: -61
[  145.041155][ T9155] CR2: 00005646c73de108 CR3: 00000000750a5000 CR4: 0000000000352ef0
[  145.043594][ T6057] usb 8-1: can't read configurations, error -61
[  145.045649][ T9155] DR0: 0000000000000000 DR1: 0000000000000097 DR2: 0000000000000000
[  145.045658][ T9155] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  145.045667][ T9155] Kernel panic - not syncing: Fatal exception
[  145.048516][ T9155] Kernel Offset: disabled

VM DIAGNOSIS:
09:09:17  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000222fc4 RBX=0000000000000000 RCX=ffffffff8b90dbf9 RDX=ffffed1005646656
RSI=ffffffff8c162d80 RDI=ffffffff8190ca61 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08
R8 =0000000000000000 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab8890 R15=0000000000000000
RIP=ffffffff8b90c75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f546cda4 CR3=0000000066802000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000002fc3ac RBX=0000000000000001 RCX=ffffffff8b90dbf9 RDX=ffffed1005666656
RSI=ffffffff8c162d80 RDI=ffffffff8190ca61 RBP=ffffed1003bde488 RSP=ffffc9000046fdf8
R8 =0000000000000000 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000001
R12=0000000000000001 R13=ffff88801def2440 R14=ffffffff90ab8890 R15=0000000000000000
RIP=ffffffff8b90c75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000031d0cff8 CR3=0000000075ae8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000173fd4 RBX=0000000000000002 RCX=ffffffff8b90dbf9 RDX=ffffed1005686656
RSI=ffffffff8c162d80 RDI=ffffffff8190ca61 RBP=ffffed1003bde910 RSP=ffffc9000047fdf8
R8 =0000000000000000 R9 =ffffed1005686655 R10=ffff88802b4332ab R11=0000000000000001
R12=0000000000000002 R13=ffff88801def4880 R14=ffffffff90ab8890 R15=0000000000000000
RIP=ffffffff8b90c75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005646c73de108 CR3=0000000049ae9000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7474ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff856170b5 RDI=ffffffff9b0fc700 RBP=ffffffff9b0fc6c0 RSP=ffffc900033bf510
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043
R12=0000000000000000 R13=0000000000000035 R14=ffffffff9b0fc6c0 R15=ffffffff85617050
RIP=ffffffff856170df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977c0000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002efcdffc CR3=00000000750a5000 CR4=00352ef0
DR0=0000000000000006 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000