last executing test programs:

8.001559021s ago: executing program 1 (id=475):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="02d40000000000d400bd7000fcdbdf25"], 0x10}}, 0x40000)
prctl$PR_SCHED_CORE(0x3e, 0x80000000001, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
shmdt(0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffff, 0x0, 0x10000, {0x0, 0xd, 0x9, 0x7, 0x0, 0x0, 0xfffd, 0x0, 0x6c9, 0x400, 0x9, 0x100, 0x480, 0x4, "fe1d0e0014000000ffffffe0000000ffffffdf0000000000000000002000"}})
madvise(&(0x7f0000ff7000/0x9000)=nil, 0x9000, 0xc)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, 0x0, 0x0)
sendmsg$IPSET_CMD_SAVE(r3, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="120000000200000004000000020000008848", @ANYRES32, @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB='\x00'/23, @ANYRES32=r2, @ANYBLOB="8a839eb131ad6f9360c88420e95d2f96ce678cb00532b8b10f762072b6087867fec7461177f12d8df136f124d67a267f4ee7"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000280)='net/packet\x00')
pread64(r5, &(0x7f000001a240)=""/102381, 0x18fed, 0xfffffffe)
openat(r5, &(0x7f0000000200)='./file0\x00', 0x480002, 0x8a)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000480), r2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
r7 = io_uring_setup(0x2237, &(0x7f0000000880)={0x0, 0xfffffffc, 0x3018})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r7, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r7, 0xe, &(0x7f0000001180)={0x1a2, 0x0, &(0x7f0000000040)=[{0x0}], 0x0, 0x1}, 0x20)
write$cgroup_int(r6, &(0x7f0000000040)=0x1c8, 0x12)
ioctl$EVIOCSKEYCODE_V2(r4, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, "00207d2000000000201b14700c1e0ac74fc6820fc3a1409b4500000900"})

7.285854359s ago: executing program 1 (id=478):
socket$packet(0x11, 0x2, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
listen(0xffffffffffffffff, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000400)=ANY=[@ANYRES32=r0, @ANYRES64, @ANYBLOB="58c200009078"], 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180), &(0x7f00000001c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xf, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000800018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

5.134088129s ago: executing program 1 (id=481):
socket$packet(0x11, 0x2, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
listen(0xffffffffffffffff, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000400)=ANY=[@ANYRES32=r0, @ANYRES64, @ANYBLOB="58c200009078"], 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180), &(0x7f00000001c0))
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xf, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000800018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r6, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

4.901206279s ago: executing program 0 (id=483):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
io_setup(0x4082, &(0x7f0000000380))
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x400000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
setsockopt$PNPIPE_ENCAP(r2, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(0xffffffffffffffff, 0x1, &(0x7f0000000200)={0x100}, 0x0)
r5 = syz_io_uring_setup(0x6855, &(0x7f00000002c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@bridge_delneigh={0x1c, 0x1e, 0x1, 0x0, 0x2, {0x1c, 0x0, 0x0, 0x0, 0x0, 0x2, 0x6}}, 0x1c}}, 0x0)
write$UHID_CREATE2(r8, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r5, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x5e97, &(0x7f0000001400)={0x0, 0x0, 0x10}, &(0x7f0000001480), &(0x7f00000014c0))

4.16909149s ago: executing program 1 (id=485):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x80015b1a, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x17, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000002240)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18007e1bef4810", @ANYBLOB="0000000000000000b702000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r7, 0x560a, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x3, 0x3, 0x2})
ioctl$VT_RESIZE(r6, 0x5609, &(0x7f0000000040)={0x4, 0x3, 0xb})
write$6lowpan_enable(r3, 0x0, 0x0)
r8 = syz_io_uring_setup(0x851, &(0x7f0000000380)={0x0, 0xc4cd, 0x10100, 0x0, 0x0, 0x0, r3}, &(0x7f0000000180)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
sendmsg$nl_generic(r3, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000800)=ANY=[], 0x188}, 0x1, 0x0, 0x0, 0x8005}, 0x8000)
io_uring_enter(r8, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
pipe(&(0x7f0000000080))
mknod(&(0x7f0000002400)='./file0\x00', 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002380), 0x2, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

4.139102237s ago: executing program 3 (id=486):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
getpid()
sendmsg$alg(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000002c0)="246ca0015dc21f366322a6f60c12ffbf475cbff67e435e22b1e7e6700edb43ccce24028e7f5ec8bba7706ef5e20d2a1350c8aabc73fcd77b56814e8086ce7033b9f285ee4fce193e6815c0f13b1b0aa0bcf6ff", 0x53}, {&(0x7f0000000240)="314e58f183b8bea72f3b89dbba5acb540769c825eb715dc390df", 0x1a}, {&(0x7f00000003c0)="3725d40af535200e5b5b2916d793d777892694e757a64a0f32c7b116cc0ddad7b079414d478ab77e504741a11338fc9b87d81f5da5802e213e79c028418eef8578c10981bf8178a7523b1257691ce2b3d252d69ed151b62f5f075ddd9a7720c6dae576d3d4dbfb913ee3161589bf82815dd04e75ddf0329f60f879151e521a47129374453edd2b8fed125643ec9810d72e9e8aaca6aae6636a0b273c3bb3ec20394391d3180f9f89d7718714c3ea8ae32bea48bd9a312e55714a9e9a5cf0dc0e801d01ac628c17a2", 0xc8}, {&(0x7f0000000500)}, {&(0x7f0000000600)="84320add155d3d23712322643456482a87709aa5e038e51d5c9516c4a4d4c1e371df9382cab5b61da473c47777c037d2f68e188f1eae532215ce23f6a16334b0747bea135c132bf32d0e6acd97e6dceb570f747584bed36659237ca4951b8c865475feafca1238a4ed5bfd0f3e09a3235779c7c714b7a8ad37a5fb20387dd8d70d33e8080524c00ba945a6b6628cdc06cae5e1de600a58ccd098d1797193c4a28a8f97b58550349ebdabb110fa5a005869d4ec39062273fbc0f17e", 0xbb}], 0x5, &(0x7f0000000780)=ANY=[@ANYBLOB="1000000017010000030000000000000010000000170100000400000001010000100000001701000004000000fbffffff100000001701000003000000422009529800000017010000020000008800000084ab372beb6c9fd471ad3428e2ccaf39b4f795bc7d9705c7b84e76328626fd0129a9b27e26799b412a43536213120680a0cb4229fa010713ee4eec91e7b013c14275d893945ea60821e8ba6bba1d5bf031711256e2b7d8f8fa9e1603278604928163f616d8b9b0e814e032d73141c76754ab4f868f758bf46014faeb8bb2b69fd4b8513102f20328100000001701000003000000010000004c00000017010000020000003a00000071331c2d6d8c149a18608893f5"], 0x134, 0x24040811}, 0x20000001)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r4, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
setsockopt$bt_BT_CHANNEL_POLICY(r5, 0x112, 0xa, 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r4, 0x0)
r6 = socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_int(r6, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4)
bind$inet(r6, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r6, &(0x7f00000040c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=""/127, 0x7f}}], 0x1, 0x0, 0x0)
sendto$inet(r6, 0x0, 0xf00, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r7, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
mmap(&(0x7f0000068000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r8 = openat$dsp(0xffffffffffffff9c, 0x0, 0x43, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r8, 0xc0045005, &(0x7f0000000080)=0x80)
ioctl$SNDCTL_DSP_SYNC(r8, 0x5001, 0x0)

3.958189609s ago: executing program 2 (id=487):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x1, 0x2, 0x13, 0x2}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000))
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000440)={0x6, @local, 0x0, 0xfffffffc, 'lblc\x00'}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0x4, &(0x7f0000000740)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x81}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)={0x14, r7, 0x6c04073ee59f7719, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, 0x0, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000100)="830000001400192340834b80040d8c560a067fbc45800005", 0x18}], 0x1)
socket$xdp(0x2c, 0x3, 0x0)

3.850085672s ago: executing program 0 (id=489):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x2def, 0x4000, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/meminfo\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
openat$snapshot(0xffffff9c, &(0x7f0000000080), 0x40040, 0x0)
r6 = userfaultfd(0x1)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
fsopen(&(0x7f0000000000)='btrfs\x00', 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x19)
r9 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x10, 0xa702)
mmap(&(0x7f0000371000/0x5000)=nil, 0x5000, 0x0, 0x11, r9, 0x0)
connect$rose(r0, &(0x7f0000000400)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x2, [@default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40)

3.075910132s ago: executing program 0 (id=490):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), r1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x24, r2, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x24}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', r3, 0x0, 0x2, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)
io_setup(0x589, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmmsg(r5, &(0x7f0000000680)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="10000000100100000d0000002400"], 0x10, 0xe000}, 0x5}], 0x1, 0xfffe)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x10, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x4ca31, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r6, 0xc0845658, 0x0)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x14800, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='smaps_rollup\x00')
lseek(r7, 0x4, 0x0)
ioctl$HIDIOCGRAWPHYS(r7, 0x80404805, &(0x7f0000000040))

3.075533556s ago: executing program 3 (id=491):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_G_FMT(r1, 0xc0d05604, &(0x7f0000000480)={0x6, @pix_mp={0x3, 0x6, 0x41416770, 0x2, 0xc, [{0x5, 0x5}, {0x3, 0x6}, {0x8, 0x40}, {0x5a36, 0x8}, {0x81, 0x2}, {0x9, 0x8}, {0x2d6a3, 0x400}, {0x1, 0x2}], 0xa, 0x2, 0x3, 0x1, 0x1}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000003700010324bd7002fcdbdf2508"], 0x14}}, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[<r7=>0x0], &(0x7f0000000340)=[<r8=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r8, r7], 0x2})
r9 = socket(0x10, 0x803, 0x0)
r10 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r11=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r11}, [@IFA_LOCAL={0x14, 0x2, @local}, @IFA_FLAGS={0x8, 0x8, 0x690}]}, 0x34}}, 0x0)
r12 = openat$null(0xffffffffffffff9c, &(0x7f0000000380), 0x22002, 0x0)
inotify_add_watch(r12, 0x0, 0x32000812)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r5, 0xc01064c7, &(0x7f00000002c0)={0x1, 0x0, &(0x7f0000003340)=[0x0]})

3.013600893s ago: executing program 2 (id=492):
r0 = syz_init_net_socket$llc(0x1a, 0x802, 0x0)
bind$llc(r0, &(0x7f0000000000), 0x10)
close(r0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil)
bind$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @none, 0xfff, 0x2}, 0xe)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
getsockname$llc(r0, &(0x7f00000000c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000180)=0x10)
r2 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000200)={'veth0\x00', &(0x7f0000000100)=@ethtool_sfeatures={0x3b, 0x2, [{0x28d1a67f}, {}]}})
setresuid(r3, r3, r3)
r5 = getpid()
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/144, 0x90}], 0x2, &(0x7f00000002c0), 0x0, 0x0)
r6 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$SO_TIMESTAMP(r6, 0x1, 0x23, &(0x7f0000000140)=0x1, 0x4)
getsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, 0x0, &(0x7f0000000040))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0x4b4a8b03)
r9 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r9, 0x7a7, &(0x7f00000002c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r9, 0x7a0, &(0x7f0000000100)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r9, 0x7a8, &(0x7f0000000040)={{@my=0x1, 0x8}, @host, 0x0, 0x0, 0x7ff})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r9, 0x7a8, &(0x7f00000000c0)={{@my=0x1}, @any, 0x0, 0x0, 0x400005, 0x9})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r9, 0x7aa, &(0x7f0000000000)={{@my=0x1}, @local})

2.364676274s ago: executing program 0 (id=493):
r0 = open$dir(&(0x7f0000000040)='.\x00', 0x0, 0x0)
faccessat2(r0, &(0x7f00000000c0)='./file1\x00', 0x7, 0x300)
r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x13)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000540)={0x3, 0x4, 0x3, 0x101}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000240)=[r4, r3, r3], &(0x7f0000000340), 0x10, 0xfffffffb, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$vicodec0(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r5, 0xc0185647, &(0x7f0000000100)={0x980000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f90b, 0x8000000, '\x00', @p_u16=0x0}})
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="03000000520001002abd708200ffffff0afe", @ANYRES32=r7, @ANYBLOB="d60611a1c4743ea9340d4560d5f6d0a22ec6ba7529afc990c00ffe438ccd8b0b2931dacb1981a2fa7cda308adea20f3890668e5c2c2100cb48d9a66a4bc7"], 0x1c}}, 0x814)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file1/file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
write$binfmt_misc(r2, &(0x7f0000000000), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x6]}})
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r2)

2.294421377s ago: executing program 2 (id=494):
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x2, 0x2, 0xf, 0x7}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'})
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000140)='./file0\x00')
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$VIDIOC_ENUMINPUT(r4, 0xc04c561a, &(0x7f0000000380)={0x1, "497aa4ec7afa5ae757b46c4184492f8c3de6b2624e208c9905349b9adfc31671", 0x1, 0x9, 0x2, 0x320000, 0x20800, 0x4})
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r6, r5, 0x0, 0x23d)
ioctl$FS_IOC_RESVSP(r4, 0x402c5828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x80000d})
r7 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f0000000040)={0x4, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r7, 0x40045612, &(0x7f0000000080)=0x1)
ioctl$vim2m_VIDIOC_REQBUFS(r7, 0xc0145608, &(0x7f0000000200)={0x0, 0x1, 0x2})

1.967157496s ago: executing program 3 (id=495):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0xffff, 0x1000, 0x7fff, 0x2}, 0x8)
getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x18, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000f6de73f8009500000000000000"], 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
set_mempolicy(0x4005, &(0x7f0000000080)=0x41, 0xb)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r4, 0x4b72, &(0x7f0000000000)={0x0, 0x2, 0x21, 0x1, 0x200, &(0x7f00000003c0)="91df41d521d4413377574bc0fb894eb9479dbf8f4bc04b9c4670fdac82bc40d8150a95d829e478bda8eb649bf2304d90bdf54f2c7b3ec8587f41de49770d3495d1538011730de826b9d5e501137fc25ec0d470ad5e48ce9ff99ce56a3c6679ce83d194fa8b634ab738a0032cf572a85c9b8b1095213e7723a94d21aa7d7cdd91ef1ef9642377c28e4ccc15f94e78b66c8155d614f63fdde4b1e4a53dc8e175c0e79eea8c044d5bfd57fb0872dc42eefabf78125935500e44b4d6f23899352d0000000000001718ba9386e21647ffc7b55353b3b7ca1ec10d223ef8aab6f6713c147adcacd30303c8a86b6e4aa096fd5011406a205a3f54c8c4d6c9c6e1e963b1279c4b31fd5db089a0aec337995dd772578c074d07cae179f337a9db13a9d8a1cf3aa7849d51b22b0fe9240964ef9ce9faad08d4de6fd398a4e13384a5baab2a8815305388353f5f77d1efd922c4d51a0b29450d6cf9709a53f3d52162489865db56460243eea757aea7f0ae49dbf9969daac7cb3701219e61758c0a96278024e80d77a56c5501632cc7d648a7fe7c9e299e1fb777d78f30a734e7d071f5b89c7331cd8e4cfbe36f9f17608eefd2cabcb4f007a479464a0ce8fb893555a957cf0838d64f689c5ec6211d59a67f33f97839174364ae5f9cb970f4b6c504a6e33c6a06d84d1966b161fc1c9b35ed9ec2f7989f75bd9e4b9594d87dd67eaeb17f71156764d2468f4e563421360e0a6dded050a4a7c8ca1f750796015d998e6be805a1f8a5ebddfa50f228261d1b0d0a41576e857d414fb334eeb221c7966cceba6e94a02f4df97f12e0a67c5ed266fa4cff67e2ae2de7f29fb4d0abb002df029be591c38e8aedc7ac53736a8ab40fa13383f1b0b0063f8ac5107f3be4b83d1a3739f3e334ad80a50a114e55db944df1aab093c55efd48068d35fb4f34537971e3df2bcdf68b86c4d3c966f4c6ca66413311ecf23a89035cb71cfc1722a2e598f808aa74cccc001d29e254b12cdd9f1ba240232ee6ea9434b1571470d4c627d5090e6f79f528159305d981526a77ada3916f41b861d6a5146e243d3e0a95f466b11b2de8adba71753dcd2db5655aab6a99f2fc2c801e66cc7a649d14e8eb615d20959a6f66b5ea081720768d7299ad084794d9a5fc6d9449699b93be246d2c4d7562b2adda4605267dfbcf9b8578bd091aeb6cf250b8eea74249e83978e0e89498df0731c327201f9b7ac77a8452d11aaa1f83e375ba99d7ecb6b8630773afbcaa0761608348ab20bd4ab63ae70f40534a8bc2282393255194e433132af69f7737d7080000f9513cdbae9745e8992fcfb7e5221a754d3a2db5811342ee5d671108fe493588d9ea78e8c2b32497468bf30f9efd007530f9c8f37289522ecb073d3a59b6fabd1692c81c82c90928713a00"})
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8401)
ioctl$USBDEVFS_ALLOW_SUSPEND(r5, 0x5522)
ioctl$USBDEVFS_BULK(r5, 0x5523, 0x0)
ioctl$USBDEVFS_FORBID_SUSPEND(r5, 0x5521)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000240)={0x8d, 0x2, 0x1})
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x12)

1.786953795s ago: executing program 0 (id=496):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r3, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000003c0)={<r4=>0x0, @local, @local}, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@private0, 0x78, r4})
socket(0xa, 0x1, 0x0)
r5 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r6=>0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000380)={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, r4}, 0xc)
io_submit(r6, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r5, 0x0}])
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r7=>r3, {0x2}}, './file0\x00'})
io_submit(r6, 0x1, &(0x7f00000002c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x6, 0xc, r1, &(0x7f0000000100)="c1f817440890611d487b736b14fb0e63c011e5be2bd20875f06f2b2b308d5609e8b7495ccf94a20ead78b35e78b2228213267c90ac10df4e5711986132f6872d2e2d68e980948b28779862bcce978f19259103ae81107b9aca0fc6905bcb6e90b167a4c98ced69b1db164bfe8160c41aa0f9f664e819311df9ec648a9a8802246ce2858ac43bbe36aeb1e20c29f298f4f946b515b12c99761be3bbfdbd788a339db5803cb61bf64256141002fc30cb5e5bdadff9f1d7cf39f4685b193ca58547bf524d28e847", 0xc6, 0x0, 0x0, 0x2, r7}])
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000c00000/0x1000)=nil, 0x1000, 0x16)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9040}, 0x0)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r8, 0x560a, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x20})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000001000)={'syztnl2\x00', <r9=>0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @rand_addr=0x3}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000780)={'syztnl2\x00', &(0x7f0000000340)={'syztnl2\x00', r9, 0x10, 0x7800, 0x8, 0x4000006, {{0x5, 0x4, 0x1, 0x3b, 0x14, 0x65, 0x0, 0x3, 0x29, 0x0, @broadcast, @rand_addr=0x64010102}}}})
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x110, r10, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1.624762567s ago: executing program 1 (id=497):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x7, 0xba, &(0x7f0000000140)=""/186, 0x2936e9239afce1fc, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
socket(0x10, 0x3, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r3, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000300)=[<r6=>0x0], &(0x7f0000000040), 0x1, r5})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000380)={0x201, 0x1, &(0x7f0000000440)=[r5], &(0x7f0000000200), &(0x7f00000000c0)=[r6], &(0x7f0000000340)})
socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000680)=ANY=[@ANYBLOB="0180c200", @ANYBLOB="7edb58e65b3e113bcda45fbd0b0f556e415471f4c194dd2dcc702c882e4bb6f4bad7a0a42f979636004d1b8a8e7e8211b1093f6a033a4acbb972d4053e702c318bda5715bdfd8fabb4dd51cd1a166d30a2b66391ff83f6feeb5bed5dbb24463b93e8a29c24395cda25eff4150bb340408339c1af7676fb8559ac6cd69f13035466d51d878c259f0d4da5ae32d5a867caa39b0fe911d0d6e2fb243bfac13bf5af51362c894a2ff7222cd182329a2dcb2c36376cb8b26f1da2a049919bc1bbbf71d67101bdd0a9dfbad92f7a9e085df7e38e3c8583913f4e34c1b207c2ecdb76bbf2e4b4a906a75eb9bd335e36181b947f9847ceac9acbd4fcf0fdcbb409b1398960484a85bfe2f2e8b921e460f7c7157a0eba498dfa9240623bf9524b76eabf1489e4f653f79d0d7739a35198718949ea2bf2b7e149288d0cd88c9aae991b01841f2926ace186c6e20070b9da3ee9de0ab032736da996a320c8158605d9ba3c57f4022a8c2fed3fb1a37013e1ba085b24dbec6ea0342b8d7d4828c3f8a7d548c360285db5b48218ddf8811e6a33a6925320ad00f9ab0577e72f78b5f73470b4387ea3811a436ab32c32e9778e9766ac09d9c9ce7b359679a2c9e5ac410724d000db10e84da4cb1ea609b06143f0279d29f8df1a50e29f819ed11e1307158fa623f6e9f4eb48c83f04ed84ec80b0b36503b20de2bae4f0ff20cadb0a6a86e738518681e11b47d7de2af591dc9487b31834d74f41e810ea238a77fbbc13da08899703d72f4ab9bf084a1bf4a6042d750a88345309a411a8c414eb920a04a7f912e1b3cdb47f10191a9729f99f4d321277e691ddd7bf824170928025b33ad30ae35ce50919cfacbad170c527d392142f287dac66f6ec210d1b0b22cff9422d71fc15fc7b919e38cb628eca63b352772ae7f9cd9f9260f0ff4ed24fcd865cdb5fd81e2e77c2bef73ab02cc48146d00da2a157eee134809d39699f881f4732b3dea140f17c66f3b591719e91befbb8f5486454399dbf5fc39f50775376870156f37c04ff1667a77581accf437f50e8af7c5a49bf05d305bb1eab3a28287eadbba663b63ade972deadb132bf24d0da59852146f89f23a948a657a7f74872d9e4f4724efa6d90d1292f0a5fcbaf299c571d1eb18d4885bc08a07f4c9fd23b692e0a331fd6de9fd104c6f6281474ac8221f3c79ab29817a4e4ae5150a95f5ada9ff6b9cd82fdc6397a1742a2ab46485aa02e884f2162f961462ec1d0d6a1773497cd343b262a2baed8a2f8454af73686acc765c2808b45ddac6c5d73a1a65114d6d78ae0722f34b74e7b6e24e4208a7c545b9698850a2e46c549a5b79414a86208b4afa9559196d646eddeb0c0f9b01023b0e037d2d601c9b1e420fb9c655b6a38e3e0cc47c975274e1dc7d49f971e0baa8e9479cb1ff1013aced68db47f976855964b5d8ec402017706f4bde249fb6161468af3d80095accc3637ddc119e8f15c96952ef7f7240df5fa90c8430d6ca1dc5ed711dcfc129efb1138e761bcdf9af5517f5e202c874a389c90be14eeaa3674545a7e30a50a4e1014b902d5c52b54f0a588dff2c0a9cc22629100b9c7189355c18a0732770c57382c5fea126717860b38c8088c9467a4fd46a373802101ca0bf875c78066b47cb964e436fe6ba780f64df570ff6bd336ef4e15d0134bab3445fe55f40e4fab3ceb657496274f6437bcf29154f926a729127260b20a014dc9b4fb3c8a7fc4f068f7189e90ddc09de2e733824fff8befe546681d1da1d7aa72ecd7537d9640ff7427430aecc1780cdbb1a8007761374be074e5d1a2d5d8ec98428fabca4ba21c1be51d90ed3fd6bd269f5b6a8a1b9e6fc0f5e35010f9b0d57845d2ebd8c8c3fd1037fb0205ffab7d7211142f1703336689f705ee2d2f56bb5a92caf60b4e8d6ce30c134033409cd985f0ea9fbe2c2a27d8ebc1477827a6af84ea11ec717f2679f2728a0a88492c90fd97c8007464d3482576327c1b894c036e9319fa5541125060457c834345bb9a2fc44f084c961037c933bf8cf8abaaedd974cde8a8090710b7e530aebf2f6e163b2affcbd8e1d47925542e082fdc7f9a04663541b2b7f297fd57d44337638145d596e93662a49b63d90bef5de98814474aaa5d0612db35699c51a3ebcec3f2fc715a67c7c5acdb084def9567ff1d5bf46137484095819f8e012a2a9d65b77e3ae54cf229015be2785309b3ce51e6eff6d0d78f833d502d6811b526deec86552b0e5c269f33a23dfb3b3e0fcfa1ad1da72800a59dfa370434a158dd9392acb6cf10e0ee2874cf508ed3ea00c1227d4c0e3acc7bee67cec1c6e41f239f18821097fc2b7f30e46893246ffd03424d85a5de7d5c7ee9ed6087624346bf29edd868d6f8c002781a71d85c890ce62a9821eff20e841ecd38f1905e47ddfcb262cdd6ffde7f0daddb78b2d3432a7631588648017c0ca4f6fe5fee2ba141a4181a86f3f5954d2e4dce572fa79533fb47d358654b41de0ca0b6c969181d4de0165c452f954d989fddf57eae7c48da77740f0a6f27327fa05bd6155817e3a3642b8f3e7193a153c8ad39bc28c890838aeca7670547efe0897c98c65c4b6f6b9844ac2284d2ee1459cf82c94012ae89c23470c420d807e5afa43574a1a2228e38fc8119b9f968c0012d0f2172f4b9872a70697b995f11908ca86416db7c63f17aedf1093a62ad862705f9f62e82bcd76f3488c96788eddf0757f9b865b36c6b0f1941e90327ff918b95fd10d701595924dc493493b379b3b61dc697eebb68ac5d197b350b65f2f913dcf96319794a092564ea096d6bd9f06b7f1d01e2a545cd250e8a852745a9440d296bd1a81391e3bdcfa1568a6288bf37838ed0a79fed01b74e9d9ee2950f90d64946c6f1224bdcdae8c1f732f91a0b7137e70c9f5651797936937d109a42223b894daa8e7d6c11ab8407fed885f9e6957b653c54161074c6c24028bceaded926ec11342a25574ec971dcb069cf7d3b2a6c9ab822dc64527580f863b0a2226fbd7551008cef91b7e63819ed0e1b20b10096ae9ebf841ee4148027e7a68eac03c99df4569f2e7627bfdcd4e1000b3a2d196466275e4047e3a65bcadde475d5147e4afa37b3a0e17c2aa0b66f902b28a52f75cd0155785a26ecc7890003a4a457ec3add2726c295696d7f96b73346326ed78b9bbb2a0d886d983df6faa1698749215fe7b0365292491f7294306394a2182dfa89e333eb5a510dab980a3d83229b3751f5673d309cc33c5f607d90f1292e6e1f3ae72548f0388f3da698f7117817a94ca099dfd270d7bad1bceb7e9ca6f72939d92bd63fcf1039c60afbe46dd3282463d284d3e95a1bbcaa2ab573feb8eb89ddb58a4c4773376525c70c45a7581d091feb39346bb6ebc6748b579af311d2cb838aa9187082f5e365669b80bf6ee95e4a52c7574007a9c0cbf73d3f967f2570625450920e9a1e6c5bff59b3ee2f83fc9c2da63a0cda0a18271febb5ec5b84c8a3cf9bd9d62f2a68bbca7058f8fb39c22ea74ff61eff74975633125f254530f04041b8939ab400576e88c119d0dc6974d171ba4de6d4e79221075e839f489ea12b084d6392bd9162616b976863362dbe1b1b50f48d348f2d56e03bcda736d8a8fde9e41295dce9eca7947be383ea4cfb577254507f4215ad793713f4c101e396b65e934f15afa5e64566d42127d0a410950b714f78137cefeb2c955e7d2d0aaba3447a14c0eb115a4a390d5a839f8f24d0a4b6ac98144e20271d0a056fa2d954f02c7a9f95e5301269e1abf1ed254d5c092e192684823e79fb543f118a960464b376a6ed77b4de6c10f4a4180e7f961191a68e85f95d5390390c5929312949f097544082ae5f4f9b009ad08dd85c090a19b44c8b6b9e05527298d88b89b9fbc060cd56c404f31404cf4de9a10b290ecef496e0e719b263dd2c5f98dc440de5cddaf8d00a85ca8b435d0efbc458a3b6d99b52bbfe550ee84218c10bc2810855937b1c60d94eb42146b656e3d0720f1303861500a6a80f4a69735ec7b225e2c1c88712ac51d8dcea539463e88d8c1a33337e6684f5e16ebf287a85da78c33ffeaeaa883f5c99c9112887f56a188118545ca10a81aaa1841770cac7ca0e83a1fdae6fb7d9ffacd0a37bd6c0041b7d775c160589fc5d107d9001cf45603898e44e8725350448e594cc0484f748ace4a2ba7837384a804783717886c668a2d0e9f963c72be2c5f920b27967455200815e3269dbd088ac398a25b4266825c3afab178c84c2ccbd1e51716ac90e1987fa630846233824a6dbbeb3dffbfc7d701020a971234538ef71381ecfcc860386fbd7fa71fb8132ecd49fe2a25348b4d82fed6c6a99373c921d8f77940c892a04bdcada844acb127fc8c35b8789d8b60925b2ff63553eb8ab5ab856b8f23468a88e9f67934a41509326c07f1b6af2f777c61abb6e4bcbda27b382c1209411ee3daee0fe19ba0b7ccc9128f66808b3c3015f59b15246852d17878b70cf0536bb4df8d09d4510b4084931c28e1cb2fac4d52d510e0274a8c911fcc653e578a37688094cf4e382a6747c5c6274a7311a45c5c9ff5e6dbcb15d0b7b58ddcbb19420fc32601eca187dc88aea3750e996614ab1a35aa3228646602e81699c9fa5c26a12e8fd0720baade9414f4cdb6ccf082f941e0ed7bbbcda259c6baa2ac4c490148befa6324b17a1cb224cc4c857cc25af44b045c881d63c13d14c142af33d33d69d3428e7861ee5b2a82022e1ea3cd514a3beb98b3b41918f2762ecc81ac56379b1323471f40a3625d25dce9573088b00bca6645d429c2a4bd66da203dc1a56c7502b7cf446c107ca2f369bc4e9e19fd47f46048469361ad4cb80c26facceec943500726d4777573bd526c1f4e41dcce8e130ba992457cd15d1162c1622809b7840ef50948c78f99eba70bbfede6b532c39c807ebaf6bc2031e357d8afc9c9b22c6de2e4c0f783e6bfe9f92c9a8937ba2a49e200e8e71e26d755b8da327a9aa7cb838ff70b8bc72a3809c217b6be5060b02f737743c55bee6cee60b51505417a51446c8770ef4076a6d2fdd12b19b3d32e575e91a09670a77b4530f4e3f9d2e262092e2af94526ee85d6b61d8416b62f786484bb57c48dba2c109919daaf8565d0f06b6ffbe7366386ad626bcb41732e399e1dba595494325970a7c8e62091c020c8490e658d3cf07106640446714df3ee73d97d79d8dfd99d7beae2fd1730ba4923a1088cf24489aad9edc49e98574f5b9e80fd5b2763ff2968d7d7ae72886657770a85de365b8504ca18537711578133e6b9aced0584311523d41dc82e04990db2ab611a5aae89ea4372bd583a06fac72208f8092849555e38a1051cedf5ec9ab753b752f428a2baf37d9aa56127e7faa194701e55185949056f016f40f5b9e145ffc1b06d2ca3"], 0x0)
r7 = openat$cdrom(0xffffff9c, &(0x7f0000000000), 0xa40, 0x0)
ioctl$CDROM_SELECT_DISK(r7, 0x5322, 0x0)
socket(0x6, 0xa, 0x20100)
lsetxattr$system_posix_acl(0x0, &(0x7f00000002c0)='system.posix_acl_default\x00', 0x0, 0x0, 0x1)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
pipe(&(0x7f0000000040))
io_setup(0x3ff, &(0x7f0000000500))

1.36486093s ago: executing program 2 (id=498):
r0 = getpid()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
inotify_init1(0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0)
r7 = dup3(r6, r5, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000002c0)={0x4c, 0x0, &(0x7f0000000680)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_THREAD_EXIT(r5, 0x40046208, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r3, @ANYBLOB="008307000000000024001280110001006272696467655f736c617665000000000c00058008002a"], 0x44}}, 0x0)
openat$ipvs(0xffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000400)=ANY=[@ANYRESHEX=r4, @ANYRESHEX=r2, @ANYRES64, @ANYRESOCT=0x0, @ANYRESOCT=0x0], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1e0000000700000005000000bd24000000400400", @ANYRES32=r0, @ANYBLOB="050000000000e909ec75c08b9b9a1f000000000000000000000000000017000000000000b2412439fbecfec71a9c5820e031311e6d110ff1ff3775999707a42fb4657a8a91159a48f679e3b0b1f9a9c4d25b87df9248c85caa3c54b69cc3dafd295a34927a06199ff581238185919a74c1b854bb4473503a6a3a4cda107b454c4cec0b2f60764085437e659c54cfc71e2915a076a920cf184cbbd1ceee28ba50ca26372612098984", @ANYRES32=r3, @ANYRES64=r4, @ANYBLOB="0300000003000000030000000700"/28], 0x50)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x383, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
landlock_create_ruleset(&(0x7f0000000000)={0x4a22}, 0x10, 0x0)
r8 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000000)=0x3)
socket$inet(0x2, 0x80000, 0xfffffffe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r9, 0x40047438, &(0x7f0000000180)=""/246)
write(r9, &(0x7f00000007c0)="0c6e301fe9439ffa8f93fae3382330b64ccd364f36e8f745de235ff7c689b9a4c2095a2f1e23589d346b1f729bbd9565a19f716c4c72d7f5f7863fd4acf51860f9e7905f83f0657b832e63f64fe076127bd74c2e1bd041786c7cbeaff808aa635febbc5a98c61c8479e1829bf902745a5cfbb3f7393c7de3369e2c8e27e5084b7566f55f4a63382981b9a0195a28a871b2e94d08076f3c77ae760f8e492fdb884e4095fedfd5cf2338214deb7aa1437ca23e20b9896e0fdaad25063fba3428b993b55314265bf3d3ec307c49832fcdf91ea536601c80e4580b24074b05f825f9e5208ea6288df2b6a95ca90d7e8017400ae5e0ebe90bb534aa24648053894d301ea818643b6a18c56aca4cc0a1d25b5d4722b6c5c9586bc3185f199786e09007e3d7c99ec387f0a7304f851a88f0c456b79274037cf72bb907dc58f061adf68bd7a28b46ab5eedeec7cf0b867263d9828b070c3e116355471e53d1fc04f3bfdd30bdc3db3231469f9fe9f3eb02d7b3e5545e9274114fb3459e905df648f7afaaae296a4cf8317be0a631c288b630a233f58c3d3a7cb76db7764b657ce194ef515bd71bb8af5ef2b7e8602ca5f231f15b48d35e57ef37345fdaefb176317f9394f46547ee859e123801973f24512457f6ab4fc488c46a5297c9b715b56f18c91358ef2cc50a25cf4547d7a7631462920189e46bf3ac27ce12336e4484a8b1a6f05e2388da5c3e93e2a7b586fb445e7d4db181b696601d2ec35844483e218d808b26da964aa0db43420521f9224178c8e253eee9dfeb48f939d4ec1bda31d2f6444b62fa026b99fd1a04c65246b61117cc4d708b5cca7b0ddeb7da044d9929cfe5f1bc26f681b05ee4db19370a1f35a90caa670cfac4297724c2fee1ba75bb7b75efae8eb09869ede7b1bd02f8b4dd5c51492095b6bed0277366e5056e7ecf919b1a86ebc12ae232f1e6d942b45c57a66b28a7053688f0d65e34a61025ad9d955147042ef61e0cbbad405c8bab78a6daef90a85c802b038148d62e2667095a6fcc5ca1af0eecfc94d45169d06fdd18897bfda6f73334469d7ebc5665f092f0eae1411fe34ac97b4a0633815abf25ec2d482e7fdd12496b194008adf4412f6d1711020495dcf254f01af4d48ecb6dee869f305d3bb3ca85334f670d6cfe1a6771ae02e294116cdeffa3957df9995b491301292c4de30d21cea73e6846a6d00441367466d4c6c6e24177a9039ba61ff4871608a882f04eed747743f4b0bdebb03d8de37406cf81b4d1a774471969aa3a12330863b10aa8c323f5c309ad64a6aa6834f3d5664115abbeee43726b77d157511ca327c5fc2580295145b7d646a81c34d729ec823867cf8f7648289213fc6183e9b0da793f46d1515a3e9e53d3a228508919faf455b1a7e3287999b7dc97ab8d655899db2cc55ab40a1fb6e5b204cd69e552185ea79227fe85dfe8fc5821844c32b49f76d282fdda25f6e5f78c3eb98022ad756d62b05ba41ad848d146658763c361c78d5a4745ecbad2098afde43602df8e5d2245d89aca7a270e718160ac68fb936ed641383af13312da01a24b01397124b207a922a003755cc5648a044e51f3b72bfd35e3f5a699bcf141bc34a080adf19ff223cb922f7a983d16f136b392907bcc53f1187beea5938f224b3ca17e5e9502661da3a6dd27bb16506475bd77b6a57e3131bd228a76c947bf05a1a13d43d9ca1d47ad8364046a7cc1f57b5128df3e36e74762def3517529e207cf78d672983e8a11a934b90218409707b1ff799aa9aeb0b325d81b4a0d7f0735ab2847a8ec435b060ef74b9ae4616b4209ab39928c584ee7976886332cef0daaf5b6d59437e29695df3dab1b8281916f3219a910ca0af6996532a47a49ffb0dba0d554bf6510d57956db193d23a37967156eb2ff858690578c751886d18cfe03714a8da91a76b99fbc834125b46c99278e784968f001c450153be10c23510694f81c5f53f74d07ef8ad40f9a6e4abdafabba3fb10b2c52bca8ffe19687043b3158a862957310debfd0181e83228d297d944fa2a88ae2e6743e724d1c8f01bc2068b7f4ec1c7945f814ff9a337965eedffa28b746eb5cba6b3421faa8f91a39aca5b8de0c53440668fc338668998e938d41e1acded64a4933d5cc297d0cc6a53db219346c7010f0c65ee4c75ebd79f7d98dfd45eacfb140808638489052baa8135e3e82627e0f91b6b627dfce5cbf030a0b78a0856eb022dc663098e9b9d555339883a2c20bbe5fa741495a1d1300db48872e3bac59403d9bd30be639f409557d357f530518e42d227e8afbf76fcee51f88be7d424991493b9d97a9370aabf9d7e00e9bf7de5e6475abb956ba55f5976c1b5bdfc11b84a74f34768fe2a4f847a1e6ad9ace0e2d722b56737908a4f8859bddc0a3f603495117fac14b315d242f747fcdc1c75a928c091542e7aae2f48cc16eb9aaac1719af29edba995624bb2222807ad6a9e5dd7f85fd639b93e5100c706038495ad9a7361ee4ead91af8bcd9cf2ec03f41e13c67edd9b3f3e4935c2a1afb2ad0d9eba141aee8e95a91a67d7e987acb411fb4edf8ed04eb3db30d14b02465861ec1986556f395a97954f83ec6d283e2eb38c4f9c2cb112033b02a51dd0733111d4b71bb7185805c94679d1b368771ced727f0b5474c921fa6ca9b5f4b5f296e11e05d66cbc58b04be28e77d78dad65e52b525e026297949b22bb99c1b2bf08a1f6501d4f8caa75034a0b906d038426f1b45d2f0fefe2a4eb4b2861d605d1098ad20549e85fea06efa4b95a3fcf7e66b6abd6cbde80d9b3be6ff9df64bbdedc836b1c91fe2a245f64e0afce98884ddce0da2fa1f0839fefd5508a1e26acdddc02be1d6389a2885dffa239721416418c2cdbc6ab7660637036efca721396e1fd168ca24c7b0a55f27cf83e6507d93d2f016ec53319a56ad831cd4f6945c79c132112c7c6f592c0ffe9437cd47c055dd449372059ece53271b1213e38ccb08b42fc1c1820e2c97983a9d3f76d08e8f20677e8d5b6282d06a48bb51e095f5c385b6b8a7d83135cd85dbaff9854373a99eabd090efef1d81ed6ad31ae7ea88845376e3c06647bd8c5a11336b010fcfb3af934c2a24617c3a14016e48a1954e57677d1c74860f8bd10a1087a8bbdc9b95dc639dc50482c103899c666a197ac284b564adb44eb6f886a44473f1aa96ce2ccb89c014102d948e5b9bb0a4ff9355a3e0bd8f2827a16e3db08de0f901e984517b778e390f4863f09bfee89e1b1dbd1f25bbb9d105bbcf61c88234cc20d696b93be098c35cb1d0c6e747d2b2777311ec4c7d9d2e05025a871146da419018b6ddf397dbf60afbf45790aa927a47dab7218d269e6c193cbdb33d00350acfbc5cfac9f371a2feeafb064a8c1f319ca1ea8ab9f0416a2f9d106ab9c4da61ce5f2e6f8ec6d66d94d11f39b9c28ebd0d3568d830bc6d69f546e2b22b66bfcc59aebd0b673eafa8ba2812ceac8dc25dbcde1603c4ccdebee695e6fc96a8690b63d71cbf253ea40d29cd5b1ef1b0db2208063cc504ee43fb2cd0484d0848c54de7925599e2081ad29474e072cf576f2d8dc5c2bfb6eaeec1e809f73bde8f3c6aaad0cc9813fb02621925a0998b643f6617614694e92998e3d89447045f964a7e411815a48a9078268eeec96a9dae81d2c36c948481719261e23f5315bc3651ce9b00f8eebb5a1f974e0e3c5985664e7b24fbe6939d1e79b22ea4247a368acd2a9b893ecfe45be309248043f4b7abfcdd2c092a7bcb31be956aaf8f5a2d1a0f06811a34bd7ad0dd949bcaf4bdeed699d0f52bd8efa2a0f352dcedfe2e384dfa5c04cd8a451cc32e7308c49909ce3d79a25824b7713a28ff32b6e6c0ab084acd392d4b6d376a435a3a206866514551fa4aa1599ba176dee57d3e5f9ae0f9a0a961667bb0da70d47e33ea495135b8db62ad386f17a810c6c9801952013a8402c3703c5d7871520314122364430c3d4cd7ddfff82733152f708871a5f7aaaa130dfb42b3f723f786ee9d669998d1a0c60063f8049dcb083845c7dc87746eae11a02c6991985f0d4186a38f76cdaeb16dda5162f1a3d8ac4b834638bc4cece665604f64a84c610b2b5889fb9295c0781f29e94758a8648a9d2de8c4f3e10b77ec771db4c2c2665b64f41b473a7576a2ffcc87799306813a17fee396f5510504c81829e9ac08cc877d96fd4ed1448ed8cac74236bbee186cbb2f47afc678d7090447495fb41f8065abcafe1cb2ec0a37287b6ada18d52727abad8ad830d220161fb3c9aacfc82a684c4b794f5e9954a3875eb696ce54e096de3e747accfc7d9c77a8bb5bf57a7ee6bf6f83a92c20aec84660804f52603d3e31c1fba80a61dab4a6583bb51bb84d71ba3d9a55ccc3e85a863516027e78fb113b821b6daee6a1196613e8f64d9e7fd3220ada3cbdf943c51e3e2df22b514f4afc036eac86b1ac3eeed785212e89b7d3aead9c6cd956d75126cb77b1aa3c358aa30f301e4296f556c39d6b015dfc33f503c3bcd78e5e7fbaf8be3a89484744d8edc5d75a9a5031adf3ce67877181c2db5aae4cf1d24fd76c53433c24d03fa6ea0130c5a2724b7b19a6f462cb758bd2744fc454c7f2bb2f8206e173528a2febb2244134adab0d1a24472efd840ed64ff705404854cceec0f7aff0a8f582bf6aca5b9f27674d8cd2a19de46284211370a3c451473813d6cabb161900e01367b5a6e6f1266a69d729f8957f8dcbbc89cb80996ce1630e5ba72caff1f99451bd2e2b56387cf9f0adbd8904e79c92b258e9d0906e6c65bfe49f7c7b134b570df6ae469da3242c3df77e46898f7a8b6a9da3525f0e26d3f093eff816cbd67e49619fe743361e42638301ea5e220e2aa8ce34bc794075cab71437bb572696709e28056b3acba0434bfd0c905a2427cc22a755865e90544d2849029f874530592b492d0d5fa0e7093dbf353ccca3a7e571324ad2", 0xdbd)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

1.146911958s ago: executing program 3 (id=499):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r3, &(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f00000002c0)={0x10, 0x0, 0x25dfdbfb, 0x400000}, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r5, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r6, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc)
r7 = socket$netlink(0x10, 0x3, 0x9)
bind$netlink(r7, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc)
r8 = socket$netlink(0x10, 0x3, 0x14)
bind$netlink(r8, &(0x7f0000000200)={0x10, 0x0, 0xffffffff, 0x400}, 0xc)
r9 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r9, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc)
r10 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r10, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc)
r11 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r11, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc)
r12 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r12, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc)
r13 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r13, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc)
bind$netlink(r1, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x80020000}, 0x48)
r14 = socket$netlink(0x10, 0x3, 0x4)
writev(r14, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)

1.10197666s ago: executing program 3 (id=500):
r0 = open$dir(&(0x7f0000000040)='.\x00', 0x0, 0x0)
faccessat2(r0, &(0x7f00000000c0)='./file1\x00', 0x7, 0x300)
r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x13)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000540)={0x3, 0x4, 0x3, 0x101}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000240)=[r4, r3, r3], &(0x7f0000000340), 0x10, 0xfffffffb, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$vicodec0(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r5, 0xc0185647, &(0x7f0000000100)={0x980000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f90b, 0x8000000, '\x00', @p_u16=0x0}})
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="03000000520001002abd708200ffffff0afe", @ANYRES32=r7, @ANYBLOB="d60611a1c4743ea9340d4560d5f6d0a22ec6ba7529afc990c00ffe438ccd8b0b2931dacb1981a2fa7cda308adea20f3890668e5c2c2100cb48d9a66a4bc7"], 0x1c}}, 0x814)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file1/file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
write$binfmt_misc(r2, &(0x7f0000000000), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x6]}})
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r2)

864.295463ms ago: executing program 0 (id=501):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xff}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe8)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{0xfffffffc}, {}, {0x0, 0x3}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"})
r5 = dup(r4)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000540)=ANY=[@ANYBLOB="010000000000000001000080"])
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xc0010140}]})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setregid(0x0, 0x0)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_SKBMARK={0x8}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000000380)=""/231, 0xe7)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)

746.816586ms ago: executing program 2 (id=502):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r2, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x3fffff})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r7 = dup3(r6, r5, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r8, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f00000001c0))
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000580)=[@acquire, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0}}], 0x0, 0x0, 0x0})
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r9, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
r10 = timerfd_create(0x1, 0x0)
timerfd_settime(r10, 0x3, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

491.387611ms ago: executing program 1 (id=503):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000000280)={0x0, 0x3938700}, 0x0, 0x0)
rmdir(0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$bt_sco(r2, &(0x7f0000000000)={0x1f, @none}, 0x8)
shutdown(r2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x30df5ae70c2bc9e7, 0x3, &(0x7f0000000000)=ANY=[@ANYRES8=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, 0x0, &(0x7f00000000c0))
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r7}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x9}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r6}, {}, {0x46, 0x8, 0xfff1, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r8, 0x84, 0xc, &(0x7f0000000000)=@assoc_value, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x6}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x13, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendto$inet(r0, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000480)=[{0x0}, {0x0}], 0x2, &(0x7f00000003c0)=[@sndinfo={0x1c, 0x84, 0x2, {0x4, 0x41}}, @sndrcv={0x2c, 0x84, 0x1, {0x81, 0x5, 0x202, 0x3, 0x8, 0x2aa0, 0x6, 0x6}}], 0x48, 0x4048800}, 0xc0)

168.602273ms ago: executing program 3 (id=504):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x6, @empty, 0xffffffff}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988000d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952", 0x5c, 0xbcff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000080), 0xc)
sendmmsg$inet6(r0, &(0x7f0000004800)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000380)='w', 0xff1d}], 0x1}}], 0x1, 0x0)
write$binfmt_misc(r0, &(0x7f00000000c0), 0x19ffe)

0s ago: executing program 2 (id=505):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)=0xffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$autofs(0xffffff9c, &(0x7f0000000000), 0x200142, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socket$netlink(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000000a000000000000000000000000000014000000060a0000000000000000000008000000140000001100010000000000000000000000000a"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[], 0x4b0}}, 0x0)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
socket$inet(0x2, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x801)
r4 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r4, 0x3)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
r6 = accept4(r4, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f0000007940), 0x55, 0x0, 0x0)
sendmmsg(r6, &(0x7f0000001500), 0x588, 0x3000000)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="600000000206050000000000000000000000000005000400000000000900020073797a3200000000140007800800064000006a000800084000005fdc0500050002000000050001000600000011000300686173683a6970"], 0x60}}, 0x0)
ioctl$PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000180)={0x1, &(0x7f0000000280)=[{0x6}]})
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
openat$rtc(0xffffff9c, &(0x7f0000000080), 0x12000, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:7399' (ED25519) to the list of known hosts.
[   34.308559][ T5877] cgroup: Unknown subsys name 'net'
[   34.433379][ T5877] cgroup: Unknown subsys name 'cpuset'
[   34.437792][ T5877] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   35.316232][ T5877] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   37.158471][ T5950] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   37.160583][ T5949] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   37.161544][ T5950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   37.164385][ T5949] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   37.165248][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   37.168239][ T5949] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   37.169462][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   37.170451][ T5951] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   37.171469][ T5951] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   37.171931][ T5949] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   37.172141][ T5949] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   37.172242][ T5949] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   37.179127][ T5950] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   37.180751][ T5951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   37.184371][ T5956] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   37.185220][ T5951] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   37.187031][ T5956] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   37.187536][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   37.187816][ T5950] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   37.187929][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   37.189205][ T5951] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   37.191288][ T5956] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   37.194594][ T5951] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   37.194939][ T5945] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   37.303053][ T5942] chnl_net:caif_netlink_parms(): no params data found
[   37.394783][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.396663][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.398651][ T5942] bridge_slave_0: entered allmulticast mode
[   37.401081][ T5942] bridge_slave_0: entered promiscuous mode
[   37.405450][ T5941] chnl_net:caif_netlink_parms(): no params data found
[   37.417956][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.420332][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.422218][ T5942] bridge_slave_1: entered allmulticast mode
[   37.424179][ T5942] bridge_slave_1: entered promiscuous mode
[   37.436139][ T5943] chnl_net:caif_netlink_parms(): no params data found
[   37.499480][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.516301][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.552708][ T5953] chnl_net:caif_netlink_parms(): no params data found
[   37.555759][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.557617][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.559655][ T5941] bridge_slave_0: entered allmulticast mode
[   37.561681][ T5941] bridge_slave_0: entered promiscuous mode
[   37.564332][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.566181][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.568042][ T5941] bridge_slave_1: entered allmulticast mode
[   37.570381][ T5941] bridge_slave_1: entered promiscuous mode
[   37.579464][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.581336][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.583864][ T5943] bridge_slave_0: entered allmulticast mode
[   37.586289][ T5943] bridge_slave_0: entered promiscuous mode
[   37.591779][ T5942] team0: Port device team_slave_0 added
[   37.594873][ T5942] team0: Port device team_slave_1 added
[   37.615556][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.617902][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.620885][ T5943] bridge_slave_1: entered allmulticast mode
[   37.623275][ T5943] bridge_slave_1: entered promiscuous mode
[   37.651228][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.678701][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.692839][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.696241][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.698523][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.707447][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.712268][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.714547][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.723082][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.754125][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.770679][ T5941] team0: Port device team_slave_0 added
[   37.772843][ T5953] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.774830][ T5953] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.776750][ T5953] bridge_slave_0: entered allmulticast mode
[   37.778893][ T5953] bridge_slave_0: entered promiscuous mode
[   37.781628][ T5953] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.784158][ T5953] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.786221][ T5953] bridge_slave_1: entered allmulticast mode
[   37.788202][ T5953] bridge_slave_1: entered promiscuous mode
[   37.801465][ T5941] team0: Port device team_slave_1 added
[   37.846193][ T5943] team0: Port device team_slave_0 added
[   37.855714][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.858019][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.867636][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.872223][ T5953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.877447][ T5943] team0: Port device team_slave_1 added
[   37.887896][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.890261][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.898767][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.903644][ T5953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.920150][ T5942] hsr_slave_0: entered promiscuous mode
[   37.922505][ T5942] hsr_slave_1: entered promiscuous mode
[   37.981410][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.983340][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.990304][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.009959][ T5941] hsr_slave_0: entered promiscuous mode
[   38.012334][ T5941] hsr_slave_1: entered promiscuous mode
[   38.014256][ T5941] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   38.016652][ T5941] Cannot create hsr debugfs directory
[   38.019819][ T5953] team0: Port device team_slave_0 added
[   38.022188][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.024178][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.031679][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.038648][ T5953] team0: Port device team_slave_1 added
[   38.064123][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.066424][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.074737][ T5953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.079929][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.082254][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.090708][ T5953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.154918][ T5943] hsr_slave_0: entered promiscuous mode
[   38.156905][ T5943] hsr_slave_1: entered promiscuous mode
[   38.158673][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   38.161763][ T5943] Cannot create hsr debugfs directory
[   38.187389][ T5953] hsr_slave_0: entered promiscuous mode
[   38.189285][ T5953] hsr_slave_1: entered promiscuous mode
[   38.191208][ T5953] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   38.193192][ T5953] Cannot create hsr debugfs directory
[   38.352676][ T5942] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   38.357920][ T5942] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   38.366454][ T5942] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   38.370396][ T5942] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   38.402250][ T5943] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   38.405354][ T5943] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   38.408424][ T5943] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   38.412912][ T5943] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   38.432216][ T5941] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   38.436182][ T5941] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   38.441065][ T5941] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   38.444500][ T5941] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   38.469143][ T5953] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   38.472912][ T5953] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   38.475924][ T5953] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   38.479485][ T5953] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   38.521395][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.530217][ T5942] 8021q: adding VLAN 0 to HW filter on device team0
[   38.539562][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.541493][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.544702][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.546544][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.574242][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.577499][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.581711][ T5953] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.596629][ T5941] 8021q: adding VLAN 0 to HW filter on device team0
[   38.603188][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.605051][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.608506][ T5953] 8021q: adding VLAN 0 to HW filter on device team0
[   38.613236][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[   38.618374][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.620625][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.626622][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.628457][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.633366][ T1062] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.635213][ T1062] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.642684][ T1062] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.644542][ T1062] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.647406][ T1062] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.649241][ T1062] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.693265][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.716099][ T5942] veth0_vlan: entered promiscuous mode
[   38.722648][ T5942] veth1_vlan: entered promiscuous mode
[   38.734561][ T5942] veth0_macvtap: entered promiscuous mode
[   38.737535][ T5942] veth1_macvtap: entered promiscuous mode
[   38.744008][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.750927][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.755550][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.764972][ T5942] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.767313][ T5942] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.770153][ T5942] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.772399][ T5942] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.786049][ T5953] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.796526][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.802881][ T5943] veth0_vlan: entered promiscuous mode
[   38.817312][ T5943] veth1_vlan: entered promiscuous mode
[   38.839519][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   38.841623][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   38.846923][ T5941] veth0_vlan: entered promiscuous mode
[   38.863100][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   38.867032][ T5943] veth0_macvtap: entered promiscuous mode
[   38.867066][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   38.869074][ T5941] veth1_vlan: entered promiscuous mode
[   38.874927][ T5953] veth0_vlan: entered promiscuous mode
[   38.879157][ T5943] veth1_macvtap: entered promiscuous mode
[   38.888126][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.891367][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.894590][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.896806][ T5953] veth1_vlan: entered promiscuous mode
[   38.902466][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   38.905173][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.908171][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.911394][ T5942] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   38.912866][ T5943] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.917446][ T5943] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.919862][ T5943] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.922127][ T5943] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.943788][ T5941] veth0_macvtap: entered promiscuous mode
[   38.952525][ T5953] veth0_macvtap: entered promiscuous mode
[   38.954988][ T5941] veth1_macvtap: entered promiscuous mode
[   38.962852][ T5953] veth1_macvtap: entered promiscuous mode
[   38.969234][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.973463][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.976104][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   38.978763][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.982877][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.991196][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   38.994768][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   38.998065][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.002212][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.006487][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.015551][ T1062] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.017580][ T1062] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.020970][ T6005] wireguard0: entered promiscuous mode
[   39.026619][ T5941] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.028920][ T5941] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.034906][ T5941] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.037214][ T5941] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.042674][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.046281][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.049741][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.053286][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.056564][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   39.060572][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.064677][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.073049][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.075782][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.078320][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.081833][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.084413][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   39.088159][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   39.094368][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.097670][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.100775][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.103897][ T5953] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.107046][ T5953] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.110177][ T5953] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.112799][ T5953] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.165049][ T6009] netlink: 'syz.3.4': attribute type 12 has an invalid length.
[   39.169990][ T6009] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4'.
[   39.187562][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.189815][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.198033][   T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.200170][   T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.218560][ T1062] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.223909][ T1062] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.224796][   T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   39.228388][   T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   39.240453][ T5945] Bluetooth: hci0: command tx timeout
[   39.242531][ T5952] Bluetooth: hci3: command tx timeout
[   39.242543][ T5945] Bluetooth: hci2: command tx timeout
[   39.242925][ T5310] Bluetooth: hci1: command tx timeout
[   39.456780][ T6017] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   39.515551][ T6019] loop9: detected capacity change from 0 to 6
[   39.522779][ T6019] Dev loop9: unable to read RDB block 6
[   39.524420][ T6019]  loop9: unable to read partition table
[   39.526179][ T6019] loop9: partition table beyond EOD, truncated
[   39.527846][ T6019] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[   39.527846][ T6019] 
) failed (rc=-5)
[   39.602830][ T6019] Dev loop9: unable to read RDB block 6
[   39.604391][ T6019]  loop9: unable to read partition table
[   39.606207][ T6019] loop9: partition table beyond EOD, truncated
[   39.608122][ T6019] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[   39.608122][ T6019] 
) failed (rc=-5)
[   40.229800][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   40.232806][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   40.236587][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   40.469477][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   40.503945][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   40.799593][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   41.082754][ T6036] ALSA: mixer_oss: invalid OSS volume 'u'
[   41.319676][ T5945] Bluetooth: hci1: command tx timeout
[   41.322411][ T5945] Bluetooth: hci0: command tx timeout
[   41.322838][ T5952] Bluetooth: hci2: command tx timeout
[   41.324499][ T5945] Bluetooth: hci3: command tx timeout
[   42.329490][ T6071] capability: warning: `syz.1.14' uses deprecated v2 capabilities in a way that may be insecure
[   42.343616][ T6071] Driver unsupported XDP return value 0 on prog  (id 4) dev N/A, expect packet loss!
[   42.480034][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.482475][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.484699][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.486919][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   43.110674][ T6083] netlink: 'syz.0.17': attribute type 10 has an invalid length.
[   43.321634][ T6083] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   43.399446][ T5952] Bluetooth: hci2: command tx timeout
[   43.412189][ T5951] Bluetooth: hci0: command tx timeout
[   43.477690][ T5951] Bluetooth: hci1: command tx timeout
[   43.484231][ T5952] Bluetooth: hci3: command tx timeout
[   43.872272][ T6087] syz.0.17 (6087): drop_caches: 2
[   45.280907][ T6155] netlink: 'syz.3.28': attribute type 10 has an invalid length.
[   45.283892][ T6155] bond0: (slave wlan1): Opening slave failed
[   45.430724][ T6155] syz.3.28 (6155): drop_caches: 2
[   45.479522][ T5952] Bluetooth: hci2: command tx timeout
[   45.479560][ T5951] Bluetooth: hci0: command tx timeout
[   45.482417][ T5945] Bluetooth: hci1: command tx timeout
[   45.491872][ T6160] netlink: 'syz.1.29': attribute type 10 has an invalid length.
[   45.495251][ T6160] bond0: (slave wlan1): Opening slave failed
[   45.545429][ T6160] syz.1.29 (6160): drop_caches: 2
[   45.559923][ T5952] Bluetooth: hci3: command tx timeout
[   47.434315][ T6194] e1000e 0000:00:02.0 eth1: NIC Link is Down
[   47.933388][ T6229] netlink: 'syz.1.40': attribute type 10 has an invalid length.
[   47.939185][ T6229] bond0: (slave wlan1): Opening slave failed
[   48.000165][ T6229] syz.1.40 (6229): drop_caches: 2
[   48.061894][ T6192] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   48.064297][ T6192] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   48.072766][ T6192] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   48.077090][ T6192] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   48.078732][ T6192] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   48.082360][ T6192] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   48.087425][ T6192] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   48.089051][ T6192] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   48.112873][ T6192] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   48.135653][ T6192] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   48.139271][ T6192] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   48.150976][ T6192] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   49.226228][ T6256] dvmrp1: entered allmulticast mode
[   49.259004][ T5945] Bluetooth: hci1: command 0x0c1a tx timeout
[   49.369273][ T6260] random: crng reseeded on system resumption
[   49.553198][ T6262] 9pnet_fd: Insufficient options for proto=fd
[   49.801191][ T6264] netlink: 4 bytes leftover after parsing attributes in process `syz.1.48'.
[   49.849244][ T6263] netlink: 276 bytes leftover after parsing attributes in process `syz.1.48'.
[   50.129488][ T5945] Bluetooth: hci2: command 0x0c1a tx timeout
[   50.131151][ T5945] Bluetooth: hci0: command 0x0c1a tx timeout
[   50.199623][ T5952] Bluetooth: hci3: command 0x0c1a tx timeout
[   50.212774][ T6275] netlink: 'syz.3.51': attribute type 10 has an invalid length.
[   50.216007][ T6275] bond0: (slave wlan1): Opening slave failed
[   50.290501][ T6275] syz.3.51 (6275): drop_caches: 2
[   50.402450][ T6278] netlink: 'syz.1.52': attribute type 10 has an invalid length.
[   50.405081][ T6278] bond0: (slave wlan1): Opening slave failed
[   50.414785][ T6278] syz.1.52 (6278): drop_caches: 2
[   50.702488][ T6284] veth1_macvtap: entered allmulticast mode
[   51.319455][ T5952] Bluetooth: hci1: command 0x0c1a tx timeout
[   51.638572][ T6300] warning: `syz.1.57' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   52.025464][ T6306] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   52.209576][ T5952] Bluetooth: hci2: command 0x0c1a tx timeout
[   52.209907][ T5945] Bluetooth: hci0: command 0x0c1a tx timeout
[   52.295970][ T5945] Bluetooth: hci3: command 0x0c1a tx timeout
[   52.650556][ T6316] netlink: 'syz.0.61': attribute type 10 has an invalid length.
[   52.671402][ T6316] syz.0.61 (6316): drop_caches: 2
[   52.697495][ T6317] netlink: 'syz.1.62': attribute type 10 has an invalid length.
[   52.702044][ T6317] bond0: (slave wlan1): Opening slave failed
[   52.708943][ T6317] binder_alloc: 6314: binder_alloc_buf, no vma
[   52.715231][ T6317] syz.1.62 (6317): drop_caches: 2
[   53.400191][ T5945] Bluetooth: hci1: command 0x0c1a tx timeout
[   54.319493][ T5945] Bluetooth: hci0: command 0x0c1a tx timeout
[   54.327234][ T6395] netlink: 4 bytes leftover after parsing attributes in process `syz.1.67'.
[   54.330235][ T5945] Bluetooth: hci2: command 0x0c1a tx timeout
[   54.359502][ T5945] Bluetooth: hci3: command 0x0c1a tx timeout
[   54.530765][ T6396] netlink: 20 bytes leftover after parsing attributes in process `syz.1.67'.
[   54.533060][ T6396] netlink: 4 bytes leftover after parsing attributes in process `syz.1.67'.
[   54.618110][ T6399] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   56.387185][ T6436] tmpfs: Bad value for 'mpol'
[   56.838515][ T6441] ata1.00: invalid command format 189
[   57.385627][ T6453] random: crng reseeded on system resumption
[   57.568454][ T6455] netlink: 4 bytes leftover after parsing attributes in process `syz.0.85'.
[   57.614783][ T6455] netlink: 276 bytes leftover after parsing attributes in process `syz.0.85'.
[   58.275801][ T6469] netlink: 'syz.3.89': attribute type 10 has an invalid length.
[   58.279120][ T6469] bond0: (slave wlan1): Opening slave failed
[   58.301137][ T6469] syz.3.89 (6469): drop_caches: 2
[   58.552934][ T6460] ALSA: mixer_oss: invalid OSS volume 'u'
[   58.805480][ T6474] Zero length message leads to an empty skb
[   58.816104][ T6482] netlink: 'syz.1.91': attribute type 10 has an invalid length.
[   58.819266][ T6482] bond0: (slave wlan1): Opening slave failed
[   58.863551][ T6482] binder_alloc: 6475: binder_alloc_buf, no vma
[   58.872965][ T6482] syz.1.91 (6482): drop_caches: 2
[   59.249312][ T6488] [U] 
[   59.699116][ T6506] dvmrp1: entered allmulticast mode
[   59.831074][ T6510] vivid-007: disconnect
[   59.981211][ T6513] dlm: no local IP address has been set
[   59.983104][ T6513] dlm: cannot start dlm midcomms -107
[   60.017993][ T6514] 9pnet_fd: Insufficient options for proto=fd
[   60.554966][ T6086] hid-generic 0004:0000:0000.0002: unknown main item tag 0x2
[   60.557570][ T6086] hid-generic 0004:0000:0000.0002: unknown main item tag 0x0
[   60.560189][ T6086] hid-generic 0004:0000:0000.0002: unknown main item tag 0x0
[   60.562660][ T6086] hid-generic 0004:0000:0000.0002: unknown main item tag 0x0
[   60.565122][ T6086] hid-generic 0004:0000:0000.0002: unknown main item tag 0x4
[   60.567612][ T6086] hid-generic 0004:0000:0000.0002: unknown main item tag 0x0
[   60.569768][ T6086] hid-generic 0004:0000:0000.0002: unknown main item tag 0x0
[   60.571705][ T6086] hid-generic 0004:0000:0000.0002: unknown main item tag 0x0
[   60.573610][ T6086] hid-generic 0004:0000:0000.0002: unknown main item tag 0x0
[   60.575840][ T6086] hid-generic 0004:0000:0000.0002: unknown main item tag 0x0
[   60.580209][ T6086] hid-generic 0004:0000:0000.0002: hidraw1: <UNKNOWN> HID vffffff.fc Device [syz0] on syz1
[   60.670641][ T6513] vivid-007: reconnect
[   60.695391][ T6522] netlink: 'syz.2.102': attribute type 10 has an invalid length.
[   60.698139][ T6522] bond0: (slave wlan1): Opening slave failed
[   60.711931][ T6522] syz.2.102 (6522): drop_caches: 2
[   60.829536][ T6086] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[   60.991899][ T6086] usb 8-1: config 0 has no interfaces?
[   60.994837][ T6086] usb 8-1: New USB device found, idVendor=15f4, idProduct=0015, bcdDevice=74.72
[   60.997498][ T6086] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   61.000313][ T6086] usb 8-1: Product: syz
[   61.001481][ T6086] usb 8-1: Manufacturer: syz
[   61.002707][ T6086] usb 8-1: SerialNumber: syz
[   61.005725][ T6086] usb 8-1: config 0 descriptor??
[   61.114845][ T6530] netlink: 'syz.2.104': attribute type 10 has an invalid length.
[   61.117294][ T6530] bond0: (slave wlan1): Opening slave failed
[   61.132879][ T6530] syz.2.104 (6530): drop_caches: 2
[   61.161980][ T6523] ALSA: mixer_oss: invalid OSS volume 'u'
[   62.747685][  T143] usb 8-1: USB disconnect, device number 2
[   63.354168][ T6555] dvmrp1: entered allmulticast mode
[   63.620404][ T6560] 9pnet_fd: Insufficient options for proto=fd
[   63.620665][ T6561] netlink: 'syz.1.112': attribute type 10 has an invalid length.
[   63.627302][ T6561] bond0: (slave wlan1): Opening slave failed
[   63.655475][ T6561] syz.1.112 (6561): drop_caches: 2
[   65.938331][ T6601] netlink: 'syz.0.121': attribute type 10 has an invalid length.
[   65.958140][ T6601] syz.0.121 (6601): drop_caches: 2
[   65.959087][ T6600] syz.3.122: attempt to access beyond end of device
[   65.959087][ T6600] sr0: rw=6144, sector=128, nr_sectors = 8 limit=128
[   65.963453][ T6600] gfs2: error -5 reading superblock
[   66.426817][ T6610] [U] 
[   67.125852][ T6620] ptrace attach of "/syz-executor exec"[5953] was attempted by "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   68.103122][ T6630] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   68.134639][ T6630] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   68.137595][ T6630] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   68.139836][ T6630] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   68.657491][ T2294] libceph: connect (1)[c::]:6789 error -101
[   68.659537][ T2294] libceph: mon0 (1)[c::]:6789 connect error
[   68.860624][ T6649] ceph: No mds server is up or the cluster is laggy
[   69.343197][ T6666] syz.0.137 uses obsolete (PF_INET,SOCK_PACKET)
[   69.453831][ T6669] netlink: 'syz.1.135': attribute type 10 has an invalid length.
[   69.456432][ T6669] bond0: (slave wlan1): Opening slave failed
[   69.492276][ T6669] syz.1.135 (6669): drop_caches: 2
[   69.624263][ T6672] xt_time: invalid argument - start or stop time greater than 23:59:59
[   69.719466][ T5945] Bluetooth: hci1: command 0x0c1a tx timeout
[   70.091472][ T6679] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   70.200055][ T5945] Bluetooth: hci3: command 0x0c1a tx timeout
[   70.201153][ T5952] Bluetooth: hci2: command 0x0c1a tx timeout
[   70.201685][ T5945] Bluetooth: hci0: command 0x0c1a tx timeout
[   70.552050][ T6691] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   70.553994][ T6691] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   70.558692][ T6691] vhci_hcd vhci_hcd.0: Device attached
[   70.692286][ T1411] ieee802154 phy0 wpan0: encryption failed: -22
[   70.694079][ T1411] ieee802154 phy1 wpan1: encryption failed: -22
[   70.739713][ T3223] vhci_hcd: vhci_device speed not set
[   70.809906][ T3223] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[   72.104406][ T6716] syzkaller0: entered promiscuous mode
[   72.105957][ T6716] syzkaller0: entered allmulticast mode
[   72.192780][ T6692] vhci_hcd: connection reset by peer
[   72.205144][ T1134] vhci_hcd: stop threads
[   72.207382][ T1134] vhci_hcd: release socket
[   72.210459][ T1134] vhci_hcd: disconnect device
[   72.634215][ T6722] binder: 6719:6722 ioctl 400c620e 20000140 returned -22
[   72.637254][ T6722] netlink: 4 bytes leftover after parsing attributes in process `syz.3.148'.
[   73.293298][ T6717] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   73.459236][ T6731] netlink: 'syz.0.150': attribute type 10 has an invalid length.
[   73.492398][ T6731] syz.0.150 (6731): drop_caches: 2
[   73.769505][ T6734] syz.0.151 (6734): drop_caches: 2
[   74.889908][ T6751] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   74.959526][ T6754] tipc: Started in network mode
[   74.960928][ T6754] tipc: Node identity ac1414aa, cluster identity 4711
[   74.963206][ T6754] tipc: Enabled bearer <udp:s>, priority 10
[   75.878421][    T9] cfg80211: failed to load regulatory.db
[   75.969558][ T3223] vhci_hcd: vhci_device speed not set
[   76.005707][ T6771] netlink: 'syz.1.161': attribute type 10 has an invalid length.
[   76.008310][ T6771] bond0: (slave wlan1): Opening slave failed
[   76.090846][  T833] tipc: Node number set to 2886997162
[   76.129166][ T6771] syz.1.161 (6771): drop_caches: 2
[   76.920514][ T5945] Bluetooth: hci3: command 0x0c1a tx timeout
[   77.033129][ T6785] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   77.035318][ T6785] IPv6: NLM_F_CREATE should be set when creating new route
[   77.037175][ T6785] IPv6: NLM_F_CREATE should be set when creating new route
[   77.049661][ T6785] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   77.056177][ T6785] trusted_key: syz.2.166 sent an empty control message without MSG_MORE.
[   77.365919][ T6795] netlink: 4 bytes leftover after parsing attributes in process `syz.2.167'.
[   77.377435][ T6795] netlink: 177 bytes leftover after parsing attributes in process `syz.2.167'.
[   77.591882][ T6795] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   78.372871][ T6806] netlink: 20 bytes leftover after parsing attributes in process `syz.2.170'.
[   79.503968][ T6822] netlink: 4 bytes leftover after parsing attributes in process `syz.2.172'.
[   79.581087][ T6823] netlink: 20 bytes leftover after parsing attributes in process `syz.2.172'.
[   79.583381][ T6823] netlink: 4 bytes leftover after parsing attributes in process `syz.2.172'.
[   83.222751][ T6893] tmpfs: Unknown parameter '�'
[   83.279271][ T6894] random: crng reseeded on system resumption
[   83.410220][ T5945] Bluetooth: hci2: command 0x0c1a tx timeout
[   83.462753][ T6892] netlink: 'syz.1.188': attribute type 10 has an invalid length.
[   83.472244][ T6892] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.474680][ T6892] team0: Port device batadv0 added
[   83.969046][ T6888] delete_channel: no stack
[   84.356986][ T6908] veth1_macvtap: entered allmulticast mode
[   85.399510][ T5945] Bluetooth: hci3: command 0x0c1a tx timeout
[   86.251324][ T6924] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   86.501092][ T6943] netlink: 'syz.2.201': attribute type 12 has an invalid length.
[   86.743151][ T6955] random: crng reseeded on system resumption
[   86.833578][ T3223] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   86.925900][ T6963] netlink: 'syz.2.203': attribute type 10 has an invalid length.
[   86.934391][ T6963] team0: Failed to send options change via netlink (err -105)
[   86.936909][ T6963] team0: Port device netdevsim0 added
[   86.953655][ T6963] netlink: 'syz.2.203': attribute type 10 has an invalid length.
[   86.956940][ T6963] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[   86.964492][ T6963] team0: Failed to send options change via netlink (err -105)
[   86.967121][ T6963] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[   86.970697][ T6963] team0: Port device netdevsim0 removed
[   86.974807][ T6963] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   87.022592][ T6963] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[   87.035530][    T9] hid-generic 0004:0000:0000.0003: unknown main item tag 0x2
[   87.038184][    T9] hid-generic 0004:0000:0000.0003: unknown main item tag 0x0
[   87.040609][    T9] hid-generic 0004:0000:0000.0003: unknown main item tag 0x0
[   87.042529][    T9] hid-generic 0004:0000:0000.0003: unknown main item tag 0x0
[   87.049762][    T9] hid-generic 0004:0000:0000.0003: unknown main item tag 0x4
[   87.051829][    T9] hid-generic 0004:0000:0000.0003: unknown main item tag 0x0
[   87.053775][    T9] hid-generic 0004:0000:0000.0003: unknown main item tag 0x0
[   87.058422][    T9] hid-generic 0004:0000:0000.0003: unknown main item tag 0x0
[   87.060613][    T9] hid-generic 0004:0000:0000.0003: unknown main item tag 0x0
[   87.062499][    T9] hid-generic 0004:0000:0000.0003: unknown main item tag 0x0
[   87.065232][    T9] hid-generic 0004:0000:0000.0003: hidraw1: <UNKNOWN> HID vffffff.fc Device [syz0] on syz1
[   87.131492][ T6963] ata1.00: non-matching transfer count (1530558389/0)
[   87.299919][  T833] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[   87.461276][  T833] usb 5-1: config 0 has no interfaces?
[   87.465120][  T833] usb 5-1: New USB device found, idVendor=15f4, idProduct=0015, bcdDevice=74.72
[   87.467512][  T833] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.469644][  T833] usb 5-1: Product: syz
[   87.470812][  T833] usb 5-1: Manufacturer: syz
[   87.472023][  T833] usb 5-1: SerialNumber: syz
[   87.478492][  T833] usb 5-1: config 0 descriptor??
[   87.628416][ T6989] veth1_macvtap: entered allmulticast mode
[   88.494230][   T39] audit: type=1800 audit(1733319328.927:2): pid=6992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.208" name="file0" dev="9p" ino=38535328 res=0 errno=0
qemu-system-x86_64: warning: 9p: bad client: T_read request on directory only expected with 9P2000.u protocol version
[   88.530298][   T39] audit: type=1800 audit(1733319328.967:3): pid=6992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.208" name="file0" dev="9p" ino=38535328 res=0 errno=0
[   88.997549][ T7004] netlink: 24 bytes leftover after parsing attributes in process `syz.1.210'.
[   89.237677][  T143] usb 5-1: USB disconnect, device number 2
[   93.909702][    T9] IPVS: starting estimator thread 0...
[   94.014557][ T7031] mmap: syz.3.215 (7031) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   94.069583][ T7030] IPVS: using max 38 ests per chain, 91200 per kthread
[   94.263322][ T7032] netlink: 'syz.2.214': attribute type 9 has an invalid length.
[   94.265396][ T7032] netlink: 209560 bytes leftover after parsing attributes in process `syz.2.214'.
[   96.771001][ T7086] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   96.924931][ T7085] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[   96.926674][ T7085] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   96.932305][ T7085] vhci_hcd vhci_hcd.0: Device attached
[   97.149711][ T5817] vhci_hcd: vhci_device speed not set
[   97.218798][ T5817] usb 43-1: new full-speed USB device number 2 using vhci_hcd
[   97.399307][   T39] audit: type=1326 audit(1733319337.827:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7091 comm="syz.0.227" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf741e579 code=0x0
[   97.580068][ T7089] vhci_hcd: connection reset by peer
[   97.582737][ T1062] vhci_hcd: stop threads
[   97.583923][ T1062] vhci_hcd: release socket
[   97.585252][ T1062] vhci_hcd: disconnect device
[   97.598642][ T7096] ata3.00: invalid multi_count 1 ignored
[   97.677107][ T7095] dccp_close: ABORT with 5265 bytes unread
[   97.809674][ T7101] netlink: 'syz.1.229': attribute type 10 has an invalid length.
[   97.812629][ T7101] bond0: (slave wlan1): Opening slave failed
[   97.827017][ T7101] syz.1.229 (7101): drop_caches: 2
[   99.319107][ T7140] netlink: 'syz.1.236': attribute type 10 has an invalid length.
[   99.360728][ T7140] team0: Port device batadv0 removed
[   99.391428][ T7140] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.422718][ T7140] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   99.770577][ T7146] netlink: 'syz.3.239': attribute type 10 has an invalid length.
[   99.773219][ T7146] bond0: (slave wlan1): Opening slave failed
[   99.786551][ T7146] syz.3.239 (7146): drop_caches: 2
[   99.878646][ T7140] syz.1.236 (7140) used greatest stack depth: 20496 bytes left
[  100.455612][ T7161] netlink: 7520 bytes leftover after parsing attributes in process `syz.3.244'.
[  100.983473][ T7170] netlink: 48 bytes leftover after parsing attributes in process `syz.2.245'.
[  101.342839][ T7174] loop9: detected capacity change from 0 to 6
[  101.347734][ T7174] Dev loop9: unable to read RDB block 6
[  101.349193][ T7174]  loop9: unable to read partition table
[  101.350942][ T7174] loop9: partition table beyond EOD, truncated
[  101.352592][ T7174] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  101.352592][ T7174] 
) failed (rc=-5)
[  101.841501][ T7174] Dev loop9: unable to read RDB block 6
[  101.843087][ T7174]  loop9: unable to read partition table
[  101.845193][ T7174] loop9: partition table beyond EOD, truncated
[  101.847185][ T7174] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  101.847185][ T7174] 
) failed (rc=-5)
[  102.066376][ T7178] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2758444543 (5516889086 ns) > initial count (4205064 ns). Using initial count to start timer.
[  102.359947][ T5817] vhci_hcd: vhci_device speed not set
[  102.466111][ T7192] syz.3.250 (7192): attempted to duplicate a private mapping with mremap.  This is not supported.
[  102.538784][ T7193] nvme_fabrics: missing parameter 'transport=%s'
[  102.540849][ T7193] nvme_fabrics: missing parameter 'nqn=%s'
[  104.316898][ T7235] loop9: detected capacity change from 0 to 6
[  104.320009][ T7235] Dev loop9: unable to read RDB block 6
[  104.321579][ T7235]  loop9: unable to read partition table
[  104.323666][ T7235] loop9: partition table beyond EOD, truncated
[  104.325305][ T7235] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  104.325305][ T7235] 
) failed (rc=-5)
[  104.834951][ T7253] netlink: 32 bytes leftover after parsing attributes in process `syz.1.262'.
[  104.843454][ T7253] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  104.845874][ T7253] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  104.848171][ T7253] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  104.850872][ T7253] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  104.867474][ T7254] netlink: 'syz.2.263': attribute type 10 has an invalid length.
[  104.872062][ T7254] bond0: (slave wlan1): Opening slave failed
[  105.399494][ T5951] Bluetooth: hci3: command 0x0c1a tx timeout
[  107.104235][ T7292] loop9: detected capacity change from 0 to 6
[  107.108070][ T7292] Dev loop9: unable to read RDB block 6
[  107.109691][ T7292]  loop9: unable to read partition table
[  107.111523][ T7292] loop9: partition table beyond EOD, truncated
[  107.113221][ T7292] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  107.113221][ T7292] 
) failed (rc=-5)
[  107.181304][ T7292] Dev loop9: unable to read RDB block 6
[  107.182871][ T7292]  loop9: unable to read partition table
[  107.184674][ T7292] loop9: partition table beyond EOD, truncated
[  107.186353][ T7292] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  107.186353][ T7292] 
) failed (rc=-5)
[  107.593821][ T7298] ieee802154 phy0 wpan0: encryption failed: -22
[  107.949431][ T7310] mkiss: ax0: crc mode is auto.
[  108.142759][ T7313] netlink: 24 bytes leftover after parsing attributes in process `syz.1.276'.
[  108.206413][ T7317] usb 2-1: USB disconnect, device number 2
[  108.268805][ T7318] hub 2-0:1.0: USB hub found
[  108.271280][ T7318] hub 2-0:1.0: 6 ports detected
[  108.439708][ T5817] usb 2-1: new high-speed USB device number 3 using ehci-pci
[  108.943721][ T5817] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  108.961271][ T5817] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  108.982836][ T5817] usb 2-1: Product: QEMU USB Tablet
[  108.987902][ T5817] usb 2-1: Manufacturer: QEMU
[  109.014287][ T5817] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  109.052681][ T5817] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0004/input/input7
[  109.123303][ T5817] hid-generic 0003:0627:0001.0004: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  109.315084][ T7337] binder: 7335:7337 ioctl c0306201 20000680 returned -14
[  109.478285][ T7343] netlink: 'syz.0.282': attribute type 1 has an invalid length.
[  109.489039][ T7343] netlink: 24 bytes leftover after parsing attributes in process `syz.0.282'.
[  110.608663][ T7361] syz.0.286 (7361): drop_caches: 2
[  111.144445][ T7372] SET target dimension over the limit!
[  112.644495][ T7407] Bluetooth: (null): Invalid header checksum
[  112.648414][ T7407] fuse: Bad value for 'fd'
[  112.842208][ T7411] block device autoloading is deprecated and will be removed.
[  113.082571][   T65] Bluetooth: (null): Invalid header checksum
[  113.084799][   T65] Bluetooth: (null): Invalid header checksum
[  113.087605][   T65] Bluetooth: (null): Invalid header checksum
[  113.090283][   T65] Bluetooth: (null): Invalid header checksum
[  113.102767][   T65] Bluetooth: (null): Invalid header checksum
[  113.958025][ T7438] vivid-007: disconnect
[  114.220527][ T7442] overlay: Unknown parameter '/'
[  114.336822][ T7444] netlink: 20 bytes leftover after parsing attributes in process `syz.3.301'.
[  114.797280][ T7437] vivid-007: reconnect
[  115.240546][ T7458] ptrace attach of "/syz-executor exec"[5942] was attempted by "/syz-executor exec"[7458]
[  116.887283][ T7504] netlink: 48 bytes leftover after parsing attributes in process `syz.3.315'.
[  117.113804][ T5945] Bluetooth: hci2: ACL packet too small
[  120.542631][ T5945] Bluetooth: hci3: command 0x0c1a tx timeout
[  120.707915][ T7579] netlink: 'syz.3.331': attribute type 10 has an invalid length.
[  120.711707][ T7579] bond0: (slave wlan1): Opening slave failed
[  120.737102][ T7579] syz.3.331 (7579): drop_caches: 2
[  120.793779][ T7580] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  121.210719][ T7589] syz.3.334 (7589): drop_caches: 2
[  121.820074][ T7596] nvme_fabrics: missing parameter 'transport=%s'
[  121.822316][ T7596] nvme_fabrics: missing parameter 'nqn=%s'
[  122.014820][ T7602] vivid-007: disconnect
[  122.120353][ T7607] dlm: no local IP address has been set
[  122.121837][ T7607] dlm: cannot start dlm midcomms -107
[  122.289273][ T7609] netlink: 4 bytes leftover after parsing attributes in process `syz.3.339'.
[  123.007960][ T7607] vivid-007: reconnect
[  123.227332][ T7620] netlink: 'syz.3.342': attribute type 10 has an invalid length.
[  123.235832][ T7620] bond0: (slave wlan1): Opening slave failed
[  123.298308][ T7620] syz.3.342 (7620): drop_caches: 2
[  124.597669][ T7644] loop9: detected capacity change from 0 to 6
[  124.600025][ T7644] Dev loop9: unable to read RDB block 6
[  124.601560][ T7644]  loop9: unable to read partition table
[  124.602998][ T7644] loop9: partition table beyond EOD, truncated
[  124.604605][ T7644] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  124.604605][ T7644] 
) failed (rc=-5)
[  124.768525][ T7644] Dev loop9: unable to read RDB block 6
[  124.770054][ T7644]  loop9: unable to read partition table
[  124.771624][ T7644] loop9: partition table beyond EOD, truncated
[  124.773227][ T7644] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  124.773227][ T7644] 
) failed (rc=-5)
[  125.929180][ T7668] netlink: 'syz.1.352': attribute type 10 has an invalid length.
[  125.932169][ T7668] bond0: (slave wlan1): Opening slave failed
[  125.939286][ T7668] binder: BINDER_SET_CONTEXT_MGR already set
[  125.941135][ T7668] binder: 7666:7668 ioctl 4018620d 200001c0 returned -16
[  125.949322][ T7668] syz.1.352 (7668): drop_caches: 2
[  126.153164][ T7677] vivid-007: disconnect
[  126.327213][ T7681] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  126.360621][ T5983] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  126.511944][ T5983] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.514870][ T5983] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.517776][ T5983] usb 6-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  126.520312][ T5983] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.528230][ T5983] usb 6-1: config 0 descriptor??
[  126.821667][ T5983] usbhid 6-1:0.0: can't add hid device: -71
[  126.826351][ T5983] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  126.854396][ T5983] usb 6-1: USB disconnect, device number 2
[  126.972597][ T7676] vivid-007: reconnect
[  127.261359][ T7691] loop9: detected capacity change from 0 to 6
[  127.263387][ T7691] Dev loop9: unable to read RDB block 6
[  127.265318][ T7691]  loop9: unable to read partition table
[  127.267576][ T7691] loop9: partition table beyond EOD, truncated
[  127.269758][ T7691] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  127.269758][ T7691] 
) failed (rc=-5)
[  127.346365][ T7691] Dev loop9: unable to read RDB block 6
[  127.348385][ T7691]  loop9: unable to read partition table
[  127.350092][ T7691] loop9: partition table beyond EOD, truncated
[  127.351719][ T7691] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  127.351719][ T7691] 
) failed (rc=-5)
[  127.723958][ T7702] netlink: 48 bytes leftover after parsing attributes in process `syz.1.359'.
[  128.059899][ T7707] vivid-007: disconnect
[  128.328472][ T7709] dlm: no local IP address has been set
[  128.330328][ T7709] dlm: cannot start dlm midcomms -107
[  128.965178][ T7709] vivid-007: reconnect
[  129.032038][ T7726] netlink: 'syz.2.364': attribute type 10 has an invalid length.
[  129.103448][ T7727] syz.2.364 (7727): drop_caches: 2
[  129.126425][ T7728] binder: transaction release 91 bad handle 1, ret = -22
[  129.174038][ T7726] bond0: (slave wlan1): Opening slave failed
[  129.180124][   T63] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  129.941743][ T7757] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2758444543 (5516889086 ns) > initial count (4205064 ns). Using initial count to start timer.
[  130.138139][   T39] audit: type=1326 audit(1733319370.882:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7749 comm="syz.2.367" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fdf579 code=0x0
[  130.217853][ T7761] netlink: 'syz.1.366': attribute type 9 has an invalid length.
[  130.219989][ T7761] netlink: 209560 bytes leftover after parsing attributes in process `syz.1.366'.
[  131.198333][ T7782] netlink: 'syz.3.373': attribute type 4 has an invalid length.
[  131.241848][ T7782] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  131.243889][ T7782] overlayfs: failed to set xattr on upper
[  131.246484][ T7782] overlayfs: ...falling back to redirect_dir=nofollow.
[  131.248279][ T7782] overlayfs: ...falling back to index=off.
[  131.249872][ T7782] overlayfs: ...falling back to uuid=null.
[  131.270074][ T7782] evm: overlay not supported
[  131.799428][ T1411] ieee802154 phy0 wpan0: encryption failed: -22
[  131.801664][ T1411] ieee802154 phy1 wpan1: encryption failed: -22
[  140.427871][ T7808] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  140.645764][ T7816] vivid-007: disconnect
[  140.786255][ T7820] dlm: no local IP address has been set
[  140.788210][ T7820] dlm: cannot start dlm midcomms -107
[  141.274953][ T7827] netlink: 'syz.3.380': attribute type 9 has an invalid length.
[  141.277041][ T7827] netlink: 209560 bytes leftover after parsing attributes in process `syz.3.380'.
[  141.616453][ T7820] vivid-007: reconnect
[  141.679227][ T7832] vlan0: entered promiscuous mode
[  141.684949][ T7832] team0: Port device vlan0 added
[  141.693990][ T7832] libceph: resolve '.
[  141.693990][ T7832] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[  141.693990][ T7832] ' (ret=-3): failed
[  142.014945][ T5945] Bluetooth: hci0: ACL packet too small
[  142.388073][   T39] audit: type=1326 audit(1733319383.226:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7839 comm="syz.3.383" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf743e579 code=0x0
[  142.964395][ T7858] loop9: detected capacity change from 0 to 6
[  142.967438][ T7858] Dev loop9: unable to read RDB block 6
[  142.969120][ T7858]  loop9: unable to read partition table
[  142.970950][ T7858] loop9: partition table beyond EOD, truncated
[  142.972632][ T7858] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  142.972632][ T7858] 
) failed (rc=-5)
[  143.011494][ T7858] Dev loop9: unable to read RDB block 6
[  143.012979][ T7858]  loop9: unable to read partition table
[  143.014507][ T7858] loop9: partition table beyond EOD, truncated
[  143.016105][ T7858] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  143.016105][ T7858] 
) failed (rc=-5)
[  143.070777][ T7859] Dev loop9: unable to read RDB block 6
[  143.072772][ T7859]  loop9: unable to read partition table
[  143.074745][ T7859] loop9: partition table beyond EOD, truncated
[  143.076615][ T7859] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  143.076615][ T7859] 
) failed (rc=-5)
[  143.361585][ T7866] vivid-007: disconnect
[  143.476104][ T7868] dlm: no local IP address has been set
[  143.478360][ T7868] dlm: cannot start dlm midcomms -107
[  144.325041][ T7882] 9pnet_fd: Insufficient options for proto=fd
[  144.602161][ T7868] vivid-007: reconnect
[  145.232851][ T7897] netlink: 4 bytes leftover after parsing attributes in process `syz.3.394'.
[  145.243702][ T7897] netlink: 177 bytes leftover after parsing attributes in process `syz.3.394'.
[  145.288778][ T7897] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  145.800935][ T7904] netlink: 'syz.0.398': attribute type 9 has an invalid length.
[  145.803982][ T7904] netlink: 209560 bytes leftover after parsing attributes in process `syz.0.398'.
[  145.840692][ T7907] loop9: detected capacity change from 0 to 6
[  145.845423][ T7907] Dev loop9: unable to read RDB block 6
[  145.847687][ T7907]  loop9: unable to read partition table
[  145.850295][ T7907] loop9: partition table beyond EOD, truncated
[  145.852535][ T7907] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  145.852535][ T7907] 
) failed (rc=-5)
[  145.908944][ T7907] Dev loop9: unable to read RDB block 6
[  145.911118][ T7907]  loop9: unable to read partition table
[  145.913802][ T7907] loop9: partition table beyond EOD, truncated
[  145.916142][ T7907] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  145.916142][ T7907] 
) failed (rc=-5)
[  146.438268][ T7914] netlink: 'syz.2.400': attribute type 4 has an invalid length.
[  146.478058][ T7914] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  146.480762][ T7914] overlayfs: failed to set xattr on upper
[  146.482966][ T7914] overlayfs: ...falling back to redirect_dir=nofollow.
[  146.485806][ T7914] overlayfs: ...falling back to index=off.
[  146.488597][ T7914] overlayfs: ...falling back to uuid=null.
[  146.857349][ T7918] ata1.00: invalid command format 189
[  147.804297][ T7942] netlink: 'syz.3.407': attribute type 10 has an invalid length.
[  147.808373][ T7942] bond0: (slave wlan1): Opening slave failed
[  147.827549][ T7942] syz.3.407 (7942): drop_caches: 2
[  148.348137][ T7951] loop9: detected capacity change from 0 to 6
[  148.350126][ T7951] Dev loop9: unable to read RDB block 6
[  148.351593][ T7951]  loop9: unable to read partition table
[  148.353153][ T7951] loop9: partition table beyond EOD, truncated
[  148.354885][ T7951] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  148.354885][ T7951] 
) failed (rc=-5)
[  148.544832][ T7951] Dev loop9: unable to read RDB block 6
[  148.546833][ T7951]  loop9: unable to read partition table
[  148.548708][ T7951] loop9: partition table beyond EOD, truncated
[  148.550360][ T7951] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  148.550360][ T7951] 
) failed (rc=-5)
[  148.761403][   T39] audit: type=1326 audit(1733319389.625:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7949 comm="syz.1.408" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf741e579 code=0x0
[  149.245691][ T7965] netlink: 48 bytes leftover after parsing attributes in process `syz.0.412'.
[  150.131648][ T3223] e1000 0000:00:06.0 eth0: Reset adapter
[  150.176771][ T7981] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  151.010733][   T39] audit: type=1326 audit(1733319391.883:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8008 comm="syz.0.421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  151.011233][   T39] audit: type=1326 audit(1733319391.883:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8008 comm="syz.0.421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  151.011651][   T39] audit: type=1326 audit(1733319391.883:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8008 comm="syz.0.421" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf741e579 code=0x7ffc0000
[  151.011929][   T39] audit: type=1326 audit(1733319391.883:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8008 comm="syz.0.421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  151.012273][   T39] audit: type=1326 audit(1733319391.883:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8008 comm="syz.0.421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  151.012652][   T39] audit: type=1326 audit(1733319391.883:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8008 comm="syz.0.421" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf741e579 code=0x7ffc0000
[  151.014127][   T39] audit: type=1326 audit(1733319391.883:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8008 comm="syz.0.421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  151.014147][   T39] audit: type=1326 audit(1733319391.883:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8008 comm="syz.0.421" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  151.014401][   T39] audit: type=1326 audit(1733319391.883:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8008 comm="syz.0.421" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf741e579 code=0x7ffc0000
[  151.430734][ T8008] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  152.089678][ T8026] ata1.00: invalid command format 189
[  152.313503][ T3223] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  161.364909][ T8053] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  161.366036][ T8052] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  163.719057][   T63] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  163.728809][   T30] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  163.869864][   T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.872697][   T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.875249][   T63] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  163.878839][   T63] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  163.881209][   T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.888628][   T63] usb 7-1: config 0 descriptor??
[  163.888640][   T30] usb 8-1: Using ep0 maxpacket: 8
[  163.896016][   T30] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.899883][   T30] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.902424][   T30] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  163.904941][   T30] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  163.907435][   T30] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  163.910048][   T30] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  163.915835][   T30] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  163.918226][   T30] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.920554][   T30] usb 8-1: Product: syz
[  163.921765][   T30] usb 8-1: Manufacturer: syz
[  163.923098][   T30] usb 8-1: SerialNumber: syz
[  163.949421][ T8095] ALSA: mixer_oss: invalid OSS volume '00000000000000000423'
[  164.210226][ T8084] Trying to write to read-only block-device nullb0
[  164.224966][ T8084]  nullb0: [POWERTEC] p1 p2 p3 p4
[  164.226545][ T8084] nullb0: p1 start 1986356271 is beyond EOD, truncated
[  164.228541][ T8084] nullb0: p2 size 2762016037 extends beyond EOD, truncated
[  164.232506][ T8084] nullb0: p4 size 2164590848 extends beyond EOD, truncated
[  164.262696][   T30] cdc_ncm 8-1:1.0: bind() failure
[  164.266433][   T30] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[  164.268386][   T30] cdc_ncm 8-1:1.1: bind() failure
[  164.276674][   T30] usb 8-1: USB disconnect, device number 3
[  164.309942][   T63] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  164.312509][   T63] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  164.339680][   T63] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  165.122874][ T8112] loop9: detected capacity change from 0 to 6
[  165.143208][ T8112] Dev loop9: unable to read RDB block 6
[  165.144773][ T8112]  loop9: unable to read partition table
[  165.146377][ T8112] loop9: partition table beyond EOD, truncated
[  165.148104][ T8112] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  165.148104][ T8112] 
) failed (rc=-5)
[  165.247624][ T8110] Dev loop9: unable to read RDB block 6
[  165.249666][ T8110]  loop9: unable to read partition table
[  165.251802][ T8110] loop9: partition table beyond EOD, truncated
[  165.253563][ T8110] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  165.253563][ T8110] 
) failed (rc=-5)
[  165.711274][ T8122] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  166.339565][ T6080] usb 7-1: USB disconnect, device number 2
[  166.584741][ T8137] netlink: 'syz.0.444': attribute type 10 has an invalid length.
[  166.830936][ T8137] syz.0.444 (8137): drop_caches: 2
[  167.659919][ T8158] netlink: 'syz.3.449': attribute type 10 has an invalid length.
[  167.721128][ T8158] batman_adv: batadv0: Adding interface: team0
[  167.722871][ T8158] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.729520][ T8158] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  167.761132][ T8156] =======================================================
[  167.761132][ T8156] WARNING: The mand mount option has been deprecated and
[  167.761132][ T8156]          and is ignored by this kernel. Remove the mand
[  167.761132][ T8156]          option from the mount to silence this warning.
[  167.761132][ T8156] =======================================================
[  168.339160][ T8167] loop9: detected capacity change from 0 to 6
[  168.344784][ T8167] Dev loop9: unable to read RDB block 6
[  168.346703][ T8167]  loop9: unable to read partition table
[  168.348685][ T8167] loop9: partition table beyond EOD, truncated
[  168.350819][ T8167] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  168.350819][ T8167] 
) failed (rc=-5)
[  168.605390][ T8167] Dev loop9: unable to read RDB block 6
[  168.606917][ T8167]  loop9: unable to read partition table
[  168.608433][ T8167] loop9: partition table beyond EOD, truncated
[  168.610055][ T8167] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  168.610055][ T8167] 
) failed (rc=-5)
[  168.687735][ T8173] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  168.818347][ T8177] Cannot find set identified by id 0 to match
[  169.397113][ T8182] netlink: 20 bytes leftover after parsing attributes in process `syz.1.455'.
[  169.734382][ T8191] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  170.250169][ T8197] 9pnet_virtio: no channels available for device syz
[  170.691322][ T8208] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  172.547373][ T8244] x_tables: ip_tables: MASQUERADE target: used from hooks INPUT, but only usable from POSTROUTING
[  172.855072][ T3223] libceph: connect (1)[c::]:6789 error -101
[  172.856644][ T3223] libceph: mon0 (1)[c::]:6789 connect error
[  173.051361][ T8243] ceph: No mds server is up or the cluster is laggy
[  173.443136][ T8261] loop9: detected capacity change from 0 to 6
[  173.445145][ T8261] Dev loop9: unable to read RDB block 6
[  173.446640][ T8261]  loop9: unable to read partition table
[  173.448169][ T8261] loop9: partition table beyond EOD, truncated
[  173.449927][ T8261] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  173.449927][ T8261] 
) failed (rc=-5)
[  173.489395][ T8261] Dev loop9: unable to read RDB block 6
[  173.491518][ T8261]  loop9: unable to read partition table
[  173.493666][ T8261] loop9: partition table beyond EOD, truncated
[  173.495481][ T8261] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  173.495481][ T8261] 
) failed (rc=-5)
[  173.865185][ T8278] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  173.869848][ T8278] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  173.968795][ T5945] Bluetooth: hci0: command 0x0c1a tx timeout
[  174.942969][ T1166] Bluetooth: hci4: Frame reassembly failed (-84)
[  175.205939][ T8298] netlink: 8 bytes leftover after parsing attributes in process `syz.0.479'.
[  175.208524][ T8298] netlink: 12 bytes leftover after parsing attributes in process `syz.0.479'.
[  175.218781][ T8298] netlink: 24 bytes leftover after parsing attributes in process `syz.0.479'.
[  176.996530][ T5951] Bluetooth: hci4: command 0x1003 tx timeout
[  176.998704][ T5945] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  177.115317][ T8305] netlink: 'syz.0.488': attribute type 10 has an invalid length.
[  177.118022][ T8305] netlink: 40 bytes leftover after parsing attributes in process `syz.0.488'.
[  177.131474][ T8305] team0: Port device geneve0 added
[  177.196938][ T8315] ucma_write: process 475 (syz.0.488) changed security contexts after opening file descriptor, this is not allowed.
[  177.201392][ T8315] capability: warning: `syz.0.488' uses 32-bit capabilities (legacy support in use)
[  177.234880][ T8304] loop9: detected capacity change from 0 to 6
[  177.236815][ T8304] Dev loop9: unable to read RDB block 6
[  177.238285][ T8304]  loop9: unable to read partition table
[  177.239805][ T8304] loop9: partition table beyond EOD, truncated
[  177.241407][ T8304] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  177.241407][ T8304] 
) failed (rc=-5)
[  177.277213][ T8304] Dev loop9: unable to read RDB block 6
[  177.278710][ T8304]  loop9: unable to read partition table
[  177.280281][ T8304] loop9: partition table beyond EOD, truncated
[  177.281899][ T8304] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  177.281899][ T8304] 
) failed (rc=-5)
[  177.388529][ T8324] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  177.455253][    C0] vkms_vblank_simulate: vblank timer overrun
[  178.016344][ T8331] siw: device registration error -23
[  178.315554][ T2294] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  178.465485][ T2294] usb 6-1: Using ep0 maxpacket: 8
[  178.505765][ T8344] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  178.507535][ T8344] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  178.510935][ T2294] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  178.513248][ T2294] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  178.531223][ T2294] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  178.533791][ T2294] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  178.536408][ T2294] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  178.539783][ T2294] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  178.542147][ T2294] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.546846][  T833] IPVS: starting estimator thread 0...
[  178.571570][ T8344] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  178.641022][ T8344] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  178.645415][ T8348] IPVS: using max 38 ests per chain, 91200 per kthread
[  178.845410][ T2294] usb 6-1: usb_control_msg returned -32
[  178.846994][ T2294] usbtmc 6-1:16.0: can't read capabilities
[  179.536198][ T2294] usb 6-1: USB disconnect, device number 3
[  179.981396][ T8365] loop9: detected capacity change from 0 to 6
[  179.983358][ T8365] Dev loop9: unable to read RDB block 6
[  179.984873][ T8365]  loop9: unable to read partition table
[  179.986367][ T8365] loop9: partition table beyond EOD, truncated
[  179.987948][ T8365] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  179.987948][ T8365] 
) failed (rc=-5)
[  180.042742][ T8365] Dev loop9: unable to read RDB block 6
[  180.044231][ T8365]  loop9: unable to read partition table
[  180.046046][ T8365] loop9: partition table beyond EOD, truncated
[  180.047702][ T8365] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  180.047702][ T8365] 
) failed (rc=-5)
[  180.524556][ T5945] Bluetooth: hci0: command 0x0c1a tx timeout
[  180.528086][ T5945] Bluetooth: hci1: command 0x0c1a tx timeout
[  180.595112][ T5951] Bluetooth: hci2: command 0x0c1a tx timeout
[  180.674689][ T5951] Bluetooth: hci3: command 0x0c1a tx timeout
[  181.081206][ T8389] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.343397][ T8398] loop9: detected capacity change from 0 to 6
[  181.347080][ T8398] Dev loop9: unable to read RDB block 6
[  181.348577][ T8398]  loop9: unable to read partition table
[  181.350107][ T8398] loop9: partition table beyond EOD, truncated
[  181.351679][ T8398] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  181.351679][ T8398] 
) failed (rc=-5)
[  181.420357][   T39] kauditd_printk_skb: 10 callbacks suppressed
[  181.420412][   T39] audit: type=1326 audit(1733319422.335:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8396 comm="syz.0.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  181.460837][   T39] audit: type=1326 audit(1733319422.335:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8396 comm="syz.0.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  181.486033][   T39] audit: type=1326 audit(1733319422.335:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8396 comm="syz.0.501" exe="/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf741e579 code=0x7ffc0000
[  181.623124][   T39] audit: type=1326 audit(1733319422.335:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8396 comm="syz.0.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  181.628804][   T39] audit: type=1326 audit(1733319422.335:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8396 comm="syz.0.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  181.635526][   T39] audit: type=1326 audit(1733319422.335:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8396 comm="syz.0.501" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf741e579 code=0x7ffc0000
[  181.641129][   T39] audit: type=1326 audit(1733319422.335:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8396 comm="syz.0.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  181.646734][   T39] audit: type=1326 audit(1733319422.335:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8396 comm="syz.0.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  181.652568][   T39] audit: type=1326 audit(1733319422.335:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8396 comm="syz.0.501" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf741e579 code=0x7ffc0000
[  181.658552][   T39] audit: type=1326 audit(1733319422.335:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8396 comm="syz.0.501" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000
[  181.739813][ T8404] netlink: 'syz.2.502': attribute type 10 has an invalid length.
[  181.747014][ T8404] bond0: (slave wlan1): Opening slave failed
[  181.755440][ T8398] Dev loop9: unable to read RDB block 6
[  181.757498][ T8398]  loop9: unable to read partition table
[  181.759569][ T8398] loop9: partition table beyond EOD, truncated
[  181.761755][ T8398] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  181.761755][ T8398] 
) failed (rc=-5)
[  181.853144][ T8404] syz.2.502 (8404): drop_caches: 2
[  182.228221][ T8400] ==================================================================
[  182.230313][ T8400] BUG: KASAN: vmalloc-out-of-bounds in push_insn_history+0x615/0x690
[  182.232270][ T8400] Write of size 4 at addr ffffc900035b1010 by task syz.0.501/8400
[  182.235372][ T8400] 
[  182.236665][ T8400] CPU: 3 UID: 0 PID: 8400 Comm: syz.0.501 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  182.239439][ T8400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.242143][ T8400] Call Trace:
[  182.242966][ T8400]  <TASK>
[  182.243706][ T8400]  dump_stack_lvl+0x116/0x1f0
[  182.244906][ T8400]  print_report+0xc3/0x620
[  182.246054][ T8400]  ? __virt_addr_valid+0x5e/0x590
[  182.247369][ T8400]  kasan_report+0xd9/0x110
[  182.248552][ T8400]  ? push_insn_history+0x615/0x690
[  182.249863][ T8400]  ? push_insn_history+0x615/0x690
[  182.251160][ T8400]  push_insn_history+0x615/0x690
[  182.252458][ T8400]  do_check_common+0xb78/0xd540
[  182.253742][ T8400]  ? lockdep_hardirqs_on+0x7c/0x110
[  182.255105][ T8400]  ? __pfx_do_check_common+0x10/0x10
[  182.256482][ T8400]  ? kvfree+0x47/0x50
[  182.257479][ T8400]  ? check_cfg+0x403/0x840
[  182.258580][ T8400]  bpf_check+0x77c2/0xc9b0
[  182.259743][ T8400]  ? hlock_class+0x4e/0x130
[  182.260948][ T8400]  ? __pfx_bpf_check+0x10/0x10
[  182.262201][ T8400]  ? find_held_lock+0x2d/0x110
[  182.263459][ T8400]  ? bpf_prog_load+0xd45/0x2670
[  182.264713][ T8400]  ? __pfx_lock_release+0x10/0x10
[  182.265975][ T8400]  ? trace_lock_acquire+0x14e/0x1f0
[  182.267232][ T8400]  ? bpf_prog_load+0xd45/0x2670
[  182.268505][ T8400]  ? lockdep_hardirqs_on+0x7c/0x110
[  182.269809][ T8400]  ? read_tsc+0x9/0x20
[  182.270910][ T8400]  ? ktime_get_with_offset+0x20f/0x3a0
[  182.272306][ T8400]  ? bpf_obj_name_cpy+0x156/0x1b0
[  182.273606][ T8400]  bpf_prog_load+0xe3f/0x2670
[  182.274763][ T8400]  ? __pfx_bpf_prog_load+0x10/0x10
[  182.276025][ T8400]  ? find_held_lock+0x2d/0x110
[  182.277305][ T8400]  ? __might_fault+0x13b/0x190
[  182.278529][ T8400]  ? __might_fault+0xe3/0x190
[  182.279720][ T8400]  __sys_bpf+0x5677/0x57a0
[  182.280881][ T8400]  ? __pfx___sys_bpf+0x10/0x10
[  182.282113][ T8400]  ? __schedule+0x3d6c/0x5ad0
[  182.283269][ T8400]  ? do_futex+0x123/0x350
[  182.284492][ T8400]  ? __pfx_do_futex+0x10/0x10
[  182.285724][ T8400]  ? xfd_validate_state+0x5d/0x180
[  182.286979][ T8400]  ? rcu_is_watching+0x12/0xc0
[  182.288144][ T8400]  __ia32_sys_bpf+0x76/0xe0
[  182.289320][ T8400]  __do_fast_syscall_32+0x73/0x120
[  182.290619][ T8400]  do_fast_syscall_32+0x32/0x80
[  182.291831][ T8400]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.293417][ T8400] RIP: 0023:0xf741e579
[  182.294479][ T8400] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  182.299214][ T8400] RSP: 002b:00000000f50e557c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  182.301239][ T8400] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0
[  182.303198][ T8400] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  182.305176][ T8400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  182.307140][ T8400] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  182.309120][ T8400] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  182.311101][ T8400]  </TASK>
[  182.311881][ T8400] 
[  182.312486][ T8400] The buggy address belongs to the virtual mapping at
[  182.312486][ T8400]  [ffffc90003591000, ffffc900035b3000) created by:
[  182.312486][ T8400]  kvrealloc_noprof+0xfc/0x150
[  182.316756][ T8400] 
[  182.317386][ T8400] The buggy address belongs to the physical page:
[  182.318942][ T8400] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x3fd0 pfn:0x4b823
[  182.321179][ T8400] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  182.322898][ T8400] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  182.325080][ T8400] raw: 0000000000003fd0 0000000000000000 00000001ffffffff 0000000000000000
[  182.327280][ T8400] page dumped because: kasan: bad access detected
[  182.328945][ T8400] page_owner tracks the page as allocated
[  182.330283][ T8400] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 8400, tgid 8396 (syz.0.501), ts 182227652410, free_ts 182033871444
[  182.334500][ T8400]  post_alloc_hook+0x2d1/0x350
[  182.335705][ T8400]  get_page_from_freelist+0xfce/0x2f80
[  182.337052][ T8400]  __alloc_pages_noprof+0x6a6/0x25b0
[  182.338362][ T8400]  alloc_pages_mpol_noprof+0x2c9/0x610
[  182.339685][ T8400]  __vmalloc_node_range_noprof+0x724/0x1530
[  182.341154][ T8400]  __kvmalloc_node_noprof+0x14f/0x1a0
[  182.342513][ T8400]  kvrealloc_noprof+0xfc/0x150
[  182.343721][ T8400]  push_insn_history+0x2ac/0x690
[  182.344943][ T8400]  do_check_common+0xb78/0xd540
[  182.346163][ T8400]  bpf_check+0x77c2/0xc9b0
[  182.347277][ T8400]  bpf_prog_load+0xe3f/0x2670
[  182.348514][ T8400]  __sys_bpf+0x5677/0x57a0
[  182.349682][ T8400]  __ia32_sys_bpf+0x76/0xe0
[  182.350777][ T8400]  __do_fast_syscall_32+0x73/0x120
[  182.352065][ T8400]  do_fast_syscall_32+0x32/0x80
[  182.353255][ T8400]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.354807][ T8400] page last free pid 29 tgid 29 stack trace:
[  182.356250][ T8400]  free_unref_page+0x661/0x1080
[  182.357507][ T8400]  __folio_put+0x32a/0x450
[  182.358593][ T8400]  free_page_and_swap_cache+0x249/0x2c0
[  182.359978][ T8400]  tlb_remove_table_rcu+0x89/0xe0
[  182.361227][ T8400]  rcu_core+0x79d/0x14d0
[  182.362282][ T8400]  handle_softirqs+0x213/0x8f0
[  182.363548][ T8400]  run_ksoftirqd+0x3a/0x60
[  182.364660][ T8400]  smpboot_thread_fn+0x661/0xa30
[  182.365881][ T8400]  kthread+0x2c1/0x3a0
[  182.366888][ T8400]  ret_from_fork+0x45/0x80
[  182.367995][ T8400]  ret_from_fork_asm+0x1a/0x30
[  182.369206][ T8400] 
[  182.369801][ T8400] Memory state around the buggy address:
[  182.371211][ T8400]  ffffc900035b0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  182.373141][ T8400]  ffffc900035b0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  182.375093][ T8400] >ffffc900035b1000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  182.377099][ T8400]                          ^
[  182.378255][ T8400]  ffffc900035b1080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  182.380201][ T8400]  ffffc900035b1100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  182.382174][ T8400] ==================================================================
[  182.403846][ T8400] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  182.406189][ T8400] CPU: 2 UID: 0 PID: 8400 Comm: syz.0.501 Not tainted 6.13.0-rc1-syzkaller-00025-gfeffde684ac2 #0
[  182.408707][ T8400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.411490][ T8400] Call Trace:
[  182.412430][ T8400]  <TASK>
[  182.413277][ T8400]  dump_stack_lvl+0x3d/0x1f0
[  182.414457][ T8400]  panic+0x71d/0x800
[  182.415455][ T8400]  ? __pfx_panic+0x10/0x10
[  182.416620][ T8400]  ? preempt_schedule_thunk+0x1a/0x30
[  182.418288][ T8400]  ? preempt_schedule_common+0x44/0xc0
[  182.419822][ T8400]  check_panic_on_warn+0xab/0xb0
[  182.421413][ T8400]  end_report+0x117/0x180
[  182.422783][ T8400]  kasan_report+0xe9/0x110
[  182.423997][ T8400]  ? push_insn_history+0x615/0x690
[  182.425348][ T8400]  ? push_insn_history+0x615/0x690
[  182.426719][ T8400]  push_insn_history+0x615/0x690
[  182.428189][ T8400]  do_check_common+0xb78/0xd540
[  182.429615][ T8400]  ? lockdep_hardirqs_on+0x7c/0x110
[  182.431475][ T8400]  ? __pfx_do_check_common+0x10/0x10
[  182.433318][ T8400]  ? kvfree+0x47/0x50
[  182.434491][ T8400]  ? check_cfg+0x403/0x840
[  182.435851][ T8400]  bpf_check+0x77c2/0xc9b0
[  182.437403][ T8400]  ? hlock_class+0x4e/0x130
[  182.438657][ T8400]  ? __pfx_bpf_check+0x10/0x10
[  182.439942][ T8400]  ? find_held_lock+0x2d/0x110
[  182.441200][ T8400]  ? bpf_prog_load+0xd45/0x2670
[  182.442498][ T8400]  ? __pfx_lock_release+0x10/0x10
[  182.443820][ T8400]  ? trace_lock_acquire+0x14e/0x1f0
[  182.445237][ T8400]  ? bpf_prog_load+0xd45/0x2670
[  182.446661][ T8400]  ? lockdep_hardirqs_on+0x7c/0x110
[  182.448004][ T8400]  ? read_tsc+0x9/0x20
[  182.449154][ T8400]  ? ktime_get_with_offset+0x20f/0x3a0
[  182.450626][ T8400]  ? bpf_obj_name_cpy+0x156/0x1b0
[  182.451933][ T8400]  bpf_prog_load+0xe3f/0x2670
[  182.453209][ T8400]  ? __pfx_bpf_prog_load+0x10/0x10
[  182.454606][ T8400]  ? find_held_lock+0x2d/0x110
[  182.456100][ T8400]  ? __might_fault+0x13b/0x190
[  182.457364][ T8400]  ? __might_fault+0xe3/0x190
[  182.458589][ T8400]  __sys_bpf+0x5677/0x57a0
[  182.459730][ T8400]  ? __pfx___sys_bpf+0x10/0x10
[  182.460988][ T8400]  ? __schedule+0x3d6c/0x5ad0
[  182.462211][ T8400]  ? do_futex+0x123/0x350
[  182.463465][ T8400]  ? __pfx_do_futex+0x10/0x10
[  182.465140][ T8400]  ? xfd_validate_state+0x5d/0x180
[  182.466966][ T8400]  ? rcu_is_watching+0x12/0xc0
[  182.468430][ T8400]  __ia32_sys_bpf+0x76/0xe0
[  182.469846][ T8400]  __do_fast_syscall_32+0x73/0x120
[  182.471161][ T8400]  do_fast_syscall_32+0x32/0x80
[  182.472409][ T8400]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.474114][ T8400] RIP: 0023:0xf741e579
[  182.475391][ T8400] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  182.482022][ T8400] RSP: 002b:00000000f50e557c EFLAGS: 00000292 ORIG_RAX: 0000000000000165
[  182.484983][ T8400] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0
[  182.487782][ T8400] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[  182.490488][ T8400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  182.493259][ T8400] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  182.496084][ T8400] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  182.498873][ T8400]  </TASK>
[  182.500555][ T8400] Kernel Offset: disabled
[  182.502123][ T8400] Rebooting in 86400 seconds..

VM DIAGNOSIS:
13:37:02  Registers:
info registers vcpu 0

CPU#0
RAX=1ffff1100981a7e0 RBX=ffff88804c0d3f00 RCX=00000000000000b5 RDX=0000000000000000
RSI=ffff88802380e000 RDI=ffff88806854c128 RBP=ffffc9000046fb50 RSP=ffffc9000046fa90
R8 =ffff88802380e09c R9 =00000000000000b5 R10=0000000000000000 R11=0000000000000000
R12=ffff88802180f000 R13=ffff88802380e000 R14=dffffc0000000000 R15=ffff88802380e198
RIP=ffffffff816bc6b6 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7fd55b8 CR3=0000000053340000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000024000000000 0000000500000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000008d3e9f RBX=0000000000000001 RCX=ffffffff8b1ab889 RDX=0000000000000000
RSI=ffffffff8b4cd0e0 RDI=ffffffff8bb13700 RBP=ffffed1003a53910 RSP=ffffc9000047fe08
R8 =0000000000000001 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000000
R12=0000000000000001 R13=ffff88801d29c880 R14=ffffffff901cb190 R15=0000000000000000
RIP=ffffffff8b1acc6f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f74a6188 CR3=0000000053340000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000006f750a8ec4 RBX=ffff88802b628400 RCX=00000000000006e0 RDX=000000000000006f
RSI=ffff88802b628400 RDI=0000000000053372 RBP=0000000000053372 RSP=ffffc90003b5fb10
R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000001
R12=0000000000000001 R13=0000000000000019 R14=0000000000000001 R15=ffff88802b62ca00
RIP=ffffffff814660c5 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000056418c5c2000 CR3=000000004bbe6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 005858585858582e 7a7973d0000000e4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ff0f0e0d0c0b0a09
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000054 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85153155 RDI=ffffffff9a6682c0 RBP=ffffffff9a668280 RSP=ffffc9000fd8eff8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000030343854
R12=0000000000000000 R13=0000000000000054 R14=ffffffff851530f0 R15=0000000000000000
RIP=ffffffff8515317f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002f403ffc CR3=0000000069826000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000024000000000 0000000500000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000