last executing test programs:

2m55.498989608s ago: executing program 3 (id=1247):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
memfd_secret(0x0)
pipe2$9p(&(0x7f0000000140), 0x80000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = syz_io_uring_setup(0x19f2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x2b, @empty, @empty}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[@ANYRES64=r4], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r5, 0x0, r0})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

2m55.496188224s ago: executing program 3 (id=1248):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETSNDBUF(r0, 0x400454d4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xa}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket(0x2c, 0x4, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000010300)=[{0x0}, {&(0x7f0000010100)=""/81, 0x51}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)
setrlimit(0x8, 0x0)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
socket$inet_sctp(0x2, 0x5, 0x84)

2m55.367862903s ago: executing program 3 (id=1249):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f00000002c0), 0x2000, 0x0)
r2 = syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x80, 0x4, 0x306}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x8, 0x1, 0xffffffffffffffff, 0x0})
io_uring_enter(r2, 0x3516, 0xc2de, 0x8, 0x0, 0x0)

2m54.442699864s ago: executing program 3 (id=1253):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b85000000ae000000850000000700000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x90)
signalfd(0xffffffffffffffff, 0x0, 0x0)
read(r1, &(0x7f0000000140)=""/119, 0x77)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r2, 0x0)
setpgid(0x0, r2)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x10000, 0x0)
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
chmod(&(0x7f00000001c0)='./file0\x00', 0x9)
ioctl$AUTOFS_IOC_CATATONIC(r3, 0x9362, 0x0)

2m54.258732339s ago: executing program 3 (id=1255):
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x40, 0x0)
r0 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x9)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1b, 0x0, 0x0)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000080)='udf\x00', 0x2008087, 0x0)
ioctl$NBD_CLEAR_SOCK(r0, 0xab04)

2m53.607930861s ago: executing program 3 (id=1259):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x2, 0x6, 0xfffff417)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000280)={0x2, 0xc0, 0x340, &(0x7f00000005c0)=[0x9, 0x6, 0x3, 0x2bdebfaf, 0x1, 0x8000000000000001, 0x3, 0x1, 0x1, 0x7, 0x401, 0xf, 0x4a, 0x8, 0x7, 0x8, 0x1, 0x6, 0x0, 0x40, 0x10001, 0x9, 0x5, 0x87c, 0x40, 0xfffffffffffffffc, 0x2, 0x4, 0x1ff, 0x8, 0x6, 0x8000, 0xa, 0x0, 0x10000, 0x9, 0x9, 0x7, 0xf4b, 0x4, 0x1ceb6868, 0x81, 0x80000000, 0x2, 0x6, 0xffffffff, 0x10001, 0x7fffffff, 0x5, 0xffffffffffffffff, 0x1, 0x8001, 0x5, 0x59, 0x50, 0x7fff, 0x7fff, 0x8, 0x2, 0x0, 0x8, 0x1, 0x7, 0x5, 0x4, 0x5, 0x2, 0x5, 0x7, 0x5, 0x1, 0x2, 0x3, 0x3, 0xfff, 0x401, 0x8, 0x4, 0x401, 0x8, 0x9b9d, 0xb60, 0xe000000000, 0x101, 0x7, 0xfffffffffffffffa, 0xe, 0x4, 0x2, 0x800, 0x875, 0x7de, 0xe9, 0x8000000000000001, 0x6, 0x6f0d, 0x1, 0xcc3d, 0xa75, 0x2, 0xb, 0x27a3, 0x6, 0x8, 0x7, 0x9, 0x0, 0xfffffffffffffffe, 0xfffffffffffffff9, 0x6, 0x2, 0x3, 0x20000000000000, 0x9, 0x8, 0xfffffffffffffffb, 0x3, 0x7fffffff, 0x1000, 0x5, 0x9, 0x9, 0x0, 0x2, 0x7, 0xbe9, 0x2]})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_CT_DIRECTION={0x5}]}}}, {0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xc}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x80}, 0x1, 0x0, 0x0, 0x840}, 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='cramfs\x00', 0x2a00000, 0x0)
syz_io_uring_setup(0x74b9, &(0x7f0000000140)={0x0, 0xe8d8, 0x40, 0x3, 0x14c}, &(0x7f00000000c0), &(0x7f00000001c0))

2m53.181051635s ago: executing program 32 (id=1259):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x2, 0x6, 0xfffff417)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000280)={0x2, 0xc0, 0x340, &(0x7f00000005c0)=[0x9, 0x6, 0x3, 0x2bdebfaf, 0x1, 0x8000000000000001, 0x3, 0x1, 0x1, 0x7, 0x401, 0xf, 0x4a, 0x8, 0x7, 0x8, 0x1, 0x6, 0x0, 0x40, 0x10001, 0x9, 0x5, 0x87c, 0x40, 0xfffffffffffffffc, 0x2, 0x4, 0x1ff, 0x8, 0x6, 0x8000, 0xa, 0x0, 0x10000, 0x9, 0x9, 0x7, 0xf4b, 0x4, 0x1ceb6868, 0x81, 0x80000000, 0x2, 0x6, 0xffffffff, 0x10001, 0x7fffffff, 0x5, 0xffffffffffffffff, 0x1, 0x8001, 0x5, 0x59, 0x50, 0x7fff, 0x7fff, 0x8, 0x2, 0x0, 0x8, 0x1, 0x7, 0x5, 0x4, 0x5, 0x2, 0x5, 0x7, 0x5, 0x1, 0x2, 0x3, 0x3, 0xfff, 0x401, 0x8, 0x4, 0x401, 0x8, 0x9b9d, 0xb60, 0xe000000000, 0x101, 0x7, 0xfffffffffffffffa, 0xe, 0x4, 0x2, 0x800, 0x875, 0x7de, 0xe9, 0x8000000000000001, 0x6, 0x6f0d, 0x1, 0xcc3d, 0xa75, 0x2, 0xb, 0x27a3, 0x6, 0x8, 0x7, 0x9, 0x0, 0xfffffffffffffffe, 0xfffffffffffffff9, 0x6, 0x2, 0x3, 0x20000000000000, 0x9, 0x8, 0xfffffffffffffffb, 0x3, 0x7fffffff, 0x1000, 0x5, 0x9, 0x9, 0x0, 0x2, 0x7, 0xbe9, 0x2]})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_CT_DIRECTION={0x5}]}}}, {0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xc}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x80}, 0x1, 0x0, 0x0, 0x840}, 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='cramfs\x00', 0x2a00000, 0x0)
syz_io_uring_setup(0x74b9, &(0x7f0000000140)={0x0, 0xe8d8, 0x40, 0x3, 0x14c}, &(0x7f00000000c0), &(0x7f00000001c0))

5.683958416s ago: executing program 2 (id=2018):
openat$comedi(0xffffffffffffff9c, 0x0, 0x8ad01, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
iopl(0x3)
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
waitid(0x0, r2, 0x0, 0x8, 0x0)
waitid(0x1, r2, 0x0, 0x4, 0x0)
epoll_create1(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x5)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setrlimit(0x1, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)

4.95189991s ago: executing program 4 (id=2022):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x2, 0x6, 0xfffff417)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f00000000c0)={0x1, 0x0, {0x1b, 0x26, 0x12, 0xf, 0xb, 0x64, 0x4, 0x89}})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000280)={0x2, 0xc0, 0x340, &(0x7f00000005c0)=[0x9, 0x6, 0x3, 0x2bdebfaf, 0x1, 0x8000000000000001, 0x3, 0x1, 0x1, 0x7, 0x401, 0xf, 0x4a, 0x8, 0x7, 0x8, 0x1, 0x6, 0x0, 0x40, 0x10001, 0x9, 0x5, 0x87c, 0x40, 0xfffffffffffffffc, 0x2, 0x4, 0x1ff, 0x8, 0x6, 0x8000, 0xa, 0x0, 0x10000, 0x9, 0x9, 0x7, 0xf4b, 0x4, 0x1ceb6868, 0x81, 0x80000000, 0x2, 0x6, 0xffffffff, 0x10001, 0x7fffffff, 0x5, 0xffffffffffffffff, 0x1, 0x8001, 0x5, 0x59, 0x50, 0x7fff, 0x7fff, 0x8, 0x2, 0x0, 0x8, 0x1, 0x7, 0x5, 0x4, 0x5, 0x2, 0x5, 0x7, 0x5, 0x1, 0x2, 0x3, 0x3, 0xfff, 0x401, 0x8, 0x4, 0x401, 0x8, 0x9b9d, 0xb60, 0xe000000000, 0x101, 0x7, 0xfffffffffffffffa, 0xe, 0x4, 0x2, 0x800, 0x875, 0x7de, 0xe9, 0x8000000000000001, 0x6, 0x6f0d, 0x1, 0xcc3d, 0xa75, 0x2, 0xb, 0x27a3, 0x6, 0x8, 0x7, 0x9, 0x0, 0xfffffffffffffffe, 0xfffffffffffffff9, 0x6, 0x2, 0x3, 0x20000000000000, 0x9, 0x8, 0xfffffffffffffffb, 0x3, 0x7fffffff, 0x1000, 0x5, 0x9, 0x9, 0x0, 0x2, 0x7, 0xbe9, 0x2]})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_CT_DIRECTION={0x5}]}}}, {0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xc}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x80}, 0x1, 0x0, 0x0, 0x840}, 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='cramfs\x00', 0x2a00000, 0x0)
syz_io_uring_setup(0x74b9, &(0x7f0000000140)={0x0, 0xe8d8, 0x40, 0x3, 0x14c}, &(0x7f00000000c0), &(0x7f00000001c0))

4.844068852s ago: executing program 2 (id=2023):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a00)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r0 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x5eab, 0x8, 0x2, 0x400250}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000400)=<r2=>0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_PROTOINFO={0x8, 0x5, 0x0, 0x1, @CTA_PROTOINFO_TCP={0x4}}]}, 0x6c}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
r4 = syz_open_dev$media(&(0x7f00000006c0), 0x4007, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, &(0x7f0000000940)=<r5=>0xffffffffffffffff)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r5, 0x7c81, 0x0)
r6 = socket$rxrpc(0x21, 0x2, 0x2)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r6, 0x0, &(0x7f0000000440)="3e98cdf4ff6cb3a22e216f4abc283d2fe308eafeac67577f977bc1aa1816e3b27ef1b01b90fb111d5ad29a4c6d3b2d9dbb058224d773003f86df6d826f3ba5dcf4f1fa52ce03f49307e7965c5fcc6375895e3d2b35720e29bbd321cf8b42bbe4e920f13c201ecff484756b9110857f2f260bd9b0a351656ec1f2854433a3c73a7d8fc8a00088e7743ea62c9e1b163d40587c79621bd499f32c3fe037e2b6b58c1afb765d23c3b81b8aee963022a266cbe6e238b83989f73427cc9d53fd0869d1c5e798a8cd77fa4776", 0xc9, 0x0, 0x1, {0x0, r7}})
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240)=<r9=>0x0)
connect$can_bcm(r8, &(0x7f0000000040), 0x10)
io_submit(r9, 0x1, &(0x7f00000012c0)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r8, &(0x7f0000000200)="0500000093cb1faf16da39de706f646800580f02000000003f420f0005000000ff030f02000000003f420f00000000003bf81b05ff0000", 0x37}])
io_uring_enter(r0, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)

4.823224628s ago: executing program 1 (id=2024):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x206)
mkdirat(0xffffffffffffffff, 0x0, 0x22)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r2 = syz_io_uring_setup(0x111, &(0x7f0000000140)={0x0, 0x0, 0x800, 0x3, 0x1}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
r5 = landlock_create_ruleset(&(0x7f00000000c0)={0x501b, 0x2, 0x1}, 0x18, 0x0)
landlock_restrict_self(r5, 0x5)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

4.665908363s ago: executing program 0 (id=2025):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x1c1242, 0x0)
ftruncate(r2, 0x2007ffb)
r3 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
sendfile(r3, r2, 0x0, 0x7ffff000)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x44008)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r4, 0x0, 0x4000, &(0x7f0000001dc0)={0xb, 0x3, 0x80000}, 0x20)
open(&(0x7f0000000180)='./bus\x00', 0x189a7c, 0x113)
socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000680)=[{0x0}], 0x1, 0x6000000, 0x0, 0x0)

4.529037441s ago: executing program 2 (id=2026):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, r1, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sched_setaffinity(0x0, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c000}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0x3, 0x6}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0)

4.281201832s ago: executing program 2 (id=2027):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xfffe, 0x0, 0xa40}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="040000000400000004000000040000000008"], 0x50)
close(r3)

3.995258557s ago: executing program 4 (id=2028):
socket$inet(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_open_dev$usbmon(0x0, 0xfffffffffffffffe, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x44004)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f00000030c0)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f7ac9b36096eff7fc6e5539b9b18098b9b4a1b2552181b080d29428f0e1ac6e7049b3468959b189a242a9b3ff3988f7ef319520100ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00300300000000000000b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a7315c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe8a3c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df34959eaef6572e1e007fa55a2999f596d0673f586749b25f5a448427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e10d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441984cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f236c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971f41488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799ecb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c069595e4e98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb92c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a10010549820a73c8839475f732ae00398e4bd1f4908b7807fb33b72685ec37a2d3f766b13a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f487e1ff7408c60edddab652f2ef91d4f2b01987b0f46e4034e5c3f745a7ee81087dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe520629b40d7cee65802cb5e930ed624806c4380b6dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f7150b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000204b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff9576abc9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf6c9c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

3.725636396s ago: executing program 0 (id=2029):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_io_uring_setup(0x110b, 0x0, 0x0, &(0x7f0000000040))
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(0xffffffffffffffff, 0x708, 0x41e3, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff})
r3 = memfd_create(&(0x7f0000000080), 0x0)
splice(r2, 0x0, r3, 0x0, 0x408cd, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000a00)={'syz1\x00', {0x6ec9, 0x7, 0x5, 0x5}, 0x3e, [0x9, 0x2, 0x8, 0x2, 0x5334, 0x400, 0x80000000, 0x5, 0x8, 0x0, 0x6, 0xf5, 0x9, 0x39, 0x747d5a13, 0x8, 0xfffffb9a, 0xfffffffc, 0x4, 0xfffffffb, 0x4, 0x3, 0x4, 0xf252, 0x4, 0x800, 0x300000, 0x7, 0xe, 0x4623b, 0x0, 0x0, 0x1ff, 0x8000, 0x3ff, 0x3, 0xd, 0x3, 0xba55, 0x8da8, 0x3, 0x200, 0x2, 0x400008, 0xe, 0x4, 0x2, 0xde, 0x8, 0x9, 0x1, 0x28ee, 0x8, 0x2, 0x9, 0x1, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x9, 0x7, 0x5], [0x7, 0x1e, 0x3, 0x8000, 0xfffffffe, 0x3, 0x0, 0x5, 0x7, 0xfffffffc, 0x4, 0x7ffb, 0x72c, 0x1c32, 0x3, 0x9, 0x10000, 0x400, 0x8001, 0x3, 0x5, 0x297, 0x5, 0x0, 0x981, 0x4, 0x100, 0x3ff, 0x0, 0xfffffffe, 0x0, 0x1000001, 0x10, 0xfffffff9, 0x0, 0x5, 0x1, 0xffffffff, 0x6, 0x5, 0x800, 0xffff, 0x6, 0x96, 0xfffffffd, 0x101, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x6, 0x200], [0x401, 0xc584, 0xffff, 0xcd4, 0x7, 0x20, 0x7, 0x4, 0x8, 0x10, 0x7, 0x9, 0xe8b, 0x5, 0x80000001, 0x8, 0xffffffff, 0x1000, 0x2, 0x10, 0x1, 0xfffffff9, 0xe55, 0x10, 0x80000001, 0x4, 0x4, 0x5, 0x9, 0x2, 0x5, 0x80, 0x9, 0x9, 0x47, 0x2, 0x3, 0x4, 0x7, 0x6d7e, 0x3, 0x8, 0x8001, 0xbf23, 0x6, 0x8, 0x95a, 0x0, 0x3ff, 0x7, 0x6, 0x100fffd, 0x2005, 0x7, 0x4, 0xea, 0x9, 0x40000005, 0x6, 0xd9, 0x0, 0x7d, 0x401, 0x5], [0x108e, 0x7fff, 0x3, 0x3, 0x88, 0x2, 0x6, 0x4, 0x50, 0x2, 0x763, 0xb, 0x402, 0x800, 0x4, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x1e0, 0x4, 0xe47, 0x1, 0x3, 0x4, 0x200, 0x1000, 0x3b, 0x2, 0x5, 0x800, 0xa80a, 0x65f413f9, 0x4, 0x8, 0x8a8, 0x2, 0x40, 0x7, 0x2, 0x4, 0x4, 0x10, 0x0, 0x0, 0x7fff, 0x2, 0xfffffff8, 0x401, 0x1, 0x200, 0x7, 0x4edf, 0xfffffffd, 0x7, 0xe, 0x2, 0xe, 0xf, 0x133, 0x6]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
write$input_event(r4, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)

3.642996476s ago: executing program 1 (id=2030):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000500)={0x0, 0x5885, 0x0, 0x1, 0x2d8}, &(0x7f0000000340)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffd, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0xe0ff, 0x0, 0x0, 0x0)

2.860830099s ago: executing program 0 (id=2031):
arch_prctl$ARCH_GET_CPUID(0x1011)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000180)={0x2a, 0x0, 0xfffffffe}, 0xc)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x3, 0x28a}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r2, 0x0, 0x0})
io_uring_enter(r3, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
sched_getattr(0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
socket$key(0xf, 0x3, 0x2)
syz_open_procfs(0x0, 0x0)

2.617756649s ago: executing program 1 (id=2032):
socket(0x10, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x3, 0x0, 0x8003}, 0x0, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0xe)
open$dir(&(0x7f00000003c0)='./file0\x00', 0x400, 0x113)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
userfaultfd(0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket(0x2, 0x80805, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)})

2.584477857s ago: executing program 4 (id=2033):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="0f000000040000000800000002000000000000", @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
socket$inet(0x2, 0x4000000000000001, 0x0)
sendmsg$netlink(r0, &(0x7f0000007d80)={0x0, 0x0, 0x0}, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000280), 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c0260000410007010000000007000000017c00000400fc80a72601"], 0x26c0}}, 0x4010)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004a40)=ANY=[@ANYBLOB="c0260000410007010000000007000000027c00000400fc80a72601"], 0x26c0}}, 0x4010)

2.517056618s ago: executing program 2 (id=2034):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000062c0)=@base={0xa, 0x8001, 0x9, 0x8}, 0x50)
bpf$BPF_GET_MAP_INFO(0x15, &(0x7f0000000080)={r3, 0xfffffe38}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

2.244962702s ago: executing program 4 (id=2035):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000400), 0x202)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = inotify_init1(0x0)
inotify_add_watch(r3, &(0x7f0000000200)='.\x00', 0x10000a0)
fcntl$getownex(r0, 0x10, &(0x7f00000000c0))
getuid()
r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r5 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xfffffffd, 0xb6, 0x0, r4}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
execve(&(0x7f0000000200)='./file0\x00', &(0x7f0000000500), 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0x47f6, 0x0, 0x4, 0x0, 0x0)

2.236433672s ago: executing program 1 (id=2036):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x7, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0xfffffffffffffead, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x3}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r0, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)

1.893390926s ago: executing program 0 (id=2037):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
io_uring_register$IORING_REGISTER_CLOCK(0xffffffffffffffff, 0x1d, 0x0, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x6b0d, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x2, 0x29d, 0x0, r3}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r2, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r4, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000580)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x57, 0x7fc000fd}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, 0x0)

1.371462599s ago: executing program 2 (id=2038):
r0 = io_uring_setup(0xbbc, &(0x7f00000001c0)={0x0, 0x800000, 0x2, 0x4, 0x112})
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45)
r2 = accept4(r1, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000600)=""/152, 0x98}], 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nfc_llcp(r3, 0x0, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x4, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000000)={0x4000006, 0x1, 0x4})
io_uring_enter(r0, 0x100000, 0x2, 0xf, &(0x7f0000000000), 0x18)

1.196861627s ago: executing program 4 (id=2039):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x1, 0x0)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000d00), 0x0, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f00000019c0))
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
r5 = syz_io_uring_setup(0x49f, &(0x7f0000001000)={0x0, 0x54e9, 0x0, 0x7, 0x40024f}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="7c0000001501000005000000ff9ecc9edf812393f0d8b81b5788aacf4a3cff179a9732d863ae57fc9f4e295a95f0bf9f722a0f8327c82de81bdf28a968203ca8edf0ae4ef73446f1a9a1dce86e5d08be3809925d023e63564997f5cead66a998c961b56f0f2106ed1c608c1f3cad586333bfb51861223b593a0667000c0000001400000006000000200000002900000006000000e4ce4feaf4d1bd4732a5a9ee6a6196790428bd00a80000000c010000000400009d61b09c365e3d3bfc958fbf48eb43fadddc2f2aedfb813cedbefade8bf29c7252747d4eb75c854d89a2c66842a2cb122ff78391b500834b035bd5bee7c06b4f9e65243f8909d416a3ba82719be74c80dfc88bb2d1c01ee52786f06a644f0163eb1c22de70a8a882b3aca234e292e5246965d61110d3b81605220f5b9d726e347faf0628d8516a1a5f55dbb4965ffdfb43aeb6c820a7767acc59df3f580000001301000009000000bdce0f101f2d077789740f59a352a37988be5c24fdecffe50ae3a62904eb3821c559733e359b3bc625615cf788e23e5f7c77ecaabcc366699b768e4d794ab2fae723a384869867d12db000007001"], 0x318}, 0x0, 0x4040000})
io_uring_enter(r5, 0x3d0e, 0x4c1, 0x43, 0x0, 0x0)

994.320371ms ago: executing program 0 (id=2040):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc000, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r0, &(0x7f00000050c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_ATTR(r0, &(0x7f0000007100)={0x78, 0x0, r3, {0xa0, 0x6, 0x0, {0x4, 0x0, 0x9, 0x8, 0x0, 0x23, 0xfffff92f, 0x0, 0x4, 0xc000, 0x3ff, 0xee00, 0x0, 0x7fffffff, 0x4}}}, 0x78)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

885.20164ms ago: executing program 1 (id=2041):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0xef4, &(0x7f0000000300)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000140)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x6c5832815a6b3292, 0x0, @fd=r1, 0x0, 0x0, 0x0, {0x484}})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
ppoll(&(0x7f0000000500)=[{r6}], 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r6, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
ioprio_get$uid(0x3, 0x0)

382.520562ms ago: executing program 4 (id=2042):
socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x5, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f0000000500)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e21, 0x8, @mcast2, 0x2}}}, 0x30)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0)
write$binfmt_misc(r5, &(0x7f0000000980), 0xfdef)
splice(0xffffffffffffffff, 0x0, r5, 0x0, 0x80, 0x4)
timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read$FUSE(r4, &(0x7f0000000980)={0x2020}, 0x2020)

106.149393ms ago: executing program 0 (id=2043):
ioperm(0x6, 0x88, 0x8)
timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NET_GET(r1, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040004)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xffffffffffffffff]}, 0x8, 0x0)
read$FUSE(r3, &(0x7f0000003a40)={0x2020}, 0x2020)
ioctl$DRM_IOCTL_MODE_GETFB(0xffffffffffffffff, 0xc01c64ad, 0x0)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r2, &(0x7f0000000600)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[], 0x14}}, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2})
socket$nl_audit(0x10, 0x3, 0x9)

0s ago: executing program 1 (id=2044):
socket(0x2d, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0xf8e14000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = syz_io_uring_setup(0x487, &(0x7f00000000c0)={0x0, 0x9010, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x1802, 0x40)
write$cgroup_subtree(r6, &(0x7f0000000200)=ANY=[], 0xfe33)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x1, 0x1, r1, 0x0, 0x0, 0x0, 0x100, 0x1, {0x1}})
io_uring_enter(r3, 0x3517, 0x173d, 0x42, 0x0, 0x0)

kernel console output (not intermixed with test programs):

interface 228 has no altsetting 0
[  170.284430][  T840] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  170.288200][  T840] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  170.294408][  T840] usb 5-1: Product: syz
[  170.296197][  T840] usb 5-1: SerialNumber: syz
[  170.305479][  T840] hub 5-1:250.228: bad descriptor, ignoring hub
[  170.308162][  T840] hub 5-1:250.228: probe with driver hub failed with error -5
[  170.710251][  T840] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 6 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  171.065569][  T840] usb 5-1: reset high-speed USB device number 6 using dummy_hcd
[  171.070075][  T840] usb 5-1: device reset changed ep0 maxpacket size!
[  171.076554][  T840] usb 5-1: USB disconnect, device number 6
[  171.080257][  T840] usblp0: removed
[  171.175216][ T8670] nbd: must specify a device to reconfigure
[  171.204752][  T840] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  171.357104][  T840] usb 5-1: config index 0 descriptor too short (expected 1472, got 146)
[  171.361206][  T840] usb 5-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[  171.364673][  T840] usb 5-1: config 128 has no interfaces?
[  171.367861][  T840] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  171.370728][  T840] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  171.373333][  T840] usb 5-1: SerialNumber: syz
[  171.584526][ T1023] usb 5-1: USB disconnect, device number 7
[  171.784393][   T63] Bluetooth: hci3: command 0x0406 tx timeout
[  172.377249][ T8692] syz.2.726 uses obsolete (PF_INET,SOCK_PACKET)
[  172.582441][ T8696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.727'.
[  172.698852][ T8699] netlink: 4 bytes leftover after parsing attributes in process `syz.2.728'.
[  172.733892][ T8699] netlink: 4 bytes leftover after parsing attributes in process `syz.2.728'.
[  173.864419][   T63] Bluetooth: hci3: command 0x0406 tx timeout
[  174.180958][ T8735] netlink: 'syz.2.736': attribute type 27 has an invalid length.
[  174.665669][ T8752] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[  174.671166][ T8752] netlink: 24 bytes leftover after parsing attributes in process `syz.3.745'.
[  175.384530][ T5979] Bluetooth: hci0: command 0x0406 tx timeout
[  175.384583][   T63] Bluetooth: hci1: command 0x0406 tx timeout
[  175.557510][ T8775] netlink: 24 bytes leftover after parsing attributes in process `syz.0.753'.
[  175.874329][ T6043] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  176.027640][ T6043] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.032056][ T6043] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.036258][ T6043] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  176.039970][ T6043] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.045962][ T6043] usb 5-1: config 0 descriptor??
[  177.471922][ T6043] uclogic 0003:256C:006D.0008: v1 frame probing failed: -71
[  177.474962][ T6043] uclogic 0003:256C:006D.0008: failed probing parameters: -71
[  177.477928][ T6043] uclogic 0003:256C:006D.0008: probe with driver uclogic failed with error -71
[  177.482424][ T6043] usb 5-1: USB disconnect, device number 8
[  178.231185][ T8806] netlink: 4 bytes leftover after parsing attributes in process `syz.2.765'.
[  179.007693][ T8814] netlink: 'syz.1.759': attribute type 27 has an invalid length.
[  179.017306][ T8814] veth3: left promiscuous mode
[  179.441100][ T8829] xfrm0: entered promiscuous mode
[  179.443382][ T8829] xfrm0: entered allmulticast mode
[  179.719791][   T41] kauditd_printk_skb: 28 callbacks suppressed
[  179.719806][   T41] audit: type=1804 audit(1758909335.145:355): pid=8836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.767" name="/newroot/76/file1" dev="fuse" ino=1 res=1 errno=0
[  179.728728][   T41] audit: type=1800 audit(1758909335.145:356): pid=8836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.767" name="/" dev="fuse" ino=1 res=0 errno=0
[  180.110752][ T8854] lo speed is unknown, defaulting to 1000
[  181.413160][   T41] audit: type=1804 audit(1758909336.835:357): pid=8868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.787" name="/newroot/208/file1" dev="fuse" ino=1 res=1 errno=0
[  181.819002][ T8878] netlink: 4 bytes leftover after parsing attributes in process `syz.3.782'.
[  181.841950][ T8878] netlink: 4 bytes leftover after parsing attributes in process `syz.3.782'.
[  182.071227][ T8889] bond2: entered allmulticast mode
[  182.073465][ T8889] 8021q: adding VLAN 0 to HW filter on device bond2
[  183.517128][ T8919] netlink: 4 bytes leftover after parsing attributes in process `syz.0.795'.
[  183.540366][ T8919] netlink: 4 bytes leftover after parsing attributes in process `syz.0.795'.
[  183.875870][   T41] audit: type=1804 audit(1758909339.305:358): pid=8924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.798" name="/newroot/208/file1" dev="fuse" ino=1 res=1 errno=0
[  183.884994][   T41] audit: type=1800 audit(1758909339.305:359): pid=8924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.798" name="/" dev="fuse" ino=1 res=0 errno=0
[  183.893169][   T41] audit: type=1800 audit(1758909339.305:360): pid=8924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.798" name="/" dev="fuse" ino=1 res=0 errno=0
[  184.498417][ T8945] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  185.647735][ T8956] MPI: mpi too large (124808 bits)
[  186.618834][ T8974] binder: BINDER_SET_CONTEXT_MGR already set
[  186.623474][ T8974] binder: 8972:8974 ioctl 4018620d 80000140 returned -16
[  186.633481][ T8974] binder: BINDER_SET_CONTEXT_MGR already set
[  186.636811][ T8974] binder: 8972:8974 ioctl 4018620d 80000040 returned -16
[  186.674447][ T8976] bond0: (slave wlan1): Releasing backup interface
[  186.677094][ T8976] mac80211_hwsim hwsim8 wlan1 (unregistering): left promiscuous mode
[  188.961935][ T9014] lo speed is unknown, defaulting to 1000
[  189.994428][ T6043] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  190.151383][ T6043] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  190.155532][ T6043] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  190.159883][ T6043] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  190.163597][ T6043] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  190.164834][ T9031] netlink: 'syz.2.830': attribute type 1 has an invalid length.
[  190.170373][ T6043] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  190.181671][ T6043] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  190.188532][ T6043] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  190.193000][ T6043] usb 5-1: Product: syz
[  190.196230][ T6043] usb 5-1: Manufacturer: syz
[  190.197654][ T9031] 8021q: adding VLAN 0 to HW filter on device bond3
[  190.205734][ T6043] cdc_wdm 5-1:1.0: skipping garbage
[  190.207362][ T6043] cdc_wdm 5-1:1.0: skipping garbage
[  190.213150][ T6043] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  190.217627][ T6043] cdc_wdm 5-1:1.0: Unknown control protocol
[  190.240713][ T9031] 8021q: adding VLAN 0 to HW filter on device bond3
[  190.243074][ T9031] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  190.251184][ T9031] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  190.300267][ T9035] bond4: entered promiscuous mode
[  190.303840][ T9035] 8021q: adding VLAN 0 to HW filter on device bond4
[  190.310817][ T9035] bond3: (slave bond4): Enslaving as an active interface with a down link
[  190.349373][ T9031] macvlan2: entered promiscuous mode
[  190.351207][ T9031] macvlan2: entered allmulticast mode
[  190.354000][ T9031] bond3: entered promiscuous mode
[  190.356765][ T9031] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  190.360320][ T9031] bond3: left promiscuous mode
[  190.474613][ T6043] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  190.496763][ T9038] netlink: 16 bytes leftover after parsing attributes in process `syz.3.832'.
[  190.505803][ T9038] dummy0: entered promiscuous mode
[  190.512485][ T9038] dummy0: left promiscuous mode
[  190.622354][   T34] usb 5-1: USB disconnect, device number 9
[  190.644693][ T6043] usb 6-1: Using ep0 maxpacket: 32
[  190.649072][ T6043] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.653432][ T6043] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.657768][ T6043] usb 6-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00
[  190.661472][ T6043] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.670386][ T6043] usb 6-1: config 0 descriptor??
[  190.945644][ T5339] Bluetooth: hci1: unexpected event for opcode 0x0c58
[  191.590077][ T6043] usbhid 6-1:0.0: can't add hid device: -71
[  191.594392][ T6043] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  191.605431][ T6043] usb 6-1: USB disconnect, device number 5
[  192.051440][ T9069] netlink: 'syz.1.844': attribute type 39 has an invalid length.
[  192.602290][ T9083] net_ratelimit: 4052 callbacks suppressed
[  192.602302][ T9083] netlink: zone id is out of range
[  192.607379][ T9083] netlink: del zone limit has 4 unknown bytes
[  193.395102][ T9095] trusted_key: syz.1.852 sent an empty control message without MSG_MORE.
[  193.403266][ T9094] ALSA: mixer_oss: invalid OSS volume 'PHONEIÎ'
[  193.406658][ T9094] ALSA: mixer_oss: invalid OSS volume '¢¢ð½ñL²Îýþ‰XTp0þ¥œý¦'
[  193.507106][ T9103] netlink: 4 bytes leftover after parsing attributes in process `syz.0.859'.
[  193.787993][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  194.664458][ T5975] Bluetooth: hci2: command 0x0405 tx timeout
[  195.414901][ T9115] lo speed is unknown, defaulting to 1000
[  195.613961][ T9117] binder: 9114:9117 ioctl c0306201 0 returned -14
[  195.685349][ T9121] netlink: 'syz.1.858': attribute type 1 has an invalid length.
[  196.239575][   T41] audit: type=1326 audit(1758909351.665:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.0.856" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7fc00000
[  196.515626][ T6017] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  196.679730][ T6017] usb 5-1: Using ep0 maxpacket: 8
[  196.683858][ T6017] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  196.688044][ T6017] usb 5-1: config 0 has no interface number 0
[  196.690190][ T6017] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  196.693922][ T6017] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  196.698018][ T6017] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  196.701485][ T6017] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  196.706279][ T6017] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  196.709592][ T6017] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.713317][ T6017] usb 5-1: config 0 descriptor??
[  196.717711][ T6017] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  196.923893][ T9127] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  196.933888][ T9126] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  196.940022][ T6017] usb 5-1: USB disconnect, device number 10
[  196.959805][ T6017] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  197.851034][ T9154] netlink: 4 bytes leftover after parsing attributes in process `syz.1.871'.
[  199.993003][ T9188] cgroup: fork rejected by pids controller in /syz1
[  201.003242][T11719] netlink: 4 bytes leftover after parsing attributes in process `syz.1.885'.
[  201.022047][T11719] netlink: 4 bytes leftover after parsing attributes in process `syz.1.885'.
[  201.179388][T11724] lo speed is unknown, defaulting to 1000
[  201.219113][T11726] netlink: 'syz.1.888': attribute type 1 has an invalid length.
[  201.243126][T11726] 8021q: adding VLAN 0 to HW filter on device bond3
[  201.295564][T11726] 8021q: adding VLAN 0 to HW filter on device bond3
[  201.298050][T11726] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  201.303283][T11726] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  201.344818][T11730] bond4: entered promiscuous mode
[  201.350053][T11730] 8021q: adding VLAN 0 to HW filter on device bond4
[  201.357487][T11730] bond3: (slave bond4): Enslaving as an active interface with a down link
[  201.406937][T11726] macvlan0: entered promiscuous mode
[  201.408795][T11726] macvlan0: entered allmulticast mode
[  201.411278][T11726] bond3: entered promiscuous mode
[  201.413741][T11726] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  201.424987][T11726] bond3: left promiscuous mode
[  201.539465][T11733] netlink: 'syz.1.889': attribute type 5 has an invalid length.
[  201.940623][   T41] audit: type=1326 audit(1758909357.365:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11737 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  201.951014][   T41] audit: type=1326 audit(1758909357.365:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11737 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  201.960258][   T41] audit: type=1326 audit(1758909357.365:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11737 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  201.969922][   T41] audit: type=1326 audit(1758909357.365:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11737 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  201.979059][   T41] audit: type=1326 audit(1758909357.375:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11737 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  201.989361][   T41] audit: type=1326 audit(1758909357.375:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11737 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  202.000276][   T41] audit: type=1326 audit(1758909357.375:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11737 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  202.009548][   T41] audit: type=1326 audit(1758909357.375:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11737 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  202.019159][   T41] audit: type=1326 audit(1758909357.375:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11737 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  202.028155][   T41] audit: type=1326 audit(1758909357.375:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11737 comm="syz.0.891" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  202.079106][T11743] netlink: 4 bytes leftover after parsing attributes in process `syz.0.892'.
[  203.157753][T11747] lo speed is unknown, defaulting to 1000
[  203.174162][T11747] lo speed is unknown, defaulting to 1000
[  203.178163][T11747] lo speed is unknown, defaulting to 1000
[  203.187593][T11747] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  203.211992][T11759] mac80211_hwsim hwsim8 syzkaller0: entered promiscuous mode
[  203.214694][T11759] mac80211_hwsim hwsim8 syzkaller0: entered allmulticast mode
[  203.219946][T11747] lo speed is unknown, defaulting to 1000
[  203.222631][T11747] lo speed is unknown, defaulting to 1000
[  203.230268][T11747] lo speed is unknown, defaulting to 1000
[  203.233885][T11747] lo speed is unknown, defaulting to 1000
[  203.237890][T11747] lo speed is unknown, defaulting to 1000
[  203.259314][ T5339] Bluetooth: hci0: unexpected event for opcode 0x0c05
[  203.261991][T11761] veth0_to_hsr: entered allmulticast mode
[  203.267267][T11761] veth0_to_hsr: left allmulticast mode
[  203.292547][T11763] lo speed is unknown, defaulting to 1000
[  203.297913][T11763] lo speed is unknown, defaulting to 1000
[  203.659936][T11789] bridge0: port 3(syz_tun) entered blocking state
[  203.662785][T11789] bridge0: port 3(syz_tun) entered disabled state
[  203.666656][T11789] syz_tun: entered allmulticast mode
[  203.669700][T11789] syz_tun: entered promiscuous mode
[  204.129684][T11810] netlink: 4 bytes leftover after parsing attributes in process `syz.1.914'.
[  204.136854][T11808] lo speed is unknown, defaulting to 1000
[  204.143243][T11808] lo speed is unknown, defaulting to 1000
[  204.148149][T11810] netlink: 4 bytes leftover after parsing attributes in process `syz.1.914'.
[  204.202755][T11810] netlink: 4 bytes leftover after parsing attributes in process `syz.1.914'.
[  204.253336][T11813] lo speed is unknown, defaulting to 1000
[  204.259994][T11813] lo speed is unknown, defaulting to 1000
[  204.265193][T11810] netlink: 4 bytes leftover after parsing attributes in process `syz.1.914'.
[  204.614030][T11826] netlink: 12 bytes leftover after parsing attributes in process `syz.0.919'.
[  204.659909][T11826] bridge1: port 1(bond5) entered blocking state
[  204.662193][T11826] bridge1: port 1(bond5) entered disabled state
[  204.667628][T11826] bond5: entered allmulticast mode
[  204.671051][T11826] bond5: entered promiscuous mode
[  204.706310][T11826] bridge1: port 2(geneve3) entered blocking state
[  204.709156][T11826] bridge1: port 2(geneve3) entered disabled state
[  204.712116][T11826] geneve3: entered allmulticast mode
[  204.714887][T11826] geneve3: entered promiscuous mode
[  205.372879][T11844] vlan2: entered promiscuous mode
[  205.381088][T11844] vlan2: entered allmulticast mode
[  205.385996][T11844] hsr_slave_1: entered allmulticast mode
[  205.819651][T11851] netlink: zone id is out of range
[  205.822468][T11851] netlink: del zone limit has 4 unknown bytes
[  206.454819][T11866] dvmrp1: entered allmulticast mode
[  206.496836][T11868] netlink: 32 bytes leftover after parsing attributes in process `syz.0.932'.
[  206.507337][T11868] netlink: 160 bytes leftover after parsing attributes in process `syz.0.932'.
[  206.550233][T11871] netlink: 4 bytes leftover after parsing attributes in process `syz.0.933'.
[  206.571790][T11871] netlink: 4 bytes leftover after parsing attributes in process `syz.0.933'.
[  206.819954][T11878] wireguard0: entered promiscuous mode
[  206.822223][T11878] wireguard0: entered allmulticast mode
[  207.077296][   T41] kauditd_printk_skb: 53 callbacks suppressed
[  207.077315][   T41] audit: type=1326 audit(1758909362.505:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.3.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  207.090705][   T41] audit: type=1326 audit(1758909362.505:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.3.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  207.098776][   T41] audit: type=1326 audit(1758909362.505:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.3.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  207.107071][   T41] audit: type=1326 audit(1758909362.505:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.3.936" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  207.115909][   T41] audit: type=1326 audit(1758909362.505:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.3.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  207.122495][   T41] audit: type=1326 audit(1758909362.505:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.3.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  207.130173][   T41] audit: type=1326 audit(1758909362.505:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.3.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  207.136983][   T41] audit: type=1326 audit(1758909362.505:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.3.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  207.143850][   T41] audit: type=1326 audit(1758909362.505:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.3.936" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  207.155087][   T41] audit: type=1326 audit(1758909362.505:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.3.936" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  207.241746][T11887] lo speed is unknown, defaulting to 1000
[  207.246519][T11887] lo speed is unknown, defaulting to 1000
[  207.480901][T11894] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  207.691906][T11903] netlink: 56 bytes leftover after parsing attributes in process `syz.2.943'.
[  207.910232][T11914] netlink: 'syz.2.947': attribute type 3 has an invalid length.
[  207.913587][T11914] netlink: 'syz.2.947': attribute type 3 has an invalid length.
[  208.141248][T11923] netlink: 'syz.1.950': attribute type 13 has an invalid length.
[  208.143776][T11923] netlink: 'syz.1.950': attribute type 17 has an invalid length.
[  208.442076][T11923] bridge0: port 3(syz_tun) entered blocking state
[  208.444294][T11923] bridge0: port 3(syz_tun) entered forwarding state
[  208.453075][T11923] 8021q: adding VLAN 0 to HW filter on device bond0
[  208.456637][T11923] 8021q: adding VLAN 0 to HW filter on device team0
[  208.472835][T11923] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  208.508981][  T842] lo speed is unknown, defaulting to 1000
[  208.511518][  T842] syz0: Port: 1 Link ACTIVE
[  208.525172][ T6614] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  211.023106][T11970] netlink: zone id is out of range
[  211.025369][T11970] netlink: del zone limit has 4 unknown bytes
[  212.594473][    C3] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  213.778058][T12017] netlink: 12 bytes leftover after parsing attributes in process `syz.2.979'.
[  213.896130][T12008] orangefs_mount: mount request failed with -4
[  214.003006][T12025] netlink: 4 bytes leftover after parsing attributes in process `syz.1.981'.
[  214.579522][   T41] kauditd_printk_skb: 50 callbacks suppressed
[  214.579533][   T41] audit: type=1326 audit(1758909370.005:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.0.985" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  214.590680][   T41] audit: type=1326 audit(1758909370.005:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.0.985" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  214.597867][   T41] audit: type=1326 audit(1758909370.005:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.0.985" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  214.605465][   T41] audit: type=1326 audit(1758909370.005:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.0.985" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  214.613975][   T41] audit: type=1326 audit(1758909370.005:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.0.985" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  214.622209][   T41] audit: type=1326 audit(1758909370.005:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.0.985" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  214.629348][   T41] audit: type=1326 audit(1758909370.005:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.0.985" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  214.637285][   T41] audit: type=1326 audit(1758909370.005:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.0.985" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  214.644700][   T41] audit: type=1326 audit(1758909370.005:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.0.985" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  214.652188][   T41] audit: type=1326 audit(1758909370.005:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12035 comm="syz.0.985" exe="/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  215.167311][T12047] netlink: 'syz.3.990': attribute type 1 has an invalid length.
[  215.170514][T12047] netlink: 'syz.3.990': attribute type 4 has an invalid length.
[  215.173041][T12047] netlink: 15334 bytes leftover after parsing attributes in process `syz.3.990'.
[  215.468593][T12057] netlink: 'syz.2.994': attribute type 13 has an invalid length.
[  215.472009][T12057] netlink: 'syz.2.994': attribute type 17 has an invalid length.
[  215.583166][T12057] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.588282][T12057] 8021q: adding VLAN 0 to HW filter on device team0
[  215.597635][T12057] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  215.604973][ T6017] lo speed is unknown, defaulting to 1000
[  215.607110][ T6017] syz2: Port: 1 Link ACTIVE
[  216.125416][T12073] netlink: 'syz.3.998': attribute type 1 has an invalid length.
[  216.188155][T12073] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  216.192469][T12073] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  216.196115][T12073] bond1: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[  216.246222][T12079] netlink: 4 bytes leftover after parsing attributes in process `syz.3.998'.
[  216.342431][T12083] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1001'.
[  217.169080][T12102] block nbd1: Dead connection, failed to find a fallback
[  217.171673][T12102] block nbd1: shutting down sockets
[  217.173541][T12102] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  217.178242][T12102] Buffer I/O error on dev nbd1, logical block 0, async page read
[  217.181174][T12102] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  217.185541][T12102] Buffer I/O error on dev nbd1, logical block 1, async page read
[  217.188308][T12102] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  217.191312][T12102] Buffer I/O error on dev nbd1, logical block 2, async page read
[  217.193847][T12102] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  217.197087][T12102] Buffer I/O error on dev nbd1, logical block 3, async page read
[  217.199719][T12102] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  217.202660][T12102] Buffer I/O error on dev nbd1, logical block 0, async page read
[  217.206895][T12102] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  217.209892][T12102] Buffer I/O error on dev nbd1, logical block 1, async page read
[  217.212638][T12102] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  217.215992][T12102] Buffer I/O error on dev nbd1, logical block 2, async page read
[  217.218666][T12102] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  217.221639][T12102] Buffer I/O error on dev nbd1, logical block 3, async page read
[  217.226344][T12103] block nbd1: NBD_DISCONNECT
[  217.226348][T12102] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  217.228025][T12103] block nbd1: Send disconnect failed -32
[  217.230874][T12102] Buffer I/O error on dev nbd1, logical block 0, async page read
[  217.243402][T12102] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  217.254530][T12102] Buffer I/O error on dev nbd1, logical block 1, async page read
[  217.289916][T12102] ldm_validate_partition_table(): Disk read failed.
[  217.306777][T12102] Dev nbd1: unable to read RDB block 0
[  217.312138][T12102]  nbd1: unable to read partition table
[  217.887051][ T5339] Bluetooth: hci2: link tx timeout
[  217.889351][ T5339] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  217.893059][ T5975] Bluetooth: hci2: link tx timeout
[  217.895207][ T5975] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  218.301549][T12125] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1014'.
[  218.325672][T12125] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1014'.
[  218.332237][T12125] batadv1: entered promiscuous mode
[  218.333978][T12125] batadv1: entered allmulticast mode
[  218.378993][T12128] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1014'.
[  218.402117][T12128] batadv1: entered promiscuous mode
[  218.405149][T12128] batadv1: entered allmulticast mode
[  218.504402][ T5975] Bluetooth: hci2: command 0x0405 tx timeout
[  219.752862][T12154] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1022'.
[  220.094351][   T53] usb 5-1: new low-speed USB device number 11 using dummy_hcd
[  220.217380][   T41] kauditd_printk_skb: 251 callbacks suppressed
[  220.217421][   T41] audit: type=1804 audit(1758909375.635:746): pid=12172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1029" name="/newroot/133/file1" dev="fuse" ino=1 res=1 errno=0
[  220.256690][   T53] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  220.260212][   T53] usb 5-1: config 0 has no interface number 0
[  220.263211][   T53] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  220.274302][   T53] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  220.278688][   T53] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  220.283381][   T53] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  220.294450][   T53] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  220.298906][   T53] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  220.304134][   T53] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  220.314412][   T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.319692][   T53] usb 5-1: config 0 descriptor??
[  220.322395][T12159] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  220.324888][T12159] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  220.334521][   T53] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  220.542659][   T34] usb 5-1: USB disconnect, device number 11
[  220.569604][   T34] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  220.584454][ T5339] Bluetooth: hci2: command 0x0405 tx timeout
[  220.663042][T12185] wireguard0: entered promiscuous mode
[  220.666119][T12185] wireguard0: entered allmulticast mode
[  221.208309][T12191] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  221.212211][T12191] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  221.215724][T12191] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  221.218893][T12191] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  221.222016][T12191] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  221.226145][T12191] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  221.229696][T12191] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  221.232969][T12191] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  221.236592][T12191] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  221.239794][T12191] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  221.304536][    C3] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  221.401234][T12198] netlink: 'syz.0.1036': attribute type 1 has an invalid length.
[  221.411889][T12196] lo speed is unknown, defaulting to 1000
[  221.425326][T12198] 8021q: adding VLAN 0 to HW filter on device bond6
[  221.428179][T12196] lo speed is unknown, defaulting to 1000
[  221.445736][T12198] vlan1: entered promiscuous mode
[  221.447746][T12198] bond6: entered promiscuous mode
[  221.449860][T12198] vlan1: entered allmulticast mode
[  221.451796][T12198] bond6: entered allmulticast mode
[  221.469583][T12198] bond6: (slave gretap2): making interface the new active one
[  221.473267][T12198] gretap2: entered promiscuous mode
[  221.475801][T12198] gretap2: entered allmulticast mode
[  221.480659][T12198] bond6: (slave gretap2): Enslaving as an active interface with an up link
[  222.497909][T12218] No control pipe specified
[  223.511508][T12240] netlink: 'syz.2.1055': attribute type 1 has an invalid length.
[  223.548668][T12240] bond5: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  223.553827][T12240] bond5: (slave ipvlan0): The slave device specified does not support setting the MAC address
[  223.559157][T12240] bond5: (slave ipvlan0): Setting fail_over_mac to active for active-backup mode
[  223.599649][T12243] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1055'.
[  223.806304][T12248] wireguard0: entered promiscuous mode
[  223.808281][T12248] wireguard0: entered allmulticast mode
[  224.665293][T12262] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  224.668193][T12262] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  224.672953][T12262] vhci_hcd vhci_hcd.0: Device attached
[  224.676863][ T5339] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  224.680867][T12267] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1056'.
[  224.684557][T12263] vhci_hcd: connection closed
[  224.688397][ T6590] vhci_hcd: stop threads
[  224.689067][T12267] tipc: Started in network mode
[  224.690396][ T6590] vhci_hcd: release socket
[  224.691661][T12267] tipc: Node identity fe800000000000000000000000000016, cluster identity 4711
[  224.693708][ T6590] vhci_hcd: disconnect device
[  224.708570][T12267] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  227.556677][T12309] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1068'.
[  227.580528][T12309] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1068'.
[  227.588018][T12309] batadv1: entered promiscuous mode
[  227.589791][T12309] batadv1: entered allmulticast mode
[  227.632064][T12313] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1068'.
[  227.643777][T12313] batadv1: entered promiscuous mode
[  227.654986][T12313] batadv1: entered allmulticast mode
[  227.897797][T12320] netlink: 'syz.0.1072': attribute type 1 has an invalid length.
[  227.936495][T12320] 8021q: adding VLAN 0 to HW filter on device bond7
[  227.972869][T12320] 8021q: adding VLAN 0 to HW filter on device bond7
[  227.976242][T12320] bond7: (slave vxcan1): The slave device specified does not support setting the MAC address
[  227.983373][T12320] bond7: (slave vxcan1): Error -95 calling set_mac_address
[  228.006622][T12324] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1073'.
[  228.194072][T12325] veth15: entered promiscuous mode
[  228.230581][T12325] bond7: (slave veth15): Enslaving as an active interface with a down link
[  228.270435][T12320] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1072'.
[  228.277367][T12320] 8021q: adding VLAN 0 to HW filter on device bond7
[  228.578609][T12333] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1076'.
[  228.583940][T12333] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1076'.
[  230.095602][T12351] netlink: 'syz.0.1089': attribute type 1 has an invalid length.
[  230.096625][T12349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1081'.
[  230.116179][T12351] 8021q: adding VLAN 0 to HW filter on device bond8
[  230.136937][T12349] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1081'.
[  230.144706][T12349] batadv1: entered promiscuous mode
[  230.146684][T12349] batadv1: entered allmulticast mode
[  230.160311][T12351] 8021q: adding VLAN 0 to HW filter on device bond8
[  230.162740][T12351] bond8: (slave vxcan1): The slave device specified does not support setting the MAC address
[  230.167555][T12351] bond8: (slave vxcan1): Error -95 calling set_mac_address
[  230.189324][T12357] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1081'.
[  230.198209][T12357] batadv1: entered promiscuous mode
[  230.200029][T12357] batadv1: entered allmulticast mode
[  230.216699][T12358] macvlan2: entered promiscuous mode
[  230.219101][   T41] audit: type=1804 audit(1758909385.645:747): pid=12359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1082" name="bus" dev="tmpfs" ino=1513 res=1 errno=0
[  230.219130][T12358] macvlan2: entered allmulticast mode
[  230.232572][T12358] bond8: entered promiscuous mode
[  230.235267][T12358] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  230.240407][T12358] bond8: left promiscuous mode
[  232.470961][T12389] netlink: 'syz.0.1091': attribute type 1 has an invalid length.
[  232.559764][T12391] bond9: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  232.565231][T12391] bond9: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  232.569746][T12391] bond9: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[  232.636480][T12389] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1091'.
[  233.654318][   T41] audit: type=1804 audit(1758909389.045:748): pid=12402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1095" name="bus" dev="tmpfs" ino=1528 res=1 errno=0
[  234.525657][T12407] kvm: MWAIT instruction emulated as NOP!
[  235.521303][T12421] fuse: Unknown parameter '0xffffffffffffffff0xffffffffffffffff00000000000000000000'
[  235.873775][T12430] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1104'.
[  237.097335][T12450] netlink: 'syz.0.1110': attribute type 1 has an invalid length.
[  237.113753][T12450] 8021q: adding VLAN 0 to HW filter on device bond10
[  237.160897][T12450] bond10: (slave veth17): Enslaving as an active interface with a down link
[  237.199977][T12450] bond10: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  237.218051][T12450] vlan2: entered allmulticast mode
[  237.219727][T12450] veth0_to_bond: entered allmulticast mode
[  237.224199][T12450] veth0_to_bond: entered promiscuous mode
[  237.231791][T12450] veth0_to_bond: left promiscuous mode
[  237.234594][T12450] veth0_to_bond: entered promiscuous mode
[  237.237078][T12450] bond10: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  237.247409][T12450] veth0_to_bond: left promiscuous mode
[  237.476254][T12461] netlink: 'syz.2.1114': attribute type 2 has an invalid length.
[  237.479664][T12461] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1114'.
[  237.498638][T12461] : entered promiscuous mode
[  237.599159][T12465] tipc: Started in network mode
[  237.600777][T12465] tipc: Node identity 7f000001, cluster identity 4711
[  237.604362][T12465] tipc: Enabled bearer <udp:syz2>, priority 10
[  237.612020][T12465] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  237.616117][T12465] tipc: Enabled bearer <udp:syz0>, priority 10
[  238.584795][    C3] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  238.744367][   T53] tipc: Node number set to 2130706433
[  239.271905][T12494] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  239.279406][T12494] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  239.282039][T12494] tipc: Enabled bearer <udp:syz0>, priority 10
[  239.786970][T12505] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  240.026957][T12510] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1129'.
[  240.352441][T12526] geneve2: entered promiscuous mode
[  240.374316][ T7461] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.377333][ T7461] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.379964][ T7461] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.392922][ T7461] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.817994][ T6017] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  240.880298][T12530] syz.2.1134: page allocation failure: order:0, mode:0x10cc0(GFP_KERNEL|__GFP_NORETRY), nodemask=(null),cpuset=/,mems_allowed=0-1
[  240.885030][T12530] CPU: 1 UID: 0 PID: 12530 Comm: syz.2.1134 Not tainted syzkaller #0 PREEMPT(full) 
[  240.885051][T12530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  240.885061][T12530] Call Trace:
[  240.885067][T12530]  <TASK>
[  240.885073][T12530]  dump_stack_lvl+0x16c/0x1f0
[  240.885122][T12530]  warn_alloc+0x248/0x3a0
[  240.885145][T12530]  ? __pfx_warn_alloc+0x10/0x10
[  240.885158][T12530]  ? psi_memstall_leave+0x19f/0x2d0
[  240.885172][T12530]  ? __pfx___alloc_pages_direct_compact+0x10/0x10
[  240.885184][T12530]  ? psi_memstall_leave+0x1e1/0x2d0
[  240.885197][T12530]  ? psi_memstall_leave+0x1e6/0x2d0
[  240.885213][T12530]  __alloc_frozen_pages_noprof+0xea2/0x23f0
[  240.885228][T12530]  ? __schedule+0x11a3/0x5de0
[  240.885251][T12530]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  240.885267][T12530]  ? rcu_is_watching+0x12/0xc0
[  240.885279][T12530]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  240.885294][T12530]  ? stack_depot_save_flags+0x3de/0x9c0
[  240.885318][T12530]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  240.885342][T12530]  ? policy_nodemask+0xea/0x4e0
[  240.885367][T12530]  alloc_pages_mpol+0x1fb/0x550
[  240.885390][T12530]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  240.885420][T12530]  alloc_pages_noprof+0x131/0x390
[  240.885442][T12530]  kimage_alloc_pages+0x75/0x350
[  240.885471][T12530]  kimage_alloc_control_pages+0x153/0xa00
[  240.885490][T12530]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  240.885505][T12530]  do_kexec_load+0x478/0x8a0
[  240.885517][T12530]  ? __pfx_do_kexec_load+0x10/0x10
[  240.885531][T12530]  __ia32_compat_sys_kexec_load+0x37f/0x400
[  240.885545][T12530]  ? __pfx___ia32_compat_sys_kexec_load+0x10/0x10
[  240.885558][T12530]  ? rcu_is_watching+0x12/0xc0
[  240.885570][T12530]  __do_fast_syscall_32+0x7c/0x300
[  240.885582][T12530]  do_fast_syscall_32+0x32/0x80
[  240.885591][T12530]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  240.885605][T12530] RIP: 0023:0xf7fb7579
[  240.885614][T12530] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  240.885624][T12530] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 000000000000011b
[  240.885635][T12530] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003
[  240.885641][T12530] RDX: 0000000080001080 RSI: 00000000003e0000 RDI: 0000000000000000
[  240.885648][T12530] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  240.885654][T12530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  240.885659][T12530] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  240.885672][T12530]  </TASK>
[  240.885676][T12530] Mem-Info:
[  240.965379][ T6017] usb 6-1: Using ep0 maxpacket: 8
[  240.987303][ T6017] usb 6-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b
[  240.988650][T12530] active_anon:816 inactive_anon:20984 isolated_anon:0
[  240.988650][T12530]  active_file:814 inactive_file:11792 isolated_file:0
[  240.988650][T12530]  unevictable:1768 dirty:7 writeback:0
[  240.988650][T12530]  slab_reclaimable:7448 slab_unreclaimable:63456
[  240.988650][T12530]  mapped:23511 shmem:17155 pagetables:1214
[  240.988650][T12530]  sec_pagetables:315 bounce:0
[  240.988650][T12530]  kernel_misc_reclaimable:0
[  240.988650][T12530]  free:23254 free_pcp:580 free_cma:0
[  240.990129][ T6017] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.005220][T12530] Node 0 active_anon:76kB inactive_anon:72kB active_file:4kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:4224kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8740kB pagetables:1680kB sec_pagetables:1168kB all_unreclaimable? yes Balloon:0kB
[  241.017439][T12530] Node 1 active_anon:3288kB inactive_anon:79464kB active_file:3252kB inactive_file:47156kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:94028kB dirty:28kB writeback:0kB shmem:60196kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8876kB pagetables:3176kB sec_pagetables:92kB all_unreclaimable? no Balloon:0kB
[  241.028001][ T6017] usb 6-1: Product: syz
[  241.028014][ T6017] usb 6-1: Manufacturer: syz
[  241.028022][ T6017] usb 6-1: SerialNumber: syz
[  241.029531][ T6017] usb 6-1: config 0 descriptor??
[  241.030646][T12530] Node 0 DMA free:1996kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  241.045904][T12530] lowmem_reserve[]: 0 288 288 288 288
[  241.047716][ T6017] option 6-1:0.0: GSM modem (1-port) converter detected
[  241.047757][T12530] Node 0 DMA32 free:15496kB boost:4096kB min:17316kB low:20620kB high:23924kB reserved_highatomic:2048KB free_highatomic:268KB active_anon:60kB inactive_anon:96kB active_file:4kB inactive_file:12kB unevictable:3536kB writepending:0kB present:1032196kB managed:295072kB mlocked:0kB bounce:0kB free_pcp:540kB local_pcp:0kB free_cma:0kB
[  241.060720][T12530] lowmem_reserve[]: 0 0 0 0 0
[  241.062359][T12530] Node 1 DMA32 free:79464kB boost:26624kB min:73764kB low:85548kB high:97332kB reserved_highatomic:10240KB free_highatomic:772KB active_anon:3288kB inactive_anon:79464kB active_file:3252kB inactive_file:47156kB unevictable:3536kB writepending:28kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:2496kB local_pcp:0kB free_cma:0kB
[  241.073066][T12530] lowmem_reserve[]: 0 0 0 0 0
[  241.075686][T12530] Node 0 DMA: 1*4kB (U) 2*8kB (U) 2*16kB (U) 3*32kB (U) 1*64kB (U) 0*128kB 1*256kB (U) 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 2004kB
[  241.080839][T12530] Node 0 DMA32: 166*4kB (MH) 177*8kB (UMEH) 106*16kB (UMEH) 106*32kB (UMEH) 53*64kB (UMEH) 16*128kB (UME) 3*256kB (UE) 4*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 15424kB
[  241.087200][T12530] Node 1 DMA32: 781*4kB (UMEH) 645*8kB (MEH) 460*16kB (UMEH) 348*32kB (UMEH) 230*64kB (UMEH) 129*128kB (ME) 36*256kB (UME) 19*512kB (UMH) 1*1024kB (M) 1*2048kB (U) 0*4096kB = 80028kB
[  241.094189][T12530] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  241.098579][T12530] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  241.102134][T12530] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  241.106319][T12530] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  241.110556][T12530] 29212 total pagecache pages
[  241.112751][T12530] 551 pages in swap cache
[  241.116522][T12530] Free swap  = 118468kB
[  241.118260][T12530] Total swap = 124996kB
[  241.119986][T12530] 524155 pages RAM
[  241.122299][T12530] 0 pages HighMem/MovableOnly
[  241.125143][T12530] 209492 pages reserved
[  241.127309][T12530] 0 pages cma reserved
[  241.334183][ T6017] usb 6-1: USB disconnect, device number 6
[  241.337028][ T6017] option 6-1:0.0: device disconnected
[  241.430457][T12544] netlink: 'syz.0.1137': attribute type 5 has an invalid length.
[  241.438685][T12544] netlink: 'syz.0.1137': attribute type 7 has an invalid length.
[  241.502608][T12544] : entered promiscuous mode
[  241.539950][T12530] kexec: Could not allocate control_code_buffer
[  242.065925][T12553] xfrm0: left promiscuous mode
[  242.067579][T12553] xfrm0: left allmulticast mode
[  242.095902][T12553] bond2: left allmulticast mode
[  242.099119][T12553] bond4: left promiscuous mode
[  242.105081][T12553] vlan2: left promiscuous mode
[  242.107191][T12553] vlan2: left allmulticast mode
[  242.108845][T12553] hsr_slave_1: left allmulticast mode
[  242.116922][T12553] wireguard0: left promiscuous mode
[  242.118791][T12553] wireguard0: left allmulticast mode
[  242.252868][   T53] lo speed is unknown, defaulting to 1000
[  242.255109][   T53] syz2: Port: 1 Link DOWN
[  242.317572][   T29] libceph: connect (1)[c::]:6789 error -101
[  242.321894][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  242.380389][T12557] ceph: No mds server is up or the cluster is laggy
[  242.716368][T12566] netlink: 'syz.2.1145': attribute type 1 has an invalid length.
[  242.738105][T12566] 8021q: adding VLAN 0 to HW filter on device bond6
[  242.798550][T12566] bond6: (slave veth7): Enslaving as an active interface with a down link
[  242.845611][T12566] bond6: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  242.859302][T12566] vlan0: entered allmulticast mode
[  242.861165][T12566] veth0_to_bond: entered allmulticast mode
[  242.864581][T12566] veth0_to_bond: entered promiscuous mode
[  242.866683][T12566] veth0_to_bond: left promiscuous mode
[  242.868883][T12566] veth0_to_bond: entered promiscuous mode
[  242.873295][T12566] bond6: (slave vlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  242.887729][T12566] veth0_to_bond: left promiscuous mode
[  242.914917][T12573] lo speed is unknown, defaulting to 1000
[  242.918055][T12573] lo speed is unknown, defaulting to 1000
[  244.530946][T12600] netlink: 'syz.0.1154': attribute type 4 has an invalid length.
[  244.948156][T12615] netlink: 'syz.3.1159': attribute type 1 has an invalid length.
[  244.961541][T12615] 8021q: adding VLAN 0 to HW filter on device bond2
[  245.000991][T12615] bond2: (slave veth5): Enslaving as an active interface with a down link
[  245.038377][T12615] bond2: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  245.054632][T12615] vlan2: entered allmulticast mode
[  245.056405][T12615] veth0_to_bond: entered allmulticast mode
[  245.058944][T12615] veth0_to_bond: entered promiscuous mode
[  245.061657][T12615] veth0_to_bond: left promiscuous mode
[  245.066807][T12615] veth0_to_bond: entered promiscuous mode
[  245.069555][T12615] bond2: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  245.078173][T12615] veth0_to_bond: left promiscuous mode
[  246.911480][T12640] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1166'.
[  246.914659][T12640] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1166'.
[  247.784560][ T5975] Bluetooth: hci2: command 0x0405 tx timeout
[  250.264308][ T6017] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  250.414317][ T6017] usb 8-1: Using ep0 maxpacket: 32
[  250.417241][ T6017] usb 8-1: config 0 has an invalid interface number: 12 but max is 0
[  250.419577][ T6017] usb 8-1: config 0 has no interface number 0
[  250.421325][ T6017] usb 8-1: config 0 interface 12 has no altsetting 0
[  250.425098][ T6017] usb 8-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  250.427679][ T6017] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.429955][ T6017] usb 8-1: Product: syz
[  250.431263][ T6017] usb 8-1: Manufacturer: syz
[  250.433105][ T6017] usb 8-1: SerialNumber: syz
[  250.438849][ T6017] usb 8-1: config 0 descriptor??
[  250.897638][ T6017] f81534 8-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  250.900375][ T6017] f81534 8-1:0.12: f81534_find_config_idx: read failed: -71
[  250.902999][ T6017] f81534 8-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  250.906179][ T6017] f81534 8-1:0.12: probe with driver f81534 failed with error -71
[  250.911988][ T6017] usb 8-1: USB disconnect, device number 4
[  253.488441][T12734] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  253.504164][T12734] tipc: Resetting bearer <eth:syzkaller0>
[  253.908807][T12753] ªªªªª»: renamed from hsr0
[  254.010645][   T41] audit: type=1326 audit(1758909665.431:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12756 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  254.017777][   T41] audit: type=1326 audit(1758909665.431:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12756 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  254.025364][   T41] audit: type=1326 audit(1758909665.431:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12756 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  254.034460][   T41] audit: type=1326 audit(1758909665.431:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12756 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  254.043239][   T41] audit: type=1326 audit(1758909665.431:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12756 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  254.053136][   T41] audit: type=1326 audit(1758909665.431:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12756 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=196 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  254.061464][   T41] audit: type=1326 audit(1758909665.431:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12756 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  254.062886][T12759] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  254.070455][   T41] audit: type=1326 audit(1758909665.431:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12756 comm="syz.2.1199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  254.923895][T12782] netlink: 'syz.3.1207': attribute type 16 has an invalid length.
[  254.928412][T12782] netlink: 'syz.3.1207': attribute type 17 has an invalid length.
[  254.970427][T12782] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.973719][T12782] 8021q: adding VLAN 0 to HW filter on device team0
[  254.983634][T12782] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  255.232333][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  257.493374][T12791] syz.2.1210 (12791) used greatest stack depth: 19608 bytes left
[  260.108674][T12849] vlan1: left promiscuous mode
[  260.110698][T12849] bond6: left promiscuous mode
[  260.112712][T12849] gretap2: left promiscuous mode
[  260.118935][T12849] vlan1: left allmulticast mode
[  260.120959][T12849] bond6: left allmulticast mode
[  260.123011][T12849] gretap2: left allmulticast mode
[  260.129879][T12849] wireguard0: left promiscuous mode
[  260.131834][T12849] wireguard0: left allmulticast mode
[  260.140494][T12849] veth15: left promiscuous mode
[  260.154608][T12852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1224'.
[  260.939545][T12868] netlink: 'syz.2.1227': attribute type 5 has an invalid length.
[  260.943194][T12868] netlink: 'syz.2.1227': attribute type 7 has an invalid length.
[  261.944098][T12881] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  262.149090][T12883] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  262.182791][T12883] kvm: pic: non byte read
[  262.187772][T12883] kvm: pic: level sensitive irq not supported
[  262.188083][T12883] kvm: pic: non byte read
[  262.196991][T12883] kvm: pic: level sensitive irq not supported
[  262.197636][T12883] kvm: pic: non byte read
[  262.202621][T12883] kvm: pic: level sensitive irq not supported
[  262.203281][T12883] kvm: pic: non byte read
[  262.209555][T12883] kvm: pic: level sensitive irq not supported
[  262.209893][T12883] kvm: pic: non byte read
[  262.217228][T12883] kvm: pic: level sensitive irq not supported
[  262.217518][T12883] kvm: pic: non byte read
[  263.336575][T12912] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1240'.
[  263.337204][T12914] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  263.363640][T12912] vlan0: entered allmulticast mode
[  263.368686][T12912] bridge0: entered allmulticast mode
[  263.370700][T12912] bridge1: port 1(vlan0) entered blocking state
[  263.373166][T12912] bridge1: port 1(vlan0) entered disabled state
[  263.377049][T12912] vlan0: entered promiscuous mode
[  263.379481][T12912] bridge0: entered promiscuous mode
[  264.730787][T12948] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  265.900920][ T6590] bridge_slave_1: left allmulticast mode
[  265.904475][ T6590] bridge_slave_1: left promiscuous mode
[  265.908394][ T6590] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.942608][ T6590] bridge_slave_0: left allmulticast mode
[  265.946216][ T6590] bridge_slave_0: left promiscuous mode
[  265.948202][ T6590] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.498879][ T5975] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  266.505789][ T5975] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  266.514645][ T5975] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  266.519265][ T5975] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  266.521965][ T5975] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  266.631441][ T6590] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  266.640244][ T6590] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  266.645058][ T6590] bond0 (unregistering): Released all slaves
[  266.652437][ T6590] bond1 (unregistering): Released all slaves
[  266.745668][ T6590] bond2 (unregistering): (slave veth5): Releasing active interface
[  266.763035][ T6590] bond2 (unregistering): (slave veth0_to_bond): Releasing active interface
[  266.769103][ T6590] bond2 (unregistering): Released all slaves
[  266.785597][T12982] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  266.824635][T12987] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1265'.
[  266.828399][T12977] lo speed is unknown, defaulting to 1000
[  266.829117][T12977] lo speed is unknown, defaulting to 1000
[  266.838346][T12987] macsec1: entered promiscuous mode
[  266.840336][T12987] bridge0: entered promiscuous mode
[  266.894116][ T6590] tipc: Left network mode
[  266.972264][T12977] chnl_net:caif_netlink_parms(): no params data found
[  267.159509][T12977] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.161853][T12977] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.164483][T12977] bridge_slave_0: entered allmulticast mode
[  267.167416][T12977] bridge_slave_0: entered promiscuous mode
[  267.170792][T12977] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.172986][T12977] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.175293][T12977] bridge_slave_1: entered allmulticast mode
[  267.177894][T12977] bridge_slave_1: entered promiscuous mode
[  267.201489][ T6590] hsr_slave_0: left promiscuous mode
[  267.203722][ T6590] hsr_slave_1: left promiscuous mode
[  267.205912][ T6590] batman_adv: batadv0: Removing interface: batadv_slave_0
[  267.217125][ T6590] batman_adv: batadv0: Removing interface: batadv_slave_1
[  268.191767][ T6590] team0 (unregistering): Port device team_slave_1 removed
[  268.267095][ T6590] team0 (unregistering): Port device team_slave_0 removed
[  268.584438][ T5975] Bluetooth: hci2: command tx timeout
[  268.855433][T12977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.860057][T12977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.894026][T12977] team0: Port device team_slave_0 added
[  268.906585][T12977] team0: Port device team_slave_1 added
[  268.960807][T12977] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.968231][T12977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.976335][T12977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.982695][T12977] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.986364][T12977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.997623][T12977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.072461][T12977] hsr_slave_0: entered promiscuous mode
[  269.075742][T12977] hsr_slave_1: entered promiscuous mode
[  269.217703][ T6590] IPVS: stop unused estimator thread 0...
[  269.229172][T12977] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  269.234769][T12977] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  269.238999][T12977] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  269.243146][T12977] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  269.304540][T12977] 8021q: adding VLAN 0 to HW filter on device bond0
[  269.322244][T12977] 8021q: adding VLAN 0 to HW filter on device team0
[  269.331965][ T6616] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.334434][ T6616] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.341573][ T6616] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.344175][ T6616] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.496893][T12977] 8021q: adding VLAN 0 to HW filter on device batadv0
[  269.706714][T12977] veth0_vlan: entered promiscuous mode
[  269.715766][T12977] veth1_vlan: entered promiscuous mode
[  269.737558][T12977] veth0_macvtap: entered promiscuous mode
[  269.741990][T12977] veth1_macvtap: entered promiscuous mode
[  269.752938][T12977] batman_adv: batadv0: Interface activated: batadv_slave_0
[  269.762043][T12977] batman_adv: batadv0: Interface activated: batadv_slave_1
[  269.768029][ T6614] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  269.770788][ T6614] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  269.773903][ T6614] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  269.777425][ T6614] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  269.820314][ T6590] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  269.822663][ T6590] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  269.836407][ T7461] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  269.839009][ T7461] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  270.074206][T13047] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  270.650348][T13059] bridge0: port 3(syz_tun) entered disabled state
[  270.664451][ T5975] Bluetooth: hci2: command tx timeout
[  270.693290][T13059] tipc: Resetting bearer <eth:syzkaller0>
[  270.728487][   T29] lo speed is unknown, defaulting to 1000
[  270.730658][   T29] syz0: Port: 1 Link DOWN
[  270.744605][ T6590] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  270.750079][ T6590] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  270.753404][ T6590] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  270.757825][ T6590] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  270.934339][ T6063] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  271.105303][ T6063] usb 6-1: Using ep0 maxpacket: 8
[  271.108463][ T6063] usb 6-1: unable to get BOS descriptor or descriptor too short
[  271.111646][ T6063] usb 6-1: config 4 interface 0 has no altsetting 0
[  271.126263][ T6063] usb 6-1: string descriptor 0 read error: -22
[  271.128289][ T6063] usb 6-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  271.131154][ T6063] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.140297][ T6063] usb 6-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  271.148398][ T6063] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  271.152936][ T6063] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  271.155635][ T6063] usb 6-1: media controller created
[  271.252756][ T6063] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  271.375688][ T6063] zl10353_read_register: readreg error (reg=127, ret==0)
[  271.486420][ T6063] usb 6-1: USB disconnect, device number 7
[  271.742792][T13082] netlink: 'syz.2.1282': attribute type 1 has an invalid length.
[  271.777826][T13082] bond7: (slave vxcan3): The slave device specified does not support setting the MAC address
[  271.782814][T13082] bond7: (slave vxcan3): Error -95 calling set_mac_address
[  271.825671][T13084] gretap1: entered promiscuous mode
[  271.829430][T13084] bond7: (slave gretap1): making interface the new active one
[  271.832597][T13084] bond7: (slave gretap1): Enslaving as an active interface with an up link
[  271.848835][T13084] macvlan0: entered promiscuous mode
[  271.850617][T13084] macvlan0: entered allmulticast mode
[  271.852745][T13084] bond7: entered promiscuous mode
[  271.855828][T13084] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  271.860058][T13084] bond7: (slave macvlan0): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  271.865032][T13084] bond7: left promiscuous mode
[  272.404589][ T5975] Bluetooth: hci2: Malformed LE Event: 0x0b
[  272.744354][ T5975] Bluetooth: hci2: command tx timeout
[  273.117634][T13102] mac80211_hwsim hwsim8 syzkaller0: left promiscuous mode
[  273.120303][T13102] mac80211_hwsim hwsim8 syzkaller0: left allmulticast mode
[  273.126502][T13102] bond4: left promiscuous mode
[  273.128287][T13102] wireguard0: left promiscuous mode
[  273.129956][T13102] wireguard0: left allmulticast mode
[  273.131871][T13102] geneve2: left promiscuous mode
[  273.262826][T13106] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1286'.
[  274.125366][T13121] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  274.228253][   T41] audit: type=1800 audit(1758909685.651:757): pid=13128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1293" name="file1" dev="tmpfs" ino=1796 res=0 errno=0
[  274.776816][T13132] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1295'.
[  274.786413][T13132] macsec1: entered promiscuous mode
[  274.788600][T13132] bridge0: entered promiscuous mode
[  274.824464][ T5975] Bluetooth: hci2: command tx timeout
[  275.185580][T13138] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.188559][T13138] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.383056][T13138] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.400097][T13138] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  275.637947][ T6590] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.640944][ T6590] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.657022][ T6590] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.660926][ T6590] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  276.077142][T13160] netlink: 'gtp': attribute type 4 has an invalid length.
[  276.737709][T13166] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1305'.
[  276.746094][T13166] macsec1: entered promiscuous mode
[  276.748052][T13166] bridge0: entered promiscuous mode
[  276.769089][T13166] usb usb8: usbfs: process 13166 (syz.4.1305) did not claim interface 0 before use
[  277.811222][T13183] bridge0: left promiscuous mode
[  278.364550][  T840] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  278.514317][  T840] usb 9-1: Using ep0 maxpacket: 8
[  278.518023][  T840] usb 9-1: unable to get BOS descriptor or descriptor too short
[  278.521731][  T840] usb 9-1: config 4 interface 0 has no altsetting 0
[  278.527261][  T840] usb 9-1: string descriptor 0 read error: -22
[  278.530107][  T840] usb 9-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  278.533208][  T840] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.539683][  T840] usb 9-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  278.544594][  T840] usb 9-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  278.548075][  T840] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  278.550333][  T840] usb 9-1: media controller created
[  278.558892][  T840] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  278.743393][  T840] zl10353_read_register: readreg error (reg=127, ret==0)
[  278.758336][  T840] usb 9-1: USB disconnect, device number 2
[  278.799923][T13195] netlink: 'syz.1.1313': attribute type 1 has an invalid length.
[  278.825574][T13195] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  278.829460][T13195] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  278.877398][T13197] macvlan0: entered promiscuous mode
[  278.879108][T13197] macvlan0: entered allmulticast mode
[  278.881190][T13197] bond5: entered promiscuous mode
[  278.883163][T13197] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  278.888920][T13197] bond5: left promiscuous mode
[  281.205143][   T41] audit: type=1326 audit(1758909692.631:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.0.1324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  281.215171][   T41] audit: type=1326 audit(1758909692.631:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.0.1324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  281.238392][   T41] audit: type=1326 audit(1758909692.641:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.0.1324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  281.255009][   T41] audit: type=1326 audit(1758909692.641:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.0.1324" exe="/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  281.272687][   T41] audit: type=1326 audit(1758909692.641:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.0.1324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  281.285521][   T41] audit: type=1326 audit(1758909692.641:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.0.1324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  281.293676][   T41] audit: type=1326 audit(1758909692.641:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.0.1324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  281.300541][   T41] audit: type=1326 audit(1758909692.651:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.0.1324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  281.307564][   T41] audit: type=1326 audit(1758909692.651:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.0.1324" exe="/syz-executor" sig=0 arch=40000003 syscall=94 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  281.317929][   T41] audit: type=1326 audit(1758909692.651:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13234 comm="syz.0.1324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  281.812666][ T6616] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  281.818177][ T6616] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  281.888076][ T5975] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  281.891790][ T5975] CPU: 3 UID: 0 PID: 5975 Comm: kworker/u33:2 Not tainted syzkaller #0 PREEMPT(full) 
[  281.891806][ T5975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  281.891814][ T5975] Workqueue: hci3 hci_rx_work
[  281.891835][ T5975] Call Trace:
[  281.891840][ T5975]  <TASK>
[  281.891844][ T5975]  dump_stack_lvl+0x16c/0x1f0
[  281.891863][ T5975]  sysfs_warn_dup+0x7f/0xa0
[  281.891877][ T5975]  sysfs_create_dir_ns+0x24b/0x2b0
[  281.891892][ T5975]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  281.891905][ T5975]  ? find_held_lock+0x2b/0x80
[  281.891920][ T5975]  ? do_raw_spin_unlock+0x172/0x230
[  281.891937][ T5975]  kobject_add_internal+0x2c4/0x9b0
[  281.891951][ T5975]  kobject_add+0x16e/0x240
[  281.891962][ T5975]  ? __pfx_kobject_add+0x10/0x10
[  281.891975][ T5975]  ? do_raw_spin_unlock+0x172/0x230
[  281.891992][ T5975]  ? kobject_put+0xab/0x5a0
[  281.892010][ T5975]  device_add+0x288/0x1aa0
[  281.892022][ T5975]  ? __pfx_dev_set_name+0x10/0x10
[  281.892035][ T5975]  ? __pfx_device_add+0x10/0x10
[  281.892047][ T5975]  ? mgmt_send_event_skb+0x2fb/0x460
[  281.892064][ T5975]  hci_conn_add_sysfs+0x17e/0x230
[  281.892080][ T5975]  le_conn_complete_evt+0x1260/0x2150
[  281.892097][ T5975]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  281.892110][ T5975]  ? hci_event_packet+0x459/0x11c0
[  281.892128][ T5975]  hci_le_conn_complete_evt+0x23c/0x370
[  281.892144][ T5975]  hci_le_meta_evt+0x357/0x5e0
[  281.892159][ T5975]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  281.892175][ T5975]  hci_event_packet+0x682/0x11c0
[  281.892188][ T5975]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  281.892204][ T5975]  ? __pfx_hci_event_packet+0x10/0x10
[  281.892218][ T5975]  ? kcov_remote_start+0x3c9/0x6d0
[  281.892234][ T5975]  ? lockdep_hardirqs_on+0x7c/0x110
[  281.892253][ T5975]  hci_rx_work+0x2c5/0x16b0
[  281.892268][ T5975]  ? rcu_is_watching+0x12/0xc0
[  281.892282][ T5975]  process_one_work+0x9cf/0x1b70
[  281.892305][ T5975]  ? __pfx_process_one_work+0x10/0x10
[  281.892325][ T5975]  ? assign_work+0x1a0/0x250
[  281.892343][ T5975]  worker_thread+0x6c8/0xf10
[  281.892356][ T5975]  ? __kthread_parkme+0x19e/0x250
[  281.892371][ T5975]  ? __pfx_worker_thread+0x10/0x10
[  281.892381][ T5975]  kthread+0x3c5/0x780
[  281.892396][ T5975]  ? __pfx_kthread+0x10/0x10
[  281.892413][ T5975]  ? rcu_is_watching+0x12/0xc0
[  281.892423][ T5975]  ? __pfx_kthread+0x10/0x10
[  281.892450][ T5975]  ret_from_fork+0x56d/0x730
[  281.892468][ T5975]  ? __pfx_kthread+0x10/0x10
[  281.892485][ T5975]  ret_from_fork_asm+0x1a/0x30
[  281.892506][ T5975]  </TASK>
[  281.892522][ T5975] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  281.996440][ T5975] Bluetooth: hci3: failed to register connection device
[  282.405871][T13255] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  282.415598][T13255] mac80211_hwsim hwsim8 syzkaller0: entered promiscuous mode
[  282.418875][T13255] mac80211_hwsim hwsim8 syzkaller0: entered allmulticast mode
[  282.426729][T13255] tipc: Resetting bearer <eth:syzkaller0>
[  284.302496][T13293] netlink: 'gtp': attribute type 4 has an invalid length.
[  284.448830][T13296] delete_channel: no stack
[  285.226476][T13319] netlink: 'syz.2.1348': attribute type 4 has an invalid length.
[  285.229778][T13319] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1348'.
[  286.943444][T13354] lo speed is unknown, defaulting to 1000
[  286.957746][T13354] lo speed is unknown, defaulting to 1000
[  287.059112][T13358] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1355'.
[  287.944513][   T29] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  288.094298][   T29] usb 6-1: Using ep0 maxpacket: 16
[  288.097222][   T29] usb 6-1: config 0 has an invalid interface number: 132 but max is 0
[  288.099892][   T29] usb 6-1: config 0 has no interface number 0
[  288.227225][   T29] usb 6-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  288.230770][   T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.233622][   T29] usb 6-1: Product: syz
[  288.235153][   T29] usb 6-1: Manufacturer: syz
[  288.236738][   T29] usb 6-1: SerialNumber: syz
[  288.240634][   T29] usb 6-1: config 0 descriptor??
[  288.244435][   T29] hub 6-1:0.132: bad descriptor, ignoring hub
[  288.246474][   T29] hub 6-1:0.132: probe with driver hub failed with error -5
[  288.251056][   T29] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.132/input/input8
[  289.618930][   T41] kauditd_printk_skb: 78 callbacks suppressed
[  289.618948][   T41] audit: type=1800 audit(1758909701.041:846): pid=13396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1365" name="nullb0" dev="tmpfs" ino=1334 res=0 errno=0
[  289.926770][T13398] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ûÌÌULÙ'
[  289.931161][T13398] CPU: 0 UID: 0 PID: 13398 Comm: syz.4.1364 Not tainted syzkaller #0 PREEMPT(full) 
[  289.931185][T13398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.931197][T13398] Call Trace:
[  289.931206][T13398]  <TASK>
[  289.931214][T13398]  dump_stack_lvl+0x16c/0x1f0
[  289.931249][T13398]  sysfs_warn_dup+0x7f/0xa0
[  289.931271][T13398]  sysfs_do_create_link_sd+0x124/0x140
[  289.931293][T13398]  sysfs_create_link+0x61/0xc0
[  289.931311][T13398]  device_add+0x62c/0x1aa0
[  289.931333][T13398]  ? __pfx_device_add+0x10/0x10
[  289.931353][T13398]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  289.931384][T13398]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  289.931416][T13398]  wiphy_register+0x1df4/0x29f0
[  289.931433][T13398]  ? netdev_run_todo+0x864/0x1320
[  289.931451][T13398]  ? __dev_printk+0x1d0/0x270
[  289.931482][T13398]  ? __pfx_wiphy_register+0x10/0x10
[  289.931507][T13398]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  289.931535][T13398]  ieee80211_register_hw+0x2546/0x4120
[  289.931577][T13398]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  289.931613][T13398]  ? find_held_lock+0x2b/0x80
[  289.931634][T13398]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  289.931664][T13398]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  289.931693][T13398]  ? __hrtimer_setup+0x176/0x280
[  289.931727][T13398]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  289.931766][T13398]  ? trace_kmalloc+0x2b/0xd0
[  289.931802][T13398]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  289.931830][T13398]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  289.931853][T13398]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  289.931878][T13398]  ? __asan_memcpy+0x3c/0x60
[  289.931904][T13398]  hwsim_new_radio_nl+0xb51/0x12c0
[  289.931932][T13398]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  289.931966][T13398]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  289.931991][T13398]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  289.932041][T13398]  genl_family_rcv_msg_doit+0x206/0x2f0
[  289.932065][T13398]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  289.932097][T13398]  ? bpf_lsm_capable+0x9/0x10
[  289.932118][T13398]  ? security_capable+0x7e/0x260
[  289.932142][T13398]  ? ns_capable+0xd7/0x110
[  289.932167][T13398]  genl_rcv_msg+0x55c/0x800
[  289.932192][T13398]  ? __pfx_genl_rcv_msg+0x10/0x10
[  289.932214][T13398]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  289.932240][T13398]  ? __lock_acquire+0x62e/0x1ce0
[  289.932272][T13398]  netlink_rcv_skb+0x155/0x420
[  289.932302][T13398]  ? __pfx_genl_rcv_msg+0x10/0x10
[  289.932325][T13398]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  289.932367][T13398]  ? netlink_deliver_tap+0x1ae/0xd30
[  289.932396][T13398]  ? is_vmalloc_addr+0x86/0xa0
[  289.932422][T13398]  genl_rcv+0x28/0x40
[  289.932440][T13398]  netlink_unicast+0x5aa/0x870
[  289.932475][T13398]  ? __pfx_netlink_unicast+0x10/0x10
[  289.932504][T13398]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  289.932541][T13398]  netlink_sendmsg+0x8d1/0xdd0
[  289.932576][T13398]  ? __pfx_netlink_sendmsg+0x10/0x10
[  289.932611][T13398]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  289.932640][T13398]  ____sys_sendmsg+0xa95/0xc70
[  289.932666][T13398]  ? __pfx_____sys_sendmsg+0x10/0x10
[  289.932687][T13398]  ? get_compat_msghdr+0x11a/0x170
[  289.932720][T13398]  ? __pfx_futex_wake_mark+0x10/0x10
[  289.932755][T13398]  ___sys_sendmsg+0x134/0x1d0
[  289.932793][T13398]  ? __pfx____sys_sendmsg+0x10/0x10
[  289.932839][T13398]  ? find_held_lock+0x2b/0x80
[  289.932880][T13398]  __sys_sendmsg+0x16d/0x220
[  289.932912][T13398]  ? __pfx___sys_sendmsg+0x10/0x10
[  289.932943][T13398]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  289.932985][T13398]  ? rcu_is_watching+0x12/0xc0
[  289.933012][T13398]  __do_fast_syscall_32+0x7c/0x300
[  289.933035][T13398]  do_fast_syscall_32+0x32/0x80
[  289.933053][T13398]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  289.933078][T13398] RIP: 0023:0xf7f98579
[  289.933094][T13398] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  289.933113][T13398] RSP: 002b:00000000f544455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  289.933133][T13398] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000040
[  289.933145][T13398] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  289.933156][T13398] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  289.933167][T13398] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  289.933179][T13398] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  289.933205][T13398]  </TASK>
[  290.828883][   T29] usb 6-1: USB disconnect, device number 8
[  291.359434][T13415] usb usb5: usbfs: process 13415 (syz.1.1370) did not claim interface 0 before use
[  291.633178][T13426] gretap1: left promiscuous mode
[  291.637490][T13426] bridge0: left promiscuous mode
[  291.639825][T13426] macsec1: left promiscuous mode
[  291.648892][T13427] netlink: 'syz.0.1371': attribute type 10 has an invalid length.
[  298.922565][ T5975] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11
[  298.925802][T13552] netlink: 'syz.1.1416': attribute type 1 has an invalid length.
[  301.670684][T13595] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  301.791012][T13599] netlink: 'syz.1.1421': attribute type 33 has an invalid length.
[  301.795652][T13599] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1421'.
[  301.806667][T13599] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1421'.
[  302.979435][T13628] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1428'.
[  304.281312][T13662] 9pnet_fd: Insufficient options for proto=fd
[  305.184594][T13671] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  305.758471][T13691] lo speed is unknown, defaulting to 1000
[  305.761053][T13691] lo speed is unknown, defaulting to 1000
[  306.271460][T13700] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  306.612823][   T29] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  306.789674][T13710] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1450'.
[  306.802666][   T29] usb 6-1: Using ep0 maxpacket: 8
[  306.807138][   T29] usb 6-1: config 0 interface 0 has no altsetting 0
[  306.811404][   T29] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  306.815770][   T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.821642][   T29] usb 6-1: config 0 descriptor??
[  307.237234][   T29] mcp2221 0003:04D8:00DD.0009: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  308.047154][   T29] usb 6-1: USB disconnect, device number 9
[  309.004216][   T41] audit: type=1800 audit(1758909976.421:847): pid=13753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1462" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  311.153804][T13796] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  311.206475][T13798] capability: warning: `’' uses 32-bit capabilities (legacy support in use)
[  311.419068][T13806] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1476'.
[  311.533761][T13806] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  311.547155][T13806] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  311.560696][T13806] bond0 (unregistering): Released all slaves
[  312.199633][T13822] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  312.823183][T13832] netlink: 'syz.2.1483': attribute type 3 has an invalid length.
[  312.826485][T13832] netlink: 'syz.2.1483': attribute type 1 has an invalid length.
[  312.830391][T13832] netlink: 193500 bytes leftover after parsing attributes in process `syz.2.1483'.
[  313.381983][T13851] netlink: 'syz.4.1486': attribute type 1 has an invalid length.
[  313.426936][T13854] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  313.456999][T13857] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  314.917604][T13885] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  315.143391][   T34] libceph: connect (1)[c::]:6789 error -101
[  315.146305][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  315.231313][T13891] ceph: No mds server is up or the cluster is laggy
[  315.349856][T13902] lo speed is unknown, defaulting to 1000
[  315.358388][T13902] lo speed is unknown, defaulting to 1000
[  316.716693][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  316.987329][T13930] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1510'.
[  317.045332][T13934] lo speed is unknown, defaulting to 1000
[  317.049306][T13934] lo speed is unknown, defaulting to 1000
[  317.411573][T13941] netlink: 'syz.4.1512': attribute type 13 has an invalid length.
[  317.990057][T13941] 8021q: adding VLAN 0 to HW filter on device bond0
[  317.993672][T13941] 8021q: adding VLAN 0 to HW filter on device team0
[  318.020422][T13941] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  318.469425][T13958] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1518'.
[  319.231461][T13966] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  319.331307][T13970] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  319.485072][T13975] loop8: detected capacity change from 0 to 7
[  319.529601][T13975] Dev loop8: unable to read RDB block 7
[  319.531592][T13975]  loop8: AHDI p1 p2 p3
[  319.532937][T13975] loop8: partition table partially beyond EOD, truncated
[  319.535234][T13975] loop8: p1 start 1601398130 is beyond EOD, truncated
[  319.538193][T13975] loop8: p2 start 1702059890 is beyond EOD, truncated
[  319.601718][T13981] Dev loop8: unable to read RDB block 7
[  319.603906][T13981]  loop8: AHDI p1 p2 p3
[  319.606795][T13981] loop8: partition table partially beyond EOD, truncated
[  319.612584][T13981] loop8: p1 start 1601398130 is beyond EOD, truncated
[  319.615427][T13981] loop8: p2 start 1702059890 is beyond EOD, truncated
[  319.819441][T13984] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1524'.
[  320.349327][T13987] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  321.027291][T14001] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  321.030048][T14001] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  321.045715][T14001] vhci_hcd vhci_hcd.0: Device attached
[  321.052945][T14010] vhci_hcd: connection closed
[  321.055437][ T6581] vhci_hcd: stop threads
[  321.059483][ T6581] vhci_hcd: release socket
[  321.061561][ T6581] vhci_hcd: disconnect device
[  322.585251][T14029] bridge0: port 1(erspan0) entered blocking state
[  322.588287][T14029] bridge0: port 1(erspan0) entered disabled state
[  322.591147][T14029] erspan0: entered allmulticast mode
[  322.595222][T14029] erspan0: entered promiscuous mode
[  322.752695][T14031] netlink: 'syz.2.1536': attribute type 3 has an invalid length.
[  323.095474][T14048] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1538'.
[  323.937205][T14063] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1546'.
[  324.129831][T14067] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  324.253951][ T6044] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  324.444329][ T6044] usb 9-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  324.448355][ T6044] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.451893][ T6044] usb 9-1: Product: syz
[  324.454210][ T6044] usb 9-1: Manufacturer: syz
[  324.456224][ T6044] usb 9-1: SerialNumber: syz
[  324.478082][T14075] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  325.077447][ T6044] rtl8150 9-1:1.0: couldn't reset the device
[  325.079769][ T6044] rtl8150 9-1:1.0: probe with driver rtl8150 failed with error -5
[  325.103974][ T6044] usb 9-1: USB disconnect, device number 3
[  325.742619][T14101] team0: Port device team_slave_0 removed
[  326.023244][T14109] 8021q: adding VLAN 0 to HW filter on device bond7
[  326.037573][T14109] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  326.043662][T14109] bond7: (slave macvlan0): Enslaving as a backup interface with an up link
[  326.050950][T14109] syz_tun: left promiscuous mode
[  326.052779][T14109] bridge0: port 3(syz_tun) entered disabled state
[  326.056926][T14109] bridge_slave_0: left allmulticast mode
[  326.058912][T14109] bridge_slave_0: left promiscuous mode
[  326.061033][T14109] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.066210][T14109] bridge_slave_1: left allmulticast mode
[  326.068062][T14109] bridge_slave_1: left promiscuous mode
[  326.069926][T14109] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.075000][T14109] bond0: (slave bond_slave_0): Releasing backup interface
[  326.080020][T14109] bond_slave_0: left promiscuous mode
[  326.085521][T14109] team0: Port device team_slave_0 removed
[  326.089717][T14109] team0: Port device team_slave_1 removed
[  326.092797][T14109] batman_adv: batadv0: Removing interface: batadv_slave_0
[  326.096813][T14109] batman_adv: batadv0: Removing interface: batadv_slave_1
[  326.100472][T14109] bond1: (slave ip6gretap1): Releasing active interface
[  326.102664][T14109] bond1: (slave ip6gretap1): the permanent HWaddr of slave - b2:8f:b3:1e:4e:47 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  326.110995][T14109] bond1: (slave veth3): Releasing active interface
[  326.116200][T14109] bond2: (slave gretap1): Releasing active interface
[  326.118744][T14109] gretap1: left allmulticast mode
[  326.123267][T14109] bond3: (slave bond4): Releasing active interface
[  326.124190][ T6581] bond7: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  326.131957][T14109] vlan0: left allmulticast mode
[  326.133987][T14109] bridge0: left allmulticast mode
[  326.136012][T14109] vlan0: left promiscuous mode
[  326.137902][T14109] bridge0: left promiscuous mode
[  326.140067][T14109] bridge1: port 1(vlan0) entered disabled state
[  326.146468][T14109] bond7: (slave macvlan0): Removing an active aggregator
[  326.149545][T14109] bond7: (slave macvlan0): Releasing backup interface
[  327.950643][T14150] lo speed is unknown, defaulting to 1000
[  327.962557][T14150] lo speed is unknown, defaulting to 1000
[  328.611991][T14158] tipc: Started in network mode
[  328.613810][T14158] tipc: Node identity 9e02d93293f2, cluster identity 4711
[  328.616875][T14158] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  328.620228][T14158] syzkaller0: entered promiscuous mode
[  328.622622][T14158] syzkaller0: entered allmulticast mode
[  328.641783][T14158] tipc: Resetting bearer <eth:syzkaller0>
[  328.644350][T14158] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  328.649355][T14158] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  328.677114][T14157] tipc: Resetting bearer <eth:syzkaller0>
[  328.696725][T14157] tipc: Disabling bearer <eth:syzkaller0>
[  328.930629][T14166] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  330.967908][T14180] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1577'.
[  334.970125][T14229] overlayfs: failed to clone upperpath
[  335.095234][T14235] loop8: detected capacity change from 0 to 7
[  335.099527][T14235] Dev loop8: unable to read RDB block 7
[  335.101719][T14235]  loop8: AHDI p1 p2 p3
[  335.103566][T14235] loop8: partition table partially beyond EOD, truncated
[  335.106683][T14235] loop8: p1 start 1601398130 is beyond EOD, truncated
[  335.109560][T14235] loop8: p2 start 1702059890 is beyond EOD, truncated
[  335.516790][T14235] Dev loop8: unable to read RDB block 7
[  335.519327][T14235]  loop8: AHDI p1 p2 p3
[  335.521125][T14235] loop8: partition table partially beyond EOD, truncated
[  335.524404][T14235] loop8: p1 start 1601398130 is beyond EOD, truncated
[  335.527419][T14235] loop8: p2 start 1702059890 is beyond EOD, truncated
[  335.950105][T14246] hsr_slave_0: left promiscuous mode
[  335.952546][T14246] hsr_slave_1: left promiscuous mode
[  335.998561][T14247] team0: Port device team_slave_0 removed
[  336.133384][T14249] netlink: 4400 bytes leftover after parsing attributes in process `syz.4.1594'.
[  336.649454][T14258] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  337.569662][T14278] lo speed is unknown, defaulting to 1000
[  337.573093][T14278] lo speed is unknown, defaulting to 1000
[  339.374924][T14308] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  339.379293][T14308] syzkaller0: entered promiscuous mode
[  339.381641][T14308] syzkaller0: entered allmulticast mode
[  339.393779][T14308] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  339.415429][T14308] tipc: Resetting bearer <eth:syzkaller0>
[  339.423902][T14306] tipc: Resetting bearer <eth:syzkaller0>
[  339.436923][T14306] tipc: Disabling bearer <eth:syzkaller0>
[  340.651626][T14328] syz.1.1630 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  340.687043][T14330] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  340.691336][T14330] syzkaller0: entered promiscuous mode
[  340.693841][T14330] syzkaller0: entered allmulticast mode
[  340.710033][T14330] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1623'.
[  340.716673][T14330] tipc: Resetting bearer <eth:syzkaller0>
[  340.722388][T14329] tipc: Resetting bearer <eth:syzkaller0>
[  340.736456][T14329] tipc: Disabling bearer <eth:syzkaller0>
[  345.000046][T14406] lo speed is unknown, defaulting to 1000
[  345.004640][T14406] lo speed is unknown, defaulting to 1000
[  345.810434][T14422] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  345.816281][T14422] syzkaller0: entered promiscuous mode
[  345.818725][T14422] syzkaller0: entered allmulticast mode
[  345.849170][T14422] tipc: Resetting bearer <eth:syzkaller0>
[  345.855637][T14421] tipc: Resetting bearer <eth:syzkaller0>
[  345.867293][T14421] tipc: Disabling bearer <eth:syzkaller0>
[  345.949008][T14424] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  345.951983][T14424] syzkaller0: entered promiscuous mode
[  345.955419][T14424] syzkaller0: entered allmulticast mode
[  345.963105][T14424] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  345.973135][T14424] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1648'.
[  345.981171][T14424] tipc: Resetting bearer <eth:syzkaller0>
[  345.985856][T14423] tipc: Resetting bearer <eth:syzkaller0>
[  345.996006][T14423] tipc: Disabling bearer <eth:syzkaller0>
[  346.542355][   T41] audit: type=1800 audit(1758910013.980:848): pid=14434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1654" name="bus" dev="ramfs" ino=39778 res=0 errno=0
[  347.715615][T14455] lo speed is unknown, defaulting to 1000
[  347.719389][T14455] lo speed is unknown, defaulting to 1000
[  347.881887][T14455] netlink: 'syz.0.1661': attribute type 13 has an invalid length.
[  347.893181][T14455] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  348.954317][   T41] audit: type=1326 audit(1758910016.401:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14471 comm="syz.4.1665" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  349.063817][   T41] audit: type=1326 audit(1758910016.401:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14471 comm="syz.4.1665" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  349.076936][   T41] audit: type=1326 audit(1758910016.511:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14471 comm="syz.4.1665" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  349.089200][   T41] audit: type=1326 audit(1758910016.511:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14471 comm="syz.4.1665" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  349.129503][   T41] audit: type=1326 audit(1758910016.511:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14471 comm="syz.4.1665" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  349.140149][   T41] audit: type=1326 audit(1758910016.541:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14471 comm="syz.4.1665" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  349.147430][   T41] audit: type=1326 audit(1758910016.541:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14471 comm="syz.4.1665" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  349.155834][   T41] audit: type=1326 audit(1758910016.541:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14471 comm="syz.4.1665" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  349.204771][T14478] 9pnet_virtio: no channels available for device syz
[  349.317223][   T41] audit: type=1326 audit(1758910016.701:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14471 comm="syz.4.1665" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000
[  351.142684][ T5975] Bluetooth: hci3: unexpected subevent 0x0c length: 1 < 5
[  351.487250][T14522] netlink: 'syz.2.1677': attribute type 4 has an invalid length.
[  353.309965][T14558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1688'.
[  353.372476][T14562] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  353.375779][T14562] syzkaller0: entered promiscuous mode
[  353.377554][T14562] syzkaller0: entered allmulticast mode
[  353.393569][T14562] tipc: Resetting bearer <eth:syzkaller0>
[  353.397461][T14560] tipc: Resetting bearer <eth:syzkaller0>
[  353.409554][T14560] tipc: Disabling bearer <eth:syzkaller0>
[  353.647145][T14568] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1692'.
[  353.751194][ T5975] Bluetooth: hci3: unexpected event for opcode 0x202d
[  357.143493][T14612] Bluetooth: MGMT ver 1.23
[  358.790751][   T41] audit: type=1326 audit(1758910026.246:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14633 comm="syz.1.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf705e579 code=0x7ffc0000
[  358.798492][   T41] audit: type=1326 audit(1758910026.246:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14633 comm="syz.1.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf705e5a7 code=0x7ffc0000
[  358.805173][   T41] audit: type=1326 audit(1758910026.246:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14633 comm="syz.1.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf705e579 code=0x7ffc0000
[  358.818611][   T41] audit: type=1326 audit(1758910026.246:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14633 comm="syz.1.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf705e5a7 code=0x7ffc0000
[  358.828599][   T41] audit: type=1326 audit(1758910026.246:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14633 comm="syz.1.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf705e579 code=0x7ffc0000
[  358.838680][   T41] audit: type=1326 audit(1758910026.246:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14633 comm="syz.1.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf705e5a7 code=0x7ffc0000
[  358.848106][   T41] audit: type=1326 audit(1758910026.246:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14633 comm="syz.1.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf705e579 code=0x7ffc0000
[  358.858591][   T41] audit: type=1326 audit(1758910026.246:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14633 comm="syz.1.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf705e5a7 code=0x7ffc0000
[  358.868545][   T41] audit: type=1326 audit(1758910026.246:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14633 comm="syz.1.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf705e579 code=0x7ffc0000
[  358.879620][   T41] audit: type=1326 audit(1758910026.246:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14633 comm="syz.1.1709" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf705e5a7 code=0x7ffc0000
[  359.196452][ T5975] Bluetooth: hci0: command 0x0406 tx timeout
[  359.671608][T14651] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  359.674473][T14651] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  359.750098][T14651] vhci_hcd vhci_hcd.0: Device attached
[  360.036161][   T29] usb 46-1: SetAddress Request (2) to port 0
[  360.039931][   T29] usb 46-1: new SuperSpeed USB device number 2 using vhci_hcd
[  360.705016][T14652] vhci_hcd: connection reset by peer
[  360.708716][   T90] vhci_hcd: stop threads
[  360.710598][   T90] vhci_hcd: release socket
[  360.714510][   T90] vhci_hcd: disconnect device
[  361.197071][ T5975] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  361.201027][ T5975] Bluetooth: hci2: Injecting HCI hardware error event
[  361.205761][ T5339] Bluetooth: hci2: hardware error 0x00
[  361.460412][T14675] No control pipe specified
[  361.463094][T14675] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1720'.
[  362.855775][T14698] netlink: 4400 bytes leftover after parsing attributes in process `syz.0.1725'.
[  362.860404][T14698] debugfs: 'Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç' already exists in 'ieee80211'
[  363.284575][ T5339] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  366.206849][   T29] usb 46-1: device descriptor read/8, error -110
[  366.691783][   T29] usb usb46-port1: attempt power cycle
[  367.285996][T14753] netlink: 'syz.4.1738': attribute type 10 has an invalid length.
[  367.291907][T14753] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  367.376769][T14758] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1740'.
[  367.379609][T14758] batman_adv: batadv0: Removing interface: batadv_slave_0
[  367.383112][T14758] batman_adv: batadv0: Removing interface: batadv_slave_1
[  367.430086][T14751] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  367.433295][   T29] usb usb46-port1: unable to enumerate USB device
[  367.603683][T14765] netlink: 4400 bytes leftover after parsing attributes in process `syz.2.1737'.
[  367.628240][T14765] debugfs: 'Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç' already exists in 'ieee80211'
[  368.406473][T14774] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1743'.
[  368.632128][T14789] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  368.634662][T14789] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  368.638060][T14789] vhci_hcd vhci_hcd.0: Device attached
[  368.911638][ T6063] usb 40-1: SetAddress Request (2) to port 0
[  368.913910][ T6063] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  369.229569][T14790] vhci_hcd: connection reset by peer
[  369.231581][   T90] vhci_hcd: stop threads
[  369.232964][   T90] vhci_hcd: release socket
[  369.234437][   T90] vhci_hcd: disconnect device
[  369.411784][T14795] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1747'.
[  370.055275][ T5339] Bluetooth: hci0: unexpected subevent 0x0c length: 1 < 5
[  370.297495][   T41] kauditd_printk_skb: 2446 callbacks suppressed
[  370.297513][   T41] audit: type=1800 audit(1758910037.751:3314): pid=14807 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1749" name="bus" dev="ramfs" ino=45279 res=0 errno=0
[  371.075910][T14822] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.1752'.
[  371.087364][T14822] debugfs: 'Ç`]Š•Iöq¯!¾>Ýsó³Îú*Š®!)\Ç' already exists in 'ieee80211'
[  371.363177][   T41] audit: type=1804 audit(1758910038.822:3315): pid=14829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1753" name="/newroot/107/bus" dev="tmpfs" ino=589 res=1 errno=0
[  372.972998][T14851] netlink: 'syz.1.1759': attribute type 10 has an invalid length.
[  372.989020][T14851] mac80211_hwsim hwsim8 syzkaller0: left promiscuous mode
[  372.993412][T14851] mac80211_hwsim hwsim8 syzkaller0: left allmulticast mode
[  372.999199][T14850] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  373.337153][T14847] orangefs_mount: mount request failed with -4
[  373.662087][ T5339] Bluetooth: hci1: unexpected subevent 0x0c length: 1 < 5
[  373.989796][ T6063] usb 40-1: device descriptor read/8, error -110
[  374.386944][ T6063] usb usb40-port1: attempt power cycle
[  375.069658][ T6063] usb usb40-port1: unable to enumerate USB device
[  375.491620][T14890] netlink: 240 bytes leftover after parsing attributes in process `syz.2.1768'.
[  378.072296][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  378.828335][   T41] audit: type=1800 audit(1758910046.296:3316): pid=14937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1781" name="bus" dev="ramfs" ino=42716 res=0 errno=0
[  378.989842][   T41] audit: type=1800 audit(1758910046.346:3317): pid=14939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1782" name="/" dev="9p" ino=1708457985 res=0 errno=0
[  380.209624][T14965] lo speed is unknown, defaulting to 1000
[  380.212970][T14965] lo speed is unknown, defaulting to 1000
[  381.301249][   T41] audit: type=1804 audit(1758910048.767:3318): pid=14985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1793" name="bus" dev="tmpfs" ino=2494 res=1 errno=0
[  381.617236][T14991] overlayfs: missing 'lowerdir'
[  383.194750][   T41] audit: type=1804 audit(1758910050.648:3319): pid=15016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1808" name="bus" dev="tmpfs" ino=2531 res=1 errno=0
[  383.550387][   T41] audit: type=1800 audit(1758910051.018:3320): pid=15017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1800" name="bus" dev="ramfs" ino=45471 res=0 errno=0
[  383.687560][T15023] netlink: 'syz.4.1802': attribute type 10 has an invalid length.
[  383.723127][T15022] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  384.280206][  T842] usb 6-1: new low-speed USB device number 10 using dummy_hcd
[  384.526002][  T842] usb 6-1: unable to get BOS descriptor or descriptor too short
[  384.529171][  T842] usb 6-1: unable to read config index 0 descriptor/start: -71
[  384.531794][  T842] usb 6-1: can't read configurations, error -71
[  387.340547][T15049] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1811'.
[  388.479376][   T41] audit: type=1804 audit(1758910055.921:3321): pid=15071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1815" name="/newroot/458/bus" dev="tmpfs" ino=2415 res=1 errno=0
[  389.102195][T15063] orangefs_mount: mount request failed with -4
[  389.890528][T15081] overlayfs: missing 'lowerdir'
[  390.487242][T15088] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  390.490290][T15088] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  390.519817][T15088] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  390.526678][T15088] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  390.533462][T15088] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  390.535643][T15088] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  390.540948][T15088] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  391.860097][  T840] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  392.022678][  T840] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 64, changing to 10
[  392.027719][  T840] usb 6-1: New USB device found, idVendor=0c70, idProduct=f011, bcdDevice= 0.00
[  392.040419][  T840] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  392.046321][  T840] usb 6-1: config 0 descriptor??
[  392.461965][  T840] usbhid 6-1:0.0: can't add hid device: -71
[  392.464217][  T840] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  392.467620][  T840] usb 6-1: USB disconnect, device number 12
[  392.539843][ T5339] Bluetooth: hci0: command 0x0c1a tx timeout
[  392.542572][ T5339] Bluetooth: hci3: command 0x0406 tx timeout
[  392.544797][ T5339] Bluetooth: hci1: command 0x0c1a tx timeout
[  393.117133][   T41] audit: type=1804 audit(1758910060.583:3322): pid=15128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1829" name="/newroot/462/bus" dev="tmpfs" ino=2439 res=1 errno=0
[  394.618761][ T5975] Bluetooth: hci1: command 0x0c1a tx timeout
[  394.618809][ T5339] Bluetooth: hci3: command 0x0406 tx timeout
[  394.619437][   T63] Bluetooth: hci0: command 0x0c1a tx timeout
[  394.890462][   T41] audit: type=1804 audit(1758910062.364:3323): pid=15157 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1846" name="/newroot/463/bus" dev="tmpfs" ino=2445 res=1 errno=0
[  396.015209][T15166] netlink: 'syz.1.1840': attribute type 1 has an invalid length.
[  396.071116][T15166] bond8: entered promiscuous mode
[  396.080864][T15166] 8021q: adding VLAN 0 to HW filter on device bond8
[  396.100968][T15170] 8021q: adding VLAN 0 to HW filter on device bond8
[  396.103593][T15170] bond8: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  396.109949][T15170] bond8: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  396.115416][T15170] bond8: (slave ip6gre1): making interface the new active one
[  396.118397][T15170] ip6gre1: entered promiscuous mode
[  396.121561][T15170] bond8: (slave ip6gre1): Enslaving as an active interface with an up link
[  396.698096][ T5339] Bluetooth: hci3: command 0x0406 tx timeout
[  397.092355][   T41] audit: type=1800 audit(1758910064.475:3324): pid=15352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1842" name="bus" dev="ramfs" ino=43924 res=0 errno=0
[  397.362548][T15359] lo speed is unknown, defaulting to 1000
[  397.365895][T15359] lo speed is unknown, defaulting to 1000
[  399.312761][T15397] netlink: 'syz.2.1855': attribute type 1 has an invalid length.
[  399.386996][T15397] bond0: entered promiscuous mode
[  399.390339][T15397] 8021q: adding VLAN 0 to HW filter on device bond0
[  399.427437][T15397] 8021q: adding VLAN 0 to HW filter on device bond0
[  399.429780][T15397] bond0: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  399.432936][T15397] bond0: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  399.437289][T15397] bond0: (slave ip6gre1): making interface the new active one
[  399.439908][T15397] ip6gre1: entered promiscuous mode
[  399.442577][T15397] bond0: (slave ip6gre1): Enslaving as an active interface with an up link
[  403.455269][T15464] erspan0: left allmulticast mode
[  403.457194][T15464] erspan0: left promiscuous mode
[  403.459130][T15464] bridge0: port 1(erspan0) entered disabled state
[  403.480914][T15464] bond6: (slave veth0_to_bond): Releasing active interface
[  403.487355][T15464] team0: Port device team_slave_1 removed
[  403.491168][T15464] batman_adv: batadv0: Removing interface: batadv_slave_0
[  403.497710][T15464] batman_adv: batadv0: Removing interface: batadv_slave_1
[  403.507779][T15464] bond1: (slave geneve2): Releasing active interface
[  403.518369][T15464] bond3: (slave bond4): Releasing active interface
[  403.527085][T15464] bond6: (slave veth7): Releasing active interface
[  403.532107][T15464] bond7: (slave gretap1): Releasing active interface
[  403.546729][T15464] bond0: (slave ip6gre1): Releasing backup interface
[  403.549278][T15464] ip6gre1: left promiscuous mode
[  403.616232][T15465] team0: Mode changed to "random"
[  403.666306][T15464] tipc: Enabled bearer <eth:team0>, priority 0
[  404.434727][T15483] overlayfs: missing 'lowerdir'
[  405.041479][T15502] 9pnet_fd: Insufficient options for proto=fd
[  405.664798][T15509] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1883'.
[  407.077850][T15539] No buffer was provided with the request
[  407.543651][   T41] audit: type=1800 audit(1758910075.020:3325): pid=15543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1892" name="bus" dev="ramfs" ino=46305 res=0 errno=0
[  409.179422][T15565] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  409.189772][T15565] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  409.201729][T15565] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  410.326821][T15577] netlink: 'syz.1.1908': attribute type 4 has an invalid length.
[  410.395727][T15578] 8021q: adding VLAN 0 to HW filter on device bond0
[  410.400491][T15578] 8021q: adding VLAN 0 to HW filter on device team0
[  410.407892][T15578] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  410.770753][ T5975] Bluetooth: hci0: command 0x0c1a tx timeout
[  410.774920][ T5339] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  411.250840][ T5339] Bluetooth: hci3: command 0x0406 tx timeout
[  411.250852][ T5975] Bluetooth: hci1: command 0x0c1a tx timeout
[  411.793385][T15599] input: syz1 as /devices/virtual/input/input10
[  411.807029][T15599] gtp0: entered promiscuous mode
[  411.821711][T15595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1913'.
[  412.119019][T15604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1914'.
[  412.811822][T15613] netlink: 'syz.4.1918': attribute type 10 has an invalid length.
[  412.815416][T15613] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1918'.
[  412.822983][T15613] team0: Port device geneve0 added
[  412.826218][ T6578] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  412.829962][ T6578] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  412.833184][ T6578] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  412.836830][ T6578] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  412.856697][ T5339] Bluetooth: hci0: command 0x0c1a tx timeout
[  413.543778][T15625] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1909'.
[  413.552933][T15625] gretap0: entered promiscuous mode
[  413.555919][T15625] macsec2: entered promiscuous mode
[  413.558207][T15625] macsec2: entered allmulticast mode
[  413.560488][T15625] gretap0: entered allmulticast mode
[  413.564988][T15625] gretap0: left allmulticast mode
[  413.567341][T15625] gretap0: left promiscuous mode
[  415.302532][   T41] audit: type=1326 audit(1758910082.784:3326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15664 comm="syz.0.1925" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f17579 code=0x0
[  417.411857][T15699] tipc: Enabled bearer <udp:syz2>, priority 10
[  417.431796][T15699] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  417.445889][T15699] tipc: Enabled bearer <udp:syz0>, priority 10
[  418.468078][ T6063] tipc: Node number set to 233888050
[  419.744006][T15738] netlink: 'syz.4.1944': attribute type 5 has an invalid length.
[  419.753565][T15738] netlink: 'syz.4.1944': attribute type 1 has an invalid length.
[  419.756384][T15738] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1944'.
[  419.936664][T15740] lo speed is unknown, defaulting to 1000
[  419.939666][T15740] lo speed is unknown, defaulting to 1000
[  421.429300][T15768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1953'.
[  421.437819][T15768] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1953'.
[  421.549454][T15768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1953'.
[  422.935068][T15803] netlink: zone id is out of range
[  422.937232][T15803] netlink: zone id is out of range
[  422.939453][T15803] netlink: zone id is out of range
[  422.941533][T15803] netlink: zone id is out of range
[  422.943875][T15803] netlink: zone id is out of range
[  422.949249][T15803] netlink: zone id is out of range
[  422.951505][T15803] netlink: zone id is out of range
[  422.953549][T15803] netlink: zone id is out of range
[  422.957472][T15803] netlink: zone id is out of range
[  422.959472][T15803] netlink: zone id is out of range
[  424.960920][T15822] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  424.963914][T15822] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  424.970803][T15822] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  426.211774][ T5339] Bluetooth: hci0: unexpected event for opcode 0x2029
[  426.258046][   T41] audit: type=1326 audit(1758910093.739:3327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15849 comm="syz.0.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  426.272952][   T41] audit: type=1326 audit(1758910093.739:3328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15849 comm="syz.0.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  426.279759][   T41] audit: type=1326 audit(1758910093.739:3329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15849 comm="syz.0.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  426.298337][   T41] audit: type=1326 audit(1758910093.739:3330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15849 comm="syz.0.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  426.308532][   T41] audit: type=1326 audit(1758910093.739:3331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15849 comm="syz.0.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  426.321825][   T41] audit: type=1326 audit(1758910093.739:3332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15849 comm="syz.0.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  426.329952][   T41] audit: type=1326 audit(1758910093.739:3333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15849 comm="syz.0.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  426.339440][   T41] audit: type=1326 audit(1758910093.739:3334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15849 comm="syz.0.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  426.347930][   T41] audit: type=1326 audit(1758910093.739:3335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15849 comm="syz.0.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=340 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  426.357438][   T41] audit: type=1326 audit(1758910093.739:3336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15849 comm="syz.0.1975" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[  427.013051][ T5339] Bluetooth: hci3: command 0x0406 tx timeout
[  427.013060][ T5975] Bluetooth: hci1: command 0x0c1a tx timeout
[  427.257729][ T6043] IPVS: starting estimator thread 0...
[  427.342429][T15872] IPVS: using max 42 ests per chain, 100800 per kthread
[  428.009230][ T5339] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  428.049312][T15890] netlink: 'syz.0.1985': attribute type 1 has an invalid length.
[  428.085158][T15892] net_ratelimit: 165 callbacks suppressed
[  428.085185][T15892] openvswitch: netlink: Missing valid actions attribute.
[  428.090345][T15892] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  428.150498][T15890] bond11: (slave ip6gretap2): Enslaving as a backup interface with an up link
[  428.195826][ T6605] bond11: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  428.223402][T15890] 8021q: adding VLAN 0 to HW filter on device bond11
[  428.317756][T15890] veth19: entered promiscuous mode
[  428.321878][ T6605] bond11: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  428.363987][T15890] bond11: (slave veth19): Enslaving as a backup interface with a down link
[  429.862735][T15926] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1996'.
[  429.881083][  T840] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  430.030966][  T840] usb 9-1: Using ep0 maxpacket: 32
[  430.036117][  T840] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  430.044356][  T840] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  430.049876][  T840] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  430.055688][  T840] usb 9-1: Product: syz
[  430.058737][  T840] usb 9-1: Manufacturer: syz
[  430.062718][  T840] usb 9-1: SerialNumber: syz
[  430.069047][  T840] usb 9-1: config 0 descriptor??
[  430.075635][T15924] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  430.292592][ T5339] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  430.295751][ T5339] Bluetooth: hci0: Injecting HCI hardware error event
[  430.299300][ T5339] Bluetooth: hci0: hardware error 0x00
[  430.315123][T15933] overlayfs: missing 'lowerdir'
[  430.398865][T15935] sctp: [Deprecated]: syz.2.1999 (pid 15935) Use of struct sctp_assoc_value in delayed_ack socket option.
[  430.398865][T15935] Use struct sctp_sack_info instead
[  430.508827][T15940] tipc: Enabling of bearer <eth:syzkaller0> rejected, max 3 bearers permitted
[  430.514503][ T6063] usb 9-1: USB disconnect, device number 4
[  431.193152][T15951] gtp0: entered promiscuous mode
[  431.298698][T15955] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  431.302877][T15955] mac80211_hwsim hwsim14 syzkaller0: entered promiscuous mode
[  431.306156][T15955] mac80211_hwsim hwsim14 syzkaller0: entered allmulticast mode
[  431.321922][T15955] tipc: Resetting bearer <eth:syzkaller0>
[  431.502199][T15961] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2008'.
[  432.360440][ T5339] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  433.481539][T15993] IPVS: length: 139 != 8
[  433.527001][T15989] lo speed is unknown, defaulting to 1000
[  433.529670][T15989] lo speed is unknown, defaulting to 1000
[  433.638886][T16005] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2020'.
[  433.734359][T16008] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2020'.
[  433.737285][T15991] batman_adv: batadv0: Adding interface: gretap2
[  433.739311][T15991] batman_adv: batadv0: The MTU of interface gretap2 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  433.747388][T15991] batman_adv: batadv0: Interface activated: gretap2
[  434.791262][T16030] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2026'.
[  436.635985][T16054] netlink: zone id is out of range
[  436.644857][T16054] netlink: zone id is out of range
[  436.646936][T16054] netlink: zone id is out of range
[  436.649749][T16054] netlink: zone id is out of range
[  436.666830][T16054] netlink: set zone limit has 4 unknown bytes
[  436.721605][T16054] netlink: del zone limit has 4 unknown bytes
[  439.706366][ T6560] ------------[ cut here ]------------
[  439.708578][ T6560] WARNING: CPU: 3 PID: 6560 at io_uring/io_uring.c:2980 io_ring_exit_work+0x3fc/0x10f0
[  439.711553][ T6560] Modules linked in:
[  439.715231][ T6560] CPU: 3 UID: 0 PID: 6560 Comm: kworker/u32:14 Not tainted syzkaller #0 PREEMPT(full) 
[  439.720321][ T6560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  439.724285][ T6560] Workqueue: iou_exit io_ring_exit_work
[  439.726501][ T6560] RIP: 0010:io_ring_exit_work+0x3fc/0x10f0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  439.729597][ T6560] Code: 0f 85 0a 0b 00 00 48 8b 05 a1 64 4b 09 4c 8b 74 24 68 31 ff 49 29 c6 4c 89 f6 e8 5f 59 e5 fc 4d 85 f6 79 12 e8 e5 5d e5 fc 90 <0f> 0b 90 48 c7 44 24 60 70 17 00 00 e8 d3 5d e5 fc 48 8b 74 24 60
[  439.737920][ T6560] RSP: 0018:ffffc900069a7a90 EFLAGS: 00010293
[  439.740404][ T6560] RAX: 0000000000000000 RBX: ffff88806e2346c8 RCX: ffffffff84d5ad71
[  439.743688][ T6560] RDX: ffff88802351c880 RSI: ffffffff84d5ad7b RDI: 0000000000000007
[  439.747514][ T6560] RBP: ffffc900069a7c50 R08: 0000000000000007 R09: 0000000000000000
[  439.750815][ T6560] R10: fffffffffffffffb R11: 0000000000000000 R12: ffff88806e234000
[  439.754030][ T6560] R13: dffffc0000000000 R14: fffffffffffffffb R15: ffff88806e234040
[  439.757597][ T6560] FS:  0000000000000000(0000) GS:ffff8880977b9000(0000) knlGS:0000000000000000
[  439.761220][ T6560] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  439.763640][ T6560] CR2: 00000000f53c3dc0 CR3: 0000000054ee7000 CR4: 0000000000352ef0
[  439.766290][ T6560] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  439.769245][ T6560] DR3: 00000000fee0000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  439.771884][ T6560] Call Trace:
[  439.773064][ T6560]  <TASK>
[  439.774077][ T6560]  ? do_raw_spin_lock+0x12c/0x2b0
[  439.775796][ T6560]  ? __pfx_io_ring_exit_work+0x10/0x10
[  439.778237][ T6560]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  439.780366][ T6560]  ? debug_object_deactivate+0x1ec/0x3a0
[  439.782255][ T6560]  ? rcu_is_watching+0x12/0xc0
[  439.783772][ T6560]  process_one_work+0x9cf/0x1b70
[  439.786255][ T6560]  ? __pfx_process_one_work+0x10/0x10
[  439.788809][ T6560]  ? assign_work+0x1a0/0x250
[  439.790872][ T6560]  worker_thread+0x6c8/0xf10
[  439.792361][ T6560]  ? __pfx_worker_thread+0x10/0x10
[  439.793981][ T6560]  kthread+0x3c5/0x780
[  439.795401][ T6560]  ? __pfx_kthread+0x10/0x10
[  439.797135][ T6560]  ? rcu_is_watching+0x12/0xc0
[  439.798897][ T6560]  ? __pfx_kthread+0x10/0x10
[  439.800906][ T6560]  ret_from_fork+0x56d/0x730
[  439.802461][ T6560]  ? __pfx_kthread+0x10/0x10
[  439.804006][ T6560]  ret_from_fork_asm+0x1a/0x30
[  439.805575][ T6560]  </TASK>
[  439.806601][ T6560] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  439.808933][ T6560] CPU: 3 UID: 0 PID: 6560 Comm: kworker/u32:14 Not tainted syzkaller #0 PREEMPT(full) 
[  439.812209][ T6560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  439.815583][ T6560] Workqueue: iou_exit io_ring_exit_work
[  439.817358][ T6560] Call Trace:
[  439.818409][ T6560]  <TASK>
[  439.819383][ T6560]  dump_stack_lvl+0x3d/0x1f0
[  439.820975][ T6560]  vpanic+0x6e8/0x7a0
[  439.822306][ T6560]  ? __pfx_vpanic+0x10/0x10
[  439.823782][ T6560]  ? io_ring_exit_work+0x3fc/0x10f0
[  439.825482][ T6560]  panic+0xca/0xd0
[  439.826765][ T6560]  ? __pfx_panic+0x10/0x10
[  439.828235][ T6560]  ? check_panic_on_warn+0x1f/0xb0
[  439.829948][ T6560]  check_panic_on_warn+0xab/0xb0
[  439.831603][ T6560]  __warn+0xf6/0x3c0
[  439.832899][ T6560]  ? io_ring_exit_work+0x3fc/0x10f0
[  439.834624][ T6560]  report_bug+0x3c3/0x580
[  439.835994][ T6560]  ? io_ring_exit_work+0x3fc/0x10f0
[  439.837626][ T6560]  handle_bug+0x184/0x210
[  439.838978][ T6560]  exc_invalid_op+0x17/0x50
[  439.840398][ T6560]  asm_exc_invalid_op+0x1a/0x20
[  439.842023][ T6560] RIP: 0010:io_ring_exit_work+0x3fc/0x10f0
[  439.843848][ T6560] Code: 0f 85 0a 0b 00 00 48 8b 05 a1 64 4b 09 4c 8b 74 24 68 31 ff 49 29 c6 4c 89 f6 e8 5f 59 e5 fc 4d 85 f6 79 12 e8 e5 5d e5 fc 90 <0f> 0b 90 48 c7 44 24 60 70 17 00 00 e8 d3 5d e5 fc 48 8b 74 24 60
[  439.849778][ T6560] RSP: 0018:ffffc900069a7a90 EFLAGS: 00010293
[  439.851800][ T6560] RAX: 0000000000000000 RBX: ffff88806e2346c8 RCX: ffffffff84d5ad71
[  439.854875][ T6560] RDX: ffff88802351c880 RSI: ffffffff84d5ad7b RDI: 0000000000000007
[  439.857560][ T6560] RBP: ffffc900069a7c50 R08: 0000000000000007 R09: 0000000000000000
[  439.859862][ T6560] R10: fffffffffffffffb R11: 0000000000000000 R12: ffff88806e234000
[  439.862319][ T6560] R13: dffffc0000000000 R14: fffffffffffffffb R15: ffff88806e234040
[  439.864789][ T6560]  ? io_ring_exit_work+0x3f1/0x10f0
[  439.866556][ T6560]  ? io_ring_exit_work+0x3fb/0x10f0
[  439.868176][ T6560]  ? do_raw_spin_lock+0x12c/0x2b0
[  439.869753][ T6560]  ? __pfx_io_ring_exit_work+0x10/0x10
[  439.871448][ T6560]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  439.873367][ T6560]  ? debug_object_deactivate+0x1ec/0x3a0
[  439.875205][ T6560]  ? rcu_is_watching+0x12/0xc0
[  439.876864][ T6560]  process_one_work+0x9cf/0x1b70
[  439.878428][ T6560]  ? __pfx_process_one_work+0x10/0x10
[  439.880148][ T6560]  ? assign_work+0x1a0/0x250
[  439.881627][ T6560]  worker_thread+0x6c8/0xf10
[  439.883082][ T6560]  ? __pfx_worker_thread+0x10/0x10
[  439.884770][ T6560]  kthread+0x3c5/0x780
[  439.886141][ T6560]  ? __pfx_kthread+0x10/0x10
[  439.887823][ T6560]  ? rcu_is_watching+0x12/0xc0
[  439.889482][ T6560]  ? __pfx_kthread+0x10/0x10
[  439.891042][ T6560]  ret_from_fork+0x56d/0x730
[  439.892508][ T6560]  ? __pfx_kthread+0x10/0x10
[  439.893959][ T6560]  ret_from_fork_asm+0x1a/0x30
[  439.895662][ T6560]  </TASK>
[  439.897323][ T6560] Kernel Offset: disabled
[  439.898772][ T6560] Rebooting in 86400 seconds..

VM DIAGNOSIS:
17:59:55  Registers:
info registers vcpu 0

CPU#0
RAX=0000000080000000 RBX=0000000000000000 RCX=0000000000000001 RDX=0000000000000000
RSI=ffffffff8df42ddf RDI=ffffffff8c163800 RBP=ffffffff8e5c1360 RSP=ffffc9000fcffb90
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff888027f98000 R13=ffff888027f98af0 R14=00000000ffffffff R15=0000000000000000
RIP=ffffffff8b91e2dd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880974b9000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000807c7018 CR3=0000000071c3a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000d40ed5 RBX=0000000000000001 RCX=ffffffff8b91db29 RDX=0000000000000000
RSI=ffffffff8de4f73a RDI=ffffffff8c163800 RBP=ffffed1003bdf488 RSP=ffffc9000046fdf8
R8 =0000000000000001 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000000
R12=0000000000000001 R13=ffff88801defa440 R14=ffffffff90abad90 R15=0000000000000000
RIP=ffffffff8b91c66f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880975b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000008003d000 CR3=000000006d753000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000010b6fe0a12e RBX=ffff88802b423a00 RCX=00000000000006e0 RDX=000000000000010b
RSI=ffff88802b423a00 RDI=0000000000302d70 RBP=0000000000302d70 RSP=ffffc90000538ec8
R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000000
R12=0000000000000000 R13=0000000000000000 R14=0000000000000019 R15=ffff88802b427c80
RIP=ffffffff81680db5 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880976b9000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000558389d83000 CR3=0000000054ee7000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000049 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8561e9d5 RDI=ffffffff9b103780 RBP=ffffffff9b103740 RSP=ffffc900069a7400
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000049 R14=ffffffff9b103740 R15=ffffffff8561e970
RIP=ffffffff8561e9ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977b9000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f53c3dc0 CR3=0000000054ee7000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000fee0000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1922def1770bc0aa 0323f8bc5e1e28a9
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1e49b176b2b35a37 525a33702a30f175
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f4a5fea972ab5c83 242b57ef04304f16
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c34b8412e1a3bd7 7ddd7f9e36e54c63
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000006240
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00010b5980010000 17adbe0080010000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00010b6e00010b6e 00010b6e80010000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 07858e0000010b6e 8001000004f1d600
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00010b6e32cf3600 2fb52a0055d12629
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 262ce681f8fb3b43 ff9577ded419d91c
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8708973e5c70aa94 f9fcfcff7fa0d09f
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000