last executing test programs:

12.040734325s ago: executing program 3 (id=1336):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000800)={0xf7b, 0x1f, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0x9, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000240)={0x2, 0x5, 0x40003})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000200)={0x30000, 0x1, 0x7})
close_range(r0, 0xffffffffffffffff, 0x0)

11.638543517s ago: executing program 3 (id=1337):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
execve(0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ip6_tables_matches\x00')
pread64(r3, &(0x7f0000000480)=""/177, 0xb1, 0xa6)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000300), 0x105}, 0x38)

7.92194065s ago: executing program 2 (id=1342):
kexec_load(0x3, 0x7, &(0x7f00000005c0)=[{&(0x7f0000000000)="6509534a17aa723cba21a9d63c6a556b30b910a580cb50d65e9fab1ed59a7eb00a7109e4a355bed417bce60d6a5baab4bbecc5b2faaf2eba28c331345b612f1f4cbfdfa7bcb9bd2a0fbc8d7786bb68cff61167b98ef0adfbb79545bbb2c409be3adb3b54846920f1b194db5258279e8d06b863d51c0f90cd79ecb1f5ed3c44eb6353c0b451fe3f9b118422addd3f936d8cd5562d6ce55bf378ee8c0d0fc56a4a866c499b04ef61edca4fc06d78b964868e16d82c97be81055b072720c06a8b8b3daad5131e84447a4809d131ce0927ee8ec587e37e0f2df3499327f170b861", 0xdf, 0x5, 0xff}, {&(0x7f0000000100)="047715ac7141c111fab2fcda5de4dc8b278029bcb1bd17524f177856cac105f463c77e2d2ab44d875217dc82baa911f236f959fb9227524d4fe6b621a19823457d04c399283edbac755852623c82f7206d26e918a2981c8f68476969bf8c4bcd37ba24e4ba1683339879a11b854a7478f898805f327af12eaab8ac918c201b7f932e124796f1aba03e031312bd7e67403651abac282b310f420dbcdea31d52854783d6952a2a7b10f3e45715203107f8ce516d99c8c7db918e0989ef123cc524fa8ae0af5c952de542a268179439f62e20fb410df0a4c2e54ec355436d7cf9989fa7b13df2f67b414330e5cff90a", 0xee, 0x5, 0xffffffff}, {&(0x7f0000000200)="d8f3aabb28de3faf55566e010b6ef42f8002b91bf54d78caa3135bc4a5d30a8fd06d1e70130a8d2b505e9abe3aef1de2219df6f5f695131fe4fc01630cb77519", 0x40, 0x5, 0x4}, {&(0x7f0000000340)="8c4e55be8948c65379def4df90ce301f71e7d4e4921490b3aacd4082ccf6531bb82dbd4d13dbfbeb16dd11b3c041c780b7caed488a35c2a00906fbd0e2fa", 0x3e, 0x100, 0x9}, {0x0, 0x0, 0x7, 0x2}, {0x0, 0x0, 0x2, 0xfffffffffffffffa}, {&(0x7f00000004c0)="fd7cd1d51fb9987e67d12dded82fd30b5e7675f10da30291367bede16a4fe296961baf3caee5bd5c0d76b25c3de77c56ddefc936fa712ec3d7e51f4b16e682d3ee59b2abf6c05927c1edb91d54f66cf99928f710cf98acec87a3d75a6388bab3c5a1474d29cae1f0fd92cde6f444bf490f27f37e198aa55b403df846ce1732f7cf4c12d92aece1289b4b10b7d84532a07762548e3f3915b6575e8ef8130395476b9a721a7668c608c4d2f70aee2be4ae96ff0e5925b138fec99f91f19d8618037fe2842d248c8d44f425e54da4a668059f5124222cb4955f073d318b2f0dcecec611448d4ec0fd6b9bd0eac6bea1", 0xee, 0x5, 0x6}], 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{0x0}, {0x0}, {0x0}], 0x3}, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)="4274aa814c8f6ea8d8db43", 0xb}, {&(0x7f0000000280)="da3b7d7035cdbd35bccc23a2f8164fe26ad17c1668bf60cc412d60d7b02fe70f0d4c385a653d469c0888c116c5e9393ca029e477", 0x34}, {0x0}, {&(0x7f0000000740)="747516464293f8e8eec3ccb7dd473a382a0d368ad8a1242abe3b11d915f3eb582e10ff9b8afa9a3d6fa9075032a573688f84e342bf19f200379d5291489fa5151a46ed483044e784cb8f430cbcd5a6145d72a2d2b2b6aa78add2ab0812de906e5545585d6aadca938d5a62632604101886bd45bc15550815c5dcec420b547b43f88b56489e54d47307371d68817c7eca00a16bce0ea94917082d622301673217c8ca26b5a362745ea01486a2ba576eb6601dfa400bb8", 0xb6}], 0x4}, 0x41)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)=0x5, 0x12)
r2 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e33"], 0xd)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7.389432986s ago: executing program 2 (id=1344):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000300)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x714, @empty}, {0xa, 0x4e20, 0x169f801f, @empty, 0x8}, 0xffffffffffffffff, 0x4}}, 0x48)
write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f0000000e80)={0x5, 0x10, 0xfa00, {&(0x7f0000000c80)}}, 0x18)

7.342002228s ago: executing program 3 (id=1345):
kexec_load(0x3, 0x5, &(0x7f00000005c0)=[{&(0x7f0000000000)="6509534a17aa723cba21a9d63c6a556b30b910a580cb50d65e9fab1ed59a7eb00a7109e4a355bed417bce60d6a5baab4bbecc5b2faaf2eba28c331345b612f1f4cbfdfa7bcb9bd2a0fbc8d7786bb68cff61167b98ef0adfbb79545bbb2c409be3adb3b54846920f1b194db5258279e8d06b863d51c0f90cd79ecb1f5ed3c44eb6353c0b451fe3f9b118422addd3f936d8cd5562d6ce55bf378ee8c0d0fc56a4a866c499b04ef61edca4fc06d78b964868e16d82c97be81055b072720c06a8b8b3daad5131e84447a4809d131ce0927ee8ec587e37e0f2df3499327f170b861", 0xdf, 0x5, 0xff}, {&(0x7f0000000200)="d8f3aabb28de3faf55566e010b6ef42f8002b91bf54d78caa3135bc4a5d30a8fd06d1e70130a8d2b505e9abe3aef1de2219df6f5f695131fe4fc01630cb77519", 0x40, 0x5, 0x4}, {&(0x7f0000000340), 0x0, 0x100, 0x9}, {0x0, 0x0, 0x7, 0x2}, {&(0x7f00000004c0)="fd7cd1d51fb9987e67d12dded82fd30b5e7675f10da30291367bede16a4fe296961baf3caee5bd5c0d76b25c3de77c56ddefc936fa712ec3d7e51f4b16e682d3ee59b2abf6c05927c1edb91d54f66cf99928f710cf98acec87a3d75a6388bab3c5a1474d29cae1f0fd92cde6f444bf490f27f37e198aa55b403df846ce1732f7cf4c12d92aece1289b4b10b7d84532a07762548e3f3915b6575e8ef8130395476b9a721a7668c608c4d2f70aee2b", 0xae, 0x5, 0x6}], 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{0x0}, {0x0}, {0x0}], 0x3}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)="4274aa814c8f6ea8d8db43", 0xb}, {&(0x7f0000000280)="da3b7d7035cdbd35bccc23a2f8164fe26ad17c1668bf60cc412d60d7b02fe70f0d4c385a653d469c0888c116c5e9393ca029e477f71c7707c0e59c992ef8bb099330a50fb6", 0x45}, {0x0}, {&(0x7f0000000740)="747516464293f8e8eec3ccb7dd473a382a0d368ad8a1242abe3b11d915f3eb582e10ff9b8afa9a3d6fa9075032a573688f84e342bf19f200379d5291489fa5151a46ed483044e784cb8f430cbcd5a6145d72a2d2b2b6aa78add2ab0812de906e5545585d6aadca938d5a62632604101886bd45bc15550815c5dcec420b547b43f88b56489e54d47307371d68817c7eca00a16bce0ea94917082d622301673217c8ca26b5a362745ea01486a2ba576eb6601dfa400bb8", 0xb6}], 0x4}, 0x41)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)=0x5, 0x12)
r2 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e33"], 0xd)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7.291320609s ago: executing program 1 (id=1346):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x3)
ioctl$KVM_GET_DEBUGREGS(r1, 0x8080aea1, &(0x7f0000000440))

7.177656083s ago: executing program 2 (id=1347):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x6)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x82762000)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
epoll_create1(0x80000)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

7.097010515s ago: executing program 1 (id=1348):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRESHEX=r0, @ANYRES8=r0, @ANYRESHEX=r0, @ANYRESDEC=r0], 0x5c}}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x40800)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$vcsu(0x0, 0x0, 0x440200)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000200)={0x0, 0x2, 0x0, 0x3}, 0x10)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6)
write(r6, &(0x7f00000000c0)="510003000000", 0x6)

4.980764599s ago: executing program 1 (id=1349):
r0 = socket$netlink(0x10, 0x3, 0x6)
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$full(0xffffff9c, 0x0, 0x6e880, 0x0)
syz_io_uring_setup(0x8d0, 0x0, &(0x7f00000001c0), &(0x7f0000000180), 0x0)
io_uring_setup(0x30aa, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32], 0x6f4}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
io_uring_setup(0x5e64, &(0x7f0000000000)={0x0, 0xe900, 0x10000, 0x1, 0x6f})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000480)={'pcl711\x00', [0x4, 0xfffeffff, 0x1ff, 0x9, 0xff, 0x8, 0xfffffff9, 0x7, 0x10001, 0x8, 0x5, 0x0, 0x7, 0x100, 0x2, 0x2, 0x4, 0x0, 0x6, 0x4, 0x2, 0x0, 0x4, 0x8, 0x4, 0xc, 0x4, 0x1, 0x6fbb, 0x936, 0xf, 0x8]})
r3 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r3, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='iso9660\x00', 0x208000, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r4, 0x6, 0x6, &(0x7f0000001240)=0x6, 0x4)
getsockopt$inet_tcp_int(r4, 0x6, 0x6, 0x0, 0xfffffffffffffffe)

4.789544255s ago: executing program 1 (id=1350):
r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000280)=0x10001)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_HW_FREE(r1, 0x4112, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(0xffffffffffffffff, 0x80045017, 0x0)

4.743456686s ago: executing program 3 (id=1351):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000001a00010000000000000000000a008000", @ANYRES32=0x0, @ANYBLOB="0000000008001f", @ANYRES64=r2], 0x38}}, 0x0)
syz_usbip_server_init(0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280), 0x46ac01, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000002c0)=[0x0], &(0x7f0000000340), 0x3f, 0x1})
mount(&(0x7f00000001c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000200)='ext2\x00', 0x21000d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x24}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0xe}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0xf, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
syz_clone(0x23100000, 0x0, 0x0, 0x0, 0x0, 0x0)

4.515792153s ago: executing program 1 (id=1352):
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{0x0}, {0x0}], 0x2}, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000280)}, {&(0x7f0000000600)="1a13a7837ea8ca56a91f616de628b8b1b2107d046bccc3025bbe70905237ffee5666e0e28cfda9249a7beaeaab10864089fb7c447ce7416df7c0aea488b69d959465338a35aabfb0ed3524428b68945f0a2c8f90e1ced4718c7695aed1e852be6f9a23087af497642cd2560ef1e10729", 0x70}, {&(0x7f0000000740)="747516464293f8e8eec3ccb7dd473a382a0d368ad8a1242abe3b11d915f3eb582e10ff9b8afa9a3d6fa9075032a573688f84e342bf19f200379d5291489fa5151a46ed483044e784cb8f430cbcd5a6145d72a2d2b2", 0x55}], 0x3}, 0x41)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0x10}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)=0x5, 0x12)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

3.93759745s ago: executing program 1 (id=1353):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
execve(0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ip6_tables_matches\x00')
pread64(r3, &(0x7f0000000480)=""/177, 0xb1, 0xa6)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000300), 0x105}, 0x38)

3.855056833s ago: executing program 0 (id=1354):
kexec_load(0x3, 0x7, &(0x7f00000005c0)=[{&(0x7f0000000000)="6509534a17aa723cba21a9d63c6a556b30b910a580cb50d65e9fab1ed59a7eb00a7109e4a355bed417bce60d6a5baab4bbecc5b2faaf2eba28c331345b612f1f4cbfdfa7bcb9bd2a0fbc8d7786bb68cff61167b98ef0adfbb79545bbb2c409be3adb3b54846920f1b194db5258279e8d06b863d51c0f90cd79ecb1f5ed3c44eb6353c0b451fe3f9b118422addd3f936d8cd5562d6ce55bf378ee8c0d0fc56a4a866c499b04ef61edca4fc06d78b964868e16d82c97be81055b072720c06a8b8b3daad5131e84447a4809d131ce0927ee8ec587e37e0f2df3499327f170b861", 0xdf, 0x5, 0xff}, {&(0x7f0000000100)="047715ac7141c111fab2fcda5de4dc8b278029bcb1bd17524f177856cac105f463c77e2d2ab44d875217dc82baa911f236f959fb9227524d4fe6b621a19823457d04c399283edbac755852623c82f7206d26e918a2981c8f68476969bf8c4bcd37ba24e4ba1683339879a11b854a7478f898805f327af12eaab8ac918c201b7f932e124796f1aba03e031312bd7e67403651abac282b310f420dbcdea31d52854783d6952a2a7b10f3e45715203107f8ce516d99c8c7db918e0989ef123cc524fa8ae0af5c952de542a268179439f62e20fb410df0a4c2e54ec355436d7cf9989fa7b13df2f67b414330e5cff90a", 0xee, 0x5, 0xffffffff}, {&(0x7f0000000200)="d8f3aabb28de3faf55566e010b6ef42f8002b91bf54d78caa3135bc4a5d30a8fd06d1e70130a8d2b505e9abe3aef1de2219df6f5f695131fe4fc01630cb77519", 0x40, 0x5, 0x4}, {&(0x7f0000000340)="8c4e55be8948c65379def4df90ce301f71e7d4e4921490b3aacd4082ccf6531bb82dbd4d13dbfbeb16dd11b3c041c780b7caed488a35c2a00906fbd0e2fa", 0x3e, 0x100, 0x9}, {0x0, 0x0, 0x7, 0x2}, {0x0, 0x0, 0x2, 0xfffffffffffffffa}, {&(0x7f00000004c0)="fd7cd1d51fb9987e67d12dded82fd30b5e7675f10da30291367bede16a4fe296961baf3caee5bd5c0d76b25c3de77c56ddefc936fa712ec3d7e51f4b16e682d3ee59b2abf6c05927c1edb91d54f66cf99928f710cf98acec87a3d75a6388bab3c5a1474d29cae1f0fd92cde6f444bf490f27f37e198aa55b403df846ce1732f7cf4c12d92aece1289b4b10b7d84532a07762548e3f3915b6575e8ef8130395476b9a721a7668c608c4d2f70aee2be4ae96ff0e5925b138fec99f91f19d8618037fe2842d248c8d44f425e54da4a668059f5124222cb4955f073d318b2f0dcecec611448d4ec0fd6b9bd0eac6bea1", 0xee, 0x5, 0x6}], 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{0x0}, {0x0}, {0x0}], 0x3}, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)="4274aa814c8f6ea8d8db43", 0xb}, {&(0x7f0000000280)="da3b7d7035cdbd35bccc23a2f8164fe26ad17c1668bf60cc412d60d7b02fe70f0d4c385a653d469c0888c116c5e9393ca029e477", 0x34}, {0x0}, {&(0x7f0000000740)="747516464293f8e8eec3ccb7dd473a382a0d368ad8a1242abe3b11d915f3eb582e10ff9b8afa9a3d6fa9075032a573688f84e342bf19f200379d5291489fa5151a46ed483044e784cb8f430cbcd5a6145d72a2d2b2b6aa78add2ab0812de906e5545585d6aadca938d5a62632604101886bd45bc15550815c5dcec420b547b43f88b56489e54d47307371d68817c7eca00a16bce0ea94917082d622301673217c8ca26b5a362745ea01486a2ba576eb6601dfa400bb8", 0xb6}], 0x4}, 0x41)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)=0x5, 0x12)
r2 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e33"], 0xd)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3.336797189s ago: executing program 0 (id=1355):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000300)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x714, @empty}, {0xa, 0x4e20, 0x169f801f, @empty, 0x8}, 0xffffffffffffffff, 0x4}}, 0x48)
write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f0000000e80)={0x5, 0x10, 0xfa00, {&(0x7f0000000c80)}}, 0x18)

3.124702266s ago: executing program 2 (id=1356):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f0000000440))

2.825431094s ago: executing program 0 (id=1357):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRESHEX=r0, @ANYRES8=r0, @ANYRESHEX=r0, @ANYRESDEC=r0], 0x5c}}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x40800)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$vcsu(0x0, 0x0, 0x440200)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000200)={0x0, 0x2, 0x0, 0x3}, 0x10)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6)
write(r6, &(0x7f00000000c0)="510003000000", 0x6)

2.706951088s ago: executing program 2 (id=1358):
r0 = socket$netlink(0x10, 0x3, 0x6)
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$full(0xffffff9c, 0x0, 0x6e880, 0x0)
syz_io_uring_setup(0x8d0, 0x0, &(0x7f00000001c0), &(0x7f0000000180), 0x0)
io_uring_setup(0x30aa, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32], 0x6f4}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
io_uring_setup(0x5e64, &(0x7f0000000000)={0x0, 0xe900, 0x10000, 0x1, 0x6f})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000480)={'pcl711\x00', [0x4, 0xfffeffff, 0x1ff, 0x9, 0xff, 0x8, 0xfffffff9, 0x7, 0x10001, 0x8, 0x5, 0x0, 0x7, 0x100, 0x2, 0x2, 0x4, 0x0, 0x6, 0x4, 0x2, 0x0, 0x4, 0x8, 0x4, 0xc, 0x4, 0x1, 0x6fbb, 0x936, 0xf, 0x8]})
r3 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r3, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='iso9660\x00', 0x208000, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r4, 0x6, 0x6, &(0x7f0000001240)=0x6, 0x4)
getsockopt$inet_tcp_int(r4, 0x6, 0x6, 0x0, 0xfffffffffffffffe)

583.201843ms ago: executing program 0 (id=1359):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0x10000)
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, &(0x7f0000000040)={@host})
ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r0, 0x7b0, &(0x7f0000000200)={@any, 0x44})

393.574548ms ago: executing program 0 (id=1360):
r0 = openat$dsp(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000280)=0x10001)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_HW_FREE(r2, 0x4112, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, 0x0)

335.14911ms ago: executing program 3 (id=1361):
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f6, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @broadcast}}}})
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x4002004c2, 0x7ff, 0x9, 0x0, 0x400, 0x80, 0x89, 0x0, 0x8, 0x8d], 0x100000, 0x240046})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000004c0)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r0, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4400c800)
sendto$inet6(r0, &(0x7f0000000300), 0x1a, 0x3b00, 0x0, 0xfffffffffffffdfd)

315.993931ms ago: executing program 2 (id=1362):
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{0x0}, {0x0}], 0x2}, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000280)}, {&(0x7f0000000600)="1a13a7837ea8ca56a91f616de628b8b1b2107d046bccc3025bbe70905237ffee5666e0e28cfda9249a7beaeaab10864089fb7c447ce7416df7c0aea488b69d959465338a35aabfb0ed3524428b68945f0a2c8f90e1ced4718c7695aed1e852be6f9a23087af497642cd2560ef1e10729", 0x70}, {&(0x7f0000000740)="747516464293f8e8eec3ccb7dd473a382a0d368ad8a1242abe3b11d915f3eb582e10ff9b8afa9a3d6fa9075032a573688f84e342bf19f200379d5291489fa5151a46ed483044e784cb8f430cbcd5a6145d72a2d2b2", 0x55}], 0x3}, 0x41)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0x10}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f00000000c0)=0x5, 0x12)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

133.566666ms ago: executing program 0 (id=1363):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
socket(0x2000000015, 0x80005, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x303}, "399421fe8a4c9563", "00b147fbbfc100", "d6dc09ff", "16de86d67a8426bd"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x303}, "b7a41f2300", "d21b0e8a0e000000000000000600", "1d1cbe23", "ecba06893bcdc493"}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r0)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f00000000c0)=0x80008, 0x4)
socket$inet_udp(0x2, 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0xfffffffffffffffd, 0x0, 0x9, 0xfffffffffffffffc, 0x0, 0x7fffffff}, 0x0, 0x0)

0s ago: executing program 3 (id=1364):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x6})
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.236' (ED25519) to the list of known hosts.
[   61.901698][ T5756] cgroup: Unknown subsys name 'net'
[   62.029810][ T5756] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   63.380419][ T5756] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   64.704633][ T5769] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   64.713091][ T5769] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   64.733495][ T5769] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   64.754192][ T5771] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   64.763901][ T5771] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   64.771477][ T5771] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   64.794126][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   64.802291][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   64.810905][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   64.816843][ T5771] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   64.827695][ T5771] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   64.841429][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   64.850847][ T5771] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   64.859011][ T5773] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   64.867155][ T5779] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   64.868493][ T5771] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   64.884752][ T5771] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   64.894030][ T5771] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   64.914360][ T5771] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   64.921576][ T5778] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   64.929367][ T5771] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   64.930103][ T5778] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   64.943846][ T5771] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   64.944429][ T5778] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   65.226612][ T5767] chnl_net:caif_netlink_parms(): no params data found
[   65.350312][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.358650][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.367080][ T5767] bridge_slave_0: entered allmulticast mode
[   65.374494][ T5767] bridge_slave_0: entered promiscuous mode
[   65.388590][ T5774] chnl_net:caif_netlink_parms(): no params data found
[   65.402324][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.409892][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.417264][ T5767] bridge_slave_1: entered allmulticast mode
[   65.424311][ T5767] bridge_slave_1: entered promiscuous mode
[   65.464801][ T5776] chnl_net:caif_netlink_parms(): no params data found
[   65.476866][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.523285][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.578342][ T5770] chnl_net:caif_netlink_parms(): no params data found
[   65.598053][ T5767] team0: Port device team_slave_0 added
[   65.614126][ T5767] team0: Port device team_slave_1 added
[   65.668424][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.677441][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.684664][ T5774] bridge_slave_0: entered allmulticast mode
[   65.691329][ T5774] bridge_slave_0: entered promiscuous mode
[   65.699777][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.707086][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.733380][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.755207][ T5776] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.762369][ T5776] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.769623][ T5776] bridge_slave_0: entered allmulticast mode
[   65.777084][ T5776] bridge_slave_0: entered promiscuous mode
[   65.793053][ T5776] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.800273][ T5776] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.807449][ T5776] bridge_slave_1: entered allmulticast mode
[   65.814849][ T5776] bridge_slave_1: entered promiscuous mode
[   65.821260][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.828498][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.835912][ T5774] bridge_slave_1: entered allmulticast mode
[   65.842498][ T5774] bridge_slave_1: entered promiscuous mode
[   65.849423][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.858598][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.885129][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.969349][ T5767] hsr_slave_0: entered promiscuous mode
[   65.975593][ T5767] hsr_slave_1: entered promiscuous mode
[   65.990230][ T5776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.001412][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.023779][ T5776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.041040][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.091824][ T5776] team0: Port device team_slave_0 added
[   66.106967][ T5770] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.114486][ T5770] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.121590][ T5770] bridge_slave_0: entered allmulticast mode
[   66.128844][ T5770] bridge_slave_0: entered promiscuous mode
[   66.136888][ T5770] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.144043][ T5770] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.151173][ T5770] bridge_slave_1: entered allmulticast mode
[   66.158188][ T5770] bridge_slave_1: entered promiscuous mode
[   66.174198][ T5776] team0: Port device team_slave_1 added
[   66.182831][ T5774] team0: Port device team_slave_0 added
[   66.219368][ T5774] team0: Port device team_slave_1 added
[   66.241363][ T5770] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.275260][ T5770] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.284813][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_0
[   66.291755][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.318080][ T5776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.341486][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0
[   66.349611][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.376974][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.397433][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.406682][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.432993][ T5776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.456049][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.462997][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.488976][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.540237][ T5770] team0: Port device team_slave_0 added
[   66.548697][ T5770] team0: Port device team_slave_1 added
[   66.620893][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_0
[   66.631603][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.658430][ T5770] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.675078][ T5774] hsr_slave_0: entered promiscuous mode
[   66.681385][ T5774] hsr_slave_1: entered promiscuous mode
[   66.690028][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.697811][ T5774] Cannot create hsr debugfs directory
[   66.708931][ T5776] hsr_slave_0: entered promiscuous mode
[   66.715190][ T5776] hsr_slave_1: entered promiscuous mode
[   66.721141][ T5776] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.728742][ T5776] Cannot create hsr debugfs directory
[   66.760250][ T5770] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.767308][ T5770] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.793641][ T5770] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.834214][ T5778] Bluetooth: hci0: command tx timeout
[   66.861359][ T5770] hsr_slave_0: entered promiscuous mode
[   66.868111][ T5770] hsr_slave_1: entered promiscuous mode
[   66.874338][ T5770] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.881886][ T5770] Cannot create hsr debugfs directory
[   66.913590][ T5778] Bluetooth: hci1: command tx timeout
[   66.990055][ T5767] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   66.997612][ T5085] Bluetooth: hci2: command tx timeout
[   67.003689][ T5778] Bluetooth: hci3: command tx timeout
[   67.032081][ T5767] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   67.074663][ T5767] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   67.087626][ T5767] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   67.215988][ T5776] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   67.232276][ T5776] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   67.241648][ T5776] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   67.251858][ T5776] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   67.344959][ T5774] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   67.358022][ T5774] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   67.367780][ T5774] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   67.380715][ T5774] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   67.442015][ T5770] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   67.457198][ T5770] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   67.477687][ T5770] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   67.491114][ T5770] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   67.522776][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.581285][ T5776] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.597597][ T5767] 8021q: adding VLAN 0 to HW filter on device team0
[   67.620602][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.627898][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.659007][ T5776] 8021q: adding VLAN 0 to HW filter on device team0
[   67.668336][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.675490][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.712687][ T5767] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   67.725785][ T5767] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   67.773766][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.780907][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.836581][ T2910] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.843771][ T2910] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.860714][ T5770] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.891003][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.912231][ T5770] 8021q: adding VLAN 0 to HW filter on device team0
[   67.941588][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.948750][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.975824][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.982973][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.031038][ T5774] 8021q: adding VLAN 0 to HW filter on device team0
[   68.057739][ T2910] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.064917][ T2910] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.094814][ T2910] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.101911][ T2910] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.169909][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.302427][ T5767] veth0_vlan: entered promiscuous mode
[   68.329329][ T5767] veth1_vlan: entered promiscuous mode
[   68.383269][ T5776] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.427664][ T5767] veth0_macvtap: entered promiscuous mode
[   68.446690][ T5767] veth1_macvtap: entered promiscuous mode
[   68.537743][ T5776] veth0_vlan: entered promiscuous mode
[   68.562329][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.595188][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.606318][ T5776] veth1_vlan: entered promiscuous mode
[   68.618961][ T5767] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.627982][ T5767] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.637356][ T5767] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.647090][ T5767] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.692920][ T5770] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.716844][ T5776] veth0_macvtap: entered promiscuous mode
[   68.747914][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.772134][ T5776] veth1_macvtap: entered promiscuous mode
[   68.825051][ T2915] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.847411][ T2915] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.882791][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   68.896892][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.910640][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.920453][ T5778] Bluetooth: hci0: command tx timeout
[   68.931611][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   68.933666][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.942188][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.961232][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.968579][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.991951][ T5776] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.994210][ T5778] Bluetooth: hci1: command tx timeout
[   69.007078][ T5776] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.018432][ T5776] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.028405][ T5776] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.074173][ T5778] Bluetooth: hci3: command tx timeout
[   69.079643][ T5778] Bluetooth: hci2: command tx timeout
[   69.086092][ T5774] veth0_vlan: entered promiscuous mode
[   69.107127][ T5774] veth1_vlan: entered promiscuous mode
[   69.150943][ T5770] veth0_vlan: entered promiscuous mode
[   69.167848][ T5770] veth1_vlan: entered promiscuous mode
[   69.228455][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.259034][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.270970][ T5774] veth0_macvtap: entered promiscuous mode
[   69.291584][ T5774] veth1_macvtap: entered promiscuous mode
[   69.308664][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.331029][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.350065][ T5770] veth0_macvtap: entered promiscuous mode
[   69.378321][ T5770] veth1_macvtap: entered promiscuous mode
[   69.399168][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.411800][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.422344][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.436802][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.448111][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.464471][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   69.476353][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.488994][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   69.500545][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.512634][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.585976][ T5774] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.601302][ T5774] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.624210][ T5774] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.635436][ T5774] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.642507][ T5834] "syz.1.6" (5834) uses obsolete ecb(arc4) skcipher
[   69.845727][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.583375][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.609811][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.654748][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.668928][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.682855][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.705678][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0
[   70.766312][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.777048][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.786933][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.797603][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.807454][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.817912][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.829556][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1
[   70.855966][ T5770] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.877660][ T5770] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.886503][ T5770] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.895915][ T5770] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.999728][ T5778] Bluetooth: hci0: command tx timeout
[   71.029608][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.066821][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.074376][ T5085] Bluetooth: hci1: command tx timeout
[   71.143714][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.155182][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.156067][   T51] Bluetooth: hci3: command tx timeout
[   71.168869][ T5085] Bluetooth: hci2: command tx timeout
[   71.179189][ T2910] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.191255][ T2910] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.225850][ T4742] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.243644][ T4742] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.264485][ T5824] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   71.463813][ T5824] usb 2-1: Using ep0 maxpacket: 8
[   71.480092][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[   71.494059][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[   71.515760][ T5824] usb 2-1: config index 0 descriptor too short (expected 74, got 45)
[   71.565805][ T5824] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[   71.587084][ T5824] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[   72.597661][ T5857] syz.2.10[5857]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   72.623317][    C0] sched: RT throttling activated
[   72.643866][ T5824] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 65535, setting to 1024
[   72.710218][ T5857] loop2: detected capacity change from 0 to 64
[   73.113735][ T5085] Bluetooth: hci0: command tx timeout
[   73.121235][ T5778] Bluetooth: hci3: Opcode 0x206a failed: -110
[   73.158555][ T5778] Bluetooth: hci1: command tx timeout
[   73.628223][ T5863] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   73.632100][ T5085] Bluetooth: hci2: command tx timeout
[   73.638985][ T5863] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   73.642948][   T51] Bluetooth: hci3: command 0x0419 tx timeout
[   73.651575][ T5863] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   73.666513][ T5863] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   73.678309][ T5863] geneve2: entered promiscuous mode
[   73.683627][ T5863] geneve2: entered allmulticast mode
[   73.859338][ T5824] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[   75.198713][ T5872] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   75.207667][ T5872] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   75.216535][ T5872] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   75.225390][ T5872] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   75.237667][ T5872] geneve2: entered promiscuous mode
[   75.242899][ T5872] geneve2: entered allmulticast mode
[   75.781339][ T5872] Bluetooth: MGMT ver 1.22
[   75.823629][ T5778] Bluetooth: hci3: command 0x0419 tx timeout
[   76.645419][ T5824] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   76.773064][ T5824] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   76.782395][ T5824] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.797564][ T5824] usb 2-1: can't set config #16, error -71
[   76.806921][ T5824] usb 2-1: USB disconnect, device number 2
[   80.619795][ T5896] loop2: detected capacity change from 0 to 32768
[   81.794951][  T788] cfg80211: failed to load regulatory.db
[   81.844248][ T5922] binder: 5920:5922 ioctl c0306201 0 returned -14
[   81.908848][ T5924] binder_alloc: 5920: binder_alloc_buf, no vma
[   86.593338][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[   87.718724][ T5939] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.726556][ T5939] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.408298][ T5939] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   90.281990][ T5939] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   90.560524][ T5939] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   90.569478][ T5939] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   90.578360][ T5939] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   90.587735][ T5939] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   90.719880][ T5966] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   90.728811][ T5966] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   90.740023][ T5966] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   90.748873][ T5966] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   90.757990][ T5966] geneve2: entered promiscuous mode
[   90.763209][ T5966] geneve2: entered allmulticast mode
[   90.864955][ T5970] 9pnet_virtio: no channels available for device syz
[   90.940978][ T5974] binder: 5973:5974 ioctl c0306201 0 returned -14
[   91.004437][ T5977] binder_alloc: 5973: binder_alloc_buf, no vma
[   91.128169][   T27] audit: type=1326 audit(1779343917.072:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.2.50" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[   91.183554][   T27] audit: type=1326 audit(1779343917.092:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.2.50" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[   91.217536][   T27] audit: type=1326 audit(1779343917.102:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.2.50" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[   91.243487][   T27] audit: type=1326 audit(1779343917.102:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.2.50" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[   91.298331][   T27] audit: type=1326 audit(1779343917.102:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5975 comm="syz.2.50" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[   91.304153][ T5984] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   91.418568][ T5986] netlink: 28 bytes leftover after parsing attributes in process `syz.2.50'.
[   92.462401][ T5988] loop1: detected capacity change from 0 to 32768
[   92.493519][ T5988] =======================================================
[   92.493519][ T5988] WARNING: The mand mount option has been deprecated and
[   92.493519][ T5988]          and is ignored by this kernel. Remove the mand
[   92.493519][ T5988]          option from the mount to silence this warning.
[   92.493519][ T5988] =======================================================
[   92.677072][ T5988] JBD2: Ignoring recovery information on journal
[   94.572195][ T5988] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   94.688951][ T5767] ocfs2: Unmounting device (7,1) on (node local)
[   94.865142][ T6013] binder_alloc: 6008: binder_alloc_buf, no vma
[   99.918705][ T6045] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[   99.927625][ T6045] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[   99.936481][ T6045] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[   99.945426][ T6045] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[   99.954625][ T6045] geneve2: entered promiscuous mode
[   99.959858][ T6045] geneve2: entered allmulticast mode
[  100.541302][ T6048] Zero length message leads to an empty skb
[  101.570375][ T6056] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[  101.965232][ T6069] can0: slcan on ttyS3.
[  102.290667][ T6086] process 'syz.0.81' launched '/dev/fd/5' with NULL argv: empty string added
[  102.328458][ T6080] netlink: 8 bytes leftover after parsing attributes in process `syz.1.84'.
[  102.383581][ T6080] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  102.393625][ T6056] can0 (unregistered): slcan off ttyS3.
[  102.405605][ T6080] netlink: 36 bytes leftover after parsing attributes in process `syz.1.84'.
[  103.381880][ T6105] loop2: detected capacity change from 0 to 32768
[  103.478396][ T6105] JBD2: Ignoring recovery information on journal
[  103.558897][ T6105] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  103.768659][ T5770] ocfs2: Unmounting device (7,2) on (node local)
[  104.313441][ T6133] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.97'.
[  106.663477][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  107.386142][ T6151] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.101'.
[  109.223459][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  110.133720][   T27] audit: type=1326 audit(1779343936.072:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6179 comm="syz.3.110" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793dd9ce59 code=0x7ffc0000
[  110.213436][   T27] audit: type=1326 audit(1779343936.102:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6179 comm="syz.3.110" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f793dd9ce59 code=0x7ffc0000
[  110.295555][   T27] audit: type=1326 audit(1779343936.112:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6179 comm="syz.3.110" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793dd9ce59 code=0x7ffc0000
[  110.389171][   T27] audit: type=1326 audit(1779343936.112:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6179 comm="syz.3.110" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793dd9ce59 code=0x7ffc0000
[  110.498597][   T27] audit: type=1326 audit(1779343936.132:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6179 comm="syz.3.110" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f793dd9ce59 code=0x7ffc0000
[  110.667599][ T6190] netlink: 28 bytes leftover after parsing attributes in process `syz.3.110'.
[  118.366586][   T27] audit: type=1326 audit(1779343944.312:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6245 comm="syz.0.129" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc676b9ce59 code=0x0
[  119.024989][ T6266] binder_alloc: 6262: binder_alloc_buf, no vma
[  120.505951][ T6279] ALSA: mixer_oss: invalid OSS volume ''
[  120.836077][ T6278] loop2: detected capacity change from 0 to 32768
[  120.857649][ T6278] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.137 (6278)
[  121.349213][ T6278] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  121.373016][ T6278] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  121.387664][ T6278] BTRFS info (device loop2): use zlib compression, level 3
[  121.413136][ T6278] BTRFS info (device loop2): using free space tree
[  121.580526][ T6278] BTRFS info (device loop2): enabling ssd optimizations
[  121.592582][ T6278] BTRFS info (device loop2): auto enabling async discard
[  121.639902][   T27] audit: type=1800 audit(1779343947.582:13): pid=6278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.137" name="file1" dev="loop2" ino=260 res=0 errno=0
[  121.713428][   T27] audit: type=1804 audit(1779343947.652:14): pid=6278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.137" name="/newroot/27/file0/bus" dev="loop2" ino=263 res=1 errno=0
[  122.007759][ T5770] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  124.236510][ T6306] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.243950][ T6306] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.304916][ T5608] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  124.463482][ T5608] usb 4-1: device descriptor read/64, error -71
[  124.610171][ T6306] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.650836][ T6306] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.733479][ T5608] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  124.893922][ T5608] usb 4-1: device descriptor read/64, error -71
[  124.994792][ T6306] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  125.004189][ T6306] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  125.013049][ T6306] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  125.021954][ T6306] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  125.031606][ T5608] usb usb4-port1: attempt power cycle
[  125.132464][ T6306] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  125.141573][ T6306] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  125.150716][ T6306] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  125.159780][ T6306] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  125.203510][ T6311] netlink: 8 bytes leftover after parsing attributes in process `syz.1.143'.
[  125.482123][ T5608] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  125.515815][ T5608] usb 4-1: device descriptor read/8, error -71
[  127.143478][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  127.503368][ T5608] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  128.233528][ T5608] usb 4-1: device not accepting address 5, error -71
[  129.368081][ T5608] usb usb4-port1: unable to enumerate USB device
[  130.464016][ T6342] binder_alloc: 6340: binder_alloc_buf, no vma
[  132.920079][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  132.926462][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  133.733452][  T789] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  133.925889][  T789] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  134.081341][  T789] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  134.092390][  T789] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  134.126911][ T6378] netlink: 100 bytes leftover after parsing attributes in process `syz.3.160'.
[  135.350943][  T789] usb 3-1: Product: syz
[  135.358952][  T789] usb 3-1: Manufacturer: syz
[  135.363827][  T789] usb 3-1: SerialNumber: syz
[  136.225193][  T789] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  137.143426][ T5608] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  137.393940][ T5608] usb 4-1: Using ep0 maxpacket: 8
[  138.373759][ T5608] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  138.390940][ T5608] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  138.869995][ T5608] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  138.911195][ T5608] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.254861][ T5608] usb 3-1: USB disconnect, device number 2
[  139.278974][ T5608] usblp0: removed
[  139.946400][ T6414] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  139.989504][ T6414] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  141.339420][ T5778] Bluetooth: hci1: command 0x0c1a tx timeout
[  142.342303][ T6441] ALSA: mixer_oss: invalid OSS volume ''
[  142.358826][ T6414] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  142.378117][ T5824] usb 4-1: USB disconnect, device number 6
[  142.433996][ T6414] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  142.474606][ T6414] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  142.510603][ T6414] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  142.561479][ T6414] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  142.583237][ T6414] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  142.645208][ T6414] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  144.038525][ T5778] Bluetooth: hci1: command 0x0c1a tx timeout
[  144.885670][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  144.891989][ T5778] Bluetooth: hci3: command 0x0419 tx timeout
[  145.993393][  T789] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  146.113384][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  146.674532][  T789] usb 3-1: unable to get BOS descriptor or descriptor too short
[  146.748141][  T789] usb 3-1: unable to read config index 0 descriptor/start: -71
[  146.765631][  T789] usb 3-1: can't read configurations, error -71
[  146.913781][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  146.920173][   T51] Bluetooth: hci3: command 0x0419 tx timeout
[  147.173387][   T28] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  147.343974][ T6480] syzkaller0: entered promiscuous mode
[  147.349502][ T6480] syzkaller0: entered allmulticast mode
[  147.373640][   T28] usb 4-1: Using ep0 maxpacket: 8
[  147.389732][   T28] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  147.398509][   T28] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  147.415110][   T28] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  147.424691][   T28] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.876940][    T8] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  149.115347][   T51] Bluetooth: hci3: command 0x0419 tx timeout
[  149.121411][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  149.233799][    T8] usb 2-1: Using ep0 maxpacket: 8
[  149.393402][ T6500] netlink: 4 bytes leftover after parsing attributes in process `syz.2.196'.
[  149.402850][ T6502] syz.2.196 uses obsolete (PF_INET,SOCK_PACKET)
[  150.356826][    T8] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[  150.374065][    T8] usb 2-1: config 0 has no interface number 0
[  150.388716][    T8] usb 2-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping
[  150.409293][    T8] usb 2-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping
[  150.422128][ T5824] usb 4-1: USB disconnect, device number 7
[  150.482368][    T8] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  150.549254][    T8] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  150.591278][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.634941][    T8] usb 2-1: config 0 descriptor??
[  151.335832][    T8] ldusb 2-1:0.55: Interrupt in endpoint not found
[  151.583685][ T5806] usb 2-1: USB disconnect, device number 3
[  151.651618][ T6511] syzkaller0: entered promiscuous mode
[  151.674040][ T6511] syzkaller0: entered allmulticast mode
[  152.798824][  T789] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  153.004431][  T789] usb 3-1: Using ep0 maxpacket: 8
[  153.020061][  T789] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  153.034258][  T789] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  153.061557][  T789] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  153.089326][  T789] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.266913][ T5804] usb 3-1: USB disconnect, device number 5
[  156.938653][ T6583] netlink: 24 bytes leftover after parsing attributes in process `syz.0.227'.
[  158.313949][    T8] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  158.484714][ T5824] usb 4-1: new low-speed USB device number 8 using dummy_hcd
[  158.513449][    T8] usb 2-1: Using ep0 maxpacket: 16
[  158.651644][ T6599] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  158.678230][ T6599] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  158.693055][ T5824] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  158.708484][ T5824] usb 4-1: config 0 has no interface number 0
[  158.729752][ T5824] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  158.764499][ T5824] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  158.796729][ T5824] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  158.807783][ T5824] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.820803][ T5824] usb 4-1: config 0 descriptor??
[  158.835662][ T6605] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  158.861061][ T5824] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  159.194983][ T5824] usb 4-1: USB disconnect, device number 8
[  159.200881][    C0] iowarrior 4-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  159.343932][    T8] usb 2-1: unable to get BOS descriptor or descriptor too short
[  159.378002][    T8] usb 2-1: unable to read config index 0 descriptor/start: -71
[  159.393521][    T8] usb 2-1: can't read configurations, error -71
[  160.083380][ T5806] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  160.263342][ T5806] usb 4-1: Using ep0 maxpacket: 8
[  160.270114][ T5806] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  160.278542][ T5806] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  160.295264][ T5806] usb 4-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  160.310981][ T5806] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  160.320094][ T5806] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.345615][ T5806] usbtmc 4-1:16.0: bulk endpoints not found
[  160.592437][ T6647] trusted_key: encrypted_key: master key parameter '
BìÞ' is invalid
[  162.843509][ T6669] loop2: detected capacity change from 0 to 32768
[  162.852613][ T6669] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.256 (6669)
[  162.879147][ T6669] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  162.891311][ T6669] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  162.901509][ T6669] BTRFS info (device loop2): use zlib compression, level 3
[  162.909336][ T6669] BTRFS info (device loop2): using free space tree
[  162.945721][ T6669] BTRFS info (device loop2): enabling ssd optimizations
[  162.952933][ T6669] BTRFS info (device loop2): auto enabling async discard
[  162.978319][   T27] audit: type=1800 audit(1779343988.922:15): pid=6669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.256" name="file1" dev="loop2" ino=260 res=0 errno=0
[  163.080998][ T5608] usb 4-1: USB disconnect, device number 9
[  163.094755][ T6669] loop2: detected capacity change from 32768 to 0
[  163.227221][ T4742] kworker/u4:10: attempt to access beyond end of device
[  163.227221][ T4742] loop2: rw=67112961, sector=13448, nr_sectors = 8 limit=0
[  163.245979][ T4742] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0
[  163.261732][ T5770] BTRFS error (device loop2: state A): Transaction aborted (error -5)
[  163.273504][ T5770] BTRFS: error (device loop2: state A) in __btrfs_run_delayed_items:1161: errno=-5 IO failure
[  163.302377][ T5770] BTRFS info (device loop2: state EA): forced readonly
[  163.310801][ T5770] BTRFS warning (device loop2: state EA): Skipping commit of aborted transaction.
[  163.322983][ T5770] BTRFS: error (device loop2: state EA) in cleanup_transaction:2021: errno=-5 IO failure
[  163.336333][ T5770] BTRFS info (device loop2: state EA): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  163.974107][   T27] audit: type=1326 audit(1779343989.902:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6706 comm="syz.1.262" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64e019ce59 code=0x7ffc0000
[  164.077216][   T27] audit: type=1326 audit(1779343989.902:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6706 comm="syz.1.262" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64e019caeb code=0x7ffc0000
[  164.168045][   T27] audit: type=1326 audit(1779343989.902:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6706 comm="syz.1.262" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64e019caeb code=0x7ffc0000
[  164.302067][   T27] audit: type=1326 audit(1779343989.902:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6706 comm="syz.1.262" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64e019caeb code=0x7ffc0000
[  164.341666][   T27] audit: type=1326 audit(1779343989.902:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6706 comm="syz.1.262" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64e019caeb code=0x7ffc0000
[  164.370952][   T27] audit: type=1326 audit(1779343989.902:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6706 comm="syz.1.262" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64e019caeb code=0x7ffc0000
[  164.401869][   T27] audit: type=1326 audit(1779343989.902:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6706 comm="syz.1.262" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64e019caeb code=0x7ffc0000
[  164.429044][   T27] audit: type=1326 audit(1779343989.902:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6706 comm="syz.1.262" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64e019caeb code=0x7ffc0000
[  164.459582][   T27] audit: type=1326 audit(1779343989.902:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6706 comm="syz.1.262" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f64e019caeb code=0x7ffc0000
[  164.499038][ T6720] binder: 6719:6720 unknown command 0
[  164.505751][ T6720] binder: 6719:6720 ioctl c0306201 2000000001c0 returned -22
[  164.515928][ T6720] binder: 6719:6720 ioctl c0306201 0 returned -14
[  164.900643][ T5608] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  165.143585][ T5608] usb 4-1: Using ep0 maxpacket: 8
[  165.168603][ T5608] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  165.209826][ T5608] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  165.232960][ T5608] usb 4-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  165.279306][ T5608] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  165.294700][ T5608] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.324404][ T5608] usbtmc 4-1:16.0: bulk endpoints not found
[  168.791227][  T789] usb 4-1: USB disconnect, device number 10
[  170.553404][ T5608] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  172.674615][ T5608] usb 4-1: Using ep0 maxpacket: 8
[  172.745672][ T5608] usb 4-1: New USB device found, idVendor=0fe9, idProduct=db01, bcdDevice=e9.9b
[  173.003494][ T6791] netlink: 76 bytes leftover after parsing attributes in process `syz.1.288'.
[  173.723570][ T5608] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.731614][ T5608] usb 4-1: Product: syz
[  173.739715][ T5608] usb 4-1: Manufacturer: syz
[  173.744504][ T5608] usb 4-1: SerialNumber: syz
[  174.294755][ T6799] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  174.314187][ T5608] usb 4-1: config 0 descriptor??
[  174.320557][ T5608] usb 4-1: can't set config #0, error -71
[  174.334519][ T6799] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  174.340644][ T6799] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  174.398004][ T5608] usb 4-1: USB disconnect, device number 11
[  174.579134][ T6820] netlink: 76 bytes leftover after parsing attributes in process `syz.3.297'.
[  174.800213][ T6828] netlink: 56 bytes leftover after parsing attributes in process `syz.2.300'.
[  175.060520][ T6841] netlink: 76 bytes leftover after parsing attributes in process `syz.3.306'.
[  175.793578][ T5778] Bluetooth: hci1: command 0x0c1a tx timeout
[  176.356944][ T5778] Bluetooth: hci3: command 0x0419 tx timeout
[  176.363050][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  176.426397][ T6863] netlink: 76 bytes leftover after parsing attributes in process `syz.0.315'.
[  176.817186][ T6845] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  176.841923][ T6845] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  176.866511][ T6845] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  177.114885][ T6874] binder: 6873:6874 unknown command 0
[  177.133297][ T6874] binder: 6873:6874 ioctl c0306201 2000000001c0 returned -22
[  177.170455][ T6874] binder: 6873:6874 ioctl c0306201 0 returned -14
[  177.559193][ T5804] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  177.567271][ T6888] netlink: 76 bytes leftover after parsing attributes in process `syz.0.325'.
[  177.763371][ T5804] usb 4-1: Using ep0 maxpacket: 8
[  177.781164][ T5804] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  177.803362][ T5804] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  177.816732][ T6903] binder: 6902:6903 unknown command 0
[  177.822228][ T6903] binder: 6902:6903 ioctl c0306201 2000000001c0 returned -22
[  177.828946][ T5804] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  177.831747][ T6903] binder: 6902:6903 ioctl c0306201 0 returned -14
[  177.863415][ T5804] usb 4-1: config 16 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  177.911891][ T5804] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  177.935095][ T5804] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  177.945834][ T5804] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.962193][ T5804] usbtmc 4-1:16.0: bulk endpoints not found
[  178.301116][ T6914] netlink: 76 bytes leftover after parsing attributes in process `syz.0.336'.
[  178.843569][ T5778] Bluetooth: hci1: command 0x0c1a tx timeout
[  178.920572][ T5778] Bluetooth: hci3: command 0x0419 tx timeout
[  178.932765][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  180.705311][  T789] usb 4-1: USB disconnect, device number 12
[  180.889981][ T6931] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  180.904836][ T6931] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  180.915166][ T6931] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  181.280047][ T6965] loop1: detected capacity change from 0 to 512
[  181.612051][ T6976] binder: 6975:6976 unknown command 0
[  181.618308][ T6976] binder: 6975:6976 ioctl c0306201 2000000001c0 returned -22
[  181.803351][  T789] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  181.983374][  T789] usb 2-1: Using ep0 maxpacket: 8
[  181.990505][  T789] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  182.008254][  T789] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  182.193344][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  182.207341][  T789] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  182.217717][  T789] usb 2-1: config 16 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  182.228459][  T789] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  182.242386][  T789] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  182.251502][  T789] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.319739][  T789] usbtmc 2-1:16.0: bulk endpoints not found
[  182.946651][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  182.993367][   T51] Bluetooth: hci3: command 0x0419 tx timeout
[  183.841937][ T7013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.373'.
[  184.156224][ T7028] siw: device registration error -23
[  185.279133][ T5804] usb 2-1: USB disconnect, device number 6
[  186.685115][ T5804] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  186.885301][ T5804] usb 2-1: Using ep0 maxpacket: 8
[  186.897976][ T5804] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  186.912792][ T7066] loop2: detected capacity change from 0 to 164
[  186.914307][ T5804] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  186.940258][ T5804] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  186.961063][ T7066] iso9660: Corrupted directory entry in block 2 of inode 1920
[  186.962507][ T5804] usb 2-1: config 16 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  186.994999][ T5804] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  187.033050][ T5804] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  187.052592][ T5804] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.085472][ T5804] usbtmc 2-1:16.0: bulk endpoints not found
[  190.523521][ T5824] usb 2-1: USB disconnect, device number 7
[  190.726348][ T7106] Driver unsupported XDP return value 0 on prog  (id 21) dev N/A, expect packet loss!
[  191.608515][ T7122] ªªªªªª: renamed from vlan0 (while UP)
[  192.943430][ T5804] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  193.163530][ T5804] usb 2-1: Using ep0 maxpacket: 8
[  193.178378][ T5804] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  193.211576][ T5804] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  193.260175][ T5804] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  193.302427][ T5804] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  193.346355][ T5804] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  193.376294][ T5804] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  193.434919][ T5804] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  193.473341][ T5804] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.519570][ T5804] usbtmc: probe of 2-1:16.0 failed with error -22
[  194.363386][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  194.369727][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  194.736207][ T7147] loop2: detected capacity change from 0 to 128
[  194.885653][ T5608] usb 2-1: USB disconnect, device number 8
[  195.324425][ T7154] mmap: syz.1.424 (7154) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  195.582641][ T7158] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  195.932138][ T7162] overlayfs: failed to clone upperpath
[  195.957402][ T7152] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  195.984339][ T7152] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  195.996712][ T7152] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  196.960444][ T7181] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  197.393429][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  198.039355][   T51] Bluetooth: hci3: command 0x0419 tx timeout
[  198.045604][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  199.687352][ T7192] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  199.821378][ T7192] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  200.013693][ T7192] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  200.439200][ T7215] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  201.156215][ T5778] Bluetooth: hci1: command 0x0c1a tx timeout
[  201.703450][  T789] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  201.731717][ T7246] loop3: detected capacity change from 0 to 512
[  201.873544][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  202.007715][  T789] usb 2-1: Using ep0 maxpacket: 8
[  202.014834][  T789] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  202.034200][ T5778] Bluetooth: hci3: command 0x0419 tx timeout
[  202.115216][  T789] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  202.125112][  T789] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  202.135837][  T789] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  202.145821][  T789] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  202.158850][  T789] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  202.169153][  T789] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.311638][ T7258] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  202.414362][  T789] usb 2-1: usb_control_msg returned -32
[  202.420002][  T789] usbtmc 2-1:16.0: can't read capabilities
[  203.511290][ T7275] usbtmc 2-1:16.0: usb_control_msg returned -32
[  204.608468][ T5608] usb 2-1: USB disconnect, device number 9
[  204.774345][ T7298] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  205.388259][ T7287] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  205.396365][ T7287] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  205.402666][ T7287] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  206.698401][ T7336] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  206.957331][ T7322] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  206.969511][ T7322] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  206.985759][ T7322] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  207.399664][ T5806] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  207.593416][ T5806] usb 4-1: Using ep0 maxpacket: 8
[  207.607864][ T7357] loop1: detected capacity change from 0 to 256
[  207.625638][ T5806] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  207.645956][ T5806] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  207.671681][ T5806] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  207.696026][ T5806] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  207.721700][ T5806] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  207.752786][ T5806] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  207.779274][ T5806] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.015566][ T5806] usb 4-1: usb_control_msg returned -32
[  208.031405][ T5806] usbtmc 4-1:16.0: can't read capabilities
[  208.273609][ T5778] Bluetooth: hci1: command 0x0c1a tx timeout
[  208.789961][ T7381] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  208.993459][ T5778] Bluetooth: hci3: command 0x0419 tx timeout
[  208.999532][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  209.091469][ T7389] usbtmc 4-1:16.0: usb_control_msg returned -32
[  209.205958][ T7366] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  209.214152][ T7366] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  209.220446][ T7366] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  210.151410][ T5824] usb 4-1: USB disconnect, device number 13
[  210.993475][ T5778] Bluetooth: hci1: command 0x0c1a tx timeout
[  211.235660][   T51] Bluetooth: hci3: command 0x0419 tx timeout
[  211.241923][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  212.606563][ T7419] loop1: detected capacity change from 0 to 256
[  213.066329][ T7433] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  213.312031][ T7444] loop1: detected capacity change from 0 to 164
[  216.101713][ T7482] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  216.129834][ T7482] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  216.154079][ T7482] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  216.297510][ T7497] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  216.833359][ T5824] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  217.033486][ T5824] usb 3-1: Using ep0 maxpacket: 8
[  217.046580][ T5824] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  217.062101][ T5824] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  217.072424][ T5824] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  217.087934][ T5824] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  217.100766][ T5824] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  217.132278][ T5824] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  217.163169][ T5824] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.263352][ T7519] loop3: detected capacity change from 0 to 764
[  217.294259][ T7519] Symlink component flag not implemented
[  217.300464][ T7519] Symlink component flag not implemented (15)
[  217.409375][ T5824] usb 3-1: usb_control_msg returned -32
[  217.426658][ T5824] usbtmc 3-1:16.0: can't read capabilities
[  217.793452][ T5778] Bluetooth: hci1: command 0x0c1a tx timeout
[  218.207669][ T5778] Bluetooth: hci3: command 0x0419 tx timeout
[  218.214037][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  219.363807][ T7544] usbtmc 3-1:16.0: usb_control_msg returned -32
[  220.444845][ T5824] usb 3-1: USB disconnect, device number 6
[  221.538024][ T7571] loop2: detected capacity change from 0 to 512
[  221.993836][ T5824] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  222.195851][ T5824] usb 3-1: Using ep0 maxpacket: 8
[  222.217733][ T5824] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  222.226312][ T5824] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  222.247502][ T5824] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  222.268267][ T5824] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  222.296834][ T5824] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  222.328208][ T5824] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  222.344538][ T5824] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.597691][ T5824] usb 3-1: usb_control_msg returned -32
[  222.608984][ T5824] usbtmc 3-1:16.0: can't read capabilities
[  223.661089][ T7613] usbtmc 3-1:16.0: INITIATE_CLEAR returned 0
[  223.991918][ T7617] loop3: detected capacity change from 0 to 2048
[  224.059383][ T7617] Alternate GPT is invalid, using primary GPT.
[  224.068362][ T7617]  loop3: p1 p2 p3
[  224.339821][ T5957] udevd[5957]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  224.341003][ T5952] udevd[5952]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  224.355868][ T6068] udevd[6068]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  224.910199][ T5824] usb 3-1: USB disconnect, device number 7
[  225.841439][ T7645] loop1: detected capacity change from 0 to 128
[  225.879279][ T7645] FAT-fs (loop1): bread failed, FSINFO block (sector = 18433)
[  226.552374][ T7656] netlink: 12 bytes leftover after parsing attributes in process `syz.0.584'.
[  226.633431][ T5824] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  226.914185][ T5824] usb 2-1: Using ep0 maxpacket: 8
[  226.927109][ T5824] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  226.935636][ T5824] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  226.946196][ T5824] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  226.956403][ T5824] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  226.966713][ T5824] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  226.980015][ T5824] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  226.990190][ T5824] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.239134][ T5824] usb 2-1: usb_control_msg returned -32
[  227.251786][ T5824] usbtmc 2-1:16.0: can't read capabilities
[  227.735835][ T7677] loop2: detected capacity change from 0 to 7
[  227.752877][ T7677]  loop2:
[  227.760708][ T7677] loop2: partition table partially beyond EOD, truncated
[  228.569306][ T7692] usbtmc 2-1:16.0: INITIATE_CLEAR returned 0
[  229.959972][ T5824] usb 2-1: USB disconnect, device number 10
[  230.066858][   T27] kauditd_printk_skb: 25 callbacks suppressed
[  230.066871][   T27] audit: type=1326 audit(1779344056.002:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7702 comm="syz.1.599" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64e019ce59 code=0x7ffc0000
[  230.150049][   T27] audit: type=1326 audit(1779344056.002:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7702 comm="syz.1.599" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64e019ce59 code=0x7ffc0000
[  230.180162][   T27] audit: type=1326 audit(1779344056.012:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7702 comm="syz.1.599" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64e019ce59 code=0x7ffc0000
[  230.195676][ T7707] loop2: detected capacity change from 0 to 512
[  230.209996][   T27] audit: type=1326 audit(1779344056.012:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7702 comm="syz.1.599" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64e019ce59 code=0x7ffc0000
[  230.240488][   T27] audit: type=1326 audit(1779344056.012:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7702 comm="syz.1.599" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f64e019ce59 code=0x7ffc0000
[  230.293432][   T27] audit: type=1326 audit(1779344056.012:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7702 comm="syz.1.599" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64e019ce59 code=0x7ffc0000
[  230.333341][ T5804] usb 4-1: new full-speed USB device number 14 using dummy_hcd
[  230.343354][   T27] audit: type=1326 audit(1779344056.012:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7702 comm="syz.1.599" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64e019ce59 code=0x7ffc0000
[  230.391251][   T27] audit: type=1326 audit(1779344056.012:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7702 comm="syz.1.599" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f64e019ce59 code=0x7ffc0000
[  230.427535][   T27] audit: type=1326 audit(1779344056.012:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7702 comm="syz.1.599" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f64e019ce59 code=0x7ffc0000
[  230.903725][ T5804] usb 4-1: unable to get BOS descriptor or descriptor too short
[  231.076992][ T5804] usb 4-1: unable to read config index 0 descriptor/start: -71
[  231.322443][ T5804] usb 4-1: can't read configurations, error -71
[  233.085844][ T5806] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  233.633552][ T5806] usb 2-1: Using ep0 maxpacket: 8
[  233.672461][ T5806] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  233.728651][ T5806] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  233.739151][ T5806] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  233.751337][ T5806] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  233.801782][ T5806] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  233.817361][ T5806] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  233.829011][ T5806] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.000815][ T7740] binder: 7738:7740 unknown command 0
[  234.053198][ T7740] binder: 7738:7740 ioctl c0306201 2000000001c0 returned -22
[  234.122508][ T5806] usb 2-1: usb_control_msg returned -32
[  234.130268][ T5806] usbtmc 2-1:16.0: can't read capabilities
[  235.583770][ T7767] usbtmc 2-1:16.0: INITIATE_CLEAR returned 0
[  236.430519][ T7780] binder: 7779:7780 unknown command 0
[  236.437589][ T7780] binder: 7779:7780 ioctl c0306201 2000000001c0 returned -22
[  237.129128][ T5806] usb 2-1: USB disconnect, device number 11
[  237.326984][ T7786] netlink: 28 bytes leftover after parsing attributes in process `syz.3.624'.
[  239.126788][ T7812] binder: 7811:7812 unknown command 0
[  239.142502][ T7812] binder: 7811:7812 ioctl c0306201 2000000001c0 returned -22
[  239.260896][ T7816] binder: 7815:7816 unknown command 0
[  239.269832][ T7816] binder: 7815:7816 ioctl c0306201 2000000001c0 returned -22
[  239.282175][ T7816] binder: 7815:7816 ioctl c0306201 0 returned -14
[  239.510908][ T7820] netlink: 28 bytes leftover after parsing attributes in process `syz.1.634'.
[  240.223777][ T7835] binder: BINDER_SET_CONTEXT_MGR already set
[  240.239842][ T7835] binder: 7834:7835 ioctl 4018620d 200000004a80 returned -16
[  240.270588][ T7839] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  240.311233][ T7840] binder: 7834:7840 ioctl c0306201 0 returned -14
[  240.459319][ T7844] netlink: 28 bytes leftover after parsing attributes in process `syz.1.644'.
[  242.735688][ T7865] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  242.860020][ T7867] netlink: 28 bytes leftover after parsing attributes in process `syz.1.654'.
[  246.172143][ T7901] netlink: 28 bytes leftover after parsing attributes in process `syz.2.664'.
[  246.203053][ T7896] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  246.283026][ T7903] binder: 7902:7903 unknown command 0
[  246.295553][ T7903] binder: 7902:7903 ioctl c0306201 2000000001c0 returned -22
[  247.106681][ T7922] netlink: 20 bytes leftover after parsing attributes in process `syz.1.670'.
[  248.218504][ T7925] netlink: 28 bytes leftover after parsing attributes in process `syz.0.673'.
[  248.864221][ T7928] binder: 7927:7928 unknown command 0
[  248.869658][ T7928] binder: 7927:7928 ioctl c0306201 2000000001c0 returned -22
[  249.455332][ T7939] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  251.109087][ T7958] netlink: 28 bytes leftover after parsing attributes in process `syz.0.683'.
[  251.459456][ T7962] trusted_key: encrypted_key: keylen parameter is missing
[  251.845871][ T7968] netlink: 20 bytes leftover after parsing attributes in process `syz.0.686'.
[  253.033510][ T7973] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  253.753026][   T27] audit: type=1326 audit(1779344079.622:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7977 comm="syz.2.689" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[  253.892541][   T27] audit: type=1326 audit(1779344079.622:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7977 comm="syz.2.689" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[  254.010487][   T27] audit: type=1326 audit(1779344079.622:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7977 comm="syz.2.689" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[  254.117454][ T7984] netlink: 28 bytes leftover after parsing attributes in process `syz.0.692'.
[  254.127972][   T27] audit: type=1326 audit(1779344079.622:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7977 comm="syz.2.689" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[  254.191807][   T27] audit: type=1326 audit(1779344079.622:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7977 comm="syz.2.689" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[  254.263156][   T27] audit: type=1326 audit(1779344079.622:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7977 comm="syz.2.689" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[  254.289094][ T7986] binder: 7985:7986 unknown command 0
[  254.304872][ T7986] binder: 7985:7986 ioctl c0306201 2000000001c0 returned -22
[  254.332613][   T27] audit: type=1326 audit(1779344079.622:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7977 comm="syz.2.689" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[  254.380256][   T27] audit: type=1326 audit(1779344079.622:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7977 comm="syz.2.689" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[  254.430975][   T27] audit: type=1326 audit(1779344079.622:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7977 comm="syz.2.689" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[  254.462173][   T27] audit: type=1326 audit(1779344079.622:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7977 comm="syz.2.689" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f724fd9ce59 code=0x7ffc0000
[  254.518200][ T7994] syz.2.696 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  255.057240][ T7996] netlink: 4 bytes leftover after parsing attributes in process `syz.3.697'.
[  255.127497][ T7996] netlink: 4 bytes leftover after parsing attributes in process `syz.3.697'.
[  255.695537][ T8012] netlink: 20 bytes leftover after parsing attributes in process `syz.0.700'.
[  256.072229][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  256.081709][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  258.857542][ T8042] loop3: detected capacity change from 0 to 64
[  258.940250][ T8042] hfs: get root inode failed
[  260.232565][ T8054] loop2: detected capacity change from 0 to 8192
[  260.543435][ T5824] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  260.763905][ T5824] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  260.787901][ T5824] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  260.818703][ T5824] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  260.909498][ T5824] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  260.987186][ T5824] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  261.057864][ T5824] usb 4-1: Product: syz
[  261.102016][ T5824] usb 4-1: Manufacturer: syz
[  261.143560][ T5824] usb 4-1: SerialNumber: syz
[  262.389666][ T5824] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 16 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  262.893753][ T5824] usb 4-1: USB disconnect, device number 16
[  262.921440][ T5824] usblp0: removed
[  263.592226][ T8072] loop1: detected capacity change from 0 to 1024
[  263.672178][ T8072] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  263.743361][ T8072] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  263.825780][ T8072] EXT4-fs error (device loop1): ext4_get_journal_inode:5820: inode #32: comm syz.1.721: iget: special inode unallocated
[  263.855218][ T8072] EXT4-fs (loop1): no journal found
[  263.869967][ T8072] EXT4-fs (loop1): can't get journal size
[  263.919158][ T8072] EXT4-fs (loop1): filesystem is read-only
[  263.964551][ T8072] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  266.533816][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.143438][  T789] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  267.335112][  T789] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.353453][  T789] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.373366][  T789] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  267.379477][ T5824] IPVS: starting estimator thread 0...
[  267.388544][  T789] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.392995][ T8095] IPVS: sed: FWM 3 0x00000003 - no destination available
[  267.424254][  T789] usb 3-1: config 0 descriptor??
[  267.494143][ T8096] IPVS: using max 18 ests per chain, 43200 per kthread
[  267.879765][  T789] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  267.907890][  T789] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  267.921564][  T789] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  267.937267][  T789] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  267.946436][  T789] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  267.954862][  T789] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  267.962070][  T789] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0
[  267.995005][  T789] cp2112 0003:10C4:EA90.0001: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[  268.095805][  T789] cp2112 0003:10C4:EA90.0001: Part Number: 0x00 Device Version: 0x00
[  268.405472][  T789] cp2112 0003:10C4:EA90.0001: error requesting SMBus config
[  268.435740][  T789] cp2112: probe of 0003:10C4:EA90.0001 failed with error -71
[  268.472969][  T789] usb 3-1: USB disconnect, device number 8
[  273.018923][ T8141] loop3: detected capacity change from 0 to 16
[  273.048142][ T8141] erofs: (device loop3): mounted with root inode @ nid 36.
[  273.068271][ T8141] syz.3.743: attempt to access beyond end of device
[  273.068271][ T8141] loop3: rw=524288, sector=8, nr_sectors = 24 limit=16
[  273.085815][ T8141] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  273.128884][   T27] kauditd_printk_skb: 7 callbacks suppressed
[  273.128974][   T27] audit: type=1800 audit(1779344099.042:76): pid=8141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.743" name="file2" dev="loop3" ino=89 res=0 errno=0
[  273.161669][ T8140] syz.3.743: attempt to access beyond end of device
[  273.161669][ T8140] loop3: rw=524288, sector=16, nr_sectors = 40 limit=16
[  273.177298][ T8140] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  273.188499][ T8140] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[8192]
[  273.199639][ T8140] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[8192]
[  273.216719][ T8140] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[8192]
[  273.227937][ T8140] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[8192]
[  273.240798][ T8140] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[8192]
[  273.253105][ T8140] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[8192]
[  273.888336][ T8162] loop2: detected capacity change from 0 to 2048
[  276.753611][ T8184] loop2: detected capacity change from 0 to 7
[  276.776431][ T8184] Dev loop2: unable to read RDB block 7
[  276.782604][ T8184]  loop2: unable to read partition table
[  276.797686][ T8184] loop2: partition table beyond EOD, truncated
[  276.807428][ T8184] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  280.479444][ T8227] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  282.319012][ T8240] Bluetooth: MGMT ver 1.22
[  282.383655][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  282.602340][ T8244] syzkaller0: entered promiscuous mode
[  282.609103][ T8244] syzkaller0: entered allmulticast mode
[  284.632935][ T8260] loop1: detected capacity change from 0 to 512
[  284.647447][ T8260] EXT4-fs (loop1): Using encoding defined by superblock: utf8-12.1.0 with flags 0x0
[  284.657122][ T8260] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  284.667410][ T8260] EXT4-fs (loop1): The Hurd can't support 64-bit file systems
[  284.751747][ T8062] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  287.700806][   T51] Bluetooth: hci1: unexpected event for opcode 0x1002
[  291.988442][ T8320] loop3: detected capacity change from 0 to 64
[  292.889415][ T8325] bond0: (slave bond_slave_1): Releasing backup interface
[  294.380667][ T8342] loop2: detected capacity change from 0 to 7
[  294.388254][ T8342] Dev loop2: unable to read RDB block 7
[  294.404501][ T8342]  loop2: unable to read partition table
[  294.423936][ T8342] loop2: partition table beyond EOD, truncated
[  294.430143][ T8342] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  295.825372][ T8373] syzkaller0: entered promiscuous mode
[  295.849714][ T8373] syzkaller0: entered allmulticast mode
[  296.792479][ T8387] loop1: detected capacity change from 0 to 128
[  296.923980][ T8387] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  296.941207][ T8387] ext4 filesystem being mounted at /202/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  296.951100][ T8391] loop3: detected capacity change from 0 to 128
[  297.035974][ T8391] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  297.060489][ T8387] EXT4-fs (loop1): shut down requested (1)
[  297.074023][ T8387] fscrypt (loop1, inode 12): Error -5 getting encryption context
[  297.082463][ T8391] ext4 filesystem being mounted at /185/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  297.187089][ T5767] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  297.292636][ T8395] loop1: detected capacity change from 0 to 512
[  297.384072][ T5776] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  297.485719][ T8395] EXT4-fs (loop1): Test dummy encryption mode enabled
[  297.505940][ T8395] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e024e0ad, mo2=0002]
[  297.514620][ T8395] System zones: 1-12
[  297.533172][ T8395] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.776929][ T8395] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  297.815834][ T8395] EXT4-fs error (device loop1): ext4_add_entry:2486: inode #2: comm syz.1.821: Directory hole found for htree leaf block 0
[  297.830628][ T8395] EXT4-fs (loop1): Remounting filesystem read-only
[  297.900054][ T5767] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  298.186315][ T8411] loop1: detected capacity change from 0 to 32768
[  298.252910][ T8411] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  298.312824][ T8411] XFS (loop1): Ending clean mount
[  298.345067][ T8411] XFS (loop1): Quotacheck needed: Please wait.
[  298.433631][ T8411] XFS (loop1): Quotacheck: Done.
[  298.950453][   T27] audit: type=1800 audit(1779344123.400:77): pid=8421 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.825" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=4429 res=0 errno=0
[  299.096721][ T5767] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  300.769717][ T8438] netlink: 14 bytes leftover after parsing attributes in process `syz.1.829'.
[  303.583374][ T8468] syzkaller0: entered promiscuous mode
[  303.605884][ T8468] syzkaller0: entered allmulticast mode
[  303.926995][   T27] audit: type=1326 audit(1779344128.146:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8478 comm="syz.0.845" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc676b9ce59 code=0x0
[  310.056800][ T8527] loop2: detected capacity change from 0 to 7
[  310.105648][ T8527] Dev loop2: unable to read RDB block 7
[  310.123251][ T8527]  loop2: unable to read partition table
[  310.224408][ T8527] loop2: partition table beyond EOD, truncated
[  310.230789][ T8527] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  312.650416][ T8550] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  312.684266][ T8550] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  312.704612][ T8550] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  313.539657][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  314.017116][ T8583] syzkaller0: entered promiscuous mode
[  314.043184][ T8583] syzkaller0: entered allmulticast mode
[  315.011610][   T51] Bluetooth: hci3: command 0x0419 tx timeout
[  315.017672][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  315.242679][ T8598] loop2: detected capacity change from 0 to 7
[  315.286988][ T8598] Dev loop2: unable to read RDB block 7
[  315.292613][ T8598]  loop2: unable to read partition table
[  315.320361][ T8598] loop2: partition table beyond EOD, truncated
[  315.346040][ T8598] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  318.250599][ T8600] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  318.276858][ T8600] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  318.301093][ T8600] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  320.214649][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  320.221170][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  320.460996][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  320.467110][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  320.557567][ T5778] Bluetooth: hci3: command 0x0419 tx timeout
[  321.515689][ T8666] netlink: 168 bytes leftover after parsing attributes in process `syz.2.900'.
[  322.799349][ T8667] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  322.973891][ T8667] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  322.980009][ T8667] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  323.926289][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  324.052525][   T51] Bluetooth: hci1: unexpected event for opcode 0x200c
[  324.290916][   T51] Bluetooth: hci1: unexpected event 0x01 length: 4 > 1
[  325.228984][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  325.242018][   T51] Bluetooth: hci3: command 0x0419 tx timeout
[  325.541093][ T8718] binder: BINDER_SET_CONTEXT_MGR bad uid 60929 != 0
[  325.605371][ T8718] binder: 8717:8718 ioctl 4018620d 200000004a80 returned -1
[  327.424636][ T8735] netlink: 20 bytes leftover after parsing attributes in process `syz.1.920'.
[  331.544918][   T51] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  331.782098][   T51] Bluetooth: hci1: unexpected event for opcode 0x007f
[  332.116620][ T8745] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  332.145546][ T8745] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  332.311101][ T8745] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  333.389611][ T8778] loop3: detected capacity change from 0 to 16
[  333.409591][ T8778] erofs: (device loop3): mounted with root inode @ nid 36.
[  333.425123][ T8777] syz.3.934: attempt to access beyond end of device
[  333.425123][ T8777] loop3: rw=524288, sector=8, nr_sectors = 24 limit=16
[  333.440668][ T8777] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  333.456892][   T27] audit: type=1800 audit(1779344155.418:79): pid=8777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.934" name="file2" dev="loop3" ino=89 res=0 errno=0
[  334.324843][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  334.506096][   T51] Bluetooth: hci3: command 0x0419 tx timeout
[  336.157622][ T8801] netlink: 20 bytes leftover after parsing attributes in process `syz.2.940'.
[  337.435086][ T8817] loop3: detected capacity change from 0 to 16
[  337.818618][ T8817] erofs: (device loop3): mounted with root inode @ nid 36.
[  340.143897][ T8846] netlink: 'syz.3.956': attribute type 10 has an invalid length.
[  340.153602][ T8846] geneve0: entered promiscuous mode
[  340.186556][ T8846] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  340.360635][ T8852] loop2: detected capacity change from 0 to 16
[  340.380531][ T8852] erofs: (device loop2): mounted with root inode @ nid 36.
[  343.512897][ T8884] loop2: detected capacity change from 0 to 16
[  343.552183][ T8884] erofs: (device loop2): mounted with root inode @ nid 36.
[  343.564120][ T8884] syz.2.967: attempt to access beyond end of device
[  343.564120][ T8884] loop2: rw=524288, sector=8, nr_sectors = 24 limit=16
[  344.485234][ T8884] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  344.496588][   T27] audit: type=1800 audit(1779344165.619:80): pid=8884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.967" name="file2" dev="loop2" ino=89 res=0 errno=0
[  346.255934][ T8900] loop2: detected capacity change from 0 to 16
[  346.273328][ T8900] erofs: (device loop2): mounted with root inode @ nid 36.
[  349.365505][ T8925] loop3: detected capacity change from 0 to 16
[  349.425590][ T8925] erofs: (device loop3): mounted with root inode @ nid 36.
[  349.435803][ T8925] syz.3.978: attempt to access beyond end of device
[  349.435803][ T8925] loop3: rw=524288, sector=8, nr_sectors = 24 limit=16
[  349.451635][ T8925] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  349.468736][   T27] audit: type=1800 audit(1779344170.198:81): pid=8925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.978" name="file2" dev="loop3" ino=89 res=0 errno=0
[  350.849408][   T51] Bluetooth: hci3: unexpected event for opcode 0x007f
[  351.941467][   T51] Bluetooth: hci2: unexpected event for opcode 0x007f
[  352.242028][ T8956] loop2: detected capacity change from 0 to 16
[  352.288668][ T8956] erofs: (device loop2): mounted with root inode @ nid 36.
[  352.324146][ T8956] syz.2.988: attempt to access beyond end of device
[  352.324146][ T8956] loop2: rw=524288, sector=8, nr_sectors = 24 limit=16
[  353.877326][ T8956] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  353.969735][   T27] audit: type=1800 audit(1779344174.352:82): pid=8956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.988" name="file2" dev="loop2" ino=89 res=0 errno=0
[  356.809829][ T9002] loop2: detected capacity change from 0 to 16
[  356.841615][ T9002] erofs: (device loop2): mounted with root inode @ nid 36.
[  356.851779][ T9002] syz.2.1002: attempt to access beyond end of device
[  356.851779][ T9002] loop2: rw=524288, sector=8, nr_sectors = 24 limit=16
[  356.865657][ T9002] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  356.877766][   T27] audit: type=1800 audit(1779344177.048:83): pid=9002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1002" name="file2" dev="loop2" ino=89 res=0 errno=0
[  357.905778][    C1] hrtimer: interrupt took 38717 ns
[  358.108673][ T9019] netlink: 'syz.0.1008': attribute type 10 has an invalid length.
[  358.125744][ T9019] geneve0: entered promiscuous mode
[  358.139267][ T9019] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  358.202081][ T9019] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  358.241735][ T9019] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  358.266528][ T9019] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.320216][ T9019] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  360.497327][ T9038] loop2: detected capacity change from 0 to 16
[  360.545328][ T9038] erofs: (device loop2): mounted with root inode @ nid 36.
[  361.493320][ T9038] syz.2.1014: attempt to access beyond end of device
[  361.493320][ T9038] loop2: rw=524288, sector=8, nr_sectors = 24 limit=16
[  361.568999][ T9038] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  361.604000][   T27] audit: type=1800 audit(1779344181.406:84): pid=9038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1014" name="file2" dev="loop2" ino=89 res=0 errno=0
[  361.974947][ T9055] netlink: 'syz.3.1019': attribute type 10 has an invalid length.
[  362.453651][ T9044] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  362.467320][ T9044] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  362.474074][ T9044] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  365.824078][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  365.830242][   T51] Bluetooth: hci3: command 0x0419 tx timeout
[  365.836454][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  366.464128][ T9098] netlink: 'syz.0.1030': attribute type 10 has an invalid length.
[  366.472604][ T9098] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  366.481757][ T9098] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  366.490911][ T9098] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  366.512852][ T9098] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  367.828689][ T9116] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1028'.
[  372.787243][ T5778] Bluetooth: hci3: unexpected event for opcode 0x007f
[  374.096393][ T9166] loop2: detected capacity change from 0 to 16
[  374.107488][ T9166] erofs: (device loop2): mounted with root inode @ nid 36.
[  374.117496][ T9166] syz.2.1045: attempt to access beyond end of device
[  374.117496][ T9166] loop2: rw=524288, sector=8, nr_sectors = 24 limit=16
[  374.140141][ T9166] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  374.159575][   T27] audit: type=1800 audit(1779344192.983:85): pid=9166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1045" name="file2" dev="loop2" ino=89 res=0 errno=0
[  374.180942][ T9165] syz.2.1045: attempt to access beyond end of device
[  374.180942][ T9165] loop2: rw=524288, sector=16, nr_sectors = 40 limit=16
[  374.194631][ T9165] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  374.205663][ T9165] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[8192]
[  374.216701][ T9165] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[8192]
[  375.301495][ T9175] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1048'.
[  380.706827][ T9213] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1060'.
[  383.204469][ T9228] 8021q: VLANs not supported on gre0
[  383.210259][ T9229] lo speed is unknown, defaulting to 1000
[  383.240761][ T9229] lo speed is unknown, defaulting to 1000
[  383.277283][ T9229] lo speed is unknown, defaulting to 1000
[  383.334593][ T9229] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  383.362067][ T9229] lo speed is unknown, defaulting to 1000
[  383.379925][ T9229] lo speed is unknown, defaulting to 1000
[  383.386959][ T9229] lo speed is unknown, defaulting to 1000
[  383.397590][ T9229] lo speed is unknown, defaulting to 1000
[  383.404805][ T9229] lo speed is unknown, defaulting to 1000
[  386.765275][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  386.771758][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  386.928794][ T9266] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1075'.
[  387.048739][ T9266] lo speed is unknown, defaulting to 1000
[  388.706297][ T9277] loop2: detected capacity change from 0 to 16
[  389.035103][ T9277] erofs: (device loop2): mounted with root inode @ nid 36.
[  389.094272][ T9277] syz.2.1073: attempt to access beyond end of device
[  389.094272][ T9277] loop2: rw=524288, sector=8, nr_sectors = 24 limit=16
[  389.141671][ T9277] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  389.159570][   T27] audit: type=1800 audit(1779344206.840:86): pid=9277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1073" name="file2" dev="loop2" ino=89 res=0 errno=0
[  389.209406][ T5778] Bluetooth: hci3: unexpected event for opcode 0x0000
[  393.608965][ T5778] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  393.618427][ T5778] Bluetooth: hci3: Injecting HCI hardware error event
[  393.627421][ T5778] Bluetooth: hci3: hardware error 0x00
[  394.183417][ T9307] syzkaller0: entered promiscuous mode
[  394.194447][ T9307] syzkaller0: entered allmulticast mode
[  394.610125][    T8] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  395.087888][    T8] usb 3-1: config 0 interface 0 altsetting 255 endpoint 0x9 has invalid maxpacket 160, setting to 64
[  395.099987][    T8] usb 3-1: config 0 interface 0 has no altsetting 0
[  395.110191][    T8] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  395.119495][    T8] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  395.127870][    T8] usb 3-1: Product: syz
[  395.132507][    T8] usb 3-1: Manufacturer: syz
[  395.137384][    T8] usb 3-1: SerialNumber: syz
[  395.147110][    T8] usb 3-1: config 0 descriptor??
[  395.164210][    T8] usb 3-1: selecting invalid altsetting 0
[  395.547479][    T8] usb 3-1: USB disconnect, device number 9
[  395.779221][ T9328] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1095'.
[  395.852960][ T5778] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  396.627169][ T9336] loop1: detected capacity change from 0 to 16
[  396.667797][ T9336] erofs: (device loop1): mounted with root inode @ nid 36.
[  396.682137][ T9336] syz.1.1099: attempt to access beyond end of device
[  396.682137][ T9336] loop1: rw=524288, sector=8, nr_sectors = 24 limit=16
[  396.749128][ T9336] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  396.774554][   T27] audit: type=1800 audit(1779344213.875:87): pid=9336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1099" name="file2" dev="loop1" ino=89 res=0 errno=0
[  397.171780][ T9345] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1101'.
[  399.035669][ T9325] netlink: 'syz.0.1095': attribute type 10 has an invalid length.
[  399.051075][ T9345] lo speed is unknown, defaulting to 1000
[  401.023330][ T5778] Bluetooth: hci2: unexpected event for opcode 0x007f
[  401.542603][ T9376] netlink: 'syz.0.1111': attribute type 10 has an invalid length.
[  401.609478][ T9376] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1111'.
[  402.880741][ T9388] netlink: 'syz.0.1116': attribute type 10 has an invalid length.
[  405.457903][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  413.362221][ T5778] Bluetooth: hci1: unexpected event for opcode 0x007f
[  416.602755][ T9494] lo speed is unknown, defaulting to 1000
[  417.478653][ T9495] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  417.485599][ T9495] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  417.679611][ T9514] loop1: detected capacity change from 0 to 16
[  417.689697][ T9514] erofs: (device loop1): mounted with root inode @ nid 36.
[  417.699437][ T9514] syz.1.1154: attempt to access beyond end of device
[  417.699437][ T9514] loop1: rw=524288, sector=8, nr_sectors = 24 limit=16
[  417.722036][ T9514] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  417.735257][   T27] audit: type=1800 audit(1779344233.225:88): pid=9514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1154" name="file2" dev="loop1" ino=89 res=0 errno=0
[  417.756786][ T9514] syz.1.1154: attempt to access beyond end of device
[  417.756786][ T9514] loop1: rw=524288, sector=16, nr_sectors = 40 limit=16
[  417.771848][ T9514] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[4096]
[  417.782891][ T9514] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[8192]
[  417.793939][ T9514] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -23 in[46, 4050] out[8192]
[  418.900536][ T5778] Bluetooth: hci1: command 0x0c1a tx timeout
[  418.932289][ T9532] lo speed is unknown, defaulting to 1000
[  419.680469][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  419.699455][ T9533] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  419.718352][ T9533] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  420.164624][ T9556] IPVS: set_ctl: invalid protocol: 198 255.255.255.255:20003
[  420.196943][ T9556] IPVS: sed: FWM 3 0x00000003 - no destination available
[  420.758633][ T9564] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1172'.
[  420.789846][ T9564] lo speed is unknown, defaulting to 1000
[  421.240767][ T5778] Bluetooth: hci1: command 0x0c1a tx timeout
[  421.966817][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  422.160354][ T9575] lo speed is unknown, defaulting to 1000
[  422.966168][ T5778] Bluetooth: hci2: unexpected event for opcode 0x007f
[  422.976581][ T9578] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  422.995801][ T9578] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  423.341669][ T9593] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1181'.
[  423.362241][ T9593] lo speed is unknown, defaulting to 1000
[  425.150150][ T5778] Bluetooth: hci1: command 0x0c1a tx timeout
[  425.228749][ T5778] Bluetooth: hci2: command 0x0c1a tx timeout
[  426.021792][ T5778] Bluetooth: hci2: unexpected event for opcode 0x007f
[  426.379767][ T9614] lo speed is unknown, defaulting to 1000
[  428.293609][ T9641] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1196'.
[  428.323645][ T9641] lo speed is unknown, defaulting to 1000
[  432.680933][ T9654] lo speed is unknown, defaulting to 1000
[  433.195147][ T9665] IPVS: sed: FWM 3 0x00000003 - no destination available
[  435.155646][ T9691] lo speed is unknown, defaulting to 1000
[  435.600749][ T5778] Bluetooth: hci2: unexpected event for opcode 0x007f
[  435.771821][ T5778] Bluetooth: hci2: unexpected event for opcode 0x007f
[  437.970647][ T9742] lo speed is unknown, defaulting to 1000
[  440.452932][ T9790] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1223'.
[  440.573464][ T9790] lo speed is unknown, defaulting to 1000
[  442.705528][ T9806] lo speed is unknown, defaulting to 1000
[  446.861701][ T9889] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  448.446480][ T9910] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  448.540276][ T9919] 8021q: VLANs not supported on gre0
[  448.546085][ T5778] Bluetooth: hci1: unexpected event for opcode 0x007f
[  448.787831][ T9929] overlayfs: failed to clone upperpath
[  450.943377][ T9946] 8021q: VLANs not supported on gre0
[  451.148671][ T9955] loop2: detected capacity change from 0 to 7
[  451.167806][ T9955] Dev loop2: unable to read RDB block 7
[  451.177629][ T9955]  loop2: AHDI p1 p2 p3
[  451.188462][ T9955] loop2: partition table partially beyond EOD, truncated
[  451.195892][ T9955] loop2: p1 start 1601398130 is beyond EOD, truncated
[  451.202858][ T9955] loop2: p2 start 1702059890 is beyond EOD, truncated
[  453.587838][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  453.594197][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  455.322383][ T5778] Bluetooth: hci2: unexpected event for opcode 0xffff
[  456.022470][ T5778] Bluetooth: hci1: unexpected event for opcode 0x007f
[  459.720629][T10035] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  461.274719][ T5778] Bluetooth: hci1: unexpected event for opcode 0x007f
[  464.612207][ T5778] Bluetooth: hci1: unexpected event for opcode 0x007f
[  464.898907][T10080] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  473.835505][T10165] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  476.545521][ T5778] Bluetooth: hci1: unexpected event for opcode 0x007f
[  477.247569][ T5778] Bluetooth: hci1: unexpected event for opcode 0x007f
[  477.494393][T10183] loop2: detected capacity change from 0 to 7
[  477.512714][T10183] Dev loop2: unable to read RDB block 7
[  477.518311][T10183]  loop2: AHDI p1 p2 p3
[  477.533378][T10183] loop2: partition table partially beyond EOD, truncated
[  477.555047][T10183] loop2: p1 start 1601398130 is beyond EOD, truncated
[  477.567997][T10183] loop2: p2 start 1702059890 is beyond EOD, truncated
[  480.558049][T10211] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  481.438016][ T5778] Bluetooth: hci2: unexpected event for opcode 0x007f
[  484.433005][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  485.045097][   T60] 
[  485.047441][   T60] ============================================
[  485.053570][   T60] WARNING: possible recursive locking detected
[  485.059702][   T60] syzkaller #0 Not tainted
[  485.064091][   T60] --------------------------------------------
[  485.070214][   T60] kworker/u4:4/60 is trying to acquire lock:
[  485.076169][   T60] ffffe8ffffd52b18 (&pd_list->lock){+...}-{2:2}, at: padata_do_serial+0x644/0xa70
[  485.085424][   T60] 
[  485.085424][   T60] but task is already holding lock:
[  485.092770][   T60] ffffe8ffffd55400 (&pd_list->lock){+...}-{2:2}, at: padata_do_serial+0x4db/0xa70
[  485.101964][   T60] 
[  485.101964][   T60] other info that might help us debug this:
[  485.109998][   T60]  Possible unsafe locking scenario:
[  485.109998][   T60] 
[  485.117420][   T60]        CPU0
[  485.120676][   T60]        ----
[  485.123930][   T60]   lock(&pd_list->lock);
[  485.128241][   T60]   lock(&pd_list->lock);
[  485.132542][   T60] 
[  485.132542][   T60]  *** DEADLOCK ***
[  485.132542][   T60] 
[  485.140656][   T60]  May be due to missing lock nesting notation
[  485.140656][   T60] 
[  485.148956][   T60] 3 locks held by kworker/u4:4/60:
[  485.154137][   T60]  #0: ffff888144a59538 ((wq_completion)pencrypt_parallel){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  485.166079][   T60]  #1: ffffc900015b7d00 ((work_completion)(&pw->pw_work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  485.177881][   T60]  #2: ffffe8ffffd55400 (&pd_list->lock){+...}-{2:2}, at: padata_do_serial+0x4db/0xa70
[  485.187535][   T60] 
[  485.187535][   T60] stack backtrace:
[  485.193439][   T60] CPU: 1 PID: 60 Comm: kworker/u4:4 Not tainted syzkaller #0
[  485.200787][   T60] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  485.210824][   T60] Workqueue: pencrypt_parallel padata_parallel_worker
[  485.217590][   T60] Call Trace:
[  485.220948][   T60]  <TASK>
[  485.223927][   T60]  dump_stack_lvl+0x18c/0x250
[  485.228661][   T60]  ? show_regs_print_info+0x20/0x20
[  485.233878][   T60]  ? print_deadlock_bug+0x435/0x5d0
[  485.239076][   T60]  __lock_acquire+0x5dbc/0x7d40
[  485.243907][   T60]  ? debug_object_activate+0x304/0x4f0
[  485.249364][   T60]  ? verify_lock_unused+0x140/0x140
[  485.254560][   T60]  ? mark_lock+0x94/0x320
[  485.258870][   T60]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  485.264828][   T60]  lock_acquire+0x19e/0x420
[  485.269319][   T60]  ? padata_do_serial+0x644/0xa70
[  485.274340][   T60]  ? lockdep_hardirqs_on+0x98/0x150
[  485.279521][   T60]  ? queue_work_on+0x19a/0x1f0
[  485.284285][   T60]  ? read_lock_is_recursive+0x20/0x20
[  485.289637][   T60]  ? __rwlock_init+0x150/0x150
[  485.294382][   T60]  ? generic_gcmaes_encrypt+0x289/0x3d0
[  485.299944][   T60]  _raw_spin_lock+0x2e/0x40
[  485.304484][   T60]  ? padata_do_serial+0x644/0xa70
[  485.309490][   T60]  padata_do_serial+0x644/0xa70
[  485.314324][   T60]  ? padata_parallel_worker+0x44/0x1c0
[  485.319765][   T60]  padata_parallel_worker+0x6f/0x1c0
[  485.325032][   T60]  ? process_scheduled_works+0x96f/0x15d0
[  485.330733][   T60]  process_scheduled_works+0xa5d/0x15d0
[  485.336264][   T60]  ? worker_attach_to_pool+0x380/0x380
[  485.341705][   T60]  ? assign_work+0x3d2/0x5d0
[  485.346279][   T60]  worker_thread+0xa55/0xfc0
[  485.350853][   T60]  kthread+0x2fa/0x390
[  485.354904][   T60]  ? pr_cont_work+0x560/0x560
[  485.359564][   T60]  ? kthread_blkcg+0xd0/0xd0
[  485.364138][   T60]  ret_from_fork+0x48/0x80
[  485.368551][   T60]  ? kthread_blkcg+0xd0/0xd0
[  485.373120][   T60]  ret_from_fork_asm+0x11/0x20
[  485.377905][   T60]  </TASK>
[  485.380994][    C1] vkms_vblank_simulate: vblank timer overrun