last executing test programs:

1m1.692680342s ago: executing program 2 (id=3559):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xd, 0x2, 0xffffffffffffffff, 0x1f5e0305, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x80010000}, 0x50)

1m1.641377449s ago: executing program 2 (id=3560):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r1, 0x7}}, 0x48)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
recvfrom(r2, &(0x7f0000000500)=""/4096, 0x1000, 0x120, &(0x7f0000000200)=@generic={0x15, "b24d6044b39f1a080e854d64dc28355d818f0448f22f7ee2101f6afe0e4773f87c8945b5c46f98c1a49b7e1e2a9b1f051b763cdd691938bce9a3b00f07ef000bcd2f93ae83887a512c2be1415d5256b7d1dd96797ec92d3584e5d3dcf4fd566e6b24354de598a1b2952923ae7dcb82461c4aff80ff6f033c11e82383031d"}, 0x80)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0xb0}, 0x1, 0x0, 0x0, 0x8004}, 0x10)
socket$vsock_stream(0x28, 0x1, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000000), r1, 0x0, 0x1, 0x4}}, 0x20)

1m1.528911815s ago: executing program 2 (id=3561):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
close(0x3)
syz_usb_control_io(r1, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$TIOCL_PASTESEL(r0, 0x40015b19, 0x0)

59.930847173s ago: executing program 2 (id=3576):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88)
mkdir(&(0x7f0000000300)='./bus\x00', 0xc15f0c76038c45c1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r0 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x718bb647156ec3b7)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SNDCTL_TMR_STOP(r1, 0x5402)
ioctl$SNDCTL_SEQ_OUTOFBAND(r1, 0x40085112, &(0x7f0000000080)=@t={0x81, 0x5, 0x0, 0x0, @generic=0xff})
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x200, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='./file0\x00')
open(&(0x7f0000000440)='./file0\x00', 0xe4303, 0x0)

59.917548986s ago: executing program 2 (id=3577):
creat(&(0x7f0000000100)='./file0\x00', 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x80101, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
setpgid(0x0, r0)
chown(&(0x7f00000000c0)='./file0\x00', 0x0, 0xffffffffffffffff)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f0000000040))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000540), 0x1, 0x2)
write(r2, &(0x7f0000000000), 0x0)

59.865004099s ago: executing program 2 (id=3578):
r0 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000000)={0xc, 0x8, 0x144, {0x0}}, 0xfffffffffffffec2)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x28, r3, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x5}]}, 0x28}}, 0x0)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

43.781584671s ago: executing program 32 (id=3578):
r0 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000000)={0xc, 0x8, 0x144, {0x0}}, 0xfffffffffffffec2)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x28, r3, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x5}]}, 0x28}}, 0x0)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

37.549876603s ago: executing program 4 (id=3682):
r0 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @remote}, 0x10)
socket$netlink(0x10, 0x3, 0x8000000004)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
unshare(0x6a040000)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a40)=@newtaction={0xe6c, 0x30, 0x1, 0x0, 0x0, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x8}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe6c}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x8, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x2, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=@migrate={0xa0, 0x21, 0x1, 0x70bd2b, 0xffffffff, {{@in6=@private2, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x2, 0xa}}, [@migrate={0x50, 0x11, [{@in=@local, @in=@broadcast, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@private=0xa010100, 0x3c, 0x4, 0x0, 0x2, 0xa, 0xa}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, &(0x7f0000000240), 0x4)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000000)={0x0, 0xe, "fe4042c317ae82c6d1a51a1e45a7"}, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r4, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r4, 0x8949, &(0x7f0000000000))
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="ad43000000000100000006"], 0x14}, 0x1, 0x0, 0x0, 0x20000054}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x0)
openat$ttyS3(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)

28.580961215s ago: executing program 4 (id=3684):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x5, &(0x7f0000000100)={0x0, 0x8de3, 0x10310, 0x1, 0x4004a, 0x0, r2}, &(0x7f00000003c0)=<r4=>0x0, &(0x7f0000000400)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
ioctl$VT_RESIZEX(r2, 0x560a, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, 0x0, 0x0)
close(r6)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r7, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x12}}, 0x2, 0x0, 0x0, 0x2}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r6, 0x40047459, 0x0)
r8 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r8, 0xc0045005, &(0x7f0000000140)=0x2000)
openat$sndseq(0xffffff9c, &(0x7f0000000240), 0x101000)
write$dsp(0xffffffffffffffff, 0x0, 0x0)
ppoll(&(0x7f00000000c0)=[{r8, 0x9620}], 0x1, 0x0, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f00000001c0)=0x4)
r9 = syz_open_dev$vim2m(0x0, 0x7fffffff, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r9, 0xc008561c, &(0x7f0000000140)={0x2098f907, 0x8})
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
syz_emit_ethernet(0x42, &(0x7f0000000180)=ANY=[@ANYRES32=r3, @ANYRES32=0x41424344, @ANYRESHEX=r9, @ANYBLOB="80046071907800e7080a09df168a00000000"], 0x0)
socket$nl_route(0x10, 0x3, 0x0)

28.568430406s ago: executing program 4 (id=3685):
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x1d5ae, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet_sctp(0x2, 0x5, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x80a02, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_usbip_server_init(0x3)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

28.483236279s ago: executing program 4 (id=3694):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x5, &(0x7f0000000100)={0x0, 0x8de3, 0x10310, 0x1, 0x4004a, 0x0, r2}, &(0x7f00000003c0)=<r4=>0x0, &(0x7f0000000400)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
ioctl$VT_RESIZEX(r2, 0x560a, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
close(r6)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, 0x0, 0x0)
ioctl$PPPIOCGL2TPSTATS(r6, 0x40047459, 0x0)
r9 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r9, 0xc0045005, &(0x7f0000000140)=0x2000)
openat$sndseq(0xffffff9c, &(0x7f0000000240), 0x101000)
write$dsp(0xffffffffffffffff, 0x0, 0x0)
ppoll(&(0x7f00000000c0)=[{r9, 0x9620}], 0x1, 0x0, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f00000001c0)=0x4)
r10 = syz_open_dev$vim2m(0x0, 0x7fffffff, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r10, 0xc008561c, &(0x7f0000000140)={0x2098f907, 0x8})
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
syz_emit_ethernet(0x42, &(0x7f0000000180)=ANY=[@ANYRES32=r3, @ANYRES32=0x41424344, @ANYRESHEX=r10, @ANYBLOB="80046071907800e7080a09df168a00000000"], 0x0)
socket$nl_route(0x10, 0x3, 0x0)

18.538684365s ago: executing program 4 (id=3698):
creat(&(0x7f0000000100)='./file0\x00', 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x80101, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
setpgid(0x0, r0)
chown(&(0x7f00000000c0)='./file0\x00', 0x0, 0xffffffffffffffff)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f0000000040))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_open_dev$vbi(&(0x7f0000000540), 0x1, 0x2)

18.526738908s ago: executing program 4 (id=3699):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
setxattr$trusted_overlay_nlink(&(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000180), &(0x7f0000000200)={'U+', 0x9}, 0x16, 0x2)
r2 = request_key(&(0x7f0000000400)='.request_key_auth\x00', &(0x7f0000000480)={'syz', 0x1}, &(0x7f00000004c0)='\x00', 0xfffffffffffffffa)
keyctl$read(0xb, r2, &(0x7f0000000500)=""/79, 0x4f)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x2000000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff)
r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$I2C_PEC(r4, 0x708, 0x3)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000200)={0x0, 0x4, 0x8, &(0x7f00000001c0)={0x11, "694b68174bf36f5aec48ed65bbb44df72cbbe29ca8a535bed614dfa2844c483711"}})
sendfile(0xffffffffffffffff, r3, 0x0, 0xfffc80)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(0xffffffffffffffff, 0x80045017, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x4004081}, 0xc810)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
unshare(0x22020600)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
fcntl$lock(r6, 0x6, &(0x7f0000002000)={0x1, 0x0, 0x0, 0x1})
fcntl$lock(r6, 0x26, &(0x7f0000000080)={0x0, 0x2})

11.921158319s ago: executing program 33 (id=3699):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
setxattr$trusted_overlay_nlink(&(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000180), &(0x7f0000000200)={'U+', 0x9}, 0x16, 0x2)
r2 = request_key(&(0x7f0000000400)='.request_key_auth\x00', &(0x7f0000000480)={'syz', 0x1}, &(0x7f00000004c0)='\x00', 0xfffffffffffffffa)
keyctl$read(0xb, r2, &(0x7f0000000500)=""/79, 0x4f)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x2000000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ff)
r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$I2C_PEC(r4, 0x708, 0x3)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000200)={0x0, 0x4, 0x8, &(0x7f00000001c0)={0x11, "694b68174bf36f5aec48ed65bbb44df72cbbe29ca8a535bed614dfa2844c483711"}})
sendfile(0xffffffffffffffff, r3, 0x0, 0xfffc80)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(0xffffffffffffffff, 0x80045017, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x4004081}, 0xc810)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
unshare(0x22020600)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
fcntl$lock(r6, 0x6, &(0x7f0000002000)={0x1, 0x0, 0x0, 0x1})
fcntl$lock(r6, 0x26, &(0x7f0000000080)={0x0, 0x2})

5.818797985s ago: executing program 1 (id=3755):
r0 = epoll_create1(0x80000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRESOCT=r0], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES16=r0], 0x50)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0)
getsockname$packet(r6, &(0x7f0000000140)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="340080001000390400"/20, @ANYRES32=r7, @ANYBLOB="81060100040d0000140012800b000100627269646765000004000280"], 0x34}}, 0x20044002)
r8 = socket(0x1, 0x803, 0x0)
r9 = socket(0x10, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="400000001400010f00000000ffdbdf250a000400", @ANYRES32=r10, @ANYBLOB="140006000700000000010400000000000400000014000200fe"], 0x40}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r4, @ANYBLOB="01"], 0x3c}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x110000001, 0x763, &(0x7f0000006680))
r11 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
ioctl$NBD_SET_TIMEOUT(r11, 0xab09, 0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r12 = syz_open_dev$MSR(&(0x7f0000000280), 0x4, 0x0)
read$msr(r12, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
r13 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
setrlimit(0xd, &(0x7f0000000080)={0x3, 0xf})
ioctl$BINDER_WRITE_READ(r13, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000880)="90"})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x4}, 0x38)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'veth0_macvtap\x00'})

4.912734165s ago: executing program 1 (id=3757):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000003c0)='./binderfs/binder1\x00', 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[@ANYBLOB='1q'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000140)={0x0, 0xe, 0x4, 0x2, 0x43, 0x8, &(0x7f0000000240)="7b54309f4e4f39f6ba5b9f19ce41e8deeffa062c9aef29b2c3ab4bd3ad5ecc323c61428155512c5db451ce40bab86eb903920a69866c7a0a723fe24f3a540e711a4da1"})
ptrace$getregset(0x4204, r0, 0x201, &(0x7f0000000000)={0x0})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x24003b84, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_open_procfs$namespace(r0, &(0x7f00000001c0)='ns/cgroup\x00')
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
clock_nanosleep(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x0)
ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4008550c, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x10a65e8a28ff3897, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4001, 0x6, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000000)='westwood\x00', 0x9)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0xfffffd9d)
sendfile(r4, r5, 0x0, 0x8000002b)

3.988022209s ago: executing program 1 (id=3762):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000060000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000004d18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000180)="74fa40b249c0d585699ce70fac7b", 0x0, 0x0, 0x0, 0x0, 0xf0, 0x0, 0x0}, 0x50)

3.892864806s ago: executing program 1 (id=3763):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x8845}, 0x4000)
r4 = openat$sr(0xffffff9c, &(0x7f0000000080), 0x80000, 0x0)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000440)={0x53, 0xfffffffffffffffc, 0x0, 0x3, @buffer={0x0, 0x29, &(0x7f0000000040)=""/41}, &(0x7f0000000200), 0x0, 0x0, 0x1, 0x1, 0x0})
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(r4, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x24, r5, 0x10, 0x70bd27, 0x25dfdbfc, {}, [@L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}, @L2TP_ATTR_MRU={0x6}]}, 0x24}}, 0x4080)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={<r7=>0xffffffffffffffff}, 0x13f, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r6, &(0x7f0000000180)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e25, 0x10001, @local, 0xb}, r7}}, 0x30)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r9=>0x0})
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000400000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', r9}, 0x94)
r10 = getpid()
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r12, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r10}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000300)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x711, @remote, 0xbf}, {0xa, 0x4e20, 0xfffffffe, @mcast2, 0x10001}, r7, 0x403}}, 0x48)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r6, &(0x7f00000002c0)={0x4, 0x8, 0xfa00, {r7, 0x5}}, 0x10)
mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x100004, 0x10001d, 0x40000}, 0x20)
write$RDMA_USER_CM_CMD_CONNECT(r6, &(0x7f0000000380)={0x6, 0x118, 0xfa00, {{0x1, 0x8, "4ca4625e00b5aa95a443d782d859cb2df816a3bc9bd3bf1d11d8b4a7ba9fc6dfb72a8a253215874b349abc806123fd11b1d23eb79cf0385a4cd7b494621f0b26b593bbccdfdf13dbc79be9e9f18b5fb46b9d5a74d7a6dd151c0f37b9e89825f2f99217fb0091568ce14c98b5b462555908260a0e7c7c33fc1ba12df6d0d8fc11847c4b29bd4752fa53802767e26e11475a905215a4d1cfb8a8cc88d605e68145d97c3c2836b7935b66b3583d6633efe51a9cb5426092d85d47a8ca52fe5b7c2083596186c5b4e98f1052759d2233c3fb1e62e4333f0898f89b770b6abe57c92ba6f0e1c64a714686c6f22f7c8f6f79ee56c56d09e95001654229a197d0462e6f", 0x0, 0x4, 0x5, 0xf, 0xd, 0x0, 0x6, 0x1}, r7}}, 0x120)
write$RDMA_USER_CM_CMD_NOTIFY(r6, &(0x7f00000000c0)={0xf, 0x8, 0xfa00, {r7, 0x4}}, 0x10)
setsockopt$inet_mreqn(r2, 0x0, 0x28, &(0x7f0000000080)={@multicast1, @empty}, 0xc)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003400)={0x3c, r1, 0x429, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x18004}, 0x0)

3.433558418s ago: executing program 5 (id=3765):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
process_madvise(r4, &(0x7f00000015c0)=[{0x0, 0xb3c9de750fa141ee}, {&(0x7f0000001600)="7fe370522d6af6625215f1793293827ec1fbafd2669ec71d6ec4f18aaa71edae948611d70900e80e4116a3c114041430f19bd4f37e3c7238ed6e6d46979c2220bde96ffe55c88d2e697fd133e5733e1bbb159ba81a1e8e2fb2e51596", 0x1}, {&(0x7f0000001300)="0454c96113b0da138a30557b0c026d7c7ba28c5cf82e468ed91537d279936ddcf06ef737e0943554457a28db61aea38a154bf19b456388daf4df61c9febcd9b8a2b14929c6f097f4ff11e686a8a37381b9321ae19dd77be474863e35633dec7003568e91eab8e870a93a73b6dea475547a826b25021aecd727c201c9cea0bfba0122b00573c286b821d43d0b4e38ec90b7d08565bf81862bdf5115e75886e742c51e058d0752982da309d53a7c0d320fdbd38bfaa998ff981d15928f783b2728ecc210898685dfc72398e665b7892024c0ab0dcfe9d3fc", 0xd7}, {&(0x7f0000001400)="3e519bc4eb7b0a55b33bdb22cc7ca76aba33506ebcf89e67b16583e68404bbca008b995a73322a4cc7a3c436e94da49121c4f225ccd342612b46beb2f569a7a0423c0cf79f2d94c015b7b47bc11d5fe599214dbe7f92c8a14b6d254a8daa074ece2708f10e912eb72cb22efc14a0d0cc7cea79311ead3200c7aca0e920d83c8d7b92db", 0x83}, {&(0x7f00000017c0)="5b297eb99162bf8668778501ce5385511d7d796a0aed27798b84852b8a9e85799af33e5de7cedbf88498be3b0b5df9f8ef11583a3bc3bdb6a1e5875f7494479905ca1f1feab109950b1be9946ac49c25c786113854b30003b573000a764104358c8b5899a86d2c25b7a2886023cee43b19c199a7c14017514656dcfeca386529d78597365934ca776ce9b8ee9d9e8b6d8c0789555790eaf1c1e6d2707c80f2a1558e720cc345a467af3f378dba06074d8ad43d61a8707a864bf5b7ba049c2b5836366fac540084a1986d713c58a932892237198aef95b616eefe20457d0b28ab35b7e8beefe6990b9bbd1cbb0cda68fd1e20c91a6ccd555cfe9c51d4f7bf082301fc61db5c7afcaa0992098895487418b1e78576e7d8f0989c9f4aff953c2f76c014b559ff40416df4b460e7da2e299bc58c8f83c070a9cfd8e662bdf8e5169baa393b1f2bd2b7bdc7886c3002e81501cc20abbcf665957e1c4a514dd15634a07b5618fbf03d23a93d2829deaeec967fb8f7b05ab4944553e8b96c5700e388e55dc9c60c6948f9382583622a37b7c81dfa5cea56b8e060aac882d0117585e0508c929591a7f0be8dfa96204f7daf90ce74e1891ba5c3ddc17d42cfafc8e12ef4109b5ec4e687389e1f325a6f4325c0eb034306588050973a24d7bf0d0044243cdfd672f4acbc115e81a83170b43a03c713e61c6ba573ea54d59b49b516800d934ae5c48d51551af9ee1f6143f9c4924b842d43208d52e4a34b4ccf167f347608d9c69e3af1a9f5507e35c198be14cff8170c82daa48cea49bbc2db68d8e8bf5752f13ebd80d510799c54d0dbee1792499c71e5db084babf44a431a4728a0f6702b4ad93d1fb5ebfef6a24b1fa057a8511df4c022e818b7af2ec354b47d34653172f75498298f8dc9eca6f478b5f9dc78f7b60401cf27fe9b1eade2d6bf7f50cee7197cd507c2766cc6b2163bd511aaa8d69dcaea44a7f37401faa0979182e51c59cd7b3189d2e8956405a2f27ead1d48b5aa421f04fdd87ef4fb3125a7a84e98719a79608d4bc70424ddc55dab8cb2b144682bca8497add2445319aef1a6db595685f3e0b049da99940d2803bc1ecd976887476cfecbdc66eea6da65e0251cc881f3da972011f37d11bd8828bfb2be9940f2508dcfa8c0e34e9e7a3ea3e7bf04afffca71c03d978507d87ee84241e5dd781c0caa8ad5320f16ed28c89af73a9445fe4c425605f6b58653cbb0909cb9a857b0c0c115104e879e41a2e05ccfcd6866d24ebf622a85ab638eab2ee2a7cf2bbd017a1509d25f65af4f63ed5dcc9586b133d52fd487e4c5238adee5bed4811def93d6723a9d4093b717ffe89209b126feee98bb276851319c2bd94f8327019d130a282fc6cf26d14ed15da2d607937a117bb6ab67fe36fe01562669dd70c649f45cf13240eef58f86f5ef3ae28cdc3e43d9f9d2ba4325a76965a2975e8174503bdfa199a38e0b58db63bcf1e5eb12de33c64b2ef33669fc9949151d8ba011200c884c5be7b84c1754d1ca896ce4ee9d6fb2e6fd4ae106418c800f2f78a7aed2eacb6b70e5aa926d21508e946850d52fc33ca95d00a5ce212e7731228c2d42bfc2881fda943aa8410156694be406a5936ef6ebb26a0a60cdbd5fd960f52bc8e574e9acf24c4d73416d3ef68417a2fe221cfcbffbeb194cfcb9802a5204f01532f8970ede7b7f7b2e093ed20686b545ac67c8d0f628269b373502379f3f3a5bcf1bbf1181d3de177ff5f1e05783e959739468a351bf539913774349129cb27f8a30167d86d2659954ace32de6e92e3fad637031f8f4b75bbb419d30c44c8d35b3db0ec43e7aaeb826a20afd3419439dce1db6112b6c8c236f5d7d563b9f0233c78875e5502cccb45ef8cb6fbcc6da3882ba86e8daa6afbc70f5192e76151e9633069a7d6b94f7b44b95a62f01d554000558deac1bbac044267a4a544ab336e83db60ba9a828dd0cbdc709dd1147a9f5c4b29d1f40eb87b7bafe8a7e29fea3a0e586bf84bb5a2aeeaf6c389e7d48b52f77e53f5b6d30e4d37a19ec2739c6fc80773e29a74ad01d2862e9e249c54a3f845a3045d964e371350282d5ee63a33f5d9d5d2889e60677ad3a78d7e3936f0da3c2a26a7f74ab598a7a0da120c2fe531416750f7dac241fb94962db31a6de323931bd0645510eb72bbddf8ac9ecba6a4b2e4039e36b96354a12d34186c2cefeb434a273c9eba6cbe055527c59815b1ae0b1d845e6d7fa935d7240bb202d42327d45433f214d4e62cbb5b51f354c2d8d232ddeacb829c99c3f4366e4541003f25dda0dff6c38afba9f1eb0383d8d824aa43be4f9784fa9c5181f8a373c3a35c5151b0402399dde92d9a607dc2768b258c9014dfff807f8389f0b8bc913eb0eec400f986dbdce9c616b7b2f7c671625f6881a4350b04117c251f4cba880908a9b2c44b4e886a8f09f3f57da1b04d6f28dfe47e34f1f6d9f8cb23658ec21d36a48d2cc9348dbf4f067446b995138d9bf37f218ab4f5ccbc21f9bf8b904253764fc753113350b69c6701b72c98d2d3697f46431c9cce4c1d089e535fbb1904fa2ff17b3f611300b91316c7f150ae0c6fd2acdcff3b4f49dcabd4ad54632d3dd6ab48e75197c97a52b93a6d5b68acebddfc2bdad5bc0c5f4b2e8b77799e2051e7a6c3a869e0fa5ade0245881e196a9a09d39a638e8d13ee6e667e04128ad6c56d01f18c1f2f624e4dbcd35769de072db3d688d9d91e952666992f0d2717799ee42ebda848735da9fb6b5a99425b940290aa42046a915d952c551ac00215e7d3c6b25fce0f9ef6b6a015be9cb3f1ff234c672d9e34f5d90af85fd5d0660b82d4b7fe851b1e4028f0bf55646b0c0d7161f760a2e598c1703361edf16b0a337cf808eefafd75807bc8caf9599b5e4e13eeb34e574b45bba80dc87eed30555135278751b4f9577a330c832058c680aea14338eff9d74dc7ff736823f6be457f89d50d3a1ec6f3a7228a0f75438587667f4d1307fcb04859728bbc5e4dc08b0e731acef19f37bb3a111d4abdea5960162cfbf89c69a7ac0827a3be22a362bc26759779f516d49acb2bde5b2c6bc32bd822ec771b0d0f106d8cd1e7739407632bd0db40ebaadd0ddb237a0c83448a5f1a6c4c67b6619b930405ea33bf5f80f7979ca431c677f2d46164e890c646f5c385eecff870f61e0da713f15301a7b73027b5927f9db8ddde589fa6f425fa365e38721e0a448ea9fb0dd0988439462d27ad4c3240cb719c6c649e5a0978a5a462c0a4ef4771609f3270848d44f018a655d6571c8876029289de163717cc646ae2159e94505736332e49610d054e43ce5542bbd7f7c61cc30bcb773e79ec6aa05368fd15d88c5b998bf963eebbf934df25d9c9f59cea6b1df3a9000ee2ce057a695de1dc8a1534abc489862e25d9113a14792b271bfa079908bf08d0c6c4eaa4b35a32d56a16c2161fda15087a3fc9c0364915f997c0026ea6d9e7ef9b21d0ef700007aed76cc680990a3a6ea8980ace288f6c53e33b5ecb7c8d5ed3fc79376daa5221a687cc29f67fe85fc34f0eca6970aa4b5bc1ea0d154d7fe551be3659118537557979086791ec737ef6401323114dc7d7664cb7fcc72d48a7cc03ded28888cbafecdc92cfec2dc9f9babf1438b7ba5a947ba1a73f703e293734a2f39cdc9844f99383a604378862d91e86ed9cca7664ea5682d5724473574a206279b95fdbc6a4a3489aabb5847c0ed92c6b4774e3d0510604c379c129f7b23ee80594831d39b88d33e425b0c9aba6c87ddffe6acb9e85693e4f0e8c260786094e7eaf91d8b5cc641715c1455108227104cd8330144d3f300f88edc5bd4264148dcdb55136b596290194804ab82965943dd8e26bfdf31ad6a066a471caaa17752c82e16ad4457b64e05cd30ac3a4310d069fdbf3941ff99b9b9ea0c4c1abb6aaefbad1f6419396c266def91d82ca41dcd5423dbc3d6612a65513e5756d1fed8b8994ad822bba044f1cae538fdb2332eb7b536fca10256fd1a34485944d82a28a71060a0c4da91a8cec97c54d17421a9a365abacd045de779313c83d2901819cd348113eb02f882f49b117f6d4243ffce69a896d0fd27f8f57eca27181a12d60851c21faa3588cfa8777562ac41ae84f73ef0bbea69645630f34686bf8eefd2be84e24ad0705a32d5c064723cd587149b47924cf4e4949dc42a33d8dd10d846ac5d7f6de6a9115307bc6b1269bf2121101db29ceb2af0ab33037ca283f3c828485233435bc9dfcf94ebe51278fb40c83d5e3dcd05e40f7c876ee7e5ebc9dc74f7d1e1449f4dc6f563b26db4b09ed6b430dab97b184f579d2e92693daff76aa9dcfeb631bdbc3514ea131b947e7fa78e86138452c611980df77a6b79d00d2a072f54b2c10a1c41dbe7addd4af58c9d55f1994b6f7aa688f4dc76e9bd02bd0ca3c8d08f6c300459c7508198de70460f1e59e067a261b2da5ecfbc97e89ca5fa1ff3ad3c312f9c9d04d5883ea654d213dd951c8a89d9f4da04614fa6f590d588d337facbdd443f62f7d9e6f78e0f1257fe69ac21bcb1456ab0c5ab32a8f5842fb77704f0e218cb9947e65ec5e96d591fb16317a4e441b6fa1767db363c3c6171601925a245ba14e37def27392d6c2f9a80a628509e0efa5f490dd3fa713870814a06bbfddfa5cbb06383ad303d46e3fc4d89b5552158dc8cf704ec903371f302eb320e801aa1cde570aeb322b3f5c95cfed7b5e1222fa0c71bb550b79d5f18971cab1904ef371b9cfcee444d764d744e270dcf30a6552a15dd67865ea21ca1334845ac7b31b11e3d5b6bab70073fcd0ed9891b1e4ba9a616f01c74671e4b80239a97fe8df9de1bb7196b7e0017b3cfe8d58b570cf641450c7eb82a0dd2f3e784ae4e9b1696c7731f56e10914f40ce2f0231982a588d19216dc29166aca1e272c2532eab01cbfb9c85f5bd72a9ffb4973ee111fabd1ef30b49eb6b085ddf3802f180335375f29da76a29edd3de27deaf6789f09d19caf1e6b146125adf8ac5bf259158863211e692d250962462746cf851c9198f8e2c43a69748db7760d4e2f3a98aaf9233bca7a3f94b36fff09e2a3241308f49b7b45a26918842b65a6a7bde1a5511af94cec0f706bf79a633088afe0c46ae8d61ac33688245bd63a293019e94608ff03cff41c1f798fd54b1f30e35564130f27838108bb6bfdd4e91ffe9a76dbc83f4ccbf7eebb01032808e58de30eb9be1c51440b6619be93d6e7d014ddc7183a4e1817128310e42c9575035f914d76378a0a914d5077ebdddab617a10996b8f398eee59d3b59775dc1e4db102d358615aa9d11cf9a08980be3bfc745f559779b5d40cb6e7c459a16f556eab0175dc4349dcf0143f3dee7f245d2ceb806ce2e636ae725cc0216450b68b3bd0b044a6bf5473524767929e2d03c1b4bab7676fc21928b11ae6d825fc35390d3566dd0adb04fdd74f2c491976fe99c3b6b64133d48ab3a45802920484fcd48c1c6424e97cda1a908373b487e3fe20baba119e9e78058c87bd6739a0bc18c03711d2c67630b5e106cac711324562008bd1243de9762a319c95166896a1f1098ded95b894e91b9516c6ccefa7061cab567fe150fb9c2c30b885fa85307f2d14d35446304d4d77af46d312860887a7b3781b492d98322b2cbbbbf7aabd3974de1e5e4afe31fd401e4989bb42b75ebc4d0306b43c7cd7493a46b2d86b374160bfb63972edae4ce984392007afafdb424d85ad234b59c5f4b248674634acfe10739dfb1a829d7a118f3b8b7e2ee4f5b6622d1d43", 0x1000}, {&(0x7f00000014c0)="6b553f4de4ed875c9fadc16852f54981bcd646a5262fc3900592194638585e3d2e79f074f796720749ddc1a2661dcb2471a47d963fb4d817dfdb5f52dc8ab642030c2c771646051d08609527b36368b80794b8cb63fe817c3379951a047c5026c2e99eae6dc05c6845529fb603666d78c0e1e5f7bca8f1d8584b7409ccaf0da598af64d7bdd2ae21ac4fb4e07dee96a92a8dddecee7ccbede2d0a7d4f2da90dc3eb4ae8895091f05db58a786519f6fc924a465cc46ae6a9b8705de0705b8bab4f10cddc7756c53eadf4aa6e2379fd85e9c5e7bfc", 0xd4}], 0x6, 0x9, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x23b, &(0x7f0000000380)={0x0, 0xce0a, 0x10100, 0x3, 0x370, 0x0, r2}, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_setup(0x8, &(0x7f0000000680)=<r7=>0x0)
io_pgetevents(r7, 0x2, 0x2, &(0x7f00000000c0)=[{}, {}], 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x2d)
r9 = gettid()
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000000380))
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f00000006c0)={'filter\x00', 0x7, 0x4, 0x4dc, 0x10c, 0x2f0, 0x10c, 0x3fc, 0x3fc, 0x3fc, 0x4, &(0x7f00000002c0), {[{{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @mac=@multicast, @dev={0xac, 0x14, 0x14, 0x19}, @dev={0xac, 0x14, 0x14, 0x11}, 0x4, 0x1}}}, {{@arp={@loopback, @multicast2, 0xff000000, 0xff000000, 0x8, 0x4, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, {[0xff, 0xff, 0x0, 0xff, 0x0, 0xff]}}, {@mac=@random="17d19243db5f", {[0x0, 0xff, 0xff, 0xff, 0x0, 0xff]}}, 0x4, 0x5, 0x6f6a, 0x7, 0x3000, 0x1ff, 'bond_slave_0\x00', 'rose0\x00', {0xff}, {}, 0x0, 0x2}, 0xbc, 0x1e4}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x10, 'system_u:object_r:netutils_exec_t:s0\x00'}}}, {{@arp={@rand_addr=0x64010100, @multicast1, 0xff000000, 0xff000000, 0xc, 0x8, {@empty, {[0x0, 0xff, 0xff, 0xff]}}, {@mac=@local, {[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}}, 0xff, 0xffdc, 0x2b0c, 0x2, 0xa, 0x9, 'sit0\x00', 'syzkaller1\x00'}, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @empty, @loopback, @remote, 0x4}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x528)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r12=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x20, r11, 0x1, 0x4000, 0x0, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x24000050}, 0x0)
pipe2(&(0x7f0000001440)={<r13=>0xffffffffffffffff, <r14=>0xffffffffffffffff}, 0x0)
r15 = socket$nl_netfilter(0x10, 0x3, 0xc)
r16 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
r17 = bpf$PROG_LOAD(0x5, &(0x7f0000002380)={0x1f, 0x18, &(0x7f0000001540)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xc}}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r16}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r17}, 0xc)
splice(r15, 0x0, r14, 0x0, 0x3, 0x0)
fcntl$setpipe(r13, 0x4, 0xfffffffffffff000)

3.265740572s ago: executing program 1 (id=3766):
syz_io_uring_setup(0x1c91, &(0x7f0000000440)={0x0, 0x2025, 0x240, 0x2, 0xbfdffffd}, &(0x7f00000003c0)=<r0=>0x0, &(0x7f0000000340))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x108, &(0x7f0000000040)=0x2, 0x0, 0x4)
r1 = io_uring_setup(0x81ce0, &(0x7f0000000500)={0x0, 0x40007068, 0x4})
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000740)={&(0x7f0000001000)}, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x40010, r1, 0x5192d000)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r1, 0x17, &(0x7f0000000300)={0x0}, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0xffffffce, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000002b000b002abd7000000c00018008000000ac14142300"/40], 0x28}, 0x1, 0x0, 0x0, 0x20040880}, 0x20080c40)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x201, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, 0xffffffffffffffff, 0xfffffffffffffe6f)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
lseek(r6, 0x9, 0x0)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000240)={0x30, 0x5, 0x0, {0x0, 0x2, 0x2}}, 0x30)
syz_io_uring_setup(0xd2, &(0x7f00000002c0)={0x0, 0x8440, 0x10, 0x1, 0x30a}, &(0x7f0000000140)=<r7=>0x0, &(0x7f0000000640))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)

3.230142256s ago: executing program 1 (id=3768):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4000)
rseq(&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
futex(&(0x7f0000000000)=0x2, 0xb, 0x2, 0x0, &(0x7f00000000c0)=0x2, 0x2)
futex(&(0x7f000000cffc), 0x5, 0x4, 0x0, 0x0, 0x4ffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$kcm(0x29, 0x5, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000180)={<r3=>0xffffffffffffffff}, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000200)={0x7, 0x8, 0xfa00, {r3, 0x8}}, 0x10)
socket$unix(0x1, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000004, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x8, 0xffffffffffffffff, 0x9, 0x1000000000003, 0xf, 0x80000006}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.179040838s ago: executing program 3 (id=3770):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d000110000000090400"], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000480)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r7, @ANYBLOB="08002600ad1600004000330010000000080211000000080211000000080211000001000000000000010001002d1a40000b0000000000000000040003000b0000000600500000000304006c"], 0x68}}, 0x0)
sendmsg$NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, 0x0, 0x40c4)
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x2c, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x2c}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000380)={0x14, &(0x7f0000001600)=ANY=[@ANYBLOB="20b11700000017fc6fd1929cdd3e2c5045a96ca80500000000000000a21f2e418e232575dfdfa866e2cde4acbdb2bbfa1b9d4455b9a72cb4ce39642845784441786f0a23957089c3fd7f59c7e7b53107a45399c3220edb358f797d95953e0e85ab7e199192c42ef1b5bc58334795169a9a87aaf2cd97e4de153ce0"], &(0x7f0000001700)={0x0, 0x3, 0xfe, @string={0xfe, 0x3, "c35d22b2bac0117abe722436f784d74f0444c3b30de8b1ce81663d0e622f996847a12b8648c12e393095545e7961f75fc2e59190c51804905e8f55f0a359c147480764561127f9d888b2d75e8c751d3382ca0be9a2db1c71d0c5565679185d5b66815c24a660da66c114a85a9a27721440af00fabff6d74882167a2f2d935b3e0813a490bd4c0451f60cd05571807bc7cb6d13b1750b0fb4efc5622876cf3d90fa5f818cd73bc520b01dd0c00775c2234481fda68986a44e5b2005fdb74e709596512ca1de969e80079eb0f03f050400ec25b263081b66fbebf96d5fac07c9056e56d082ad82c14afb9c8fa0dada577c90ee28701025bb9b1320b400"}}, &(0x7f00000002c0)={0x0, 0x22, 0xc, {[@local=@item_4={0x3, 0x2, 0x4, "b7cc5162"}, @local=@item_4={0x3, 0x2, 0x1, "7f6000b8"}, @local=@item_012={0x0, 0x2, 0x4}, @local=@item_012={0x0, 0x2, 0x1}]}}, &(0x7f0000000300)={0x0, 0x21, 0x9, {0x9, 0x21, 0x6, 0xf6, 0x1, {0x22, 0xd03}}}}, &(0x7f00000016c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x13, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r8, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r8, &(0x7f0000000080)={0xa, 0x0, 0xffffffff, @initdev={0xfe, 0x88, '\x00', 0x24, 0x0}, 0x9}, 0xfdf9)
sendto$inet6(r8, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb", 0x94, 0x840, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001580)=[{&(0x7f0000001840)=""/191, 0xbf}], 0x1, 0x1, 0x7)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r8, 0x604ab000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r8, 0x6, 0x23, 0x0, &(0x7f0000000340))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000015c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, r9, 0x0, 0x3, 0x3}, 0x50)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000001bc0))

2.557877481s ago: executing program 3 (id=3773):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$mouse(&(0x7f0000000580), 0x3, 0x600880)
recvmmsg(r2, &(0x7f0000004a00)=[{{&(0x7f0000000640)=@caif=@dgm, 0x80, &(0x7f0000002c40)=[{&(0x7f0000000740)=""/238, 0xee}, {&(0x7f0000000a80)=""/4096, 0x1000}, {&(0x7f0000005ac0)=""/4111, 0x100f}, {&(0x7f00000005c0)=""/35, 0x23}, {&(0x7f0000000840)=""/149, 0x95}, {&(0x7f0000000900)=""/107, 0x6b}, {&(0x7f0000000980)=""/109, 0x6d}, {&(0x7f0000002a80)=""/120, 0x78}, {&(0x7f0000002b00)=""/102, 0x66}, {&(0x7f0000002b80)=""/146, 0x92}], 0xa, &(0x7f0000002cc0)=""/92, 0x5c}}, {{&(0x7f0000002d40)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000002dc0)=""/135, 0x87}, {&(0x7f0000001a80)=""/4096, 0x1000}, {&(0x7f0000003e80)=""/225, 0xe1}], 0x3, &(0x7f0000003f80)=""/123, 0x7b}, 0xcb4e}, {{&(0x7f0000004000)=@generic, 0x80, &(0x7f0000000a00)=[{&(0x7f0000000700)=""/8, 0x8}], 0x1, &(0x7f0000004300)=""/118, 0x76}, 0x8000}, {{&(0x7f0000004380)=@nfc, 0x80, &(0x7f00000048c0)=[{&(0x7f0000004400)=""/150, 0x96}, {&(0x7f00000044c0)=""/231, 0xe7}, {&(0x7f0000004ac0)=""/55, 0x37}, {&(0x7f0000004600)=""/2, 0x2}, {&(0x7f0000004640)=""/37, 0x25}, {&(0x7f0000004680)=""/200, 0xc8}, {&(0x7f0000004780)=""/10, 0xa}, {&(0x7f00000047c0)=""/84, 0x54}, {&(0x7f0000004840)=""/65, 0x41}], 0x9, &(0x7f0000004940)=""/170, 0xaa}, 0x603e}], 0x4, 0x0, &(0x7f0000004a80)={0x77359400})
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000600)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000004100))
ioctl$UFFDIO_WRITEPROTECT(r3, 0xc018aa06, &(0x7f0000000000)={{&(0x7f0000bd8000/0x3000)=nil, 0x3000}, 0x1})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00001b1000/0x4000)=nil, 0x400000, 0x2, 0x2})
r4 = openat$sndtimer(0xffffff9c, 0x0, 0x8000)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r4, 0xc0145401, &(0x7f0000000280)={0x1, 0x3, 0x2, 0x2, 0x5})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000059c0)=ANY=[@ANYBLOB="180000000000000000000005214c023da7050d0000000000850000007b00000018010000646c6c250000000000202000000000ff000000ffffffb7020000000006000000950000000000001458c6d3a542cd0dce156fa962bbf1b7966458c2b7fdf22563e2ab30aee3681a3a221c5c94fea363f6100ea76cb336d875572c767243f0afb064bab38d5a5202c461cd412f5ddb7bc02987b22b62654490870bbab4e5db08f4437d81448367e4b7f7ed45bfc2c326dec3876381a18fa7ebd5dc3cd070bbbeaef0143f1988b1360170937c94500d7c386688a9a61c432d110e6a21c84baccb2950096a1d9d1df9c74b6468a66190630a5007c853"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000a40)='tlb_flush\x00', r6, 0x0, 0xb9}, 0x18)
r7 = syz_io_uring_complete(0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r7, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000380)={0x14, 0x6, 0x1, 0x801, 0x0, 0x0, {0x0, 0x0, 0x4}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x8040)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r5, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f00000003c0)={0x11c, 0x0, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xea}, {0x6, 0x11, 0x9e}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x9}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}, {0x6, 0x11, 0xf801}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x9}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0xba8}, {0x6, 0x11, 0x6}}]}, 0x11c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
r8 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r8, &(0x7f0000003980)={0x2020}, 0x2020)
r9 = syz_io_uring_setup(0x23d, &(0x7f0000000980)={0x0, 0x0, 0x4, 0x1}, &(0x7f00000002c0)=<r10=>0x0, &(0x7f0000000000)=<r11=>0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r9, 0x2def, 0x0, 0x0, 0x0, 0x0)

2.414487985s ago: executing program 5 (id=3774):
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect(r0, &(0x7f00000000c0)=@rc={0x1f, @none, 0x2}, 0x80)
ioctl$VIDIOC_G_AUDOUT(0xffffffffffffffff, 0x80345631, &(0x7f0000000000))
sendto$inet6(r0, 0x0, 0x0, 0x20088004, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @remote, 0x7}, 0x1c)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000380)=ANY=[@ANYBLOB="b8000000190001002dbd7000000000000000003240a13a41cfd2c12188c8b599ee7da4e58ed8c7e3847d00ff0300000000000000180cff0000000000bb00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000020000000000000000000000000000000000000000a000000000000fdffffffff7f40000200000000000008000000000000000001010000"], 0xb8}}, 0x0)
r2 = openat$comedi(0xffffff9c, &(0x7f0000000440)='/dev/comedi0\x00', 0x101001, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f0000000080)={'comedi_bond\x00', [0x3, 0x7, 0x4, 0x3, 0x2f, 0x7, 0x2, 0xf, 0xffc, 0x1, 0x7, 0x1, 0x1003, 0x4, 0xffff, 0xffff, 0xffffffa8, 0x7ffffffb, 0x1ff, 0x3, 0x3ff, 0x10000, 0x8, 0xe2df, 0x2, 0x1, 0x5, 0x3, 0x7, 0x4, 0x7ff]})
setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000080), 0x4)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f00000004c0))
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000140)={<r3=>0x0, 0xad, "b05abbea30661e7013fa95049b19c6c2703601747a0a63f5c20f8c8f1c7a349eb35fd33776152a20093565224cc88f6299b576e2d6f1adc653e8639b6d60d970af3086c16f435b07a10e9453dc336bbaeda8420da9776f255fd52f06c74e087e4a7c0a63b98d6e304551fe1957326157bfe652819753db06fa091151e36260021e8490946e3b66468706392c7e8266da23ebbddebe441ce3cdb5bbcb261b01160eef55642e0bdc1b59403bd9b2"}, &(0x7f0000000040)=0xb5)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000002c0)={0x0, 0xe6d8, 0x10, 0x401, 0x8, 0x7ff, 0xbab8, 0x1, {r3, @in6={{0xa, 0x4e22, 0x8, @rand_addr=' \x01\x00'}}, 0xcb, 0xf15f, 0x8, 0xffffffff, 0xff}}, &(0x7f0000000200)=0xb0)

2.385626476s ago: executing program 5 (id=3775):
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="00b7080000000000007b8af8ff00000000bfa20000000108000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000b10714ff3224146e", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffea7)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="5400000002060500000000000000000000000000050004000000000005000100070000000900020073797a32000000000500050b000000000cba968008001240000000090d000300686173683a6d616300000000"], 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)
pipe2$9p(&(0x7f00000000c0), 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x23a, &(0x7f00000004c0)={0x0, 0x1c2a, 0x10100, 0x2, 0x0, 0x0, r5}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r6, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r9 = inotify_init1(0x0)
read(r9, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080))

1.591263609s ago: executing program 3 (id=3778):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000280)="65e2"})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x0, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

1.581578999s ago: executing program 3 (id=3779):
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x1d5ae, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet_sctp(0x2, 0x5, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
syz_usbip_server_init(0x3)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.455419825s ago: executing program 0 (id=3780):
r0 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @remote}, 0x10)
socket$netlink(0x10, 0x3, 0x8000000004)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
unshare(0x6a040000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a40)=@newtaction={0xe6c, 0x30, 0x1, 0x0, 0x0, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x2, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x4}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x8}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe6c}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x8, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x2, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=@migrate={0xa0, 0x21, 0x1, 0x70bd2b, 0xffffffff, {{@in6=@private2, @in=@rand_addr=0x64010102, 0x0, 0x0, 0x0, 0x2, 0xa}}, [@migrate={0x50, 0x11, [{@in=@local, @in=@broadcast, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@private=0xa010100, 0x3c, 0x4, 0x0, 0x2, 0xa, 0xa}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, &(0x7f0000000240), 0x4)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000000)={0x0, 0xe, "fe4042c317ae82c6d1a51a1e45a7"}, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r3, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r3, 0x8949, &(0x7f0000000000))
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="ad43000000000100000006"], 0x14}, 0x1, 0x0, 0x0, 0x20000054}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x0)
openat$ttyS3(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)

1.422895535s ago: executing program 5 (id=3781):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x8, {"7389b2391921a1f10e2e1913a9edbfdbfcc5d5bbe4185a95132ce6fefaf27a715f5ab28974b261f80c01b2902826a853f9c1f6483f1eefe3eb7d39f90043ed945b2df0213489f81c6532f540b5a73c45d82a853c193e0ca3121c055514e01019311c831a2be1e96f1b984fec3e675cdf3218c11b44a723b61621bc9a55106a555843bdce17206a27035c892ab6665a3d90582b814325fd663f6bedd3c22aece8982acd4ae512b2697336d1f7aaf631c4c8d8e54096ed14cd76b0e1dfdf257d70e45df8b7816825816c947500a38b856585e1831a29e099900009de3dc415481afe31d11e78dbf32ccb456942f2de532b3281cc383f9089c8270e7b16f7adacdf8821c0d7f37b2aa2df95ec738f81ff761372c62c5ea994df4da8f5eacdc2282b74191d9e6d4db8566238a76d95728ddb599e18057ea315589963ab041afe5dd9d56e9f3e002b004eeb9148e70e173a3b0099dab91c51f61c88635c4a048987b61c53d5a2f3f9448a819b8850186fa2b7f564264328fbb4112755688ffdcfda664d0aab41c327b2510c6a75313c7f876ca90278da1282268482aff1e39712ad1db762ae8cb17a38fa65475c05f319f716a3dddc23982a94d7cf29e9909228569cb853244f8436dbd27b7edc15e72f9543e455752a9ad7df2afb0057d310207ac3dc4fecbd96c6d8e23fa7362b76d048df0e5c83543c6fb596b24c3eee38ba3dfcee6877fa2aaf9c59b3aa45c8655fefdf0deafabcc3a361c40a51d0911f85cabf69939452f48e0920a29c65158d56351625436e1991814c3224de8fdf73fe492b188bc0f1c483b538045ab1c5ef74c446844a2b8f752e04f7bb14f1f2c44d7dadc5b2d2f4dbbd43054ba1760538c464847bf20fb9bb4d8f58b76899824392e00112a8ed9af689f3c113d9e691b6a523d4284353ea60b30a9ecf456376742913e29a9a24ac630b9f8bb677efa78bd45885483c9ec7cabd1e4a176a9c70e60432283226f80804819aaf6f1e1628f8ef0789b4796e69f6a7ecf1f3371931265285ee87a2238d4a05ffe386842a0d3a6b5d0b1c07d130e2942c184d2c7af95563b8e10adca66967eed928cc8344e8e56a7e06d5d3a80de73f7c1209958a25eee2cfd43d05a17b25e824ce597f52731ca4ea50a1ecadbd338d1f0a2980d92a2ad5703447f761e6f485ae18778d2082bec7297bace5c300824e4bdc478071a9739b544d6745211f0ba0d0e38da7878173c4c3911f8cde309d6f9c90ae408c44c860efd99d99907d0673a4f1905ed52ef4d06d399f2aad6c3e0be28d24bede0090137ef943c78253166001f630182d728dae64137b745340fe592727ef12c1f330128b75d91dde92c10f489fe59fbbb4df88bb288c596a2104b993c104d8ae13f7d356559360bb3291a9f9f85c696855b0adbf2ef1ff7c360f718a81927868c220e788146dca9382aa1a8f915faa326d134d7a5cbfe7ff3f94fbc6a952b514d6113c063659f9232d44c211f791e5aa72548426b429b32f3c53051320ceb05362949768c7a08da944840c705eb160ac50fa73b57f90cb4c9e56aa1b6065b57c593cfcc417e323dfeeaf1ea7ff878c48d608627b61376201e5c26c65db345d39a7063d832c24b3ded2bfa68f3f2c1355199afd76141c0bb222fe53a5c8d0203e492d3dfc86c5601c72eff344e7e8d584cd75545903436e57f8821b58bc0a220af1bf0a5c2ac54e692efe415e72c86618f9b794960767e9d799df506700077f21fe47c089cdd07af361abf87aa79bea6965b91ba77e99e74b1be59b48c93ec0dfdc7ec48f59c815acdf41aefc40f8821ff397796dd1510c925e40c864a6fcfb1a18714675ad83b7ef04c12eaa35c868de0dc518c5bbb0c8631ad531b4042faa17d0c4da72ae574c407a4252e99aa5f9bd8ecdf1a284ce71be8cd9b124be8b2b5902b3b354bf5b3734b38d30d3e8e4a99e61c4bb0299eb8c31c62d2c31b19411b136b9d836b966d9de27cee73abe5a87d1564cf18e2418d2711160deb1b9c0063d80ef0b32bd0c7ef2a6a8ad6c1c56f1a2fd1056b9a86b89619ec03bcf8c67597ef869c9a2c148648d629852fee56491a37db6829c7bb6a37e069e9ad10cb355aae05aa76d33a0f866de0d8442f85fddae16cfb4fa29f77ee6316c8d859f6679ebf9793714ea461b3a627be79179e16c326c8be3d70bce1c56aa3969d5eb53ba76500522ef46ef2f9e536d89684a46b7b0faa02d6e0206eed8f4bd55efaf0d767cd5e01b6d591b6bfaf4c4ce29116e97ffc87d840963add4834febccd47b130dbbde765606104e62f468a668438368bd996c4f2e0f13a75b76c8ae53d9259ef97faf9ecaf25b930fba76883e23c2973f8306bbdf8d606c9616322ce207096eaeea65edb4b82eb2c217f51dd13c62196c5637f3a58bc289581d4851c40ed1d2d24adef9d46e9dcc4a7711bc683b5618b02f875be52ad9244a494fcefe2d33439e38aabb39aec12f94763dad2edafe20096e45ded0bc8a3e531b6532b34c12189e27db54cb3abf8a13f1d524b1746d74eb47604ed23b58599d13bd7dd4a49c9beb5ef177e70d9d59374b54ec98dc9e516bb32ee49c29562fc7c97ea4d58970c968b6f7bb2afa3f7df94f84ec38fc8b9a77dc35f1889906406687e0900c9768d14e747e8c0dded2795ab4c5fde80dccfe33015358e328571ce1c034310b0e3f7f83d60ab3c5db92cb966037f65889a18d7c0645c86385a323f62a8fa73d43526caf0f48e12d8de5adad105984157cac022c3db7579038879f704ef0a7418fc88d736e0aea4864e6f9bd0baa7924acf37b70340e99fb6e5a29fe11a53ded1ad068cae7e960929e91b30271173609bc88ba14f4849b495ec793a1a6d71b5ee79a045d895e51108ec80830fac4129ecfa203ba9b38320d74a649ebb2b111f43ddcc7f3e3b129f09484bce6ffac0f7bb9082d3f6814741463c341d83eeaefbea48ff3fc4c0ed552cfca4f96a5d602e6cde94e777e85acb554f2be632bbc1171d762048570556d0672e0227bc903c7228578d404baff616419adeecf05ed2ed3d3608774830676472a1887bb342ebe995554f7307e773821c7e180a48a1e8de60896180952e76136bda10e1eebee5ed14eb2ea6c778dccea913bb930fdfc25599190babe0bb30e5da187e993d9f558eac5f78626dfbd39fa5c0b427086b9fd52494becfb20d2d98b57016ae4759ae460b0b10febd1a2c8eef20b27c9349ef93e122b37a47ae2385377118aab97c4a858c001065b957d03dcd3172125794b882070a2754e99940da1aa41f1c1fc6e1a4c4b568cf77b3e9653cab8ce0636ceaa3daffca766e9234e22d59258b815eb18c9bcc59861412ade92dc0e1d6bfcd78a4ef9e6877552d251e775de06af394f6d86df4c4d4ce5bf28a85ecb7d363946d76bbe216433f632e76e0272e43a23f1850a7125cc3ba268a39f9e5adf5039d80348091fbcad2839a2326145dbd02876568971a20ef43e436ffa3cfe0796fe7bfbf63920005feb049babbc0a966df5fbe433258fc3bb11639637b4be68aac80a006729447b5c319383148c27a2a2a87d1286f4d7c7f340e8365e2e7bf894731cd728b31d611f34b2cf56d39fb83823b9b476ea1557745cd17271da1781d89b3e0638214e74756680c568c3cdd52cd0f26f3514ec13aa5d33907bfcd4400266395c351cb32073e0dbd034e47dbb401e6dd866c66a119beb846dacea6934fe90314a0063c12222c0933b6d5ae53f172f0e7659f1fda022ad85e0c58dbfcab8614a44aa63a64031fd0eafbc2c1ab27de248c29074ec60cc476a464a32434b232412b02a996422194977ba736aedf184273bbfd13157963b33d4eff6251fa8068c3ae82eec76277e49ac4ae2db5f7ad099c59e806f0e24bb5f4c68b458aad99b5b23ceb894ac0347c287aac14f3c799dd887a356bc2174f9d469b54bf60dcb2dc035641b1d0ce119daa11ef3003d99e382d1ee26da9e89d8ad019c61928ccfb53448124507a4d362276b2e13f8c4ab5bcef428cb30a77554339f7a2174053d5ce6cd45b98001e7337c36bee77c66b8b59d4b9a0de72b9ff215a8c9c33f0c47efdf17abeb91fe0e8b7d24d8e4be7414cbc2398a0b026a1cb8a0c36f0f847b0bb962b82fe7fc674c3ab7ba268b067e80c6277c968f00ef9ebb6f93627975fb21e84c8c86718d1b5249f0958d1cdd8afc600f3cdb6def32c66443270a97818759ed5cb18ab8b7b8cde90e84bc65d52bcfe256f9c0c87b39c30c3d7154a8ae5895b31770305ca1d3421bed46bb6a273de4fd8de12e3fde60e7a6af6527481c2e8cb275dccfad7579ce9c32769c1690d1def4a417bed6bd2b01205d4a9c5bf207d4985f7dc72746dbfe74dc48ac586b28fac5b0197c38d5ca60e4c6bea2e3d1616e7465cf5c520fab04a7e7b6b3074916a8e6d9f854399047f4271cb395ed6274fb2cd275734e2a484bd3a5e5ff9c62f8446aa9938e9600e9726b5cf095b3fc404db009c971ac5a76e08338662b32dc5aa8dbacd2ed43d30f11a96d4835225f4681e70084b1b34321637e9640c746f7303b3f5624f34ddb9fb63dcd5d42788511888c92593d3f2e125586f77f94647cc19e89fbd30b7bb658db7a6eee494a24a0e4302d9ba4236fbb6bc01bed2e80c360d677fcd901a548029f89853491edae7260090f3d0bc8a30079311e6ad891360db2b4ee35ad01050cb50171226dc13639d86a2e8d46ab4ce5aa4bcca72c77bb6cd86d5efdfe36366a965dc145fc040345c356e97ed110e5d912226c7080f11f4bfe47fb0925187384a4d8109c01aa151544681b3e1372467161cfc93ba7952bfc587dfdc09b4eecb420f8d44146912932ae79b3bbd9953bd34c9ad78b048e77a79b1ba43194a153cfca1322b3889f371ab68ea9f18b6d44ba438ee02c2fb28818fc1f329b9198dfe3147926600407533e201a56020f854bea2a3462a64200ec9adc4bc51d653faa4bcaf549668f19e0887a01412bba08e202929335947950c9a4670bacc32ba5130d76da547d67a47ce4492204834a8fc09b4b901f12506e77aad36f46ebabfbfb6965bd5828015a188ffa0f6678ee64b9d2f5c3852d8743ed051b2e64ee55c1e40ff2e8bd2050dad05020f0de8f59a009788583a47cb02441e843513717beaf70cd7fc18793b99c1facfe7423cbb69b924120d74fadb3917bf309e880da14d19d4891bf1a6597999d0095b7fbc5e8e129eb29fc40809ab2ba24f85e922ff4ae609bb81258796ed6efe61c00ea0183a44d5876b2c9d6bad1b6e0019087fe2b1bb539e26041761a92268344ce94a6e9bbe02ab6b95f26fd670097a8c9aee598106ebd568624f7593e403a4ae51436c9bfb68ace035b75996c73896326d32e6f8e17f4acffdb6ab7d9964a8c67905d776ec6768b0d1b1cc45ed4b7239f47f7d0262e76d919ed628bd67f003766c9832bd90d50f05c3ded8d7e1bb718f6e272f4a4bd954d63b1cf77abe3d13648c90812c57c4fd00dd5eba1133ba6c81cc9df34a2a2a9020bb8356a5e96a2f1528e43e062b0eafe9d2b5f25efa9d261eca9d1ccbca7474391fabd6fe9ca535e3876c68560b648935d6646dd5206766df3b4fafc1e4cbf48ea423d859ef87d7ae1dd633fd98772be2483d86a8e21ee2d17091019f728f230874ecb80d0e7fa491cce9b70728d1609ac9be90b458f7e01428e2ff5d67000228bfba6b72699ae105c84877bd4e3bb582d122886d0e6dc56ef17a8d81d8f809ef0b6e315d1872a180d185e9cb4495b828c2b0a1c40f192", 0x1000}}, 0x1006)
r0 = syz_open_dev$vivid(&(0x7f0000001040), 0x2, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000001080)={0x2, 0x2, 0x2})
r1 = openat$vsock(0xffffff9c, &(0x7f00000010c0), 0x20000, 0x0)
write$UHID_INPUT2(r1, &(0x7f0000001100)={0xc, {0x5a, "219c7ad7a64f2882f82b1f40504adde20cf4ae25d3f32a248b3c8f1df784c9cc9f146ef43eee39211e08a3e1096a12373e3a3edbcc15a857c52db93e7fa3e1c7659736868f9c0ac9bf81005cefe682c227cc876a70a930507eb7"}}, 0x60)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r1, 0xc01064c2, &(0x7f0000001180)={0x0, 0x0, r1})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000001200)={0x4, &(0x7f00000011c0)=[{0x5, 0x4, 0x61, 0x5}, {0xd, 0x7, 0xb9, 0x1}, {0x2961, 0x43, 0x0, 0x5}, {0x3, 0xf8, 0xe, 0x4058}]})
r3 = socket$inet(0x2, 0x3, 0x4)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r2, 0x8030942b, &(0x7f0000001240)={0xa, {0x2a, 0x6, 0x8, 0xfffffffffffffff9, 0x1}})
getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000001280)=0x6, &(0x7f00000012c0)=0x1)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000001300)={0xc, 0x4, 0x4, 0x6}, 0x10)
ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0xd0009411, &(0x7f0000001340)={{0x0, 0xffffffffffffffff, 0x80000000000000, 0x530, 0x100, 0x1000, 0x3ff, 0x0, 0x0, 0x8, 0x9, 0x7f, 0x1, 0xfff, 0xfff}})
r4 = openat$iommufd(0xffffff9c, &(0x7f0000002340), 0x48041, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(r4, 0x3b88, &(0x7f0000002380)={0xc})
ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f00000023c0)='geneve0\x00')
r5 = accept4(r3, &(0x7f0000002400)=@in={0x2, 0x0, @initdev}, &(0x7f0000002480)=0x80, 0x80000)
getsockopt$inet6_int(r5, 0x29, 0xcb, &(0x7f00000024c0), &(0x7f0000002500)=0x4)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r6, 0x84, 0x8, &(0x7f0000002540)=0x7, 0x4)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r3, 0x8983, &(0x7f0000002580)={0x6, 'pimreg1\x00', {0x5675}, 0xbee9})
r7 = syz_open_dev$MSR(&(0x7f00000025c0), 0xe, 0x0)
ioctl$KVM_CAP_STEAL_TIME(r7, 0x4068aea3, &(0x7f0000002600))
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000002680)={0x0, 0x0, r1})
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x7, 0x4010, r1, 0x8000000)
syz_io_uring_setup(0x2f54, &(0x7f00000026c0)={0x0, 0x9d74, 0x1000, 0x1, 0x3b0, 0x0, r1}, &(0x7f0000002740), &(0x7f0000002780)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000002a00)=@IORING_OP_RECVMSG={0xa, 0x81, 0x17, r1, 0x0, &(0x7f00000029c0)={&(0x7f00000027c0)=@pppol2tp={0x18, 0x1, {0x0, <r10=>0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, &(0x7f0000002940)=[{&(0x7f0000002840)=""/230, 0xe6}], 0x1, &(0x7f0000002980)=""/37, 0x25}, 0x0, 0xc0, 0x0, {0x1}})
socket$nl_route(0x10, 0x3, 0x0)
r11 = openat$pfkey(0xffffff9c, &(0x7f0000002a40), 0xa0000, 0x0)
bind$bt_hci(r11, &(0x7f0000002a80)={0x1f, 0x3, 0x3}, 0x6)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000002d00)={&(0x7f0000002ac0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000002cc0)={&(0x7f0000002b00)={0x1a0, 0x1403, 0x100, 0x70bd29, 0x25dfdbfd, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'caif0\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'bond_slave_0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'syzkaller1\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'sit0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_to_team\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'wg1\x00'}}, {{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'batadv_slave_1\x00'}}, {{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'wg2\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'wg2\x00'}}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x4008004}, 0xfa475527f8feb8d3)

1.37553543s ago: executing program 5 (id=3782):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000012c0)=ANY=[], 0x50)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000280)={'bridge0\x00', 0x0})
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x2, 0x1}}, 0x2e)
getsockopt(r4, 0x111, 0x1, 0x0, &(0x7f0000000080))
socket$kcm(0x2, 0xa, 0x2)
write$tun(0xffffffffffffffff, &(0x7f0000000540)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @val={@void, {0x8100, 0x7}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x4000, 0xfffd, 0x3, 0x2f, 0x0, @private=0x1fe1, @multicast1}, {0xa000, 0x6558, 0x8}}}}}}, 0x32)
read$FUSE(r0, &(0x7f0000001480)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000100)={0x50, 0x0, r5, {0x7, 0x2b, 0x0, 0xffffffff82200000, 0x426e, 0xfffe, 0x3c68, 0x7, 0x0, 0x0, 0x1, 0x6}}, 0x50)
epoll_create(0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0003}]})
close_range(r2, r0, 0x2)

1.342817052s ago: executing program 0 (id=3783):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
close(r0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}, 0x2})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_RESET(0xffffffffffffffff, 0x5000, 0x0)
ioprio_get$pid(0x2, 0x0)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x2)
sendto$inet6(r1, 0x0, 0x0, 0x40, &(0x7f00000001c0)={0xa, 0x4e20, 0x7ff, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000f2000000000000000000ff9500000000"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x28000, 0x800}, 0x1c)

1.115243135s ago: executing program 0 (id=3784):
r0 = socket$netlink(0x10, 0x3, 0x400000000000004)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x1000, 0x1000, 0x0, 0x3}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r1, &(0x7f0000000180)={0x2c, 0x2, r3, 0x1000000}, 0x10)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000000000ec0a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1)

1.078782728s ago: executing program 0 (id=3785):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000140), 0x404000, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x14, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0xe}, 0x94) (async)
mmap(&(0x7f0000b31000/0x2000)=nil, 0x2000, 0xe, 0x30, 0xffffffffffffffff, 0x0) (async)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19}) (async)
bind$alg(0xffffffffffffffff, 0x0, 0x0) (async)
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[], 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) (async)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = dup(r1)
getsockname$inet(r2, 0x0, &(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) (async)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) (async)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000040)=0x2, 0xffffffb4)
syz_emit_ethernet(0x0, 0x0, 0x0)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5}) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) (async)
prctl$PR_SET_KEEPCAPS(0x59616d61, 0x1ffffffffffffff) (async)
madvise(&(0x7f000018a000/0x2000)=nil, 0x2000, 0x12) (async, rerun: 64)
syz_clone(0x500, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
close(r0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x1d)

1.013443671s ago: executing program 0 (id=3786):
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="00b7080000000000007b8af8ff00000000bfa20000000108000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000b10714ff3224146e", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffea7)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="5400000002060500000000000000000000000000050004000000000005000100070000000900020073797a32000000000500050b000000000cba968008001240000000090d000300686173683a6d616300000000"], 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)
pipe2$9p(&(0x7f00000000c0), 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x23a, &(0x7f00000004c0)={0x0, 0x1c2a, 0x10100, 0x2, 0x0, 0x0, r5}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r6, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080))

1.011318801s ago: executing program 3 (id=3787):
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x6b142, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x20000041)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r5, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x8)
listen(r6, 0x80000001)
writev(r5, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00', r0}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)

412.575666ms ago: executing program 0 (id=3788):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x8, '\t\x00'}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0xb, "7488dffc"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, &(0x7f0000000980)={0x1, 0xffffffff, 0x8001, 0x5, 0x1, 0x5})
syz_usb_connect$uac1(0x4, 0x0, 0x0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x3, [{0x0, 0x0}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x140c}}, {0x0, 0x0}]})

321.089086ms ago: executing program 5 (id=3789):
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x75fa, 0xe475, 0x0, 0x0, 0x0) (fail_nth: 11)

0s ago: executing program 3 (id=3790):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="7f454c4600040000ff7f08000000000003003e00ecffffff98030000000000004000000000000000560000000000000000000000000038000103"], 0x78)
close(0xffffffffffffffff)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r1, 0x2285, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x800, 0x0, 0x0, 0x1000000000000}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffffff}, &(0x7f0000000580)={0x0, 0x3938700}, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1f)
r4 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000300)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd09, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="2400858a20000103000000001679c25b000000080002000a010101"], 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[])
read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020}, 0x2020)
ioctl$SG_IO(r4, 0x2285, 0x0)

0s ago: executing program 0 (id=3791):
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000200)={'ip6_vti0\x00', <r0=>0x0, 0x29, 0x5, 0x6, 0x2000, 0x0, @private2, @local, 0x7800, 0x7800, 0x4, 0xf07}})
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000017c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYRES16=0x0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@remote, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0xfffffffffffffffe}, 0x0, 0x0, 0x1, 0x0, 0x2, 0x2}, {{@in6=@remote, 0x4d5, 0x32}, 0x0, @in6=@loopback, 0x3501, 0x3, 0x0, 0xb7, 0x1fb, 0xffffffff, 0xfffffff9}}, 0xe8)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
sendmmsg(r4, &(0x7f0000000180), 0x400000000000077, 0x7600)

kernel console output (not intermixed with test programs):

15848] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[  590.383201][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  590.386752][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  590.664888][T15878] syzkaller1: entered promiscuous mode
[  590.666911][T15878] syzkaller1: entered allmulticast mode
[  591.370221][T15899] fuse: Unknown parameter 'grou00000000000000000000'
[  591.433594][T15901] syzkaller1: entered promiscuous mode
[  591.435316][T15901] syzkaller1: entered allmulticast mode
[  591.484323][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  591.487540][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  591.490991][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  591.495162][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  592.138260][T15922] fuse: Unknown parameter 'grou00000000000000000000'
[  592.329996][T15940] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2880'.
[  593.237114][T15952] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  593.708114][    C1] net_ratelimit: 4 callbacks suppressed
[  593.708136][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  593.713805][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  594.819810][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  594.823065][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  595.375512][T15994] netlink: 'syz.1.2899': attribute type 4 has an invalid length.
[  595.518277][T16000] binder_alloc: 15999: binder_alloc_buf, no vma
[  595.680929][T14116] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  595.931590][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  595.934593][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  596.417239][T16018] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2909'.
[  596.425052][T16018] vlan2: entered promiscuous mode
[  596.426872][T16018] batadv0: entered promiscuous mode
[  596.508858][T14116] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  596.683916][T14116] usb 6-1: config 0 has an invalid interface number: 255 but max is 0
[  596.689659][T14116] usb 6-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255
[  596.694347][T14116] usb 6-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  596.699783][T14116] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  596.705265][T14116] usb 6-1: config 0 has no interface number 0
[  596.709162][T14116] usb 6-1: too many endpoints for config 0 interface 255 altsetting 255: 72, using maximum allowed: 30
[  596.714347][T14116] usb 6-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 72
[  596.720415][T14116] usb 6-1: config 0 interface 255 has no altsetting 0
[  596.723740][T14116] usb 6-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  596.727831][T14116] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  596.734566][T14116] usb 6-1: config 0 descriptor??
[  596.741959][T14116] usb-storage 6-1:0.255: USB Mass Storage device detected
[  596.757652][T14116] usb-storage 6-1:0.255: Quirks match for vid 1908 pid 1315: 20000
[  596.872455][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  596.875284][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  596.878057][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  596.957421][   T54] usb 6-1: USB disconnect, device number 32
[  597.055590][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  597.952782][ T1022] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  598.115433][ T1022] usb 6-1: config 0 has no interfaces?
[  598.119347][ T1022] usb 6-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  598.122225][ T1022] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.125037][ T1022] usb 6-1: Product: syz
[  598.126481][ T1022] usb 6-1: Manufacturer: syz
[  598.128237][ T1022] usb 6-1: SerialNumber: syz
[  598.131805][ T1022] usb 6-1: config 0 descriptor??
[  599.267064][    C1] net_ratelimit: 5 callbacks suppressed
[  599.267077][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  599.271500][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  600.378929][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  600.382369][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  600.825571][ T5886] usb 6-1: USB disconnect, device number 33
[  601.393405][T16077] syzkaller1: entered promiscuous mode
[  601.399066][T16077] syzkaller1: entered allmulticast mode
[  601.490861][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.494992][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.686361][T16097] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  601.689295][T16097] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  601.693037][T16097] vhci_hcd vhci_hcd.0: Device attached
[  601.961098][T14116] usb 41-1: new high-speed USB device number 3 using vhci_hcd
[  602.431563][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  602.435326][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  602.439257][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  602.443848][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  602.514579][T16098] vhci_hcd: connection reset by peer
[  602.531450][T14057] vhci_hcd: stop threads
[  602.533473][T14057] vhci_hcd: release socket
[  602.536007][T14057] vhci_hcd: disconnect device
[  603.110739][T16114] syzkaller1: entered promiscuous mode
[  603.113179][T16114] syzkaller1: entered allmulticast mode
[  604.826232][    C1] net_ratelimit: 4 callbacks suppressed
[  604.826250][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  604.831978][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  605.308531][T16151] fuse: Bad value for 'user_id'
[  605.310610][T16151] fuse: Bad value for 'user_id'
[  605.559035][T16159] syzkaller1: entered promiscuous mode
[  605.561550][T16159] syzkaller1: entered allmulticast mode
[  605.938255][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  605.941907][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  605.953639][ T6035] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  606.035096][T16173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2962'.
[  606.170898][T16177] bridge0: port 3(vxlan0) entered blocking state
[  606.173181][T16177] bridge0: port 3(vxlan0) entered disabled state
[  606.175307][T16177] vxlan0: entered allmulticast mode
[  606.177817][T16177] vxlan0: entered promiscuous mode
[  606.798217][T16192] syzkaller1: entered promiscuous mode
[  606.799976][T16192] syzkaller1: entered allmulticast mode
[  607.049889][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  607.052680][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  607.466782][T14116] vhci_hcd: vhci_device speed not set
[  608.002583][ T5886] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  608.005488][ T5886] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  608.161693][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  609.593536][T16223] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  609.595639][T16223] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  609.598563][T16223] vhci_hcd vhci_hcd.0: Device attached
[  609.872212][T14116] usb 43-1: new high-speed USB device number 3 using vhci_hcd
[  609.877736][T16224] vhci_hcd: connection reset by peer
[  609.881015][ T1141] vhci_hcd: stop threads
[  609.882911][ T1141] vhci_hcd: release socket
[  609.884774][ T1141] vhci_hcd: disconnect device
[  610.341095][T16243] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  610.385354][    C1] net_ratelimit: 7 callbacks suppressed
[  610.385376][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  610.390027][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  610.707063][T16266] overlayfs: failed to clone upperpath
[  610.721798][T16269] IPv6: Can't replace route, no match found
[  610.867009][T16276] overlay: ./file1 is not a directory
[  611.497146][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  611.499987][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  612.085089][ T5886] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  612.245415][ T5886] usb 6-1: Using ep0 maxpacket: 8
[  612.248772][ T5886] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  612.252319][ T5886] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  612.256480][ T5886] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  612.260129][ T5886] usb 6-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  612.263592][ T5886] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  612.267821][ T5886] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  612.270767][ T5886] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.275831][ T5886] usbtmc 6-1:16.0: bulk endpoints not found
[  612.570641][T16294] vlan2: entered allmulticast mode
[  612.572692][T16294] batadv0: entered allmulticast mode
[  612.619619][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  612.622149][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  613.141450][T16307] fuse: Bad value for 'fd'
[  613.720833][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  613.724373][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  613.988083][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  613.991499][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  614.375895][T16324] syzkaller1: entered promiscuous mode
[  614.377830][T16324] syzkaller1: entered allmulticast mode
[  614.742007][T16328] binder: 16327:16328 ioctl c0306201 0 returned -14
[  615.027640][ T6035] usb 6-1: USB disconnect, device number 34
[  615.111726][T16346] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  615.113936][T16346] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  615.116738][T16346] vhci_hcd vhci_hcd.0: Device attached
[  615.184848][T16347] vhci_hcd: connection closed
[  615.190315][ T8020] vhci_hcd: stop threads
[  615.199053][ T8020] vhci_hcd: release socket
[  615.205082][ T8020] vhci_hcd: disconnect device
[  615.349449][T14116] vhci_hcd: vhci_device speed not set
[  615.944454][    C1] net_ratelimit: 4 callbacks suppressed
[  615.944472][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  615.949552][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  616.789115][   T34] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  616.949565][   T34] usb 6-1: Using ep0 maxpacket: 8
[  616.953461][   T34] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  616.956594][   T34] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  616.960644][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  616.965029][   T34] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  616.968933][   T34] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  616.972823][   T34] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  616.978479][   T34] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  616.982248][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  616.989867][   T34] usbtmc 6-1:16.0: probe with driver usbtmc failed with error -22
[  617.002342][T16378] syzkaller1: entered promiscuous mode
[  617.004503][T16378] syzkaller1: entered allmulticast mode
[  617.056244][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  617.058893][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  618.168068][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  618.170647][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  618.264821][T14116] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  618.943659][    C2] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  619.154885][T16389] usb usb8: usbfs: process 16389 (syz.2.3036) did not claim interface 0 before use
[  619.290645][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  619.294125][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  619.515099][T14116] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[  619.686092][T14116] usb 7-1: Using ep0 maxpacket: 8
[  619.689020][T14116] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  619.692518][T14116] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  619.695667][T14116] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  619.699860][T14116] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  619.704839][T14116] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  619.707786][T14116] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  619.755363][   T54] usb 6-1: USB disconnect, device number 35
[  619.780040][T16397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3040'.
[  619.930603][T14116] usb 7-1: usb_control_msg returned -32
[  619.935320][T14116] usbtmc 7-1:16.0: can't read capabilities
[  619.949929][T14116] usb 7-1: USB disconnect, device number 40
[  621.118508][T16423] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  621.121318][T16423] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  621.124503][T16423] vhci_hcd vhci_hcd.0: Device attached
[  621.128951][T16426] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3048'.
[  621.161767][ T5336] Bluetooth: hci0: command 0x0406 tx timeout
[  621.197223][T16424] vhci_hcd: connection closed
[  621.197456][ T1141] vhci_hcd: stop threads
[  621.200580][ T1141] vhci_hcd: release socket
[  621.202021][ T1141] vhci_hcd: disconnect device
[  621.503668][    C1] net_ratelimit: 6 callbacks suppressed
[  621.503684][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  621.508826][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  621.569063][T16429] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3052'.
[  621.998613][T16435] infiniband syz1: set down
[  622.001480][T16435] infiniband syz1: added syz_tun
[  622.046362][T16435] RDS/IB: syz1: added
[  622.047846][T16435] smc: adding ib device syz1 with port count 1
[  622.054856][T16435] smc:    ib device syz1 port 1 has pnetid 
[  622.626116][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  622.628852][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  622.957584][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  622.960413][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  623.100395][T16446] usb usb8: usbfs: process 16446 (syz.3.3058) did not claim interface 0 before use
[  623.222600][T16453] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3061'.
[  623.549037][T16465] Bluetooth: hci0: Opcode 0x0401 failed: -112
[  623.727176][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  623.727220][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  623.995749][T16468] rdma_rxe: rxe_newlink: failed to add syz_tun
[  624.128072][T16468] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  624.216480][T16468] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  624.324218][T16468] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  624.419443][T16468] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  624.430708][T16477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3071'.
[  624.503941][ T1141] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  624.519512][ T1141] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  624.535874][ T1141] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  624.536300][   T13] Bluetooth: hci3: Frame reassembly failed (-84)
[  624.539000][ T1141] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  624.544900][   T13] Bluetooth: hci3: Frame reassembly failed (-84)
[  624.839088][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  624.842169][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  625.042170][ T6063] usb 7-1: new high-speed USB device number 41 using dummy_hcd
[  625.202480][ T6063] usb 7-1: Using ep0 maxpacket: 8
[  625.206653][ T6063] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  625.210218][ T6063] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  625.214839][ T6063] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  625.218815][ T6063] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  625.222705][ T6063] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  625.226727][ T6063] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  625.230533][ T6063] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  625.233211][ T6063] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  625.238856][ T6063] usbtmc 7-1:16.0: probe with driver usbtmc failed with error -22
[  625.694363][   T63] Bluetooth: hci0: command 0x0406 tx timeout
[  625.694373][T11731] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  626.222193][T16503] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3081'.
[  626.424127][T16510] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3082'.
[  626.633198][T16511] lo speed is unknown, defaulting to 1000
[  626.731236][ T5336] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  626.731483][T11731] Bluetooth: hci3: command 0x1003 tx timeout
[  626.818212][T16519] rdma_rxe: rxe_newlink: failed to add syz_tun
[  626.989212][T16519] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.063524][    C1] net_ratelimit: 2 callbacks suppressed
[  627.063539][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  627.068528][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  627.073376][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  627.075095][T16519] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.076070][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  627.082054][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  627.189873][T16519] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.270944][T16519] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.409143][   T13] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  627.419022][   T13] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  627.428890][   T13] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  627.439033][   T13] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  627.628851][T16528] Bluetooth: hci0: Opcode 0x0401 failed: -112
[  627.931648][T11731] Bluetooth: hci0: command 0x0406 tx timeout
[  627.932762][ T5336] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  628.109810][T16535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3090'.
[  628.174474][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  628.174516][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  628.187097][ T6063] usb 7-1: USB disconnect, device number 41
[  628.529237][T16548] usb usb8: usbfs: process 16548 (syz.1.3095) did not claim interface 0 before use
[  628.619074][ T6035] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  629.286306][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  629.288807][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  629.442020][T16566] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3101'.
[  629.463714][T14458] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[  629.588068][T16573] usb usb8: usbfs: process 16573 (syz.1.3104) did not claim interface 0 before use
[  629.639358][T14458] usb 7-1: Using ep0 maxpacket: 8
[  629.642865][T14458] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  629.645481][T14458] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  629.648702][T14458] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  629.652746][T14458] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  629.656544][T14458] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  629.661562][T14458] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  629.664572][T14458] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.888259][T14458] usb 7-1: usb_control_msg returned -32
[  629.890527][T14458] usbtmc 7-1:16.0: can't read capabilities
[  630.141611][ T5336] Bluetooth: hci0: command 0x0406 tx timeout
[  630.264062][T16581] usbtmc 7-1:16.0: usb_control_msg returned -32
[  630.266996][   T54] usb 7-1: USB disconnect, device number 42
[  630.474928][T16587] fuse: Unknown parameter 'user00000000000000000000'
[  630.719440][T16594] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  630.722167][T16594] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  630.725367][T16594] vhci_hcd vhci_hcd.0: Device attached
[  630.826768][T16595] vhci_hcd: connection closed
[  630.826984][ T1141] vhci_hcd: stop threads
[  630.830803][ T1141] vhci_hcd: release socket
[  630.832607][ T1141] vhci_hcd: disconnect device
[  630.834761][T16599] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3113'.
[  632.034688][T16622] usb usb8: usbfs: process 16622 (syz.3.3120) did not claim interface 0 before use
[  632.319640][T16630] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3123'.
[  632.365593][ T5336] Bluetooth: hci0: command 0x0406 tx timeout
[  632.397274][ T9713] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  632.557580][ T9713] usb 6-1: Using ep0 maxpacket: 8
[  632.565949][ T9713] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  632.568896][ T9713] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  632.571916][ T9713] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  632.575543][ T9713] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  632.578578][ T9713] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  632.582750][ T9713] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  632.585793][ T9713] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.632558][    C1] net_ratelimit: 7 callbacks suppressed
[  632.632572][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  632.636729][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  632.808751][ T9713] usb 6-1: usb_control_msg returned -32
[  632.810615][ T9713] usbtmc 6-1:16.0: can't read capabilities
[  632.922326][T16635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3122'.
[  633.043099][T16640] lo speed is unknown, defaulting to 1000
[  633.124288][T14458] usb 7-1: new high-speed USB device number 43 using dummy_hcd
[  633.189729][T16643] usbtmc 6-1:16.0: usb_control_msg returned -32
[  633.193473][ T9713] usb 6-1: USB disconnect, device number 36
[  633.298221][T14458] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  633.302490][T14458] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  633.306703][T14458] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  633.309406][T14458] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.314761][T14458] usb 7-1: config 0 descriptor??
[  633.319271][T14458] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  633.733592][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  633.736172][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  634.297921][T16655] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  634.300708][T16655] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  634.302484][T16662] usb usb8: usbfs: process 16662 (syz.3.3131) did not claim interface 0 before use
[  634.315961][T16659] vhci_hcd: connection closed
[  634.316150][T16655] vhci_hcd vhci_hcd.0: Device attached
[  634.320741][ T1141] vhci_hcd: stop threads
[  634.322525][ T1141] vhci_hcd: release socket
[  634.324454][ T1141] vhci_hcd: disconnect device
[  634.362858][T16667] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3133'.
[  634.509649][T16674] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3132'.
[  634.845423][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  634.848534][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  635.073776][T16678] fuse: Unknown parameter 'user_i00000000000000000000'
[  635.273243][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  635.277143][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  635.280746][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  635.308205][T16687] usb usb8: usbfs: process 16687 (syz.1.3141) did not claim interface 0 before use
[  635.432949][T16694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3138'.
[  635.616238][T16695] lo speed is unknown, defaulting to 1000
[  635.756416][T16697] overlay: ./file1 is not a directory
[  635.957295][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  637.215032][ T5886] usb 7-1: USB disconnect, device number 43
[  637.233019][T16702] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3144'.
[  637.285049][ T5336] Bluetooth: hci4: unexpected Set CIG Parameters response data
[  637.878055][T16712] syzkaller1: entered promiscuous mode
[  637.879887][T16712] syzkaller1: entered allmulticast mode
[  637.945744][T16715] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  637.948212][T16715] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  637.951465][T16715] vhci_hcd vhci_hcd.0: Device attached
[  638.018907][T16716] vhci_hcd: connection closed
[  638.022673][   T13] vhci_hcd: stop threads
[  638.026605][   T13] vhci_hcd: release socket
[  638.028102][   T13] vhci_hcd: disconnect device
[  638.067850][T16720] binder: BINDER_SET_CONTEXT_MGR already set
[  638.070194][T16720] binder: 16719:16720 ioctl 4018620d 80004a80 returned -16
[  638.180882][    C1] net_ratelimit: 3 callbacks suppressed
[  638.180895][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  638.186129][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  638.694170][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  638.697118][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  638.790372][T14458] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  639.176413][T16741] usb usb8: usbfs: process 16741 (syz.2.3155) did not claim interface 0 before use
[  639.292762][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  639.296371][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  640.391179][T16761] netlink: 'syz.1.3159': attribute type 2 has an invalid length.
[  640.393897][T16761] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3159'.
[  640.415202][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  640.418684][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  640.830275][T16775] lo speed is unknown, defaulting to 1000
[  640.877757][T16776] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3163'.
[  641.516572][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  641.619391][ T5336] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  641.625439][ T5336] Bluetooth: hci4: Injecting HCI hardware error event
[  642.450388][T16797] Bluetooth: hci0: Opcode 0x0401 failed: -112
[  643.055941][   T63] Bluetooth: hci4: command 0x0406 tx timeout
[  643.066277][T11731] Bluetooth: hci4: hardware error 0x00
[  643.376887][   T54] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  643.387878][T16818] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3175'.
[  643.606940][   T63] Bluetooth: hci4: unexpected Set CIG Parameters response data
[  643.606980][   T63] Bluetooth: hci4: unexpected event for opcode 0x2062
[  643.739999][    C1] net_ratelimit: 6 callbacks suppressed
[  643.740011][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  643.740087][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.595373][   T63] Bluetooth: hci0: command 0x0406 tx timeout
[  644.598036][ T5336] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  644.601035][T16829] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  644.851874][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.855299][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  645.279679][T11731] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  645.963782][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  645.966995][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  646.818998][T11731] Bluetooth: hci0: command 0x0406 tx timeout
[  646.904536][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  646.907572][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  646.910159][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  647.075602][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  649.043036][T11731] Bluetooth: hci0: command 0x0406 tx timeout
[  649.299136][    C1] net_ratelimit: 4 callbacks suppressed
[  649.299149][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  649.303459][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  650.239963][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  650.243552][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  650.411088][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  650.414665][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  651.522921][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  651.526359][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  652.645280][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  652.648139][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  652.718297][T16867] lo speed is unknown, defaulting to 1000
[  652.770203][T16877] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3181'.
[  652.806127][T16879] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3186'.
[  653.215760][T11731] Bluetooth: hci0: unexpected Set CIG Parameters response data
[  653.220156][T11731] Bluetooth: hci0: unexpected event for opcode 0x2062
[  653.983523][T16903] lo speed is unknown, defaulting to 1000
[  654.153234][   T54] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  654.593558][T16937] usb usb8: usbfs: process 16937 (syz.2.3200) did not claim interface 0 before use
[  654.664196][T16935] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  654.666250][T16935] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  654.672313][T16935] vhci_hcd vhci_hcd.0: Device attached
[  654.858255][    C1] net_ratelimit: 2 callbacks suppressed
[  654.858268][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  654.862460][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  654.933069][ T6063] usb 43-1: new high-speed USB device number 4 using vhci_hcd
[  654.936181][T16945] vhci_hcd: connection reset by peer
[  654.938568][T14057] vhci_hcd: stop threads
[  654.940701][T14057] vhci_hcd: release socket
[  654.943086][T14057] vhci_hcd: disconnect device
[  655.125643][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  655.128259][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  655.130794][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  655.970059][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  655.972658][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  657.081957][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  657.084958][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  657.256609][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  657.509709][T11731] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  657.513649][T11731] Bluetooth: hci0: Injecting HCI hardware error event
[  657.518124][ T5336] Bluetooth: hci0: hardware error 0x00
[  659.733394][ T5336] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  660.406821][ T6063] vhci_hcd: vhci_device speed not set
[  660.417400][    C1] net_ratelimit: 9 callbacks suppressed
[  660.417414][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  660.421748][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  661.434136][T16970] lo speed is unknown, defaulting to 1000
[  661.485859][T16976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3204'.
[  661.529269][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  661.531895][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  662.144762][T16994] usb usb8: usbfs: process 16994 (syz.1.3210) did not claim interface 0 before use
[  662.312668][T16997] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  662.312685][T16997] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  662.312852][T16997] vhci_hcd vhci_hcd.0: Device attached
[  662.347644][T16977] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  662.641030][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  662.643543][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  662.704068][ T6033] usb 39-1: new high-speed USB device number 2 using vhci_hcd
[  662.738772][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  663.144808][T17013] lo speed is unknown, defaulting to 1000
[  663.325310][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  663.328779][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  663.657321][T16998] vhci_hcd: connection reset by peer
[  663.660921][ T1141] vhci_hcd: stop threads
[  663.662740][ T1141] vhci_hcd: release socket
[  663.665304][ T1141] vhci_hcd: disconnect device
[  663.752939][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  663.755684][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  665.007730][T17062] syzkaller1: entered promiscuous mode
[  665.010462][T17062] syzkaller1: entered allmulticast mode
[  665.987238][    C1] net_ratelimit: 2 callbacks suppressed
[  665.987259][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  665.992253][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.732981][T17094] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  666.736189][T17094] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  666.740209][T17094] vhci_hcd vhci_hcd.0: Device attached
[  666.746332][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.750111][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.753504][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  666.789083][ T1022] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  666.960001][ T1022] usb 6-1: Using ep0 maxpacket: 8
[  666.963376][ T1022] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  666.967072][ T1022] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  666.970578][ T1022] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  666.973879][ T1022] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  666.977917][ T1022] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  666.980716][ T1022] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  667.003283][ T6063] usb 43-1: new high-speed USB device number 5 using vhci_hcd
[  667.088329][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  667.091037][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  667.200889][ T1022] usb 6-1: usb_control_msg returned -71
[  667.202749][ T1022] usbtmc 6-1:16.0: can't read capabilities
[  667.208449][ T1022] usb 6-1: USB disconnect, device number 37
[  668.094165][T17095] vhci_hcd: connection reset by peer
[  668.096799][ T1141] vhci_hcd: stop threads
[  668.100945][ T1141] vhci_hcd: release socket
[  668.102903][ T1141] vhci_hcd: disconnect device
[  668.145069][T17121] syzkaller1: entered promiscuous mode
[  668.147412][T17121] syzkaller1: entered allmulticast mode
[  668.211737][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  668.215234][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  668.218897][ T6033] vhci_hcd: vhci_device speed not set
[  668.819052][T17145] syzkaller1: entered promiscuous mode
[  668.822041][T17145] syzkaller1: entered allmulticast mode
[  669.014904][T17153] netlink: 212388 bytes leftover after parsing attributes in process `syz.0.3261'.
[  669.014947][T17153] openvswitch: netlink: Message has 5 unknown bytes.
[  669.017294][T17153] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3261'.
[  669.249533][T17126] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  669.294636][T17160] lo speed is unknown, defaulting to 1000
[  669.340358][T17161] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3263'.
[  669.987123][T17172] syzkaller0: entered promiscuous mode
[  669.988886][T17172] syzkaller0: entered allmulticast mode
[  670.192751][T17186] lo speed is unknown, defaulting to 1000
[  670.240999][T17188] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3273'.
[  670.548020][T17201] netlink: 212388 bytes leftover after parsing attributes in process `syz.3.3275'.
[  670.550618][T17201] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3275'.
[  671.038556][T17187] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  671.347069][T17211] syzkaller1: entered promiscuous mode
[  671.349306][T17211] syzkaller1: entered allmulticast mode
[  671.393496][T17216] binder: 17215:17216 ioctl 4018620d 0 returned -22
[  671.478002][T17218] lo speed is unknown, defaulting to 1000
[  671.519499][T17220] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3284'.
[  671.535693][    C1] net_ratelimit: 8 callbacks suppressed
[  671.535705][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  671.540044][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  671.664296][ T6052] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  672.434637][T17244] netlink: 212388 bytes leftover after parsing attributes in process `syz.0.3290'.
[  672.437827][T17244] openvswitch: netlink: Message has 5 unknown bytes.
[  672.443351][T17244] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3290'.
[  672.460629][T17246] syzkaller1: entered promiscuous mode
[  672.462415][T17246] syzkaller1: entered allmulticast mode
[  672.465702][ T6063] vhci_hcd: vhci_device speed not set
[  672.658101][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  672.661902][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  673.121296][T17251] lo speed is unknown, defaulting to 1000
[  673.173313][T17256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3294'.
[  673.289241][   T54] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  673.551326][T17266] binder: 17265:17266 ioctl 4018620d 0 returned -22
[  673.588374][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  673.591812][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  673.595344][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  673.759249][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  673.761818][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  674.506766][T17290] netlink: 212388 bytes leftover after parsing attributes in process `syz.0.3306'.
[  674.512994][T17290] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3306'.
[  674.618876][T17292] lo speed is unknown, defaulting to 1000
[  674.736042][T17277] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  674.786686][T17298] lo speed is unknown, defaulting to 1000
[  674.831808][T17299] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3308'.
[  674.967968][ T6052] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  677.094882][    C1] net_ratelimit: 5 callbacks suppressed
[  677.097505][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  677.101356][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  678.206616][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  678.209784][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  679.061991][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  679.065465][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  679.318413][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  679.320975][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  679.831961][ T6035] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  680.430431][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  681.371240][T11731] Bluetooth: hci2: command 0x0406 tx timeout
[  682.493503][    C0] net_ratelimit: 3 callbacks suppressed
[  682.493517][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  682.498034][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  682.524196][T17368] netlink: 212388 bytes leftover after parsing attributes in process `syz.0.3321'.
[  682.527727][T17368] openvswitch: netlink: Message has 5 unknown bytes.
[  682.532808][T17368] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3321'.
[  682.653931][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  682.656799][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  682.960380][T17377] syzkaller1: entered promiscuous mode
[  682.962460][T17377] syzkaller1: entered allmulticast mode
[  683.084101][T17379] lo speed is unknown, defaulting to 1000
[  683.132246][T17380] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3324'.
[  683.359694][ T6052] e1000 0000:00:06.0 eth0: Reset adapter
[  683.466673][ T6052] e1000 0000:00:06.0 eth0: Reset adapter
[  683.765704][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  683.765743][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  684.317928][T17390] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  684.877618][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  684.880181][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  685.819198][ T6052] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  685.989360][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  688.212981][    C1] net_ratelimit: 6 callbacks suppressed
[  688.212994][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  688.217275][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  689.324779][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  689.327323][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  690.097685][ T6035] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  690.436588][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  690.439188][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  691.377428][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  691.380078][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  691.382685][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  693.211594][T17434] lo speed is unknown, defaulting to 1000
[  693.315112][T17443] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3335'.
[  693.658723][T17442] netlink: 212388 bytes leftover after parsing attributes in process `syz.1.3334'.
[  693.664051][T17442] net_ratelimit: 5 callbacks suppressed
[  693.664065][T17442] openvswitch: netlink: Message has 5 unknown bytes.
[  693.681852][T17442] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3334'.
[  693.772082][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  693.775429][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  694.183955][ T5336] Bluetooth: hci2: unexpected Set CIG Parameters response data
[  694.187537][ T5336] Bluetooth: hci2: unexpected event for opcode 0x2062
[  694.883875][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  694.883912][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  695.658629][T17479] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  695.740082][ T6052] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  696.006401][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  696.009042][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  696.861838][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  696.865422][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  696.868906][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  698.477052][ T5336] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  698.479786][ T5336] Bluetooth: hci2: Injecting HCI hardware error event
[  698.483495][ T5336] Bluetooth: hci2: hardware error 0x00
[  699.331240][    C1] net_ratelimit: 4 callbacks suppressed
[  699.331259][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  699.336144][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  700.272138][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  700.274723][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  700.361987][ T1466] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  700.443019][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  700.445594][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  700.699734][ T5336] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  701.554904][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  701.557427][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  702.666730][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  704.231603][T17507] lo speed is unknown, defaulting to 1000
[  704.292501][T17511] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3346'.
[  704.390390][T17516] netlink: 212388 bytes leftover after parsing attributes in process `syz.2.3347'.
[  704.482746][T17512] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3347'.
[  704.794882][T17527] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  704.797016][T17527] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  704.801251][T17527] vhci_hcd vhci_hcd.0: Device attached
[  704.890306][    C1] net_ratelimit: 7 callbacks suppressed
[  704.890319][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  704.894757][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  705.082809][ T6063] usb 39-1: new high-speed USB device number 3 using vhci_hcd
[  705.603153][T17528] vhci_hcd: connection reset by peer
[  705.605285][T14060] vhci_hcd: stop threads
[  705.606767][T14060] vhci_hcd: release socket
[  705.608066][T14060] vhci_hcd: disconnect device
[  706.002139][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  706.002177][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  706.661565][T17552] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  706.773014][ T6052] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  707.113995][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  707.116520][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  708.236498][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  708.239669][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  709.166610][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  709.169959][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  710.449439][    C1] net_ratelimit: 4 callbacks suppressed
[  710.449453][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  710.453960][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  710.524787][ T6063] vhci_hcd: vhci_device speed not set
[  710.631351][ T6035] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  711.561336][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  711.564609][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  712.673065][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  712.675830][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  713.784888][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  713.787550][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  714.907441][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  715.206759][ T1466] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  715.356469][ T1466] usb 6-1: device descriptor read/64, error -71
[  715.623649][ T1466] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  715.773848][ T1466] usb 6-1: device descriptor read/64, error -71
[  715.865058][T17600] netlink: 212388 bytes leftover after parsing attributes in process `syz.2.3361'.
[  715.868277][T17600] net_ratelimit: 5 callbacks suppressed
[  715.868287][T17600] openvswitch: netlink: Message has 5 unknown bytes.
[  715.876893][T17600] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3361'.
[  715.902150][ T1466] usb usb6-port1: attempt power cycle
[  716.019224][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  716.021877][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  716.265109][ T1466] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  716.287213][ T1466] usb 6-1: device descriptor read/8, error -71
[  716.553785][ T1466] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  716.576017][ T1466] usb 6-1: device descriptor read/8, error -71
[  716.703919][ T1466] usb usb6-port1: unable to enumerate USB device
[  717.120376][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  717.120420][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  717.798899][T17607] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  718.020471][T17618] lo speed is unknown, defaulting to 1000
[  718.072380][T17623] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3368'.
[  718.232237][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  718.235703][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  719.178856][T17636] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  719.181104][T17636] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  719.183924][T17636] vhci_hcd vhci_hcd.0: Device attached
[  719.344098][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  719.347073][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  719.461792][ T6063] usb 43-1: new high-speed USB device number 6 using vhci_hcd
[  720.053986][T17637] vhci_hcd: connection reset by peer
[  720.057513][ T8020] vhci_hcd: stop threads
[  720.059021][ T8020] vhci_hcd: release socket
[  720.061028][ T8020] vhci_hcd: disconnect device
[  720.455882][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  720.547359][T17640] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  720.549854][T17640] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  720.552530][T17640] vhci_hcd vhci_hcd.0: Device attached
[  720.640692][T17645] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  720.643598][T17645] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  720.647314][T17645] vhci_hcd vhci_hcd.0: Device attached
[  720.747375][T17641] vhci_hcd: connection closed
[  720.747570][   T13] vhci_hcd: stop threads
[  720.752809][   T13] vhci_hcd: release socket
[  720.755478][   T13] vhci_hcd: disconnect device
[  720.830165][ T6035] vhci_hcd: vhci_device speed not set
[  721.001108][ T1466] usb 41-1: new high-speed USB device number 4 using vhci_hcd
[  721.477759][T17646] vhci_hcd: connection reset by peer
[  721.480772][ T8020] vhci_hcd: stop threads
[  721.482386][    C0] net_ratelimit: 10 callbacks suppressed
[  721.482396][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  721.482487][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  721.482562][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  721.482637][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  721.496933][ T8020] vhci_hcd: release socket
[  721.498513][ T8020] vhci_hcd: disconnect device
[  721.567884][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  721.571425][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  722.690199][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  722.693323][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  723.791308][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  723.793835][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  724.568277][T17679] lo speed is unknown, defaulting to 1000
[  724.615064][T17680] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3384'.
[  724.904586][ T6063] vhci_hcd: vhci_device speed not set
[  725.106224][   T34] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[  725.286343][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  725.289988][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  725.293355][   T34] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  725.297341][   T34] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  725.300434][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  725.304567][   T34] usb 6-1: config 0 descriptor??
[  725.958266][   T34] usbhid 6-1:0.0: can't add hid device: -71
[  725.960264][   T34] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  725.964530][   T34] usb 6-1: USB disconnect, device number 42
[  726.442644][ T1466] vhci_hcd: vhci_device speed not set
[  726.538282][T17714] rdma_rxe: rxe_newlink: failed to add syz_tun
[  726.732350][T17719] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.788840][T17719] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.864145][T17719] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.870261][    C2] net_ratelimit: 4 callbacks suppressed
[  726.870311][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  726.870400][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  726.870471][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  726.870540][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  726.931439][T17719] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  726.959476][ T6052] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  727.024537][   T13] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  727.043686][ T1141] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  727.045824][ T1141] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  727.046103][ T1141] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  727.137458][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  727.137506][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  727.437456][T17716] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  728.238634][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  728.241211][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  728.411436][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  729.350553][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  729.353535][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  732.429563][    C1] net_ratelimit: 5 callbacks suppressed
[  732.429578][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  732.434284][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  732.436861][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  732.696652][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  732.700093][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  733.779309][T17742] lo speed is unknown, defaulting to 1000
[  733.797777][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  733.801527][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  733.826908][T17748] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3394'.
[  734.920236][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  734.923087][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  735.295164][T17790] syz1: rxe_newlink: already configured on syz_tun
[  735.861195][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  735.981469][T17786] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  736.107859][   T54] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  738.245142][    C1] net_ratelimit: 5 callbacks suppressed
[  738.245156][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  738.250610][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  739.357109][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  739.360398][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.468712][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.472053][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.639873][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.642802][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.645459][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  741.409654][T14116] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  743.804227][    C1] net_ratelimit: 4 callbacks suppressed
[  743.804248][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  743.810239][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  744.060835][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  744.063739][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  744.368765][T17820] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  744.371070][T17820] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  744.373936][T17820] vhci_hcd vhci_hcd.0: Device attached
[  744.444089][T17821] vhci_hcd: connection closed
[  744.444755][   T13] vhci_hcd: stop threads
[  744.463306][   T13] vhci_hcd: release socket
[  744.470704][   T13] vhci_hcd: disconnect device
[  744.899430][T17828] lo speed is unknown, defaulting to 1000
[  744.916092][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  744.918709][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  744.945334][T17830] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3409'.
[  745.557449][   T54] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  745.741183][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  745.744746][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  745.747915][   T54] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  745.752599][   T54] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  745.755612][   T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  745.759720][   T54] usb 6-1: config 0 descriptor??
[  746.038482][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  746.041110][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  746.411801][   T54] usbhid 6-1:0.0: can't add hid device: -71
[  746.418809][   T54] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  746.423545][   T54] usb 6-1: USB disconnect, device number 43
[  747.139670][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  747.139710][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  747.236861][   T54] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  747.573556][T17868] rdma_rxe: rxe_newlink: failed to add syz_tun
[  747.733777][T17859] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  747.737889][T17868] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  747.795617][T17868] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  747.869852][T17868] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  747.944819][T17868] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  748.031209][ T1145] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  748.039887][ T1145] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  748.046540][ T1145] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  748.053749][ T8020] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  749.364636][    C1] net_ratelimit: 5 callbacks suppressed
[  749.364650][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  749.369520][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  750.321522][ T1145] bridge_slave_1: left allmulticast mode
[  750.323322][ T1145] bridge_slave_1: left promiscuous mode
[  750.325409][ T1145] bridge0: port 2(bridge_slave_1) entered disabled state
[  750.328729][ T1145] bridge_slave_0: left allmulticast mode
[  750.330524][ T1145] bridge_slave_0: left promiscuous mode
[  750.332558][ T1145] bridge0: port 1(bridge_slave_0) entered disabled state
[  750.475147][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  750.477814][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  751.027568][ T1145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  751.033713][ T1145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  751.038868][ T1145] bond0 (unregistering): Released all slaves
[  751.113219][ T1145] : left promiscuous mode
[  751.182498][ T1145] tipc: Disabling bearer <udp:s>
[  751.192042][ T1145] tipc: Left network mode
[  751.407619][ T1145] hsr_slave_0: left promiscuous mode
[  751.409932][ T1145] hsr_slave_1: left promiscuous mode
[  751.434941][ T1145] veth1_macvtap: left promiscuous mode
[  751.436795][ T1145] veth0_macvtap: left promiscuous mode
[  751.440380][ T1145] veth1_vlan: left promiscuous mode
[  751.443125][ T1145] veth0_vlan: left promiscuous mode
[  753.255379][ T1145] IPVS: stop unused estimator thread 0...
[  757.054367][T17922] rdma_rxe: rxe_newlink: failed to add syz_tun
[  757.191519][T17922] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  757.255578][T17922] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  757.323078][T17922] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  757.398577][T17922] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  757.407077][T17911] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  757.471582][T17931] lo speed is unknown, defaulting to 1000
[  757.476758][ T1141] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  757.486384][ T1141] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  757.494516][ T1141] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  757.500821][ T1145] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  757.516047][T17933] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3429'.
[  757.691594][ T6052] e1000 0000:00:06.0 eth0: Reset adapter
[  757.694553][T17918] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  758.009559][T17946] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  758.011695][T17946] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  758.014276][T17946] vhci_hcd vhci_hcd.0: Device attached
[  758.090471][T17947] vhci_hcd: connection closed
[  758.094352][ T8018] vhci_hcd: stop threads
[  758.102673][ T8018] vhci_hcd: release socket
[  758.107974][ T8018] vhci_hcd: disconnect device
[  758.227959][T17958] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  758.230065][T17958] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  758.232670][T17958] vhci_hcd vhci_hcd.0: Device attached
[  759.483841][T17959] vhci_hcd: connection closed
[  759.484690][ T1145] vhci_hcd: stop threads
[  759.494457][ T1145] vhci_hcd: release socket
[  759.496007][ T1145] vhci_hcd: disconnect device
[  759.727651][T17983] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  759.729841][T17983] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  759.732572][T17983] vhci_hcd vhci_hcd.0: Device attached
[  759.786628][   T60] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  759.804578][T17984] vhci_hcd: connection closed
[  759.804984][ T8018] vhci_hcd: stop threads
[  759.810699][ T8018] vhci_hcd: release socket
[  759.812457][ T8018] vhci_hcd: disconnect device
[  759.980399][   T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  759.983832][   T60] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  759.986919][   T60] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  760.240424][ T6052] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  760.860339][   T60] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  760.863195][   T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  760.867491][   T60] usb 6-1: config 0 descriptor??
[  761.519574][   T60] usbhid 6-1:0.0: can't add hid device: -71
[  761.521513][   T60] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  761.525005][   T60] usb 6-1: USB disconnect, device number 44
[  768.199541][T18007] rdma_rxe: rxe_newlink: failed to add syz_tun
[  768.199954][T18008] rdma_rxe: rxe_newlink: failed to add syz_tun
[  768.288013][T18012] lo speed is unknown, defaulting to 1000
[  768.337294][T18016] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3441'.
[  768.444915][T18008] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.454957][T18007] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.458658][ T6052] e1000 0000:00:06.0 eth0: Reset adapter
[  768.580890][T18007] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.588577][T18008] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.664118][T18007] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.712370][T18008] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.808349][T18007] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.862354][T18008] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.952447][ T1141] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  768.966822][ T1141] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  768.977578][ T8017] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  768.996449][ T8017] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  769.163900][ T1141] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  769.163927][ T1141] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  769.200359][T18013] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  769.200517][ T8017] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  769.215797][ T1141] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  769.745014][T18058] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  769.747111][T18058] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  769.749656][T18058] vhci_hcd vhci_hcd.0: Device attached
[  769.807912][T18059] vhci_hcd: connection closed
[  769.817340][ T8018] vhci_hcd: stop threads
[  769.821006][ T8018] vhci_hcd: release socket
[  769.822555][ T8018] vhci_hcd: disconnect device
[  770.745898][T14458] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  787.579569][T18120] lo speed is unknown, defaulting to 1000
[  787.690658][T18122] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3458'.
[  788.387975][T18153] syzkaller1: entered promiscuous mode
[  788.390078][T18153] syzkaller1: entered allmulticast mode
[  788.405435][   T60] usb 7-1: new high-speed USB device number 44 using dummy_hcd
[  788.519185][T18157] lo speed is unknown, defaulting to 1000
[  788.546972][T18158] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  788.549690][T18158] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  788.553402][T18158] vhci_hcd vhci_hcd.0: Device attached
[  788.599050][   T60] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  788.602340][   T60] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  788.605764][   T60] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  788.610306][   T60] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  788.612972][   T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  788.617109][   T60] usb 7-1: config 0 descriptor??
[  788.621886][T18159] vhci_hcd: connection closed
[  788.624588][ T1145] vhci_hcd: stop threads
[  788.627377][ T1145] vhci_hcd: release socket
[  788.628757][ T1145] vhci_hcd: disconnect device
[  789.216680][T18172] lo speed is unknown, defaulting to 1000
[  789.268472][   T60] usbhid 7-1:0.0: can't add hid device: -71
[  789.270660][   T60] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  789.275616][   T60] usb 7-1: USB disconnect, device number 44
[  790.074122][ T6052] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  794.096006][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  798.303350][T18196] lo speed is unknown, defaulting to 1000
[  798.309582][T18194] binder_alloc: 18193: binder_alloc_buf, no vma
[  798.562873][T18215] netlink: 212388 bytes leftover after parsing attributes in process `syz.1.3471'.
[  798.562926][T18215] openvswitch: netlink: Message has 5 unknown bytes.
[  798.567169][T18215] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3471'.
[  799.187473][T18202] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  799.386124][T18225] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  799.388223][T18225] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  799.390879][T18225] vhci_hcd vhci_hcd.0: Device attached
[  799.416061][T18228] syzkaller1: entered promiscuous mode
[  799.418186][T18228] syzkaller1: entered allmulticast mode
[  799.453935][T18227] vhci_hcd: connection closed
[  799.454162][ T1141] vhci_hcd: stop threads
[  799.457436][ T1141] vhci_hcd: release socket
[  799.458908][ T1141] vhci_hcd: disconnect device
[  799.480541][T18231] lo speed is unknown, defaulting to 1000
[  800.002427][ T1141] Bluetooth: hci3: Frame reassembly failed (-84)
[  800.005513][ T1141] Bluetooth: hci3: Frame reassembly failed (-84)
[  800.758252][T18241] lo speed is unknown, defaulting to 1000
[  800.769174][T18243] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3479'.
[  801.837104][T18253] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  801.839254][T18253] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  801.841815][T18253] vhci_hcd vhci_hcd.0: Device attached
[  802.155274][T14116] usb 39-1: new high-speed USB device number 5 using vhci_hcd
[  802.222561][T11731] Bluetooth: hci3: command 0x1003 tx timeout
[  802.225547][ T5336] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  802.571307][ T8020] Bluetooth: hci3: Frame reassembly failed (-84)
[  803.231008][T18254] vhci_hcd: connection reset by peer
[  803.237223][   T13] vhci_hcd: stop threads
[  803.247745][   T13] vhci_hcd: release socket
[  803.249587][   T13] vhci_hcd: disconnect device
[  803.328711][T18271] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  803.330821][T18271] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  803.333871][T18271] vhci_hcd vhci_hcd.0: Device attached
[  803.393079][T18272] vhci_hcd: connection closed
[  803.394159][ T8018] vhci_hcd: stop threads
[  803.399637][ T8018] vhci_hcd: release socket
[  803.401597][ T8018] vhci_hcd: disconnect device
[  804.107099][T18279] lo speed is unknown, defaulting to 1000
[  804.783578][ T5336] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  804.861224][T18289] syzkaller1: entered promiscuous mode
[  804.863831][T18289] syzkaller1: entered allmulticast mode
[  804.925208][T18291] netlink: 212388 bytes leftover after parsing attributes in process `syz.1.3493'.
[  804.928445][T18291] openvswitch: netlink: Message has 5 unknown bytes.
[  804.937717][T18291] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3493'.
[  805.004783][T18295] lo speed is unknown, defaulting to 1000
[  805.705204][ T8018] Bluetooth: hci3: Frame reassembly failed (-84)
[  806.103721][T18328] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  806.106547][T18328] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  806.110309][T18328] vhci_hcd vhci_hcd.0: Device attached
[  806.178844][T18329] vhci_hcd: connection closed
[  806.179075][T14057] vhci_hcd: stop threads
[  806.181984][T14057] vhci_hcd: release socket
[  806.183440][T14057] vhci_hcd: disconnect device
[  807.350104][ T5886] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  807.605832][T14116] vhci_hcd: vhci_device speed not set
[  807.862418][T11731] Bluetooth: hci3: command 0x1003 tx timeout
[  807.864691][ T5336] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  815.724769][T18354] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3506'.
[  815.734883][T18355] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.3505'.
[  815.740002][T18355] netlink: zone id is out of range
[  815.743248][T18355] netlink: zone id is out of range
[  815.745972][T18355] netlink: get zone limit has 8 unknown bytes
[  816.758876][T18368] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  817.852431][T18413] Invalid source name
[  817.853754][T18413] UBIFS error (pid: 18413): cannot open "./file0", error -22
[  817.859657][T18414] input: syz1 as /devices/virtual/input/input21
[  819.162964][T18454] rdma_rxe: rxe_newlink: failed to add syz_tun
[  819.317338][T18454] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.382307][T18454] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.470292][T18454] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.540979][T18454] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.625550][ T8020] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  819.651348][ T8020] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  819.666887][ T8020] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  819.678326][ T8020] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  820.211523][T18469] ip6erspan0: entered promiscuous mode
[  820.784493][T18465] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  821.149102][T18489] comedi comedi3: comedi_config --init_data is deprecated
[  821.776960][T18503] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3544'.
[  822.029937][T18507] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  822.814431][T18523] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3550'.
[  822.851065][T18523] binder: 18522:18523 unknown command 0
[  822.853452][T18523] binder: 18522:18523 ioctl c0306201 80000080 returned -22
[  824.087319][T18541] binder: 18540:18541 ioctl c0306201 80000080 returned -22
[  824.127500][T18543] FAULT_INJECTION: forcing a failure.
[  824.127500][T18543] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  824.127540][T18543] CPU: 0 UID: 0 PID: 18543 Comm: syz.1.3556 Not tainted syzkaller #0 PREEMPT(full) 
[  824.127560][T18543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  824.127571][T18543] Call Trace:
[  824.127577][T18543]  <TASK>
[  824.127584][T18543]  dump_stack_lvl+0x16c/0x1f0
[  824.127630][T18543]  should_fail_ex+0x512/0x640
[  824.127665][T18543]  copy_to_user_nofault+0xac/0x1c0
[  824.127691][T18543]  bpf_probe_write_user+0xaf/0xf0
[  824.127713][T18543]  bpf_prog_19072b5a3fcf5d64+0x41/0x49
[  824.127731][T18543]  bpf_trace_run2+0x236/0x590
[  824.127755][T18543]  ? __pfx_bpf_trace_run2+0x10/0x10
[  824.127780][T18543]  ? __might_fault+0xe3/0x190
[  824.127799][T18543]  ? __might_fault+0x13b/0x190
[  824.127827][T18543]  __bpf_trace_sys_enter+0x37/0x60
[  824.127855][T18543]  syscall_trace_enter+0x1b5/0x240
[  824.127883][T18543]  __do_fast_syscall_32+0x21b/0x3a0
[  824.127910][T18543]  do_fast_syscall_32+0x32/0x80
[  824.127935][T18543]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  824.127957][T18543] RIP: 0023:0xf7f86579
[  824.127970][T18543] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  824.127987][T18543] RSP: 002b:00000000f5496590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  824.128004][T18543] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5496620
[  824.128015][T18543] RDX: 000000000000000f RSI: 00000000f7414ff4 RDI: 0000000000000000
[  824.128025][T18543] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  824.128035][T18543] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  824.128046][T18543] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  824.128069][T18543]  </TASK>
[  824.166536][T18532] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  824.353338][T18553] 8021q: adding VLAN 0 to HW filter on device bond0
[  824.360524][T18554] netlink: 212388 bytes leftover after parsing attributes in process `syz.3.3558'.
[  824.364146][T18554] openvswitch: netlink: Message has 5 unknown bytes.
[  824.375950][T18553] 8021q: adding VLAN 0 to HW filter on device team0
[  824.383716][T18554] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3558'.
[  824.386749][T18553] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  824.395287][T14458] syz1: Port: 1 Link ACTIVE
[  824.570968][T18561] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3557'.
[  824.700214][ T6063] usb 7-1: new high-speed USB device number 45 using dummy_hcd
[  825.114745][T18568] overlayfs: failed to clone upperpath
[  825.170454][ T6063] usb 7-1: Using ep0 maxpacket: 8
[  825.175483][ T6063] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  825.179550][ T6063] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  825.183120][ T6063] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  825.186275][ T6063] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  825.190866][ T6063] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  825.193979][ T6063] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  825.244886][T18576] fuse: Bad value for 'fd'
[  825.421760][ T6063] usb 7-1: usb_control_msg returned -32
[  825.423661][ T6063] usbtmc 7-1:16.0: can't read capabilities
[  825.431344][ T6063] usb 7-1: USB disconnect, device number 45
[  825.793383][T18601] netlink: 212388 bytes leftover after parsing attributes in process `syz.1.3572'.
[  825.797885][T18601] openvswitch: netlink: Message has 5 unknown bytes.
[  825.805606][T18601] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3572'.
[  825.859281][T18599] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  825.934622][T18599] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  826.004577][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  826.004589][   T40] audit: type=1800 audit(1756640308.848:1419): pid=18606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3576" name="file0" dev="overlay" ino=1659 res=0 errno=0
[  826.015631][T18599] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  826.096390][T18599] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  826.168996][ T1141] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  826.176177][ T1141] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  826.183176][ T1141] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  826.190245][ T1141] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  826.565407][T18623] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3583'.
[  826.848912][T14116] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  827.019906][T14116] usb 6-1: Using ep0 maxpacket: 8
[  827.024024][T14116] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  827.028926][T14116] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  827.033464][T14116] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  827.037563][T14116] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  827.043020][T14116] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  827.046763][T14116] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  827.259708][T18629] lo speed is unknown, defaulting to 1000
[  827.268929][T14116] usb 6-1: usb_control_msg returned -32
[  827.271166][T14116] usbtmc 6-1:16.0: can't read capabilities
[  827.279305][T14116] usb 6-1: USB disconnect, device number 45
[  827.355631][   T40] audit: type=1326 audit(1756640310.120:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18634 comm="syz.0.3587" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf707e579 code=0x0
[  827.411360][T18637] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3587'.
[  827.971458][T18642] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  828.027656][T18642] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  828.071071][T18642] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  828.124789][T18642] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  828.193523][ T8020] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  828.199484][ T8020] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  828.208303][ T8020] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  828.218106][ T8020] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  828.596321][T18657] netlink: 212388 bytes leftover after parsing attributes in process `syz.1.3592'.
[  828.600337][T18657] openvswitch: netlink: Message has 5 unknown bytes.
[  828.610115][T18657] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3592'.
[  829.559672][T18670] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3596'.
[  830.157203][T18676] syz.0.3598: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  830.162253][T18676] CPU: 3 UID: 0 PID: 18676 Comm: syz.0.3598 Not tainted syzkaller #0 PREEMPT(full) 
[  830.162270][T18676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  830.162277][T18676] Call Trace:
[  830.162282][T18676]  <TASK>
[  830.162287][T18676]  dump_stack_lvl+0x16c/0x1f0
[  830.162307][T18676]  warn_alloc+0x248/0x3a0
[  830.162322][T18676]  ? __pfx_warn_alloc+0x10/0x10
[  830.162336][T18676]  ? __pfx_stack_trace_save+0x10/0x10
[  830.162353][T18676]  ? kasan_save_stack+0x42/0x60
[  830.162365][T18676]  ? kasan_save_stack+0x33/0x60
[  830.162376][T18676]  ? kasan_save_track+0x14/0x30
[  830.162388][T18676]  ? xskq_create+0x52/0x1d0
[  830.162400][T18676]  ? xsk_setsockopt+0x792/0x9a0
[  830.162412][T18676]  ? do_sock_setsockopt+0xf0/0x1d0
[  830.162430][T18676]  ? xskq_create+0xfb/0x1d0
[  830.162443][T18676]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  830.162459][T18676]  ? xskq_create+0xfb/0x1d0
[  830.162473][T18676]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  830.162488][T18676]  ? xskq_create+0xfb/0x1d0
[  830.162500][T18676]  vmalloc_user_noprof+0x9e/0xe0
[  830.162510][T18676]  ? xskq_create+0xfb/0x1d0
[  830.162522][T18676]  xskq_create+0xfb/0x1d0
[  830.162534][T18676]  xsk_setsockopt+0x792/0x9a0
[  830.162546][T18676]  ? __pfx_xsk_setsockopt+0x10/0x10
[  830.162557][T18676]  ? find_held_lock+0x2b/0x80
[  830.162570][T18676]  ? aa_sock_opt_perm+0xfd/0x1c0
[  830.162582][T18676]  ? __pfx_xsk_setsockopt+0x10/0x10
[  830.162594][T18676]  do_sock_setsockopt+0xf0/0x1d0
[  830.162612][T18676]  __sys_setsockopt+0x120/0x1a0
[  830.162628][T18676]  __ia32_sys_setsockopt+0xbc/0x160
[  830.162642][T18676]  ? syscall_trace_enter+0x89/0x240
[  830.162659][T18676]  __do_fast_syscall_32+0x7c/0x3a0
[  830.162675][T18676]  do_fast_syscall_32+0x32/0x80
[  830.162690][T18676]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  830.162704][T18676] RIP: 0023:0xf707e579
[  830.162712][T18676] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  830.162723][T18676] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  830.162734][T18676] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000000000011b
[  830.162747][T18676] RDX: 0000000000000002 RSI: 0000000080000900 RDI: 0000000000000004
[  830.162754][T18676] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  830.162761][T18676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  830.162780][T18676] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  830.162795][T18676]  </TASK>
[  830.243992][T18676] Mem-Info:
[  830.245160][T18676] active_anon:2117 inactive_anon:1612 isolated_anon:0
[  830.245160][T18676]  active_file:11165 inactive_file:9062 isolated_file:0
[  830.245160][T18676]  unevictable:1768 dirty:597 writeback:0
[  830.245160][T18676]  slab_reclaimable:6795 slab_unreclaimable:71467
[  830.245160][T18676]  mapped:30236 shmem:2419 pagetables:1169
[  830.245160][T18676]  sec_pagetables:327 bounce:0
[  830.245160][T18676]  kernel_misc_reclaimable:0
[  830.245160][T18676]  free:48869 free_pcp:15933 free_cma:0
[  830.260129][T18676] Node 0 active_anon:1148kB inactive_anon:0kB active_file:1316kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:104kB dirty:0kB writeback:0kB shmem:3788kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8428kB pagetables:1640kB sec_pagetables:1196kB all_unreclaimable? yes Balloon:0kB
[  830.269679][T18676] Node 1 active_anon:7320kB inactive_anon:6448kB active_file:43344kB inactive_file:36248kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:120840kB dirty:2388kB writeback:0kB shmem:5888kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5144kB pagetables:3036kB sec_pagetables:112kB all_unreclaimable? no Balloon:0kB
[  830.279873][T18676] Node 0 DMA free:2056kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:420kB local_pcp:168kB free_cma:0kB
[  830.289543][T18676] lowmem_reserve[]: 0 288 288 288 288
[  830.291434][T18676] Node 0 DMA32 free:18464kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:4096KB free_highatomic:2032KB active_anon:1148kB inactive_anon:0kB active_file:1316kB inactive_file:0kB unevictable:3536kB writepending:0kB present:1032196kB managed:295132kB mlocked:0kB bounce:0kB free_pcp:11856kB local_pcp:3668kB free_cma:0kB
[  830.301315][T18676] lowmem_reserve[]: 0 0 0 0 0
[  830.302966][T18676] Node 1 DMA32 free:174956kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:6144KB free_highatomic:3668KB active_anon:6020kB inactive_anon:6448kB active_file:43344kB inactive_file:36248kB unevictable:3536kB writepending:2388kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:52552kB local_pcp:11876kB free_cma:0kB
[  830.313251][T18676] lowmem_reserve[]: 0 0 0 0 0
[  830.314894][T18676] Node 0 DMA: 12*4kB (U) 23*8kB (UM) 10*16kB (UM) 6*32kB (UM) 3*64kB (UM) 0*128kB 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2056kB
[  830.319738][T18676] Node 0 DMA32: 514*4kB (UME) 125*8kB (UME) 83*16kB (UMEH) 72*32kB (UMEH) 54*64kB (UMEH) 19*128kB (UMEH) 5*256kB (UMH) 5*512kB (UMH) 2*1024kB (UH) 0*2048kB 0*4096kB = 18464kB
[  830.335059][T18676] Node 1 DMA32: 2419*4kB (UMEH) 724*8kB (UMEH) 440*16kB (UMEH) 342*32kB (UMEH) 298*64kB (UMEH) 167*128kB (UMEH) 85*256kB (UMEH) 71*512kB (UMEH) 24*1024kB (UMH) 9*2048kB (UM) 0*4096kB = 175020kB
[  830.348104][T18676] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  830.351141][T18676] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  830.354210][T18676] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  830.357795][T18676] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  830.360898][T18676] 23728 total pagecache pages
[  830.362423][T18676] 1086 pages in swap cache
[  830.363920][T18676] Free swap  = 102008kB
[  830.365308][T18676] Total swap = 124996kB
[  830.368808][T18676] 524155 pages RAM
[  830.370401][T18676] 0 pages HighMem/MovableOnly
[  830.372304][T18676] 209477 pages reserved
[  830.373638][T18676] 0 pages cma reserved
[  830.552171][T18686] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  830.646577][T18686] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  830.700927][T18686] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  830.786701][T18686] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  833.301302][ T8020] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  833.307602][ T8020] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  833.320555][ T8017] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  833.338407][ T8017] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  834.487977][T18749] netlink: 'syz.1.3615': attribute type 39 has an invalid length.
[  836.785364][T18768] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  836.854701][T18768] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  836.940720][T18768] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  837.008135][T18768] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  837.104586][T14057] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  837.116424][ T1141] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  837.126331][ T1141] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  837.134946][ T1141] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  839.458036][T18799] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  839.509937][T18799] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  839.637349][T18799] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  839.723633][T18799] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  839.787915][ T8017] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  839.799966][T14057] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  839.809828][T14057] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  839.818528][ T8017] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  839.896651][T18811] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3633'.
[  840.719049][T18821] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3636'.
[  840.722046][T18821] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3636'.
[  840.753298][T18821] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3636'.
[  840.756487][T18821] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3636'.
[  840.800275][T18821] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3636'.
[  840.803401][T18821] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3636'.
[  841.016795][T18830] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3638'.
[  842.295842][ T8020] smc: removing ib device syz1
[  842.300536][ T5886] syz1: Port: 1 Link DOWN
[  842.342981][T11731] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  842.346478][T11731] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  842.350302][T11731] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  842.355396][T11731] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  842.359087][T11731] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  842.391709][T18855] lo speed is unknown, defaulting to 1000
[  842.658447][T18855] chnl_net:caif_netlink_parms(): no params data found
[  842.925463][T18855] bridge0: port 1(bridge_slave_0) entered blocking state
[  842.932424][T18855] bridge0: port 1(bridge_slave_0) entered disabled state
[  842.935944][T18855] bridge_slave_0: entered allmulticast mode
[  842.942316][T18855] bridge_slave_0: entered promiscuous mode
[  842.947701][T18855] bridge0: port 2(bridge_slave_1) entered blocking state
[  842.950263][T18855] bridge0: port 2(bridge_slave_1) entered disabled state
[  842.952915][T18855] bridge_slave_1: entered allmulticast mode
[  842.956453][T18855] bridge_slave_1: entered promiscuous mode
[  843.039820][T18855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  843.046899][T18855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  843.086865][T18855] team0: Port device team_slave_0 added
[  843.091173][T18855] team0: Port device team_slave_1 added
[  843.130990][T18855] batman_adv: batadv0: Adding interface: batadv_slave_0
[  843.133320][T18855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  843.145124][T18855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  843.150004][T18855] batman_adv: batadv0: Adding interface: batadv_slave_1
[  843.152537][T18855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  843.161373][T18855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  843.213461][T18855] hsr_slave_0: entered promiscuous mode
[  843.215823][T18855] hsr_slave_1: entered promiscuous mode
[  843.218257][T18855] debugfs: 'hsr0' already exists in 'hsr'
[  843.220142][T18855] Cannot create hsr debugfs directory
[  843.342896][ T1141] vxlan0: left allmulticast mode
[  843.345164][ T1141] vxlan0: left promiscuous mode
[  843.347099][ T1141] bridge0: port 3(vxlan0) entered disabled state
[  843.350994][ T1141] bridge_slave_1: left allmulticast mode
[  843.352973][ T1141] bridge_slave_1: left promiscuous mode
[  843.355003][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state
[  843.360629][ T1141] bridge_slave_0: left allmulticast mode
[  843.362515][ T1141] bridge_slave_0: left promiscuous mode
[  843.364472][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state
[  843.740378][T18824] Process accounting resumed
[  843.740658][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  843.747684][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  843.752195][ T1141] bond0 (unregistering): Released all slaves
[  843.883907][T18855] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  843.889465][T18855] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  843.895302][T18855] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  843.901081][T18855] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  843.988517][T18855] 8021q: adding VLAN 0 to HW filter on device bond0
[  844.003200][T18855] 8021q: adding VLAN 0 to HW filter on device team0
[  844.011282][ T8020] bridge0: port 1(bridge_slave_0) entered blocking state
[  844.013974][ T8020] bridge0: port 1(bridge_slave_0) entered forwarding state
[  844.040445][ T8020] bridge0: port 2(bridge_slave_1) entered blocking state
[  844.043270][ T8020] bridge0: port 2(bridge_slave_1) entered forwarding state
[  844.057756][T18902] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3650'.
[  844.062352][T18902] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3650'.
[  844.070920][ T1141] hsr_slave_0: left promiscuous mode
[  844.075931][ T1141] hsr_slave_1: left promiscuous mode
[  844.078124][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_0
[  844.085224][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_1
[  844.555988][ T5336] Bluetooth: hci3: command tx timeout
[  844.737967][T18885] Process accounting resumed
[  845.046321][ T1141] team0 (unregistering): Port device team_slave_1 removed
[  845.173504][ T1141] team0 (unregistering): Port device team_slave_0 removed
[  845.948191][T18855] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  845.951920][T18855] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  845.990533][T18929] ªªªªª»: renamed from hsr0 (while UP)
[  846.094487][T18855] 8021q: adding VLAN 0 to HW filter on device batadv0
[  846.243625][T18855] veth0_vlan: entered promiscuous mode
[  846.248650][T18855] veth1_vlan: entered promiscuous mode
[  846.266753][T18855] veth0_macvtap: entered promiscuous mode
[  846.270729][T18855] veth1_macvtap: entered promiscuous mode
[  846.284976][T18855] batman_adv: batadv0: Interface activated: batadv_slave_0
[  846.291711][T18855] batman_adv: batadv0: Interface activated: batadv_slave_1
[  846.299267][ T8017] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  846.302116][ T8017] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  846.310364][ T8017] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  846.313192][ T8017] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  846.360178][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  846.362767][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  846.376957][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  846.379404][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  846.543850][T18961] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.561044][T18965] veth1_macvtap: left promiscuous mode
[  846.564268][T18965] macsec0: entered promiscuous mode
[  846.565911][T18965] macsec0: entered allmulticast mode
[  846.569468][T18965] macsec0: left allmulticast mode
[  846.786873][ T5336] Bluetooth: hci3: command tx timeout
[  847.165362][T18961] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  847.626314][T18961] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  847.902893][T18961] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  848.110006][T19006] __nla_validate_parse: 4 callbacks suppressed
[  848.110047][T19006] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3674'.
[  848.115470][T19006] unsupported nla_type 65024
[  848.117147][T19005] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3674'.
[  848.233011][   T13] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  848.245247][ T1141] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  848.255528][ T1141] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  848.266775][ T1141] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  848.292289][T19019] overlayfs: failed to clone upperpath
[  848.398544][T19027] lo speed is unknown, defaulting to 1000
[  848.440358][T19027] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3682'.
[  848.561808][ T5886] e1000 0000:00:06.0 eth0: Reset adapter
[  848.979274][T19042] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  848.981931][T19042] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  848.984732][T19042] vhci_hcd vhci_hcd.0: Device attached
[  848.999777][ T5336] Bluetooth: hci3: command tx timeout
[  849.052959][T19043] vhci_hcd: connection closed
[  849.055742][ T1141] vhci_hcd: stop threads
[  849.059807][ T1141] vhci_hcd: release socket
[  849.061257][ T1141] vhci_hcd: disconnect device
[  849.614447][T19059] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  849.715635][T19059] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  849.797178][T19059] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  849.881704][T19059] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  850.041152][   T13] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  850.053422][   T13] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  850.064081][ T1141] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  850.077346][ T1141] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  850.882632][ T5886] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  851.223509][ T5336] Bluetooth: hci3: command tx timeout
[  857.449411][T19112] lo speed is unknown, defaulting to 1000
[  857.494020][T19112] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3693'.
[  857.616758][ T6052] e1000 0000:00:06.0 eth0: Reset adapter
[  858.582945][T19131] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  858.618265][T19161] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  858.620506][T19161] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  858.623097][T19161] vhci_hcd vhci_hcd.0: Device attached
[  858.687814][T19159] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  858.763305][T19159] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  858.839467][T19159] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  858.888584][ T6052] usb 39-1: new high-speed USB device number 6 using vhci_hcd
[  858.891325][T19162] vhci_hcd: connection reset by peer
[  858.895150][T14060] vhci_hcd: stop threads
[  858.896895][T14060] vhci_hcd: release socket
[  858.898441][T14060] vhci_hcd: disconnect device
[  858.905337][T19159] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  858.994627][ T8020] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  859.002260][ T8020] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  859.010065][ T8020] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  859.017686][ T8020] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  859.098267][T19175] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3703'.
[  859.777365][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  859.958798][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[  864.383597][ T6052] vhci_hcd: vhci_device speed not set
[  867.468660][T19202] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3706'.
[  867.709164][T19211] tipc: Started in network mode
[  867.711238][T19211] tipc: Node identity c, cluster identity 4711
[  867.713540][T19211] tipc: Node number set to 12
[  867.753694][T19213] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3710'.
[  868.242001][T19218] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.333187][T19218] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.389227][T19218] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.439484][T19218] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.495834][   T13] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  868.501196][   T13] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  868.505037][   T13] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  868.509581][   T13] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  868.949094][T19219] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  869.240073][T19236] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3716'.
[  870.220736][ T6063] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  870.382459][ T6063] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  870.386798][ T6063] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  870.390793][ T6063] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  870.396236][ T6063] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  870.400004][ T6063] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  870.406694][ T6063] usb 6-1: config 0 descriptor??
[  870.655243][T19255] tls_set_device_offload_rx: netdev not found
[  870.663435][T19255] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.739769][T19255] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.802923][T19255] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.850573][ T6063] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  870.879106][T19255] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  870.953518][T19076] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  870.960770][T19076] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  870.968503][T19076] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  870.976621][ T8020] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  871.201403][T19259] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  871.283946][T19259] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  871.350668][T19259] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  871.413719][T19259] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  872.230788][    C0] plantronics 0003:047F:FFFF.0009: usb_submit_urb(ctrl) failed: -1
[  872.803855][T19272] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  872.806233][T19272] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  872.809099][T19272] vhci_hcd vhci_hcd.0: Device attached
[  872.983166][T19277] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3726'.
[  873.058946][ T6035] usb 6-1: USB disconnect, device number 46
[  873.075323][T14458] usb 39-1: new high-speed USB device number 7 using vhci_hcd
[  873.084416][T19273] vhci_hcd: connection reset by peer
[  873.088136][ T8020] vhci_hcd: stop threads
[  873.089523][ T8020] vhci_hcd: release socket
[  873.091081][ T8020] vhci_hcd: disconnect device
[  873.110991][T19283] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3729'.
[  874.188198][T11731] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  874.193106][T11731] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  874.199931][T11731] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  874.204996][T11731] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  874.207714][T11731] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  874.230831][T19297] lo speed is unknown, defaulting to 1000
[  874.312397][T19297] chnl_net:caif_netlink_parms(): no params data found
[  874.383745][T19297] bridge0: port 1(bridge_slave_0) entered blocking state
[  874.386034][T19297] bridge0: port 1(bridge_slave_0) entered disabled state
[  874.388206][T19297] bridge_slave_0: entered allmulticast mode
[  874.390959][T19297] bridge_slave_0: entered promiscuous mode
[  874.394184][T19297] bridge0: port 2(bridge_slave_1) entered blocking state
[  874.396468][T19297] bridge0: port 2(bridge_slave_1) entered disabled state
[  874.398735][T19297] bridge_slave_1: entered allmulticast mode
[  874.401708][T19297] bridge_slave_1: entered promiscuous mode
[  874.426470][ T1141] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  874.455722][T19297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  874.460431][T19297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  874.501150][ T1141] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  874.511112][T19297] team0: Port device team_slave_0 added
[  874.514818][T19297] team0: Port device team_slave_1 added
[  874.547450][T19297] batman_adv: batadv0: Adding interface: batadv_slave_0
[  874.549714][T19297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  874.557869][T19297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  874.562288][T19297] batman_adv: batadv0: Adding interface: batadv_slave_1
[  874.564938][T19297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  874.572871][T19297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  874.580445][ T1141] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  874.629342][T19297] hsr_slave_0: entered promiscuous mode
[  874.632708][T19297] hsr_slave_1: entered promiscuous mode
[  874.635983][T19297] debugfs: 'hsr0' already exists in 'hsr'
[  874.637816][T19297] Cannot create hsr debugfs directory
[  874.662918][ T1141] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  874.821395][T19297] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  874.831024][T19297] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  874.837253][ T1141] bridge_slave_1: left allmulticast mode
[  874.839246][ T1141] bridge_slave_1: left promiscuous mode
[  874.841125][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state
[  874.845494][ T1141] bridge_slave_0: left allmulticast mode
[  874.847298][ T1141] bridge_slave_0: left promiscuous mode
[  874.849252][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state
[  874.938508][   T40] audit: type=1326 audit(1756640354.627:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19294 comm="syz.3.3733" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701e579 code=0x7fc00000
[  875.148735][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  875.153099][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  875.156829][ T1141] bond0 (unregistering): Released all slaves
[  875.163348][T19297] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  875.194400][T19297] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  875.206215][T19076] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  875.228559][ T8020] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  875.236382][ T8020] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  875.259024][ T8020] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  875.312763][T19297] 8021q: adding VLAN 0 to HW filter on device bond0
[  875.326483][T19297] 8021q: adding VLAN 0 to HW filter on device team0
[  875.331707][T19076] bridge0: port 1(bridge_slave_0) entered blocking state
[  875.333958][T19076] bridge0: port 1(bridge_slave_0) entered forwarding state
[  875.339807][ T8020] bridge0: port 2(bridge_slave_1) entered blocking state
[  875.342134][ T8020] bridge0: port 2(bridge_slave_1) entered forwarding state
[  875.431747][ T1141] hsr_slave_0: left promiscuous mode
[  875.434031][ T1141] hsr_slave_1: left promiscuous mode
[  875.436129][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  875.438658][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_0
[  875.441668][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  875.444661][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_1
[  875.468268][ T1141] veth1_macvtap: left promiscuous mode
[  875.470188][ T1141] veth0_macvtap: left promiscuous mode
[  875.472057][ T1141] veth1_vlan: left promiscuous mode
[  875.473821][ T1141] veth0_vlan: left promiscuous mode
[  876.274025][ T1141] team0 (unregistering): Port device team_slave_1 removed
[  876.359440][ T1141] team0 (unregistering): Port device team_slave_0 removed
[  876.368921][T11731] Bluetooth: hci3: command tx timeout
[  877.383372][T19344] : entered promiscuous mode
[  877.552784][T19297] 8021q: adding VLAN 0 to HW filter on device batadv0
[  877.698331][T19297] veth0_vlan: entered promiscuous mode
[  877.703131][T19297] veth1_vlan: entered promiscuous mode
[  877.717662][T19297] veth0_macvtap: entered promiscuous mode
[  877.722768][T19297] veth1_macvtap: entered promiscuous mode
[  877.732250][T19297] batman_adv: batadv0: Interface activated: batadv_slave_0
[  877.740833][T19297] batman_adv: batadv0: Interface activated: batadv_slave_1
[  877.746511][T14057] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  877.750136][T14057] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  877.753754][T14057] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  877.780563][T14057] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  877.829478][T14057] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  877.832131][T14057] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  877.859082][T14057] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  877.863004][T14057] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  878.581406][T14458] vhci_hcd: vhci_device speed not set
[  878.602563][T11731] Bluetooth: hci3: command tx timeout
[  878.962388][T19413] pim6reg1: entered promiscuous mode
[  878.962401][T19413] pim6reg1: entered allmulticast mode
[  879.162856][T19401] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  879.203523][    T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  879.244634][    T9] hid-generic 0000:0000:0000.000A: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  879.895761][   T29] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  880.114028][   T29] usb 10-1: device descriptor read/64, error -71
[  880.130605][T19438] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3755'.
[  880.454983][   T29] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  880.719138][   T29] usb 10-1: device descriptor read/64, error -71
[  880.815073][T11731] Bluetooth: hci3: command tx timeout
[  880.850248][   T29] usb usb10-port1: attempt power cycle
[  881.280696][   T29] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  881.307794][   T29] usb 10-1: device descriptor read/8, error -71
[  881.563365][   T29] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  881.585172][   T29] usb 10-1: device descriptor read/8, error -71
[  881.709587][   T29] usb usb10-port1: unable to enumerate USB device
[  882.040108][   T40] audit: type=1326 audit(1756640361.268:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19455 comm="syz.3.3761" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701e579 code=0x7ffc0000
[  882.047201][   T40] audit: type=1326 audit(1756640361.268:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19455 comm="syz.3.3761" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701e579 code=0x7ffc0000
[  882.054025][   T40] audit: type=1326 audit(1756640361.268:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19455 comm="syz.3.3761" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf701e579 code=0x7ffc0000
[  882.061100][   T40] audit: type=1326 audit(1756640361.277:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19455 comm="syz.3.3761" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701e579 code=0x7ffc0000
[  882.069828][   T40] audit: type=1326 audit(1756640361.277:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19455 comm="syz.3.3761" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf701e579 code=0x7ffc0000
[  882.078958][   T40] audit: type=1326 audit(1756640361.277:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19455 comm="syz.3.3761" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701e579 code=0x7ffc0000
[  882.088798][   T40] audit: type=1326 audit(1756640361.277:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19455 comm="syz.3.3761" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701e579 code=0x7ffc0000
[  882.097665][   T40] audit: type=1326 audit(1756640361.277:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19455 comm="syz.3.3761" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf701e579 code=0x7ffc0000
[  882.106874][   T40] audit: type=1326 audit(1756640361.277:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19455 comm="syz.3.3761" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701e579 code=0x7ffc0000
[  882.115920][   T40] audit: type=1326 audit(1756640361.277:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19455 comm="syz.3.3761" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701e579 code=0x7ffc0000
[  882.221223][T19462] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.296751][T19462] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.393350][T19462] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.466253][T19462] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.552046][T14057] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  882.560767][T14057] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  882.578497][T14057] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  882.581698][T14060] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  882.705265][T19475] netlink: 'syz.3.3767': attribute type 5 has an invalid length.
[  882.711266][T19475] ip6erspan0: entered promiscuous mode
[  882.860823][T19484] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3771'.
[  882.863550][T19484] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3771'.
[  883.038900][T11731] Bluetooth: hci3: command tx timeout
[  883.533065][T19496] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3774'.
[  883.537418][T19496] comedi comedi0: Minor 3 could not be opened
[  883.581362][T19499] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3775'.
[  884.480203][T19514] lo speed is unknown, defaulting to 1000
[  884.542490][T19514] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3780'.
[  884.907097][T19532] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3786'.
[  886.339060][T19551] 9pnet_fd: Insufficient options for proto=fd
[  886.342913][T19551] ==================================================================
[  886.345474][T19551] BUG: KASAN: slab-use-after-free in xfrm_state_find+0x7401/0x84c0
[  886.348014][T19551] Read of size 1 at addr ffff88806b3d0770 by task syz.0.3791/19551
[  886.351683][T19551] 
[  886.352813][T19551] CPU: 1 UID: 0 PID: 19551 Comm: syz.0.3791 Not tainted syzkaller #0 PREEMPT(full) 
[  886.352828][T19551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  886.352836][T19551] Call Trace:
[  886.352842][T19551]  <TASK>
[  886.352848][T19551]  dump_stack_lvl+0x116/0x1f0
[  886.352874][T19551]  print_report+0xcd/0x630
[  886.352891][T19551]  ? __virt_addr_valid+0x81/0x610
[  886.352908][T19551]  ? __phys_addr+0xe8/0x180
[  886.352922][T19551]  ? xfrm_state_find+0x7401/0x84c0
[  886.352938][T19551]  kasan_report+0xe0/0x110
[  886.352952][T19551]  ? xfrm_state_find+0x7401/0x84c0
[  886.352969][T19551]  xfrm_state_find+0x7401/0x84c0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  886.352984][T19551]  ? arch_stack_walk+0xa6/0x100
[  886.353000][T19551]  ? __pfx_xfrm_state_find+0x10/0x10
[  886.353017][T19551]  ? find_held_lock+0x2b/0x80
[  886.353028][T19551]  ? bpf_ksym_find+0x124/0x1c0
[  886.353040][T19551]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  886.353055][T19551]  xfrm_resolve_and_create_bundle+0x4cd/0x3740
[  886.353076][T19551]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  886.353101][T19551]  ? dst_alloc+0xc0/0x1a0
[  886.353115][T19551]  ? xfrm_expand_policies.constprop.0+0x252/0x6a0
[  886.353133][T19551]  xfrm_lookup_with_ifid+0x2a0/0x1e40
[  886.353151][T19551]  ? find_held_lock+0x2b/0x80
[  886.353162][T19551]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  886.353179][T19551]  ? ip_route_output_key_hash+0x16b/0x2e0
[  886.353195][T19551]  xfrm_lookup_route+0x3b/0x200
[  886.353212][T19551]  ip_route_output_flow+0x11e/0x150
[  886.353225][T19551]  udp_sendmsg+0x1af9/0x2870
[  886.353241][T19551]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  886.353258][T19551]  ? __pfx_udp_sendmsg+0x10/0x10
[  886.353272][T19551]  ? __lock_acquire+0xb97/0x1ce0
[  886.353291][T19551]  ? aa_sk_perm+0x2f4/0xb10
[  886.353309][T19551]  ? __pfx_udp_sendmsg+0x10/0x10
[  886.353325][T19551]  inet_sendmsg+0x105/0x140
[  886.353336][T19551]  ____sys_sendmsg+0x973/0xc70
[  886.353348][T19551]  ? __pfx_____sys_sendmsg+0x10/0x10
[  886.353358][T19551]  ? get_compat_msghdr+0x11a/0x170
[  886.353375][T19551]  ___sys_sendmsg+0x134/0x1d0
[  886.353390][T19551]  ? __pfx____sys_sendmsg+0x10/0x10
[  886.353409][T19551]  ? futex_hash_get+0x20/0x70
[  886.353424][T19551]  __sys_sendmmsg+0x2f9/0x420
[  886.353440][T19551]  ? __pfx___sys_sendmmsg+0x10/0x10
[  886.353457][T19551]  ? __pfx_do_futex+0x10/0x10
[  886.353474][T19551]  ? xfd_validate_state+0x61/0x180
[  886.353489][T19551]  ? __sys_setsockopt+0x140/0x1a0
[  886.353504][T19551]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  886.353519][T19551]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  886.353536][T19551]  __do_fast_syscall_32+0x7c/0x3a0
[  886.353552][T19551]  do_fast_syscall_32+0x32/0x80
[  886.353567][T19551]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  886.353582][T19551] RIP: 0023:0xf707e579
[  886.353591][T19551] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  886.353603][T19551] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  886.353615][T19551] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  886.353622][T19551] RDX: 0000000000000077 RSI: 0000000000007600 RDI: 0000000000000000
[  886.353629][T19551] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  886.353636][T19551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  886.353643][T19551] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  886.353653][T19551]  </TASK>
[  886.353657][T19551] 
[  886.463139][T19551] Allocated by task 19006:
[  886.464550][T19551]  kasan_save_stack+0x33/0x60
[  886.466065][T19551]  kasan_save_track+0x14/0x30
[  886.467572][T19551]  __kasan_slab_alloc+0x89/0x90
[  886.469164][T19551]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  886.469180][T19551]  xfrm_state_alloc+0x23/0x5c0
[  886.469191][T19551]  __find_acq_core+0xb59/0x2900
[  886.469205][T19551]  xfrm_find_acq+0x7b/0xa0
[  886.469218][T19551]  xfrm_alloc_userspi+0x58e/0xbb0
[  886.469233][T19551]  xfrm_user_rcv_msg+0x4fe/0xb60
[  886.469245][T19551]  netlink_rcv_skb+0x158/0x420
[  886.469262][T19551]  xfrm_netlink_rcv+0x71/0x90
[  886.482660][T19551]  netlink_unicast+0x5a7/0x870
[  886.484148][T19551]  netlink_sendmsg+0x8d1/0xdd0
[  886.485654][T19551]  ____sys_sendmsg+0xa98/0xc70
[  886.487139][T19551]  ___sys_sendmsg+0x134/0x1d0
[  886.488634][T19551]  __sys_sendmsg+0x16d/0x220
[  886.490074][T19551]  __do_fast_syscall_32+0x7c/0x3a0
[  886.491665][T19551]  do_fast_syscall_32+0x32/0x80
[  886.493213][T19551]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  886.495212][T19551] 
[  886.496025][T19551] Freed by task 6063:
[  886.497267][T19551]  kasan_save_stack+0x33/0x60
[  886.498776][T19551]  kasan_save_track+0x14/0x30
[  886.500279][T19551]  kasan_save_free_info+0x3b/0x60
[  886.501859][T19551]  __kasan_slab_free+0x60/0x70
[  886.503381][T19551]  kmem_cache_free+0x2d1/0x4d0
[  886.504896][T19551]  xfrm_state_gc_task+0x50a/0x770
[  886.506492][T19551]  process_one_work+0x9cf/0x1b70
[  886.508063][T19551]  worker_thread+0x6c8/0xf10
[  886.509521][T19551]  kthread+0x3c5/0x780
[  886.510811][T19551]  ret_from_fork+0x5d7/0x6f0
[  886.512284][T19551]  ret_from_fork_asm+0x1a/0x30
[  886.513786][T19551] 
[  886.514546][T19551] The buggy address belongs to the object at ffff88806b3d0440
[  886.514546][T19551]  which belongs to the cache xfrm_state of size 928
[  886.518834][T19551] The buggy address is located 816 bytes inside of
[  886.518834][T19551]  freed 928-byte region [ffff88806b3d0440, ffff88806b3d07e0)
[  886.523054][T19551] 
[  886.523830][T19551] The buggy address belongs to the physical page:
[  886.525842][T19551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88806b3d0000 pfn:0x6b3d0
[  886.529113][T19551] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  886.531708][T19551] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff)
[  886.533982][T19551] page_type: f5(slab)
[  886.535220][T19551] raw: 04fff00000000040 ffff888020c223c0 dead000000000122 0000000000000000
[  886.537834][T19551] raw: ffff88806b3d0000 00000000801e001d 00000000f5000000 0000000000000000
[  886.540593][T19551] head: 04fff00000000040 ffff888020c223c0 dead000000000122 0000000000000000
[  886.543325][T19551] head: ffff88806b3d0000 00000000801e001d 00000000f5000000 0000000000000000
[  886.546018][T19551] head: 04fff00000000003 ffffea0001acf401 00000000ffffffff 00000000ffffffff
[  886.548705][T19551] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  886.551329][T19551] page dumped because: kasan: bad access detected
[  886.553349][T19551] page_owner tracks the page as allocated
[  886.555192][T19551] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 14693, tgid 14691 (syz.3.2446), ts 526445505572, free_ts 518974958857
[  886.561232][T19551]  post_alloc_hook+0x1c0/0x230
[  886.562744][T19551]  get_page_from_freelist+0x132b/0x38e0
[  886.564482][T19551]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  886.566344][T19551]  alloc_pages_mpol+0x1fb/0x550
[  886.567876][T19551]  new_slab+0x247/0x330
[  886.569164][T19551]  ___slab_alloc+0xcf2/0x1740
[  886.570705][T19551]  __slab_alloc.constprop.0+0x56/0xb0
[  886.572421][T19551]  kmem_cache_alloc_noprof+0xef/0x3b0
[  886.574182][T19551]  xfrm_state_alloc+0x23/0x5c0
[  886.575915][T19551]  xfrm_state_find+0x31e6/0x84c0
[  886.577514][T19551]  xfrm_resolve_and_create_bundle+0x4cd/0x3740
[  886.579314][T19551]  xfrm_lookup_with_ifid+0x2a0/0x1e40
[  886.580991][T19551]  xfrm_lookup_route+0x3b/0x200
[  886.582513][T19551]  ip6_dst_lookup_flow+0x15c/0x1d0
[  886.584154][T19551]  rawv6_sendmsg+0xe85/0x4820
[  886.585640][T19551]  inet_sendmsg+0x119/0x140
[  886.587075][T19551] page last free pid 14594 tgid 14594 stack trace:
[  886.589101][T19551]  __free_frozen_pages+0x7d5/0x10f0
[  886.590785][T19551]  __put_partials+0x165/0x1c0
[  886.592359][T19551]  qlist_free_all+0x4d/0x120
[  886.593915][T19551]  kasan_quarantine_reduce+0x195/0x1e0
[  886.595713][T19551]  __kasan_slab_alloc+0x69/0x90
[  886.597257][T19551]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  886.598948][T19551]  taskstats_exit+0x654/0xbe0
[  886.600468][T19551]  do_exit+0x5dc/0x2bf0
[  886.601827][T19551]  do_group_exit+0xd3/0x2a0
[  886.603276][T19551]  __ia32_sys_exit_group+0x3e/0x50
[  886.604915][T19551]  ia32_sys_call+0xa9e/0x1ca0
[  886.606417][T19551]  __do_fast_syscall_32+0x7c/0x3a0
[  886.608038][T19551]  do_fast_syscall_32+0x32/0x80
[  886.609558][T19551]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  886.611536][T19551] 
[  886.612323][T19551] Memory state around the buggy address:
[  886.614092][T19551]  ffff88806b3d0600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  886.616672][T19551]  ffff88806b3d0680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  886.619180][T19551] >ffff88806b3d0700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  886.621648][T19551]                                                              ^
[  886.624025][T19551]  ffff88806b3d0780: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  886.626505][T19551]  ffff88806b3d0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  886.629076][T19551] ==================================================================
[  886.635664][T19551] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  886.637854][T19551] CPU: 1 UID: 0 PID: 19551 Comm: syz.0.3791 Not tainted syzkaller #0 PREEMPT(full) 
[  886.640649][T19551] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  886.643947][T19551] Call Trace:
[  886.645094][T19551]  <TASK>
[  886.646138][T19551]  dump_stack_lvl+0x3d/0x1f0
[  886.647737][T19551]  vpanic+0x6e8/0x7a0
[  886.649054][T19551]  ? __pfx_vpanic+0x10/0x10
[  886.650467][T19551]  ? __pfx_vprintk_emit+0x10/0x10
[  886.652036][T19551]  ? xfrm_state_find+0x7401/0x84c0
[  886.653607][T19551]  panic+0xca/0xd0
[  886.654751][T19551]  ? __pfx_panic+0x10/0x10
[  886.656161][T19551]  ? xfrm_state_find+0x7401/0x84c0
[  886.657734][T19551]  ? preempt_schedule_common+0x44/0xc0
[  886.659350][T19551]  ? preempt_schedule_thunk+0x16/0x30
[  886.660990][T19551]  check_panic_on_warn+0xab/0xb0
[  886.662510][T19551]  end_report+0x107/0x170
[  886.663861][T19551]  kasan_report+0xee/0x110
[  886.665254][T19551]  ? xfrm_state_find+0x7401/0x84c0
[  886.666809][T19551]  xfrm_state_find+0x7401/0x84c0
[  886.668300][T19551]  ? arch_stack_walk+0xa6/0x100
[  886.669801][T19551]  ? __pfx_xfrm_state_find+0x10/0x10
[  886.671417][T19551]  ? find_held_lock+0x2b/0x80
[  886.672896][T19551]  ? bpf_ksym_find+0x124/0x1c0
[  886.674409][T19551]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  886.676377][T19551]  xfrm_resolve_and_create_bundle+0x4cd/0x3740
[  886.678320][T19551]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  886.680339][T19551]  ? dst_alloc+0xc0/0x1a0
[  886.681673][T19551]  ? xfrm_expand_policies.constprop.0+0x252/0x6a0
[  886.683660][T19551]  xfrm_lookup_with_ifid+0x2a0/0x1e40
[  886.685364][T19551]  ? find_held_lock+0x2b/0x80
[  886.686839][T19551]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  886.688647][T19551]  ? ip_route_output_key_hash+0x16b/0x2e0
[  886.690620][T19551]  xfrm_lookup_route+0x3b/0x200
[  886.692216][T19551]  ip_route_output_flow+0x11e/0x150
[  886.693984][T19551]  udp_sendmsg+0x1af9/0x2870
[  886.695666][T19551]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  886.697531][T19551]  ? __pfx_udp_sendmsg+0x10/0x10
[  886.699133][T19551]  ? __lock_acquire+0xb97/0x1ce0
[  886.700667][T19551]  ? aa_sk_perm+0x2f4/0xb10
[  886.702105][T19551]  ? __pfx_udp_sendmsg+0x10/0x10
[  886.703670][T19551]  inet_sendmsg+0x105/0x140
[  886.705099][T19551]  ____sys_sendmsg+0x973/0xc70
[  886.706615][T19551]  ? __pfx_____sys_sendmsg+0x10/0x10
[  886.708275][T19551]  ? get_compat_msghdr+0x11a/0x170
[  886.709882][T19551]  ___sys_sendmsg+0x134/0x1d0
[  886.711365][T19551]  ? __pfx____sys_sendmsg+0x10/0x10
[  886.713013][T19551]  ? futex_hash_get+0x20/0x70
[  886.714510][T19551]  __sys_sendmmsg+0x2f9/0x420
[  886.716033][T19551]  ? __pfx___sys_sendmmsg+0x10/0x10
[  886.717675][T19551]  ? __pfx_do_futex+0x10/0x10
[  886.719096][T19551]  ? xfd_validate_state+0x61/0x180
[  886.720652][T19551]  ? __sys_setsockopt+0x140/0x1a0
[  886.722275][T19551]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  886.724039][T19551]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  886.726136][T19551]  __do_fast_syscall_32+0x7c/0x3a0
[  886.727750][T19551]  do_fast_syscall_32+0x32/0x80
[  886.729298][T19551]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  886.731381][T19551] RIP: 0023:0xf707e579
[  886.732757][T19551] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  886.738791][T19551] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  886.741493][T19551] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000180
[  886.744039][T19551] RDX: 0000000000000077 RSI: 0000000000007600 RDI: 0000000000000000
[  886.746524][T19551] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  886.748983][T19551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  886.751438][T19551] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  886.753918][T19551]  </TASK>
[  886.755655][T19551] Kernel Offset: disabled
[  886.757053][T19551] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:36:02  Registers:
info registers vcpu 0

CPU#0
RAX=000000000141331f RBX=0000000000000000 RCX=ffffffff8b90dbf9 RDX=0000000000000000
RSI=ffffffff8de4d2d9 RDI=ffffffff8c162d80 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08
R8 =0000000000000001 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab8890 R15=0000000000000000
RIP=ffffffff8b90c75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7426288 CR3=000000006c05c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff85616f30 RDI=ffffffff9b0fc700 RBP=ffffffff9b0fc6c0 RSP=ffffc90007dfea28
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3630383838666666
R12=0000000000000000 R13=0000000000000020 R14=fffffbfff361f932 R15=dffffc0000000000
RIP=ffffffff85616f57 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880975c0000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002e113ff8 CR3=000000006c05c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000be70000e 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=ffff88802b425b18 RCX=ffffc900073b78bc RDX=0000000000000000
RSI=ffffffff8de27e45 RDI=ffffffff8c162d80 RBP=0000000000000287 RSP=ffffc900073b78a8
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000bc8 R11=ffffffff9b0c6978
R12=ffffffff81a798ed R13=0000000000000002 R14=ffff88804b1b2440 R15=0000000000000001
RIP=ffffffff81975b2a RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880976c0000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080009000 CR3=0000000069e89000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000001003d8f RBX=0000000000000003 RCX=ffffffff8b90dbf9 RDX=0000000000000000
RSI=ffffffff8de4d2d9 RDI=ffffffff8c162d80 RBP=ffffed10037e1000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=ffffffff9b0ad0d0
R12=0000000000000003 R13=ffff88801bf08000 R14=ffffffff90ab8890 R15=0000000000000000
RIP=ffffffff8b90c75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5427ffc CR3=0000000069e89000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000