last executing test programs:

19.248882022s ago: executing program 1 (id=173):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='\x00', 0x6004, 0x1)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000140), &(0x7f0000000000)=0x8)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x24f5, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000))
io_uring_enter(r2, 0x0, 0x400000, 0x1, 0x0, 0x0)
io_uring_enter(r2, 0x52e, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000040), 0x1)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x80081280, &(0x7f0000000040))

7.511453004s ago: executing program 2 (id=225):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x22100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000280)={0x6000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000040))
syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffd4a)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000940), 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_LAST_SET={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_LAST_MSECS={0xc, 0x2, 0x1, 0x0, 0x4c}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x80}, 0x1, 0x0, 0x0, 0x8044050}, 0x0)
r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000000)={0x4, "f3c492eb0165203d36bec7080089b42c000004002231a110000000005900", <r7=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r7, 0xc0303e03, &(0x7f0000000100)={"9fcaa0504b38d5004b9277c079417ff857dc9b7ac770169aed764b4d2ada8bde", r7})
syz_open_procfs(0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = syz_io_uring_setup(0x23b, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x0, 0xfffffffe}, 0x0, 0x0)
io_uring_enter(r8, 0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000045c0)={0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x4}, 0x0, &(0x7f0000004640)={0xf8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000080))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
epoll_create(0x7)

7.022585726s ago: executing program 1 (id=217):
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000d80)=ANY=[@ANYBLOB="d002000020336b8b4844d745f5015a08ea24ff42cbb11607e2062c3d785e64854ac144dc4895f4490696cc665d92c28772607f356e362b373942f67261fb0f5e365ab059e795614576ea5cf6502871b6f6b862057773b5e7e4d646eb98f94c2694c0892c10b8c36045b209a376dd68f627ee3facc9467bc46b745d6480688933df7cbbd36dd9614f9bf7a7d10193e72709c176d69f5bbdde63083530cab14309e1942232f5a146aeeb4dfe0a7bfadb132e07cacb29101e62cd09dd7c", @ANYBLOB="000426bd7000fcdbdf250c00000034000980080002000010000008000100fbffffff08000100ffffff7f08000200d63c0000080001000400000008000100090000002c0101800d0001007564703a73797a3200000000380004001400010002004e23ac1e00010000000000000000200002000a004e227ffffffffc00000000000000000000000000000001000080080003000400000038000400200001000a004e2000000009ff020000000000000000000000000001040000001400020002004e240000000000000000000000004c00028008000300ff0100000800040001040000080003000900000008000200f6000000080001001c0000000800020001000000080001001a0000000800030009000000080001001700000054000280080001001c000000080001000f00000008000300090000000800010020000000080002000000000008000200"], 0x2d0}, 0x1, 0x0, 0x0, 0x4048850}, 0x40)
openat$hpet(0xffffff9c, 0x0, 0x10001, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
r2 = socket$igmp(0x2, 0x3, 0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f00000000c0))
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_clone3(&(0x7f0000000900)={0x100000, 0x0, 0x0, 0x0, {0xc}, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[0x0], 0x1, {r2}}, 0x58)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, 0xffffffffffffffff, 0x0)
syz_clone3(&(0x7f0000000980)={0x22000, 0x0, 0x0, 0x0, {0x20}, 0x0, 0x0, &(0x7f0000000540)=""/105, 0x0}, 0x58)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, 0x0, 0x801)
r4 = syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
read$FUSE(r4, 0x0, 0x0)
r5 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x822b01)
write$char_usb(r5, &(0x7f0000000040)="e2", 0x12d8)

6.708952962s ago: executing program 1 (id=226):
r0 = socket$kcm(0x2, 0x6, 0x2)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
write$apparmor_exec(0xffffffffffffffff, &(0x7f0000000340)={'exec ', ']\'\x00'}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r2=>r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x11, &(0x7f0000000340)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r3 = userfaultfd(0x1)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x488})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0x3af4701e)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000004c0)={0x0, 0x465f}, 0x8)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r5, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r6}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
listen(r5, 0x4)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x4}, 0x8)
sendmmsg$inet6(r1, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000300)="000000100000", 0x6}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x79, &(0x7f0000000280)=ANY=[], 0x8)

6.389886816s ago: executing program 1 (id=229):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x2)
r2 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
ioctl$CEC_RECEIVE(r5, 0xc0386106, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '&\x00', 0x0, 0x0, 0xfd, 0x0, 0x1})
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r8, &(0x7f0000000040)='u', 0xa792a, 0x801, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000300)={0x1f, 0x0, @fixed}, 0xe)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0))
close_range(r7, r2, 0x0)
sendmsg$inet(r1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040))
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crct10dif-generic)\x00'}, 0x58)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[], 0x28}}, 0x0)

6.079030259s ago: executing program 0 (id=231):
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
ptrace(0x8, 0x0)
rt_tgsigqueueinfo(0x0, 0xffffffffffffffff, 0x7, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581d3b3"], 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={r3, r5, 0x25, 0x0, @void}, 0x10)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292", 0xc)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmmsg$unix(r7, &(0x7f0000001b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
close(r8)
socket$nl_route(0x10, 0x3, 0x0)
r9 = openat$hpet(0xffffff9c, &(0x7f0000000280), 0x200, 0x0)
ioctl$sock_SIOCINQ(r9, 0x541b, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
r10 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r10, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000680)=@newtaction={0x74, 0x30, 0x216822a75a8bdd29, 0x300, 0x0, {}, [{0x60, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6}, @TCA_SKBMOD_PARMS={0x24}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r10, 0x40045612, &(0x7f0000000000)=0x1)

5.596188116s ago: executing program 3 (id=235):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
syz_open_procfs$namespace(0x0, &(0x7f00000004c0)='ns/mnt\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b2c16bd94d2da66059de81abfa15eeeae3b0ba38d8bb1bf032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f5533d3c58104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7866f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7abc231f8cde79b7a6c5aafe954b8ba37818e40c14b36f2d7c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1df7ffffff735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c095162b82ceaeaae9b1713b5f2ee68e2b53d44bd84bf6960157e96bbb96b5e10d66c87e7a9a7d53c281d88ebb175a4dbb82130e6870980e47913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf355e5b91114052f8a398d8e10c96b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3df3572a7d9ef5f6103997f1f9e4b0c3970bda50f6c0af58dbd6c031b1a5a7512c58965c514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e24d192d67a1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb2200040000fc1e3865d17d128306d1b81884a934cb0000000000d367000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44b615ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f530043a6cd72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a673804220423f52ad8178b9fd04bff816e00000000000000000000000000000000000000000079aaf19bd1e18f582aac5b83d76bd57297512fdcdad18bcf2455bc80394d8f34e2ef84733038f4b6ef516d7baa99f24f2f100fc46aec9dc19b30fe9966b7ae563b6459d86fd3b4c7173f06387517e4189f3fb09c069e20220354b054f2391efe55a0cc7f738b3987ae033ceabddec65ec31f98c7e0858e8d411087889964b8fb3c31f74fa7b2e6e1c1d84a46d8be8afff1ac67eb2da30294d4a0f89978d4e2137319b6448da45bd00eb23aa5be1d566782b5a4aa291a854a4932bcbf472fd1175b521edb1763bb7dae4a124b0006e2ce4799519b3dbd3c0109b17fe2b4b87f6ad4b7176c9c1959669ef42cfce81fbc6dcdc7f9bde1a66c0b3cf9329bfecf0217bda1b72924ee9d90a3bd0be833f206244b5ba0648309018da5442ebd22bca0363183aae9d38f80638f52015cab5a8d772f9b92cb2f286783fa976f7d215136cae0b0b0539dc7dbd56035a69807514c732763f542f10401e65368b821b584fe2f82c94b2f5930246800000000000000000000000000000000000000c8ed77d8ac9f28a2e8f205900241ec8872fe3ecdf73abfc4024298a69649e17f3fe5ebba1e17f2f280e6d3f094cd3448700c5ee102b5d1b04f08ab2e5272990646eca26a62431e8c942ea2c0c621b4821eb5beceee6d53468852159452cf47aead473a8638a4d1ce2d4c6df1074e8cb3ec16149e6b4b7ec1a9aa1b63f41d08afd3d885b98330e25eedaaf5f361b2e81ce0c52ee84a2b340afdc59b177921e2f2a99132b82ed3291196038fe9a4f5a5dc734788c71bf46222d266a48628774c87b88bf3dcbea4574a87726345587e1e233fd4117063d183f477cc53c52a3fafcb998a96cf9f61cdd9ffa82d648880552ac506811accffc85ca34b262ed983d4645f4657522ed32b278891c26d5e70d41f9a5c8df8dc163fd84a81af0020a10fe53ce940d350d62b526f198620abdad179a273682175da1d9d82fde7eb9a45b566e78904238d00908b5876b4ebfca376d631b9b0caf3f1ef32ae87507aace4715efaf840ebda28e741a8b6b29eed5861168b4e1b3842f6db4443974dd0f0d4ceed9ca62fd2a839a8150335dc2b9640825b83c8bf4f931a51b093bf2dc84809af7c14f04b58d64e4f852bc49cf1126567e11f61774559bdbcc500000000000000000000000000eab10c8c592cb6f1ebccd9eb16c155a0666189eb16cea09f164363456645c9b7c168bc214615a7e94ff3d53f85c6396c42050f3205cef3009458f33949efa6a583d87795448b8b21ab6a7ca4bd8b0da30dee0af8b3a0f3cfd0ad9a8e7819b2057e2e5d8b453b6f743f8fc4dee677658958c4d4663ddcdfd0fc44e996665ab5586a4eb40a959fb0dababa05e776c29cf2443ad1d2fa0920288db88e645033ae1a4357078810d20bd93b8194214554c3f8c6efd61bc40000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000006680))
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000040)=0x1)
read$FUSE(0xffffffffffffffff, &(0x7f0000000180)={0x2020}, 0x2020)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000d00030001332564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1)

5.519171866s ago: executing program 3 (id=236):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newneigh={0x30, 0x1c, 0x401, 0x0, 0x0, {0x7, 0x0, 0x0, r4, 0x80}, [@NDA_DST_MAC={0xa, 0x1, @link_local}, @NDA_FLAGS_EXT={0x8, 0xf, 0x1}]}, 0x30}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0x5, 0x1, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r5=>0x0})
r6 = syz_open_procfs(r5, &(0x7f0000000600)='fd/4\x00')
ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x40305829, &(0x7f0000000240)=0x20)

5.473646435s ago: executing program 3 (id=237):
r0 = socket$kcm(0x2, 0x6, 0x2)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
write$apparmor_exec(0xffffffffffffffff, &(0x7f0000000340)={'exec ', ']\'\x00'}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r2=>r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x11, &(0x7f0000000340)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r3 = userfaultfd(0x1)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x488})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0x3af4701e)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000004c0)={0x0, 0x465f}, 0x8)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r5, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r6}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
listen(r5, 0x4)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x4}, 0x8)
sendmmsg$inet6(r1, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000300)="000000100000", 0x6}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x79, &(0x7f0000000280)=ANY=[], 0x8)

5.117477678s ago: executing program 2 (id=238):
io_uring_setup(0x523e, &(0x7f0000000000)={0x0, 0x8b8f, 0x1000, 0x3, 0x2e7})
pread64(0xffffffffffffffff, 0x0, 0x0, 0x3c)
openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
getsockopt$WPAN_WANTLQI(0xffffffffffffffff, 0x29, 0x49, 0x0, &(0x7f0000000040))
socket$nl_generic(0x10, 0x3, 0x10)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$inet6(0xa, 0x80002, 0x0)
syz_open_dev$video(&(0x7f00000000c0), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
mount(0x0, 0x0, 0x0, 0x3418c01, 0x0)
semget$private(0x0, 0x3, 0x8)
semctl$SETVAL(0x0, 0x0, 0x10, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x8200, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
mkdir(&(0x7f0000000100)='./bus/file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r2 = socket$inet(0x2, 0x3, 0x6)
setsockopt$inet_int(r2, 0x0, 0x6, &(0x7f0000000000), 0x4)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)

5.114113786s ago: executing program 3 (id=246):
r0 = socket$kcm(0x2, 0x6, 0x2)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
write$apparmor_exec(0xffffffffffffffff, &(0x7f0000000340)={'exec ', ']\'\x00'}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r2=>r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x11, &(0x7f0000000340)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r3 = userfaultfd(0x1)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x488})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000004c0)={0x0, 0x465f}, 0x8)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r5, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r6}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
listen(r5, 0x4)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x4}, 0x8)
sendmmsg$inet6(r1, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000300)="000000100000", 0x6}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x79, &(0x7f0000000280)=ANY=[], 0x8)

3.344309295s ago: executing program 1 (id=239):
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000140))
syz_io_uring_setup(0x8000112, &(0x7f0000000a00)={0x0, 0x87026, 0x800, 0x3, 0xffffffff, 0x0, r0}, &(0x7f0000000200), &(0x7f0000000140))
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-ssse3\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x1046, 0x0, 0x0, 0x0, 0x0}, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="cc000000000000009e"])
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, 0x0}, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
preadv(r4, &(0x7f0000000180)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000300), 0x7d3041)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="010000000000000000000b000000b5fde604dbfa7cb9115c634df17ab4fbe1498a1b918e11cf0d00000000000000adc0433201fe2c134500412ca1c306233da30d6734062325467fb836064a2fd7f61993aef02540084bb20740014ccb8ae403a15047d3bf5c3f0d84ed78abb705068261b75fd31ca2f23d6bc306ce08968d608780770ff3342939cec4f68f192d80530e9f64b1ee54840d42be9142f177b1d45413c6331350bb1e54000000008d9348b6192b501711ae4d5aa37ab8515b82ebdaa7e2feebcd834efdbd7bfb30"], 0x14}}, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r7, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="8200028ba7c8336196442860261697cd1dcb852b41e5dc2c6a4d4bee618cd4e0f328fe22a93a692d7246ba4149", @ANYRES16=r10, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414aa0800060001000000"], 0x30}}, 0x0)
sendmsg$nl_route_sched_retired(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f00000083c0)=@delchain={0xe88, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0xd}}, [@f_rsvp6={{0xa}, {0xe58, 0x2, [@TCA_RSVP_ACT={0xe54, 0x6, [@m_pedit={0xe50, 0x0, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{}, [{}, {}, {}, {}, {}, {0x0, 0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x400000}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0xe5a}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x8, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8000}, {}, {}, {0x1161}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x100}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0x10000}, {}, {}, {}, {0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}], [{0x4}, {}, {}, {}, {}, {0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {}, {0x5}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0xe88}}, 0x4000)

3.335343844s ago: executing program 3 (id=248):
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
ptrace(0x8, 0x0)
rt_tgsigqueueinfo(0x0, 0xffffffffffffffff, 0x7, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581d3b3"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
close_range(r0, 0xffffffffffffffff, 0xfeff0000)

3.250530725s ago: executing program 2 (id=240):
r0 = socket$kcm(0x2, 0x6, 0x2)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
write$apparmor_exec(0xffffffffffffffff, &(0x7f0000000340)={'exec ', ']\'\x00'}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r2=>r0, {0xffffffffffffffff, 0xee01}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x11, &(0x7f0000000340)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r3 = userfaultfd(0x1)
ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0x3af4701e)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000004c0)={0x0, 0x465f}, 0x8)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r5, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r6}, 0x10)
socket$kcm(0x10, 0x2, 0x0)
listen(r5, 0x4)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x4}, 0x8)
sendmmsg$inet6(r1, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000300)="000000100000", 0x6}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x79, &(0x7f0000000280)=ANY=[], 0x8)

2.413058724s ago: executing program 1 (id=241):
mkdir(0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$autofs(0xffffff9c, &(0x7f0000000040), 0x44cb80, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
ioctl$SNDCTL_DSP_SUBDIVIDE(0xffffffffffffffff, 0xc0045009, &(0x7f0000000200)=0x4)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x2a)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000000)=[@mss, @timestamp, @window, @mss, @timestamp, @window], 0x21a5)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="1201000064172f2057155081ed29010203010902"], 0x0)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x0, 0x0, 0xfffffffffffffd25)

2.408724963s ago: executing program 0 (id=251):
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x14}, 0x14}}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r1, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x20, r2, 0x10, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x5, 0x1}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x40000000}, 0x8000)
r3 = getpid()
r4 = getpid()
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r5}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
setreuid(0x0, 0xee01)
capset(&(0x7f0000000240)={0x20071026}, &(0x7f0000000040)={0x1ffffe, 0x7f, 0x0, 0x0, 0x0, 0x1})
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
creat(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xd}, @hci_ev_le_ltk_req={{}, {0xc9}}}}, 0x10)
fchdir(r6)
mount(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f00000002c0)='proc\x00', 0x22000, 0x0)
r7 = inotify_init1(0x0)
fcntl$setown(r7, 0x8, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x4)
remap_file_pages(&(0x7f0000ffd000/0x2000)=nil, 0xa00, 0x0, 0x0, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000100)='stat\x00')
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r9, 0x29, 0x40, &(0x7f0000000340)=ANY=[], 0x60)
pread64(r8, &(0x7f00000004c0)=""/251, 0xfb, 0x0)
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

1.967190138s ago: executing program 3 (id=242):
socket(0x10, 0x2, 0x0)
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$ipvs(0x0, r0)
r1 = syz_open_procfs(0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = accept4$inet(r1, &(0x7f0000000580)={0x2, 0x0, @multicast2}, &(0x7f00000005c0)=0x10, 0x800)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000640)={0x4, &(0x7f0000000600)=[{0xa1, 0x8, 0x5, 0x36af}, {0x34, 0x80, 0x8, 0x3}, {0x2, 0x6, 0x1, 0x14}, {0x0, 0x5, 0x7f, 0x3ff}]}, 0x8)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x4f4, 0x3c0, 0x0, 0x0, 0x2b0, 0x1a8, 0x4a8, 0x4a8, 0x4a8, 0x4a8, 0x4a8, 0x6, 0x0, {[{{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00', {}, {}, 0x6}, 0x0, 0x70, 0x94}, @ECN={0x24, 'ECN\x00', 0x0, {0x20}}}, {{@ip={@empty, @local, 0x0, 0x0, 'batadv0\x00', 'netdevsim0\x00'}, 0x0, 0xe4, 0x108, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@osf={{0x50}, {'syz1\x00'}}]}, @TTL={0x24}}, {{@uncond, 0x0, 0xc0, 0xfc, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@ah={{0x2c}}]}, @inet=@TPROXY1={0x3c, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@remote}}}, {{@ip={@multicast1, @private, 0x0, 0x0, 'pim6reg0\x00', 'erspan0\x00'}, 0x0, 0xc0, 0xe4, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}]}, @ECN={0x24}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'nr0\x00'}, 0x0, 0xc0, 0xe4, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}]}, @unspec=@CHECKSUM={0x24}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x550)
socket$packet(0x11, 0x2, 0x300)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000380)={0x3ff}, 0x0, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='comm\x00')
writev(r4, &(0x7f00000010c0)=[{&(0x7f0000000000)='X', 0x1}], 0x1)
r5 = socket$inet(0x2, 0x2, 0x6)
setsockopt$inet_msfilter(r5, 0x0, 0x23, &(0x7f0000004b00)=ANY=[@ANYBLOB="e0000808ac1414aa"], 0x10)
fallocate(r5, 0x29, 0x50a, 0xdab3)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @remote}, @address_request}}}}, 0x0)
capget(0x0, &(0x7f0000000180)={0x1})
r6 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f00000000c0)={r6, r6}, &(0x7f0000000240)=""/121, 0x79, &(0x7f0000000200)={&(0x7f0000000140)={'sha256-avx\x00'}})
socket$nl_audit(0x10, 0x3, 0x9)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
socket$nl_route(0x10, 0x3, 0x0)

1.790948995s ago: executing program 2 (id=243):
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000d80)=ANY=[@ANYBLOB="d002000020336b8b4844d745f5015a08ea24ff42cbb11607e2062c3d785e64854ac144dc4895f4490696cc665d92c28772607f356e362b373942f67261fb0f5e365ab059e795614576ea5cf6502871b6f6b862057773b5e7e4d646eb98f94c2694c0892c10b8c36045b209a376dd68f627ee3facc9467bc46b745d6480688933df7cbbd36dd9614f9bf7a7d10193e72709c176d69f5bbdde63083530cab14309e1942232f5a146aeeb4dfe0a7bfadb132e07cacb29101e62cd09dd7c", @ANYBLOB="000426bd7000fcdbdf250c00000034000980080002000010000008000100fbffffff08000100ffffff7f08000200d63c0000080001000400000008000100090000002c0101800d0001007564703a73797a3200000000380004001400010002004e23ac1e00010000000000000000200002000a004e227ffffffffc00000000000000000000000000000001000080080003000400000038000400200001000a004e2000000009ff020000000000000000000000000001040000001400020002004e240000000000000000000000004c00028008000300ff0100000800040001040000080003000900000008000200f6000000080001001c0000000800020001000000080001001a0000000800030009000000080001001700000054000280080001001c000000080001000f00000008000300090000000800010020000000080002000000000008000200"], 0x2d0}, 0x1, 0x0, 0x0, 0x4048850}, 0x40)
openat$hpet(0xffffff9c, 0x0, 0x10001, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$KDGKBDIACR(r1, 0x4b4a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
r4 = socket$igmp(0x2, 0x3, 0x2)
sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000740)={0x1c, r3, 0x73bf44d8d76863a9, 0x0, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_clone3(&(0x7f0000000900)={0x100000, 0x0, 0x0, 0x0, {0xc}, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[0x0], 0x1, {r4}}, 0x58)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, 0xffffffffffffffff, 0x0)
syz_clone3(&(0x7f0000000980)={0x22000, 0x0, 0x0, 0x0, {0x20}, 0x0, 0x0, &(0x7f0000000540)=""/105, 0x0}, 0x58)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, 0x0, 0x801)
r6 = syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042)
read$FUSE(r6, 0x0, 0x0)
r7 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x822b01)
write$char_usb(r7, &(0x7f0000000040)="e2", 0x12d8)

1.508037283s ago: executing program 0 (id=244):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
syz_open_procfs$namespace(0x0, &(0x7f00000004c0)='ns/mnt\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b2c16bd94d2da66059de81abfa15eeeae3b0ba38d8bb1bf032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f5533d3c58104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7866f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7abc231f8cde79b7a6c5aafe954b8ba37818e40c14b36f2d7c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1df7ffffff735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c095162b82ceaeaae9b1713b5f2ee68e2b53d44bd84bf6960157e96bbb96b5e10d66c87e7a9a7d53c281d88ebb175a4dbb82130e6870980e47913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf355e5b91114052f8a398d8e10c96b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3df3572a7d9ef5f6103997f1f9e4b0c3970bda50f6c0af58dbd6c031b1a5a7512c58965c514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e24d192d67a1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb2200040000fc1e3865d17d128306d1b81884a934cb0000000000d367000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44b615ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f530043a6cd72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a673804220423f52ad8178b9fd04bff816e00000000000000000000000000000000000000000079aaf19bd1e18f582aac5b83d76bd57297512fdcdad18bcf2455bc80394d8f34e2ef84733038f4b6ef516d7baa99f24f2f100fc46aec9dc19b30fe9966b7ae563b6459d86fd3b4c7173f06387517e4189f3fb09c069e20220354b054f2391efe55a0cc7f738b3987ae033ceabddec65ec31f98c7e0858e8d411087889964b8fb3c31f74fa7b2e6e1c1d84a46d8be8afff1ac67eb2da30294d4a0f89978d4e2137319b6448da45bd00eb23aa5be1d566782b5a4aa291a854a4932bcbf472fd1175b521edb1763bb7dae4a124b0006e2ce4799519b3dbd3c0109b17fe2b4b87f6ad4b7176c9c1959669ef42cfce81fbc6dcdc7f9bde1a66c0b3cf9329bfecf0217bda1b72924ee9d90a3bd0be833f206244b5ba0648309018da5442ebd22bca0363183aae9d38f80638f52015cab5a8d772f9b92cb2f286783fa976f7d215136cae0b0b0539dc7dbd56035a69807514c732763f542f10401e65368b821b584fe2f82c94b2f5930246800000000000000000000000000000000000000c8ed77d8ac9f28a2e8f205900241ec8872fe3ecdf73abfc4024298a69649e17f3fe5ebba1e17f2f280e6d3f094cd3448700c5ee102b5d1b04f08ab2e5272990646eca26a62431e8c942ea2c0c621b4821eb5beceee6d53468852159452cf47aead473a8638a4d1ce2d4c6df1074e8cb3ec16149e6b4b7ec1a9aa1b63f41d08afd3d885b98330e25eedaaf5f361b2e81ce0c52ee84a2b340afdc59b177921e2f2a99132b82ed3291196038fe9a4f5a5dc734788c71bf46222d266a48628774c87b88bf3dcbea4574a87726345587e1e233fd4117063d183f477cc53c52a3fafcb998a96cf9f61cdd9ffa82d648880552ac506811accffc85ca34b262ed983d4645f4657522ed32b278891c26d5e70d41f9a5c8df8dc163fd84a81af0020a10fe53ce940d350d62b526f198620abdad179a273682175da1d9d82fde7eb9a45b566e78904238d00908b5876b4ebfca376d631b9b0caf3f1ef32ae87507aace4715efaf840ebda28e741a8b6b29eed5861168b4e1b3842f6db4443974dd0f0d4ceed9ca62fd2a839a8150335dc2b9640825b83c8bf4f931a51b093bf2dc84809af7c14f04b58d64e4f852bc49cf1126567e11f61774559bdbcc500000000000000000000000000eab10c8c592cb6f1ebccd9eb16c155a0666189eb16cea09f164363456645c9b7c168bc214615a7e94ff3d53f85c6396c42050f3205cef3009458f33949efa6a583d87795448b8b21ab6a7ca4bd8b0da30dee0af8b3a0f3cfd0ad9a8e7819b2057e2e5d8b453b6f743f8fc4dee677658958c4d4663ddcdfd0fc44e996665ab5586a4eb40a959fb0dababa05e776c29cf2443ad1d2fa0920288db88e645033ae1a4357078810d20bd93b8194214554c3f8c6efd61bc40000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000006680))
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000040)=0x1)
read$FUSE(0xffffffffffffffff, &(0x7f0000000180)={0x2020}, 0x2020)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000d00030001332564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1)

1.325460652s ago: executing program 2 (id=245):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$kcm(0x10, 0x1, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000740)=r4)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000ac0)={0x2, 0x0, [{0x4, 0x3f, &(0x7f0000000180)=""/63}, {0x0, 0xc, &(0x7f0000000140)=""/12}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000000)=0x20000)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r5=>0x0})
sched_setaffinity(r5, 0x8, &(0x7f0000000040)=0x68)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x0)
preadv(r6, &(0x7f00000001c0)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)

1.32383226s ago: executing program 0 (id=256):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x2d)
syz_open_procfs$namespace(0x0, &(0x7f00000004c0)='ns/mnt\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b2c16bd94d2da66059de81abfa15eeeae3b0ba38d8bb1bf032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f5533d3c58104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7866f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7abc231f8cde79b7a6c5aafe954b8ba37818e40c14b36f2d7c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1df7ffffff735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c095162b82ceaeaae9b1713b5f2ee68e2b53d44bd84bf6960157e96bbb96b5e10d66c87e7a9a7d53c281d88ebb175a4dbb82130e6870980e47913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf355e5b91114052f8a398d8e10c96b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3df3572a7d9ef5f6103997f1f9e4b0c3970bda50f6c0af58dbd6c031b1a5a7512c58965c514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e24d192d67a1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb2200040000fc1e3865d17d128306d1b81884a934cb0000000000d367000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44b615ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f530043a6cd72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a673804220423f52ad8178b9fd04bff816e00000000000000000000000000000000000000000079aaf19bd1e18f582aac5b83d76bd57297512fdcdad18bcf2455bc80394d8f34e2ef84733038f4b6ef516d7baa99f24f2f100fc46aec9dc19b30fe9966b7ae563b6459d86fd3b4c7173f06387517e4189f3fb09c069e20220354b054f2391efe55a0cc7f738b3987ae033ceabddec65ec31f98c7e0858e8d411087889964b8fb3c31f74fa7b2e6e1c1d84a46d8be8afff1ac67eb2da30294d4a0f89978d4e2137319b6448da45bd00eb23aa5be1d566782b5a4aa291a854a4932bcbf472fd1175b521edb1763bb7dae4a124b0006e2ce4799519b3dbd3c0109b17fe2b4b87f6ad4b7176c9c1959669ef42cfce81fbc6dcdc7f9bde1a66c0b3cf9329bfecf0217bda1b72924ee9d90a3bd0be833f206244b5ba0648309018da5442ebd22bca0363183aae9d38f80638f52015cab5a8d772f9b92cb2f286783fa976f7d215136cae0b0b0539dc7dbd56035a69807514c732763f542f10401e65368b821b584fe2f82c94b2f5930246800000000000000000000000000000000000000c8ed77d8ac9f28a2e8f205900241ec8872fe3ecdf73abfc4024298a69649e17f3fe5ebba1e17f2f280e6d3f094cd3448700c5ee102b5d1b04f08ab2e5272990646eca26a62431e8c942ea2c0c621b4821eb5beceee6d53468852159452cf47aead473a8638a4d1ce2d4c6df1074e8cb3ec16149e6b4b7ec1a9aa1b63f41d08afd3d885b98330e25eedaaf5f361b2e81ce0c52ee84a2b340afdc59b177921e2f2a99132b82ed3291196038fe9a4f5a5dc734788c71bf46222d266a48628774c87b88bf3dcbea4574a87726345587e1e233fd4117063d183f477cc53c52a3fafcb998a96cf9f61cdd9ffa82d648880552ac506811accffc85ca34b262ed983d4645f4657522ed32b278891c26d5e70d41f9a5c8df8dc163fd84a81af0020a10fe53ce940d350d62b526f198620abdad179a273682175da1d9d82fde7eb9a45b566e78904238d00908b5876b4ebfca376d631b9b0caf3f1ef32ae87507aace4715efaf840ebda28e741a8b6b29eed5861168b4e1b3842f6db4443974dd0f0d4ceed9ca62fd2a839a8150335dc2b9640825b83c8bf4f931a51b093bf2dc84809af7c14f04b58d64e4f852bc49cf1126567e11f61774559bdbcc500000000000000000000000000eab10c8c592cb6f1ebccd9eb16c155a0666189eb16cea09f164363456645c9b7c168bc214615a7e94ff3d53f85c6396c42050f3205cef3009458f33949efa6a583d87795448b8b21ab6a7ca4bd8b0da30dee0af8b3a0f3cfd0ad9a8e7819b2057e2e5d8b453b6f743f8fc4dee677658958c4d4663ddcdfd0fc44e996665ab5586a4eb40a959fb0dababa05e776c29cf2443ad1d2fa0920288db88e645033ae1a4357078810d20bd93b8194214554c3f8c6efd61bc40000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000006680))
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000040)=0x1)
read$FUSE(0xffffffffffffffff, &(0x7f0000000180)={0x2020}, 0x2020)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f04000000170a001700000000040037000d00030001332564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1)

147.411579ms ago: executing program 2 (id=247):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x3, @local}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in6=@dev={0xfe, 0x80, '\x00', 0x2a}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x3b0}, {0x0, 0x0, 0x2, 0xfffffffffffffffd}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {{@in6=@local, 0x100000, 0x33}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3501, 0x0, 0x0, 0xb7, 0x0, 0x10000}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)

140.907741ms ago: executing program 0 (id=258):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000040)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)
recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0xd00, &(0x7f0000000240)=[{&(0x7f0000003080)=""/4106, 0x100a}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)
munmap(&(0x7f000057d000/0x800000)=nil, 0x800000)
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000180), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f00000002c0)={0x64, r2, 0x400, 0xfffffffd, 0x0, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x1}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MLSLVLLST={0x3c, 0x8, 0x0, 0x1, [{0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x10}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x68a8edb1}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}]}]}, 0x64}}, 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/resume_offset', 0x0, 0x0)
read$char_usb(r3, &(0x7f0000000000)=""/158, 0x9e)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000100)={0x0, 0xd})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='uid'])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x68)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r5, &(0x7f00000001c0)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd='])
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xfe00, &(0x7f0000000040)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef43c000000e3bd6efb440309000e000a0010000000ba8000001201", 0x2e}], 0x1}, 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
sendmsg$kcm(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0xfddd, 0x0, 0x0, 0x3000}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)

0s ago: executing program 0 (id=249):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = getpid()
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={0x0, r2}, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$alg(0x26, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
rename(&(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x100000}], 0x2, 0x0, 0x0, 0xb)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r3, 0x941c, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='freezer.parent_freezing\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r6, 0x0)
ioctl$IOC_PR_PREEMPT(r6, 0x401870cb, &(0x7f0000000140)={0x2, 0x0, 0x1000, 0x96})
socketpair(0x1a, 0x100000005, 0x0, &(0x7f0000000000))
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000700)={{0xffffff1f, 0x1, 0x18, r0, {0x1}}, './file0\x00'})

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:61186' (ED25519) to the list of known hosts.
[   34.366864][ T5328] cgroup: Unknown subsys name 'net'
[   34.646689][ T5328] cgroup: Unknown subsys name 'cpuset'
[   34.658409][ T5328] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   35.834340][ T5328] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   39.264627][ T5349] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   39.279367][ T5351] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   39.281779][ T5351] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   39.284184][ T5351] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   39.286393][ T5351] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   39.288898][ T5351] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   39.289789][ T5358] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   39.290872][ T5351] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   39.292804][ T5358] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   39.295299][ T5351] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   39.296448][ T5358] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   39.298143][ T5351] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   39.300837][ T5362] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   39.301799][ T5361] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   39.304707][ T5362] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   39.305827][ T5361] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   39.307801][ T5362] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   39.309647][ T5361] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   39.312391][ T5362] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   39.313975][ T5361] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   39.315783][ T5362] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   39.325828][ T5362] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   39.329446][ T5362] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   39.331371][ T5362] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   39.488846][ T5346] chnl_net:caif_netlink_parms(): no params data found
[   39.534534][ T5347] chnl_net:caif_netlink_parms(): no params data found
[   39.582434][ T5353] chnl_net:caif_netlink_parms(): no params data found
[   39.636444][ T5346] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.639575][ T5346] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.642152][ T5346] bridge_slave_0: entered allmulticast mode
[   39.644701][ T5346] bridge_slave_0: entered promiscuous mode
[   39.650467][ T5346] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.652906][ T5346] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.655329][ T5346] bridge_slave_1: entered allmulticast mode
[   39.657812][ T5346] bridge_slave_1: entered promiscuous mode
[   39.662723][ T5347] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.664547][ T5347] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.666787][ T5347] bridge_slave_0: entered allmulticast mode
[   39.668867][ T5347] bridge_slave_0: entered promiscuous mode
[   39.715777][ T5347] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.717698][ T5347] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.719657][ T5347] bridge_slave_1: entered allmulticast mode
[   39.721825][ T5347] bridge_slave_1: entered promiscuous mode
[   39.768211][ T5346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.826489][ T5346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.840633][ T5347] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.846725][ T5347] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.850278][ T5353] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.852653][ T5353] bridge0: port 1(bridge_slave_0) entered disabled state
[   39.854616][ T5353] bridge_slave_0: entered allmulticast mode
[   39.856614][ T5353] bridge_slave_0: entered promiscuous mode
[   39.873481][ T5359] chnl_net:caif_netlink_parms(): no params data found
[   39.885697][ T5353] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.888038][ T5353] bridge0: port 2(bridge_slave_1) entered disabled state
[   39.891430][ T5353] bridge_slave_1: entered allmulticast mode
[   39.894023][ T5353] bridge_slave_1: entered promiscuous mode
[   39.906968][ T5346] team0: Port device team_slave_0 added
[   39.912207][ T5346] team0: Port device team_slave_1 added
[   39.929946][ T5347] team0: Port device team_slave_0 added
[   39.942747][ T5353] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.950470][ T5353] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.964451][ T5347] team0: Port device team_slave_1 added
[   40.033723][ T5353] team0: Port device team_slave_0 added
[   40.036415][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_0
[   40.038899][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   40.047560][ T5346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   40.052014][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_1
[   40.053827][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   40.060675][ T5346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   40.074011][ T5347] batman_adv: batadv0: Adding interface: batadv_slave_0
[   40.075816][ T5347] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   40.082490][ T5347] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   40.089641][ T5353] team0: Port device team_slave_1 added
[   40.109710][ T5347] batman_adv: batadv0: Adding interface: batadv_slave_1
[   40.111968][ T5347] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   40.121009][ T5347] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   40.159285][ T5353] batman_adv: batadv0: Adding interface: batadv_slave_0
[   40.161663][ T5353] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   40.170690][ T5353] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   40.193030][ T5359] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.195581][ T5359] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.198178][ T5359] bridge_slave_0: entered allmulticast mode
[   40.201394][ T5359] bridge_slave_0: entered promiscuous mode
[   40.215037][ T5353] batman_adv: batadv0: Adding interface: batadv_slave_1
[   40.216881][ T5353] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   40.223755][ T5353] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   40.241296][ T5359] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.244583][ T5359] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.247197][ T5359] bridge_slave_1: entered allmulticast mode
[   40.250328][ T5359] bridge_slave_1: entered promiscuous mode
[   40.286651][ T5346] hsr_slave_0: entered promiscuous mode
[   40.289690][ T5346] hsr_slave_1: entered promiscuous mode
[   40.295009][ T5347] hsr_slave_0: entered promiscuous mode
[   40.296902][ T5347] hsr_slave_1: entered promiscuous mode
[   40.301537][ T5347] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   40.303961][ T5347] Cannot create hsr debugfs directory
[   40.349797][ T5359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   40.353601][ T5359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   40.422493][ T5359] team0: Port device team_slave_0 added
[   40.426263][ T5353] hsr_slave_0: entered promiscuous mode
[   40.428761][ T5353] hsr_slave_1: entered promiscuous mode
[   40.430723][ T5353] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   40.432776][ T5353] Cannot create hsr debugfs directory
[   40.446413][ T5359] team0: Port device team_slave_1 added
[   40.539812][ T5359] batman_adv: batadv0: Adding interface: batadv_slave_0
[   40.541633][ T5359] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   40.549940][ T5359] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   40.556279][ T5359] batman_adv: batadv0: Adding interface: batadv_slave_1
[   40.558557][ T5359] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   40.567180][ T5359] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   40.690742][ T5359] hsr_slave_0: entered promiscuous mode
[   40.693661][ T5359] hsr_slave_1: entered promiscuous mode
[   40.696888][ T5359] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   40.699820][ T5359] Cannot create hsr debugfs directory
[   40.797588][ T5346] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   40.802009][ T5346] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   40.806673][ T5346] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   40.819933][ T5346] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   40.838142][ T5347] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   40.845454][ T5347] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   40.859914][ T5347] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   40.869391][ T5347] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   40.872157][ T5353] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   40.875764][ T5353] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   40.879454][ T5353] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   40.882889][ T5353] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   40.910016][ T5359] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   40.913243][ T5359] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   40.916536][ T5359] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   40.921310][ T5359] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   40.957127][ T5346] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.996368][ T5347] 8021q: adding VLAN 0 to HW filter on device bond0
[   41.002473][ T5346] 8021q: adding VLAN 0 to HW filter on device team0
[   41.005734][ T5353] 8021q: adding VLAN 0 to HW filter on device bond0
[   41.018253][ T5347] 8021q: adding VLAN 0 to HW filter on device team0
[   41.025776][ T5359] 8021q: adding VLAN 0 to HW filter on device bond0
[   41.029976][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.031978][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.034889][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.036737][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.040265][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.042732][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.046480][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.049028][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.057757][ T5353] 8021q: adding VLAN 0 to HW filter on device team0
[   41.070406][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.072296][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.081345][ T5359] 8021q: adding VLAN 0 to HW filter on device team0
[   41.088283][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.090188][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.100274][ T1134] bridge0: port 1(bridge_slave_0) entered blocking state
[   41.102141][ T1134] bridge0: port 1(bridge_slave_0) entered forwarding state
[   41.114025][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state
[   41.115890][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state
[   41.127276][ T5346] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   41.131627][ T5346] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   41.231002][ T5353] 8021q: adding VLAN 0 to HW filter on device batadv0
[   41.250273][ T5353] veth0_vlan: entered promiscuous mode
[   41.264341][ T5347] 8021q: adding VLAN 0 to HW filter on device batadv0
[   41.266733][ T5353] veth1_vlan: entered promiscuous mode
[   41.285678][ T5346] 8021q: adding VLAN 0 to HW filter on device batadv0
[   41.289797][ T5359] 8021q: adding VLAN 0 to HW filter on device batadv0
[   41.309540][ T5353] veth0_macvtap: entered promiscuous mode
[   41.323520][ T5353] veth1_macvtap: entered promiscuous mode
[   41.350061][ T5347] veth0_vlan: entered promiscuous mode
[   41.351741][ T5346] veth0_vlan: entered promiscuous mode
[   41.354746][ T5359] veth0_vlan: entered promiscuous mode
[   41.360964][ T5347] veth1_vlan: entered promiscuous mode
[   41.365472][ T5353] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.371363][ T5346] veth1_vlan: entered promiscuous mode
[   41.374126][ T5359] veth1_vlan: entered promiscuous mode
[   41.377097][ T5353] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.387733][ T5353] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.392723][ T5353] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.395631][ T5353] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.398539][ T5353] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.399674][ T5362] Bluetooth: hci2: command tx timeout
[   41.399839][ T5349] Bluetooth: hci1: command tx timeout
[   41.402678][ T5349] Bluetooth: hci3: command tx timeout
[   41.402764][ T5357] Bluetooth: hci0: command tx timeout
[   41.410039][ T5347] veth0_macvtap: entered promiscuous mode
[   41.414747][ T5347] veth1_macvtap: entered promiscuous mode
[   41.437599][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.443426][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.447960][ T5347] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.458971][ T5346] veth0_macvtap: entered promiscuous mode
[   41.463982][ T5346] veth1_macvtap: entered promiscuous mode
[   41.467134][ T5359] veth0_macvtap: entered promiscuous mode
[   41.477862][ T5347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.481784][ T5347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.485549][ T5347] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.489855][ T5347] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.492742][ T5347] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.495638][ T5347] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.498535][ T5347] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.504208][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.507661][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.511138][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.514552][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.518435][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.531206][ T5359] veth1_macvtap: entered promiscuous mode
[   41.534779][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.536899][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.543540][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.546297][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.548917][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.551560][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.554573][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.562797][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.566265][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.569839][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.573286][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.576518][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   41.580045][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.584058][ T5359] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.588018][ T5346] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.591790][ T5346] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.594211][ T5346] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.596509][ T5346] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.604059][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.605481][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.606132][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.610151][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.614848][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.618391][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.621984][ T5359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   41.625227][ T5359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   41.629709][ T5359] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.641364][ T5359] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.643669][ T5359] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.645946][ T5359] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.648214][ T5359] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.666497][ T5353] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   41.691425][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.693543][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.727787][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.731096][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.733126][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.733602][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.752075][ T1098] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.753209][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.754738][ T1098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.756804][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.773187][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.776320][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.810655][ T5413] netfs: Couldn't get user pages (rc=-14)
[   41.893329][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   41.894031][ T5426] 9pnet_virtio: no channels available for device syz
[   41.903310][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.068736][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.071219][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.380122][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.472934][ T5446] 9pnet_virtio: no channels available for device syz
[   42.638678][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   42.658256][ T5451] netlink: 5 bytes leftover after parsing attributes in process `syz.1.10'.
[   42.664444][ T5451] 0ªX¹¦D: renamed from gretap0 (while UP)
[   42.681787][ T5451] 0ªX¹¦D: entered allmulticast mode
[   42.687202][ T5451] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   42.836505][ T5453] netfs: Couldn't get user pages (rc=-14)
[   42.867885][ T5461] 9pnet_virtio: no channels available for device syz
[   43.478790][ T5349] Bluetooth: hci2: command tx timeout
[   43.478888][ T5362] Bluetooth: hci3: command tx timeout
[   43.480077][ T5357] Bluetooth: hci0: command tx timeout
[   43.480107][ T5357] Bluetooth: hci1: command tx timeout
[   43.957374][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   44.122622][ T5477] netlink: 5 bytes leftover after parsing attributes in process `syz.3.15'.
[   44.126745][ T5477] 0ªX¹¦D: renamed from gretap0 (while UP)
[   44.130803][ T5477] 0ªX¹¦D: entered allmulticast mode
[   44.140953][ T5477] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   44.878775][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   44.973372][ T5489] netfs: Couldn't get user pages (rc=-14)
[   45.009164][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   45.299029][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   45.562829][ T5362] Bluetooth: hci0: command tx timeout
[   45.565067][ T5362] Bluetooth: hci2: command tx timeout
[   45.566233][ T5349] Bluetooth: hci3: command tx timeout
[   45.568679][ T5349] Bluetooth: hci1: command tx timeout
[   45.646073][ T5504] netlink: 5 bytes leftover after parsing attributes in process `syz.3.22'.
[   45.648460][ T5504] 1ªX¹¦D: renamed from 
30ªX¹¦D (while UP)
[   45.650886][ T5504] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[   46.935741][ T5516] netlink: 5 bytes leftover after parsing attributes in process `syz.2.25'.
[   46.939110][ T5516] 0ªX¹¦D: renamed from gretap0 (while UP)
[   46.950438][ T5516] 0ªX¹¦D: entered allmulticast mode
[   46.952634][ T5516] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   47.641061][ T5349] Bluetooth: hci2: command tx timeout
[   47.641226][ T5362] Bluetooth: hci1: command tx timeout
[   47.642490][ T5349] Bluetooth: hci3: command tx timeout
[   47.642509][ T5349] Bluetooth: hci0: command tx timeout
[   47.643441][ T5528] Zero length message leads to an empty skb
[   49.051020][ T5554] netfs: Couldn't get user pages (rc=-14)
[   49.631793][ T5577] netlink: 5 bytes leftover after parsing attributes in process `syz.3.42'.
[   49.634447][ T5577] 0ªX¹¦D: renamed from 
31ªX¹¦D (while UP)
[   49.642308][ T5577] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   50.537009][ T5591] netlink: 5 bytes leftover after parsing attributes in process `syz.1.45'.
[   50.539904][ T5591] 1ªX¹¦D: renamed from 
30ªX¹¦D (while UP)
[   50.551962][ T5591] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[   51.046013][ T5605] netlink: 5 bytes leftover after parsing attributes in process `syz.2.49'.
[   51.048480][ T5605] 1ªX¹¦D: renamed from 
30ªX¹¦D (while UP)
[   51.073308][ T5605] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[   51.473815][ T5617] netlink: 5 bytes leftover after parsing attributes in process `syz.0.51'.
[   51.488779][ T5617] 0ªX¹¦D: renamed from gretap0 (while UP)
[   51.503657][ T5617] 0ªX¹¦D: entered allmulticast mode
[   51.512920][ T5617] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   52.597400][ T5633] netlink: 'syz.2.56': attribute type 10 has an invalid length.
[   52.604018][ T5633] ipvlan1: entered promiscuous mode
[   52.612018][ T5633] team0: Device ipvlan1 failed to register rx_handler
[   52.623062][ T5639] netlink: 5 bytes leftover after parsing attributes in process `syz.0.57'.
[   52.635445][ T5639] 1ªX¹¦D: renamed from 
30ªX¹¦D (while UP)
[   52.649319][ T5633] autofs: Bad value for 'fd'
[   52.654179][ T5639] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[   53.458694][   T62] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   53.581011][ T5662] Driver unsupported XDP return value 0 on prog  (id 24) dev N/A, expect packet loss!
[   53.623739][ T5665] netlink: 5 bytes leftover after parsing attributes in process `syz.3.66'.
[   53.626050][ T5665] 1ªX¹¦D: renamed from 
30ªX¹¦D (while UP)
[   53.629454][   T62] usb 6-1: Using ep0 maxpacket: 8
[   53.630170][ T5665] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[   53.640760][   T62] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[   53.643278][   T62] usb 6-1: config 0 has no interface number 0
[   53.644917][   T62] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   53.648205][   T62] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   53.668615][   T62] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   53.673034][   T62] usb 6-1: config 0 descriptor??
[   53.688755][   T62] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[   53.906776][   T62] usb 6-1: USB disconnect, device number 2
[   53.914682][   T62] iowarrior 6-1:0.1: I/O-Warror #0 now disconnected
[   54.155928][ T4433] IPVS: starting estimator thread 0...
[   54.238938][ T5704] IPVS: using max 35 ests per chain, 84000 per kthread
[   54.262253][ T5707] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[   54.527017][ T5713] FAULT_INJECTION: forcing a failure.
[   54.527017][ T5713] name failslab, interval 1, probability 0, space 0, times 1
[   54.530937][ T5713] CPU: 2 UID: 0 PID: 5713 Comm: syz.3.75 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[   54.533714][ T5713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   54.536530][ T5713] Call Trace:
[   54.537416][ T5713]  <TASK>
[   54.538208][ T5713]  dump_stack_lvl+0x16c/0x1f0
[   54.539478][ T5713]  should_fail_ex+0x497/0x5b0
[   54.540735][ T5713]  should_failslab+0xc2/0x120
[   54.541991][ T5713]  __kmalloc_cache_noprof+0x6b/0x310
[   54.543387][ T5713]  ? sctp_add_bind_addr+0x9d/0x3e0
[   54.544751][ T5713]  sctp_add_bind_addr+0x9d/0x3e0
[   54.546065][ T5713]  sctp_copy_local_addr_list+0x39e/0x5a0
[   54.547519][ T5713]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[   54.549171][ T5713]  ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360
[   54.550734][ T5713]  ? sctp_bind_addr_copy+0xe0/0x530
[   54.552124][ T5713]  sctp_bind_addr_copy+0xe0/0x530
[   54.553393][ T5713]  sctp_connect_new_asoc+0x1d8/0x790
[   54.554784][ T5713]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[   54.556326][ T5713]  ? mark_held_locks+0x9f/0xe0
[   54.557589][ T5713]  ? sctp_sendmsg+0x112f/0x1f10
[   54.558877][ T5713]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[   54.560341][ T5713]  sctp_sendmsg+0x162a/0x1f10
[   54.561584][ T5713]  ? __pfx___lock_acquire+0x10/0x10
[   54.563016][ T5713]  ? __pfx_sctp_sendmsg+0x10/0x10
[   54.564346][ T5713]  ? find_held_lock+0x2d/0x110
[   54.565607][ T5713]  ? __pfx___might_resched+0x10/0x10
[   54.566992][ T5713]  ? __pfx_aa_sk_perm+0x10/0x10
[   54.568294][ T5713]  ? __import_iovec+0x1fd/0x6e0
[   54.569571][ T5713]  ? __pfx_sctp_sendmsg+0x10/0x10
[   54.570891][ T5713]  inet_sendmsg+0x119/0x140
[   54.572094][ T5713]  ____sys_sendmsg+0x907/0xb40
[   54.573368][ T5713]  ? __pfx_____sys_sendmsg+0x10/0x10
[   54.574745][ T5713]  ? get_compat_msghdr+0x11b/0x170
[   54.576084][ T5713]  ? __pfx___lock_acquire+0x10/0x10
[   54.577462][ T5713]  ___sys_sendmsg+0x135/0x1e0
[   54.578702][ T5713]  ? __pfx____sys_sendmsg+0x10/0x10
[   54.580081][ T5713]  ? lock_acquire+0x2f/0xb0
[   54.581289][ T5713]  ? __fget_files+0x40/0x3f0
[   54.582516][ T5713]  ? fdget+0x176/0x210
[   54.583597][ T5713]  __sys_sendmmsg+0x2a5/0x450
[   54.584850][ T5713]  ? __pfx___sys_sendmmsg+0x10/0x10
[   54.586219][ T5713]  ? vfs_write+0x14d/0x1140
[   54.587423][ T5713]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   54.589022][ T5713]  ? fput+0x30/0x390
[   54.590058][ T5713]  ? ksys_write+0x1ad/0x260
[   54.591256][ T5713]  ? __pfx_ksys_write+0x10/0x10
[   54.592545][ T5713]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[   54.594025][ T5713]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   54.595815][ T5713]  __do_fast_syscall_32+0x73/0x120
[   54.597181][ T5713]  do_fast_syscall_32+0x32/0x80
[   54.598464][ T5713]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   54.600131][ T5713] RIP: 0023:0xf744e579
[   54.601206][ T5713] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   54.606202][ T5713] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[   54.608394][ T5713] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001680
[   54.610460][ T5713] RDX: 0000000000000001 RSI: 00000000000000fc RDI: 0000000000000000
[   54.612531][ T5713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   54.614584][ T5713] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   54.616644][ T5713] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   54.618715][ T5713]  </TASK>
[   55.918640][ T5688] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   55.938666][   T62] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   55.988723][ T4817] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   56.069061][ T5688] usb 5-1: Using ep0 maxpacket: 8
[   56.079748][ T5688] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[   56.081893][ T5688] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   56.084391][ T5688] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   56.086866][ T5688] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   56.089531][   T62] usb 7-1: Using ep0 maxpacket: 8
[   56.090887][ T5688] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   56.094326][ T5688] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   56.096832][ T5688] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.100443][   T62] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   56.103050][   T62] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[   56.105347][   T62] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 115, changing to 10
[   56.108191][   T62] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 18277, setting to 1024
[   56.111833][   T62] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   56.114263][   T62] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.122532][ T5741] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[   56.126586][   T62] hub 7-1:1.0: bad descriptor, ignoring hub
[   56.128212][   T62] hub 7-1:1.0: probe with driver hub failed with error -5
[   56.130414][   T62] cdc_wdm 7-1:1.0: skipping garbage
[   56.131812][   T62] cdc_wdm 7-1:1.0: skipping garbage
[   56.134775][   T62] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[   56.136380][   T62] cdc_wdm 7-1:1.0: Unknown control protocol
[   56.158761][ T4817] usb 8-1: Using ep0 maxpacket: 16
[   56.163541][ T4817] usb 8-1: config 0 has an invalid interface number: 8 but max is 0
[   56.166529][ T4817] usb 8-1: config 0 has no interface number 0
[   56.168956][ T4817] usb 8-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   56.172630][ T4817] usb 8-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   56.177841][ T4817] usb 8-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[   56.181234][ T4817] usb 8-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[   56.183989][ T4817] usb 8-1: Product: syz
[   56.185486][ T4817] usb 8-1: SerialNumber: syz
[   56.188916][ T4817] usb 8-1: config 0 descriptor??
[   56.192519][ T4817] cm109 8-1:0.8: invalid payload size 0, expected 4
[   56.196454][ T4817] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.8/input/input5
[   56.301286][ T5733] Bluetooth: hci0: Opcode 0x0401 failed: -4
[   56.321435][ T5688] usb 5-1: usb_control_msg returned -32
[   56.322930][ T5688] usbtmc 5-1:16.0: can't read capabilities
[   56.730516][ T5750] netfs: Couldn't get user pages (rc=-14)
[   57.051177][ T5741] usb 7-1: reset high-speed USB device number 2 using dummy_hcd
[   57.054309][ T5741] usb 7-1: device reset changed ep0 maxpacket size!
[   57.058041][ T4433] usb 7-1: USB disconnect, device number 2
[   57.058812][ T5741] cdc_wdm 7-1:1.0: Error autopm - -16
[   57.063036][ T5739] cdc_wdm 7-1:1.0: Error autopm - -16
[   57.198755][ T4433] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   57.349931][ T4433] usb 7-1: Using ep0 maxpacket: 16
[   57.360755][ T4433] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   57.366486][ T4433] usb 7-1: New USB device found, idVendor=0b05, idProduct=1807, bcdDevice= 0.40
[   57.374798][ T4433] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   57.377092][ T4433] usb 7-1: Product: syz
[   57.378558][ T4433] usb 7-1: Manufacturer: syz
[   57.380199][ T4433] usb 7-1: SerialNumber: syz
[   57.390785][ T4433] usbhid 7-1:1.0: couldn't find an input interrupt endpoint
[   57.481631][ T5362] Bluetooth: hci0: command 0x0401 tx timeout
[   57.601059][ T4433] usb 7-1: USB disconnect, device number 3
[   58.535589][ T5762] fuse: Unknown parameter 'grjp_id00000000000000000000'
[   58.618751][ T5392] usb 5-1: USB disconnect, device number 2
[   58.682091][ T5766] hub 2-0:1.0: USB hub found
[   58.684190][ T5766] hub 2-0:1.0: 2 ports detected
[   58.849030][    C0] cm109 8-1:0.8: cm109_urb_ctl_callback: urb status -71
[   58.849175][ T4433] usb 8-1: USB disconnect, device number 2
[   58.850934][    C0] cm109 8-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[   58.862955][ T4433] cm109 8-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[   59.137121][ T5776] netlink: 5 bytes leftover after parsing attributes in process `syz.3.93'.
[   59.140216][ T5776] 0ªX¹¦D: renamed from 
31ªX¹¦D (while UP)
[   59.143203][ T5776] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   59.216051][ T5779] netlink: 5 bytes leftover after parsing attributes in process `syz.3.94'.
[   59.218449][ T5779] 1ªX¹¦D: renamed from 
30ªX¹¦D (while UP)
[   59.222781][ T5779] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[   59.850841][ T5798] capability: warning: `syz.2.98' uses deprecated v2 capabilities in a way that may be insecure
[   59.862451][ T5798] mmap: syz.2.98 (5798) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   59.866673][ T5798] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   60.079297][ T5362] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[   60.082229][ T5362] CPU: 2 UID: 0 PID: 5362 Comm: kworker/u33:7 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[   60.085137][ T5362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   60.087960][ T5362] Workqueue: hci1 hci_rx_work
[   60.089493][ T5362] Call Trace:
[   60.090671][ T5362]  <TASK>
[   60.091475][ T5362]  dump_stack_lvl+0x16c/0x1f0
[   60.092732][ T5362]  sysfs_warn_dup+0x7f/0xa0
[   60.094064][ T5362]  sysfs_create_dir_ns+0x24d/0x2b0
[   60.095406][ T5362]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   60.096893][ T5362]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   60.098318][ T5362]  ? kobject_add_internal+0x12d/0x990
[   60.099742][ T5362]  ? do_raw_spin_unlock+0x172/0x230
[   60.101203][ T5362]  kobject_add_internal+0x2c8/0x990
[   60.102578][ T5362]  kobject_add+0x16f/0x240
[   60.103761][ T5362]  ? __pfx_kobject_add+0x10/0x10
[   60.105080][ T5362]  ? class_to_subsys+0x3e/0x160
[   60.106370][ T5362]  ? do_raw_spin_unlock+0x172/0x230
[   60.107744][ T5362]  ? kobject_put+0xab/0x5a0
[   60.108984][ T5362]  device_add+0x289/0x1a70
[   60.110166][ T5362]  ? __pfx_dev_set_name+0x10/0x10
[   60.111490][ T5362]  ? __pfx_device_add+0x10/0x10
[   60.112792][ T5362]  ? mgmt_send_event_skb+0x2f2/0x460
[   60.114192][ T5362]  hci_conn_add_sysfs+0x17e/0x230
[   60.115520][ T5362]  le_conn_complete_evt+0xfc7/0x1cf0
[   60.116931][ T5362]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   60.118417][ T5362]  ? trace_contention_end+0xea/0x140
[   60.119815][ T5362]  hci_le_enh_conn_complete_evt+0x23d/0x380
[   60.121388][ T5362]  ? skb_pull_data+0x166/0x210
[   60.122662][ T5362]  hci_le_meta_evt+0x2e2/0x5d0
[   60.123932][ T5362]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   60.125638][ T5362]  hci_event_packet+0x666/0x1190
[   60.126952][ T5362]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   60.128380][ T5362]  ? __pfx_hci_event_packet+0x10/0x10
[   60.129829][ T5362]  ? mark_held_locks+0x9f/0xe0
[   60.131118][ T5362]  ? kcov_remote_start+0x3cf/0x6e0
[   60.132478][ T5362]  ? lockdep_hardirqs_on+0x7c/0x110
[   60.133831][ T5362]  hci_rx_work+0x2c6/0x1610
[   60.135024][ T5362]  ? lock_acquire+0x2f/0xb0
[   60.136231][ T5362]  ? process_one_work+0x8bb/0x1b30
[   60.137572][ T5362]  process_one_work+0x958/0x1b30
[   60.138962][ T5362]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   60.140446][ T5362]  ? __pfx_process_one_work+0x10/0x10
[   60.141842][ T5362]  ? assign_work+0x1a0/0x250
[   60.143051][ T5362]  worker_thread+0x6c8/0xf00
[   60.144283][ T5362]  ? __kthread_parkme+0x148/0x220
[   60.145601][ T5362]  ? __pfx_worker_thread+0x10/0x10
[   60.146944][ T5362]  kthread+0x2c1/0x3a0
[   60.148022][ T5362]  ? _raw_spin_unlock_irq+0x23/0x50
[   60.149399][ T5362]  ? __pfx_kthread+0x10/0x10
[   60.150607][ T5362]  ret_from_fork+0x45/0x80
[   60.151777][ T5362]  ? __pfx_kthread+0x10/0x10
[   60.153008][ T5362]  ret_from_fork_asm+0x1a/0x30
[   60.154268][ T5362]  </TASK>
[   60.155441][ T5362] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   60.159504][ T5362] Bluetooth: hci1: failed to register connection device
[   60.468133][ T5811] netlink: 5 bytes leftover after parsing attributes in process `syz.0.102'.
[   60.473361][ T5811] 0ªX¹¦D: renamed from 
31ªX¹¦D (while UP)
[   60.479991][ T5811] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   60.879354][ T5824] netlink: 'syz.3.107': attribute type 10 has an invalid length.
[   60.888214][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[   60.896002][ T5824] bond0: (slave team0): Enslaving as an active interface with an up link
[   60.905824][ T5824] netlink: 'syz.3.107': attribute type 10 has an invalid length.
[   60.911043][ T5824] bond0: (slave team0): Releasing backup interface
[   60.920427][ T5824] bridge0: port 3(team0) entered blocking state
[   60.922497][ T5824] bridge0: port 3(team0) entered disabled state
[   60.924709][ T5824] team0: entered allmulticast mode
[   60.926036][ T5824] team_slave_0: entered allmulticast mode
[   60.927502][ T5824] team_slave_1: entered allmulticast mode
[   60.929803][ T5824] team0: entered promiscuous mode
[   60.931139][ T5824] team_slave_0: entered promiscuous mode
[   60.932737][ T5824] team_slave_1: entered promiscuous mode
[   61.308642][ T5786] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   61.448664][   T56] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   61.471203][ T5786] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   61.474093][ T5786] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   61.477572][ T5786] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[   61.480286][ T5786] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   61.484184][ T5786] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   61.486611][ T5786] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   61.489015][ T5786] usb 7-1: Product: syz
[   61.490123][ T5786] usb 7-1: Manufacturer: syz
[   61.493748][ T5786] cdc_wdm 7-1:1.0: skipping garbage
[   61.495118][ T5786] cdc_wdm 7-1:1.0: skipping garbage
[   61.497111][ T5786] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[   61.499159][ T5786] cdc_wdm 7-1:1.0: Unknown control protocol
[   61.608626][   T56] usb 6-1: Using ep0 maxpacket: 16
[   61.614717][   T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   61.617717][   T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   61.622205][   T56] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   61.625638][   T56] usb 6-1: New USB device found, idVendor=1e7d, idProduct=71ce, bcdDevice= 0.00
[   61.627897][   T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.632968][   T56] usb 6-1: config 0 descriptor??
[   61.710878][ T5392] usb 7-1: USB disconnect, device number 4
[   61.750324][ T5839] netlink: 5 bytes leftover after parsing attributes in process `syz.3.112'.
[   61.752929][ T5839] 0ªX¹¦D: renamed from 
31ªX¹¦D (while UP)
[   61.758457][ T5839] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   61.879150][ T5357] Bluetooth: hci0: command 0x0401 tx timeout
[   62.044761][   T56] hid-generic 0003:1E7D:71CE.0002: collection stack underflow
[   62.048757][   T56] hid-generic 0003:1E7D:71CE.0002: item 0 2 0 12 parsing failed
[   62.051322][   T56] hid-generic 0003:1E7D:71CE.0002: probe with driver hid-generic failed with error -22
[   62.092854][   T56] usb 6-1: USB disconnect, device number 3
[   62.204286][ T5852] netfs: Couldn't get user pages (rc=-14)
[   62.225601][ T5357] Bluetooth: hci1: command tx timeout
[   63.850343][ T5881] netlink: 5 bytes leftover after parsing attributes in process `syz.0.121'.
[   63.852923][ T5881] 1ªX¹¦D: renamed from 
30ªX¹¦D (while UP)
[   63.855285][ T5881] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[   65.125882][ T5915] netlink: 5 bytes leftover after parsing attributes in process `syz.1.131'.
[   65.128397][ T5915] 0ªX¹¦D: renamed from 
31ªX¹¦D (while UP)
[   65.137763][ T5915] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   65.381094][ T5926] tipc: Started in network mode
[   65.382497][ T5926] tipc: Node identity 7f000001, cluster identity 4711
[   65.385483][ T5926] tipc: Enabled bearer <udp:syz1>, priority 10
[   65.620764][ T5357] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[   65.623286][ T5357] CPU: 0 UID: 0 PID: 5357 Comm: kworker/u33:4 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[   65.626289][ T5357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   65.629081][ T5357] Workqueue: hci1 hci_rx_work
[   65.630318][ T5357] Call Trace:
[   65.631195][ T5357]  <TASK>
[   65.631974][ T5357]  dump_stack_lvl+0x16c/0x1f0
[   65.633215][ T5357]  sysfs_warn_dup+0x7f/0xa0
[   65.634404][ T5357]  sysfs_create_dir_ns+0x24d/0x2b0
[   65.635811][ T5357]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   65.637314][ T5357]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   65.638716][ T5357]  ? kobject_add_internal+0x12d/0x990
[   65.640133][ T5357]  ? do_raw_spin_unlock+0x172/0x230
[   65.641490][ T5357]  kobject_add_internal+0x2c8/0x990
[   65.642849][ T5357]  kobject_add+0x16f/0x240
[   65.644025][ T5357]  ? __pfx_kobject_add+0x10/0x10
[   65.645417][ T5357]  ? class_to_subsys+0x3e/0x160
[   65.646719][ T5357]  ? do_raw_spin_unlock+0x172/0x230
[   65.648102][ T5357]  ? kobject_put+0xab/0x5a0
[   65.649300][ T5357]  device_add+0x289/0x1a70
[   65.650469][ T5357]  ? __pfx_dev_set_name+0x10/0x10
[   65.651788][ T5357]  ? __pfx_device_add+0x10/0x10
[   65.653078][ T5357]  ? mgmt_send_event_skb+0x2f2/0x460
[   65.654465][ T5357]  hci_conn_add_sysfs+0x17e/0x230
[   65.655841][ T5357]  le_conn_complete_evt+0xfc7/0x1cf0
[   65.657278][ T5357]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   65.658752][ T5357]  ? trace_contention_end+0xea/0x140
[   65.660142][ T5357]  hci_le_enh_conn_complete_evt+0x23d/0x380
[   65.661683][ T5357]  ? skb_pull_data+0x166/0x210
[   65.662936][ T5357]  hci_le_meta_evt+0x2e2/0x5d0
[   65.664197][ T5357]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   65.666232][ T5357]  hci_event_packet+0x666/0x1190
[   65.667527][ T5357]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   65.668924][ T5357]  ? __pfx_hci_event_packet+0x10/0x10
[   65.670322][ T5357]  ? mark_held_locks+0x9f/0xe0
[   65.671583][ T5357]  ? kcov_remote_start+0x3cf/0x6e0
[   65.672934][ T5357]  ? lockdep_hardirqs_on+0x7c/0x110
[   65.674298][ T5357]  hci_rx_work+0x2c6/0x1610
[   65.675558][ T5357]  ? lock_acquire+0x2f/0xb0
[   65.676763][ T5357]  ? process_one_work+0x8bb/0x1b30
[   65.678503][ T5357]  process_one_work+0x958/0x1b30
[   65.679868][ T5357]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   65.681344][ T5357]  ? __pfx_process_one_work+0x10/0x10
[   65.682747][ T5357]  ? assign_work+0x1a0/0x250
[   65.683961][ T5357]  worker_thread+0x6c8/0xf00
[   65.685356][ T5357]  ? __pfx_worker_thread+0x10/0x10
[   65.686699][ T5357]  kthread+0x2c1/0x3a0
[   65.687788][ T5357]  ? _raw_spin_unlock_irq+0x23/0x50
[   65.689162][ T5357]  ? __pfx_kthread+0x10/0x10
[   65.690375][ T5357]  ret_from_fork+0x45/0x80
[   65.691548][ T5357]  ? __pfx_kthread+0x10/0x10
[   65.692770][ T5357]  ret_from_fork_asm+0x1a/0x30
[   65.694041][ T5357]  </TASK>
[   65.704043][ T5357] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   65.708211][ T5357] Bluetooth: hci1: failed to register connection device
[   65.711530][ T5357] Bluetooth: hci1: ACL packet for unknown connection handle 1993
[   65.735841][ T5934] fuseblk: Bad value for 'user_id'
[   65.737960][ T5934] fuseblk: Bad value for 'user_id'
[   65.952789][ T5936] netlink: 168 bytes leftover after parsing attributes in process `syz.2.136'.
[   65.955518][ T5936] netlink: 168 bytes leftover after parsing attributes in process `syz.2.136'.
[   66.413541][ T5392] tipc: Node number set to 2130706433
[   67.034666][ T5957] netlink: 5 bytes leftover after parsing attributes in process `syz.3.143'.
[   67.037062][ T5957] 1ªX¹¦D: renamed from 
30ªX¹¦D (while UP)
[   67.039934][ T5957] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[   67.119275][ T5962] netlink: 'syz.3.146': attribute type 10 has an invalid length.
[   67.121349][ T5962] ipvlan1: entered promiscuous mode
[   67.130405][ T5962] team0: Device ipvlan1 failed to register rx_handler
[   67.237605][ T5970] program syz.3.148 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   67.410624][    C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   67.644942][ T5983] netlink: 12 bytes leftover after parsing attributes in process `syz.0.150'.
[   67.719674][ T5357] Bluetooth: hci1: command tx timeout
[   67.792448][   T39] audit: type=1326 audit(1727784614.178:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5986 comm="syz.2.152" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f50579 code=0x0
[   67.914834][ T5990] netlink: 5 bytes leftover after parsing attributes in process `syz.1.153'.
[   67.917237][ T5990] 1ªX¹¦D: renamed from 
30ªX¹¦D (while UP)
[   67.921683][ T5990] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[   68.092294][ T5992] netfs: Couldn't get user pages (rc=-14)
[   68.141363][ T5999] FAULT_INJECTION: forcing a failure.
[   68.141363][ T5999] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   68.145656][ T5999] CPU: 3 UID: 0 PID: 5999 Comm: syz.3.155 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[   68.149030][ T5999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.152466][ T5999] Call Trace:
[   68.153538][ T5999]  <TASK>
[   68.154479][ T5999]  dump_stack_lvl+0x16c/0x1f0
[   68.155999][ T5999]  should_fail_ex+0x497/0x5b0
[   68.157500][ T5999]  _copy_to_user+0x30/0xc0
[   68.158935][ T5999]  simple_read_from_buffer+0xd0/0x160
[   68.160753][ T5999]  proc_fail_nth_read+0x198/0x270
[   68.162369][ T5999]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   68.164105][ T5999]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   68.165825][ T5999]  vfs_read+0x1ce/0xbd0
[   68.167128][ T5999]  ? __fget_files+0x23a/0x3f0
[   68.168619][ T5999]  ? fdget_pos+0x24c/0x360
[   68.170039][ T5999]  ? __pfx_lock_release+0x10/0x10
[   68.171649][ T5999]  ? trace_lock_acquire+0x14a/0x1d0
[   68.173355][ T5999]  ? __pfx_vfs_read+0x10/0x10
[   68.174838][ T5999]  ? __pfx___mutex_lock+0x10/0x10
[   68.176447][ T5999]  ? __fget_files+0x244/0x3f0
[   68.177946][ T5999]  ksys_read+0x12f/0x260
[   68.179350][ T5999]  ? __pfx_ksys_read+0x10/0x10
[   68.180943][ T5999]  __do_fast_syscall_32+0x73/0x120
[   68.182347][ T5999]  do_fast_syscall_32+0x32/0x80
[   68.183662][ T5999]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   68.185323][ T5999] RIP: 0023:0xf744e579
[   68.186418][ T5999] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   68.191686][ T5999] RSP: 002b:00000000f57365a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   68.193973][ T5999] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5736620
[   68.196075][ T5999] RDX: 000000000000000f RSI: 00000000f743bff4 RDI: 0000000000000000
[   68.198170][ T5999] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[   68.200327][ T5999] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   68.202477][ T5999] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   68.204586][ T5999]  </TASK>
[   68.279569][ T6002] FAULT_INJECTION: forcing a failure.
[   68.279569][ T6002] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.287255][ T6002] CPU: 1 UID: 0 PID: 6002 Comm: syz.3.156 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[   68.290111][ T6002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.292986][ T6002] Call Trace:
[   68.293889][ T6002]  <TASK>
[   68.294687][ T6002]  dump_stack_lvl+0x16c/0x1f0
[   68.295938][ T6002]  should_fail_ex+0x497/0x5b0
[   68.297281][ T6002]  _copy_to_user+0x30/0xc0
[   68.298529][ T6002]  msr_read+0x14f/0x250
[   68.299908][ T6002]  ? __pfx_msr_read+0x10/0x10
[   68.301227][ T6002]  ? bpf_lsm_file_permission+0x9/0x10
[   68.302709][ T6002]  ? security_file_permission+0x71/0x210
[   68.304265][ T6002]  ? __pfx_msr_read+0x10/0x10
[   68.305576][ T6002]  vfs_read+0x1ce/0xbd0
[   68.306738][ T6002]  ? __fget_files+0x23a/0x3f0
[   68.308051][ T6002]  ? __pfx_lock_release+0x10/0x10
[   68.309549][ T6002]  ? trace_lock_acquire+0x14a/0x1d0
[   68.311035][ T6002]  ? __pfx_vfs_read+0x10/0x10
[   68.312334][ T6002]  ? lock_acquire+0x2f/0xb0
[   68.313648][ T6002]  ? __fget_files+0x40/0x3f0
[   68.314962][ T6002]  ? __fget_files+0x244/0x3f0
[   68.316315][ T6002]  ksys_read+0x12f/0x260
[   68.317450][ T6002]  ? __pfx_ksys_read+0x10/0x10
[   68.318835][ T6002]  __do_fast_syscall_32+0x73/0x120
[   68.320273][ T6002]  do_fast_syscall_32+0x32/0x80
[   68.321548][ T6002]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   68.323209][ T6002] RIP: 0023:0xf744e579
[   68.324406][ T6002] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   68.329628][ T6002] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[   68.331843][ T6002] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020019680
[   68.333903][ T6002] RDX: 0000000000018ff8 RSI: 0000000000000000 RDI: 0000000000000000
[   68.335928][ T6002] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   68.337982][ T6002] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   68.340026][ T6002] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   68.342237][ T6002]  </TASK>
[   68.357056][ T1134] Bluetooth: hci4: Frame reassembly failed (-84)
[   68.920282][ T6016] =======================================================
[   68.920282][ T6016] WARNING: The mand mount option has been deprecated and
[   68.920282][ T6016]          and is ignored by this kernel. Remove the mand
[   68.920282][ T6016]          option from the mount to silence this warning.
[   68.920282][ T6016] =======================================================
[   69.888478][ T6024] netlink: 48 bytes leftover after parsing attributes in process `syz.2.164'.
[   69.909757][ T6023] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   70.093641][ T6032] netlink: 5 bytes leftover after parsing attributes in process `syz.1.162'.
[   70.095201][ T6034] trusted_key: syz.0.166 sent an empty control message without MSG_MORE.
[   70.095779][ T6032] 0ªX¹¦D: renamed from 
31ªX¹¦D (while UP)
[   70.101234][ T6032] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   70.166116][ T6037] warning: `syz.1.167' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   70.281335][ T6033] ALSA: mixer_oss: invalid OSS volume 'PHONEIÎ'
[   70.284867][ T6033] ALSA: mixer_oss: invalid OSS volume '¢¢ð½ñL²Îýþ‰XTp0þ¥œý¦'
[   70.358982][ T5357] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   70.678650][   T56] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   70.852047][ T1372] ieee802154 phy0 wpan0: encryption failed: -22
[   70.854519][ T1372] ieee802154 phy1 wpan1: encryption failed: -22
[   70.857163][   T56] usb 5-1: Using ep0 maxpacket: 32
[   70.859857][   T56] usb 5-1: config 0 has no interfaces?
[   70.863365][   T56] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[   70.865776][   T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   70.867846][   T56] usb 5-1: Product: syz
[   70.869356][   T56] usb 5-1: Manufacturer: syz
[   70.870685][   T56] usb 5-1: SerialNumber: syz
[   70.875986][   T56] usb 5-1: config 0 descriptor??
[   71.240093][ T5362] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[   71.243297][ T5362] Bluetooth: hci2: Injecting HCI hardware error event
[   71.247252][ T5362] Bluetooth: hci2: hardware error 0x00
[   72.020367][ T6062] capability: warning: `syz.2.174' uses 32-bit capabilities (legacy support in use)
[   72.536149][ T6065] netlink: 5 bytes leftover after parsing attributes in process `syz.3.175'.
[   72.540469][ T6065] 0ªX¹¦D: renamed from 
31ªX¹¦D (while UP)
[   72.546114][ T6065] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   72.657750][ T6067] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   72.781063][   T39] audit: type=1800 audit(1727784619.168:3): pid=6068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.176" name="bus" dev="9p" ino=41029411 res=0 errno=0
[   72.870723][ T6069] autofs4:pid:6069:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(4294967071.1), cmd(0xc018937e)
[   72.874429][ T6069] autofs4:pid:6069:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e)
[   73.328665][ T5362] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[   73.370889][ T4817] usb 5-1: USB disconnect, device number 3
[   73.454568][ T6075] qrtr: Invalid version 62
[   74.952659][ T6095] netfs: Couldn't get user pages (rc=-14)
[   74.979859][ T6097] netlink: 5 bytes leftover after parsing attributes in process `syz.2.184'.
[   74.982376][ T6097] 0ªX¹¦D: renamed from 
31ªX¹¦D (while UP)
[   74.994285][ T6097] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   75.972968][    T9] cfg80211: failed to load regulatory.db
[   76.243672][ T6125] netlink: 5 bytes leftover after parsing attributes in process `syz.0.193'.
[   76.246453][ T6125] 0ªX¹¦D: renamed from 
31ªX¹¦D (while UP)
[   76.249288][ T6125] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   76.708826][   T62] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   76.878940][   T62] usb 7-1: Using ep0 maxpacket: 8
[   76.881790][   T62] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   76.884411][   T62] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[   76.896880][   T62] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   76.903474][   T62] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   76.905833][   T62] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.930973][   T62] hub 7-1:1.0: bad descriptor, ignoring hub
[   76.933198][   T62] hub 7-1:1.0: probe with driver hub failed with error -5
[   76.935143][   T62] cdc_wdm 7-1:1.0: skipping garbage
[   76.936564][   T62] cdc_wdm 7-1:1.0: skipping garbage
[   76.940627][   T62] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[   76.942233][   T62] cdc_wdm 7-1:1.0: Unknown control protocol
[   77.319061][   T35] usb 7-1: USB disconnect, device number 5
[   78.314536][ T6168] netlink: 32 bytes leftover after parsing attributes in process `syz.2.206'.
[   79.194037][ T6184] netlink: 20 bytes leftover after parsing attributes in process `syz.2.209'.
[   79.328953][ T6171] syz.0.205 (6171) used greatest stack depth: 20944 bytes left
[   79.521517][ T6193] FAULT_INJECTION: forcing a failure.
[   79.521517][ T6193] name failslab, interval 1, probability 0, space 0, times 0
[   79.525092][ T6193] CPU: 0 UID: 0 PID: 6193 Comm: syz.2.212 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[   79.527863][ T6193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.530646][ T6193] Call Trace:
[   79.531569][ T6193]  <TASK>
[   79.532405][ T6193]  dump_stack_lvl+0x16c/0x1f0
[   79.533676][ T6193]  should_fail_ex+0x497/0x5b0
[   79.534946][ T6193]  ? fs_reclaim_acquire+0xae/0x160
[   79.536351][ T6193]  should_failslab+0xc2/0x120
[   79.537610][ T6193]  __kmalloc_node_track_caller_noprof+0xcf/0x440
[   79.539607][ T6193]  ? v9fs_mount+0x51/0xa50
[   79.541269][ T6193]  ? v9fs_session_init+0xf5/0x1a80
[   79.542928][ T6193]  ? __ia32_sys_mount+0x292/0x310
[   79.544321][ T6193]  kstrdup+0x3c/0x80
[   79.545392][ T6193]  v9fs_session_init+0xf5/0x1a80
[   79.546722][ T6193]  ? __pfx_v9fs_session_init+0x10/0x10
[   79.548273][ T6193]  ? kasan_save_track+0x14/0x30
[   79.549751][ T6193]  v9fs_mount+0xc6/0xa50
[   79.550926][ T6193]  ? __pfx_v9fs_mount+0x10/0x10
[   79.552431][ T6193]  ? __pfx_v9fs_mount+0x10/0x10
[   79.554030][ T6193]  legacy_get_tree+0x109/0x220
[   79.555306][ T6193]  vfs_get_tree+0x8f/0x380
[   79.556462][ T6193]  path_mount+0x6e1/0x1f10
[   79.557585][ T6193]  ? kmem_cache_free+0x152/0x4b0
[   79.558859][ T6193]  ? __pfx_path_mount+0x10/0x10
[   79.560145][ T6193]  ? putname+0x12e/0x170
[   79.561266][ T6193]  __ia32_sys_mount+0x292/0x310
[   79.562615][ T6193]  ? __pfx___ia32_sys_mount+0x10/0x10
[   79.564108][ T6193]  __do_fast_syscall_32+0x73/0x120
[   79.565523][ T6193]  do_fast_syscall_32+0x32/0x80
[   79.566843][ T6193]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.568590][ T6193] RIP: 0023:0xf7f50579
[   79.569685][ T6193] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   79.574761][ T6193] RSP: 002b:00000000f56b556c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[   79.576943][ T6193] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000000
[   79.579304][ T6193] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000020000680
[   79.581696][ T6193] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   79.584590][ T6193] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   79.586707][ T6193] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.588853][ T6193]  </TASK>
[   79.589850][    C0] vkms_vblank_simulate: vblank timer overrun
[   81.810563][ T5357] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   81.813320][ T5357] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   81.815597][ T5357] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   81.817737][ T5357] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   81.820705][ T5357] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   81.823051][ T5357] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   81.920270][ T6215] chnl_net:caif_netlink_parms(): no params data found
[   82.070059][ T6215] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.071964][ T6215] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.073861][ T6215] bridge_slave_0: entered allmulticast mode
[   82.080877][ T6215] bridge_slave_0: entered promiscuous mode
[   82.084092][ T6215] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.092821][ T6215] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.094809][ T6215] bridge_slave_1: entered allmulticast mode
[   82.105616][ T6215] bridge_slave_1: entered promiscuous mode
[   82.165354][ T6215] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.169261][ T6215] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.255774][ T6215] team0: Port device team_slave_0 added
[   82.265552][ T6215] team0: Port device team_slave_1 added
[   82.306224][ T6215] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.308105][ T6215] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.331908][ T6215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.336267][ T6215] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.338539][ T6215] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.358657][ T6215] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.434511][ T6215] hsr_slave_0: entered promiscuous mode
[   82.438100][ T6215] hsr_slave_1: entered promiscuous mode
[   82.451496][ T6215] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.453702][ T6215] Cannot create hsr debugfs directory
[   82.631086][ T6215] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.713718][ T6215] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.746403][ T6241] netfs: Couldn't get user pages (rc=-14)
[   82.881726][ T6215] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.989414][ T6215] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.007171][ T6246] netlink: 'syz.0.222': attribute type 10 has an invalid length.
[   83.031385][ T6246] ipvlan1: entered promiscuous mode
[   83.036941][ T6246] team0: Device ipvlan1 failed to register rx_handler
[   83.113772][ T6215] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   83.125992][ T6215] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   83.149194][ T6215] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   83.160460][ T6215] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   83.201766][ T6247] ALSA: mixer_oss: invalid OSS volume 'PHONEIÎ'
[   83.207198][ T6247] ALSA: mixer_oss: invalid OSS volume '¢¢ð½ñL²Îýþ‰XTp0þ¥œý¦'
[   83.243389][ T6215] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.269450][ T6215] 8021q: adding VLAN 0 to HW filter on device team0
[   83.281025][ T1098] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.283024][ T1098] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.311291][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.314312][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.350634][ T6215] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   83.490007][ T6215] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.513816][ T6215] veth0_vlan: entered promiscuous mode
[   83.530118][ T6215] veth1_vlan: entered promiscuous mode
[   83.554467][ T6215] veth0_macvtap: entered promiscuous mode
[   83.557625][ T6215] veth1_macvtap: entered promiscuous mode
[   83.573342][ T6215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.576056][ T6215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.588885][ T6215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.591578][ T6215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.594137][ T6215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.596874][ T6215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.599486][ T6215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.602165][ T6215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.605513][ T6215] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.609939][ T6215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.612641][ T6215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.615137][ T6215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.617802][ T6215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.620696][ T6215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.623359][ T6215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.625868][ T6215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.628537][ T6215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.633710][ T6215] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.637714][ T6215] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.641841][ T6215] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.644098][ T6215] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.646327][ T6215] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.692619][ T1150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.694709][ T1150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.715729][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.719011][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.878746][ T5357] Bluetooth: hci4: command tx timeout
[   84.201380][ T6275] 9pnet_virtio: no channels available for device syz
[   84.788990][ T6285] netlink: 5 bytes leftover after parsing attributes in process `syz.3.232'.
[   84.791761][ T6285] 1ªX¹¦D: renamed from 
30ªX¹¦D (while UP)
[   84.794423][ T6285] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[   84.877932][ T6287] netlink: 36 bytes leftover after parsing attributes in process `syz.3.233'.
[   84.918792][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   85.090311][    T9] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   85.092973][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   85.115966][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[   85.125680][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   85.142168][    T9] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   85.144521][    T9] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   85.147833][ T6293] netlink: 5 bytes leftover after parsing attributes in process `syz.3.235'.
[   85.152436][ T6293] 0ªX¹¦D: renamed from 
31ªX¹¦D (while UP)
[   85.154004][    T9] usb 5-1: Product: syz
[   85.155137][    T9] usb 5-1: Manufacturer: syz
[   85.160673][ T6293] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   85.167196][    T9] cdc_wdm 5-1:1.0: skipping garbage
[   85.169709][    T9] cdc_wdm 5-1:1.0: skipping garbage
[   85.174645][    T9] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   85.176256][    T9] cdc_wdm 5-1:1.0: Unknown control protocol
[   85.381872][ T6282] netlink: 4 bytes leftover after parsing attributes in process `syz.0.231'.
[   85.499053][ T6282] hsr_slave_1 (unregistering): left promiscuous mode
[   85.557100][ T6309] netlink: 4 bytes leftover after parsing attributes in process `syz.0.231'.
[   85.560031][ T6309] netlink: 4 bytes leftover after parsing attributes in process `syz.0.231'.
[   85.988683][ T5357] Bluetooth: hci4: command tx timeout
[   87.507558][ T6325] program syz.1.239 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   87.638547][ T6328] netfs: Couldn't get user pages (rc=-14)
[   87.679653][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[   87.690552][ T5390] usb 5-1: USB disconnect, device number 4
[   87.858962][   T25] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   88.029872][   T25] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   88.032508][   T25] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   88.035374][   T25] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[   88.037930][   T25] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.041025][ T5357] Bluetooth: hci4: command tx timeout
[   88.052362][   T25] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   88.055094][   T25] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   88.057351][   T25] usb 8-1: Product: syz
[   88.058698][   T25] usb 8-1: Manufacturer: syz
[   88.062081][   T25] cdc_wdm 8-1:1.0: skipping garbage
[   88.063698][   T25] cdc_wdm 8-1:1.0: skipping garbage
[   88.068093][   T25] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[   88.069991][   T25] cdc_wdm 8-1:1.0: Unknown control protocol
[   88.269280][   T56] usb 8-1: USB disconnect, device number 3
[   88.698671][   T35] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   88.858684][   T35] usb 6-1: Using ep0 maxpacket: 32
[   88.861352][   T35] usb 6-1: config 0 has no interfaces?
[   88.864347][   T35] usb 6-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[   88.866817][   T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.869308][   T35] usb 6-1: Product: syz
[   88.870398][   T35] usb 6-1: Manufacturer: syz
[   88.871615][   T35] usb 6-1: SerialNumber: syz
[   88.887674][   T35] usb 6-1: config 0 descriptor??
[   89.307691][ T6349] netlink: 5 bytes leftover after parsing attributes in process `syz.0.244'.
[   89.310489][ T6349] 1ªX¹¦D: renamed from 
30ªX¹¦D (while UP)
[   89.315545][ T6349] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[   89.473259][ T6353] netlink: 5 bytes leftover after parsing attributes in process `syz.0.256'.
[   89.476518][ T6353] 0ªX¹¦D: renamed from 
31ªX¹¦D (while UP)
[   89.482828][ T6353] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   90.118660][ T5357] Bluetooth: hci4: command tx timeout
[   90.518991][ T5357] Bluetooth: hci3: command tx timeout
[   90.658059][ T6360] netlink: 'syz.0.258': attribute type 10 has an invalid length.
[   90.663037][ T6360] team0: Device ipvlan1 failed to register rx_handler
[   90.699019][ T6360] autofs: Bad value for 'fd'
[   90.915843][ T6366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x249d pfn:0x68280
[   90.924766][ T6366] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[   90.927268][ T6366] page_type: f0(buddy)
[   90.934917][ T6366] raw: 04fff00000000000 ffffea0001989408 ffffea0001a21008 0000000000000000
[   90.937917][ T6366] raw: 000000000000249d 0000000000000004 00000000f0000000 0000000000000000
[   90.945037][ T6366] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u))
[   90.954554][ T6366] page_owner tracks the page as freed
[   90.957965][ T6366] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 6171, tgid 6171 (syz.0.205), ts 78661601488, free_ts 81963290901
[   90.978397][ T6366]  post_alloc_hook+0x2d1/0x350
[   90.981371][ T6366]  get_page_from_freelist+0x101e/0x3070
[   90.983312][ T6366]  __alloc_pages_noprof+0x223/0x25c0
[   90.985155][ T6366]  alloc_pages_mpol_noprof+0x2c9/0x610
[   90.987097][ T6366]  folio_alloc_mpol_noprof+0x36/0xd0
[   90.992118][   T39] audit: type=1800 audit(1727784637.378:4): pid=6367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.249" name="bus" dev="9p" ino=41029411 res=0 errno=0
[   91.008057][ T6366]  shmem_alloc_folio+0x135/0x160
[   91.012711][ T6366]  shmem_alloc_and_add_folio+0x48b/0xc00
[   91.014690][ T6366]  shmem_get_folio_gfp+0x689/0x1530
[   91.016486][ T6366]  shmem_write_begin+0x161/0x300
[   91.018195][ T6366]  generic_perform_write+0x2ba/0x920
[   91.044118][ T6366]  shmem_file_write_iter+0x10e/0x140
[   91.046082][ T6366]  __kernel_write_iter+0x318/0xa80
[   91.047863][ T6366]  dump_user_range+0x389/0x8a0
[   91.054243][ T6366]  elf_core_dump+0x2b86/0x3db0
[   91.055556][ T6366]  do_coredump+0x2c42/0x4160
[   91.056805][ T6366]  get_signal+0x237c/0x26d0
[   91.057996][ T6366] page last free pid 5359 tgid 5359 stack trace:
[   91.078939][ T6366]  free_unref_folios+0x956/0x1310
[   91.080919][ T6366]  folios_put_refs+0x551/0x750
[   91.082698][ T6366]  shmem_undo_range+0x586/0x1170
[   91.084534][ T6366]  shmem_evict_inode+0x3a3/0xba0
[   91.086369][ T6366]  evict+0x409/0x970
[   91.087436][ T6366]  iput+0x530/0x890
[   91.088510][ T6366]  do_unlinkat+0x5c3/0x760
[   91.107029][ T6369] autofs4:pid:6369:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(4294967071.1), cmd(0xc018937e)
[   91.113013][ T6369] autofs4:pid:6369:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e)
[   91.125559][ T6366]  __ia32_sys_unlink+0xc4/0x110
[   91.129850][ T6366]  __do_fast_syscall_32+0x73/0x120
[   91.136055][ T6366]  do_fast_syscall_32+0x32/0x80
[   91.142120][ T6366]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   91.152446][ T6366] ------------[ cut here ]------------
[   91.153990][ T6366] kernel BUG at include/linux/mm.h:1444!
[   91.172410][ T6366] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   91.174656][ T6366] CPU: 2 UID: 0 PID: 6366 Comm: syz.0.249 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[   91.178137][ T6366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   91.181300][ T6366] RIP: 0010:__iov_iter_get_pages_alloc+0x1d10/0x2230
[   91.183073][ T6366] Code: b0 8b 48 89 df e8 f0 23 4b fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 40 75 05 fd 48 c7 c6 a0 c6 b0 8b 4c 89 e7 e8 d1 23 4b fd 90 <0f> 0b e8 29 75 05 fd 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c
[   91.189086][ T6366] RSP: 0018:ffffc90007b6e010 EFLAGS: 00010246
[   91.191059][ T6366] RAX: 0000000000040000 RBX: 0000000000000004 RCX: ffffc90007791000
[   91.193162][ T6366] RDX: 0000000000040000 RSI: ffffffff84873a3f RDI: ffff888028bfccc4
[   91.195243][ T6366] RBP: ffffea0001a0a034 R08: 0000000000000001 R09: fffffbfff2d315b8
[   91.197997][ T6366] R10: ffffffff9698adc7 R11: ffff88802b528a40 R12: ffffea0001a0a000
[   91.200531][ T6366] R13: ffff888060e42c00 R14: 0000000000001000 R15: 0000000000001000
[   91.202616][ T6366] FS:  0000000000000000(0000) GS:ffff88802b600000(0063) knlGS:00000000f5755b40
[   91.204972][ T6366] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   91.207148][ T6366] CR2: 0000000020e73000 CR3: 000000006d964000 CR4: 0000000000352ef0
[   91.210046][ T6366] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   91.212792][ T6366] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   91.215580][ T6366] Call Trace:
[   91.216777][ T6366]  <TASK>
[   91.217784][ T6366]  ? die+0x31/0x80
[   91.219112][ T6366]  ? do_trap+0x232/0x430
[   91.220609][ T6366]  ? __iov_iter_get_pages_alloc+0x1d10/0x2230
[   91.222760][ T6366]  ? __iov_iter_get_pages_alloc+0x1d10/0x2230
[   91.224875][ T6366]  ? do_error_trap+0xf4/0x230
[   91.226495][ T6366]  ? __iov_iter_get_pages_alloc+0x1d10/0x2230
[   91.228683][ T6366]  ? handle_invalid_op+0x34/0x40
[   91.230484][ T6366]  ? __iov_iter_get_pages_alloc+0x1d10/0x2230
[   91.232673][ T6366]  ? exc_invalid_op+0x2e/0x50
[   91.234392][ T6366]  ? asm_exc_invalid_op+0x1a/0x20
[   91.236237][ T6366]  ? __iov_iter_get_pages_alloc+0x1d0f/0x2230
[   91.238436][ T6366]  ? __iov_iter_get_pages_alloc+0x1d10/0x2230
[   91.240621][ T6366]  ? __pfx___iov_iter_get_pages_alloc+0x10/0x10
[   91.242891][ T6366]  ? delete_node+0x207/0x8e0
[   91.244581][ T6366]  iov_iter_get_pages_alloc2+0x53/0xf0
[   91.246543][ T6366]  p9_get_mapped_pages.part.0.constprop.0+0x4ca/0x7d0
[   91.249001][ T6366]  ? p9pdu_vwritef+0x368/0x21d0
[   91.250749][ T6366]  ? __pfx_p9_get_mapped_pages.part.0.constprop.0+0x10/0x10
[   91.253258][ T6366]  ? __pfx_p9pdu_vwritef+0x10/0x10
[   91.255010][ T6366]  ? __pfx_p9pdu_vwritef+0x10/0x10
[   91.256842][ T6366]  ? p9_tag_alloc+0x4cc/0x870
[   91.258660][ T6366]  ? reacquire_held_locks+0x464/0x4c0
[   91.260563][ T6366]  p9_virtio_zc_request+0x991/0x1460
[   91.262470][ T6366]  ? p9pdu_writef+0xc4/0x100
[   91.264146][ T6366]  ? __pfx_p9pdu_writef+0x10/0x10
[   91.265965][ T6366]  ? __pfx_p9pdu_vwritef+0x10/0x10
[   91.267807][ T6366]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[   91.269438][ T6366]  ? rcu_is_watching+0x12/0xc0
[   91.270710][ T6366]  ? trace_9p_protocol_dump+0x192/0x220
[   91.272206][ T6366]  ? rcu_is_watching+0x12/0xc0
[   91.273468][ T6366]  ? p9_client_prepare_req+0x111/0x4d0
[   91.275033][ T6366]  ? __pfx_p9_client_prepare_req+0x10/0x10
[   91.276913][ T6366]  p9_client_zc_rpc.constprop.0+0x29a/0x880
[   91.278494][ T6366]  ? __pfx_p9_client_zc_rpc.constprop.0+0x10/0x10
[   91.280187][ T6366]  ? find_held_lock+0x2d/0x110
[   91.281478][ T6366]  ? netfs_load_buffer_from_ra.isra.0+0x737/0x12f0
[   91.283182][ T6366]  ? __pfx_lock_release+0x10/0x10
[   91.284529][ T6366]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[   91.286154][ T6366]  p9_client_read_once+0x443/0x820
[   91.287919][ T6366]  ? __pfx_p9_client_read_once+0x10/0x10
[   91.289803][ T6366]  p9_client_read+0x13f/0x1b0
[   91.291080][ T6366]  v9fs_issue_read+0x115/0x310
[   91.292395][ T6366]  ? __pfx_v9fs_issue_read+0x10/0x10
[   91.294039][ T6366]  netfs_read_to_pagecache+0x5c9/0x9a0
[   91.295926][ T6366]  netfs_readahead+0x7fa/0xaa0
[   91.297536][ T6366]  ? __pfx_netfs_readahead+0x10/0x10
[   91.299305][ T6366]  read_pages+0x1a8/0xd80
[   91.300783][ T6366]  ? __folio_batch_add_and_move+0x689/0xc60
[   91.302779][ T6366]  ? __folio_batch_add_and_move+0x612/0xc60
[   91.304747][ T6366]  ? __pfx_read_pages+0x10/0x10
[   91.306366][ T6366]  ? find_held_lock+0x2d/0x110
[   91.307989][ T6366]  page_cache_ra_unbounded+0x3c0/0x6c0
[   91.309808][ T6366]  page_cache_ra_order+0x7d9/0xc90
[   91.311521][ T6366]  page_cache_async_ra+0x5cb/0x820
[   91.313237][ T6366]  filemap_get_pages+0x367/0x1be0
[   91.314914][ T6366]  ? ktime_get_coarse_real_ts64+0x1b7/0x200
[   91.316926][ T6366]  ? ktime_get_coarse_real_ts64+0x147/0x200
[   91.318908][ T6366]  ? atime_needs_update+0xd1/0x7c0
[   91.320625][ T6366]  ? __pfx_filemap_get_pages+0x10/0x10
[   91.322431][ T6366]  ? __pfx___might_resched+0x10/0x10
[   91.324112][ T6366]  filemap_read+0x3a9/0xd00
[   91.325290][ T6366]  ? __pfx___lock_acquire+0x10/0x10
[   91.326629][ T6366]  ? __pfx_filemap_read+0x10/0x10
[   91.327961][ T6366]  ? __pfx___up_read+0x10/0x10
[   91.329189][ T6366]  ? mark_lock+0xb5/0xc60
[   91.330304][ T6366]  netfs_buffered_read_iter+0x117/0x190
[   91.331718][ T6366]  netfs_file_read_iter+0x10f/0x190
[   91.333061][ T6366]  v9fs_file_read_iter+0x9b/0x100
[   91.334353][ T6366]  __kernel_read+0x3f1/0xb50
[   91.335542][ T6366]  ? __pfx___kernel_read+0x10/0x10
[   91.336861][ T6366]  ? irqentry_exit+0x3b/0x90
[   91.338072][ T6366]  ? kernel_fpu_begin_mask+0x168/0x270
[   91.339474][ T6366]  integrity_kernel_read+0x7f/0xb0
[   91.340800][ T6366]  ? __pfx_integrity_kernel_read+0x10/0x10
[   91.342296][ T6366]  ? _sha256_update+0x93/0x220
[   91.343533][ T6366]  ? __pfx_sha256_ni_transform+0x10/0x10
[   91.344996][ T6366]  ? kasan_save_track+0x14/0x30
[   91.346603][ T6366]  ima_calc_file_hash_tfm+0x2c9/0x3e0
[   91.348406][ T6366]  ? __pfx_ima_calc_file_hash_tfm+0x10/0x10
[   91.350363][ T6366]  ? generic_fillattr+0x663/0x8c0
[   91.352043][ T6366]  ? ima_alloc_tfm+0x21d/0x2d0
[   91.353644][ T6366]  ima_calc_file_hash+0x1ba/0x490
[   91.355326][ T6366]  ima_collect_measurement+0x8a7/0xa10
[   91.357160][ T6366]  ? process_measurement+0x70a/0x2370
[   91.358955][ T6366]  ? __pfx_ima_collect_measurement+0x10/0x10
[   91.360959][ T6366]  ? lock_acquire.part.0+0x11b/0x380
[   91.362713][ T6366]  ? rcu_is_watching+0x12/0xc0
[   91.364311][ T6366]  ? trace_contention_end+0xea/0x140
[   91.366068][ T6366]  ? is_bad_inode+0xd/0x40
[   91.367568][ T6366]  ? xattr_resolve_name+0x27b/0x3f0
[   91.369306][ T6366]  ? vfs_getxattr_alloc+0xf1/0x340
[   91.371011][ T6366]  ? ima_get_hash_algo+0x27d/0x410
[   91.372772][ T6366]  ? __pfx_ima_get_hash_algo+0x10/0x10
[   91.374583][ T6366]  ? process_measurement+0x1271/0x2370
[   91.376320][ T6366]  process_measurement+0x1271/0x2370
[   91.378087][ T6366]  ? __pfx_process_measurement+0x10/0x10
[   91.379964][ T6366]  ? find_held_lock+0x2d/0x110
[   91.381562][ T6366]  ? v9fs_open_fid_add+0x102/0x190
[   91.383270][ T6366]  ? __pfx_lock_release+0x10/0x10
[   91.384967][ T6366]  ? do_raw_spin_lock+0x12d/0x2c0
[   91.386660][ T6366]  ? __pfx_v9fs_file_open+0x10/0x10
[   91.388439][ T6366]  ? bpf_lsm_file_open+0x9/0x10
[   91.390074][ T6366]  ? inode_to_bdi+0x9e/0x160
[   91.391627][ T6366]  ima_file_check+0xc1/0x110
[   91.393171][ T6366]  ? __pfx_ima_file_check+0x10/0x10
[   91.394886][ T6366]  ? inode_permission+0xdd/0x5f0
[   91.396542][ T6366]  security_file_post_open+0x8e/0x210
[   91.398346][ T6366]  path_openat+0x1419/0x2d60
[   91.399919][ T6366]  ? __pfx_path_openat+0x10/0x10
[   91.401569][ T6366]  ? __pfx___lock_acquire+0x10/0x10
[   91.403312][ T6366]  do_filp_open+0x1dc/0x430
[   91.404268][   T35] usb 6-1: USB disconnect, device number 4
[   91.404851][ T6366]  ? __pfx_do_filp_open+0x10/0x10
[   91.408425][ T6366]  ? find_held_lock+0x2d/0x110
[   91.410049][ T6366]  ? _raw_spin_unlock+0x28/0x50
[   91.411685][ T6366]  ? alloc_fd+0x2d7/0x6c0
[   91.413166][ T6366]  do_sys_openat2+0x17a/0x1e0
[   91.414752][ T6366]  ? __pfx_do_sys_openat2+0x10/0x10
[   91.416513][ T6366]  __ia32_compat_sys_openat+0x16e/0x210
[   91.418373][ T6366]  ? __pfx___ia32_compat_sys_openat+0x10/0x10
[   91.420438][ T6366]  __do_fast_syscall_32+0x73/0x120
[   91.422157][ T6366]  do_fast_syscall_32+0x32/0x80
[   91.423443][ T6366]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   91.425101][ T6366] RIP: 0023:0xf748e579
[   91.426160][ T6366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   91.431107][ T6366] RSP: 002b:00000000f575556c EFLAGS: 00000296 ORIG_RAX: 0000000000000127
[   91.433260][ T6366] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000280
[   91.435430][ T6366] RDX: 000000000000275a RSI: 0000000000000000 RDI: 0000000000000000
[   91.437744][ T6366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   91.439961][ T6366] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   91.442318][ T6366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   91.444821][ T6366]  </TASK>
[   91.445631][ T6366] Modules linked in:
[   91.446732][    C2] vkms_vblank_simulate: vblank timer overrun
[   91.448597][ T6366] ---[ end trace 0000000000000000 ]---
SYZFAIL: failed to recv rpc
[   91.450381][ T6366] RIP: 0010:__iov_iter_get_pages_alloc+0x1d10/0x2230
[   91.452643][ T6366] Code: b0 8b 48 89 df e8 f0 23 4b fd 90 0f 0b 49 89 c5 e9 99 f6 ff ff e8 40 75 05 fd 48 c7 c6 a0 c6 b0 8b 4c 89 e7 e8 d1 23 4b fd 90 <0f> 0b e8 29 75 05 fd 4c 8b 64 24 48 49 83 ec 01 e9 94 fd ff ff 4c
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   91.457797][ T6366] RSP: 0018:ffffc90007b6e010 EFLAGS: 00010246
[   91.460322][ T6366] RAX: 0000000000040000 RBX: 0000000000000004 RCX: ffffc90007791000
[   91.463018][ T6366] RDX: 0000000000040000 RSI: ffffffff84873a3f RDI: ffff888028bfccc4
[   91.465683][ T6366] RBP: ffffea0001a0a034 R08: 0000000000000001 R09: fffffbfff2d315b8
[   91.468347][ T6366] R10: ffffffff9698adc7 R11: ffff88802b528a40 R12: ffffea0001a0a000
[   91.471113][ T6366] R13: ffff888060e42c00 R14: 0000000000001000 R15: 0000000000001000
[   91.473705][ T6366] FS:  0000000000000000(0000) GS:ffff88802b600000(0063) knlGS:00000000f5755b40
[   91.476670][ T6366] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[   91.478972][ T6366] CR2: 0000000020e73000 CR3: 000000006d964000 CR4: 0000000000352ef0
[   91.481707][ T6366] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   91.493830][ T6366] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   91.511279][ T6366] Kernel panic - not syncing: Fatal exception
[   91.513975][ T6366] Kernel Offset: disabled
[   91.515374][ T6366] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:29:22  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000020000 RBX=0000000000000000 RCX=1ffff11003f0b5e8 RDX=0000000000000000
RSI=0000000000000022 RDI=ffff88801f85af6c RBP=0000000000000000 RSP=ffffc90000e4f480
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000005 R11=0000000000000002
R12=0000000000000000 R13=ffff88801f85af48 R14=0000000000000022 R15=ffff88801f85a440
RIP=ffffffff8169e7e8 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f56b5da4 CR3=00000000620f4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000008000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000036b3df RBX=0000000000000001 RCX=ffffffff8b12f739 RDX=0000000000000000
RSI=ffffffff8b4cc8e0 RDI=ffffffff8bb12060 RBP=ffffed10036ec910 RSP=ffffc90000477e08
R8 =0000000000000001 R9 =ffffed10056a7025 R10=ffff88802b53812b R11=0000000000000000
R12=0000000000000001 R13=ffff88801b764880 R14=ffffffff901cc608 R15=0000000000000000
RIP=ffffffff8b130b1f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000020030000 CR3=0000000066458000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f000000000 0000000300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000040 RCX=ffffffff848ef6ad RDX=ffff888000cc2440
RSI=ffffffff848ef5ce RDI=0000000000000005 RBP=ffffc90003337538 RSP=ffffc900033373f8
R8 =0000000000000005 R9 =0000000000000004 R10=0000000000000002 R11=0000000000000000
R12=ffffffff8bb1cb92 R13=dffffc0000000000 R14=0000000000000002 R15=0000000000000004
RIP=ffffffff848ef5ce RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f1ff79c6d00 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000561e6880d000 CR3=0000000025b28000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=fa2f32b4fa2f32b4 fa2f32b4fa2f32b4 fa2f32b4fa2f32b4 fa2f32b4fa2f32b4 fa2f32b4fa2f32b4 fa2f32b4fa2f32b4 fa2f32b4fa2f32b4 fa2f32b4fa2f32b4
ZMM22=d586d9f7d586d9f7 d586d9f7d586d9f7 d586d9f7d586d9f7 d586d9f7d586d9f7 d586d9f7d586d9f7 d586d9f7d586d9f7 d586d9f7d586d9f7 d586d9f7d586d9f7
ZMM23=86f7c40886f7c408 86f7c40886f7c408 86f7c40886f7c408 86f7c40886f7c408 86f7c40886f7c408 86f7c40886f7c408 86f7c40886f7c408 86f7c40886f7c408
ZMM24=11e7710c11e7710c 11e7710c11e7710c 11e7710c11e7710c 11e7710c11e7710c 11e7710c11e7710c 11e7710c11e7710c 11e7710c11e7710c 11e7710c11e7710c
ZMM25=9987827899878278 9987827899878278 9987827899878278 9987827899878278 9987827899878278 9987827899878278 9987827899878278 9987827899878278
ZMM26=a04741bca04741bc a04741bca04741bc a04741bca04741bc a04741bca04741bc a04741bca04741bc a04741bca04741bc a04741bca04741bc a04741bca04741bc
ZMM27=e0afea5fe0afea5f e0afea5fe0afea5f e0afea5fe0afea5f e0afea5fe0afea5f e0afea5fe0afea5f e0afea5fe0afea5f e0afea5fe0afea5f e0afea5fe0afea5f
ZMM28=000000600000005f 0000005e0000005d 0000005c0000005b 0000005a00000059 0000005800000057 0000005600000055 0000005400000053 0000005200000051
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=4803000048030000 4803000048030000 4803000048030000 4803000048030000 4803000048030000 4803000048030000 4803000048030000 4803000048030000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=dffffc0000000000 RCX=ffffc90003689000 RDX=0000000000000000
RSI=ffffffff847e5cb4 RDI=ffff88806540000c RBP=0000000000008002 RSP=ffffc9002c45fbb0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=ffff888065400000 R13=ffff88801f842440 R14=ffff8880460ac2d0 R15=ffff8880460ac000
RIP=ffffffff818caf70 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c2f3e75 CR3=0000000000bca000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000008000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000