last executing test programs:

4.771519815s ago: executing program 0 (id=960):
r0 = socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000001380)='./file0\x00', 0x4)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r4 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
write$UHID_INPUT(r4, &(0x7f0000000540)={0x8, {"1a17924ab218eacb15a3fccf929e2dd2497903c1f853d95b995c65e99449ff953fa11c7723b2149ecdaa7f833f60e13b19a66e963f7e8da4297ebbfdda5b36fb4d01bd02e6c652dc4d99e2cb82c2a1d4a45e4c89ba9994e82f854bbc34a40b3a58aa256c9b4512fbf91b9846446c4909e4ec53982e7d7fd11ee0bdeab0bb4c469c9665dde8cb58f0ca148223b6cc4e2f306cfbeccedec8db5212f2fc4e14f836c68bdace4db1afbde9d463e5ac24567925b5fdf0e3af1a52dbd7669fe9227302c8f635bc2ddbf5bd7dccd7b92a9bd5c7363375a57851c2bc72509f2005f138f5a59cf85e9ddb1c972c89d50806e8941b7059cd3eca77527a7f20af70841b4d6f026614bdbb276a6814cc74d91856b968c5fdb52674d892a90d01ab91841b6811def78bdac9bc6f9df2598569fbdfef75079832b2750801dc83fd1987713c61136ac9e5f2f7e67f302109bb9a7fea75290b506a89a19d7e0e472937a8c9ecfe16ef6eb88c7a88a060756196d55d6a3d3f7cdf9915d22b6b3af69ec55017b821ec0621e8a59414efc2b46977a85846b53ae75a350947afcafbdef7233cc371bc2a6f29c0315b352ac2741c81df534303ddb30a4408db5679d05d245259c245c9d7f861711cc287cfd0462b948512623b921060386c587fd166df29e71ecfc8ed90031e95b2af1406b5ae73f6084e39e88194e3d37dc801982656b5b66342d74100f9f5b8c94c1e91b626bbf426a07b4be91dbdb76a6e40d0b788f89359e462e69bc4499fd4f9aa1e7f0c3f73a996b6ecef606c7651286e1f18a6823eed7191cd542057eaaf09aa32e8ce370c09050278b85fd359b8ca23e66e9d294ec57b3ddd90409d9b1ca28c6993b244f8ca46f6bf478ff22fb1df53e33abdda4b2b1e5cff7de19957bdc8e7ca39e4762204b1f9f33b9375b7282422b91841706751038e42023ba45c1cd0998c1794c1c2a5ff65466189bbb27bcbf01e5a48bfd8b6845f7d5c87d977df4ded5273ebf56b96c50b4eadc44bfaa0994259eeb1031644415fa9d729753d2138b06f9b7b624d9eeb1ef71dfdff0b639078f058c7a070451c4670af0c6eb1202f77be82faba9b6287995066b5f7e59b7967706d8d8c5bde48137e13df537ae54664fe4e8460b1bdf5b92a1dcf39ee1726bc6690d0ac5f799bcfab918c59cb132c45054ba17b8a44d505ad3eaeee95b4275b25b2087da8902552727a1e739014df348cfa3a1102661c35a6a38df6c410f5343577955dd57de5af089e3f1bcdf96d4ef1d5944243470b0ed10616144cccc5cac44e36fefd9441120c5d047867af0ea353da21fc0ae73b78b84d53a62efeb94ea8d441cc698c92fd7b36cf41472d036c5093bbdf943620c29ffa3b21ef4a0bb9274912b046834ee6f855ceadf18fb488040d5829ab6e8bf69a90315f7f84d002ac4e929e9f1010a8486746bd316799ba3a65744980c388202324ba50768c77a8481ba74d135da7507048c82714a8234837b69922126e4084a68f7418bfd26417cade786c7f8185e2492e3b64eb9d2c2c721504c7b4aeb383503f745fd69315c56b5b0158decd1b1606a63366b7e2d2b9124b6efca4480c703c8f37d6ddff55b0ec15f2ce6be6c902d06aec2ccabeba13b442b608076c33d19e690ab66cf6678d679758d22fb5d8d963f25d00c45576f8b2938543080297b9cb6c305e3131d2f412f00370c285251909f8ebefc3d18a23e25a183997b08251450b29fff32781e6a70e6e070ab3921f3f809392deb732d6f30cc034b5f77d41218bca86d515b16da0457dbf7aaefdcef9d5358e7b4f1e5d1a410f55449e765609d122f938fd57b71482244dff0523067cabfd322fc47aca1c331112e3d969f5fe3594c3c7adea7c36e9b9af6754cdea5ccf05b139f783d4b24540c50a6a9f7dff472d47c87c151d8439b5740cd1f423335dae2680050bd44766159cba66666b7dbc9e190130494327a0d8c9dbed5c8b831ce2b2bb236353ff7175a48b61a0f3209fa3db44f07a21a485ef1682a33cdf632ac2d6ca993b6cd90913e31704bb851711e1f2b5ebb19baaba102dd42d550933e9dfc17311665fef4d0206d7debbcbbd97efafffb905bf9a77b8eeb67d5f8bef8526f6f8607672bb3c50b14e16c264265594e05fa481f724290abdc9f60a899f26033236e3b90548c24288a7b627b51c4d7c638c359ec6325b0d79e1d69cf18cd9136a263b6aa84ad062b9831fc7c201b7ccec7d3b7ea2132ee4579632bf614bcde285527c36ef8a8e12651ef34a677a8d2f84360afa2f2245e4e0d61a12e8e446045fae61375082f983363795f11848edad24b3f7ae53f0eeb329fa62b6d7b446e3b2c1257981f9c0c3ea371c71021af834a285203b2e3177ddf5251044ea215c048f78701dec36a94ca3c435278d1fd889996adf5ea7c8db62f2b1331bc22c4b7798d587a5c4e619b7b576e19d92996bc0bdc0c8c15374e11b6eeda0e18b35aac4b96db9cdba025080bf5bea4ffdf4fa3c93ec5feede0a140f7f6727ef255783565935d59d348aaa6d12c060afd5f6d084346309d8cbf54b33050ecccf30ae083c4034165880214a94a5296427e2fcb6d90692a82212b6b8d86c6d163f0643944aaba4af1171aed463994f1374e1ec1654b89b04e9d635074e8d131bc2443daf1caad455671470329a287f4c711cb907403d5c05184cd3a647823b5b9c6dc4451fdde92dc1cb87010197026458b40d4809ab60aca1af6bb3702a3e0506cdd21faa6d9909f4ed74723de75fc48d44314fa3cc0c8e8ea226ec1d5875b9595aeacdff0a9f75b4a60dde781c58179f997ecb6479c91ecacc65bfe293a2d26c21ae7c1d7be1241cc1c4ea86a6cf8d93012bd98508aae8db723ff167026298cab227b7d0062c27ccc8e81df7268423ad063638760b44e77147ee9bd84140166ae2bfd592f845ca68c719f7520ae3c9988cc89db73bf93ad6f2f7d9394b2288f0176723acd167081ade4e066a26832f7b655cd874aa5026a7369bb9912c90599d1407f0488a9c540a31997890f5433bd1df91ba13a9e0721c9a707eac7cff1c3efef6cd716779c7ad631c3560caa2031d9d2591329c1867d0d5f96b5897cac2c6a381f0ce5c27969c2b3e7d188e1e896d815b01a3e177933817325953140272ad718a36ae522d43de109ba92255ee66d2a14897f2b2014dc9a495c108727e0eef54df617e269e43a0c48d28a91aaf14d58719e21ea39c1c534e39a1dfabb61377b55d2f69fe79c7d5111b8b952c388925ea8ab1503ae68bce95a34a10a85aa0e5da52add14b93eaac5861a6504e23dda8034e809253c1071ddda934663faac454cd378c5725f5c6f4d943779994357185e512a4b6993156e624f25d86d24e7254d3e9b231aa80ed5a32e108cb528d402f93e58c25ac937420ff7dcd7d9ec2126c7fe7cefa47c038f23de40523d5e026fe3bb4cfd3040f9bd9631cf5a2cde1e20a6032703cd64c2ad97ea95d05a7aa3ea3b3b9d5a86961116dd1338c0a2caae0ceab3178ac7736dfa8a949cd81d261748e6678cb730b57468fb2b7e22c5eb08ad496e76775dce0c31950a596580ad7d6c3fd9ce90dded340f20b77fe53e81fb6e2a7a6c450b8ac9009c7c077893f704457a90401fb758c0769fbfd38e40ae692e410b889bbf0b09a32dc731b6768c0fa3963a5b6279b6a5db611174339f3218fff567f6cfb7377ddc8e2c730da35cc3ec680a6bc95010dd03834caab7afb2c0023ad9ce3aae3c0fd1ece42ea840bf5fc798a0b5fbe7692f13549cdba4a0b68f722ef6877856a76fc3c39f7cfd760675a9f341d9f09f381972be9171e50455ed13e665e61a03b0c2a79276a871c25fc5c486639a71a8dfdf36174373b8995014752aba3026045be6b43074ac3824d687bbf5f6544228cea52791828f54980ee9f728534ea32edd205aaace717adcf61ce28f92719048d44b09812bcfd2d22cc9d7a45ed6b4634756f6b3189908c71728c373ea94aa5c74ce4a73c20138b8cb21db6e2dfb35329b86b1805a5208dd370b8342ca8aa3cbd3e7a3ec79d7b8ee677b04e19c524ddc6de0b22443ac15de908f61719399d0f9890ca2b0283a7db914944f424af10ba0ec9e3e253c060d7b28552eaae5eed1e906f8f93c2195293deabdad6cb38ddab51603e4a96ef1e086de911fb716ffbca467294d9e66e5d0f8225bc28d6c074c4ffba76706f61b0b386b7e4b6500a15fad291f34f6c84f1596a97512f31196a529a7a5725437c038e17d531da3838c8aef3bade6bc1d4c7624560d4fba72e5f8be2c5dc905e1e4bcb2aa7eddb275408ef4288ac69c7a18ae58fb26c2f5a6964f051b81d2e426fc2a5d8617050341b96d5a746e3419fbe94bd3752403868b655c2dba6f48ef109a2e6ec0041842fae52bfab70481ecfe8d27f3d5e444f1b941d871c8057cbe35df68665bc3aadea02d203b106d1179a428daa7d9fea9dbddd8955bb289a92ec790de74cd6a1edf925ab85471633dedf8ba46abe456963a2381addce2aa16c06dd80bb54d8e53d7c82607916af175061da29122afde8687add6b6f42233b76a1164893dcc1ec3dcf935576d2d0f3ab3b1adbace086da915234b4f9bad0afc2915608fc4f6611dc3b91d7e0e48cb0a0f3fdc70ef70ef82043afbd3325f0f6186390ab28ca9f0009184637530d79f0c5a77c6e912afbe6533988f543fc6c02d3d44fbdb0e2ebfad2680184f1ed451991667df958a71fb41cf4367bdb931389ea8b6340e225b312a09dadd8e2ac2d200db6e75323d48c73c6b819e13f92b01bf405e796a2e10b863e773598abcbcc196987e18b19530337809b56480778207103a12acfff1c0ad62846088251a1a0d0d6b300059a99698c84ccac78d53eb32e3984001978db7679960b4d75d71b49696909826c66320526fe02a060265821d15b8b2337121a201402a118ec03ff0d4f3dfa48f2dadd20b510ecdf4e6440b5b2466b9bf28e32327189f0405245694a6371dbe4eae7a8293cdc15193c284123d64690120634f808096a8f3f7a04a5bac9dd86c09f2e4e87c7d7c98d0b370e84ea5f265730f5480eb1375d4f82c7d4efbb6e58c5a92848331b2becd2531f6c456b5d0e690b102dd8faec55bde56f95727f4abf52c58543faaeb9cefd39bba788bd7e2b02b27ecbc1679a1ac00823c83e1ae29690cd25544d3ae0a8db25e963e9fb5bd94987637ac3546b9b312bf04d5c6211c135e806525d423fde9ccb5ef7962ec1e056e6f29adaeebb331f6c234586d1fe21577f56d620c6942a29d4915772144cc60008d1236db21100d5a3112c29396b9e18cdb5b104bed2df2b6ea72c9aa03bb6082f3eb07f0eae359864967a749492d21005b0d39c9613c20b1e21700ab66a4f5ca03ec08d67b95f759252d758743820ba243032e1708447fbaebc27e1316af4cf547cef3ac4966a1f04dd07012f257a0204107c23a0046b12493d9784b24dc561c1f88e591056bcc3b338ab1de65e5ad578021f26f93e9b12f00b5f8c8ae2db6b7b8f254303c7ff06514735974e65fb9a93dc79b115a12310040490ca11ef315340af104e20a2e22dcd132f7d7a61d9d3a12e832ee048a2170dbe03d747ed7402180eb964fde0ecb77e778b18a4e5a83479bb7e0ea0a7d5145ffed4607bd7e6b8f961625d5e3dcac2d4a05e71dc9c2e52195bd55aed4e6749dc1c329e2cda966d18e9bf882c05db627c1047fc71533bbba2c8a83d04db5bad6da349a9ad1992eb88e0274d32a16137e2396ad973c0ecbbc2d243e68b6959bf9b", 0x1000}}, 0x1006)
write$P9_RVERSION(r4, &(0x7f0000000200)={0x13, 0x65, 0xffff, 0x800, 0x6, '9P2000'}, 0x13)
sendmsg$nl_route(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x50, 0x10, 0x401, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0x8000, 0xc574450d1af3b5bc}, [@IFLA_IFNAME={0x14, 0x3, 'bridge_slave_0\x00'}, @IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x8, 0x12, 0x0, 0x0, 0xb}, {0x8, 0x1d, 0x0, 0x0, 0x2}]}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x20044000}, 0x0)

4.726746524s ago: executing program 0 (id=962):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000240)={{0x0, 0x3, 0x5a70, 0x3, 0x3}})
r1 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x2, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @private2, 0x3ff}, 0x1c)
r2 = socket(0x40000000015, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x271c, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, 0x0, 0x0)
r6 = openat$ptp1(0xffffff9c, &(0x7f0000000040), 0x2000, 0x0)
ioctl$AUTOFS_IOC_FAIL(r6, 0x9361, 0x40ce)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x25)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x19, &(0x7f00000005c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r8}, {}, {}, {0x85, 0x0, 0x0, 0x86}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0xf9}}, [@jmp={0x5, 0x1, 0xb, 0xa, 0x0, 0x6}, @jmp={0x5, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffff4, 0x4}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x2a}}}, &(0x7f0000000080)='GPL\x00', 0x9, 0x1001, &(0x7f0000001cc0)=""/4097, 0x40f00, 0x24}, 0x94)
getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000140), &(0x7f0000000180)=0xc)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r10 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000019580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffdeb703000000000000b704000000000000850000004300000095c5d708fbd305aee619a04aca6fa90d089201b2c48c4f0681d074423de97318a990455fc4822078781cac18020c29841b509edca6ffec39b191e555dd4bda58bd9b6d5a82738aa25148bb47f1cfcbf9ce815f05c46658be79078ea821a2c472899fd3919e397f4df97749cefd63"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r12, 0x1, 0x32, &(0x7f0000000180)=r11, 0x4)
sendmsg$inet(r13, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x3, 0x7fff0000}]})
setsockopt$inet6_tcp_TLS_TX(r9, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, "2141e5ccfe0697ce", "db7ae8b0916c86a7c0a860d118a1e0b602a976ebed67add1f5656ccd14177c12", "416859aa", "f8bfebf386c08f0e"}, 0x38)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0xd0f, 0x0, 0x25dfdbfb, {0x60, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x10, 0x2, [@TCA_RED_FLAGS={0xc, 0x4, {0xf, 0x8}}]}}]}, 0x3c}}, 0x0)
bind$unix(r2, &(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e)

4.090062288s ago: executing program 3 (id=964):
r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14, 0x80000)
setsockopt$packet_int(r0, 0x107, 0x12, &(0x7f0000000080)=0x7f, 0x4)
r1 = accept4$packet(r0, 0x0, &(0x7f00000000c0), 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
r2 = socket$inet(0x2, 0x5, 0x1)
sendfile(0xffffffffffffffff, r0, &(0x7f0000000140)=0x1, 0x8)
setsockopt$inet_mreq(r2, 0x0, 0x20, &(0x7f0000000180)={@multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x8)
io_uring_enter(0xffffffffffffffff, 0x2fca, 0xb896, 0x8, &(0x7f00000001c0)={[0x7, 0x7]}, 0x8)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
move_pages(r3, 0x0, &(0x7f0000002240), &(0x7f0000002280)=[0xe17, 0x5, 0x10, 0xc00e, 0x100, 0x0, 0x0, 0x1], &(0x7f00000022c0)=[0x0, 0x0], 0x6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000002340)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ff7000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000002300)="defcbdfd7da9f17c949551e7b7101778af9bb097bdb81e0935baaae099e10372b1dd78b534b272b8dcd5ff3ea88b52", 0x2f, r1}, 0x64)
mmap$binder(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x1, 0x11, 0xffffffffffffffff, 0x1)
bind(r1, &(0x7f00000023c0)=@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x80)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000002440)=0x5)
r4 = dup(r2)
socket$kcm(0x29, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000024c0), r4)
sendmsg$TIPC_NL_NET_GET(r4, &(0x7f00000025c0)={&(0x7f0000002480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000002580)={&(0x7f0000002500)={0x68, r5, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x54, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3ff}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0xc800)
r6 = openat$vhost_vsock(0xffffff9c, &(0x7f0000002600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0x4008af12, &(0x7f0000002640)={0x1, 0x2})
socket$igmp(0x2, 0x3, 0x2)
socket$xdp(0x2c, 0x3, 0x0)
ioctl$COMEDI_CMDTEST(r4, 0x8040640a, &(0x7f0000002740)={0x1, 0x40, 0x40, 0x9, 0x100, 0x6, 0x61, 0xb, 0x40, 0x3, 0x2, 0x4, &(0x7f0000002680)=[0x401, 0x8, 0x20000, 0x10, 0x4, 0xf, 0x0, 0x9, 0x51], 0x9, &(0x7f00000026c0)="de2dba23512fef7989294bb1888e3c339382618b5f68d248c7712ec7c3049dc60641a67895bac9afb69bfe9657648a41e26378e4acfeb060de69edc14064548367eee265c88ed24d36bbf698aa860dee784bf7fe65", 0x55})
setsockopt$packet_int(r4, 0x107, 0xc, &(0x7f0000002780), 0x4)
ioctl$TCSETS(r4, 0x5402, &(0x7f00000027c0)={0x1, 0x0, 0xfffffff8, 0x7, 0x4, "595a13dd7a90532ac74debbdfe5603e670168c"})
ioctl$TIOCCONS(0xffffffffffffffff, 0x541d)
vmsplice(r2, &(0x7f0000002b40)=[{&(0x7f0000002800)="d3071d68ae01533e3117ad2ca688fa732e887bcf0a834288525beaeb26431e", 0x1f}, {&(0x7f0000002840)="014faeb338b7e7ede045d52180bb61dfb06584fa1de2d21ce719274d2ccb9a4f70a60b9a9d0b399d53a5f97b36da59b20be0c98ac90ddb486fd9600bf3f69ee4a994fbc78b8c651ba57d8549b6a5cbd42b733c2220", 0x55}, {&(0x7f00000028c0)="10b9bc4f83b907d77e221d0b935d1e6fbdc92f5747606fbfcd4146a4712f97794c15957752165c84c96491bcf15122d2e7892514005d2f77958d43758925dd62db65efcbd46740ef65b3f2cb09209d9c2cd3ccff118c831db0d33e98d8a9e6018c783dbd732aec1a49ec2535f58a3e3deb092c3e64ae435d6dcc2e874f181a23903021b2017f8eb9600dba926e5a34736f0108b5485b", 0x96}, {&(0x7f0000002980)="a0b6ea1bdbba89460f1d9231172370afc0024d96a27e7bd1782fd2eed2fdef2c5cbe9281d52008df90695c16af674566468ac2cffec313ae8811cba7dac02d451209f8cda7eb5c298b31daa4b5bce348dbd61e6ab2d78c0be89e6bc8f87bb04dc84e87851aeeff2fa68c943e74790be41bac2a3b3b6b", 0x76}, {&(0x7f0000002a00)}, {&(0x7f0000002a40)="e38d5d2d5d4fd82ee48c0ee947f37a08cfefabf360c3a72fd09869c21386c33e151afa4ad0a53735860ceb829e2424ab58c2b9b877f1bb5936248dc3b9cedc8c15cb9572cca2d431d1af70e9628fc298bc12910b281e35963d31c3da4d71a8fa2b6f1ef7f2a1e7893f9c4f9705784cbeb02a739e1d767b113a81c365ef54c97de19ddcf7ff0bd22ee16d0dfb7cdabd6ece674c103ff1d4b14024e34c445f989d566f6bec091a152b1033d1a599c51b8fed2900d69c734b7c173ce0f3808fa19cd019023957c1b2efd082b6e65bc2d9", 0xcf}], 0x6, 0x8)
write$dsp(r4, &(0x7f0000002b80)="c70c509f54", 0x5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_KEY(r7, &(0x7f0000002cc0)={&(0x7f0000002bc0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002c80)={&(0x7f0000002c40)={0x24, 0x0, 0x20, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_KEY_DEFAULT={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20084014}, 0x40)

4.015174392s ago: executing program 3 (id=965):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000100)=0x9, 0x4)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r1=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000080)=ANY=[@ANYRES32=r1], &(0x7f0000000280)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x5}, 0x94)
sendto$packet(r0, &(0x7f0000000180)="0b036800e0ff64000200475400f6", 0xe, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="800100001000010000000000ffdbdf25fe880000000000000000000000000001ac1414aa00000000000000000000000000000001000000000a0020005c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000010000000033000000fc02000000000000000000000000000100000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000cc00000000000000fdffffffffffffff0000000000000000000000000000000000000000000002000000000000000000000000000a000480000000008d001400736d330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000802000000000000ab84411f518dc9d5565b9e05de67830aeb529f334e285efe3786823a0a1e08b53bec30240d4d6f58f05cd36e941758cf60d4c5a818aca82c12697c43daf8000000000000af7d8d205daab21a0177e4759c21dd200997eb4797891af7909c4e8ea3d4b9cb5e45570072be905fa79b61173d418eb536ec"], 0x180}, 0x1, 0x0, 0x0, 0x20004001}, 0x0)
socket$packet(0x11, 0x3, 0x300) (async)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000100)=0x9, 0x4) (async)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dummy0\x00'}) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000080)=ANY=[@ANYRES32=r1], &(0x7f0000000280)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x5}, 0x94) (async)
sendto$packet(r0, &(0x7f0000000180)="0b036800e0ff64000200475400f6", 0xe, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="800100001000010000000000ffdbdf25fe880000000000000000000000000001ac1414aa00000000000000000000000000000001000000000a0020005c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000010000000033000000fc02000000000000000000000000000100000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000cc00000000000000fdffffffffffffff0000000000000000000000000000000000000000000002000000000000000000000000000a000480000000008d001400736d330000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000802000000000000ab84411f518dc9d5565b9e05de67830aeb529f334e285efe3786823a0a1e08b53bec30240d4d6f58f05cd36e941758cf60d4c5a818aca82c12697c43daf8000000000000af7d8d205daab21a0177e4759c21dd200997eb4797891af7909c4e8ea3d4b9cb5e45570072be905fa79b61173d418eb536ec"], 0x180}, 0x1, 0x0, 0x0, 0x20004001}, 0x0) (async)

3.927680684s ago: executing program 3 (id=966):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2800003, 0x31, 0xffffffffffffffff, 0x231cd000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0cc5605, &(0x7f0000000a40)={0x1, @win={{0x1ff, 0x20000, 0x32315559}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0x94, 0x0, 0x2c, 0x70bd2b, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x15}, {0x6}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x7}, {0x6, 0x16, 0x202}, {0x5, 0x12, 0x1}}]}, 0x94}, 0x1, 0x0, 0x0, 0x40000}, 0x41)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x11, r2)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000000000)={0xffffffff, 0x6}, 0x8)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e1f, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
close(r3)
mlockall(0x3)
mremap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)

3.743476027s ago: executing program 0 (id=967):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0)
pwrite64(r0, &(0x7f0000000000)="a5", 0xfffffe8c, 0x2)
ioctl$BLKRRPART(r0, 0x125f, 0x1f)
ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000000040)={0x2, 0x2, 0x10})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x1c, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}}, 0x1c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r3, 0x54a0)
r4 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x0, 0x60080)
lsm_set_self_attr(0x3, 0x0, 0xfffffffffffffddc, 0x0)
ioctl$VIDIOC_PREPARE_BUF(r4, 0xc04c565d, &(0x7f00000002c0)=@multiplanar_fd={0xc3b4eab, 0x7, 0x4, 0x400, 0x4, {0x0, 0xea60}, {0x2, 0x0, 0x7, 0xb, 0x4, 0x3, "f6de8be8"}, 0xac14, 0x4, {0x0}, 0x2})
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
fcntl$lock(r5, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x5, 0x5})
fcntl$lock(r5, 0x24, &(0x7f0000000280)={0x0, 0x1, 0x5, 0x7})
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f00000001c0)=0x1)
ioctl$VIDIOC_S_FREQUENCY(r6, 0x402c5639, &(0x7f0000000040)={0x0, 0x2, 0xcadb})
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x691, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)

3.296128946s ago: executing program 0 (id=969):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000000000402505a8a4412001020b0109021b00010100c00009040000020701010009050102"], 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000400000000000000001000084080000000000000001"], 0x0, 0x42}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r2, 0x0, 0x2}, 0x48)
syz_usb_control_io$printer(r1, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x4, 0x2, 0x3, 0x2}, {0x9579, 0x4, 0x0, 0x7}, {0x1, 0x4, 0x2c}]})
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c00000044000701fcffffff00000000017c000038000480312d", @ANYRESDEC=0x0], 0x4c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

2.947040961s ago: executing program 3 (id=970):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
sendmmsg(r1, &(0x7f0000003980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[{0x10, 0x113, 0x8}], 0x10}}], 0x1, 0x85c)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
setxattr$security_ima(&(0x7f0000000080)='./file0\x00', &(0x7f0000000000), &(0x7f00000000c0)=ANY=[@ANYBLOB="0603e0"], 0xa, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000b937600000000000000000000000000000000000000000002000000000000000100"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x20040000)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@updpolicy={0xc4, 0x19, 0x1, 0xfffffffc, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x2c}, @in6=@local, 0x4e22, 0x0, 0x4e24, 0x0, 0xa, 0x0, 0x60}, {0x0, 0x1000000000000401, 0xfffffffffffffffe, 0x40000000, 0x0, 0x1a, 0x1, 0xfffffffffffffffe}, {0x7a, 0x5, 0x0, 0x7fff}, 0x8, 0x0, 0x1, 0x0, 0x3}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x8044)
sendto$inet6(r0, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)

2.882933533s ago: executing program 2 (id=971):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000001280)={0x1, 0x0, [{0xc0000080, 0x0, 0x100}]}) (async)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84) (async)
r5 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100, 0x10000, 0x2000000}, &(0x7f0000002000)=<r6=>0x0, &(0x7f0000000000)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22}) (async)
io_uring_enter(r5, 0x48e9, 0x0, 0x2, 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0xd, @private0={0xfc, 0x0, '\x00', 0x1}, 0xd}], 0x1c) (async)
setsockopt(r4, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
listen(r0, 0x90004)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50) (async, rerun: 64)
close(0x3) (rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f0000001340)=@base={0xb, 0x8, 0x2, 0x9, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x5f, 0x0, 0x0, 0x21, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa9) (async, rerun: 32)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000300)={0x0, r3}, 0x8) (async, rerun: 32)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r11 = syz_pidfd_open(r10, 0x0)
ioctl$EXT4_IOC_MIGRATE(r11, 0xff04) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r9}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001500)=ANY=[@ANYBLOB="b702000010000000bfa300000000000007030000f0ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b2314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8dd63d4b77b206000000000000e254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3813e2c25a61ec45c3af9948f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469600241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c12e28ef97d9ebd9c77f1774cf4683c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f011000000f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497a6103876843ee04ed9ff002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd1304202274f20675eb781925440578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b96508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e25c89b552d7fcd116bce9c764c714c9402c21d1aac59efb28d4f91652f6000000000000000320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a575939206d0c0f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000ff0ffd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8000000edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db76cf059f40fa2640b6bfb74dd35391b8fa18479da9f4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847db97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ccfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000000000000000000003ba34b611569a451564d3a5400f9097ffe7a37e765be352be71ee24250d6828562c7e24cb763062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89a0000bde05c114e7a020fc1a5fd3eeeb822008b2d7d1cc062b51b0aca4956b557e51a1385cc572b0074b0950fb1437de2590bf99ec7ceb69e1fe2465fce099c992d57b804a22e148ae3411523814aee03ee2df877edfabf4aa94f07c6fdd127e57a8bf7975f2e606c25a299980a6e52fcf7849d45bb38573fbba8afef1aa7a24c805f7aee3e39a3000000000000000000000000000000000000878f88c4742ac490951c36c610a0d266588ec6a0bd300cf160b5a5d9e9fafa49ecc8430832d795e727b7fc2b76e7fc4141fdbb82f45d3cdd3fb8d4b443ab4954fdf5c1b9a6ab3e457f098329307ccb0a1989b6c37509692e952e7244f48bc12569ff8eb30d0f887b85b5ef44fb9a7571319190be0c226ed72f346cc4aa071ae0c72fa8bd00d5590c4f4ba65d0c8e1f4870fe3c414681e41b40163eb1aa2a7429a2208cd6e69c7d959e87da3fd0101159a03ab7fe78881ee7a1ee7a2edff75fb18a181e0c54352be2b7a5b5273198291c28d9141deeb3cdba5d414ae4b0000000000000000000000000009eacd83458d8a606be71970497a4fd4ca3b48ca482ab3804e2fac216b3ba613608b1a465456a33fd08491d337d7344c01cfc9e73"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x40, &(0x7f0000000080)=0x5, 0x0, 0x4)

2.865459349s ago: executing program 3 (id=972):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000000)='lp\x00', 0x3)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r3, &(0x7f0000000580)="17", 0xfdef, 0x10008095, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
sched_getattr(0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$HCIINQUIRY(r4, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r4, 0x400448c9, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000040)={0x3, 0x2})

2.698003206s ago: executing program 2 (id=973):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x5, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r3, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r3, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r3, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee3c0cb001829a8681ed391da1a71d8d", 0x63}], 0x1}}], 0x1, 0x20008000)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0xc, &(0x7f0000000840)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @cgroup_sock_addr=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write(r4, &(0x7f0000000000)='\"', 0x1)
bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r5, &(0x7f0000000000), 0xd)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000d00)=ANY=[@ANYBLOB="14000000540001002d000009000000"], 0x14}], 0x1}, 0x0)
r7 = open(&(0x7f0000000000)='./file0\x00', 0x502, 0x98)
ioctl$NS_GET_OWNER_UID(r0, 0xb704, &(0x7f0000000240)=<r8=>0x0)
setsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4e21, 0x0, 0x4e24, 0x9, 0x2, 0x80, 0xa0, 0x2c, 0x0, r8}, {0xfffffffffffffff8, 0x75, 0x7, 0x7, 0x5, 0x0, 0x7fffffffffffffff, 0x8}, {0x40, 0x4, 0xd64c, 0x81}, 0x9, 0x6e6bb8, 0x2, 0x1, 0x3, 0x2}, {{@in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x4d6, 0x33}, 0xa, @in=@rand_addr=0x64010100, 0x34ff, 0x0, 0x0, 0x5, 0xffffff80, 0xabd, 0x3}}, 0xe4)
r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newchain={0x5c, 0x64, 0x800, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0xd}, {0xf, 0xd}, {0x4, 0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_ADDEND={0x8, 0x5, 0x5}, @TCA_FLOW_RSHIFT={0x8, 0x4, 0x8001}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1d04e}, @TCA_FLOW_ADDEND={0x8, 0x5, 0x7}]}}, @TCA_CHAIN={0x8, 0xb, 0x5}]}, 0x5c}}, 0x48010)
sendmsg$netlink(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180100002e"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)
fcntl$setlease(r7, 0x400, 0x1)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000000)='.\x00', 0x20400, 0x74)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000100)={'vxcan1\x00'})
ioctl$F2FS_IOC_MOVE_RANGE(r7, 0x541b, &(0x7f0000000040))

2.442234107s ago: executing program 1 (id=974):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4040001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb0100", 0x25}, {&(0x7f0000000040)="aa1d484ea0a00000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfb", 0x26}], 0x2)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000840), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000280)={{0x105}, 'syz0\x00', 0x15})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00f7ffffff1e00ff130012800b00010062617461647600000400028008000a00", @ANYRES32], 0x3c}}, 0x0)
setpriority(0x1, r0, 0x0)
ioctl$UI_DEV_CREATE(r3, 0x5501)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009000100"], 0x7c}}, 0x0)
r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000480), 0x100, 0x0)
preadv2(r5, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)

1.924259958s ago: executing program 3 (id=975):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
write$char_usb(r2, &(0x7f0000001300)='7', 0x1)
r3 = syz_io_uring_setup(0x66e, &(0x7f0000000240)={0x0, 0x29cc, 0x10100}, &(0x7f0000000380)=<r4=>0x0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x1000000000000)
syz_usb_disconnect(r1)
syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x4b3, 0x3103, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x5, 0x80, 0x9, [{{0x9, 0x4, 0x0, 0x6, 0x1, 0x3, 0x1, 0x3, 0x0, {0x9, 0x21, 0x3, 0x2, 0x1, {0x22, 0xecb}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x4, 0x5, 0x9}}, [{{0x9, 0x5, 0x2, 0x3, 0x200, 0xdb, 0x8, 0x9}}]}}}]}}]}}, &(0x7f0000000480)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x250, 0x7f, 0x0, 0x3, 0x0, 0xd}, 0x73, &(0x7f0000000400)={0x5, 0xf, 0x73, 0x4, [@generic={0x10, 0x10, 0x0, "aa6fdcc81edfcedb9e4555b288"}, @generic={0x32, 0x10, 0x3, "b057f77d516ae4b74cc33b7dfd812c2cb25570ed201856a14a997a2f7d28203229902656e84d8c50c6f886253aabb3"}, @ssp_cap={0x18, 0x10, 0xa, 0x7f, 0x3, 0x7, 0x0, 0x7, [0xf, 0xc030, 0x3f3f]}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "c317e55cfa4cd068c23ebb7b53574f5b"}]}, 0x4, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x401}}, {0x7d, &(0x7f0000000140)=ANY=[@ANYBLOB="7d03f80a5af82329ec78d6cfe88d8fedf60ffdd7f3c7427c778e792d051b8676b3cc5b0e974bf14a6801b8179aab7713c7a355405e7c6cf4bb53d808e25ac974dd004fd221e5d3c28cca4152a5e6298e102908a9f18e044948004bbb66756179aabe6281fe740bf14f5b0c6b467f1f8469259f000000"]}, {0x5f, &(0x7f0000000300)=@string={0x5f, 0x3, "80ba265de37295a3de0d8107399a297dd6d2750eb5fcd96008cac6887405d4f17ae1c85d5f293fe7654c04e1411ab0fe965103497c98f46ad98de1dcfd9bba8ea98d15c53ac7379cb3f5b663a72121bd32aaedeb56a1d25bf01b5aa57e"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x44c}}]})
r5 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x7, 0x2)
sendfile(0xffffffffffffffff, r5, &(0x7f0000000080)=0x7fffffff, 0x1)
r6 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r6, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e22, @multicast1}}, 0x24)
listen(r6, 0x4)
listen(r6, 0xbc3)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0xd)
write$binfmt_aout(r7, &(0x7f0000000940)=ANY=[], 0xff2e)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000180)=0x5)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000000)="f88c77a0", 0x4, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$TCGETS2(r7, 0x802c542a, &(0x7f00000002c0))
recvmmsg(r0, &(0x7f00000060c0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x63, 0x0)

1.476526904s ago: executing program 1 (id=976):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async, rerun: 32)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 32)
bind$inet6(r0, 0x0, 0x0) (async)
fcntl$dupfd(r0, 0x0, r0) (async)
r1 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x1d, r1, 0x0, 0x0) (async, rerun: 64)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64)
r2 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r2, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) (async, rerun: 64)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async, rerun: 64)
truncate(&(0x7f0000000900)='./file1\x00', 0x24b9) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async, rerun: 64)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8002, &(0x7f0000000700)=ANY=[@ANYBLOB]) (async, rerun: 64)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000000)=ANY=[@ANYRES32=r3], 0x8) (async)
chdir(&(0x7f0000000300)='./file0\x00') (async)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)

1.456852871s ago: executing program 2 (id=977):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
close(0x3)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'sit0\x00', <r3=>0x0})
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x5, &(0x7f0000000140)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xf}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r5=>r4, {0x9}}, './file0\x00'})
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb01001800000000000000460100004601000003000000050000000000000903000000060000000600000f0300000003000000390f0000ff7f000005000000330000400103000000f7ffffffffffff7f050000000600000045340000020000000600000000000000def48e0f0000000000000a000000000c0000000a00000f03000000050000000800000009000000010000000a00000008004e000500000008000000dc00000005000000030000000100000002000000080000000e0000000300000009000000ff7f0000010000009b0300000600000003000000c0000000070000000400000000000000ffff00000200000006000000f7ffffffab9f7e0f0000000000000805000000040000000000000202000000010000000000000e0100000001000000010000000000000100000000150065010f0000000000000a000000000d00000000000008020000000000002e0084a4b44d00e213b3d33a3f09ec61ed5f7a198ca92c4e1bdad7db301f520022b510a2a7a43c2dbf6000"/395], &(0x7f0000000300)=""/209, 0x163, 0xd1, 0x1, 0x5, 0x10000}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, r5, 0x5, '\x00', 0x0, r6, 0x0, 0x5, 0x3}, 0x50)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xe, 0x5, &(0x7f0000000200))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001b40)={r4, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.448819609s ago: executing program 1 (id=978):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_HASH_SREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_HASH_LEN={0x8, 0x3, 0x1, 0x0, 0x35}, @NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0x89cb}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x8c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x4004000)
syz_emit_ethernet(0x14e, &(0x7f0000000440)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @val={@val={0x88a8, 0x0, 0x1, 0x2}, {0x8864, 0x6, 0x0, 0x4}}, {@ipv4={0x800, @tipc={{0xc, 0x4, 0x2, 0x2f, 0x138, 0x63, 0x0, 0x49, 0x6, 0x0, @empty, @broadcast, {[@cipso={0x86, 0xa, 0xffffffffffffffff, [{0x7, 0x4, "52a4"}]}, @lsrr={0x83, 0xf, 0xdd, [@dev={0xac, 0x14, 0x14, 0x18}, @multicast2, @dev={0xac, 0x14, 0x14, 0x1d}]}, @noop, @noop]}}, @name_distributor={{0x108, 0x0, 0x0, 0x0, 0x0, 0xa, 0xb, 0x2, 0x6, 0x0, 0x1, 0x0, 0x1, 0x3, 0x4e22, 0x4e22, 0x4, 0xfffffffc}, [{0x80, 0x9, 0x8, 0xfffffff9, 0x7, 0x3, 0xd, 0x5}, {0x1519, 0x7, 0x80, 0x2, 0x1, 0x2, 0x8, 0xf9f2}, {0x8, 0xa, 0xff, 0x1000, 0xfb54, 0x2, 0x1, 0xffffff4}, {0x0, 0x5, 0x80000001, 0x1ff, 0x8, 0x1ff, 0x3, 0x8}, {0xe2ce, 0x2, 0x0, 0xa1ab, 0x8000, 0xffff, 0x9, 0x6}, {0x0, 0x10000225, 0x3, 0xc586, 0x2, 0x7, 0xa, 0x6}, {0x8, 0x6b3f790, 0x8, 0xffff1df5, 0x5, 0x7ff, 0x4}, {0x4, 0x3, 0x1, 0x5, 0xffffffff, 0x7, 0x6, 0x7}]}}}}}, 0x0)

1.412481115s ago: executing program 1 (id=979):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_emit_ethernet(0x32, &(0x7f0000000400)={@random="810456feed48", @dev, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x2, 0x5, 0x24, 0x64, 0x0, 0xff, 0x2, 0x0, @rand_addr=0x7, @loopback}, {0x22, 0x40, 0x0, @remote, "8cd62d35e77c4994"}}}}}, 0x0) (async)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r1, 0x5457, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x3, "a9872c1672d92f052f98a1aa41eda503b5bcf2"}) (async)
ioctl$TCSETA(r1, 0x5406, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, "5f730000a9003f00"}) (async)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x61, 0x4)
sendmsg$nl_generic(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b00)={0x24, 0x33, 0x1, 0x70bd2b, 0x25dbdbfe, {0x4}, [@typed={0x8, 0x4, 0x0, 0x0, @u32=0x2}, @typed={0x8, 0x5, 0x0, 0x0, @uid}]}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x4000000) (async)
r2 = socket$key(0xf, 0x3, 0x2)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r5, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = getpid()
r8 = syz_pidfd_open(r7, 0x0)
process_madvise(r8, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000000)='f', 0x1}], 0x2, 0xa, 0x0) (async)
r9 = socket(0x10, 0x803, 0x4)
r10 = syz_usb_connect$rtl8150(0x0, 0x3f, &(0x7f00000000c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xbda, 0x8150, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io(r10, &(0x7f0000000540)={0x18, &(0x7f0000000400)={0x20, 0xb, 0xf, {0xf, 0xe, "b2121ab6f6992a150ba0ef1f62"}}, &(0x7f0000000440)={0x0, 0x3, 0x1a, @string={0x1a, 0x3, "6ccbdd6197d583d62645033949e561a4cb332b55901bff6d"}}, &(0x7f0000000480)={0x0, 0xf, 0xf, {0x5, 0xf, 0xf, 0x1, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x3, 0x9, 0xc0}]}}, &(0x7f00000004c0)={0x20, 0x29, 0xf, {0xf, 0x29, 0x64, 0x18, 0x5, 0xff, "487efc48", "49455690"}}, &(0x7f0000000500)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x6, 0x1, 0x1, 0xf6, 0x4, 0x69, 0x6}}}, &(0x7f0000000a80)={0x44, &(0x7f0000000580)={0x0, 0x4fc3af8ec7bc437c, 0xbb, "d4d3293cef64a822f181243b7e6df245182cefb70cd15acb7b0b72e06bd3b1c481c50fd74ab1510f9ca6338b0f69b542e257d375c028e32f81755683a51f1123aef868d17ef9bfce1e21451408bb1a90cf8c495283f5f4c21ad81ae2f8f79d1b1c21ffefcda3b3b784c9a0941cf023b8ec374de4271a2693fc7525e864c506a50b7ab7adc3f62fbb77a483a5664e6dedfe3a533355fd72a82457bd44574996c6af6e4f43302c9ecfb40a25c98e890ff237fc6b4480dfe0cbeb850b"}, &(0x7f0000000680)={0x0, 0xa, 0x1, 0x4}, &(0x7f00000006c0)={0x0, 0x8, 0x1, 0x1c}, &(0x7f0000000700)={0x20, 0x0, 0x4, {0x2, 0x2}}, &(0x7f0000000740)={0x20, 0x0, 0x4, {0x1e0, 0x11}}, &(0x7f0000000780)={0x40, 0x7, 0x2, 0xfff}, &(0x7f00000007c0)={0x40, 0x9, 0x1, 0x8}, &(0x7f0000000800)={0x40, 0xb, 0x2, 'Sv'}, &(0x7f0000000840)={0x40, 0xf, 0x2, 0x1}, &(0x7f0000000880)={0x40, 0x13, 0x6, @multicast}, &(0x7f0000000900)={0x40, 0x17, 0x6}, &(0x7f0000000940)={0x40, 0x19, 0x2, "a27e"}, &(0x7f0000000980)={0x40, 0x1a, 0x2}, &(0x7f00000009c0)={0x40, 0x1c, 0x1, 0x2}, &(0x7f0000000a00)={0x40, 0x1e, 0x1, 0xe6}, &(0x7f0000000a40)={0x40, 0x21, 0x1, 0x2}}) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r9)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) (async)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x3c, 0x2c, 0xf31, 0x600, 0x2002000, {0x0, 0x0, 0x0, r11, {0x0, 0xb}, {0x8, 0xffff}, {0xffff, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0079907b2b5c580dbc0001000000000a00000000b006"], 0x1c}}, 0x0) (async)
r12 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b26, &(0x7f0000000040)={'wlan1\x00', @broadcast}) (async)
ioctl(r12, 0x8b32, &(0x7f0000000040)) (async)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x3, 0x0, 0x3, 0x12, 0x0, 0x70bd2c, 0x25dfdbfc, [@sadb_key={0x3, 0x9, 0x80, 0x0, "1cdc0dca1d9f68846960e56de42944af"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x7}}, @sadb_x_nat_t_type={0x1, 0x14, 0x8}]}, 0x90}, 0x1, 0x7}, 0x0)

1.405781306s ago: executing program 2 (id=980):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000140), 0x80000000, 0x701000)
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r3, 0xc0405519, &(0x7f0000000180)={0x0, 0x3, 0x6, 0x4, 'syz1\x00', 0x5})
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000200)=<r4=>0x0)
move_pages(r4, 0x3, &(0x7f0000000240)=[&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil], &(0x7f0000000280)=[0x0, 0x7, 0x5, 0x9, 0xd391769b, 0x9], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0], 0x6)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r5, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r5, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee3c0cb001829a8681ed391da1a71d8d", 0x63}], 0x1}}], 0x1, 0x20008000)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0xc, &(0x7f0000000840)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @cgroup_sock_addr=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$BTRFS_IOC_SUBVOL_CREATE(r0, 0x5000940e, &(0x7f0000001280)={{r0}, "e46beccacbbd0553057d1c3f24757175f07e5e87257e586682f24e447572b0e6cee328965ae60b0f096064499610bf2d2d590d09b4f91e1fea8e5139ecd9fa815a85facb6b2d8e222b912a0474189658771bdcad2cfb202aca2c05a6169c9e4d9f8abe7a7937353218db01141ecdd25a335f9042e8d63672a8b30f903e2460562fe13cf23ee249b2d847d6d494ead91a0a30db79e561167a0d875468ad4e974d2ec5177d168669ae199aa3b175b105457a10887394bf19859f9a2acf0393909dadd322894a123b388a9024da0ee60a28b2713713786cea8f2e7a5b81ca52170de95ac38538827f17f26d72a4ca66df0f86c74644655a808f024479ee4de998a67ed73f5b67364b7675b6bafe205a9ea3bb86e5055683a17ededeab953a12814c0652c891b9487024638ef1d5e90fc5dc61473cb837c790b405c1ab7de0c55afa124aa6286219c06edd6a8a56bb64595b05508bb6fcc547e185785a0ef6a600d6488633f75d803fe9ca5060e95330477c8441ad468933371c5099089152b3fa58572208fc8d127bb06c6d0a1b8573e02addf90a65b4045e1e77de68e16084ce214373e3bba7436efa40bbbfbfea1dc73c01092ac0e32a70d25f6b45126c52c52d6c86667148fa69e3540353c36911cc3e9192836e4bc0a71a26dc90061f977f36a82cd93ca5bf8a14c642f70d2a6b64a0049387d2c922e9edca073871f9c38e48e15d0786470576c41f3e779ba74328c8d6e0474870e2f58e4aff2c2160110a317f91d951fa74c46d2e87dcc58e276cb81bffcd78dea1508bb7abb97759caf56eac13d8c1e65659bef4585d9597ca800d1aeb0040b30c8783bf19b0937263473ec6f11b567402184d5ea1b87e83681bf055a60e5876b5e7c1db1995d65c03171560acd8072c9542407db4e39ea211e028b2652cbcf6ab31653ebea6f6f47ff43ab0d7c4769342268ab0a2e2ddfaf6dd453c1f2010b7c76e38274661d65c886b66c6bf83a3f7185c88ad607f64e03facf98dfdc94e487f6d1196639392e8ca67fb20ce85c25095728061fdb124f0f8b28a6683a5bf9ebc3a979c1baaa45bc2b892661c119d5832d003886db8ad23fe0908586ad09b46618a165e490e7a2e38e0d59bf869915bab1b801e6fda3b076b39bca2b7a551bde503f3e78909a618a6345512de8405fa5eb942f92a4f84de39d97c35f3583d1c66e65c026e47aa7e3071ffe45a476777ff82fc397a17d1ed110603c4acf671da1681f72b0a37f29105b421431d38c7a1e7da4a4fcdee7ee522e0795d9c6410cfbd4948022932c364fc0bf372588d8ed5b61a0fcfc915615b4edbf98b3b8ec13bdb23ab030ab0d983facd25cb70167e91f6b138898830b406a305efa874050dd72e35ad22b6f2d117db97041b95f95661c330da7ea17f1905c8f545f42a3339c6afb4ea5ecadf11a9be1af5fd4a3f4c030cb77a535cda95c223feb99c90dcf4c7c805306ece8025ffe82b768ebfdb1996b044df19b20d778cfa7672681f66b55102c6425cae75f9d387a1e1e97bf44a1148f9ca35de9633117d4639e99ab14e28e34c834a319b49486c81bbd93d7a9f43932a059b7a09eeeda6f947e02ba2b84a6d8dcdfc669b78e2f84286959efef1e69e83af7e07cfc619fdbdd02110951769f27292f509454749db908d8c355e4b66297b3ea05fbfc98ee50a25df7299409a5d3ad929805d87c5a38ca2eba69203c35428824dbb8934419fea22ccd9c98c3378b78c511e5f8db81db8659b807c32a2196fb361055594e2f80349694751ef0292296e9925977499fa03a51db9a0c77ced3a658c41a7d908860457141d5bf6147145dec1b532361e2e8ac5791f34d40d2451b290ed326065ace1b873570d249903c1db42ad44f542f4f59640ede2b74bc483283f0ed366f2851108658e3b92064be095e5e083f2f5ca0fac55fa370981f8e6d4f103dfbe475174d925aad8c001cea9894fa9f53726ce7c953f4abdfd6465edac3dd6a2a2e31cb4e53d3af0bcd7ea916b3887aee86c4e53d0afa516907523346cbc458d23812257c680e4737bb14d867dace80a3dfaffe4ee7f26d9103f1c59735340524b98cba6514fe1186c1a444b548c85ad1a39f5c12d4004a16a730dc3065a409d44af9996150100904befeb6271dd93c8b991edeb75a2f6d527a51ca2f838ae87f3c274f48ee0ac7adca2a0983d6f3c1a2bd3d5abcfc72b9becedc6aace67f16a38d9231d32397f2c0b0343d2736983bf4a3bfcb0fd4e6cae6fe7c9de407cc2c74abd373aeac17427a96700aee1f31f1f7c250d7b0e52a4db3e9ebdc633f1bf764516f484ab3d32efffd1862955a37128dfa673c7039801c46e7046adc33b5c2181329d40e4b4a6000f002aa74a5bb2d0752984fe9e6131850104d0b4c74acfbbbf65b2873c6a60f43e74c1a77f9e578ed58f02de3003fa84b70edc5321f8b5d6f8e4f347c41a22de247ecdea56daeeb93443db523cf04dd3fe0a9df4ca5c5c4bc718f6c6e23ed61b0b5ce6a0b80f9f88e61f4026234b604bf7746a2a03d19c5d579e9b13cae73b376f84e0f6cb7996364c964f16df3473b03d30cb22e6f9f9705ccabef878a991b8cf65a452fcecc77e22559188b9b3b6b1cf2572f63378be17a2423e461a449f5cb0011138776613366044c0dd58a3623ba396a1663b239bf827032964902cae9bf0afe39c87e923f69473a0b9fdcb7107fc232339b942d6d18e8b882c3b5aa6255d723221f0717f516476273480d1975d4bd48353e7582e18c2fb3b8c632c9cc48b4ce4669aa7cdc2b18a755fdd37a16a75375b9698827d15d52604db04dbdcbb8685b865a2cbededfdc66088860ed81f42896c7a272c7c919c50f8c09076e009aae89c092d510b44b7156bc775875466902e91535cfe9cc209097707a608bedbfd44fae8d6ebdbda5857838a93f0c14c778cde54490ccbe1cf183da165c14ddfca827c1faf6ba613a9518bec387c4bfb2cdd28abac3c8a0b2ebceca789b94301a0ba88e4d3c74178a9902db3e8111ac702cda4097126ee07f8d4384ebe041d3edd442eded5773ec6ccfdaff82cbbc79a88b65ab20479535ccfb791d2f37cf87d0a3ff696a23d02200c8a3c857aa808150d2750739db239ca0f9cb011f6f4f840c44c8365470678ab3dd07649df0807da62491318575a1e13d8a50e219d0f26a13bfc60b0390aab5cbc49ee0774059f4a2ccc327ca1ffed6f1f9b07453d2d0ee7206d31b6d5dafcf2bb214f9621c2fce10d7b9d6353fc0dcaa96a9ca832d67c92da52d511f1b38c72520be7a70aa18d75ead9981ce08cc2d3be4b9e47a5b5cfe5ca4577342e37c50024aa6a7991b2954bea6776467c0bb66e2ca0186d2a0e985658137de0bb4cc5702b6ee210f3ea053a760be48bb57025981644a3f89b24488a4be2c36f83075c3a9e48eb188331b45b6fa96615d8cfe79a918bf527a2bd7497ff2d08569fcbf876b2613f4a86a92dc7a37c36290f6155a4634bd156ca1a04b9171e60c8d9b1e9990ecf7909b558309cd666b2be88e2ff9fae663406758ea3f78a46e59a017b50b287785f0bec0f1622c55f351af30fdb39e8447529621a2bfdbd5eed23ee215051e547cf8817d48a5abca3c0190f04f2bfedf6aeb2c2be86872ef2e1370b21bebe551ec979dfd440f1c935e86e936fc9629857e7ec82e65c13fba33f3be8cd79bf991fd325567dd5126f36bf9f61abc961501c6bfaf071bc3f348671a398874f6d8398678df57e752985ea66d9df580ece79a2758918b2c5037f71f3bb76904a7df09acf36e85d70bf172a360c7b4ee92c53dbe951d9d0107edeecc815807fe291ec1c772ea3edb9a07427d8b59229d726329e09c904c9abce822b6109f150d9fe3490ffba67e5e10686bb28d1eec8b8e16e471e370dd3970ee005448836c6a9cc9d5e5f61c13d282cade4f8e91455d71f69184b5388e58c2062bbf5d857f530e8c424caefd16a3039240ed28ad627eb60ee9659c57d10154fa73f09082087af308f633f8dbbca98e8d0410a399229349664633f678906757ced29e621783fcb86ac875e5bf1223189df2e20e03ad53c995aa16411526565f57fa1ed94795e9d8483a0b28dbcec52cabbd1eac4a0a552f8d81f4099637111507b5bfb578d6cca61da614a802aa528b0dc178dd447386308c98ee175ebb8433b048e5f6544404f0dd6be557a046e1cfbe65532452036ed0f31048aa13d3c4412b3f10894025799029515aefcb30a0421d967b6167917e9f043d8899adeb06f2de9492aacd94b02562a5a5fa168c22e06b7471a1d571e603a579285011f36d4285ab63a97b50ccb8a81a863d1fdb6ad2f9d98e50439ac999333967b9409d623475884d6ac3bbfc1f92f679f0e1eadacecb559fe92ea1f275e97c469b51c5ec1232fb6dc0bb5e2dbbb0fc36e2c76a0283adb2344d9315479b4ca21b0c0761d1fefe8cd510e018b2722e02a297be6dcbf229940bafc996c1d8a7a3152744b437481bc9c09f5e65f64a717a299206ea363da8663c98fc657cf63b8c14dcd6787b823531c5276a1c1f8fd289db338f2c0cab272c32ec1100da2a02942b846ebc0ae518158f9cbcd70a470a799927f20b265c9fd19cae8ec102613a50b9ec7ae790d8492cd222ca7c495d98a120f72f84f6f87581f56a6fbc277563213ab397279410cf2805d9b9c3aaf4d57cfc129efd9d64850336ccdc18c32fe288a71689ba8842f5afea2d65513aace243250e279ebdcaa028156c574f4a130414e9eade1b5bb8df2fae2345894ecc4bcf7252bf3458b6f0728a0f0618d0244d45a17f71102c18bf5d0fc9bce613c3ed89510822ba65744fdba582836edeb15b839f0a68bfb2c6761a248da84499dadeebabf0d3fe42b45c3c6d69c1f1af6c80a57092226e31f50046c8542cf92dd7bea171d3fef9910985173fd8d4cde5b529e8cae059d58b649535f58a71fae922540dccf75333e8a69236c1c99701f697c90e733f5f13102e024f9715854b6720075f08cc86cd629ea9c20a16a650acc5f686c87fa2a3b8a7416b7849ae64acf4e14878eafa78f74286225c57ed18949e151e171fe6533eb8a3a59c76e255a8fc813d78725729fc95e9611151cee3e03eea7adcd2f93e918c5f32d2d2f10774bcb8aa0f0076f10bb72d50d173a52b9ce435742f84561c76de52641c055fd2c1784ed382c14adbe325e23dad5354868f470d453291a584fedafc9d36694e8f8e61b7d58470e5338e7e2c15f3433faaba73471576fdb6c01075bfc9fd28c7ffbd6058c79837fc34f1dfb744845b7964846a89c9bd8935d0f88f866a382ff1873003b7dc80894e25d7a4f8a0e5cf2143d380c5793511bb8a7bf46062d6103f9d5c7801e2907a199540c8844ee8837af231a2bc1c3bdf35025f97d06ef96432c5d08f5fc1ba47abbf4eefc38447895a889eaf991cdce796f55e0f6805bf092ee76f9f07ae36091b1cafde9a40541b37f4b6e34d3b19f359f80235c2cb93ebce084188d00b61fc57f027070e54ad328f188cd7ddf35d96280b11caef232a8b37501062513186be81e3810be18930f81e22f2b400f5fa0c7bc31ee8d5dc5b12b48f23718a32536a30535f9ef311f99db88892828691b0529c30fc6dadda3938dc7e66f642b97826220f8700e839c9033198140ab60a370958284da13cb70e41318d3861f3dac1e0439b45485b3beccb8ec0389b9746d6e94900ec4dcf2d3e8e03bb1ea26c616a09000e4ec820dddc9811eef9dd2d8284c2e85b9a510f4ca3058ca"})
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r6, &(0x7f0000000000), 0xd)
close(r0)
r7 = open(&(0x7f0000000000)='./file0\x00', 0x502, 0x98)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newchain={0x6c, 0x64, 0x1, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xfff2, 0xd}, {0xf, 0xd}, {0x4, 0xd}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_ADDEND={0x8, 0x5, 0x5}, @TCA_FLOW_RSHIFT={0x8, 0x4, 0x8001}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1d04e}, @TCA_FLOW_ADDEND={0x8, 0x5, 0x7}]}}, @filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x5317}]}}]}, 0x6c}}, 0x48010)
sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180100"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)
fcntl$setlease(r7, 0x400, 0x1)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r7, 0x541b, &(0x7f0000000040)={<r9=>0xffffffffffffffff})
close_range(r9, 0xffffffffffffffff, 0x0)

1.347499592s ago: executing program 1 (id=981):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20)
r2 = accept4$phonet_pipe(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000380)=0x10, 0x80000)
fstat(r2, &(0x7f00000004c0)) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/power/mem_sleep', 0x0, 0x63)
mkdir(&(0x7f0000000580)='.\x00', 0x0) (async)
getsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, &(0x7f0000000040), &(0x7f00000000c0)=0x4) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x2, &(0x7f00000003c0)=[{0x74, 0x0, 0x0, 0x1}, {0x6}]}) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000100)={<r6=>0xffffffffffffffff})
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="280000001e000100000000000000000007000000", @ANYRES32=r7, @ANYBLOB="000002000a00859f9f5c000000712ed3bb7c6720eb3fe8f842214ddbb200000060c076a7c687ce6765e440ec89bc612744b83a9a44ec41e838881fb34f46c5482fda7175a3149433f5bb1bf1f8275a9c57eee21b69315a4e53ac012ec424f23db9528aaf753f5342674019ccb8239a62ed9ecc86570eda7bb501f29b8c343e7127360d54d263558b8b874a5766f4edff39d4033249d9ece3b458c94caa3ff722fc03ebe5f59aea57ea7d82077d72c84f9f2d2d15fd5a73dd325dbd0e4b21f57ef9982932e95c7b59e18fe6978cc6563b862ecfc125849b4672d44047c6225da3ff726b3124b49d327c0ae1ae8e563e136f18cd16bf60bb8a97d560ddbe0775bd48cae230f4aa3b78d5ef8ee99e6e5b19d020bf7fb6043bea2922a7028ddd311577d5871ebbfbdf86b223088ff4d4844bffffcb05e26f14240c8b2ded55bb7f712871552fa4775e10e4e0eb07bdf6c4f93ea495e2ed24ec84da1d147b6528a0744c036002619e93052a7b26712013eec3e9184469400166470e4dd303ece20a0b1c"], 0x28}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x801, 0x0, 0x1, {0x0, 0x0, 0x0, r7, 0x6002, 0x4411e}, [@IFLA_IFALIAS={0x14, 0x14, 'syzkaller1\x00'}, @IFLA_EVENT={0x8, 0x2c, 0x8}, @IFLA_NET_NS_FD={0x8, 0x1c, r4}]}, 0x44}}, 0x0)

597.716926ms ago: executing program 2 (id=982):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x3, 0x803, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x9) (async, rerun: 64)
r1 = getpid() (rerun: 64)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) (async, rerun: 32)
r2 = socket$inet(0x2, 0x2, 0x1) (rerun: 32)
setsockopt$inet_int(r2, 0x0, 0x13, &(0x7f0000000040)=0x7, 0x4) (async)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='veth1_vlan\x00', 0x10) (async)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x60000000}, 0x1c9477516a687e1a)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), r0)
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000540)=ANY=[@ANYBLOB="171eb6c4ae74ad6027fc782c0e1640a9001e00b9518c11eb", @ANYRES16=r3, @ANYBLOB="000126bd7000fbdbdf250f0000002000058007000100696200000c00028008000400080000000800010065746800140003800800010007000000080001000900000018000580070001006962000004000280080001006574680024000380080001000800000008000100cc000000080003000600000008000100080000000c00038008000300070000001400058007000100696200000700010069620000"], 0xa4}, 0x1, 0x0, 0x0, 0x8800}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async, rerun: 32)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) (async, rerun: 32)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) (async, rerun: 32)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (rerun: 32)
r6 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0x0, 0x3080, 0x8003, 0x25f}, &(0x7f0000000240)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0) (async)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000010007e000000000000000000000000c0c9754b6bc8000001"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00', r9}, 0x10) (async)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'dummy0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newqdisc={0x24, 0x25, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {0x5, 0x10}, {}, {0xc}}}, 0x24}}, 0x40080ca) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) (async)
syz_io_uring_submit(r7, r8, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x68, 0x3, r6, 0x0, 0x0, 0x0, 0x1, 0x1, {0x2}}) (async, rerun: 32)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 32)
sendmsg$IPCTNL_MSG_EXP_NEW(r12, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000001e40)=ANY=[@ANYBLOB="1c0000000002010100000000000000028200"/28], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

597.499368ms ago: executing program 2 (id=983):
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x81, 0x2800) (async)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x81, 0x2800)
ioctl$SNDRV_PCM_IOCTL_PAUSE(r0, 0x40044145, &(0x7f0000000140)=0xd) (async)
ioctl$SNDRV_PCM_IOCTL_PAUSE(r0, 0x40044145, &(0x7f0000000140)=0xd)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r0, 0x40044149, &(0x7f0000000080)=0xffffff81)
socket$igmp(0x2, 0x3, 0x2)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0) (async)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000100)=0x1) (async)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000100)=0x1)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x28, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x0)
syz_usb_disconnect(r3)
syz_usb_connect$cdc_ecm(0x5, 0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000102505a1a4400000000101090244000101000000090400001202060000052406000005240000000d240f00e50000008700060000090581030002"], 0x0)
ioctl$EVIOCRMFF(r3, 0x4004550f, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0xed82) (async)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0xed82)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xb635773f06ebbeea, 0x8031, r3, 0x2000) (async)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xb635773f06ebbeea, 0x8031, r3, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) (async)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCADDRT(r6, 0x890b, &(0x7f0000000140)={0xfd00, @l2tp={0x2, 0x0, @local, 0x3, 0x1000000}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, @ax25={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x1}, 0x4fe, 0x0, 0x0, 0x0, 0x2000, 0x0, 0xfd, 0xffffffff}) (async)
ioctl$sock_SIOCADDRT(r6, 0x890b, &(0x7f0000000140)={0xfd00, @l2tp={0x2, 0x0, @local, 0x3, 0x1000000}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, @ax25={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x1}, 0x4fe, 0x0, 0x0, 0x0, 0x2000, 0x0, 0xfd, 0xffffffff})
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r7, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x7e}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @remote, 0x4e20, 0x1, 'lc\x00', 0x8, 0x323b, 0x55}, {@dev={0xac, 0x14, 0x14, 0xf}, 0x4e23, 0x10000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)

490.199226ms ago: executing program 1 (id=984):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x4, 0xa, 0x40}, 0x50)
close(0x3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800020001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r4}, 0x10)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
sched_getattr(0x0, &(0x7f00000000c0)={0x38}, 0x38, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$HCIINQUIRY(r5, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r5, 0x400448c9, 0x0)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
sendto$inet(r6, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0)

227.354826ms ago: executing program 0 (id=985):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x10, 0x1, 0x24, 0x403}}], 0x10}, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/pm_print_times', 0x169a82, 0x0)
sendfile(r2, r2, 0x0, 0x7)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000202, 0x0, 0x0)
munlockall()
madvise(&(0x7f0000597000/0x1000)=nil, 0x1000, 0x13)
mlock(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x12, 0x3, 0x0, 0x0}, 0x94)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0), 0x42782, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000100)=0x10000002)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
faccessat(r3, 0x0, 0x102)
socket$tipc(0x1e, 0x2, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000080)=0xffff2abf)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xb, &(0x7f0000000300)={0x40008, 0x401}, 0x0)
syz_clone(0x11, 0x0, 0xb, 0x0, 0x0, 0x0)
r5 = landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0)

0s ago: executing program 0 (id=986):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x4, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
syz_open_dev$midi(&(0x7f0000000180), 0x7ff, 0x200)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000280))
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000240)=0x28e)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r2, 0xf503, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000001580)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in=@local, 0x0, 0x0, 0x4e24, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0x5c}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x4d2, 0x33}, 0x0, @in=@private=0xa010100, 0x3506, 0x0, 0x2, 0xb7, 0x2}}, 0xe8)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)

kernel console output (not intermixed with test programs):

 bytes leftover after parsing attributes in process `syz.2.244'.
[   95.215609][ T7123] netlink: 20 bytes leftover after parsing attributes in process `syz.3.245'.
[   95.247294][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   95.408631][ T5340] Bluetooth: hci3: unexpected event for opcode 0x40a9
[   95.740954][ T7168] Bluetooth: MGMT ver 1.23
[   95.762468][ T7170] comedi comedi3: comedi_config --init_data is deprecated
[  109.530411][ T7221] netlink: 8 bytes leftover after parsing attributes in process `syz.1.259'.
[  109.695665][ T7231] bond0: entered promiscuous mode
[  109.699126][ T7231] bond_slave_0: entered promiscuous mode
[  109.706583][ T7231] bond_slave_1: entered promiscuous mode
[  109.711989][ T7231] batadv0: entered promiscuous mode
[  109.714207][ T7231] hsr1: entered allmulticast mode
[  109.715803][ T7231] bond0: entered allmulticast mode
[  109.718349][ T7231] bond_slave_0: entered allmulticast mode
[  109.720236][ T7231] bond_slave_1: entered allmulticast mode
[  109.722026][ T7231] batadv0: entered allmulticast mode
[  109.723881][ T7231] 8021q: adding VLAN 0 to HW filter on device hsr1
[  109.728348][ T7231] bond0: left promiscuous mode
[  109.730338][ T7231] bond_slave_0: left promiscuous mode
[  109.732724][ T7231] bond_slave_1: left promiscuous mode
[  109.734956][ T7231] batadv0: left promiscuous mode
[  110.374563][ T7268] netlink: 8 bytes leftover after parsing attributes in process `syz.1.272'.
[  110.562446][ T7273] FAULT_INJECTION: forcing a failure.
[  110.562446][ T7273] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  110.567842][ T7273] CPU: 2 UID: 0 PID: 7273 Comm: syz.0.274 Not tainted syzkaller #0 PREEMPT(full) 
[  110.567858][ T7273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.567864][ T7273] Call Trace:
[  110.567868][ T7273]  <TASK>
[  110.567873][ T7273]  dump_stack_lvl+0x16c/0x1f0
[  110.567891][ T7273]  should_fail_ex+0x512/0x640
[  110.567908][ T7273]  _copy_from_user+0x2e/0xd0
[  110.567924][ T7273]  get_compat_msghdr+0xa7/0x170
[  110.567938][ T7273]  ? __pfx_get_compat_msghdr+0x10/0x10
[  110.567956][ T7273]  ___sys_sendmsg+0x1ae/0x1d0
[  110.567971][ T7273]  ? __pfx____sys_sendmsg+0x10/0x10
[  110.567991][ T7273]  ? find_held_lock+0x2b/0x80
[  110.568010][ T7273]  __sys_sendmsg+0x16d/0x220
[  110.568024][ T7273]  ? __pfx___sys_sendmsg+0x10/0x10
[  110.568037][ T7273]  ? __pfx_bpf_trace_run2+0x10/0x10
[  110.568054][ T7273]  ? syscall_trace_enter+0x1cb/0x240
[  110.568071][ T7273]  ? rcu_is_watching+0x12/0xc0
[  110.568083][ T7273]  __do_fast_syscall_32+0x7c/0x3a0
[  110.568099][ T7273]  do_fast_syscall_32+0x32/0x80
[  110.568112][ T7273]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  110.568126][ T7273] RIP: 0023:0xf706e579
[  110.568134][ T7273] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  110.568144][ T7273] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  110.568154][ T7273] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  110.568160][ T7273] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  110.568165][ T7273] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  110.568171][ T7273] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  110.568176][ T7273] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  110.568189][ T7273]  </TASK>
[  110.646673][ T7275] random: crng reseeded on system resumption
[  110.652378][ T7275] Restarting kernel threads ...
[  110.654397][ T7275] Done restarting kernel threads.
[  111.582948][ T7278] overlayfs: statfs failed on './file0'
[  111.779035][ T7307] FAULT_INJECTION: forcing a failure.
[  111.779035][ T7307] name failslab, interval 1, probability 0, space 0, times 1
[  111.782927][ T7307] CPU: 2 UID: 0 PID: 7307 Comm: syz.0.284 Not tainted syzkaller #0 PREEMPT(full) 
[  111.782940][ T7307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.782947][ T7307] Call Trace:
[  111.782951][ T7307]  <TASK>
[  111.782954][ T7307]  dump_stack_lvl+0x16c/0x1f0
[  111.782972][ T7307]  should_fail_ex+0x512/0x640
[  111.782987][ T7307]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  111.783002][ T7307]  should_failslab+0xc2/0x120
[  111.783015][ T7307]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  111.783027][ T7307]  ? __alloc_skb+0x2b2/0x380
[  111.783043][ T7307]  __alloc_skb+0x2b2/0x380
[  111.783055][ T7307]  ? __pfx___alloc_skb+0x10/0x10
[  111.783067][ T7307]  ? aa_af_perm+0x170/0x240
[  111.783084][ T7307]  pfkey_sendmsg+0x16e/0x850
[  111.783102][ T7307]  ____sys_sendmsg+0xa98/0xc70
[  111.783113][ T7307]  ? __pfx_____sys_sendmsg+0x10/0x10
[  111.783122][ T7307]  ? get_compat_msghdr+0x11a/0x170
[  111.783141][ T7307]  ___sys_sendmsg+0x134/0x1d0
[  111.783155][ T7307]  ? __pfx____sys_sendmsg+0x10/0x10
[  111.783175][ T7307]  ? find_held_lock+0x2b/0x80
[  111.783194][ T7307]  __sys_sendmsg+0x16d/0x220
[  111.783208][ T7307]  ? __pfx___sys_sendmsg+0x10/0x10
[  111.783221][ T7307]  ? __pfx_bpf_trace_run2+0x10/0x10
[  111.783239][ T7307]  ? syscall_trace_enter+0x1cb/0x240
[  111.783255][ T7307]  ? rcu_is_watching+0x12/0xc0
[  111.783271][ T7307]  __do_fast_syscall_32+0x7c/0x3a0
[  111.783287][ T7307]  do_fast_syscall_32+0x32/0x80
[  111.783301][ T7307]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  111.783314][ T7307] RIP: 0023:0xf706e579
[  111.783322][ T7307] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  111.783332][ T7307] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  111.783342][ T7307] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  111.783348][ T7307] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  111.783354][ T7307] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  111.783360][ T7307] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  111.783365][ T7307] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  111.783378][ T7307]  </TASK>
[  112.032484][ T7319] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.165977][ T7319] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.434579][ T7319] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.538382][ T7319] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.616442][ T1147] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.625799][ T1147] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.636257][   T13] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.674729][   T13] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  112.815531][ T7346] netlink: 'syz.0.296': attribute type 4 has an invalid length.
[  112.833505][ T7346] netlink: 'syz.0.296': attribute type 4 has an invalid length.
[  113.492085][ T7387] FAULT_INJECTION: forcing a failure.
[  113.492085][ T7387] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.496148][ T7387] CPU: 2 UID: 0 PID: 7387 Comm: syz.1.307 Not tainted syzkaller #0 PREEMPT(full) 
[  113.496163][ T7387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.496169][ T7387] Call Trace:
[  113.496172][ T7387]  <TASK>
[  113.496177][ T7387]  dump_stack_lvl+0x16c/0x1f0
[  113.496195][ T7387]  should_fail_ex+0x512/0x640
[  113.496212][ T7387]  _copy_from_iter+0x29f/0x1720
[  113.496229][ T7387]  ? __build_skb_around+0x278/0x3b0
[  113.496241][ T7387]  ? __pfx__copy_from_iter+0x10/0x10
[  113.496257][ T7387]  ? __pfx___alloc_skb+0x10/0x10
[  113.496269][ T7387]  ? aa_af_perm+0x170/0x240
[  113.496286][ T7387]  pfkey_sendmsg+0x1da/0x850
[  113.496308][ T7387]  ____sys_sendmsg+0xa98/0xc70
[  113.496320][ T7387]  ? __pfx_____sys_sendmsg+0x10/0x10
[  113.496329][ T7387]  ? get_compat_msghdr+0x11a/0x170
[  113.496348][ T7387]  ___sys_sendmsg+0x134/0x1d0
[  113.496363][ T7387]  ? __pfx____sys_sendmsg+0x10/0x10
[  113.496383][ T7387]  ? find_held_lock+0x2b/0x80
[  113.496402][ T7387]  __sys_sendmsg+0x16d/0x220
[  113.496415][ T7387]  ? __pfx___sys_sendmsg+0x10/0x10
[  113.496428][ T7387]  ? __pfx_bpf_trace_run2+0x10/0x10
[  113.496446][ T7387]  ? syscall_trace_enter+0x1cb/0x240
[  113.496463][ T7387]  ? rcu_is_watching+0x12/0xc0
[  113.496475][ T7387]  __do_fast_syscall_32+0x7c/0x3a0
[  113.496490][ T7387]  do_fast_syscall_32+0x32/0x80
[  113.496504][ T7387]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  113.496517][ T7387] RIP: 0023:0xf7f68579
[  113.496525][ T7387] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  113.496535][ T7387] RSP: 002b:00000000f547655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  113.496547][ T7387] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  113.496553][ T7387] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  113.496559][ T7387] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  113.496564][ T7387] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  113.496570][ T7387] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  113.496582][ T7387]  </TASK>
[  113.816815][ T7396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.308'.
[  114.117272][ T7424] FAULT_INJECTION: forcing a failure.
[  114.117272][ T7424] name failslab, interval 1, probability 0, space 0, times 0
[  114.122127][ T7424] CPU: 3 UID: 0 PID: 7424 Comm: syz.2.319 Not tainted syzkaller #0 PREEMPT(full) 
[  114.122141][ T7424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.122147][ T7424] Call Trace:
[  114.122151][ T7424]  <TASK>
[  114.122156][ T7424]  dump_stack_lvl+0x16c/0x1f0
[  114.122174][ T7424]  should_fail_ex+0x512/0x640
[  114.122188][ T7424]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  114.122202][ T7424]  should_failslab+0xc2/0x120
[  114.122216][ T7424]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  114.122228][ T7424]  ? skb_clone+0x190/0x3f0
[  114.122244][ T7424]  skb_clone+0x190/0x3f0
[  114.122258][ T7424]  pfkey_process+0xc6/0x840
[  114.122276][ T7424]  ? rcu_is_watching+0x12/0xc0
[  114.122287][ T7424]  ? __pfx_pfkey_process+0x10/0x10
[  114.122301][ T7424]  ? __mutex_lock+0x1c5/0x1060
[  114.122323][ T7424]  ? aa_af_perm+0x170/0x240
[  114.122340][ T7424]  pfkey_sendmsg+0x435/0x850
[  114.122356][ T7424]  ____sys_sendmsg+0xa98/0xc70
[  114.122368][ T7424]  ? __pfx_____sys_sendmsg+0x10/0x10
[  114.122377][ T7424]  ? get_compat_msghdr+0x11a/0x170
[  114.122396][ T7424]  ___sys_sendmsg+0x134/0x1d0
[  114.122411][ T7424]  ? __pfx____sys_sendmsg+0x10/0x10
[  114.122431][ T7424]  ? find_held_lock+0x2b/0x80
[  114.122450][ T7424]  __sys_sendmsg+0x16d/0x220
[  114.122463][ T7424]  ? __pfx___sys_sendmsg+0x10/0x10
[  114.122476][ T7424]  ? __pfx_bpf_trace_run2+0x10/0x10
[  114.122494][ T7424]  ? syscall_trace_enter+0x1cb/0x240
[  114.122510][ T7424]  ? rcu_is_watching+0x12/0xc0
[  114.122526][ T7424]  __do_fast_syscall_32+0x7c/0x3a0
[  114.122542][ T7424]  do_fast_syscall_32+0x32/0x80
[  114.122556][ T7424]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  114.122569][ T7424] RIP: 0023:0xf7f75579
[  114.122577][ T7424] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  114.122587][ T7424] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  114.122597][ T7424] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  114.122604][ T7424] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  114.122609][ T7424] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  114.122615][ T7424] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  114.122620][ T7424] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  114.122633][ T7424]  </TASK>
[  114.127815][ T7427] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  114.167620][ T7430] netlink: 24 bytes leftover after parsing attributes in process `syz.2.321'.
[  114.462564][ T7441] sp0: Synchronizing with TNC
[  114.477026][    T9] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  114.627073][    T9] usb 7-1: Using ep0 maxpacket: 8
[  114.638670][    T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  114.641699][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  114.644693][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  114.678431][    T9] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  114.686677][    T9] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  114.689937][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.773895][ T7457] FAULT_INJECTION: forcing a failure.
[  114.773895][ T7457] name failslab, interval 1, probability 0, space 0, times 0
[  114.782313][ T7457] CPU: 0 UID: 0 PID: 7457 Comm: syz.0.329 Not tainted syzkaller #0 PREEMPT(full) 
[  114.782328][ T7457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.782335][ T7457] Call Trace:
[  114.782339][ T7457]  <TASK>
[  114.782344][ T7457]  dump_stack_lvl+0x16c/0x1f0
[  114.782361][ T7457]  should_fail_ex+0x512/0x640
[  114.782388][ T7457]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  114.782403][ T7457]  should_failslab+0xc2/0x120
[  114.782416][ T7457]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  114.782428][ T7457]  ? __alloc_skb+0x2b2/0x380
[  114.782443][ T7457]  __alloc_skb+0x2b2/0x380
[  114.782455][ T7457]  ? __pfx___alloc_skb+0x10/0x10
[  114.782467][ T7457]  ? aa_af_perm+0x170/0x240
[  114.782484][ T7457]  pfkey_sendmsg+0x479/0x850
[  114.782502][ T7457]  ____sys_sendmsg+0xa98/0xc70
[  114.782513][ T7457]  ? __pfx_____sys_sendmsg+0x10/0x10
[  114.782522][ T7457]  ? get_compat_msghdr+0x11a/0x170
[  114.782541][ T7457]  ___sys_sendmsg+0x134/0x1d0
[  114.782555][ T7457]  ? __pfx____sys_sendmsg+0x10/0x10
[  114.782575][ T7457]  ? find_held_lock+0x2b/0x80
[  114.782595][ T7457]  __sys_sendmsg+0x16d/0x220
[  114.782608][ T7457]  ? __pfx___sys_sendmsg+0x10/0x10
[  114.782621][ T7457]  ? __pfx_bpf_trace_run2+0x10/0x10
[  114.782639][ T7457]  ? syscall_trace_enter+0x1cb/0x240
[  114.782655][ T7457]  ? rcu_is_watching+0x12/0xc0
[  114.782668][ T7457]  __do_fast_syscall_32+0x7c/0x3a0
[  114.782683][ T7457]  do_fast_syscall_32+0x32/0x80
[  114.782697][ T7457]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  114.782710][ T7457] RIP: 0023:0xf706e579
[  114.782719][ T7457] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  114.782728][ T7457] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  114.782738][ T7457] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  114.782744][ T7457] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  114.782750][ T7457] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  114.782756][ T7457] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  114.782761][ T7457] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  114.782774][ T7457]  </TASK>
[  114.904724][    T9] usb 7-1: GET_CAPABILITIES returned 0
[  114.906504][    T9] usbtmc 7-1:16.0: can't read capabilities
[  115.108103][ T7430] input: syz0 as /devices/virtual/input/input7
[  115.110122][ T7430] input: failed to attach handler leds to device input7, error: -6
[  115.125285][    T9] usb 7-1: USB disconnect, device number 9
[  115.260271][ T7471] autofs: Unknown parameter 'Z�qD���C�7D��&C$��뙾�4�_�4DY!�I�u���&�}Ƌ�m{DL�"fa&�]���J��A'
[  115.978383][ T7499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.341'.
[  116.047685][ T7499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.341'.
[  116.619600][ T7515] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  116.622228][ T7515] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  116.625626][ T7515] vhci_hcd vhci_hcd.0: Device attached
[  116.773968][ T7519] lo speed is unknown, defaulting to 1000
[  116.876848][   T61] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  116.907578][ T7531] FAULT_INJECTION: forcing a failure.
[  116.907578][ T7531] name failslab, interval 1, probability 0, space 0, times 0
[  116.911487][ T7531] CPU: 2 UID: 0 PID: 7531 Comm: syz.2.348 Not tainted syzkaller #0 PREEMPT(full) 
[  116.911506][ T7531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  116.911520][ T7531] Call Trace:
[  116.911524][ T7531]  <TASK>
[  116.911528][ T7531]  dump_stack_lvl+0x16c/0x1f0
[  116.911545][ T7531]  should_fail_ex+0x512/0x640
[  116.911559][ T7531]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  116.911573][ T7531]  should_failslab+0xc2/0x120
[  116.911587][ T7531]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  116.911599][ T7531]  ? skb_clone+0x190/0x3f0
[  116.911614][ T7531]  skb_clone+0x190/0x3f0
[  116.911628][ T7531]  pfkey_broadcast_one+0xb9/0x380
[  116.911643][ T7531]  pfkey_broadcast+0x293/0x460
[  116.911659][ T7531]  pfkey_sendmsg+0x756/0x850
[  116.911675][ T7531]  ____sys_sendmsg+0xa98/0xc70
[  116.911687][ T7531]  ? __pfx_____sys_sendmsg+0x10/0x10
[  116.911696][ T7531]  ? get_compat_msghdr+0x11a/0x170
[  116.911715][ T7531]  ___sys_sendmsg+0x134/0x1d0
[  116.911729][ T7531]  ? __pfx____sys_sendmsg+0x10/0x10
[  116.911749][ T7531]  ? find_held_lock+0x2b/0x80
[  116.911768][ T7531]  __sys_sendmsg+0x16d/0x220
[  116.911782][ T7531]  ? __pfx___sys_sendmsg+0x10/0x10
[  116.911795][ T7531]  ? __pfx_bpf_trace_run2+0x10/0x10
[  116.911813][ T7531]  ? syscall_trace_enter+0x1cb/0x240
[  116.911830][ T7531]  ? rcu_is_watching+0x12/0xc0
[  116.911842][ T7531]  __do_fast_syscall_32+0x7c/0x3a0
[  116.911857][ T7531]  do_fast_syscall_32+0x32/0x80
[  116.911871][ T7531]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  116.911884][ T7531] RIP: 0023:0xf7f75579
[  116.911892][ T7531] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  116.911901][ T7531] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  116.911911][ T7531] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  116.911917][ T7531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  116.911923][ T7531] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  116.911928][ T7531] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  116.911934][ T7531] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  116.911947][ T7531]  </TASK>
[  117.147398][ T7516] vhci_hcd: connection reset by peer
[  117.167570][   T97] vhci_hcd: stop threads
[  117.169355][   T97] vhci_hcd: release socket
[  117.181016][   T97] vhci_hcd: disconnect device
[  117.306074][ T7549] netlink: 8 bytes leftover after parsing attributes in process `syz.1.355'.
[  117.309976][ T7549] netlink: 4 bytes leftover after parsing attributes in process `syz.1.355'.
[  117.327127][   T12] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  117.330006][   T12] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  117.336958][   T12] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  117.339553][   T12] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  117.358386][ T7559] netlink: 4 bytes leftover after parsing attributes in process `syz.2.357'.
[  117.551922][ T7574] netlink: 'syz.1.361': attribute type 74 has an invalid length.
[  118.226958][    C3] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  118.433550][ T7586] netlink: 12 bytes leftover after parsing attributes in process `syz.3.364'.
[  119.255492][ T7609] FAULT_INJECTION: forcing a failure.
[  119.255492][ T7609] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.259858][ T7609] CPU: 3 UID: 0 PID: 7609 Comm: syz.3.371 Not tainted syzkaller #0 PREEMPT(full) 
[  119.259872][ T7609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.259878][ T7609] Call Trace:
[  119.259882][ T7609]  <TASK>
[  119.259886][ T7609]  dump_stack_lvl+0x16c/0x1f0
[  119.259904][ T7609]  should_fail_ex+0x512/0x640
[  119.259921][ T7609]  _copy_from_user+0x2e/0xd0
[  119.259938][ T7609]  kstrtouint_from_user+0xd6/0x1d0
[  119.259950][ T7609]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  119.259962][ T7609]  ? __lock_acquire+0xb97/0x1ce0
[  119.259982][ T7609]  proc_fail_nth_write+0x83/0x220
[  119.259994][ T7609]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  119.260008][ T7609]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  119.260018][ T7609]  vfs_write+0x29d/0x11d0
[  119.260033][ T7609]  ? __pfx_vfs_write+0x10/0x10
[  119.260044][ T7609]  ? find_held_lock+0x2b/0x80
[  119.260057][ T7609]  ? __fget_files+0x20e/0x3c0
[  119.260073][ T7609]  ksys_write+0x12a/0x250
[  119.260084][ T7609]  ? __pfx_ksys_write+0x10/0x10
[  119.260094][ T7609]  ? syscall_trace_enter+0x1cb/0x240
[  119.260111][ T7609]  ? rcu_is_watching+0x12/0xc0
[  119.260123][ T7609]  __do_fast_syscall_32+0x7c/0x3a0
[  119.260139][ T7609]  do_fast_syscall_32+0x32/0x80
[  119.260153][ T7609]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  119.260166][ T7609] RIP: 0023:0xf702e579
[  119.260174][ T7609] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  119.260184][ T7609] RSP: 002b:00000000f541e590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  119.260196][ T7609] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f541e620
[  119.260202][ T7609] RDX: 0000000000000001 RSI: 00000000f73a4ff4 RDI: 0000000000000000
[  119.260208][ T7609] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  119.260213][ T7609] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  119.260219][ T7609] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  119.260231][ T7609]  </TASK>
[  119.406833][ T7618] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  119.408892][ T7618] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  119.416136][ T7618] vhci_hcd vhci_hcd.0: Device attached
[  119.435650][ T7618] netlink: 4 bytes leftover after parsing attributes in process `syz.1.367'.
[  119.558423][ T7624] lo speed is unknown, defaulting to 1000
[  119.677128][ T1333] usb 40-1: SetAddress Request (2) to port 0
[  119.685244][ T1333] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  120.004333][ T7635] netlink: 28 bytes leftover after parsing attributes in process `syz.3.376'.
[  120.067696][ T7637] random: crng reseeded on system resumption
[  120.144784][ T7635] netlink: 28 bytes leftover after parsing attributes in process `syz.3.376'.
[  120.162610][ T7619] vhci_hcd: connection reset by peer
[  120.204059][   T12] vhci_hcd: stop threads
[  120.205466][   T12] vhci_hcd: release socket
[  120.207154][   T12] vhci_hcd: disconnect device
[  120.429248][ T7635] netlink: 28 bytes leftover after parsing attributes in process `syz.3.376'.
[  120.628384][ T7647] usb usb8: usbfs: process 7647 (syz.2.378) did not claim interface 0 before use
[  120.632113][ T7648] usb usb8: usbfs: process 7648 (syz.2.378) did not claim interface 0 before use
[  120.652035][ T7645] netlink: 'syz.3.379': attribute type 11 has an invalid length.
[  120.917122][    T9] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  121.066959][    T9] usb 8-1: Using ep0 maxpacket: 8
[  121.072580][    T9] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  121.074921][    T9] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  121.081618][    T9] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  121.085355][    T9] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  121.089197][    T9] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  121.093617][    T9] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  121.099326][    T9] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  121.104018][    T9] usb 8-1: config 168 interface 0 has no altsetting 0
[  121.114398][    T9] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  121.119319][    T9] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  121.123657][    T9] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  121.128960][    T9] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  121.134043][    T9] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  121.139265][    T9] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  121.144748][    T9] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  121.151702][    T9] usb 8-1: config 168 interface 0 has no altsetting 0
[  121.162123][    T9] usb 8-1: config 168 descriptor has 1 excess byte, ignoring
[  121.165922][    T9] usb 8-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  121.169614][ T7656] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=35 (70 ns) > initial count (64 ns). Using initial count to start timer.
[  121.169664][    T9] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  121.169680][    T9] usb 8-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  121.169693][    T9] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  121.188667][    T9] usb 8-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  121.192457][    T9] usb 8-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  121.196673][    T9] usb 8-1: config 168 interface 0 has no altsetting 0
[  121.207403][    T9] usb 8-1: string descriptor 0 read error: -22
[  121.210307][    T9] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  121.214193][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.240317][    T9] adutux 8-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  121.445750][    T9] usb 8-1: USB disconnect, device number 2
[  121.937162][ T7666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.384'.
[  121.979280][ T5340] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  121.996842][   T61] vhci_hcd: vhci_device speed not set
[  122.557081][ T7696] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  122.559250][ T7696] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  122.562739][ T7696] vhci_hcd vhci_hcd.0: Device attached
[  122.969396][ T7707] tipc: Started in network mode
[  122.970992][ T7707] tipc: Node identity fe9a511a28ec, cluster identity 4711
[  122.973318][ T7707] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  122.978328][ T7707] syzkaller0: entered promiscuous mode
[  122.980326][ T7707] syzkaller0: entered allmulticast mode
[  122.989080][ T7706] tipc: Resetting bearer <eth:syzkaller0>
[  122.999074][ T7706] tipc: Disabling bearer <eth:syzkaller0>
[  123.069656][ T7699] vhci_hcd: connection closed
[  123.071556][   T97] vhci_hcd: stop threads
[  123.075234][   T97] vhci_hcd: release socket
[  123.077510][   T97] vhci_hcd: disconnect device
[  123.185016][ T7718] netlink: 4 bytes leftover after parsing attributes in process `syz.3.395'.
[  123.188568][ T7718] bridge_slave_1: left allmulticast mode
[  123.190592][ T7718] bridge_slave_1: left promiscuous mode
[  123.192607][ T7718] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.200458][ T7718] bridge_slave_0: left allmulticast mode
[  123.202374][ T7718] bridge_slave_0: left promiscuous mode
[  123.204581][ T7718] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.245075][ T7725] misc userio: No port type given on /dev/userio
[  123.436129][ T7737] netlink: 8 bytes leftover after parsing attributes in process `syz.3.403'.
[  123.986877][  T840] usb 8-1: new low-speed USB device number 3 using dummy_hcd
[  124.101986][ T7787] netlink: 36 bytes leftover after parsing attributes in process `syz.1.409'.
[  124.108369][ T7788] netlink: 8 bytes leftover after parsing attributes in process `syz.2.410'.
[  124.162300][  T840] usb 8-1: Invalid ep0 maxpacket: 16
[  124.196463][ T7788] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  124.286923][  T840] usb 8-1: new low-speed USB device number 4 using dummy_hcd
[  124.446982][  T840] usb 8-1: Invalid ep0 maxpacket: 16
[  124.454860][  T840] usb usb8-port1: attempt power cycle
[  124.787354][ T1333] usb 40-1: device descriptor read/8, error -110
[  124.826837][  T840] usb 8-1: new low-speed USB device number 5 using dummy_hcd
[  124.847397][  T840] usb 8-1: Invalid ep0 maxpacket: 16
[  124.976835][  T840] usb 8-1: new low-speed USB device number 6 using dummy_hcd
[  124.998458][  T840] usb 8-1: Invalid ep0 maxpacket: 16
[  125.000454][  T840] usb usb8-port1: unable to enumerate USB device
[  125.177602][ T1333] usb usb40-port1: attempt power cycle
[  125.257039][   T53] vhci_hcd: vhci_device speed not set
[  125.305254][ T7836] netlink: 'syz.0.421': attribute type 1 has an invalid length.
[  125.329917][   T34] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  125.368585][ T7833] fuse: Unknown parameter '�'
[  125.456878][   T34] usb 6-1: device descriptor read/64, error -71
[  125.707070][   T34] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  125.846886][   T34] usb 6-1: device descriptor read/64, error -71
[  125.957247][   T34] usb usb6-port1: attempt power cycle
[  126.317094][   T34] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  126.349955][   T34] usb 6-1: device descriptor read/8, error -71
[  126.390752][ T7876] netlink: 4 bytes leftover after parsing attributes in process `syz.2.427'.
[  126.394455][    C0] vcan0: j1939_xtp_rx_dat: no tx connection found
[  126.396492][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  126.398989][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  126.401479][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  126.403885][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  126.406285][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  126.408772][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  126.411318][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  126.413703][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  126.416013][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  126.418458][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  126.420986][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  126.423378][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  126.425750][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  126.428137][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  126.430459][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  126.432801][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  126.435163][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  126.437565][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  126.439873][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  126.442235][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  126.444612][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  126.547999][ T1333] usb usb40-port1: unable to enumerate USB device
[  126.586885][   T34] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  126.613596][   T34] usb 6-1: device descriptor read/8, error -71
[  126.621089][ T7879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.428'.
[  126.727239][   T34] usb usb6-port1: unable to enumerate USB device
[  126.807953][ T7886] mmap: syz.3.431 (7886) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  126.823590][ T7886] netlink: 'syz.3.431': attribute type 1 has an invalid length.
[  126.826443][ T7886] netlink: 224 bytes leftover after parsing attributes in process `syz.3.431'.
[  127.497440][ T7899] netlink: 36 bytes leftover after parsing attributes in process `syz.2.436'.
[  127.497450][ T7900] netlink: 36 bytes leftover after parsing attributes in process `syz.2.436'.
[  128.552233][ T7915] syz.0.438 (7915) used greatest stack depth: 18120 bytes left
[  128.552285][ T7907] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  128.559042][ T7907] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  128.561414][ T7907] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  128.563355][ T7907] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  128.663975][   T40] audit: type=1326 audit(1756803932.718:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.2.445" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  128.677065][   T40] audit: type=1326 audit(1756803932.718:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.2.445" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  128.701229][   T40] audit: type=1326 audit(1756803932.718:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.2.445" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  128.716100][   T40] audit: type=1326 audit(1756803932.718:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.2.445" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  128.722633][   T40] audit: type=1326 audit(1756803932.718:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.2.445" exe="/syz-executor" sig=0 arch=40000003 syscall=254 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  128.736621][   T40] audit: type=1326 audit(1756803932.718:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.2.445" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  128.756914][   T40] audit: type=1326 audit(1756803932.718:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.2.445" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  128.763298][   T40] audit: type=1326 audit(1756803932.718:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.2.445" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  128.776112][   T40] audit: type=1326 audit(1756803932.718:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.2.445" exe="/syz-executor" sig=0 arch=40000003 syscall=70 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  128.784518][   T40] audit: type=1326 audit(1756803932.718:41): auid=4294967295 uid=255 gid=0 ses=4294967295 subj=unconfined pid=7929 comm="syz.2.445" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  128.960305][ T7951] bridge0: port 3(syz_tun) entered blocking state
[  128.964283][ T7951] bridge0: port 3(syz_tun) entered disabled state
[  128.967399][ T7951] syz_tun: entered allmulticast mode
[  128.972078][ T7951] syz_tun: entered promiscuous mode
[  128.975277][ T7951] bridge0: port 3(syz_tun) entered blocking state
[  128.978267][ T7951] bridge0: port 3(syz_tun) entered forwarding state
[  128.994884][ T7951] netlink: 48 bytes leftover after parsing attributes in process `syz.2.450'.
[  128.998377][ T7951] netlink: 48 bytes leftover after parsing attributes in process `syz.2.450'.
[  129.017410][ T7951] netlink: 28 bytes leftover after parsing attributes in process `syz.2.450'.
[  129.020189][ T7951] netlink: 8 bytes leftover after parsing attributes in process `syz.2.450'.
[  129.024458][ T7951] netlink: 'syz.2.450': attribute type 1 has an invalid length.
[  129.027042][ T7951] netlink: 224 bytes leftover after parsing attributes in process `syz.2.450'.
[  129.040442][ T7959] netlink: 'syz.0.448': attribute type 4 has an invalid length.
[  129.567845][ T5340] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  129.746857][ T5340] Bluetooth: hci0: command 0x0c1a tx timeout
[  130.592797][ T7996] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=35 (70 ns) > initial count (64 ns). Using initial count to start timer.
[  130.628977][   T63] Bluetooth: hci1: command 0x0c1a tx timeout
[  130.631278][ T5984] Bluetooth: hci2: command 0x0c1a tx timeout
[  130.633459][ T5340] Bluetooth: hci3: command 0x0c1a tx timeout
[  130.932480][ T8012] netlink: 12 bytes leftover after parsing attributes in process `syz.1.469'.
[  131.142479][ T8018] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  131.145876][ T8018] qnx6: wrong signature (magic) in superblock #1.
[  131.149148][ T8018] qnx6: unable to read the first superblock
[  131.167931][ T8017] netlink: 16 bytes leftover after parsing attributes in process `syz.0.468'.
[  131.174015][ T8017] netlink: 16 bytes leftover after parsing attributes in process `syz.0.468'.
[  131.374000][ T8020] lo speed is unknown, defaulting to 1000
[  131.884760][ T8034] unsupported nlmsg_type 40
[  132.185409][ T5350] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  132.319251][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  132.338355][ T5350] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  132.339416][ T8055] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  132.344118][ T8055] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  132.344148][ T5350] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  132.366877][ T5350] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.366936][ T8055] vhci_hcd vhci_hcd.0: Device attached
[  132.369357][ T5350] usb 5-1: Product: syz
[  132.372325][ T5350] usb 5-1: Manufacturer: syz
[  132.373758][ T5350] usb 5-1: SerialNumber: syz
[  132.387412][ T5350] usb 5-1: config 0 descriptor??
[  132.595187][ T5350] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22
[  132.595351][ T8055] futex_wake_op: syz.3.479 tries to shift op by 144; fix this program
[  132.637115][ T7204] udevd[7204]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  132.716986][ T1333] usb 44-1: SetAddress Request (2) to port 0
[  132.719043][ T1333] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[  132.838335][ T8056] vhci_hcd: connection reset by peer
[  132.840375][   T13] vhci_hcd: stop threads
[  132.841795][   T13] vhci_hcd: release socket
[  132.843288][   T13] vhci_hcd: disconnect device
[  133.114596][ T5984] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  133.554516][ T8089] fuse: Unknown parameter ''
[  133.569264][ T8089] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  133.819733][ T8096] netlink: 'syz.3.491': attribute type 13 has an invalid length.
[  133.822159][ T8096] netlink: 'syz.3.491': attribute type 17 has an invalid length.
[  133.931042][ T8096] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  134.183574][ T8106] input: syz1 as /devices/virtual/input/input8
[  134.199917][ T8108] __nla_validate_parse: 4 callbacks suppressed
[  134.199934][ T8108] netlink: 36 bytes leftover after parsing attributes in process `syz.1.498'.
[  134.601997][ T8117] tmpfs: Unknown parameter '01777777777777777777777'
[  134.611049][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  134.611059][   T40] audit: type=1800 audit(1756803938.668:47): pid=8117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.500" name="bus" dev="tmpfs" ino=527 res=0 errno=0
[  134.808453][ T8130] lo speed is unknown, defaulting to 1000
[  134.939734][   T54] usb 5-1: USB disconnect, device number 4
[  135.978423][   T40] audit: type=1326 audit(1756803940.038:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8166 comm="syz.0.515" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000
[  135.985014][   T40] audit: type=1326 audit(1756803940.038:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8166 comm="syz.0.515" exe="/syz-executor" sig=0 arch=40000003 syscall=374 compat=1 ip=0xf706e579 code=0x7ffc0000
[  135.998244][   T40] audit: type=1326 audit(1756803940.038:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8166 comm="syz.0.515" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000
[  136.016499][   T40] audit: type=1326 audit(1756803940.038:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8166 comm="syz.0.515" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000
[  136.028283][ T8172] netlink: 4 bytes leftover after parsing attributes in process `syz.0.516'.
[  136.032922][ T8172] netlink: 4 bytes leftover after parsing attributes in process `syz.0.516'.
[  136.078011][    T9] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  136.123687][ T8176] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  136.236823][    T9] usb 6-1: Using ep0 maxpacket: 32
[  136.247975][    T9] usb 6-1: unable to get BOS descriptor or descriptor too short
[  136.253071][    T9] usb 6-1: unable to read config index 0 descriptor/start: -71
[  136.256666][    T9] usb 6-1: can't read configurations, error -71
[  136.466233][ T8180] lo speed is unknown, defaulting to 1000
[  136.838213][ T8196] netlink: 24 bytes leftover after parsing attributes in process `syz.1.523'.
[  136.841917][ T8198] =======================================================
[  136.841917][ T8198] WARNING: The mand mount option has been deprecated and
[  136.841917][ T8198]          and is ignored by this kernel. Remove the mand
[  136.841917][ T8198]          option from the mount to silence this warning.
[  136.841917][ T8198] =======================================================
[  136.855999][ T8198] 9pnet_fd: Insufficient options for proto=fd
[  137.179519][ T8208] netlink: 36 bytes leftover after parsing attributes in process `syz.2.525'.
[  137.747209][ T1333] usb 44-1: device descriptor read/8, error -110
[  138.137698][ T1333] usb usb44-port1: attempt power cycle
[  138.816640][ T8249] input: syz1 as /devices/virtual/input/input9
[  139.587775][ T1333] usb usb44-port1: unable to enumerate USB device
[  139.748865][ T8271] netlink: 'syz.0.540': attribute type 10 has an invalid length.
[  139.754843][ T8271] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  140.376914][   T34] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  140.556757][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.561449][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.565383][   T34] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  140.571408][   T34] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  140.575209][   T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.583018][   T34] usb 7-1: config 0 descriptor??
[  140.814681][ T8308] netlink: 4 bytes leftover after parsing attributes in process `syz.1.555'.
[  141.003474][   T34] plantronics 0003:047F:FFFF.0002: invalid report_count -387627765
[  141.016858][   T34] plantronics 0003:047F:FFFF.0002: item 0 4 1 9 parsing failed
[  141.019539][   T34] plantronics 0003:047F:FFFF.0002: parse failed
[  141.021532][   T34] plantronics 0003:047F:FFFF.0002: probe with driver plantronics failed with error -22
[  141.223951][ T8287] netlink: 12 bytes leftover after parsing attributes in process `syz.2.547'.
[  141.227508][ T8287] openvswitch: netlink: Flow key attr not present in new flow.
[  141.235791][   T54] usb 7-1: USB disconnect, device number 10
[  141.265771][ T8326] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  141.273093][ T8326] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  141.328943][ T7868] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  141.331767][ T7868] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  141.334637][ T7868] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  141.338577][ T7868] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  141.536935][ T1471] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  141.686998][ T1471] usb 8-1: Using ep0 maxpacket: 8
[  141.691746][ T1471] usb 8-1: unable to get BOS descriptor or descriptor too short
[  141.697919][ T1471] usb 8-1: config 4 interface 0 has no altsetting 0
[  141.703719][ T1471] usb 8-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  141.707868][ T1471] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.710893][ T1471] usb 8-1: Product: syz
[  141.712343][ T1471] usb 8-1: Manufacturer: syz
[  141.713813][ T1471] usb 8-1: SerialNumber: syz
[  141.766728][ T8330] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.560'.
[  141.953055][ T1471] usb 8-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  141.972003][ T1471] usb 8-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  141.975644][ T1471] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  141.980372][ T1471] usb 8-1: media controller created
[  141.992022][ T1471] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  142.004177][ T1471] zl10353_read_register: readreg error (reg=127, ret==0)
[  142.021775][ T1471] usb 8-1: USB disconnect, device number 7
[  142.130363][ T8339] lo speed is unknown, defaulting to 1000
[  142.141660][ T8336] lo speed is unknown, defaulting to 1000
[  142.271144][ T8349] netlink: 8 bytes leftover after parsing attributes in process `syz.0.565'.
[  142.277472][ T8349] netlink: 36 bytes leftover after parsing attributes in process `syz.0.565'.
[  142.463509][ T8359] netlink: 129704 bytes leftover after parsing attributes in process `syz.2.566'.
[  142.472533][ T1185] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  142.476582][ T1185] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  142.487424][   T12] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  142.490633][ T1139] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  142.550339][ T5340] Bluetooth: hci3: unexpected event for opcode 0x041c
[  143.065744][ T8372] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.074414][ T8372] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.175721][ T1185] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.179016][ T1185] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  143.181807][ T1185] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.185386][ T1185] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  143.193374][ T1185] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.198003][ T1185] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  143.203070][ T1185] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.206751][ T1185] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  143.550718][ T8396] netlink: 4 bytes leftover after parsing attributes in process `syz.1.579'.
[  143.556049][ T8396] netlink: 56 bytes leftover after parsing attributes in process `syz.1.579'.
[  143.653315][ T8400] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  143.929217][ T8409] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  143.931313][ T8409] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  143.933930][ T8409] vhci_hcd vhci_hcd.0: Device attached
[  144.227288][    T9] usb 42-1: SetAddress Request (2) to port 0
[  144.230822][    T9] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[  144.380021][ T8424] wg2: entered allmulticast mode
[  144.541737][ T8411] vhci_hcd: connection reset by peer
[  144.556612][ T1185] vhci_hcd: stop threads
[  144.566839][ T1185] vhci_hcd: release socket
[  144.569368][ T1185] vhci_hcd: disconnect device
[  144.878924][ T8428] /dev/nullb0: Can't open blockdev
[  145.276571][ T8430] netlink: 32 bytes leftover after parsing attributes in process `syz.1.590'.
[  145.399481][ T8442] netlink: 64 bytes leftover after parsing attributes in process `syz.2.592'.
[  145.735784][ T8452] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  145.737891][ T8452] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  145.741152][ T8452] vhci_hcd vhci_hcd.0: Device attached
[  145.749534][ T8453] vhci_hcd: connection closed
[  145.749745][ T1139] vhci_hcd: stop threads
[  145.752576][ T1139] vhci_hcd: release socket
[  145.754039][ T1139] vhci_hcd: disconnect device
[  146.205411][   T34] IPVS: starting estimator thread 0...
[  146.240936][ T8465] __nla_validate_parse: 1 callbacks suppressed
[  146.240947][ T8465] netlink: 8 bytes leftover after parsing attributes in process `syz.1.599'.
[  146.316971][ T8466] IPVS: using max 46 ests per chain, 110400 per kthread
[  146.328693][ T8463] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  146.331870][ T8463] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  146.343550][ T8481] netlink: 8 bytes leftover after parsing attributes in process `syz.1.604'.
[  146.347123][ T8481] netlink: 24 bytes leftover after parsing attributes in process `syz.1.604'.
[  146.351406][ T8481] comedi comedi3: bad chanlist[0]=0x00000ac2 chan=2754 range length=0
[  146.412706][ T8482] netlink: 8 bytes leftover after parsing attributes in process `syz.2.603'.
[  147.187510][  T840] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  147.368993][ T8510] loop6: detected capacity change from 0 to 524287999
[  147.376910][ T8510] netlink: 24 bytes leftover after parsing attributes in process `syz.2.611'.
[  147.621753][  T840] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  147.625384][  T840] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  147.634756][  T840] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  147.640865][  T840] usb 6-1: config 0 interface 0 has no altsetting 0
[  147.643813][  T840] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  147.646560][  T840] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  147.650070][  T840] usb 6-1: config 0 interface 0 has no altsetting 0
[  147.652927][  T840] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  147.655701][  T840] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  147.659282][  T840] usb 6-1: config 0 interface 0 has no altsetting 0
[  147.662201][  T840] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  147.664957][  T840] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  147.668541][  T840] usb 6-1: config 0 interface 0 has no altsetting 0
[  147.671703][  T840] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  147.674450][  T840] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  147.677964][  T840] usb 6-1: config 0 interface 0 has no altsetting 0
[  147.681315][  T840] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  147.684275][  T840] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  147.687765][  T840] usb 6-1: config 0 interface 0 has no altsetting 0
[  147.690893][  T840] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  147.694017][  T840] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  147.697890][  T840] usb 6-1: config 0 interface 0 has no altsetting 0
[  147.703160][  T840] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  147.706640][  T840] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  147.710181][  T840] usb 6-1: config 0 interface 0 has no altsetting 0
[  147.725696][  T840] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  147.764907][ T8523] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  148.034909][  T840] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  148.040000][  T840] usb 6-1: Product: syz
[  148.041347][  T840] usb 6-1: Manufacturer: syz
[  148.042820][  T840] usb 6-1: SerialNumber: syz
[  148.050646][  T840] usb 6-1: config 0 descriptor??
[  148.059939][  T840] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  148.309951][    C1] usb 6-1: yurex_control_callback - control failed: -2
[  148.325125][ T1471] usb 6-1: USB disconnect, device number 14
[  148.329924][ T1471] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  148.512158][ T8543] geneve2: entered promiscuous mode
[  148.513971][ T8543] geneve2: entered allmulticast mode
[  148.516572][ T7868] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[  148.525083][ T7868] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[  148.529156][ T7868] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[  148.532098][ T7868] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[  149.276740][ T8571] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  149.276890][    T9] usb 42-1: device descriptor read/8, error -110
[  149.285658][   T40] audit: type=1326 audit(1756803953.338:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8569 comm="syz.2.629" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  149.292938][   T40] audit: type=1326 audit(1756803953.338:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8569 comm="syz.2.629" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  149.299743][   T40] audit: type=1326 audit(1756803953.338:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8569 comm="syz.2.629" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  149.306209][   T40] audit: type=1326 audit(1756803953.338:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8569 comm="syz.2.629" exe="/syz-executor" sig=0 arch=40000003 syscall=265 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  149.312854][   T40] audit: type=1326 audit(1756803953.338:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8569 comm="syz.2.629" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  149.319675][   T40] audit: type=1326 audit(1756803953.338:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8569 comm="syz.2.629" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  149.326184][   T40] audit: type=1326 audit(1756803953.338:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8569 comm="syz.2.629" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  149.332870][   T40] audit: type=1326 audit(1756803953.338:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8569 comm="syz.2.629" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  149.339524][   T40] audit: type=1326 audit(1756803953.338:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8569 comm="syz.2.629" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  149.345985][   T40] audit: type=1326 audit(1756803953.348:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8569 comm="syz.2.629" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf7f75579 code=0x7ffc0000
[  149.677974][    T9] usb usb42-port1: attempt power cycle
[  150.240085][    T9] usb usb42-port1: unable to enumerate USB device
[  150.456986][ T8566] Set syz1 is full, maxelem 65536 reached
[  150.462398][ T8597] syz.0.637: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  150.468800][ T8597] CPU: 3 UID: 0 PID: 8597 Comm: syz.0.637 Not tainted syzkaller #0 PREEMPT(full) 
[  150.468815][ T8597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.468821][ T8597] Call Trace:
[  150.468824][ T8597]  <TASK>
[  150.468828][ T8597]  dump_stack_lvl+0x16c/0x1f0
[  150.468862][ T8597]  warn_alloc+0x248/0x3a0
[  150.468879][ T8597]  ? __pfx_warn_alloc+0x10/0x10
[  150.468896][ T8597]  ? hash_ipport_create+0x843/0x1a20
[  150.468911][ T8597]  ? __vmalloc_node_noprof+0xad/0xf0
[  150.468924][ T8597]  __vmalloc_node_range_noprof+0x101b/0x14b0
[  150.468933][ T8597]  ? ip_set_create+0x7e4/0x14d0
[  150.468943][ T8597]  ? nfnetlink_rcv_msg+0x9f9/0x1200
[  150.468958][ T8597]  ? hash_ipport_create+0x843/0x1a20
[  150.468976][ T8597]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  150.468993][ T8597]  ? ___kmalloc_large_node+0xed/0x160
[  150.469011][ T8597]  __kvmalloc_node_noprof+0x30a/0x620
[  150.469022][ T8597]  ? hash_ipport_create+0x843/0x1a20
[  150.469037][ T8597]  ? hash_ipport_create+0x843/0x1a20
[  150.469053][ T8597]  ? hash_ipport_create+0x843/0x1a20
[  150.469066][ T8597]  hash_ipport_create+0x843/0x1a20
[  150.469082][ T8597]  ? __print_lock_name+0xc0/0xe0
[  150.469094][ T8597]  ? __pfx_hash_ipport_create+0x10/0x10
[  150.469110][ T8597]  ? __nla_parse+0x40/0x60
[  150.469120][ T8597]  ? __pfx_hash_ipport_create+0x10/0x10
[  150.469135][ T8597]  ? ip_set_create+0x7e4/0x14d0
[  150.469145][ T8597]  ip_set_create+0x7e4/0x14d0
[  150.469158][ T8597]  ? __pfx_ip_set_create+0x10/0x10
[  150.469179][ T8597]  ? find_held_lock+0x2b/0x80
[  150.469192][ T8597]  nfnetlink_rcv_msg+0x9f9/0x1200
[  150.469208][ T8597]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  150.469221][ T8597]  ? stack_trace_save+0x8e/0xc0
[  150.469262][ T8597]  netlink_rcv_skb+0x158/0x420
[  150.469285][ T8597]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  150.469305][ T8597]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  150.469338][ T8597]  ? ns_capable+0xd7/0x110
[  150.469359][ T8597]  nfnetlink_rcv+0x1b3/0x430
[  150.469376][ T8597]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  150.469393][ T8597]  ? netlink_deliver_tap+0x1ae/0xd30
[  150.469414][ T8597]  ? is_vmalloc_addr+0x86/0xa0
[  150.469437][ T8597]  netlink_unicast+0x5a7/0x870
[  150.469464][ T8597]  ? __pfx_netlink_unicast+0x10/0x10
[  150.469487][ T8597]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  150.469540][ T8597]  netlink_sendmsg+0x8d1/0xdd0
[  150.469568][ T8597]  ? __pfx_netlink_sendmsg+0x10/0x10
[  150.469595][ T8597]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  150.469619][ T8597]  ____sys_sendmsg+0xa98/0xc70
[  150.469637][ T8597]  ? __pfx_____sys_sendmsg+0x10/0x10
[  150.469651][ T8597]  ? get_compat_msghdr+0x11a/0x170
[  150.469676][ T8597]  ? __pfx_futex_wake_mark+0x10/0x10
[  150.469704][ T8597]  ___sys_sendmsg+0x134/0x1d0
[  150.469726][ T8597]  ? __pfx____sys_sendmsg+0x10/0x10
[  150.469759][ T8597]  ? find_held_lock+0x2b/0x80
[  150.469778][ T8597]  __sys_sendmsg+0x16d/0x220
[  150.469792][ T8597]  ? __pfx___sys_sendmsg+0x10/0x10
[  150.469805][ T8597]  ? __pfx_bpf_trace_run2+0x10/0x10
[  150.469824][ T8597]  ? syscall_trace_enter+0x1cb/0x240
[  150.469841][ T8597]  ? rcu_is_watching+0x12/0xc0
[  150.469853][ T8597]  __do_fast_syscall_32+0x7c/0x3a0
[  150.469870][ T8597]  do_fast_syscall_32+0x32/0x80
[  150.469883][ T8597]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  150.469897][ T8597] RIP: 0023:0xf706e579
[  150.469906][ T8597] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  150.469916][ T8597] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  150.469926][ T8597] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  150.469932][ T8597] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  150.469938][ T8597] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  150.469944][ T8597] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  150.469950][ T8597] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  150.469963][ T8597]  </TASK>
[  150.469967][ T8597] Mem-Info:
[  150.605941][ T8597] active_anon:5362 inactive_anon:5432 isolated_anon:0
[  150.605941][ T8597]  active_file:11278 inactive_file:16692 isolated_file:0
[  150.605941][ T8597]  unevictable:1768 dirty:387 writeback:0
[  150.605941][ T8597]  slab_reclaimable:6570 slab_unreclaimable:78275
[  150.605941][ T8597]  mapped:23867 shmem:7919 pagetables:1162
[  150.605941][ T8597]  sec_pagetables:313 bounce:0
[  150.605941][ T8597]  kernel_misc_reclaimable:0
[  150.605941][ T8597]  free:28806 free_pcp:15368 free_cma:0
[  150.627308][ T8597] Node 0 active_anon:1444kB inactive_anon:268kB active_file:16kB inactive_file:56kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:16kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8548kB pagetables:1640kB sec_pagetables:1148kB all_unreclaimable? yes Balloon:0kB
[  150.638701][ T8597] Node 1 active_anon:20180kB inactive_anon:21460kB active_file:45096kB inactive_file:66712kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95452kB dirty:1532kB writeback:0kB shmem:28140kB shmem_thp:6144kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4524kB pagetables:2908kB sec_pagetables:104kB all_unreclaimable? no Balloon:0kB
[  150.651938][ T8597] Node 0 DMA free:2072kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:564kB local_pcp:228kB free_cma:0kB
[  150.663763][ T8597] lowmem_reserve[]: 0 288 288 288 288
[  150.666079][ T8597] Node 0 DMA32 free:18228kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:4096KB free_highatomic:1428KB active_anon:1596kB inactive_anon:268kB active_file:16kB inactive_file:56kB unevictable:3536kB writepending:16kB present:1032196kB managed:295132kB mlocked:0kB bounce:0kB free_pcp:11696kB local_pcp:3936kB free_cma:0kB
[  150.677299][ T8597] lowmem_reserve[]: 0 0 0 0 0
[  150.678875][ T8597] Node 1 DMA32 free:94992kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:12288KB free_highatomic:0KB active_anon:20180kB inactive_anon:21460kB active_file:45096kB inactive_file:66712kB unevictable:3536kB writepending:1532kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:53028kB local_pcp:15288kB free_cma:0kB
[  150.693127][ T8597] lowmem_reserve[]: 0 0 0 0 0
[  150.695601][ T8597] Node 0 DMA: 3*4kB (UM) 45*8kB (UM) 14*16kB (UM) 8*32kB (UM) 1*64kB (M) 1*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2068kB
[  150.703942][ T8597] Node 0 DMA32: 270*4kB (UMEH) 36*8kB (UMEH) 102*16kB (UMEH) 128*32kB (UMEH) 39*64kB (UMEH) 15*128kB (UME) 15*256kB (UMEH) 5*512kB (UME) 0*1024kB 0*2048kB 0*4096kB = 17912kB
[  150.709832][ T8597] Node 1 DMA32: 675*4kB (UME) 265*8kB (UME) 286*16kB (ME) 112*32kB (ME) 82*64kB (UME) 69*128kB (UME) 49*256kB (UME) 34*512kB (UME) 17*1024kB (UM) 10*2048kB (UM) 0*4096kB = 94900kB
[  150.715452][ T8597] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  150.721056][ T8597] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  150.723949][ T8597] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  150.728214][ T8597] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  150.731242][ T8597] 36523 total pagecache pages
[  150.732750][ T8597] 638 pages in swap cache
[  150.734203][ T8597] Free swap  = 115512kB
[  150.735533][ T8597] Total swap = 124996kB
[  150.738027][ T8597] 524155 pages RAM
[  150.739257][ T8597] 0 pages HighMem/MovableOnly
[  150.741147][ T8597] 209477 pages reserved
[  150.742780][ T8597] 0 pages cma reserved
[  150.921166][ T8642] sit0: entered promiscuous mode
[  150.923103][ T8642] netlink: 'syz.0.650': attribute type 1 has an invalid length.
[  150.925517][ T8642] netlink: 1 bytes leftover after parsing attributes in process `syz.0.650'.
[  150.964613][ T8644] netlink: 24 bytes leftover after parsing attributes in process `syz.0.651'.
[  151.164528][ T8651] loop6: detected capacity change from 0 to 2560
[  151.169280][ T7204] Buffer I/O error on dev loop6, logical block 0, async page read
[  151.172430][ T7204] Buffer I/O error on dev loop6, logical block 0, async page read
[  151.175296][ T7204] Buffer I/O error on dev loop6, logical block 0, async page read
[  151.178174][ T7204] Buffer I/O error on dev loop6, logical block 0, async page read
[  151.180728][ T7204] Buffer I/O error on dev loop6, logical block 0, async page read
[  151.183271][ T7204] Buffer I/O error on dev loop6, logical block 0, async page read
[  151.185978][ T7204] Buffer I/O error on dev loop6, logical block 0, async page read
[  151.188845][ T7204] Buffer I/O error on dev loop6, logical block 0, async page read
[  151.191490][ T7204] ldm_validate_partition_table(): Disk read failed.
[  151.193721][ T7204] Buffer I/O error on dev loop6, logical block 0, async page read
[  151.196280][ T7204] Buffer I/O error on dev loop6, logical block 0, async page read
[  151.199809][ T7204] Dev loop6: unable to read RDB block 0
[  151.202496][ T7204]  loop6: unable to read partition table
[  151.671369][ T8663] netlink: 8 bytes leftover after parsing attributes in process `syz.2.655'.
[  151.806690][ T8663] wireguard0: entered promiscuous mode
[  151.814322][ T8663] wireguard0: entered allmulticast mode
[  151.910287][ T8675] virtio-fs: tag <c:::> not found
[  151.913015][ T8675] netlink: 88 bytes leftover after parsing attributes in process `syz.1.657'.
[  151.917659][ T8675] netlink: 4 bytes leftover after parsing attributes in process `syz.1.657'.
[  152.464707][ T8693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.663'.
[  152.581114][ T8696] ubi31: attaching mtd0
[  152.583107][ T8701] binder: 8700:8701 ioctl c0306201 800003c0 returned -14
[  152.585024][ T8696] ubi31: scanning is finished
[  152.588198][ T8701] netlink: 28 bytes leftover after parsing attributes in process `syz.2.667'.
[  152.588903][ T8696] ubi31: empty MTD device detected
[  152.592043][ T8701] netlink: 28 bytes leftover after parsing attributes in process `syz.2.667'.
[  152.671912][ T8696] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  152.675116][ T8696] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  152.678994][ T8696] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  152.681929][ T8696] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  152.684850][ T8696] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  152.688007][ T8696] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  152.690847][ T8696] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3938247127
[  152.695006][ T8696] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  152.700459][ T8708] ubi31: background thread "ubi_bgt31d" started, PID 8708
[  152.973620][ T8714] netlink: 4 bytes leftover after parsing attributes in process `syz.2.670'.
[  153.228182][ T8733] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  153.233509][ T8733] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  153.397280][ T8737] netlink: 16 bytes leftover after parsing attributes in process `syz.0.676'.
[  153.633467][ T8742] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  154.486901][   T54] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  154.524560][ T8771] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  154.636842][   T54] usb 8-1: Using ep0 maxpacket: 16
[  154.639768][   T54] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  154.644145][   T54] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  154.648789][   T54] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0
[  154.652256][   T54] usb 8-1: config 0 interface 0 has no altsetting 0
[  154.655857][   T54] usb 8-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  154.658767][   T54] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.661254][   T54] usb 8-1: Product: syz
[  154.662583][   T54] usb 8-1: Manufacturer: syz
[  154.664069][   T54] usb 8-1: SerialNumber: syz
[  154.667301][   T54] usb 8-1: config 0 descriptor??
[  154.878280][   T54] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input11
[  154.884052][ T5375] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  154.889333][ T5375] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  154.893878][ T5375] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  154.897821][ T5375] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  154.914746][ T7229] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  154.917759][ T5375] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  154.921943][ T5375] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  154.933153][ T5375] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  154.936583][ T5375] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  155.127753][ T8773] ieee802154 phy1 wpan1: encryption failed: -22
[  155.137012][ T8759] synaptics_usb 8-1:0.0: synusb_open - usb_submit_urb failed, error: -90
[  155.161012][ T8773] 9pnet: Could not find request transport: fD
[  156.102921][ T8810] netlink: 12 bytes leftover after parsing attributes in process `syz.0.695'.
[  156.461080][ T8819] macvlan0: entered promiscuous mode
[  156.464996][ T8819] netlink: 'syz.1.697': attribute type 1 has an invalid length.
[  156.469710][ T8819] netlink: 'syz.1.697': attribute type 2 has an invalid length.
[  156.596630][ T8823] netlink: 'syz.1.698': attribute type 1 has an invalid length.
[  156.599175][ T8823] netlink: 224 bytes leftover after parsing attributes in process `syz.1.698'.
[  156.932268][ T8825] openvswitch: netlink: Geneve opt len 126 is not a multiple of 4.
[  157.144251][ T1471] usb 8-1: USB disconnect, device number 8
[  158.832998][ T8875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  158.888119][ T8875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  158.892647][ T8875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  158.896655][ T8875] netlink: 4 bytes leftover after parsing attributes in process `syz.0.713'.
[  158.917782][ T8876] lo speed is unknown, defaulting to 1000
[  159.339849][ T8899] netlink: 'syz.2.720': attribute type 1 has an invalid length.
[  159.345516][ T8899] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  159.444552][ T8905] bond0: (slave bridge_slave_1): Releasing backup interface
[  159.450839][ T8905] bond0: (slave bond_slave_0): Releasing backup interface
[  159.458765][ T8905] bond0: (slave bond_slave_1): Releasing backup interface
[  159.465137][ T8905] team0: Port device team_slave_0 removed
[  159.476040][ T8905] team0: Port device team_slave_1 removed
[  159.478806][ T8905] batman_adv: batadv0: Removing interface: batadv_slave_0
[  159.495903][ T8909] netlink: 'syz.0.721': attribute type 10 has an invalid length.
[  159.496291][ T8905] batman_adv: batadv0: Removing interface: batadv_slave_1
[  159.585188][ T8909] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  159.701933][ T8915] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  160.050562][ T8936] netlink: 24 bytes leftover after parsing attributes in process `syz.0.728'.
[  160.748036][ T8953] tmpfs: Unknown parameter 'nosw69'
[  162.776681][ T9012] netlink: 56 bytes leftover after parsing attributes in process `syz.1.751'.
[  163.511742][ T9036] netlink: 16 bytes leftover after parsing attributes in process `syz.2.757'.
[  163.526004][ T9040] netlink: 4 bytes leftover after parsing attributes in process `syz.0.760'.
[  163.600561][ T9048] netlink: 4 bytes leftover after parsing attributes in process `syz.3.764'.
[  163.626636][ T9048] netlink: 4 bytes leftover after parsing attributes in process `syz.3.764'.
[  163.888555][ T9065] tty tty22: ldisc open failed (-12), clearing slot 21
[  164.460069][ T9087] netlink: 44 bytes leftover after parsing attributes in process `syz.3.773'.
[  164.464630][ T9087] netlink: 43 bytes leftover after parsing attributes in process `syz.3.773'.
[  164.477524][ T9087] netlink: 'syz.3.773': attribute type 6 has an invalid length.
[  164.480405][ T9087] netlink: 'syz.3.773': attribute type 5 has an invalid length.
[  164.484899][ T9087] netlink: 43 bytes leftover after parsing attributes in process `syz.3.773'.
[  164.522814][ T9092] input: syz0 as /devices/virtual/input/input12
[  164.525428][ T9092] input: failed to attach handler leds to device input12, error: -6
[  164.601255][ T9097] netlink: 36 bytes leftover after parsing attributes in process `syz.0.777'.
[  164.866880][ T1333] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  164.876098][ T9108] lo speed is unknown, defaulting to 1000
[  164.973364][ T9111] : entered promiscuous mode
[  165.093972][ T1333] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  165.097207][ T1333] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.101922][ T1333] usb 6-1: Product: syz
[  165.103628][ T1333] usb 6-1: Manufacturer: syz
[  165.105340][ T1333] usb 6-1: SerialNumber: syz
[  165.123527][ T1333] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  165.158908][  T840] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  165.505505][ T9115] sp0: Synchronizing with TNC
[  165.512351][ T9115] netlink: 4 bytes leftover after parsing attributes in process `syz.2.781'.
[  165.562696][ T9117] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  165.565777][ T9117] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  165.584813][   T54] usb 6-1: USB disconnect, device number 15
[  165.585614][ T9114] [U] �
[  166.294974][ T9140] netlink: 96 bytes leftover after parsing attributes in process `syz.2.787'.
[  166.627046][  T840] usb 6-1: Service connection timeout for: 256
[  166.636645][  T840] ath9k_htc 6-1:1.0: ath9k_htc: Unable to initialize HTC services
[  166.645191][  T840] ath9k_htc: Failed to initialize the device
[  166.679346][ T9158] input: syz0 as /devices/virtual/input/input13
[  166.971371][   T54] usb 6-1: ath9k_htc: USB layer deinitialized
[  167.277724][   T54] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  167.348570][ T9176] overlayfs: failed to resolve './file1': -2
[  167.656841][   T54] usb 6-1: Using ep0 maxpacket: 32
[  167.675244][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.696929][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.700126][   T54] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  167.704235][   T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.727939][   T54] usb 6-1: config 0 descriptor??
[  168.013163][   T54] usbhid 6-1:0.0: can't add hid device: -71
[  168.043651][ T9194] sg_write: process 800 (syz.0.802) changed security contexts after opening file descriptor, this is not allowed.
[  168.044191][ T9193] loop7: detected capacity change from 0 to 8
[  168.046674][   T54] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  168.047777][   T54] usb 6-1: USB disconnect, device number 16
[  168.109018][ T9197] netlink: 4 bytes leftover after parsing attributes in process `syz.3.804'.
[  168.145801][ T9202] netlink: 196 bytes leftover after parsing attributes in process `syz.2.806'.
[  168.199827][ T9209] bond0: entered promiscuous mode
[  168.201607][ T9209] bond_slave_0: entered promiscuous mode
[  168.203477][ T9209] bond_slave_1: entered promiscuous mode
[  168.248294][ T7229] Dev loop7: unable to read RDB block 8
[  168.250105][ T7229]  loop7: unable to read partition table
[  168.251975][ T7229] loop7: partition table beyond EOD, truncated
[  168.260305][ T7229] udevd[7229]: symlink '../../loop7' '/dev/disk/by-diskseq/84.tmp-b7:7' failed: Read-only file system
[  168.269804][ T7204] udevd[7204]: symlink '../../loop7' '/dev/disk/by-diskseq/84.tmp-b7:7' failed: Read-only file system
[  168.284251][ T7204] udevd[7204]: symlink '../../loop7' '/dev/disk/by-diskseq/84.tmp-b7:7' failed: Read-only file system
[  168.697056][ T9222] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[  168.700668][ T9220] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  169.967131][ T5350] usb 7-1: new full-speed USB device number 11 using dummy_hcd
[  170.128199][ T5350] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  170.131478][ T5350] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  170.135845][ T5350] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  170.138899][ T5350] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  170.349800][ T5350] usb 7-1: usb_control_msg returned -32
[  170.351703][ T5350] usbtmc 7-1:16.0: can't read capabilities
[  170.358801][ T9245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  170.364847][ T9245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  170.790864][ T9271] netlink: 'syz.2.816': attribute type 4 has an invalid length.
[  170.967282][ T9277] random: crng reseeded on system resumption
[  171.359850][ T9279] netlink: 216 bytes leftover after parsing attributes in process `syz.3.824'.
[  171.363450][ T9279] netlink: 216 bytes leftover after parsing attributes in process `syz.3.824'.
[  171.633956][   T40] kauditd_printk_skb: 18 callbacks suppressed
[  171.633967][   T40] audit: type=1326 audit(1756803975.688:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.825" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  171.643137][   T40] audit: type=1326 audit(1756803975.688:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.825" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  171.649790][   T40] audit: type=1326 audit(1756803975.698:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.825" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf702e579 code=0x7ffc0000
[  171.658283][   T40] audit: type=1326 audit(1756803975.698:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.825" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  171.666245][   T40] audit: type=1326 audit(1756803975.698:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.825" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  171.676094][   T40] audit: type=1326 audit(1756803975.698:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.825" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000
[  171.684860][   T40] audit: type=1326 audit(1756803975.698:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.825" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  171.691449][   T40] audit: type=1326 audit(1756803975.698:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.825" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000
[  171.699155][   T40] audit: type=1326 audit(1756803975.698:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.825" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  171.705782][   T40] audit: type=1326 audit(1756803975.708:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.3.825" exe="/syz-executor" sig=0 arch=40000003 syscall=228 compat=1 ip=0xf702e579 code=0x7ffc0000
[  171.733757][ T9287] capability: warning: `syz.1.826' uses 32-bit capabilities (legacy support in use)
[  172.455262][  T840] hid-generic 0401:0001:0008.0003: unknown main item tag 0x0
[  172.458075][  T840] hid-generic 0401:0001:0008.0003: unknown main item tag 0x0
[  172.460474][  T840] hid-generic 0401:0001:0008.0003: unknown main item tag 0x0
[  172.463143][  T840] hid-generic 0401:0001:0008.0003: unknown main item tag 0x0
[  172.465675][  T840] hid-generic 0401:0001:0008.0003: unknown main item tag 0x0
[  172.469695][  T840] hid-generic 0401:0001:0008.0003: unknown main item tag 0x0
[  172.472910][  T840] hid-generic 0401:0001:0008.0003: unknown main item tag 0x0
[  172.476103][  T840] hid-generic 0401:0001:0008.0003: unknown main item tag 0x0
[  172.479249][  T840] hid-generic 0401:0001:0008.0003: unknown main item tag 0x0
[  172.481848][  T840] hid-generic 0401:0001:0008.0003: unknown main item tag 0x0
[  172.490055][  T840] hid-generic 0401:0001:0008.0003: hidraw1: <UNKNOWN> HID v0.81 Device [syz0] on syz0
[  172.543687][ T9308] fido_id[9308]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  172.561168][ T9310] netlink: 12 bytes leftover after parsing attributes in process `syz.3.832'.
[  172.587806][  T840] usb 7-1: USB disconnect, device number 11
[  172.827004][ T9321] mmap: syz.1.836 (9321): VmData 37535744 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  172.850920][ T9323] lo speed is unknown, defaulting to 1000
[  172.855126][ T9323] lo speed is unknown, defaulting to 1000
[  172.863282][ T9323] lo speed is unknown, defaulting to 1000
[  172.881455][ T9323] infiniband 3yz0: RDMA CMA: cma_listen_on_dev, error -98
[  172.914514][ T9323] lo speed is unknown, defaulting to 1000
[  172.921847][ T9323] lo speed is unknown, defaulting to 1000
[  172.929349][ T9323] lo speed is unknown, defaulting to 1000
[  172.936747][ T9323] lo speed is unknown, defaulting to 1000
[  173.146889][   T54] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  173.316903][   T54] usb 6-1: Using ep0 maxpacket: 16
[  173.322847][   T54] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  173.327008][   T54] usb 6-1: config 1 interface 0 altsetting 250 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  173.331258][   T54] usb 6-1: config 1 interface 0 has no altsetting 0
[  173.336265][   T54] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  173.339238][   T54] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.341834][   T54] usb 6-1: Product: ⛫载這礻⸥ꍋ꽟㒽༿ി讂
[  173.343988][   T54] usb 6-1: Manufacturer: ə
[  173.345430][   T54] usb 6-1: SerialNumber: syz
[  173.827016][   T34] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  173.956953][   T34] usb 8-1: device descriptor read/64, error -71
[  174.216951][   T34] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  174.346879][   T34] usb 8-1: device descriptor read/64, error -71
[  174.458236][   T34] usb usb8-port1: attempt power cycle
[  174.816933][   T34] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  174.837979][   T34] usb 8-1: device descriptor read/8, error -71
[  175.076878][   T34] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  175.097752][   T34] usb 8-1: device descriptor read/8, error -71
[  175.217005][   T34] usb usb8-port1: unable to enumerate USB device
[  175.508377][ T9371] netlink: 92 bytes leftover after parsing attributes in process `syz.2.851'.
[  176.031415][   T54] pxrc 6-1:1.0: Could not find endpoint
[  176.033569][   T54] usbhid 6-1:1.0: couldn't find an input interrupt endpoint
[  176.039019][   T54] usb 6-1: USB disconnect, device number 17
[  176.177961][ T9406] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  176.191819][ T9406] I/O error, dev loop0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  176.197363][ T9406] MINIX-fs: unable to read superblock
[  176.205400][ T9406] netlink: 'syz.0.859': attribute type 29 has an invalid length.
[  176.210119][ T9406] netlink: 8 bytes leftover after parsing attributes in process `syz.0.859'.
[  176.238735][ T9406] lo speed is unknown, defaulting to 1000
[  176.244553][ T9406] lo speed is unknown, defaulting to 1000
[  177.382676][ T9430] input: syz1 as /devices/virtual/input/input15
[  177.590191][ T9434] netlink: 8 bytes leftover after parsing attributes in process `syz.2.869'.
[  177.612630][ T9440] netlink: 'syz.1.864': attribute type 3 has an invalid length.
[  177.615733][ T9440] netlink: 'syz.1.864': attribute type 1 has an invalid length.
[  177.619186][ T9440] netlink: 220 bytes leftover after parsing attributes in process `syz.1.864'.
[  177.631101][ T9440] netlink: 32 bytes leftover after parsing attributes in process `syz.1.864'.
[  177.634015][ T9440] netlink: 32 bytes leftover after parsing attributes in process `syz.1.864'.
[  177.664039][ T9440] netlink: 32 bytes leftover after parsing attributes in process `syz.1.864'.
[  177.667027][ T9440] netlink: 32 bytes leftover after parsing attributes in process `syz.1.864'.
[  177.698724][ T7204] udevd[7204]: symlink '../../loop7' '/dev/disk/by-diskseq/85.tmp-b7:7' failed: Read-only file system
[  177.734132][ T9449] dlm: plock device version mismatch: kernel (1.2.0), user (458753.0.0)
[  177.734626][ T9440] netlink: 32 bytes leftover after parsing attributes in process `syz.1.864'.
[  177.758961][ T9440] netlink: 32 bytes leftover after parsing attributes in process `syz.1.864'.
[  177.887183][   T54] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  178.037203][   T54] usb 8-1: Using ep0 maxpacket: 32
[  178.045695][   T54] usb 8-1: config 0 has no interfaces?
[  178.047887][   T54] usb 8-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  178.050702][   T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.091572][   T54] usb 8-1: config 0 descriptor??
[  178.101230][ T9421] Process accounting resumed
[  178.361964][   T53] usb 8-1: USB disconnect, device number 13
[  178.488159][ T9461] fuse: Unknown parameter '184467440737095516150x0000000000000004'
[  178.665478][ T9439] syz.3.868 invoked oom-killer: gfp_mask=0x100dc2(GFP_HIGHUSER|__GFP_ZERO), order=0, oom_score_adj=1000
[  178.669457][ T9439] CPU: 3 UID: 0 PID: 9439 Comm: syz.3.868 Not tainted syzkaller #0 PREEMPT(full) 
[  178.669480][ T9439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  178.669491][ T9439] Call Trace:
[  178.669498][ T9439]  <TASK>
[  178.669504][ T9439]  dump_stack_lvl+0x16c/0x1f0
[  178.669533][ T9439]  dump_header+0x101/0x930
[  178.669558][ T9439]  oom_kill_process+0x272/0xa40
[  178.669577][ T9439]  ? oom_cpuset_eligible.isra.0+0x199/0x2d0
[  178.669600][ T9439]  out_of_memory+0x1405/0x1700
[  178.669626][ T9439]  ? __pfx_out_of_memory+0x10/0x10
[  178.669660][ T9439]  __alloc_frozen_pages_noprof+0x1d53/0x23f0
[  178.669695][ T9439]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  178.669725][ T9439]  ? __pfx___schedule+0x10/0x10
[  178.669745][ T9439]  ? lockdep_hardirqs_on+0x7c/0x110
[  178.669768][ T9439]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  178.669797][ T9439]  ? policy_nodemask+0xea/0x4e0
[  178.669821][ T9439]  alloc_pages_mpol+0x1fb/0x550
[  178.669844][ T9439]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  178.669888][ T9439]  alloc_pages_noprof+0x131/0x390
[  178.669914][ T9439]  system_heap_allocate+0x26a/0x10a0
[  178.669941][ T9439]  ? __pfx_system_heap_allocate+0x10/0x10
[  178.669963][ T9439]  ? __might_fault+0xe3/0x190
[  178.669994][ T9439]  dma_heap_ioctl+0x382/0x610
[  178.670017][ T9439]  ? __pfx_dma_heap_ioctl+0x10/0x10
[  178.670034][ T9439]  ? find_held_lock+0x2b/0x80
[  178.670064][ T9439]  ? __pfx_dma_heap_ioctl+0x10/0x10
[  178.670083][ T9439]  __ia32_compat_sys_ioctl+0x23f/0x370
[  178.670103][ T9439]  __do_fast_syscall_32+0x7c/0x3a0
[  178.670126][ T9439]  do_fast_syscall_32+0x32/0x80
[  178.670149][ T9439]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  178.670171][ T9439] RIP: 0023:0xf702e579
[  178.670187][ T9439] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  178.670202][ T9439] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  178.670220][ T9439] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004008af00
[  178.670231][ T9439] RDX: 0000000080001140 RSI: 0000000000000000 RDI: 0000000000000000
[  178.670240][ T9439] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  178.670250][ T9439] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  178.670260][ T9439] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  178.670283][ T9439]  </TASK>
[  178.670306][ T9439] Mem-Info:
[  178.763597][ T9439] active_anon:2566 inactive_anon:3636 isolated_anon:0
[  178.763597][ T9439]  active_file:1632 inactive_file:8175 isolated_file:125
[  178.763597][ T9439]  unevictable:1768 dirty:85 writeback:0
[  178.763597][ T9439]  slab_reclaimable:6168 slab_unreclaimable:75126
[  178.763597][ T9439]  mapped:26427 shmem:6997 pagetables:1229
[  178.763597][ T9439]  sec_pagetables:315 bounce:0
[  178.763597][ T9439]  kernel_misc_reclaimable:0
[  178.763597][ T9439]  free:20327 free_pcp:535 free_cma:0
[  178.778096][ T9439] Node 0 active_anon:2296kB inactive_anon:3956kB active_file:64kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:6020kB dirty:0kB writeback:0kB shmem:9540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8552kB pagetables:1496kB sec_pagetables:1148kB all_unreclaimable? yes Balloon:0kB
[  178.788413][ T9439] Node 1 active_anon:7968kB inactive_anon:10588kB active_file:6464kB inactive_file:32688kB unevictable:3536kB isolated(anon):0kB isolated(file):500kB mapped:99688kB dirty:340kB writeback:0kB shmem:18448kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4644kB pagetables:3420kB sec_pagetables:112kB all_unreclaimable? no Balloon:0kB
[  178.799371][ T9439] Node 0 DMA free:1616kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:252kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  178.808743][ T9439] lowmem_reserve[]: 0 288 288 288 288
[  178.811074][ T9439] Node 0 DMA32 free:8364kB boost:2048kB min:15268kB low:18572kB high:21876kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1992kB inactive_anon:3956kB active_file:64kB inactive_file:12kB unevictable:3536kB writepending:0kB present:1032196kB managed:295132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  178.825029][ T9439] lowmem_reserve[]: 0 0 0 0 0
[  178.826893][ T9439] Node 1 DMA32 free:74328kB boost:106060kB min:153200kB low:164984kB high:176768kB reserved_highatomic:12288KB free_highatomic:0KB active_anon:8368kB inactive_anon:9888kB active_file:6464kB inactive_file:31888kB unevictable:3536kB writepending:488kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  178.837329][ T9439] lowmem_reserve[]: 0 0 0 0 0
[  178.839998][ T9439] Node 0 DMA: 1*4kB (U) 2*8kB (UM) 1*16kB (M) 0*32kB 1*64kB (U) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 1636kB
[  178.922430][ T9439] Node 0 DMA32: 48*4kB (U) 49*8kB (UME) 19*16kB (UE) 60*32kB (UM) 32*64kB (UM) 17*128kB (UM) 5*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8312kB
[  178.936997][ T9439] Node 1 DMA32: 644*4kB (UM) 471*8kB (UM) 611*16kB (UME) 419*32kB (UME) 256*64kB (UME) 148*128kB (UME) 64*256kB (UME) 12*512kB (M) 3*1024kB (UM) 0*2048kB 0*4096kB = 90456kB
[  178.943441][ T9439] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  178.946510][ T9439] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  178.949976][ T9439] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  178.953053][ T9439] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  178.956874][ T9439] 13074 total pagecache pages
[  178.958861][ T9439] 323 pages in swap cache
[  178.960682][ T9439] Free swap  = 94988kB
[  178.962337][ T9439] Total swap = 124996kB
[  178.964079][ T9439] 524155 pages RAM
[  178.965609][ T9439] 0 pages HighMem/MovableOnly
[  178.970911][ T9439] 209477 pages reserved
[  178.972306][ T9439] 0 pages cma reserved
[  178.973596][ T9439] Unreclaimable slab info:
[  178.975189][ T9439] Name                      Used          Total
[  178.985026][ T9439] pid_3                     15KB         15KB
[  178.987042][ T9439] pid_2                     91KB        149KB
[  178.988971][ T9439] bio-360                    7KB          7KB
[  178.991019][ T9439] bio-424                    8KB          8KB
[  178.993063][ T9439] bio-440                    8KB          8KB
[  178.995055][ T9439] bio-536                   15KB         15KB
[  178.997104][ T9439] afs_inode_cache           92KB         92KB
[  178.999090][ T9439] zspage-zswap1            114KB        114KB
[  179.001063][ T9439] zs_handle-zswap1         176KB        180KB
[  179.003146][ T9439] zswap_entry              473KB        553KB
[  179.005184][ T9439] AF_VSOCK                 122KB        122KB
[  179.016626][ T9439] sw_flow_stats             12KB         12KB
[  179.020460][ T9439] sw_flow                   45KB         45KB
[  179.022174][ T9439] batadv_tt_change_cache         16KB         16KB
[  179.024073][ T9439] batadv_tl_cache           16KB         16KB
[  179.026546][ T9439] IEEE-802.15.4-MAC        157KB        157KB
[  179.029181][ T9439] IEEE-802.15.4-RAW         63KB         63KB
[  179.032083][ T9439] p9_req_t                  31KB         31KB
[  179.034272][ T9439] INET_SMC                  30KB         30KB
[  179.036561][ T9439] SMC6                      30KB         30KB
[  179.039219][ T9439] SMC                      122KB        122KB
[  179.041174][ T9439] TIPC                     123KB        123KB
[  179.043286][ T9439] RDS                       96KB        128KB
[  179.046000][ T9439] rds_connection            15KB         15KB
[  179.048620][ T9439] SCTPv6                   300KB        420KB
[  179.050545][ T9439] SCTP                     122KB        122KB
[  179.052462][ T9439] sctp_chunk                85KB        125KB
[  179.055085][ T9439] sctp_bind_bucket          16KB         16KB
[  179.058380][ T9439] PNPIPE                    92KB         92KB
[  179.060287][ T9439] PHONET                    31KB         31KB
[  179.062208][ T9439] L2TP/IPv6                 95KB         95KB
[  179.064112][ T9439] L2TP/IP                   60KB         60KB
[  179.066079][ T9439] KCM                      127KB        127KB
[  179.068159][ T9439] kcm_mux                   63KB         63KB
[  179.070146][ T9439] RXRPC                    124KB        124KB
[  179.072047][ T9439] rxrpc_call_jar           255KB        255KB
[  179.073948][ T9439] can_receiver              15KB         15KB
[  179.075852][ T9439] net_bridge_fdb_entry        610KB        610KB
[  179.078490][ T9439] MPTCPv6                  281KB        281KB
[  179.081227][ T9439] ip6-frags                  7KB          7KB
[  179.083894][ T9439] fib6_node                 99KB        144KB
[  179.086587][ T9439] ip6_dst_cache            177KB        398KB
[  179.089697][ T9439] mfc6_cache                 8KB          8KB
[  179.091726][ T9439] PINGv6                    93KB         93KB
[  179.093672][ T9439] RAWv6                    155KB        155KB
[  179.095565][ T9439] UDPLITEv6                 95KB         95KB
[  179.098670][ T9439] UDPv6                    191KB        191KB
[  179.101411][ T9439] tw_sock_TCPv6             23KB         23KB
[  179.104247][ T9439] TCPv6                    425KB        425KB
[  179.107234][ T9439] nf_conntrack              15KB         15KB
[  179.110043][ T9439] wg_peer                  148KB        148KB
[  179.113003][ T9439] allowedips_node           11KB         11KB
[  179.115622][ T9439] ubi_wl_entry_slab          3KB          3KB
[  179.118532][ T9439] t10_alua_lu_gp_cache          7KB          7KB
[  179.121656][ T9439] scsi_sense_cache          48KB         48KB
[  179.124328][ T9439] virtio_scsi_cmd           16KB         16KB
[  179.127404][ T9439] bio-136                   92KB         92KB
[  179.130066][ T9439] io_kiocb                 740KB        820KB
[  179.132690][ T9439] bio-264                   23KB         23KB
[  179.135352][ T9439] mqueue_inode_cache        121KB        121KB
[  179.138426][ T9439] f2fs_bio_post_read_ctx         23KB         23KB
[  179.142157][ T9439] jfs_mp                     7KB          7KB
[  179.145075][ T9439] fuse_request              79KB        118KB
[  179.147893][ T9439] cifs_small_rq             16KB         16KB
[  179.150140][ T9439] cifs_request              67KB         67KB
[  179.152192][ T9439] cifs_mpx_ids               7KB          7KB
[  179.154535][ T9439] cifs_io_subrequest         39KB         39KB
[  179.156567][ T9439] cifs_io_request           95KB         95KB
[  179.159033][ T9439] nfs_commit_data           15KB         15KB
[  179.161011][ T9439] nfs_write_data            63KB         63KB
[  179.162988][ T9439] jbd2_inode                11KB         11KB
[  179.164993][ T9439] ext4_system_zone           3KB          3KB
[  179.167314][ T9439] ext4_io_end_vec           15KB         15KB
[  179.169344][ T9439] kioctx                   127KB        127KB
[  179.171340][ T9439] aio_kiocb                 31KB         31KB
[  179.173327][ T9439] userfaultfd_ctx_cache         63KB         63KB
[  179.175447][ T9439] dnotify_mark              11KB         11KB
[  179.177860][ T9439] dnotify_struct            11KB         11KB
[  179.179765][ T9439] fasync_cache              15KB         15KB
[  179.181669][ T9439] pid_namespace             30KB         30KB
[  179.183548][ T9439] kvm_async_pf               3KB          3KB
[  179.185480][ T9439] kvm_vcpu                 123KB        123KB
[  179.187785][ T9439] kvm_mmu_page_header         62KB         62KB
[  179.189759][ T9439] pte_list_desc             39KB         39KB
[  179.191662][ T9439] x86_emulator             120KB        120KB
[  179.193565][ T9439] rpc_buffers               31KB         31KB
[  179.195452][ T9439] rpc_tasks                  7KB          7KB
[  179.197706][ T9439] UNIX-STREAM              233KB        350KB
[  179.199611][ T9439] UNIX                     391KB        637KB
[  179.201519][ T9439] ip4-frags                  7KB          7KB
[  179.203407][ T9439] mfc_cache                  4KB          4KB
[  179.205321][ T9439] UDP-Lite                 124KB        124KB
[  179.207598][ T9439] MPTCP                    117KB        117KB
[  179.211258][ T9439] tcp_bind2_bucket          16KB         16KB
[  179.213775][ T9439] tcp_bind_bucket           16KB         16KB
[  179.215937][ T9439] inet_peer                  4KB          4KB
[  179.218300][ T9439] xfrm_dst                  55KB         94KB
[  179.220868][ T9439] xfrm_state                63KB         63KB
[  179.223529][ T9439] ip_fib_trie               28KB         28KB
[  179.226188][ T9439] ip_fib_alias              65KB         79KB
[  179.230964][ T9439] rtable                    57KB        120KB
[  179.233959][ T9439] PING                      91KB         91KB
[  179.236660][ T9439] RAW                      151KB        151KB
[  179.239822][ T9439] UDP                      124KB        124KB
[  179.242247][ T9439] tw_sock_TCP               31KB         31KB
[  179.244737][ T9439] request_sock_TCP          15KB         15KB
[  179.247449][ T9439] TCP                      519KB        637KB
[  179.249868][ T9439] hugetlbfs_inode_cache        126KB        126KB
[  179.252657][ T9439] fscache_cookie_jar         15KB         15KB
[  179.255066][ T9439] netfs_subrequest          46KB         46KB
[  179.258186][ T9439] netfs_request            127KB        127KB
[  179.260737][ T9439] bio-280                   15KB         15KB
[  179.263109][ T9439] ep_head                   16KB         16KB
[  179.265662][ T9439] eventpoll_pwq             23KB         23KB
[  179.268449][ T9439] eventpoll_epi             70KB         70KB
[  179.271110][ T9439] inotify_inode_mark         27KB         27KB
[  179.273782][ T9439] sgpool-128                29KB         29KB
[  179.276327][ T9439] sgpool-64                 31KB         31KB
[  179.280364][ T9439] sgpool-32                220KB        220KB
[  179.282976][ T9439] sgpool-16                 62KB         62KB
[  179.285084][ T9439] sgpool-8                  62KB         62KB
[  179.287503][ T9439] bio_crypt_ctx              7KB          7KB
[  179.290089][ T9439] bio_integrity_data          4KB          4KB
[  179.292612][ T9439] request_queue            255KB        255KB
[  179.295019][ T9439] blkdev_ioc                31KB         31KB
[  179.297327][ T9439] bio-200                  159KB        203KB
[  179.299225][ T9439] biovec-max               637KB        807KB
[  179.301728][ T9439] biovec-128                31KB         31KB
[  179.304150][ T9439] biovec-64                157KB        157KB
[  179.306356][ T9439] biovec-16                 31KB         31KB
[  179.309056][ T9439] khugepaged_mm_slot         15KB         15KB
[  179.311612][ T9439] ksm_mm_slot               12KB         12KB
[  179.313995][ T9439] user_namespace            15KB         15KB
[  179.315934][ T9439] uid_cache                 31KB         31KB
[  179.318104][ T9439] iommu_iova_magazine       1008KB       1008KB
[  179.320192][ T9439] iommu_iova               188KB        188KB
[  179.322179][ T9439] dmaengine-unmap-256         30KB         30KB
[  179.324187][ T9439] dmaengine-unmap-128         30KB         30KB
[  179.326167][ T9439] dmaengine-unmap-16          4KB          4KB
[  179.328268][ T9439] dmaengine-unmap-2          4KB          4KB
[  179.330696][ T9439] QIPCRTR                  126KB        126KB
[  179.333207][ T9439] audit_buffer              15KB         15KB
[  179.335685][ T9439] skbuff_ext_cache          36KB         36KB
[  179.337769][ T9439] skbuff_small_head       2561KB       2608KB
[  179.339763][ T9439] skbuff_fclone_cache        360KB        468KB
[  179.341926][ T9439] skbuff_head_cache       1150KB       1164KB
[  179.343834][ T9439] configfs_dir_cache         16KB         16KB
[  179.345782][ T9439] file_lease_cache          55KB         55KB
[  179.347743][ T9439] file_lock_cache           39KB         39KB
[  179.349688][ T9439] file_lock_ctx             19KB         19KB
[  179.351588][ T9439] fsnotify_mark_connector         15KB         15KB
[  179.353720][ T9439] posix_timers_cache         32KB         32KB
[  179.355640][ T9439] taskstats                 61KB         61KB
[  179.358084][ T9439] mem_cgroup_per_node         74KB         92KB
[  179.360178][ T9439] mem_cgroup                87KB         87KB
[  179.362131][ T9439] proc_dir_entry           694KB        726KB
[  179.364156][ T9439] pde_opener                15KB         15KB
[  179.366217][ T9439] seq_file                  93KB        132KB
[  179.368235][ T9439] sigqueue                  63KB         66KB
[  179.370196][ T9439] shmem_inode_cache       8102KB       8190KB
[  179.372124][ T9439] kernfs_iattrs_cache         15KB         15KB
[  179.374094][ T9439] kernfs_node_cache      25863KB      25866KB
[  179.376080][ T9439] mnt_cache                122KB        133KB
[  179.378179][ T9439] bfilp                     15KB         15KB
[  179.380509][ T9439] filp                     516KB        622KB
[  179.382865][ T9439] names_cache             7131KB       7514KB
[  179.385339][ T9439] net_namespace            135KB        135KB
[  179.388073][ T9439] ima_iint_cache            55KB         55KB
[  179.390354][ T9439] lsm_inode_cache         1400KB       1752KB
[  179.392408][ T9439] lsm_file_cache           169KB        212KB
[  179.394893][ T9439] key_jar                   31KB         31KB
[  179.397596][ T9439] uts_namespace             31KB         31KB
[  179.400205][ T9439] nsproxy                   27KB         27KB
[  179.402768][ T9439] vm_area_struct           953KB       1023KB
[  179.405319][ T9439] fs_cache                  72KB        108KB
[  179.407949][ T9439] files_cache              262KB        334KB
[  179.410587][ T9439] signal_cache             914KB       1670KB
[  179.413088][ T9439] sighand_cache           1107KB       2074KB
[  179.415470][ T9439] task_struct             4630KB       4839KB
[  179.418242][ T9439] cred                     174KB        344KB
[  179.420793][ T9439] anon_vma_chain           262KB        299KB
[  179.423168][ T9439] anon_vma                 315KB        486KB
[  179.425614][ T9439] pid                      218KB        393KB
[  179.428211][ T9439] Acpi-Operand             227KB        332KB
[  179.430722][ T9439] Acpi-ParseExt             63KB         90KB
[  179.433306][ T9439] Acpi-Parse                43KB         83KB
[  179.435848][ T9439] Acpi-State                90KB        126KB
[  179.438065][ T9439] Acpi-Namespace            56KB         56KB
[  179.440001][ T9439] shared_policy_node          4KB          4KB
[  179.442074][ T9439] numa_policy                7KB          7KB
[  179.445661][ T9439] perf_event                31KB         31KB
[  179.447838][ T9439] trace_event_file         540KB        540KB
[  179.449764][ T9439] ftrace_event_field       1008KB       1008KB
[  179.451933][ T9439] pool_workqueue          1884KB       1888KB
[  179.453858][ T9439] maple_node               942KB       1392KB
[  179.455904][ T9439] task_group                30KB         30KB
[  179.458139][ T9439] mm_struct                389KB        591KB
[  179.460041][ T9439] vmap_area                370KB        534KB
[  179.461988][ T9439] debug_objects_cache       3012KB       3253KB
[  179.463945][ T9439] page->ptl                156KB        181KB
[  179.465866][ T9439] kmalloc-cg-8k           1424KB       1664KB
[  179.467974][ T9439] kmalloc-cg-4k          12672KB      12864KB
[  179.469928][ T9439] kmalloc-cg-2k           8548KB       8800KB
[  179.471818][ T9439] kmalloc-cg-1k           1734KB       1888KB
[  179.473730][ T9439] kmalloc-cg-512          1323KB       1364KB
[  179.475633][ T9439] kmalloc-cg-256           437KB        480KB
[  179.477799][ T9439] kmalloc-cg-128           208KB        224KB
[  179.479800][ T9439] kmalloc-cg-64             91KB        120KB
[  179.481894][ T9439] kmalloc-cg-32             80KB        160KB
[  179.483800][ T9439] kmalloc-cg-16             28KB         28KB
[  179.485725][ T9439] kmalloc-cg-8              28KB         28KB
[  179.487770][ T9439] kmalloc-cg-192           112KB        128KB
[  179.489710][ T9439] kmalloc-cg-96             48KB         52KB
[  179.491674][ T9439] kmalloc-8k              5040KB       5280KB
[  179.493582][ T9439] kmalloc-4k             16312KB      16720KB
[  179.495470][ T9439] kmalloc-2k             25428KB      25504KB
[  179.497524][ T9439] kmalloc-1k              7076KB       8448KB
[  179.499497][ T9439] kmalloc-512             8969KB       9248KB
[  179.501410][ T9439] kmalloc-256             3713KB       4088KB
[  179.503381][ T9439] kmalloc-128              840KB       1024KB
[  179.505365][ T9439] kmalloc-64              6499KB       8236KB
[  179.507452][ T9439] kmalloc-32              1909KB       2220KB
[  179.509655][ T9439] kmalloc-16               492KB        504KB
[  179.511562][ T9439] kmalloc-8                391KB        440KB
[  179.513536][ T9439] kmalloc-192             1427KB       1440KB
[  179.517223][ T9439] kmalloc-96              1357KB       1524KB
[  179.519167][ T9439] kmem_cache_node          216KB        220KB
[  179.521435][ T9439] kmem_cache               195KB        195KB
[  179.523363][ T9439] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz3,task=syz.3.868,pid=9439,uid=0
[  179.529881][ T9439] Out of memory (oom_kill_allocating_task): Killed process 9438 (syz.3.868) total-vm:101824kB, anon-rss:128kB, file-rss:22720kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000
[  179.655945][ T9484] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  179.657834][ T9484] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  179.660836][ T9484] vhci_hcd vhci_hcd.0: Device attached
[  179.830835][ T9492] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  179.876603][ T9485] vhci_hcd: connection closed
[  179.876712][   T12] vhci_hcd: stop threads
[  179.880250][   T12] vhci_hcd: release socket
[  179.881722][   T12] vhci_hcd: disconnect device
[  179.887935][ T9497] netlink: 'syz.2.885': attribute type 5 has an invalid length.
[  179.937263][  T840] usb 40-1: enqueue for inactive port 0
[  180.302647][ T9509] lo speed is unknown, defaulting to 1000
[  180.306686][ T9509] lo speed is unknown, defaulting to 1000
[  180.427355][  T840] usb usb40-port1: attempt power cycle
[  180.429761][ T1471] kernel read not supported for file /dsp1 (pid: 1471 comm: kworker/3:2)
[  180.679632][ T9524] lo speed is unknown, defaulting to 1000
[  180.688679][ T9524] lo speed is unknown, defaulting to 1000
[  180.713457][ T9530] netlink: 12 bytes leftover after parsing attributes in process `syz.1.890'.
[  180.731972][ T9531] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$���UL�vy��آ
�D��UD�w�}�z
[  180.997881][  T840] usb usb40-port1: unable to enumerate USB device
[  181.214438][ T9538] batman_adv: batadv0: Adding interface: ipvlan0
[  181.217148][ T9538] batman_adv: batadv0: The MTU of interface ipvlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  181.231070][ T9538] batman_adv: batadv0: Interface activated: ipvlan0
[  181.431221][ T9546] lo speed is unknown, defaulting to 1000
[  181.439340][ T9546] lo speed is unknown, defaulting to 1000
[  181.659374][ T9552] netlink: 20 bytes leftover after parsing attributes in process `syz.0.896'.
[  182.186943][   T53] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  182.339072][   T53] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  182.342600][   T53] usb 8-1: config 64 has 1 interface, different from the descriptor's value: 9
[  182.345546][   T53] usb 8-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  182.349403][   T53] usb 8-1: config 64 interface 0 has no altsetting 0
[  182.352466][   T53] usb 8-1: config 64 has 1 interface, different from the descriptor's value: 9
[  182.355309][   T53] usb 8-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  182.360537][   T53] usb 8-1: config 64 interface 0 has no altsetting 0
[  182.363513][   T53] usb 8-1: config 64 has 1 interface, different from the descriptor's value: 9
[  182.366511][   T53] usb 8-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  182.370867][   T53] usb 8-1: config 64 interface 0 has no altsetting 0
[  182.375546][   T53] usb 8-1: config 64 has 1 interface, different from the descriptor's value: 9
[  182.379750][   T53] usb 8-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  182.383854][   T53] usb 8-1: config 64 interface 0 has no altsetting 0
[  182.386838][   T53] usb 8-1: config 64 has 1 interface, different from the descriptor's value: 9
[  182.389639][   T53] usb 8-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  182.393980][   T53] usb 8-1: config 64 interface 0 has no altsetting 0
[  182.397870][   T53] usb 8-1: config 64 has 1 interface, different from the descriptor's value: 9
[  182.401253][   T53] usb 8-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  182.404677][   T53] usb 8-1: config 64 interface 0 has no altsetting 0
[  182.408083][   T53] usb 8-1: config 64 has 1 interface, different from the descriptor's value: 9
[  182.411619][   T53] usb 8-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  182.415770][   T53] usb 8-1: config 64 interface 0 has no altsetting 0
[  182.419315][   T53] usb 8-1: config 64 has 1 interface, different from the descriptor's value: 9
[  182.422764][   T53] usb 8-1: config 64 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  182.427286][   T53] usb 8-1: config 64 interface 0 has no altsetting 0
[  182.431663][   T53] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  182.434868][   T53] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  182.438409][   T53] usb 8-1: Product: syz
[  182.440014][   T53] usb 8-1: Manufacturer: syz
[  182.441818][   T53] usb 8-1: SerialNumber: syz
[  182.450717][   T53] yurex 8-1:64.0: USB YUREX device now attached to Yurex #0
[  182.653377][   T53] usb 8-1: USB disconnect, device number 14
[  182.657439][   T53] yurex 8-1:64.0: USB YUREX #0 now disconnected
[  182.718920][ T9572] netlink: 4 bytes leftover after parsing attributes in process `syz.1.901'.
[  182.722461][ T9572] netlink: 4 bytes leftover after parsing attributes in process `syz.1.901'.
[  182.725606][ T9572] netlink: 4 bytes leftover after parsing attributes in process `syz.1.901'.
[  183.720061][ T9598] netlink: 16 bytes leftover after parsing attributes in process `syz.2.906'.
[  183.860291][ T9600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.863987][ T9600] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  184.107207][  T840] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  184.270366][  T840] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  184.274101][  T840] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  184.277754][  T840] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  184.280822][  T840] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  184.284813][  T840] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  184.287705][  T840] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.295838][  T840] usb 6-1: config 0 descriptor??
[  184.670823][ T9616] netlink: 160 bytes leftover after parsing attributes in process `syz.0.913'.
[  184.913025][  T840] usbhid 6-1:0.0: can't add hid device: -71
[  184.914967][  T840] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  184.918996][  T840] usb 6-1: USB disconnect, device number 18
[  185.146856][ T5350] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  185.299418][ T5350] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  185.302350][ T5350] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  185.305663][ T5350] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  185.308865][ T5350] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  185.312572][ T5350] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  185.317447][ T5350] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  185.320458][ T5350] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  185.323226][ T5350] usb 7-1: Product: syz
[  185.324460][ T5350] usb 7-1: Manufacturer: syz
[  185.330054][ T5350] cdc_wdm 7-1:1.0: skipping garbage
[  185.331800][ T5350] cdc_wdm 7-1:1.0: skipping garbage
[  185.336502][ T5350] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  185.340085][ T5350] cdc_wdm 7-1:1.0: Unknown control protocol
[  185.960087][ T9621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  185.964437][ T9621] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  185.973693][   T34] usb 7-1: USB disconnect, device number 12
[  186.138038][ T7204] udevd[7204]: symlink '../../loop6' '/dev/disk/by-diskseq/83.tmp-b7:6' failed: Read-only file system
[  186.302598][ T9644] syz.3.920 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  186.434154][ T9645] lo speed is unknown, defaulting to 1000
[  186.441016][ T9645] lo speed is unknown, defaulting to 1000
[  186.826866][   T40] kauditd_printk_skb: 26 callbacks suppressed
[  186.826884][   T40] audit: type=1804 audit(1756803990.878:116): pid=9667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.928" name="/newroot/228/cgroup.controllers" dev="tmpfs" ino=1270 res=1 errno=0
[  186.839117][   T40] audit: type=1800 audit(1756803990.898:117): pid=9667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.928" name="cgroup.controllers" dev="tmpfs" ino=1270 res=0 errno=0
[  186.850638][   T40] audit: type=1800 audit(1756803990.898:118): pid=9667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.928" name="cgroup.controllers" dev="tmpfs" ino=1270 res=0 errno=0
[  187.121541][ T9670] input: syz0 as /devices/virtual/input/input17
[  187.468912][ T9673] netlink: 'syz.1.930': attribute type 1 has an invalid length.
[  187.539414][ T9682] fuse: Unknown parameter 'f�'
[  188.913689][ T9726] netlink: 8 bytes leftover after parsing attributes in process `syz.0.947'.
[  188.916504][ T9726] netlink: 24 bytes leftover after parsing attributes in process `syz.0.947'.
[  188.920692][ T9726] netlink: 24 bytes leftover after parsing attributes in process `syz.0.947'.
[  189.100069][ T9738] netlink: 88 bytes leftover after parsing attributes in process `syz.0.949'.
[  189.357935][  T840] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  189.516876][  T840] usb 6-1: Using ep0 maxpacket: 16
[  189.520068][  T840] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  189.523370][  T840] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.527364][  T840] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  189.530579][  T840] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  189.535801][  T840] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  189.538729][  T840] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  189.541491][  T840] usb 6-1: SerialNumber: syz
[  189.545295][  T840] hub 6-1:1.0: bad descriptor, ignoring hub
[  189.547290][  T840] hub 6-1:1.0: probe with driver hub failed with error -5
[  189.550148][  T840] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22
[  190.612903][ T9752] netlink: 12 bytes leftover after parsing attributes in process `syz.2.954'.
[  190.671219][ T9752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.954'.
[  190.771269][ T7204] udevd[7204]: symlink '../../loop6' '/dev/disk/by-diskseq/83.tmp-b7:6' failed: Read-only file system
[  191.055106][ T9761] netlink: 12 bytes leftover after parsing attributes in process `syz.3.955'.
[  191.099534][ T9738] kexec: Could not allocate control_code_buffer
[  191.209334][ T9781] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  191.817048][   T34] usb 6-1: USB disconnect, device number 19
[  192.174887][ T9805] lo speed is unknown, defaulting to 1000
[  192.178798][ T9805] lo speed is unknown, defaulting to 1000
[  192.400230][ T9805] netlink: 'syz.0.967': attribute type 13 has an invalid length.
[  192.407215][ T9805] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  192.973828][ T9816] netlink: 72 bytes leftover after parsing attributes in process `syz.3.970'.
[  192.979346][ T9816] netlink: 4 bytes leftover after parsing attributes in process `syz.3.970'.
[  193.213602][ T9827] netlink: 252 bytes leftover after parsing attributes in process `syz.2.973'.
[  193.246676][ T9828] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  193.752281][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  193.760667][ T9838] batadv1: entered allmulticast mode
[  193.898304][ T9829] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  193.954493][ T9839] input: syz0 as /devices/virtual/input/input18
[  194.246936][   T34] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  194.397007][   T34] usb 8-1: Using ep0 maxpacket: 32
[  194.400843][   T34] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  194.404409][   T34] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  194.409732][   T34] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  194.415206][   T34] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  194.420923][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  194.428233][   T34] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  194.431424][   T34] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  194.435204][   T34] usb 8-1: Product: syz
[  194.437807][   T34] usb 8-1: Manufacturer: syz
[  194.439738][   T34] usb 8-1: SerialNumber: syz
[  194.443767][   T34] usb 8-1: config 0 descriptor??
[  194.451020][   T34] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  194.457526][   T34] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  194.526167][   T40] audit: type=1326 audit(1756803998.578:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9858 comm="syz.1.981" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0
[  194.662033][   T10] usb 8-1: USB disconnect, device number 15
[  194.669044][   T10] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  195.107345][   T34] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  195.256861][   T34] usb 8-1: Using ep0 maxpacket: 32
[  195.260317][   T34] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  195.263476][   T34] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  195.267990][   T34] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  195.272242][   T34] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  195.277490][   T34] usb 8-1: config 0 interface 0 has no altsetting 0
[  195.281582][   T34] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  195.284328][   T34] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  195.287214][   T34] usb 8-1: Product: syz
[  195.288654][   T34] usb 8-1: Manufacturer: syz
[  195.290145][   T34] usb 8-1: SerialNumber: syz
[  195.292702][   T34] usb 8-1: config 0 descriptor??
[  195.297490][   T34] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  195.302778][   T34] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  195.757285][  T840] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  196.006872][  T840] usb 7-1: Using ep0 maxpacket: 16
[  196.010112][  T840] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  196.013354][  T840] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.016756][  T840] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  196.021799][  T840] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  196.024709][  T840] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  196.027528][  T840] usb 7-1: SerialNumber: syz
[  196.032844][  T840] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[  196.103026][ T9892] ==================================================================
[  196.105623][ T9892] BUG: KASAN: slab-use-after-free in xfrm_state_find+0x7401/0x84c0
[  196.108099][ T9892] Read of size 1 at addr ffff888013250770 by task syz.0.986/9892
[  196.111167][ T9892] 
[  196.112487][ T9892] CPU: 1 UID: 0 PID: 9892 Comm: syz.0.986 Not tainted syzkaller #0 PREEMPT(full) 
[  196.112500][ T9892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  196.112507][ T9892] Call Trace:
[  196.112511][ T9892]  <TASK>
[  196.112516][ T9892]  dump_stack_lvl+0x116/0x1f0
[  196.112532][ T9892]  print_report+0xcd/0x630
[  196.112547][ T9892]  ? __virt_addr_valid+0x81/0x610
[  196.112561][ T9892]  ? __phys_addr+0xe8/0x180
[  196.112574][ T9892]  ? xfrm_state_find+0x7401/0x84c0
[  196.112588][ T9892]  kasan_report+0xe0/0x110
[  196.112603][ T9892]  ? xfrm_state_find+0x7401/0x84c0
[  196.112617][ T9892]  xfrm_state_find+0x7401/0x84c0
[  196.112631][ T9892]  ? arch_stack_walk+0xa6/0x100
[  196.112646][ T9892]  ? __pfx_xfrm_state_find+0x10/0x10
[  196.112659][ T9892]  ? __lock_acquire+0xb97/0x1ce0
[  196.112674][ T9892]  ? kvm_sched_clock_read+0x11/0x20
[  196.112685][ T9892]  ? sched_clock+0x38/0x60
[  196.112699][ T9892]  ? lock_acquire+0x179/0x350
[  196.112712][ T9892]  xfrm_resolve_and_create_bundle+0x4cd/0x3740
[  196.112731][ T9892]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  196.112754][ T9892]  ? xfrm_expand_policies.constprop.0+0x252/0x6a0
[  196.112770][ T9892]  xfrm_lookup_with_ifid+0x2a0/0x1e40
[  196.112790][ T9892]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  196.112805][ T9892]  ? __rcu_read_unlock+0x2bc/0x550
[  196.112819][ T9892]  ? ip_route_output_key_hash+0x16b/0x2e0
[  196.112836][ T9892]  xfrm_lookup_route+0x3b/0x200
[  196.112851][ T9892]  ip_route_output_flow+0x11e/0x150
[  196.112863][ T9892]  udp_sendmsg+0x1af9/0x2870
[  196.112878][ T9892]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  196.112893][ T9892]  ? __pfx_udp_sendmsg+0x10/0x10
[  196.112911][ T9892]  ? aa_sk_perm+0x2f4/0xb10
[  196.112927][ T9892]  ? __pfx_udp_sendmsg+0x10/0x10
[  196.112941][ T9892]  inet_sendmsg+0x105/0x140
[  196.112952][ T9892]  ____sys_sendmsg+0x973/0xc70
[  196.112962][ T9892]  ? __pfx_____sys_sendmsg+0x10/0x10
[  196.112971][ T9892]  ? get_compat_msghdr+0x11a/0x170
[  196.112985][ T9892]  ? futex_unqueue+0x133/0x2c0
[  196.112998][ T9892]  ___sys_sendmsg+0x134/0x1d0
[  196.113012][ T9892]  ? __pfx____sys_sendmsg+0x10/0x10
[  196.113033][ T9892]  __sys_sendmmsg+0x2f9/0x420
[  196.113047][ T9892]  ? __pfx___sys_sendmmsg+0x10/0x10
[  196.113062][ T9892]  ? bpf_trace_run2+0x26b/0x590
[  196.113102][ T9892]  ? __might_fault+0x13b/0x190
[  196.113121][ T9892]  ? find_held_lock+0x2b/0x80
[  196.113132][ T9892]  ? syscall_trace_enter+0x1cb/0x240
[  196.113149][ T9892]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  196.113164][ T9892]  __do_fast_syscall_32+0x7c/0x3a0
[  196.113180][ T9892]  do_fast_syscall_32+0x32/0x80
[  196.113194][ T9892]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  196.113207][ T9892] RIP: 0023:0xf706e579
[  196.113215][ T9892] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  196.113225][ T9892] RSP: 002b:00000000f541c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  196.113236][ T9892] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080007fc0
[  196.113242][ T9892] RDX: 000000000800001d RSI: 000000000000001c RDI: 0000000000000000
[  196.113248][ T9892] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  196.113254][ T9892] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  196.113260][ T9892] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  196.113269][ T9892]  </TASK>
[  196.113272][ T9892] 
[  196.218157][ T9892] Allocated by task 8172:
[  196.219534][ T9892]  kasan_save_stack+0x33/0x60
[  196.221032][ T9892]  kasan_save_track+0x14/0x30
[  196.222528][ T9892]  __kasan_slab_alloc+0x89/0x90
[  196.224055][ T9892]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  196.225819][ T9892]  xfrm_state_alloc+0x23/0x5c0
[  196.227332][ T9892]  __find_acq_core+0xb59/0x2900
[  196.228877][ T9892]  xfrm_find_acq+0x7b/0xa0
[  196.230294][ T9892]  xfrm_alloc_userspi+0x58e/0xbb0
[  196.231891][ T9892]  xfrm_user_rcv_msg+0x4fe/0xb60
[  196.233470][ T9892]  netlink_rcv_skb+0x158/0x420
[  196.235010][ T9892]  xfrm_netlink_rcv+0x71/0x90
[  196.236530][ T9892]  netlink_unicast+0x5a7/0x870
[  196.238064][ T9892]  netlink_sendmsg+0x8d1/0xdd0
[  196.239579][ T9892]  ____sys_sendmsg+0xa98/0xc70
[  196.241102][ T9892]  ___sys_sendmsg+0x134/0x1d0
[  196.242607][ T9892]  __sys_sendmsg+0x16d/0x220
[  196.244085][ T9892]  __do_fast_syscall_32+0x7c/0x3a0
[  196.245722][ T9892]  do_fast_syscall_32+0x32/0x80
[  196.247292][ T9892]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  196.249288][ T9892] 
[  196.250061][ T9892] Freed by task 24:
[  196.251282][ T9892]  kasan_save_stack+0x33/0x60
[  196.252784][ T9892]  kasan_save_track+0x14/0x30
[  196.254282][ T9892]  kasan_save_free_info+0x3b/0x60
[  196.255883][ T9892]  __kasan_slab_free+0x60/0x70
[  196.257414][ T9892]  kmem_cache_free+0x2d1/0x4d0
[  196.258934][ T9892]  xfrm_state_gc_task+0x50a/0x770
[  196.260528][ T9892]  process_one_work+0x9cf/0x1b70
[  196.262112][ T9892]  worker_thread+0x6c8/0xf10
[  196.263575][ T9892]  kthread+0x3c5/0x780
[  196.264895][ T9892]  ret_from_fork+0x5d7/0x6f0
[  196.266426][ T9892]  ret_from_fork_asm+0x1a/0x30
[  196.267937][ T9892] 
[  196.268688][ T9892] The buggy address belongs to the object at ffff888013250440
[  196.268688][ T9892]  which belongs to the cache xfrm_state of size 928
[  196.272762][ T9892] The buggy address is located 816 bytes inside of
[  196.272762][ T9892]  freed 928-byte region [ffff888013250440, ffff8880132507e0)
[  196.276906][ T9892] 
[  196.277641][ T9892] The buggy address belongs to the physical page:
[  196.279540][ T9892] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888013250880 pfn:0x13250
[  196.282522][ T9892] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  196.285123][ T9892] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  196.287503][ T9892] page_type: f5(slab)
[  196.288750][ T9892] raw: 00fff00000000040 ffff88804133e280 dead000000000122 0000000000000000
[  196.291253][ T9892] raw: ffff888013250880 00000000801e001a 00000000f5000000 0000000000000000
[  196.293923][ T9892] head: 00fff00000000040 ffff88804133e280 dead000000000122 0000000000000000
[  196.296540][ T9892] head: ffff888013250880 00000000801e001a 00000000f5000000 0000000000000000
[  196.299190][ T9892] head: 00fff00000000003 ffffea00004c9401 00000000ffffffff 00000000ffffffff
[  196.301777][ T9892] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  196.304421][ T9892] page dumped because: kasan: bad access detected
[  196.306414][ T9892] page_owner tracks the page as allocated
[  196.308143][ T9892] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 7669, tgid 7665 (syz.1.384), ts 121916267149, free_ts 121875768235
[  196.314274][ T9892]  post_alloc_hook+0x1c0/0x230
[  196.316016][ T9892]  get_page_from_freelist+0x132b/0x38e0
[  196.317801][ T9892]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  196.319671][ T9892]  alloc_pages_mpol+0x1fb/0x550
[  196.321209][ T9892]  new_slab+0x247/0x330
[  196.322523][ T9892]  ___slab_alloc+0xcf2/0x1740
[  196.324011][ T9892]  __slab_alloc.constprop.0+0x56/0xb0
[  196.325712][ T9892]  kmem_cache_alloc_noprof+0xef/0x3b0
[  196.327448][ T9892]  xfrm_state_alloc+0x23/0x5c0
[  196.328968][ T9892]  pfkey_add+0x5fe/0x2ec0
[  196.330336][ T9892]  pfkey_process+0x6d9/0x840
[  196.331806][ T9892]  pfkey_sendmsg+0x435/0x850
[  196.333282][ T9892]  ____sys_sendmsg+0xa98/0xc70
[  196.334799][ T9892]  ___sys_sendmsg+0x134/0x1d0
[  196.336316][ T9892]  __sys_sendmsg+0x16d/0x220
[  196.337799][ T9892]  __do_fast_syscall_32+0x7c/0x3a0
[  196.339416][ T9892] page last free pid 7668 tgid 7668 stack trace:
[  196.341389][ T9892]  __free_frozen_pages+0x7d5/0x10f0
[  196.343006][ T9892]  __put_partials+0x165/0x1c0
[  196.344481][ T9892]  qlist_free_all+0x4d/0x120
[  196.345947][ T9892]  kasan_quarantine_reduce+0x195/0x1e0
[  196.347655][ T9892]  __kasan_slab_alloc+0x69/0x90
[  196.349204][ T9892]  __kmalloc_noprof+0x1d4/0x510
[  196.350684][ T9892]  load_elf_phdrs+0x102/0x210
[  196.352131][ T9892]  load_elf_binary+0x24d/0x4fe0
[  196.353644][ T9892]  bprm_execve+0x8bb/0x1640
[  196.355074][ T9892]  kernel_execve+0x2ef/0x3b0
[  196.356557][ T9892]  call_usermodehelper_exec_async+0x255/0x4c0
[  196.358550][ T9892]  ret_from_fork+0x5d7/0x6f0
[  196.359988][ T9892]  ret_from_fork_asm+0x1a/0x30
[  196.361337][ T9892] 
[  196.362127][ T9892] Memory state around the buggy address:
[  196.364265][ T9892]  ffff888013250600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  196.366716][ T9892]  ffff888013250680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  196.369108][ T9892] >ffff888013250700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  196.371577][ T9892]                                                              ^
[  196.373886][ T9892]  ffff888013250780: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  196.376304][ T9892]  ffff888013250800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  196.378710][ T9892] ==================================================================
[  196.384833][ T9874] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  196.431277][ T9892] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  196.433500][ T9892] CPU: 1 UID: 0 PID: 9892 Comm: syz.0.986 Not tainted syzkaller #0 PREEMPT(full) 
[  196.436244][ T9892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  196.439546][ T9892] Call Trace:
[  196.440567][ T9892]  <TASK>
[  196.441508][ T9892]  dump_stack_lvl+0x3d/0x1f0
[  196.442948][ T9892]  vpanic+0x6e8/0x7a0
[  196.444190][ T9892]  ? __pfx_vpanic+0x10/0x10
[  196.445617][ T9892]  ? __pfx_vprintk_emit+0x10/0x10
[  196.447210][ T9892]  ? xfrm_state_find+0x7401/0x84c0
[  196.448813][ T9892]  panic+0xca/0xd0
[  196.450015][ T9892]  ? __pfx_panic+0x10/0x10
[  196.451382][ T9892]  ? xfrm_state_find+0x7401/0x84c0
[  196.452804][ T9892]  ? preempt_schedule_common+0x44/0xc0
[  196.454436][ T9892]  ? preempt_schedule_thunk+0x16/0x30
[  196.456070][ T9892]  check_panic_on_warn+0xab/0xb0
[  196.457619][ T9892]  end_report+0x107/0x170
[  196.458942][ T9892]  kasan_report+0xee/0x110
[  196.460346][ T9892]  ? xfrm_state_find+0x7401/0x84c0
[  196.461954][ T9892]  xfrm_state_find+0x7401/0x84c0
[  196.463507][ T9892]  ? arch_stack_walk+0xa6/0x100
[  196.465045][ T9892]  ? __pfx_xfrm_state_find+0x10/0x10
[  196.466687][ T9892]  ? __lock_acquire+0xb97/0x1ce0
[  196.468245][ T9892]  ? kvm_sched_clock_read+0x11/0x20
[  196.469877][ T9892]  ? sched_clock+0x38/0x60
[  196.471283][ T9892]  ? lock_acquire+0x179/0x350
[  196.472770][ T9892]  xfrm_resolve_and_create_bundle+0x4cd/0x3740
[  196.474705][ T9892]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  196.476779][ T9892]  ? xfrm_expand_policies.constprop.0+0x252/0x6a0
[  196.478783][ T9892]  xfrm_lookup_with_ifid+0x2a0/0x1e40
[  196.480478][ T9892]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  196.482323][ T9892]  ? __rcu_read_unlock+0x2bc/0x550
[  196.483958][ T9892]  ? ip_route_output_key_hash+0x16b/0x2e0
[  196.485761][ T9892]  xfrm_lookup_route+0x3b/0x200
[  196.487301][ T9892]  ip_route_output_flow+0x11e/0x150
[  196.488932][ T9892]  udp_sendmsg+0x1af9/0x2870
[  196.490401][ T9892]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  196.492129][ T9892]  ? __pfx_udp_sendmsg+0x10/0x10
[  196.493851][ T9892]  ? aa_sk_perm+0x2f4/0xb10
[  196.495346][ T9892]  ? __pfx_udp_sendmsg+0x10/0x10
[  196.496948][ T9892]  inet_sendmsg+0x105/0x140
[  196.498381][ T9892]  ____sys_sendmsg+0x973/0xc70
[  196.499879][ T9892]  ? __pfx_____sys_sendmsg+0x10/0x10
[  196.501532][ T9892]  ? get_compat_msghdr+0x11a/0x170
[  196.503135][ T9892]  ? futex_unqueue+0x133/0x2c0
[  196.504653][ T9892]  ___sys_sendmsg+0x134/0x1d0
[  196.506168][ T9892]  ? __pfx____sys_sendmsg+0x10/0x10
[  196.507823][ T9892]  __sys_sendmmsg+0x2f9/0x420
[  196.509316][ T9892]  ? __pfx___sys_sendmmsg+0x10/0x10
[  196.510944][ T9892]  ? bpf_trace_run2+0x26b/0x590
[  196.512471][ T9892]  ? __might_fault+0x13b/0x190
[  196.513985][ T9892]  ? find_held_lock+0x2b/0x80
[  196.515465][ T9892]  ? syscall_trace_enter+0x1cb/0x240
[  196.517190][ T9892]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  196.518928][ T9892]  __do_fast_syscall_32+0x7c/0x3a0
[  196.520546][ T9892]  do_fast_syscall_32+0x32/0x80
[  196.522063][ T9892]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  196.524027][ T9892] RIP: 0023:0xf706e579
[  196.525322][ T9892] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  196.531227][ T9892] RSP: 002b:00000000f541c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  196.533798][ T9892] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080007fc0
[  196.536230][ T9892] RDX: 000000000800001d RSI: 000000000000001c RDI: 0000000000000000
[  196.538681][ T9892] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  196.541120][ T9892] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  196.543561][ T9892] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  196.546017][ T9892]  </TASK>
[  196.547686][ T9892] Kernel Offset: disabled
[  196.549031][ T9892] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:06:40  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000466eeb RBX=0000000000000000 RCX=ffffffff8b90dbf9 RDX=0000000000000000
RSI=ffffffff8de4d2e1 RDI=ffffffff8c162e00 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08
R8 =0000000000000001 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab8890 R15=0000000000000000
RIP=ffffffff8b90c75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73a06c4 CR3=000000006625f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000036 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff856170b5 RDI=ffffffff9b0fc700 RBP=ffffffff9b0fc6c0 RSP=ffffc9000751ea80
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000036 R14=ffffffff9b0fc6c0 R15=ffffffff85617050
RIP=ffffffff856170df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880975c0000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000003240bff8 CR3=0000000072319000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=ffffffff8a3688d0 RBX=0000000000000000 RCX=0000000080000002 RDX=0000000000000000
RSI=ffffc9000750fd58 RDI=ffff888012b8ce00 RBP=ffffc9000750fd58 RSP=ffffc9000750f9b8
R8 =0000000000000005 R9 =0000000000000000 R10=00000000000039e6 R11=0000000000000000
R12=ffff888012b8ce00 R13=0000000080073d80 R14=ffffc9000750fd9c R15=0000000080000002
RIP=ffffffff8a3688d4 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880976c0000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000323eeff8 CR3=0000000072319000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000000e000 Opmask01=0000000000000000 Opmask02=00000000ffff7fdf Opmask03=0000000001041000
Opmask04=00000000ffffdfff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055dd4444f3b0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055dd444520c0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff1357f1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d31bc0fa1acdf50 737373762ea73720
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737371a2 011c035e1c1a0701
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312d372f37627375 2f322e6463685f79 6d6d75642f6d726f 6674616c702f7365
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 005600051f40494c 43055c5155484005 424b4c55554c4e53 004057005b1a0f00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e42cf7cd2dfac23 000000055dd44457 00000000000000e1 0000000000000030
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000002d1 726f702d6f697472 0036326c6c696b00 306d656d702f6b63
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 322e392d3533712d 63707276703a2939 3030322c39484349 2b35335128435064
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261646e6174536e 703a554d45516e76 733a302e3072623a 343130322f31302f
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70627e322d33 2e36312e312d6e61 696265642d332e36
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000002b7ae7 RBX=0000000000000003 RCX=ffffffff8b90dbf9 RDX=0000000000000000
RSI=ffffffff8de4d2e1 RDI=ffffffff8c162e00 RBP=ffffed100386a000 RSP=ffffc9000048fdf8
R8 =0000000000000001 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000000
R12=0000000000000003 R13=ffff88801c350000 R14=ffffffff90ab8890 R15=0000000000000000
RIP=ffffffff8b90c75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000ffc0de40 CR3=0000000071fd2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefefc00 Opmask01=0000000000004211 Opmask02=0000000001010017 Opmask03=0000000010008081
Opmask04=00000000ffffdfff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055dd444557f0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055dd4443ccb0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ff1357f1b20
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e754f4645425d05 1a474f475a054149
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 454648051a041a4f 494b5a594f474b44
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312d372f37627375 2f322e6463685f79 6d6d75642f6d726f 6674616c702f7365
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 574a430502560002 0540494c43055600 0541405144405746 000a56001f47000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7361647c2a737369 63637c2a65686361 63627c2a6476787c 2a64767c2a64737c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055dd35450600 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 322e392d3533712d 63707276703a5f39 3030322c39484349 2b3533515f435064
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261646e6174536e 703a554d45516e76 733a302e3072623a 343130322f31302f
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70625f322d33 2e36312e312d6e61 696265642d332e36
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000702 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000