last executing test programs:

5.872019752s ago: executing program 1 (id=549):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="020000000c00000008fdc107d5c2f00000000100000080000000ea000056990a106d8a3fbbd80160af868543fe", @ANYRES32=0x0, @ANYBLOB="00000416e28522f513f300"/20, @ANYRES32=0x0, @ANYRES8=r0, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYRES16=r0, @ANYRESOCT=r0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES8, @ANYBLOB='\x00'/28], 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xe)
syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x5, 0x5, 0x0, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x1c, &(0x7f0000000440)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7060000050000008500000005000000bf0900000000000035090100000000009500000000000000b7020000000000007b9af8ff0000000065090000000000007baaf0ff00000000ad9900000000000007080000f8ffffffbfa400000000000007040000f0ffffffc70200000800000018260000", @ANYRES32=r1, @ANYBLOB="0050a10c4f00000000000000b7050000080000004608f0ff76000000bf98063bdb56fff99f8aafe500000000008500000007000000b70000000000000095000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x119)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000400)='mqueue\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
r7 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r7, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
rename(&(0x7f0000000180)='./file1\x00', &(0x7f0000000200)='./file0\x00')
syz_io_uring_setup(0x2ddf, 0x0, 0x0, &(0x7f0000000140))

4.908638881s ago: executing program 1 (id=553):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32, @ANYBLOB="fe000400000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8000003d)
fcntl$setsig(r1, 0xa, 0x21) (async)
fremovexattr(r1, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
openat$sndseq(0xffffff9c, &(0x7f00000001c0), 0x400a80)
getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32=r3], 0x44}}, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e0c02010401ffffffffff7f00"], 0xf)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioperm(0x0, 0xbea, 0x4)
set_thread_area(&(0x7f0000000180)={0x1, 0x20101000, 0x2000}) (async, rerun: 64)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (rerun: 64)
sendmsg$nl_route(r4, &(0x7f0000000640)={0x0, 0x7, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000011005704000000000000000010000000", @ANYRES32=r5], 0x20}}, 0x0) (async)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000001280)='blkio.bfq.idle_time\x00', 0x0, 0x0)
preadv2(r7, &(0x7f0000000280)=[{&(0x7f00000008c0)=""/211, 0xd3}], 0x1, 0x0, 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r7, 0x80805659, &(0x7f0000000400)={0x0, @data})

4.796389152s ago: executing program 1 (id=554):
r0 = ioctl$UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f0000000140)={0x0, 0x5, [{0xffffffffffffffff, 0x0, 0xfffffffff0000000, 0x8000}, {0xffffffffffffffff, 0x0, 0x2000, 0x1000000000000}, {0xffffffffffffffff, 0x0, 0x0, 0x364b6eab45385466}, {0xffffffffffffffff, 0x0, 0x4000, 0x2000}, {0xffffffffffffffff, 0x0, 0x1000, 0xfffffffffeffa000}]})
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000040)={0x1, 0x1, 0x3})
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)

4.778206662s ago: executing program 1 (id=555):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="b70700000000000063119f00000000000700000000000000950000000000000086b223c17fd5c6311e80752befb60f283890ff0a97195cba4872b282cd13a47f256c1748557c"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc01cf509, 0x0)
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000040)=@sr0, 0x0, 0x0, 0x0, 0x0)
read$snddsp(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000340)='dns_resolver\x00', &(0x7f0000000540)={'syz', 0x1}, &(0x7f0000000580)="fb9c", 0xfffff, r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0, 0x0, 0x9}, 0x18)
connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x109000)
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000440)={r7, 0x0, 0x0, 0x9, 0x0, [<r8=>0x0], [0xff, 0x0, 0x39a], [], [0x100000001]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000080)={r8, 0x0, <r9=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000200)={r7})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f0000000300)={0x0, 0xfffffffe, r9})
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r10, 0xffffffffffffffff, 0x0)

4.687917734s ago: executing program 0 (id=557):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000d40)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac36f8859c7d5444c12bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d4768540c540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a000000000000009e0b1a8c8f55f30e7c25275ed49b71828b375be03ef903cc8244b1269376d01b674cff9cb82eef0fe55c8b751053004ca6cef28d9a52c3771e9c73d03fdf74f48306560fb6cd86658afa895efa47f3a43e686df5b727ba4ec99620270334fce56c9f86b8a2c8aaede5a48a29b75734fbe1f59e43dc5a39b083848b0ebb14d845df7606e4d58f1a03f2dd337c3a10f3b15d388e43059aa88b42d26d4ccda6d60f996ed444d7f40e0cdbf69e11252a6c0e2d882d93b4f22dc95a191b1e6ff59d7880b4ce587f7ef05c46088268805cf089c4b3cd60cd3fc0c6d81fb2f961abcb0133f3f7a594b8475d6853b2e4fafc52a6851e8cfe1aebe3a4539634a535f8ac496793001c1a4b26216d1cd382c1e6a15697ef0a9b26474e1dbfa422e952b0f742ef52388584673f6333299042099aa073c152e1b61851a4519fe67e47f1446bb7b80b804b1b4503df784c8604bf26578b1fa7dce5313ecdf297cc63bf2b472f8f56bebeec16dc5fa22ee9c3c304d6629db7215eebfbd480c4ac"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r1, 0xe0, &(0x7f0000000480)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000d00)={r2}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r3, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xffe4, 0xfffffffffffffda0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000088001000100000000000000", @ANYRES32, @ANYBLOB="00000000018000"/20], 0x48)

4.686996541s ago: executing program 0 (id=558):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x5, 0x0, 0x3132564e, 0x1, 0xa, [{}, {0x10}, {0x0, 0xfffffffc}, {0x1}, {}, {}, {0xfffffffc}, {0x400000, 0xffffffff}], 0x0, 0x4}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)=ANY=[@ANYBLOB="85c6612ed03bb5db567aaa11dddf394400000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="0000000004800000240012800b00010062726964676500001400028005001600030000000800040000000000"], 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x80)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000080)={@dev={0xac, 0x14, 0x14, 0xb}, @remote, 0xffffffffffffffff, "e2410fc7932741e6b70674a7718a57756107b3972fd02b2504ecf28f14ee12cc", 0x192, 0x0, 0x5, 0x7}, 0x3c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000040), 0x5, 0x8000)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000900)={0x0, 0xfffffffffffffffb, 0x50, 0x9, @scatter={0x8, 0x0, &(0x7f0000000780)=[{&(0x7f00000000c0)=""/111, 0x6f}, {&(0x7f0000000300)=""/81, 0x51}, {&(0x7f0000000240)=""/48, 0x30}, {&(0x7f0000000380)=""/129, 0x81}, {&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000440)=""/97, 0x61}, {&(0x7f0000000640)=""/146, 0x92}, {&(0x7f0000000700)=""/100, 0x64}]}, &(0x7f00000007c0)="3cf0c8a36997b569fd7bd11f10ced87e64c3a6760acfe2a829c262065c332cc7a063ddbabe96a1d536cd17f3ab21ca4907fe037227b11459c402efdeee6c71ec0271474d8cc6f8d6fee5b509aad40f20", &(0x7f0000000840)=""/79, 0x5, 0x30, 0x0, &(0x7f00000008c0)})
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x3)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000080)='veth1_to_batadv\x00', 0x10)
recvmsg(r4, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x40010000)
sendto$inet6(r4, 0x0, 0x0, 0x20000840, 0x0, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, 0x0)
unshare(0x44040000)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[], 0x48)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000940)=ANY=[@ANYRESDEC])
ftruncate(0xffffffffffffffff, 0x80079a0)
fcntl$notify(r6, 0x402, 0x2)

4.188992559s ago: executing program 1 (id=561):
r0 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x100}, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000340), 0x9, 0x0)
read$msr(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
openat$vhost_vsock(0xffffff9c, 0x0, 0x2, 0x0)
mkdirat(r1, &(0x7f0000000300)='./file0\x00', 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000000300010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f8c0000000c0a01080000000000000000010000000900020073797a3200000000600003805c000080080003400000000250000b80200001800a00010071756f7461000000100002800c0001400000000000000000140001800c000100636f756e74657200000000000000058011e70000666c6f775f6f66666c6f6164000000000900010073797a30"], 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000380)=[@in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e25, 0x6, @dev={0xfe, 0x80, '\x00', 0x1b}, 0x8}], 0x2c)
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b8920000000109029009"], 0x0)
r5 = syz_open_dev$I2C(&(0x7f0000000180), 0x200, 0x0)
ioctl$I2C_RDWR(r5, 0x707, &(0x7f0000000b80)={&(0x7f0000000b40)})
sendto$inet(r4, &(0x7f00000003c0)="f0dc8f6aad73c5d4", 0x8, 0x0, &(0x7f0000000040)={0x2, 0x4e1f, @loopback}, 0x10)
listen(r4, 0x2)
r6 = socket$kcm(0x2, 0x200000000000001, 0x106)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r7}, 0x10)
openat$kvm(0x0, 0x0, 0x0, 0x0)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, 0x0, 0xfffffffffffffcd6)
setsockopt$sock_attach_bpf(r6, 0x6, 0x3, &(0x7f00000000c0), 0x4)
close_range(r2, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

3.82873536s ago: executing program 3 (id=566):
r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000011c0)='ns/uts\x00')
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)
openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000080)='H', 0x1}], 0x1}, 0x0)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
r3 = fsopen(&(0x7f0000000040)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000001c0)='name', 0x0, r3)
write$bt_hci(r2, &(0x7f0000000080)=ANY=[], 0x6)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
timerfd_create(0x6, 0x80800)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000080), 0x10000001, 0x0)
ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r4, 0x80104132, 0x0)

3.790872411s ago: executing program 0 (id=568):
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0185649, &(0x7f0000000180)={0xf000000, 0x44, 0xfffffffc, 0xffffffffffffffff, 0x0, 0x0})
syz_open_dev$sndmidi(&(0x7f0000000040), 0x83, 0x141101)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x7, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@generic={&(0x7f0000000380)='./cgroup/cgroup.procs\x00'}, 0x14)
syz_open_dev$tty1(0xc, 0x4, 0x3)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
io_setup(0x6, &(0x7f0000000540)=<r3=>0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2, 0x6, 0xffffffffffffffff, &(0x7f0000000480)="c5c8d588f393830b231e", 0xa, 0x9, 0x0, 0x3, r4}])
setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x4, &(0x7f0000000000)=0xfffffffc, 0x4)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f00000000c0), 0x12)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r5, 0xc040564a, &(0x7f00000001c0)={0xd110, 0x0, 0x2013, 0x6, 0x7, 0x1f7f, 0xff, 0x1})
r6 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r6}}, 0x58)

3.790188348s ago: executing program 3 (id=569):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x10, 0x101300)
ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522)
socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20044004}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000400), 0x1, 0x2)
ioctl$VIDIOC_ENUMSTD(r2, 0xc0405619, &(0x7f0000000440)={0x8, 0x3000000, "8c0331a53d314d327f3e939c4b6350804d9071ec226b44c0", {0x3ff, 0x47c6}, 0x6})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5c000000020601080000000000000000000000030c00078005001500d900000005f9ae8f2f71e187fda1d6ba70aab51e0005000a000000050001000700000005000100070000000900020073797a310000000016000300686173683a6e65742c706f72742c6e6574000000"], 0x5c}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0x932, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000fdffffff0080000000000000", @ANYRES32, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="200000000000000000e4002cc9d700"/28], 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x494, &(0x7f0000000500)={0x0, 0x7079, 0x80, 0x4, 0x288}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x9, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bb000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007a00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x66, '\x00', 0x0, @cgroup_sock=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffa1, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="02c910"], 0x15)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
r8 = creat(&(0x7f0000000240)='./file0/bus\x00', 0x0)
acct(&(0x7f0000000100)='./file0/bus\x00')
close(r8)
chroot(0x0)
umount2(&(0x7f0000000280)='./file0\x00', 0x0)
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)

3.152766119s ago: executing program 3 (id=570):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb, [{}, {}, {}, {}, {}, {}, {}, {0x100}]}}) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioperm(0x6, 0x3, 0xb017)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000400)={{}, {0x0, 0x3938700}}, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r3, &(0x7f0000000200)=""/209, 0xd1)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000020c0)=@newtaction={0xeb0, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe9c, 0x1, [@m_pedit={0xe98, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{0x0, 0x1}, {}]}, [{}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xa, 0x0, 0x0, 0x80}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, {}, {0xfffffffe}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x3}, {}, {}, {0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x40000000}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x7}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x800000}, {0x0, 0x0, 0x0, 0x1}, {0xa4c}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x7fffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {0xfffffffc, 0x0, 0x0, 0x0, 0x80000001}, {0x0, 0x10000000}, {0x3}, {}, {0x23f5}, {}, {0x0, 0x100}, {}, {}, {}, {}, {0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {}, {0x0, 0x0, 0x1}], [{}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {0x4}, {}, {0x2}]}}]}, {0x19, 0x6, "3cfd6531b5555616437e1a08000000000000000000"}, {0xc}, {0xc}}}]}]}, 0xeb0}, 0x1, 0x0, 0x0, 0x20040040}, 0x0)
r4 = memfd_secret(0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r5, r4, 0x2e, 0x4608, @void}, 0x10)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r4, 0x0, 0x41, &(0x7f0000000340)={'nat\x00', 0x4, [{}, {}, {}, {}]}, 0x64) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = openat$cgroup_ro(r4, &(0x7f0000000040)='blkio.bfq.io_wait_time\x00', 0x0, 0x0) (async)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xe, 0x10010, r6, 0xb5e9f000) (async)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0) (async)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@ipv6_delroute={0x30, 0x19, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3100}, [@RTA_PREF={0x5, 0x14, 0x1}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @ILA_ATTR_CSUM_MODE={0x5}}]}, 0x30}}, 0x800) (async)
syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) (async)
sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1f00006cc63266baea65", @ANYBLOB, @ANYRES64=r6, @ANYRES32=0x0, @ANYRES8=r2], 0x1c}}, 0x4800) (async, rerun: 32)
r9 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0) (rerun: 32)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r9, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000340)=[<r10=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r9, 0xc06864a1, &(0x7f0000002f00)={0x0, 0x7c, r10})

2.751883736s ago: executing program 0 (id=571):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
syz_emit_ethernet(0x2a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaa2c7278b3e2900040000000000000000994b54b2121d7d23905466bbd90902907800000000e00000011102907800000000b3d234c074d13cb93c4821b9d864b4390a832ad4d94f"], 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x12, &(0x7f0000000180)=0x810001, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x0)
syz_emit_ethernet(0x8a, &(0x7f0000000440)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @sliced={0x0, [0x2, 0x0, 0x0, 0x7ff, 0x1951, 0x51d8, 0x7ff, 0x60f4, 0x100, 0x7, 0x8, 0x4, 0x1006, 0x8, 0xfffa, 0x0, 0x1, 0x9, 0x4, 0x71, 0x6, 0x1, 0x7, 0x7fff, 0xfffa, 0x5, 0x5, 0x8000, 0x40, 0xfd7d, 0x80, 0x3b, 0x401, 0xe, 0x7, 0xa, 0xfb, 0x5, 0x7, 0x0, 0x1, 0x9, 0x6, 0x7, 0x10, 0x0, 0x2, 0x5], 0x80000000}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
syz_usbip_server_init(0x4)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
userfaultfd(0x80801)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x20020680)
r4 = syz_io_uring_setup(0x10e, &(0x7f0000000140), &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13})
io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)

2.505295532s ago: executing program 2 (id=572):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000000012e000000000000000008500000028000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0xfffff000, 0xe, 0x0, &(0x7f00000000c0)="e0b9547e98a78c1e00b179f0f9ec", 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.439062549s ago: executing program 2 (id=573):
io_uring_setup(0x177d, &(0x7f00000002c0)={0x0, 0x572e, 0x2, 0x2, 0xfffffffe})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xffffffffffffff16, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r4, r4, 0x0, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
readv(r4, &(0x7f0000000340), 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo\x00')
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_test', 0x141a82, 0x0)

1.809005073s ago: executing program 3 (id=574):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = open_tree(0xffffffffffffffff, 0x0, 0x9000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = dup(r0)
write$6lowpan_enable(r2, &(0x7f0000000140)='0', 0x1)
r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0xd)
r4 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a01de00000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0000000c0a09030000000000000000070000000900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002140000001100", @ANYRESDEC], 0xc0}, 0x1, 0x0, 0x0, 0x40895}, 0x20008800)
r6 = socket$igmp(0x2, 0x3, 0x2)
r7 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'dvmrp1\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000800)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0xc, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x590}]}}]}, 0x3c}}, 0x0)
ioctl$TCSETSF(r4, 0x5404, 0x0)
r9 = syz_io_uring_setup(0x235, &(0x7f0000000200)={0x0, 0x4531, 0x8, 0x0, 0x190, 0x0, r0}, &(0x7f00000002c0)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
ioctl$USBDEVFS_SETINTERFACE(r2, 0x80085504, &(0x7f0000000100)={0xb6ea, 0x1})
syz_io_uring_submit(r10, r11, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x201}, 0x1})
write$evdev(r1, &(0x7f00000002c0), 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r12, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="38000000430e36171b01995378f3c6b0732ef9eab81a29a4b7815215bb95ab585e3ae4e10216aa855559bcd3c03fadb7fd117416e0cfacee8085dae7149ca7a7d73129af48d1f22098702a158c6a3dd7cb5c829280ac0522c83f2837140ba2970355", @ANYRESOCT=r5, @ANYRES64=r2], 0x38}, 0x1, 0x0, 0x0, 0x8004}, 0x10)
io_uring_enter(r9, 0x2ded, 0x3ffe, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
syz_open_dev$media(&(0x7f00000001c0), 0x0, 0x101580)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
pselect6(0x40, &(0x7f0000000600)={0x2}, 0x0, &(0x7f0000000680)={0x7fb}, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r2, 0xc0405405, &(0x7f0000000080)={{0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10000}, 0xffffffb2, 0x5, 0x5})

1.466509988s ago: executing program 2 (id=575):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000d40)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac36f8859c7d5444c12bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d4768540c540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a000000000000009e0b1a8c8f55f30e7c25275ed49b71828b375be03ef903cc8244b1269376d01b674cff9cb82eef0fe55c8b751053004ca6cef28d9a52c3771e9c73d03fdf74f48306560fb6cd86658afa895efa47f3a43e686df5b727ba4ec99620270334fce56c9f86b8a2c8aaede5a48a29b75734fbe1f59e43dc5a39b083848b0ebb14d845df7606e4d58f1a03f2dd337c3a10f3b15d388e43059aa88b42d26d4ccda6d60f996ed444d7f40e0cdbf69e11252a6c0e2d882d93b4f22dc95a191b1e6ff59d7880b4ce587f7ef05c46088268805cf089c4b3cd60cd3fc0c6d81fb2f961abcb0133f3f7a594b8475d6853b2e4fafc52a6851e8cfe1aebe3a4539634a535f8ac496793001c1a4b26216d1cd382c1e6a15697ef0a9b26474e1dbfa422e952b0f742ef52388584673f6333299042099aa073c152e1b61851a4519fe67e47f1446bb7b80b804b1b4503df784c8604bf26578b1fa7dce5313ecdf297cc63bf2b472f8f56bebeec16dc5fa22ee9c3c304d6629db7215eebfbd480c4ac"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r1, 0xe0, &(0x7f0000000480)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000d00)={r2}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r3, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0xffe4, 0xfffffffffffffda0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000088001000100000000000000", @ANYRES32, @ANYRES32=r4], 0x48)

1.388786859s ago: executing program 2 (id=576):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xc, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x27}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_pidfd_open(0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020, 0x0, 0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x0, 0xb, &(0x7f0000000140)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000004, 0x810, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x108, &(0x7f00000021c0)=0x5, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
fsetxattr$system_posix_acl(r3, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000002140)={{}, {0x1, 0x4}, [{0x2, 0x0, r5}], {}, [{0x8, 0x4, r6}, {0x8, 0x5, r6}, {0x8, 0x1}, {0x8, 0x2, r6}, {0x8, 0x1, r6}, {0x8, 0x4, r6}, {0x8, 0x4, r6}, {}], {0x10, 0x3}, {0x20, 0x1}}, 0x6c, 0x1)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r9 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r9, 0xc0184800, &(0x7f0000000080)={0x10001, <r10=>r8})
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r10, 0x0)
r11 = syz_open_procfs(0x0, &(0x7f0000000300)='numa_maps\x00')
pread64(r11, &(0x7f000001a240)=""/102400, 0x19000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe40, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x46, 0x0, &(0x7f0000004d80))
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r14=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r12, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="08000600dd280172de1f0fae9f4ec509887f62ed6a1b99224282f7591a63d78ff5409c74aec07279e21779dc29ecf2ad88b160f79b4cb58d597a015026c4639d3f1867d1b8de70474b1cf7cc3856b25b797eb2c349f587bfbca75ffcf43ae3d485bb9926603e30a31c91cb0f3a1ed5272403af0b0f91dfc9386c4dbd57ede31654e84aec48ef9125897705ff6f9c51163bfba3b78b5d7525c7211d80e1a745b24707c6f8b20b61277c9876b25bb7d86aadc8e28a27d681e0cf45f400ceb9afe4b8138e6850242b357f9bcb3fce12c089ea0f8f148735c2e1725de744f14d23f5db2a6579f7fbed7ad3cb6e2707dc3c06770f0aa159eeb9dbf6f7a9daff4317bf7b4a974e9cae396d31a90e0d55f15a2c196e75e32f8a3696232ed3ba61f9f9be88b1f7b56186c20fc1f9f584300a5e64d1939c2ac5f62b938d22e9099322e2d47314e45e5601cf8795efe0f8e6d8141ca4812a924480bba2764f67f843f212e49c", @ANYRES16=r13, @ANYBLOB="050003000000fdffffff4400000008000300", @ANYRES32=r14, @ANYBLOB="0c009900c8bd00007700000004002380"], 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x20004080)

1.306911107s ago: executing program 0 (id=577):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
syz_emit_ethernet(0x2a, &(0x7f0000000080)=ANY=[@ANYRES16=r0], 0x0)
socket$kcm(0x10, 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x12, &(0x7f0000000180)=0x810001, 0x4)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x8a, &(0x7f0000000340)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6000000000140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50144beb689bf2f0069f3f473272952e020000907800007d6fa5ddfb85ac59c531cb316e9735cb93eea63568b676c5fb4f8177894ca7"], 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @sliced={0x0, [0x2, 0x0, 0x0, 0x7ff, 0x1951, 0x51db, 0x7ff, 0x60f6, 0x100, 0xc, 0xf93, 0x4, 0x1006, 0x8, 0xfffa, 0x0, 0x1, 0x9, 0x4, 0x71, 0x6, 0x1, 0x2, 0x7fff, 0xfff9, 0x5, 0x5, 0x8000, 0x40, 0xfd7d, 0x84, 0x3b, 0x401, 0xe, 0x5, 0xa, 0xfb, 0x0, 0x7, 0x0, 0x1, 0x9, 0x6, 0x7, 0x10, 0x0, 0x2, 0x5], 0x80000000}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c00000010000107000040000000001a0a0000000600010011"], 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
syz_usbip_server_init(0x3)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
userfaultfd(0x80801)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x20020680)
r3 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0xffcf, 0x0, 0x0, 0xa9}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13})
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)

899.248928ms ago: executing program 2 (id=578):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x87}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x45057bf4ccb05c67, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe80, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

898.770993ms ago: executing program 3 (id=579):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(anubis-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="ec21ddd6ef98049f275ee5b0bba59bb748cc", 0x12)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="c10e2abd7000fedbdf250f000000240007800c00040017000000000000000c00030005000000000000ee070002"], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4050)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000001c0))
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r5}, &(0x7f0000000180), &(0x7f00000001c0))
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r5, 0xc01064c2, &(0x7f0000000100)={<r6=>0x0, 0x0, r5})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r5, 0xc01064c2, &(0x7f0000000200)={<r7=>0x0, 0x0, r5})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r5, 0xc01864cd, &(0x7f0000000380)={&(0x7f00000002c0)=[r6, r7], &(0x7f0000000340)=[0xd9ab, 0x9, 0x2, 0x2, 0x6, 0x6bc1, 0x9], 0x2})
setsockopt$inet_sctp6_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000080)={0xe, 0x2, 0xec, 0x200}, 0x8)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r3, 0xc018620c, &(0x7f0000000140))
r8 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
setsockopt$sock_int(r8, 0x1, 0x3f, &(0x7f00000000c0)=0x7fff, 0x4)
r9 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
ioctl$SIOCAX25ADDFWD(r9, 0x5411, &(0x7f0000000080)={@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}})

898.562861ms ago: executing program 2 (id=580):
openat$fb1(0xffffff9c, &(0x7f0000000180), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpid()
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
syz_open_dev$dri(0x0, 0x1f, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r2, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)
socket$netlink(0x10, 0x3, 0x0)
recvfrom$inet6(r2, 0x0, 0x1000000, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000190c0)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000019080)='./file0\x00', 0x0, 0x23010, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
pread64(r3, &(0x7f0000000080)=""/102356, 0x18fd4, 0x3)
execve(0x0, 0x0, &(0x7f0000019100)={[&(0x7f0000000200)=' ']})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)

499.949231ms ago: executing program 1 (id=581):
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=<r2=>r0, @ANYRES32, @ANYRES8=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES64=r2], 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYRESDEC=r3], 0x238}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f00000001c0), 0x3ff, 0x191000)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20a000, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x5)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x0, 0x4d, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
shmctl$SHM_INFO(0x0, 0xe, 0x0)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r8, 0x7, 0x0, 0x0, {{0x2}, {@val={0x8, 0x2, 0x8}, @void, @void}}}, 0x1c}}, 0x40080)
r9 = openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$cgroup_pid(r9, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYRES32=0x1, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32], 0x50)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)

239.226798ms ago: executing program 3 (id=582):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x19, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xfe99, 0x11641e7a, 0x20000000, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0x0, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x20, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x647b}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r1, 0x80104132, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
fsopen(&(0x7f0000000400)='cgroup2\x00', 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3a6}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000200)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8541)
ioctl$USBDEVFS_ALLOW_SUSPEND(r7, 0x5522)
syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_RECVMSG={0xa, 0x27, 0x1, r3, 0x0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000007c0)=""/151, 0x97}, {&(0x7f00000005c0)=""/153, 0x99}, {&(0x7f00000001c0)=""/7, 0x7}], 0x3}, 0x0, 0x40, 0x1, {0x3}})
socket$alg(0x26, 0x5, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r8 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r8, &(0x7f00000005c0)=ANY=[@ANYBLOB="444947a854414c3120274d696327203030303030b030303030303030303030303030300a494741494e20274361707475726520566f6c756d65272030303030303030303030303030303030303030300a564f4c554d45202753796e7468272030303030303030303030303030303030303030300a4c494e4520274d617374657220506c6079626163d8181e40856e31348c6b20566f6c756d652720"], 0xcc)
r9 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
r10 = dup3(r9, r8, 0x2200)
getsockopt$inet6_mreq(r10, 0x29, 0x15, &(0x7f0000000180)={@mcast2, <r11=>0x0}, &(0x7f0000000280)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r10, 0x89f1, &(0x7f00000003c0)={'syztnl2\x00', &(0x7f0000000340)={'ip6_vti0\x00', r11, 0x29, 0x9, 0x5, 0x3, 0x9, @private0={0xfc, 0x0, '\x00', 0x1}, @remote, 0x718, 0x10, 0x2aec, 0x401}})
io_uring_enter(r4, 0x47f6, 0x810002, 0x4, 0x0, 0x0)

0s ago: executing program 0 (id=583):
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0185649, &(0x7f0000000180)={0xf000000, 0x44, 0xfffffffc, 0xffffffffffffffff, 0x0, 0x0})
syz_open_dev$sndmidi(&(0x7f0000000040), 0x83, 0x141101)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x7, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@generic={&(0x7f0000000380)='./cgroup/cgroup.procs\x00'}, 0x14)
syz_open_dev$tty1(0xc, 0x4, 0x3)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
io_setup(0x6, &(0x7f0000000540)=<r3=>0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2, 0x6, 0xffffffffffffffff, &(0x7f0000000480)="c5c8d588f393830b231e", 0xa, 0x9, 0x0, 0x3, r4}])
setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x4, &(0x7f0000000000)=0xfffffffc, 0x4)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f00000000c0), 0x12)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r5, 0xc040564a, &(0x7f00000001c0)={0xd110, 0x0, 0x2013, 0x6, 0x7, 0x1f7f, 0xff, 0x1})
r6 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r6}}, 0x58)

0s ago: executing program 1 (id=584):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0x23}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}, {0x85, 0x0, 0x0, 0x2d}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='timer_start\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)) (fail_nth: 9)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:60337' (ED25519) to the list of known hosts.
[   41.035726][ T5930] cgroup: Unknown subsys name 'net'
[   41.163773][ T5930] cgroup: Unknown subsys name 'cpuset'
[   41.167358][ T5930] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   41.957929][ T5930] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   43.892172][ T5942] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   43.897437][ T5950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   43.900476][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   43.908059][ T5951] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   43.910422][ T5951] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   43.911749][ T5947] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   43.912907][ T5951] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   43.915244][ T5947] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   43.918000][ T5951] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   43.919534][ T5947] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   43.921528][ T5951] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   43.923382][ T5947] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   43.925342][ T5951] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   43.927163][ T5947] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   43.929047][ T5951] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   43.932780][ T5947] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   43.933475][ T5955] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   43.934294][ T5955] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   43.936114][ T5303] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   43.936388][ T5303] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   43.936577][ T5303] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   43.950502][   T67] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   43.953960][ T5956] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   43.959367][ T5956] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   44.096820][ T5944] chnl_net:caif_netlink_parms(): no params data found
[   44.131064][ T5941] chnl_net:caif_netlink_parms(): no params data found
[   44.213936][ T5945] chnl_net:caif_netlink_parms(): no params data found
[   44.221043][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.223260][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.225486][ T5944] bridge_slave_0: entered allmulticast mode
[   44.227794][ T5944] bridge_slave_0: entered promiscuous mode
[   44.245826][ T5953] chnl_net:caif_netlink_parms(): no params data found
[   44.252932][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.255134][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.257313][ T5944] bridge_slave_1: entered allmulticast mode
[   44.259709][ T5944] bridge_slave_1: entered promiscuous mode
[   44.310163][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.312949][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.315740][ T5941] bridge_slave_0: entered allmulticast mode
[   44.318746][ T5941] bridge_slave_0: entered promiscuous mode
[   44.349252][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   44.352924][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.355752][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.358661][ T5941] bridge_slave_1: entered allmulticast mode
[   44.362682][ T5941] bridge_slave_1: entered promiscuous mode
[   44.376047][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.378359][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.380876][ T5945] bridge_slave_0: entered allmulticast mode
[   44.383019][ T5945] bridge_slave_0: entered promiscuous mode
[   44.398672][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   44.415441][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   44.418121][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.421257][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.423894][ T5945] bridge_slave_1: entered allmulticast mode
[   44.426854][ T5945] bridge_slave_1: entered promiscuous mode
[   44.458021][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   44.506284][ T5944] team0: Port device team_slave_0 added
[   44.509207][ T5944] team0: Port device team_slave_1 added
[   44.576926][ T5941] team0: Port device team_slave_0 added
[   44.579712][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   44.592733][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0
[   44.594732][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.602578][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   44.607662][ T5941] team0: Port device team_slave_1 added
[   44.610404][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   44.613150][ T5953] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.615792][ T5953] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.618464][ T5953] bridge_slave_0: entered allmulticast mode
[   44.621561][ T5953] bridge_slave_0: entered promiscuous mode
[   44.625099][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1
[   44.627494][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.635788][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   44.663857][ T5953] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.665971][ T5953] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.668148][ T5953] bridge_slave_1: entered allmulticast mode
[   44.670736][ T5953] bridge_slave_1: entered promiscuous mode
[   44.692399][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0
[   44.694471][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.702188][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   44.707211][ T5945] team0: Port device team_slave_0 added
[   44.719076][ T5953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   44.723536][ T5953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   44.734786][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1
[   44.736810][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.744276][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   44.748361][ T5945] team0: Port device team_slave_1 added
[   44.778524][ T5953] team0: Port device team_slave_0 added
[   44.802067][ T5944] hsr_slave_0: entered promiscuous mode
[   44.804341][ T5944] hsr_slave_1: entered promiscuous mode
[   44.808323][ T5953] team0: Port device team_slave_1 added
[   44.851521][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0
[   44.853616][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.862006][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   44.881688][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_0
[   44.884258][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.894617][ T5953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   44.898886][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1
[   44.901155][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.908757][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   44.914212][ T5941] hsr_slave_0: entered promiscuous mode
[   44.916350][ T5941] hsr_slave_1: entered promiscuous mode
[   44.918497][ T5941] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   44.920957][ T5941] Cannot create hsr debugfs directory
[   44.926032][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_1
[   44.928877][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   44.937160][ T5953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.000458][ T5945] hsr_slave_0: entered promiscuous mode
[   45.002659][ T5945] hsr_slave_1: entered promiscuous mode
[   45.004662][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.007437][ T5945] Cannot create hsr debugfs directory
[   45.030219][ T5953] hsr_slave_0: entered promiscuous mode
[   45.033250][ T5953] hsr_slave_1: entered promiscuous mode
[   45.035436][ T5953] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.037740][ T5953] Cannot create hsr debugfs directory
[   45.244020][ T5944] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   45.249441][ T5944] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   45.252965][ T5944] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   45.258901][ T5944] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   45.272924][ T5945] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   45.277125][ T5945] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   45.283164][ T5945] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   45.286352][ T5945] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   45.308336][ T5941] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   45.313172][ T5941] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   45.321507][ T5941] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   45.325819][ T5941] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   45.348535][ T5953] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   45.352527][ T5953] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   45.357157][ T5953] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   45.363331][ T5953] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   45.387350][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.420316][ T5944] 8021q: adding VLAN 0 to HW filter on device team0
[   45.438228][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.443209][ T1224] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.446254][ T1224] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.453717][ T1224] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.456634][ T1224] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.484722][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.494929][ T5953] 8021q: adding VLAN 0 to HW filter on device bond0
[   45.514553][ T5945] 8021q: adding VLAN 0 to HW filter on device team0
[   45.523498][   T83] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.525580][   T83] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.532169][ T5953] 8021q: adding VLAN 0 to HW filter on device team0
[   45.538038][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.540070][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.548856][   T83] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.551738][   T83] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.563502][ T5941] 8021q: adding VLAN 0 to HW filter on device team0
[   45.568881][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.571756][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.591902][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.594855][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   45.608607][   T83] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.611637][   T83] bridge0: port 2(bridge_slave_1) entered forwarding state
[   45.646000][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.684261][ T5944] veth0_vlan: entered promiscuous mode
[   45.692563][ T5944] veth1_vlan: entered promiscuous mode
[   45.708814][ T5944] veth0_macvtap: entered promiscuous mode
[   45.713827][ T5944] veth1_macvtap: entered promiscuous mode
[   45.724457][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.728780][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0
[   45.735817][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.740582][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1
[   45.744672][ T5944] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.747261][ T5944] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   45.749772][ T5944] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   45.752341][ T5944] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   45.771226][ T5953] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.786711][ T5941] veth0_vlan: entered promiscuous mode
[   45.809367][ T5945] veth0_vlan: entered promiscuous mode
[   45.816445][ T5941] veth1_vlan: entered promiscuous mode
[   45.816895][   T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.821752][   T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.839336][ T5945] veth1_vlan: entered promiscuous mode
[   45.842592][   T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   45.843674][ T5953] veth0_vlan: entered promiscuous mode
[   45.845014][   T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   45.855319][ T5953] veth1_vlan: entered promiscuous mode
[   45.858196][ T5941] veth0_macvtap: entered promiscuous mode
[   45.862862][ T5941] veth1_macvtap: entered promiscuous mode
[   45.874188][ T5945] veth0_macvtap: entered promiscuous mode
[   45.874848][ T5944] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   45.879059][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.883771][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.887395][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0
[   45.890783][ T5945] veth1_macvtap: entered promiscuous mode
[   45.900072][ T5953] veth0_macvtap: entered promiscuous mode
[   45.905594][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.908610][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.913285][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1
[   45.919401][ T5941] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.922888][ T5941] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   45.925418][ T5941] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   45.927914][ T5941] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   45.933438][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.937309][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.941185][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.945034][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.949528][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0
[   45.955648][ T5953] veth1_macvtap: entered promiscuous mode
[   45.961038][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.964805][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.968592][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.973073][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.977243][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1
[   45.982236][ T5950] Bluetooth: hci1: command tx timeout
[   45.982249][   T67] Bluetooth: hci3: command tx timeout
[   45.982305][ T5955] Bluetooth: hci2: command tx timeout
[   45.982727][ T5956] Bluetooth: hci0: command tx timeout
[   45.995508][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.999379][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.003201][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.007062][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.010801][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.014616][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.018790][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.021057][ T6004] Device name cannot be null; rc = [-22]
[   46.026212][ T5945] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.029457][ T5945] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.032964][ T5945] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.036449][ T5945] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.046966][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.050002][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.053192][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.056176][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.058977][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.062935][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.066364][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.073055][ T1132] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.075308][ T1132] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.082256][ T5953] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.084782][ T5953] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.087285][ T5953] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.089808][ T5953] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.112595][ T1224] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.115221][ T1224] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.151127][   T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.153403][   T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.175668][   T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.176422][ T1132] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.177968][   T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.184200][ T1132] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.193111][   T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.195670][   T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.446304][ T6033] process 'syz.2.6' launched './file0' with NULL argv: empty string added
[   46.670523][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   46.880371][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.026877][ T6038] netlink: 'syz.3.4': attribute type 10 has an invalid length.
[   47.083503][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   47.110633][ T6038] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   47.254503][ T6048] netlink: 'syz.0.7': attribute type 4 has an invalid length.
[   47.308782][ T6047] netlink: 'syz.0.7': attribute type 4 has an invalid length.
[   47.380389][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.380464][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   47.902623][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   47.902738][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   47.905036][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   47.909746][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   48.036659][ T6048] syz.0.7 (6048) used greatest stack depth: 21088 bytes left
[   48.061914][ T5950] Bluetooth: hci0: command tx timeout
[   48.061949][ T5955] Bluetooth: hci3: command tx timeout
[   48.063619][   T67] Bluetooth: hci1: command tx timeout
[   48.065691][ T5956] Bluetooth: hci2: command tx timeout
[   48.140601][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.384094][ T6059] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   48.886304][ T6061] netlink: 'syz.1.10': attribute type 10 has an invalid length.
[   48.909417][ T6061] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   48.998585][ T6062] netlink: 164 bytes leftover after parsing attributes in process `syz.1.10'.
[   49.564186][ T5956] Bluetooth: Unexpected continuation frame (len 16)
[   49.632860][ T6076] ALSA: mixer_oss: invalid OSS volume ''
[   49.750380][ T5946] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   49.928487][ T5946] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[   49.940646][ T5946] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   49.943531][ T5946] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[   49.961407][ T5946] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[   49.964091][ T5946] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   49.966421][ T5946] usb 5-1: Product: syz
[   49.970577][ T5946] usb 5-1: Manufacturer: syz
[   49.972082][ T5946] usb 5-1: SerialNumber: syz
[   49.979434][ T5946] usb 5-1: config 0 descriptor??
[   50.041916][ T6078] netlink: 'syz.3.14': attribute type 1 has an invalid length.
[   50.142564][ T5956] Bluetooth: hci1: command tx timeout
[   50.142584][   T67] Bluetooth: hci2: command tx timeout
[   50.142941][ T5955] Bluetooth: hci0: command tx timeout
[   50.142976][ T5955] Bluetooth: hci3: command tx timeout
[   50.223597][ T5946] adutux 5-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[   50.440707][ T6001] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   50.961736][ T6001] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   50.964210][ T6001] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   50.967070][ T6001] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[   50.969620][ T6001] usb 8-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   50.983312][ T6001] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   50.985797][ T6001] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   50.988027][ T6001] usb 8-1: Product: syz
[   50.989218][ T6001] usb 8-1: Manufacturer: syz
[   51.000624][ T6001] cdc_wdm 8-1:1.0: skipping garbage
[   51.002088][ T6001] cdc_wdm 8-1:1.0: skipping garbage
[   51.003640][ T6001] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22
[   51.333974][   T67] Bluetooth: Unexpected continuation frame (len 16)
[   51.343023][ T6096] Process accounting resumed
[   51.811711][ T6100] netlink: 'syz.1.20': attribute type 4 has an invalid length.
[   51.834954][ T6100] netlink: 'syz.1.20': attribute type 4 has an invalid length.
[   52.137844][ T5946] usb 5-1: USB disconnect, device number 2
[   52.139021][ T6001] usb 8-1: USB disconnect, device number 2
[   52.220525][   T67] Bluetooth: hci3: command tx timeout
[   52.220739][ T5950] Bluetooth: hci0: command tx timeout
[   52.220797][ T5956] Bluetooth: hci2: command tx timeout
[   52.231500][ T5950] Bluetooth: hci1: command tx timeout
[   52.467685][ T6111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.23'.
[   52.472347][ T6111] netlink: 'syz.2.23': attribute type 2 has an invalid length.
[   52.536870][ T6117] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   52.541044][ T6116] binder: 6110:6116 ioctl c018620c 20000140 returned -22
[   52.615148][ T6108] syz.0.22 (6108): drop_caches: 2
[   52.721930][ T6124] tmpfs: Invalid gid '0x00000000ffffffff'
[   52.829088][ T6127] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   52.868582][ T6127] loop1: detected capacity change from 0 to 5
[   52.875062][    C2] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[   52.878505][    C2] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   52.881260][    C2] Buffer I/O error on dev loop1, logical block 0, async page read
[   53.651775][ T6141] random: crng reseeded on system resumption
[   53.897276][ T6146] bridge_slave_0: left allmulticast mode
[   53.899448][ T6146] bridge_slave_0: left promiscuous mode
[   53.903097][ T6146] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.909977][ T6146] bridge_slave_1: left allmulticast mode
[   53.913807][ T6146] bridge_slave_1: left promiscuous mode
[   53.915889][ T6146] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.922139][ T6146] bond0: (slave bond_slave_0): Releasing backup interface
[   53.932458][ T6146] bond0: (slave bond_slave_1): Releasing backup interface
[   53.954887][ T6146] team0: Port device team_slave_0 removed
[   53.971946][ T6146] team0: Port device team_slave_1 removed
[   53.976270][ T6146] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   53.979343][ T6146] batman_adv: batadv0: Removing interface: batadv_slave_0
[   53.984986][ T6146] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   53.987889][ T6146] batman_adv: batadv0: Removing interface: batadv_slave_1
[   53.999444][ T6146] bond0: (slave wlan1): Releasing backup interface
[   54.058413][ T6144] Bluetooth: MGMT ver 1.23
[   54.064982][ T6144] sctp: [Deprecated]: syz.0.30 (pid 6144) Use of int in max_burst socket option.
[   54.064982][ T6144] Use struct sctp_assoc_value instead
[   54.515060][ T6159] erofs (device erofs): cannot read erofs superblock
[   54.680500][   T40] audit: type=1326 audit(1736050666.033:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.2.33" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[   54.688164][   T40] audit: type=1326 audit(1736050666.033:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.2.33" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[   54.695567][   T40] audit: type=1326 audit(1736050666.043:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.2.33" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f17579 code=0x7ffc0000
[   54.702109][   T40] audit: type=1326 audit(1736050666.043:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.2.33" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[   54.743795][   T40] audit: type=1326 audit(1736050666.043:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.2.33" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[   54.751876][   T40] audit: type=1326 audit(1736050666.043:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.2.33" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f17579 code=0x7ffc0000
[   54.758014][   T40] audit: type=1326 audit(1736050666.043:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.2.33" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[   54.764294][   T40] audit: type=1326 audit(1736050666.043:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.2.33" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[   54.770426][   T40] audit: type=1326 audit(1736050666.043:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.2.33" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7f17579 code=0x7ffc0000
[   54.776402][   T40] audit: type=1326 audit(1736050666.043:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6158 comm="syz.2.33" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000
[   55.448310][ T6174] netlink: 'syz.1.36': attribute type 5 has an invalid length.
[   56.068686][ T6201] warning: `syz.0.40' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   56.835706][ T6238] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   56.840917][ T6238] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   57.215975][ T6267] netlink: 'syz.2.47': attribute type 10 has an invalid length.
[   57.377050][ T6267] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.386187][ T6267] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   57.861243][ T6283] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[   57.861271][ T6283] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   57.861913][ T6283] vhci_hcd vhci_hcd.0: Device attached
[   57.880458][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.883992][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.886001][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.888123][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.892951][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.895007][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.897304][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.905001][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.907200][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.908789][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.910632][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.912514][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.914347][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.916156][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.917993][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.919794][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.923670][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.925545][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.927374][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.929060][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.931026][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.932827][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.934571][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.936345][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.938539][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.942643][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.956411][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.958249][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.960026][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.975073][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.977885][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.997108][ T6285] vhci_hcd: cannot find the pending unlink 5
[   57.999283][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.006469][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.009074][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.012447][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.014551][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.016366][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.018185][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.021115][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.023003][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.025229][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.040878][ T5946] vhci_hcd: vhci_device speed not set
[   58.040990][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.052016][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.056786][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.061338][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.065797][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.070543][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.075268][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.081049][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.086787][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.092749][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.097443][ T6285] vhci_hcd: cannot find the pending unlink 5
[   58.100532][ T5946] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[   58.104981][ T6286] vhci_hcd: sendmsg failed!, ret=-32 for 48
[   58.126857][   T83] vhci_hcd: stop threads
[   58.129526][   T83] vhci_hcd: release socket
[   58.138735][   T83] vhci_hcd: disconnect device
[   58.356246][ T6001] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   58.580036][ T5950] Bluetooth: hci1: failed to read key size for handle 201
[   58.876567][ T6001] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   58.879792][ T6001] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   58.883851][ T6001] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[   58.887153][ T6001] usb 8-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   58.893003][ T6001] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   58.896325][ T6001] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   58.899269][ T6001] usb 8-1: Product: syz
[   58.907555][ T6001] usb 8-1: Manufacturer: syz
[   58.939832][ T6001] cdc_wdm 8-1:1.0: skipping garbage
[   59.115674][ T6001] cdc_wdm 8-1:1.0: skipping garbage
[   59.117122][ T6001] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22
[   59.207802][ T6325] netlink: 'syz.1.58': attribute type 12 has an invalid length.
[   59.210164][ T6325] netlink: 132 bytes leftover after parsing attributes in process `syz.1.58'.
[   59.309310][ T6335] 9pnet: Could not find request transport: o=
[   60.203950][   T25] usb 8-1: USB disconnect, device number 3
[   61.236789][ T6371] netlink: 76 bytes leftover after parsing attributes in process `syz.3.70'.
[   61.259879][ T5950] Bluetooth: Unexpected continuation frame (len 16)
[   61.268415][ T6375] Process accounting resumed
[   61.375543][ T6377] netlink: 'syz.3.73': attribute type 1 has an invalid length.
[   61.805002][ T2167] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   61.981394][   T58] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   61.985009][ T2167] usb 6-1: too many configurations: 9, using maximum allowed: 8
[   61.990843][ T2167] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   61.996346][ T2167] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.008073][ T2167] usb 6-1: config 0 interface 0 has no altsetting 0
[   62.033942][ T2167] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.044484][ T2167] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.047678][ T2167] usb 6-1: config 0 interface 0 has no altsetting 0
[   62.261103][ T2167] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.264829][ T2167] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.270671][ T2167] usb 6-1: config 0 interface 0 has no altsetting 0
[   62.358137][   T58] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   62.360891][ T2167] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.361450][   T58] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   62.363797][ T2167] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.367511][   T58] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[   62.370009][ T2167] usb 6-1: config 0 interface 0 has no altsetting 0
[   62.374913][   T58] usb 5-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   62.392016][   T58] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   62.394760][   T58] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   62.395125][ T2167] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.399971][   T58] usb 5-1: Product: syz
[   62.400146][ T2167] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.401402][   T58] usb 5-1: Manufacturer: syz
[   62.404932][ T2167] usb 6-1: config 0 interface 0 has no altsetting 0
[   62.414882][   T58] cdc_wdm 5-1:1.0: skipping garbage
[   62.417128][   T58] cdc_wdm 5-1:1.0: skipping garbage
[   62.419450][ T2167] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.419498][   T58] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[   62.422189][ T2167] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.422204][ T2167] usb 6-1: config 0 interface 0 has no altsetting 0
[   62.433182][ T2167] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.435955][ T2167] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.439150][ T2167] usb 6-1: config 0 interface 0 has no altsetting 0
[   62.446485][ T2167] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[   62.449222][ T2167] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   62.452965][ T2167] usb 6-1: config 0 interface 0 has no altsetting 0
[   62.485987][ T2167] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   62.488604][ T2167] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   62.491026][ T2167] usb 6-1: Product: syz
[   62.500341][ T2167] usb 6-1: Manufacturer: syz
[   62.501755][ T2167] usb 6-1: SerialNumber: syz
[   62.520731][ T2167] usb 6-1: config 0 descriptor??
[   62.550384][ T2167] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[   62.640596][ T5950] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   62.644134][ T5950] Bluetooth: hci1: Injecting HCI hardware error event
[   62.649239][ T5950] Bluetooth: hci1: hardware error 0x00
[   62.730596][ T2167] usb 6-1: USB disconnect, device number 2
[   62.734838][ T2167] yurex 6-1:0.0: USB YUREX #0 now disconnected
[   62.812247][ T6401] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   63.060314][ T6001] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   63.209702][ T1320] usb 5-1: USB disconnect, device number 3
[   63.221465][ T6001] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   63.224748][ T6001] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   63.227809][ T6001] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   63.230664][ T6001] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   63.234950][ T6001] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   63.237562][ T6001] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   63.239875][ T6001] usb 8-1: Manufacturer: syz
[   63.244916][ T6001] usb 8-1: config 0 descriptor??
[   63.252394][ T5946] vhci_hcd: vhci_device speed not set
[   63.275855][ T6403] netlink: 'syz.1.82': attribute type 1 has an invalid length.
[   63.499312][ T6408] netlink: 'syz.2.84': attribute type 12 has an invalid length.
[   63.661453][ T6001] appleir 0003:05AC:8243.0002: unknown main item tag 0x0
[   63.664281][ T6001] appleir 0003:05AC:8243.0002: No inputs registered, leaving
[   63.675245][ T6001] appleir 0003:05AC:8243.0002: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[   63.751285][   T58] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   63.910310][   T58] usb 6-1: Using ep0 maxpacket: 8
[   63.913694][   T58] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   63.916800][   T58] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   63.919999][   T58] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   63.923469][   T58] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   63.927505][   T58] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   63.930848][   T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.143426][   T58] usb 6-1: GET_CAPABILITIES returned 0
[   64.145935][   T58] usbtmc 6-1:16.0: can't read capabilities
[   64.277574][ T6445] syz.3.81 uses obsolete (PF_INET,SOCK_PACKET)
[   64.364981][ T6449] block device autoloading is deprecated and will be removed.
[   64.387111][ T6449] syz.0.86: attempt to access beyond end of device
[   64.387111][ T6449] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   64.477447][ T5946] usb 8-1: USB disconnect, device number 4
[   64.546730][ T6449] syzkaller0: entered promiscuous mode
[   64.548422][ T6449] syzkaller0: entered allmulticast mode
[   64.551329][ T6453] syzkaller0: tun_chr_ioctl cmd 1074025677
[   64.553061][ T6453] syzkaller0: Linktype set failed because interface is up
[   64.555253][   T11] syzkaller0: tun_net_xmit 48
[   64.611112][ T1320] IPVS: starting estimator thread 0...
[   64.710586][ T6466] IPVS: using max 38 ests per chain, 91200 per kthread
[   64.780544][ T5950] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   64.781079][   T67] Bluetooth: hci2: command tx timeout
[   65.864873][ T6495] team0: No ports can be present during mode change
[   66.310009][ T6512] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   66.329313][ T6506] overlayfs: failed to resolve './bus': -2
[   66.558522][ T5946] usb 6-1: USB disconnect, device number 3
[   66.571910][ T1102] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[   66.573892][ T1102] ata1: failed to read log page 10h (errno=-5)
[   66.575685][ T1102] ata1.00: exception Emask 0x1 SAct 0x200 SErr 0x0 action 0x0
[   66.578562][ T1102] ata1.00: irq_stat 0x40000000
[   66.580163][ T1102] ata1.00: failed command: WRITE FPDMA QUEUED
[   66.583644][ T1102] ata1.00: cmd 61/28:48:fa:04:10/00:00:00:00:00/40 tag 9 ncq dma 20480 out
[   66.583644][ T1102]          res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[   66.589968][ T1102] ata1.00: status: { DRDY }
[   66.591587][ T1102] ata1.00: error: { ABRT }
[   66.595433][ T1102] ata1.00: configured for UDMA/100
[   66.597129][ T1102] ata1: EH complete
[   66.760335][ T1320] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   66.926845][ T1320] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   66.929354][ T1320] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   66.933238][ T1320] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[   66.940419][ T1320] usb 7-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   66.944684][ T1320] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   66.947308][ T1320] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   66.949705][ T1320] usb 7-1: Product: syz
[   66.952474][ T1320] usb 7-1: Manufacturer: syz
[   66.958364][ T1320] cdc_wdm 7-1:1.0: skipping garbage
[   66.959938][ T1320] cdc_wdm 7-1:1.0: skipping garbage
[   66.964669][ T1320] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[   67.000410][ T6522] netlink: 'syz.0.95': attribute type 1 has an invalid length.
[   67.080443][ T6526] team0: No ports can be present during mode change
[   67.245835][   T67] Bluetooth: Unexpected continuation frame (len 16)
[   67.286021][ T6532] Process accounting resumed
[   67.587419][   T25] usb 7-1: USB disconnect, device number 2
[   67.634735][ T6544] pim6reg: entered allmulticast mode
[   67.894460][ T6549] loop9: detected capacity change from 0 to 7
[   67.899665][ T6549] Dev loop9: unable to read RDB block 7
[   67.901907][ T6549]  loop9: unable to read partition table
[   67.903625][ T6549] loop9: partition table beyond EOD, truncated
[   67.905462][ T6549] loop_reread_partitions: partition scan of loop9 (₫被xü—ŸÑà– ) failed (rc=-5)
[   67.964154][ T6552] input: syz0 as /devices/virtual/input/input6
[   67.966384][ T6552] input: failed to attach handler leds to device input6, error: -6
[   68.002721][ T6001] libceph: connect (1)[c::]:6789 error -101
[   68.004726][ T6001] libceph: mon0 (1)[c::]:6789 connect error
[   68.019958][ T6561] netlink: 4 bytes leftover after parsing attributes in process `syz.0.109'.
[   68.026808][ T6561] netlink: 'syz.0.109': attribute type 2 has an invalid length.
[   68.087588][ T6563] binder: 6560:6563 ioctl c018620c 20000140 returned -22
[   68.189689][ T6567] netlink: 4 bytes leftover after parsing attributes in process `syz.2.111'.
[   68.193617][ T6567] netlink: 'syz.2.111': attribute type 2 has an invalid length.
[   68.254958][ T6568] binder: 6566:6568 ioctl c018620c 20000140 returned -22
[   68.272379][ T6001] libceph: connect (1)[c::]:6789 error -101
[   68.275265][ T6001] libceph: mon0 (1)[c::]:6789 connect error
[   68.504482][ T6552] ceph: No mds server is up or the cluster is laggy
[   68.667013][ T6575] Process accounting resumed
[   69.675373][ T6600] input: syz0 as /devices/virtual/input/input7
[   69.815487][ T6602] team0: No ports can be present during mode change
[   70.016589][ T6620] netlink: 4 bytes leftover after parsing attributes in process `syz.0.128'.
[   70.019858][ T6620] netlink: 'syz.0.128': attribute type 2 has an invalid length.
[   70.527556][   T40] kauditd_printk_skb: 2 callbacks suppressed
[   70.527568][   T40] audit: type=1800 audit(1736050682.043:14): pid=6646 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.131" name="file0" dev="9p" ino=37098962 res=0 errno=0
[   70.538803][ T6646] netfs: Couldn't get user pages (rc=-14)
[   70.746152][   T58] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[   70.761830][ T6652] team0: No ports can be present during mode change
[   70.787703][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[   70.790651][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[   70.920416][   T58] usb 6-1: Invalid ep0 maxpacket: 32
[   71.068056][   T58] usb 6-1: new low-speed USB device number 5 using dummy_hcd
[   71.227267][ T6660] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   71.317517][   T58] usb 6-1: Invalid ep0 maxpacket: 32
[   71.351637][   T58] usb usb6-port1: attempt power cycle
[   71.484924][   T25] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   71.631660][   T25] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   71.634164][   T25] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   71.637613][   T25] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[   71.644303][   T25] usb 7-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   71.651917][   T25] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   71.658564][   T25] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   71.662801][   T25] usb 7-1: Product: syz
[   71.666013][   T25] usb 7-1: Manufacturer: syz
[   71.676499][   T25] cdc_wdm 7-1:1.0: skipping garbage
[   71.678657][   T25] cdc_wdm 7-1:1.0: skipping garbage
[   71.680774][   T25] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[   71.770327][   T58] usb 6-1: new low-speed USB device number 6 using dummy_hcd
[   71.792169][   T58] usb 6-1: Invalid ep0 maxpacket: 32
[   72.009570][   T58] usb 6-1: new low-speed USB device number 7 using dummy_hcd
[   72.031654][   T58] usb 6-1: Invalid ep0 maxpacket: 32
[   72.033386][   T58] usb usb6-port1: unable to enumerate USB device
[   72.147103][ T6665] netlink: 4 bytes leftover after parsing attributes in process `syz.0.138'.
[   72.150330][ T6665] unsupported nlmsg_type 40
[   72.411633][ T6667] team0: No ports can be present during mode change
[   72.416659][ T6667] syz.3.139: attempt to access beyond end of device
[   72.416659][ T6667] nbd3: rw=0, sector=0, nr_sectors = 2 limit=0
[   72.455387][   T58] usb 7-1: USB disconnect, device number 3
[   72.477833][ T6669] netlink: 4 bytes leftover after parsing attributes in process `syz.3.140'.
[   72.482152][ T6669] netlink: 'syz.3.140': attribute type 2 has an invalid length.
[   72.809426][ T6674] netlink: 4 bytes leftover after parsing attributes in process `syz.3.142'.
[   72.812078][ T6674] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   72.814250][ T6674] batman_adv: batadv0: Removing interface: batadv_slave_0
[   72.817286][ T6674] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   72.820452][ T6674] batman_adv: batadv0: Removing interface: batadv_slave_1
[   72.861970][ T6675] netlink: 8 bytes leftover after parsing attributes in process `syz.3.142'.
[   72.916009][ T6680] team0: No ports can be present during mode change
[   72.987313][ T6684] lo speed is unknown, defaulting to 1000
[   72.989221][ T6684] lo speed is unknown, defaulting to 1000
[   72.992312][ T6684] lo speed is unknown, defaulting to 1000
[   72.997058][ T6684] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   73.003657][ T6684] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   73.023279][ T6684] lo speed is unknown, defaulting to 1000
[   73.025843][ T6684] lo speed is unknown, defaulting to 1000
[   73.029105][ T6684] lo speed is unknown, defaulting to 1000
[   73.033357][ T6684] lo speed is unknown, defaulting to 1000
[   73.483386][ T6708] syzkaller0: entered promiscuous mode
[   73.485190][ T6708] syzkaller0: entered allmulticast mode
[   73.713407][   T67] Bluetooth: Unexpected continuation frame (len 16)
[   73.720641][ T6718] Process accounting resumed
[   74.680445][ T2180] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   74.831973][ T2180] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   74.835540][ T2180] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   74.839382][ T2180] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[   74.842912][ T2180] usb 5-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   74.848311][ T2180] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   74.851909][ T2180] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   74.854978][ T2180] usb 5-1: Product: syz
[   74.856626][ T2180] usb 5-1: Manufacturer: syz
[   74.861377][ T2180] cdc_wdm 5-1:1.0: skipping garbage
[   74.863432][ T2180] cdc_wdm 5-1:1.0: skipping garbage
[   74.868451][ T2180] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[   74.930485][ T6390] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   75.080383][ T6390] usb 8-1: Using ep0 maxpacket: 8
[   75.092309][ T6390] usb 8-1: config 0 has no interfaces?
[   75.093998][ T6390] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   75.099646][ T6390] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.131182][ T6390] usb 8-1: config 0 descriptor??
[   75.231260][    T9] usb 5-1: USB disconnect, device number 4
[   75.341421][ T2167] usb 8-1: USB disconnect, device number 5
[   75.490368][ T6390] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   75.650337][ T6390] usb 7-1: Using ep0 maxpacket: 32
[   75.653170][ T6390] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   75.656060][ T6390] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[   75.659062][ T6390] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   75.662710][ T6390] usb 7-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   75.665872][ T6390] usb 7-1: config 1 interface 1 has no altsetting 0
[   75.669171][ T6390] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   75.671840][ T6390] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   75.674112][ T6390] usb 7-1: Product: syz
[   75.675372][ T6390] usb 7-1: Manufacturer: syz
[   75.676712][ T6390] usb 7-1: SerialNumber: syz
[   75.779546][ T6743] netlink: 'syz.0.162': attribute type 1 has an invalid length.
[   75.781907][ T6743] netlink: 244 bytes leftover after parsing attributes in process `syz.0.162'.
[   75.890331][ T6738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   75.893898][ T6738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   76.037519][ T6390] usb 7-1: 2:1 : no or invalid class specific endpoint descriptor
[   76.039942][ T6390] usb 7-1: 2:1 : no or invalid class specific endpoint descriptor
[   76.356944][   T58] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   76.378496][ T6390] usb 7-1: USB disconnect, device number 4
[   76.436447][ T6753] netlink: 4 bytes leftover after parsing attributes in process `syz.1.165'.
[   76.439110][ T6753] netlink: 'syz.1.165': attribute type 2 has an invalid length.
[   76.498716][ T6754] binder: 6752:6754 ioctl c018620c 20000140 returned -22
[   76.520459][   T58] usb 5-1: Using ep0 maxpacket: 8
[   76.523316][   T58] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   76.526425][   T58] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   76.529044][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.533518][   T58] usb 5-1: config 0 descriptor??
[   76.582000][ T6148] udevd[6148]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   76.785803][   T58] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   77.013206][ T1320] usb 5-1: USB disconnect, device number 5
[   77.102515][ T6779] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   77.569375][ T6783] netlink: 12 bytes leftover after parsing attributes in process `syz.2.171'.
[   77.756451][ T6793] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[   77.758511][ T6793] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   77.762342][ T6793] vhci_hcd vhci_hcd.0: Device attached
[   77.777022][ T6795] vhci_hcd: connection closed
[   77.777762][ T1224] vhci_hcd: stop threads
[   77.780444][ T1224] vhci_hcd: release socket
[   77.783305][ T1224] vhci_hcd: disconnect device
[   77.807448][ T6801] netlink: 12 bytes leftover after parsing attributes in process `syz.2.177'.
[   78.168512][ T6809] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   79.140901][ T6828] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   79.560111][   T40] audit: type=1804 audit(1736050691.073:15): pid=6817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.180" name="/newroot/48/file0/cgroup.controllers" dev="9p" ino=37098977 res=1 errno=0
[   79.567712][ T6821] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   80.570322][   T58] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   80.838124][ T6852] : entered promiscuous mode
[   81.023060][   T30] cfg80211: failed to load regulatory.db
[   81.469256][ T6860] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   82.262470][ T6872] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[   82.482320][ T6883] Process accounting resumed
[   82.530512][ T5982] kernel read not supported for file /sequencer2 (pid: 5982 comm: kworker/2:3)
[   82.553116][   T58] usb 8-1: unable to get BOS descriptor or descriptor too short
[   82.588179][ T6885] lo speed is unknown, defaulting to 1000
[   82.842423][   T58] usb 8-1: unable to read config index 0 descriptor/start: -71
[   82.844624][   T58] usb 8-1: can't read configurations, error -71
[   82.920656][ T6888] team0: No ports can be present during mode change
[   84.341542][    T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   84.383591][   T67] Bluetooth: Unexpected continuation frame (len 16)
[   84.396379][ T6922] Process accounting resumed
[   84.655777][    T9] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   84.658715][    T9] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   84.662211][    T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[   84.666353][    T9] usb 6-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   84.700759][    T9] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   84.718494][    T9] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   84.723324][    T9] usb 6-1: Product: syz
[   84.724803][    T9] usb 6-1: Manufacturer: syz
[   84.728870][    T9] cdc_wdm 6-1:1.0: skipping garbage
[   84.730554][    T9] cdc_wdm 6-1:1.0: skipping garbage
[   84.732171][    T9] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[   85.361527][    T9] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[   85.480513][ T5982] usb 6-1: USB disconnect, device number 8
[   85.530650][    T9] usb 8-1: Using ep0 maxpacket: 16
[   85.538863][    T9] usb 8-1: config 0 has no interfaces?
[   85.542560][    T9] usb 8-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=ec.89
[   85.545244][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.547509][    T9] usb 8-1: Product: syz
[   85.548784][    T9] usb 8-1: Manufacturer: syz
[   85.550131][    T9] usb 8-1: SerialNumber: syz
[   85.552992][    T9] usb 8-1: config 0 descriptor??
[   85.726066][ T6943] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow
[   85.732606][ T6943] binder: 6939:6943 ioctl 4018620d 0 returned -22
[   85.765876][ T5982] usb 8-1: USB disconnect, device number 8
[   86.237572][ T6966] netlink: 4 bytes leftover after parsing attributes in process `syz.0.218'.
[   86.241551][ T6966] netlink: 'syz.0.218': attribute type 2 has an invalid length.
[   86.300587][ T6972] binder: 6965:6972 ioctl c018620c 20000140 returned -22
[   86.789090][ T6984] netlink: 'syz.0.221': attribute type 2 has an invalid length.
[   86.791780][ T6984] netlink: 'syz.0.221': attribute type 9 has an invalid length.
[   86.794160][ T6984] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.221'.
[   86.828768][ T6985] netlink: 60 bytes leftover after parsing attributes in process `syz.3.222'.
[   87.049142][ T6998] Process accounting resumed
[   87.104911][ T7002] netlink: 4 bytes leftover after parsing attributes in process `syz.3.229'.
[   87.107478][ T7002] netlink: 'syz.3.229': attribute type 2 has an invalid length.
[   87.166986][ T7003] binder: 7001:7003 ioctl c018620c 20000140 returned -22
[   87.407225][ T7009] tmpfs: Bad value for 'nr_inodes'
[   87.815606][ T7024] FAULT_INJECTION: forcing a failure.
[   87.815606][ T7024] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   87.819754][ T7024] CPU: 1 UID: 0 PID: 7024 Comm: syz.3.236 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[   87.823985][ T7024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.828052][ T7024] Call Trace:
[   87.829393][ T7024]  <TASK>
[   87.830468][ T7024]  dump_stack_lvl+0x16c/0x1f0
[   87.832216][ T7024]  should_fail_ex+0x497/0x5b0
[   87.834016][ T7024]  _copy_from_user+0x2e/0xd0
[   87.835859][ T7024]  kvm_vm_ioctl+0x17b0/0x3df0
[   87.837745][ T7024]  ? stack_trace_save+0x95/0xd0
[   87.839600][ T7024]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[   87.841544][ T7024]  ? __pfx_mark_lock+0x10/0x10
[   87.843401][ T7024]  ? stack_depot_save_flags+0x28/0x9e0
[   87.845511][ T7024]  ? kasan_save_stack+0x42/0x60
[   87.847392][ T7024]  ? kasan_save_stack+0x33/0x60
[   87.849291][ T7024]  ? kasan_save_track+0x14/0x30
[   87.851196][ T7024]  ? kasan_save_free_info+0x3b/0x60
[   87.853213][ T7024]  ? __kasan_slab_free+0x51/0x70
[   87.855077][ T7024]  ? kfree+0x14f/0x4b0
[   87.856634][ T7024]  ? tomoyo_path_number_perm+0x46d/0x5b0
[   87.858764][ T7024]  ? security_file_ioctl_compat+0x9b/0x240
[   87.860972][ T7024]  ? __do_compat_sys_ioctl+0x4e/0x2c0
[   87.862963][ T7024]  ? __do_fast_syscall_32+0x73/0x120
[   87.864953][ T7024]  ? do_fast_syscall_32+0x32/0x80
[   87.866933][ T7024]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   87.869353][ T7024]  ? kvm_arch_vm_compat_ioctl+0x2d1/0x480
[   87.871500][ T7024]  ? hlock_class+0x4e/0x130
[   87.873284][ T7024]  ? mark_lock+0xb5/0xc60
[   87.874964][ T7024]  ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10
[   87.877275][ T7024]  ? __pfx_mark_lock+0x10/0x10
[   87.879058][ T7024]  ? find_held_lock+0x2d/0x110
[   87.880930][ T7024]  ? tomoyo_path_number_perm+0x298/0x5b0
[   87.883068][ T7024]  ? __pfx_lock_release+0x10/0x10
[   87.885029][ T7024]  ? tomoyo_path_number_perm+0x46d/0x5b0
[   87.887177][ T7024]  ? tomoyo_path_number_perm+0x190/0x5b0
[   87.889335][ T7024]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   87.891602][ T7024]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   87.893586][ T7024]  ? do_vfs_ioctl+0x513/0x1950
[   87.894976][ T7024]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   87.896464][ T7024]  kvm_vm_compat_ioctl+0x399/0x440
[   87.897953][ T7024]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[   87.899569][ T7024]  ? __pfx_lock_release+0x10/0x10
[   87.901033][ T7024]  ? trace_lock_acquire+0x14e/0x1f0
[   87.902578][ T7024]  ? __fget_files+0x206/0x3a0
[   87.903931][ T7024]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[   87.905551][ T7024]  __do_compat_sys_ioctl+0x1cb/0x2c0
[   87.907044][ T7024]  __do_fast_syscall_32+0x73/0x120
[   87.908562][ T7024]  do_fast_syscall_32+0x32/0x80
[   87.909996][ T7024]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   87.912073][ T7024] RIP: 0023:0xf7f74579
[   87.913316][ T7024] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   87.918782][ T7024] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   87.921147][ T7024] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004008ae6a
[   87.923764][ T7024] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
[   87.926012][ T7024] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   87.928244][ T7024] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   87.930478][ T7024] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   87.931580][ T7028] 9pnet_fd: Insufficient options for proto=fd
[   87.932702][ T7024]  </TASK>
[   87.979220][ T5950] Bluetooth: hci4: sending frame failed (-49)
[   87.982440][   T67] Bluetooth: hci4: Opcode 0x1003 failed: -49
[   89.187153][ T7060] Process accounting resumed
[   89.200394][ T5950] Bluetooth: Unexpected continuation frame (len 16)
[   89.281856][ T7064] tipc: Enabling of bearer <etH:t> rejected, media not registered
[   89.418989][ T7075] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   89.719189][ T5950] Bluetooth: Unexpected continuation frame (len 16)
[   89.729927][ T7076] Process accounting resumed
[   90.148315][   T25] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[   90.205789][ T7085] netlink: 8 bytes leftover after parsing attributes in process `syz.0.252'.
[   90.344134][   T25] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   90.346643][   T25] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   90.356419][   T25] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[   90.366858][   T25] usb 7-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   90.541388][ T7098] xt_limit: Overflow, try lower: 0/0
[   90.667515][   T25] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   90.670175][   T25] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   90.672568][   T25] usb 7-1: Product: syz
[   90.673811][   T25] usb 7-1: Manufacturer: syz
[   90.772033][   T25] cdc_wdm 7-1:1.0: skipping garbage
[   90.773562][   T25] cdc_wdm 7-1:1.0: skipping garbage
[   90.775026][   T25] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[   91.057388][   T25] usb 7-1: USB disconnect, device number 5
[   91.491936][ T7113] openvswitch: netlink: VXLAN extension 15883 out of range max 1
[   91.603636][ T7112] loop9: detected capacity change from 0 to 7
[   91.606694][ T7112] Dev loop9: unable to read RDB block 7
[   91.608802][ T7112]  loop9: unable to read partition table
[   91.612035][ T7112] loop9: partition table beyond EOD, truncated
[   91.613848][ T7112] loop_reread_partitions: partition scan of loop9 (₫被xüŸÑø éÚ¬§½dƤ´à–ƒƯ¡¯¨�â·û
[   91.613848][ T7112] 
) failed (rc=-5)
[   91.735737][ T7117] netlink: 4 bytes leftover after parsing attributes in process `syz.2.260'.
[   91.738468][ T7117] netlink: 'syz.2.260': attribute type 2 has an invalid length.
[   91.805363][ T7122] binder: 7116:7122 ioctl c018620c 20000140 returned -22
[   92.697896][ T7139] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[   92.822069][ T7150] netlink: 4 bytes leftover after parsing attributes in process `syz.0.267'.
[   92.825373][ T7148] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=4065586549 (65049384784 ns) > initial count (36291960560 ns). Using initial count to start timer.
[   92.829017][ T7150] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   92.834029][ T7150] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   92.836408][ T7150] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   92.838798][ T7150] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   92.842532][ T7150] vxlan0: entered promiscuous mode
[   93.045148][ T7153] netlink: 4 bytes leftover after parsing attributes in process `syz.1.271'.
[   93.047725][ T7153] netlink: 'syz.1.271': attribute type 2 has an invalid length.
[   93.107143][ T7154] binder: 7152:7154 ioctl c018620c 20000140 returned -22
[   93.317631][ T5950] Bluetooth: Unexpected continuation frame (len 16)
[   93.323284][ T7160] Process accounting resumed
[   93.423107][ T7156] netlink: 'syz.2.272': attribute type 10 has an invalid length.
[   93.433528][ T7156] team0: Port device netdevsim0 added
[   93.446423][ T7156] netlink: 'syz.2.272': attribute type 10 has an invalid length.
[   93.459057][ T7156] team0: Port device netdevsim0 removed
[   93.465685][ T7156] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   94.332061][    T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   94.684894][    T9] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   94.688245][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   94.695925][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[   94.699109][    T9] usb 5-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   94.713926][    T9] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   94.717318][    T9] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   94.720100][    T9] usb 5-1: Product: syz
[   94.722100][    T9] usb 5-1: Manufacturer: syz
[   94.733341][    T9] cdc_wdm 5-1:1.0: skipping garbage
[   94.734999][    T9] cdc_wdm 5-1:1.0: skipping garbage
[   94.736940][    T9] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22
[   94.940407][   T65] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[   95.135384][   T65] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[   95.138932][   T65] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.142543][   T65] usb 6-1: Product: syz
[   95.144261][   T65] usb 6-1: Manufacturer: syz
[   95.146110][   T65] usb 6-1: SerialNumber: syz
[   95.149961][   T65] usb 6-1: config 0 descriptor??
[   95.284587][ T7185] netlink: 48 bytes leftover after parsing attributes in process `syz.2.281'.
[   95.335678][ T7187] binder: Unknown parameter 'smackfsroot'
[   95.361413][ T5982] usb 6-1: USB disconnect, device number 9
[   95.472382][   T58] usb 5-1: USB disconnect, device number 6
[   97.645299][ T7292] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   97.874876][ T7304] netlink: 12 bytes leftover after parsing attributes in process `syz.0.300'.
[   98.235410][ T7310] netlink: 12 bytes leftover after parsing attributes in process `syz.1.302'.
[   98.894670][ T7308] binder: 7298:7308 ioctl c0306201 20000480 returned -22
[   99.236160][ T7337] netlink: 4 bytes leftover after parsing attributes in process `syz.3.310'.
[   99.239393][ T7337] netlink: 'syz.3.310': attribute type 2 has an invalid length.
[   99.318961][ T7337] binder: 7336:7337 ioctl c018620c 20000140 returned -22
[   99.921195][   T25] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  100.070418][   T25] usb 8-1: Using ep0 maxpacket: 32
[  100.073878][   T25] usb 8-1: config 0 has no interfaces?
[  100.075873][   T25] usb 8-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  100.079357][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.085348][   T25] usb 8-1: config 0 descriptor??
[  100.310681][ T5982] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  100.492991][ T7362] netlink: 'syz.1.317': attribute type 1 has an invalid length.
[  100.494949][ T7351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  100.504131][ T7351] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  100.507383][ T5982] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  100.511678][ T5982] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  100.515533][ T5982] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  100.525101][ T5982] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  100.528711][ T5982] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.535025][ T5982] usb 5-1: Product: syz
[  100.536360][ T5982] usb 5-1: Manufacturer: syz
[  100.537714][ T5982] usb 5-1: SerialNumber: syz
[  100.745109][ T5982] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  100.940391][ T5950] Bluetooth: hci0: command tx timeout
[  100.951234][ T5982] usb 5-1: USB disconnect, device number 7
[  101.154469][ T7353] usblp0: removed
[  101.175917][ T7372] netlink: 4 bytes leftover after parsing attributes in process `syz.2.319'.
[  101.179375][ T7372] netlink: 'syz.2.319': attribute type 2 has an invalid length.
[  101.187238][ T7372] binder: 7371:7372 ioctl c018620c 20000140 returned -22
[  102.001283][ T5950] Bluetooth: Unexpected continuation frame (len 16)
[  102.080429][ T7385] Process accounting resumed
[  102.389196][ T7395] netlink: 'syz.1.326': attribute type 1 has an invalid length.
[  102.439918][ T7399] netlink: 4 bytes leftover after parsing attributes in process `syz.1.328'.
[  102.442802][ T7399] netlink: 'syz.1.328': attribute type 2 has an invalid length.
[  102.449072][ T7399] binder: 7398:7399 ioctl c018620c 20000140 returned -22
[  102.804718][    T8] usb 8-1: USB disconnect, device number 9
[  103.520701][    T8] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  103.709278][    T8] usb 8-1: Using ep0 maxpacket: 8
[  103.842488][    T8] usb 8-1: config 7 has an invalid interface number: 161 but max is 0
[  103.845102][    T8] usb 8-1: config 7 has no interface number 0
[  103.847194][    T8] usb 8-1: config 7 interface 161 has no altsetting 0
[  103.990180][    T8] usb 8-1: New USB device found, idVendor=6737, idProduct=0001, bcdDevice=4e.59
[  103.992804][    T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  103.995075][    T8] usb 8-1: Product: syz
[  103.996293][    T8] usb 8-1: Manufacturer: syz
[  103.997628][    T8] usb 8-1: SerialNumber: syz
[  104.461912][ T7432] netlink: 'syz.1.336': attribute type 1 has an invalid length.
[  104.963422][ T7441] tipc: Started in network mode
[  104.965489][ T7441] tipc: Node identity a6a3054c0242, cluster identity 4711
[  104.968261][ T7441] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  105.026177][ T7442] FAULT_INJECTION: forcing a failure.
[  105.026177][ T7442] name failslab, interval 1, probability 0, space 0, times 1
[  105.029901][ T7442] CPU: 2 UID: 0 PID: 7442 Comm: syz.0.338 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  105.032999][ T7442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  105.036233][ T7442] Call Trace:
[  105.037205][ T7442]  <TASK>
[  105.038057][ T7442]  dump_stack_lvl+0x16c/0x1f0
[  105.039403][ T7442]  should_fail_ex+0x497/0x5b0
[  105.040771][ T7442]  ? fs_reclaim_acquire+0xae/0x150
[  105.042279][ T7442]  should_failslab+0xc2/0x120
[  105.043634][ T7442]  __kmalloc_noprof+0xce/0x4f0
[  105.045064][ T7442]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  105.046728][ T7442]  ? tomoyo_realpath_from_path+0xbf/0x710
[  105.048423][ T7442]  tomoyo_realpath_from_path+0xbf/0x710
[  105.050027][ T7442]  ? tomoyo_path_number_perm+0x235/0x5b0
[  105.051625][ T7442]  tomoyo_path_number_perm+0x248/0x5b0
[  105.053190][ T7442]  ? tomoyo_path_number_perm+0x235/0x5b0
[  105.054787][ T7442]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  105.056658][ T7442]  ? __pfx_lock_release+0x10/0x10
[  105.058102][ T7442]  ? trace_lock_acquire+0x14e/0x1f0
[  105.059604][ T7442]  ? lock_acquire+0x2f/0xb0
[  105.061098][ T7442]  ? __fget_files+0x40/0x3a0
[  105.062834][ T7442]  ? __fget_files+0x206/0x3a0
[  105.064543][ T7442]  security_file_ioctl_compat+0x9b/0x240
[  105.066310][ T7442]  __do_compat_sys_ioctl+0x4e/0x2c0
[  105.067808][ T7442]  __do_fast_syscall_32+0x73/0x120
[  105.069311][ T7442]  do_fast_syscall_32+0x32/0x80
[  105.070828][ T7442]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  105.072785][ T7442] RIP: 0023:0xf706e579
[  105.073962][ T7442] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  105.079524][ T7442] RSP: 002b:00000000f4d0c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  105.081902][ T7442] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00000000c0306201
[  105.084141][ T7442] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000000000000
[  105.086438][ T7442] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  105.088696][ T7442] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  105.090943][ T7442] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  105.093214][ T7442]  </TASK>
[  105.102328][ T7442] ERROR: Out of memory at tomoyo_realpath_from_path.
[  105.104563][ T7442] binder: 7439:7442 ioctl c0306201 20000180 returned -14
[  105.119015][ T7442] tipc: Disabling bearer <eth:syzkaller0>
[  105.155857][ T7447] netlink: 'syz.2.339': attribute type 10 has an invalid length.
[  105.192730][ T7447] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  105.306851][ T7456] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  105.382135][ T7462] binder: 7452:7462 ioctl c0306201 20000180 returned -14
[  105.532331][ T7473] ref_ctr going negative. vaddr: 0x20ffc002, curr val: -29824, delta: 1
[  105.536338][ T7473] ref_ctr increment failed for inode: 0x1ee offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88806b37e180
[  105.988816][ T5950] Bluetooth: Unexpected continuation frame (len 16)
[  105.999236][ T7507] Process accounting resumed
[  106.046778][ T7452] tipc: Disabling bearer <eth:syzkaller0>
[  106.111995][    T8] hub 8-1:7.161: bad descriptor, ignoring hub
[  106.113702][    T8] hub 8-1:7.161: probe with driver hub failed with error -5
[  106.116102][    T8] cypress_m8 8-1:7.161: HID->COM RS232 Adapter converter detected
[  106.118914][    T8] cyphidcom ttyUSB0: required endpoint is missing
[  106.141057][    T8] usb 8-1: USB disconnect, device number 10
[  106.143612][    T8] cypress_m8 8-1:7.161: device disconnected
[  106.381349][ T5950] Bluetooth: Unexpected continuation frame (len 16)
[  106.399109][ T7518] Process accounting resumed
[  106.460436][ T7526] syz.1.348: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  106.467866][ T7526] CPU: 2 UID: 0 PID: 7526 Comm: syz.1.348 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  106.472064][ T7526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  106.476295][ T7526] Call Trace:
[  106.477630][ T7526]  <TASK>
[  106.478830][ T7526]  dump_stack_lvl+0x16c/0x1f0
[  106.480796][ T7526]  warn_alloc+0x24d/0x3a0
[  106.482553][ T7526]  ? __pfx_warn_alloc+0x10/0x10
[  106.484450][ T7526]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  106.486792][ T7526]  ? kasan_save_stack+0x42/0x60
[  106.488771][ T7526]  ? kasan_save_stack+0x33/0x60
[  106.490681][ T7526]  ? kasan_save_track+0x14/0x30
[  106.492551][ T7526]  ? __kasan_kmalloc+0xaa/0xb0
[  106.494389][ T7526]  ? xskq_create+0x52/0x1d0
[  106.496201][ T7526]  ? do_sock_setsockopt+0x222/0x480
[  106.498294][ T7526]  ? __sys_setsockopt+0x1a0/0x230
[  106.500315][ T7526]  ? __ia32_sys_setsockopt+0xbc/0x160
[  106.502505][ T7526]  __vmalloc_node_range_noprof+0x10df/0x1530
[  106.504942][ T7526]  ? xskq_create+0xfb/0x1d0
[  106.506813][ T7526]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  106.509400][ T7526]  ? xskq_create+0xfb/0x1d0
[  106.511268][ T7526]  vmalloc_user_noprof+0x6b/0x90
[  106.513277][ T7526]  ? xskq_create+0xfb/0x1d0
[  106.515125][ T7526]  xskq_create+0xfb/0x1d0
[  106.516848][ T7526]  xsk_setsockopt+0x8b0/0xac0
[  106.518773][ T7526]  ? __pfx_xsk_setsockopt+0x10/0x10
[  106.520881][ T7526]  ? __pfx_futex_wake+0x10/0x10
[  106.522805][ T7526]  ? find_held_lock+0x2d/0x110
[  106.524622][ T7526]  ? __pfx_xsk_setsockopt+0x10/0x10
[  106.526558][ T7526]  do_sock_setsockopt+0x222/0x480
[  106.528560][ T7526]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  106.530764][ T7526]  ? lock_acquire+0x2f/0xb0
[  106.532613][ T7526]  __sys_setsockopt+0x1a0/0x230
[  106.534564][ T7526]  __ia32_sys_setsockopt+0xbc/0x160
[  106.536637][ T7526]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.538712][ T7526]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  106.541281][ T7526]  __do_fast_syscall_32+0x73/0x120
[  106.543323][ T7526]  do_fast_syscall_32+0x32/0x80
[  106.545265][ T7526]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  106.547740][ T7526] RIP: 0023:0xf7f24579
[  106.549427][ T7526] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  106.557037][ T7526] RSP: 002b:00000000f505555c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[  106.560451][ T7526] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b
[  106.563602][ T7526] RDX: 0000000000000002 RSI: 0000000020000080 RDI: 0000000000000020
[  106.566703][ T7526] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  106.569864][ T7526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  106.573000][ T7526] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  106.576132][ T7526]  </TASK>
[  106.579147][ T7526] Mem-Info:
[  106.580158][ T7526] active_anon:5076 inactive_anon:492 isolated_anon:0
[  106.580158][ T7526]  active_file:17165 inactive_file:33497 isolated_file:0
[  106.580158][ T7526]  unevictable:1768 dirty:629 writeback:0
[  106.580158][ T7526]  slab_reclaimable:5680 slab_unreclaimable:56578
[  106.580158][ T7526]  mapped:25042 shmem:2453 pagetables:766
[  106.580158][ T7526]  sec_pagetables:301 bounce:0
[  106.580158][ T7526]  kernel_misc_reclaimable:0
[  106.580158][ T7526]  free:57763 free_pcp:3968 free_cma:0
[  106.599405][ T7527] syz.2.349: attempt to access beyond end of device
[  106.599405][ T7527] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  106.630341][ T7526] Node 0 active_anon:4996kB inactive_anon:1968kB active_file:7264kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:4444kB dirty:92kB writeback:0kB shmem:4904kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9836kB pagetables:844kB sec_pagetables:1156kB all_unreclaimable? yes
[  106.666765][ T7526] Node 1 active_anon:15448kB inactive_anon:0kB active_file:61396kB inactive_file:133984kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:97212kB dirty:2428kB writeback:0kB shmem:4884kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2464kB pagetables:2232kB sec_pagetables:48kB all_unreclaimable? no
[  106.677333][ T7526] Node 0 DMA free:2976kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:248kB inactive_anon:232kB active_file:24kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:536kB local_pcp:28kB free_cma:0kB
[  106.687341][ T7526] lowmem_reserve[]: 0 273 0 0 0
[  106.687536][ T7527] syzkaller0: entered promiscuous mode
[  106.689014][ T7526] Node 0 
[  106.690661][ T7527] syzkaller0: entered allmulticast mode
[  106.693153][ T7526] DMA32 free:19168kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:4740kB inactive_anon:1736kB active_file:7240kB inactive_file:0kB unevictable:3536kB writepending:92kB present:1032196kB managed:306308kB mlocked:0kB bounce:0kB free_pcp:1776kB local_pcp:52kB free_cma:0kB
[  106.702880][   T12] syzkaller0: tun_net_xmit 48
[  106.703257][ T7526] lowmem_reserve[]: 0 0 0 0 0
[  106.706359][ T7526] Node 1 DMA32 free:199960kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:15448kB inactive_anon:0kB active_file:61396kB inactive_file:133984kB unevictable:3536kB writepending:2428kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:12880kB local_pcp:224kB free_cma:0kB
[  106.716759][ T7526] lowmem_reserve[]: 0 0 0 0 0
[  106.718209][ T7526] Node 0 DMA: 52*4kB (UME) 36*8kB (UE) 23*16kB (UME) 36*32kB (UME) 11*64kB (UME) 0*128kB 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2976kB
[  106.722685][ T7526] Node 0 DMA32: 81*4kB (UMEH) 12*8kB (UMEH) 7*16kB (UMEH) 148*32kB (UEH) 83*64kB (UEH) 21*128kB (UMEH) 1*256kB (U) 3*512kB (UM) 2*1024kB (UM) 1*2048kB (M) 0*4096kB = 19156kB
[  106.726842][ T7527] syzkaller0: tun_chr_ioctl cmd 1074025677
[  106.728022][ T7526] Node 1 
[  106.729698][ T7527] syzkaller0: Linktype set failed because interface is up
[  106.733085][ T7526] DMA32: 82*4kB (U) 94*8kB (UME) 63*16kB (ME) 358*32kB (ME) 166*64kB (ME) 70*128kB (UME) 47*256kB (UME) 30*512kB (UME) 24*1024kB (UM) 8*2048kB (UM) 24*4096kB (UM) = 199784kB
[  106.737344][ T5986] IPVS: starting estimator thread 0...
[  106.739213][ T7526] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  106.743741][ T7526] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  106.746503][ T7526] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  106.749415][ T7526] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  106.752278][ T7526] 53106 total pagecache pages
[  106.753929][ T7526] 0 pages in swap cache
[  106.755219][ T7526] Free swap  = 124460kB
[  106.756482][ T7526] Total swap = 124996kB
[  106.757700][ T7526] 524155 pages RAM
[  106.758817][ T7526] 0 pages HighMem/MovableOnly
[  106.760362][ T7526] 206675 pages reserved
[  106.761648][ T7526] 0 pages cma reserved
[  106.840423][ T7530] IPVS: using max 38 ests per chain, 91200 per kthread
[  106.962286][ T6390] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  107.112681][ T6390] usb 6-1: Using ep0 maxpacket: 8
[  107.137498][ T6390] usb 6-1: config index 0 descriptor too short (expected 74, got 45)
[  107.140209][ T6390] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  107.143714][ T6390] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  107.146650][ T6390] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  107.149644][ T6390] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  107.153688][ T6390] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  107.156422][ T6390] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.386684][ T6390] usb 6-1: GET_CAPABILITIES returned 0
[  107.388322][ T6390] usbtmc 6-1:16.0: can't read capabilities
[  107.417729][ T7535] Cannot find del_set index 3 as target
[  107.632300][    C0] usbtmc 6-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  107.638854][ T7524] usbtmc 6-1:16.0: Unable to send data, error -71
[  107.698665][ T6001] usb 6-1: USB disconnect, device number 10
[  108.119701][ T7546] netlink: 4 bytes leftover after parsing attributes in process `syz.0.352'.
[  108.199322][ T7546] netlink: 'syz.0.352': attribute type 2 has an invalid length.
[  108.201555][ T7547] binder: 7545:7547 ioctl c018620c 20000140 returned -22
[  108.337455][ T7556] Zero length message leads to an empty skb
[  108.925977][ T7561] syz.1.355 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  108.962533][ T7571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.361'.
[  108.965321][ T7571] netlink: 'syz.0.361': attribute type 2 has an invalid length.
[  108.980577][ T7571] binder: 7570:7571 ioctl c018620c 20000140 returned -22
[  109.308825][ T7587] netlink: 'syz.1.366': attribute type 3 has an invalid length.
[  109.570493][   T25] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  109.755911][   T25] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  109.758589][   T25] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.763313][   T25] usb 7-1: Product: syz
[  109.764767][   T25] usb 7-1: Manufacturer: syz
[  109.766197][   T25] usb 7-1: SerialNumber: syz
[  109.782220][   T25] usb 7-1: config 0 descriptor??
[  110.026208][ T5986] usb 7-1: USB disconnect, device number 6
[  110.177675][ T7595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.370'.
[  110.180885][ T7595] netlink: 'syz.0.370': attribute type 2 has an invalid length.
[  110.186019][ T7595] binder: 7594:7595 ioctl c018620c 20000140 returned -22
[  111.562558][ T7622] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  111.564922][ T7622] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  111.569544][ T7622] vhci_hcd vhci_hcd.0: Device attached
[  111.750486][ T1320] vhci_hcd: vhci_device speed not set
[  111.810392][ T1320] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[  111.865581][   T67] Bluetooth: Unexpected continuation frame (len 16)
[  111.884340][ T7629] Process accounting resumed
[  112.054062][ T7625] vhci_hcd: connection reset by peer
[  112.057133][   T69] vhci_hcd: stop threads
[  112.058391][   T69] vhci_hcd: release socket
[  112.059785][   T69] vhci_hcd: disconnect device
[  112.220411][   T67] Bluetooth: hci4: command 0x1003 tx timeout
[  112.220470][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  112.289249][ T7636] netlink: 4 bytes leftover after parsing attributes in process `syz.1.381'.
[  112.297142][ T7636] netlink: 'syz.1.381': attribute type 2 has an invalid length.
[  112.305055][ T7636] binder: 7635:7636 ioctl c018620c 20000140 returned -22
[  112.473656][ T5950] Bluetooth: Unexpected continuation frame (len 16)
[  112.477373][ T7648] Process accounting resumed
[  112.894251][ T7668] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  112.988493][ T7671] netlink: 68 bytes leftover after parsing attributes in process `syz.1.391'.
[  113.012071][ T7671] netlink: 68 bytes leftover after parsing attributes in process `syz.1.391'.
[  113.021092][ T7671] netlink: 20 bytes leftover after parsing attributes in process `syz.1.391'.
[  113.080701][ T7673] virtio-fs: tag <(null)> not found
[  113.154392][ T7671] netfs: Couldn't get user pages (rc=-14)
[  113.330924][ T6001] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  113.339287][ T7675] netlink: 20 bytes leftover after parsing attributes in process `syz.2.392'.
[  113.365835][ T7675] bond0: (slave wlan1): Releasing backup interface
[  113.420379][   T35] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  113.548127][ T6001] usb 5-1: Using ep0 maxpacket: 8
[  113.573175][   T35] usb 6-1: config 0 has no interfaces?
[  113.574761][   T35] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  113.577391][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.582956][   T35] usb 6-1: config 0 descriptor??
[  113.624979][ T6001] usb 5-1: config 7 has an invalid interface number: 161 but max is 0
[  113.627343][ T6001] usb 5-1: config 7 has no interface number 0
[  113.629125][ T6001] usb 5-1: config 7 interface 161 has no altsetting 0
[  113.702386][ T6001] usb 5-1: New USB device found, idVendor=6737, idProduct=0001, bcdDevice=4e.59
[  113.705016][ T6001] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.707289][ T6001] usb 5-1: Product: syz
[  113.708514][ T6001] usb 5-1: Manufacturer: syz
[  113.709845][ T6001] usb 5-1: SerialNumber: syz
[  113.790320][ T7671] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.792897][ T7671] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  115.379496][ T7696] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  115.730390][ T7691] syz.2.396 (7691) used greatest stack depth: 20688 bytes left
[  115.941134][ T6001] hub 5-1:7.161: bad descriptor, ignoring hub
[  115.942939][ T6001] hub 5-1:7.161: probe with driver hub failed with error -5
[  115.945345][ T6001] cypress_m8 5-1:7.161: HID->COM RS232 Adapter converter detected
[  115.947827][ T6001] cyphidcom ttyUSB0: required endpoint is missing
[  115.970551][ T6001] usb 5-1: USB disconnect, device number 8
[  115.972794][ T6001] cypress_m8 5-1:7.161: device disconnected
[  116.076848][   T11] Bluetooth: hci4: Frame reassembly failed (-84)
[  116.432438][   T30] usb 6-1: USB disconnect, device number 11
[  116.464917][ T7715] Cannot find del_set index 3 as target
[  116.518224][ T7710] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  116.520389][ T7710] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  116.528691][ T7710] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  116.532774][ T7710] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  116.534623][ T7710] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  116.542887][ T7710] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  116.552648][ T7710] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  116.556597][ T7710] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  116.570035][ T7710] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  116.751267][   T40] audit: type=1326 audit(1736050728.273:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.1.403" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  116.757302][   T40] audit: type=1326 audit(1736050728.273:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.1.403" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  116.763984][   T40] audit: type=1326 audit(1736050728.273:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.1.403" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  116.770038][   T40] audit: type=1326 audit(1736050728.273:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.1.403" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  116.776468][   T40] audit: type=1326 audit(1736050728.273:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.1.403" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  116.782791][   T40] audit: type=1326 audit(1736050728.273:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.1.403" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  116.788918][   T40] audit: type=1326 audit(1736050728.273:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.1.403" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  116.795723][   T40] audit: type=1326 audit(1736050728.273:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.1.403" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  116.801885][   T40] audit: type=1326 audit(1736050728.273:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.1.403" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  116.807961][   T40] audit: type=1326 audit(1736050728.273:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7724 comm="syz.1.403" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  117.010419][ T6001] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  117.160352][ T6001] usb 6-1: Using ep0 maxpacket: 8
[  117.164921][ T6001] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  117.169204][ T6001] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  117.175147][ T6001] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  117.179130][ T6001] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  117.187389][ T6001] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  117.190928][ T6001] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.432182][ T1320] vhci_hcd: vhci_device speed not set
[  117.639136][ T6001] usb 6-1: GET_CAPABILITIES returned 0
[  117.641136][ T6001] usbtmc 6-1:16.0: can't read capabilities
[  117.927735][ T7737] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.931103][ T7737] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.934377][ T7737] bridge0: entered allmulticast mode
[  117.944489][ T7737] bridge_slave_1: left allmulticast mode
[  117.946380][ T7737] bridge_slave_1: left promiscuous mode
[  117.949456][ T7737] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.966054][ T7737] bridge_slave_0: left allmulticast mode
[  117.967912][ T7737] bridge_slave_0: left promiscuous mode
[  117.969693][ T7737] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.150356][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  118.152323][   T67] Bluetooth: hci4: command 0x1003 tx timeout
[  118.162784][ T7733] net veth1_virt_wifi virt_wifi0: invalid flags given to default FDB implementation
[  118.390447][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  118.541758][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  118.587886][ T5950] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  118.626034][ T7746] Process accounting resumed
[  118.630359][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[  118.826257][ T7748] random: crng reseeded on system resumption
[  119.137841][ T7756] overlayfs: failed to resolve './file1': -2
[  119.329687][ T7761] GUP no longer grows the stack in syz.2.413 (7761): 20004000-2000a000 (20002000)
[  119.333558][ T7761] CPU: 1 UID: 0 PID: 7761 Comm: syz.2.413 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  119.336868][ T7761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.340110][ T7761] Call Trace:
[  119.341124][ T7761]  <TASK>
[  119.341985][ T7761]  dump_stack_lvl+0x16c/0x1f0
[  119.343424][ T7761]  gup_vma_lookup+0x1d2/0x220
[  119.344800][ T7761]  __get_user_pages+0x236/0x3b50
[  119.346222][ T7761]  ? find_held_lock+0x2d/0x110
[  119.347620][ T7761]  ? mtree_load+0x30a/0xa40
[  119.348919][ T7761]  ? __pfx_lock_release+0x10/0x10
[  119.350376][ T7761]  ? __pfx___get_user_pages+0x10/0x10
[  119.351917][ T7761]  get_user_pages_remote+0x25e/0xb30
[  119.353449][ T7761]  ? __pfx_get_user_pages_remote+0x10/0x10
[  119.355133][ T7761]  __access_remote_vm+0x3a5/0x7b0
[  119.356574][ T7761]  ? __pfx___access_remote_vm+0x10/0x10
[  119.358217][ T7761]  ? lock_acquire+0x2f/0xb0
[  119.359536][ T7761]  ? proc_pid_cmdline_read+0x25b/0x8d0
[  119.361128][ T7761]  proc_pid_cmdline_read+0x4f4/0x8d0
[  119.362655][ T7761]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  119.364345][ T7761]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  119.366025][ T7761]  vfs_readv+0x6bf/0x890
[  119.367260][ T7761]  ? __pfx___lock_acquire+0x10/0x10
[  119.368768][ T7761]  ? __pfx_vfs_readv+0x10/0x10
[  119.370173][ T7761]  ? __fget_files+0x1fc/0x3a0
[  119.371532][ T7761]  ? __pfx_lock_release+0x10/0x10
[  119.373002][ T7761]  ? __fget_files+0x206/0x3a0
[  119.374364][ T7761]  ? do_preadv+0x1b1/0x270
[  119.375654][ T7761]  do_preadv+0x1b1/0x270
[  119.376892][ T7761]  ? __pfx_do_preadv+0x10/0x10
[  119.378276][ T7761]  __do_fast_syscall_32+0x73/0x120
[  119.379775][ T7761]  do_fast_syscall_32+0x32/0x80
[  119.381186][ T7761]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  119.382995][ T7761] RIP: 0023:0xf7f17579
[  119.384175][ T7761] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  119.389651][ T7761] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 000000000000014d
[  119.392007][ T7761] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020000040
[  119.394299][ T7761] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000
[  119.396402][ T7761] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  119.398479][ T7761] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  119.400514][ T7761] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  119.402578][ T7761]  </TASK>
[  119.992195][   T30] usb 6-1: USB disconnect, device number 12
[  120.099343][ T7777] 9pnet_fd: Insufficient options for proto=fd
[  120.159841][ T7782] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  120.262018][ T7781] Process accounting resumed
[  120.265621][ T5950] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  120.474015][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  120.630416][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  120.722887][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[  120.965189][ T7797] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  120.974071][ T7797] CIFS mount error: No usable UNC path provided in device string!
[  120.974071][ T7797] 
[  120.977041][ T7797] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  121.397181][ T7805] xt_CT: No such helper "snmp_trap"
[  121.413413][ T5950] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  121.416361][ T7809] Process accounting resumed
[  121.657493][ T7822] usb 2-1: USB disconnect, device number 2
[  121.770391][ T7828] hub 2-0:1.0: USB hub found
[  121.772050][ T7828] hub 2-0:1.0: 6 ports detected
[  121.972124][ T7833] netlink: 4 bytes leftover after parsing attributes in process `syz.0.427'.
[  121.974838][ T7833] netlink: 'syz.0.427': attribute type 2 has an invalid length.
[  122.051530][ T7835] binder: 7832:7835 ioctl c018620c 20000140 returned -22
[  122.152674][ T7838] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  122.411853][ T6001] usb 2-1: new high-speed USB device number 3 using ehci-pci
[  122.540495][ T5950] Bluetooth: hci0: command 0x0c1a tx timeout
[  122.615822][ T6001] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  122.618695][ T6001] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  122.630409][ T6001] usb 2-1: Product: QEMU USB Tablet
[  122.632065][ T6001] usb 2-1: Manufacturer: QEMU
[  122.633640][ T6001] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  122.662427][ T7845] Illegal XDP return value 4294967262 on prog  (id 88) dev N/A, expect packet loss!
[  122.674534][ T6001] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0003/input/input8
[  122.703208][ T5950] Bluetooth: hci2: command 0x0c1a tx timeout
[  122.780330][ T5950] Bluetooth: hci3: command 0x0c1a tx timeout
[  122.803525][ T6001] hid-generic 0003:0627:0001.0003: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  122.803595][ T7851] netlink: 12 bytes leftover after parsing attributes in process `syz.2.432'.
[  122.809678][ T7851] netlink: 60 bytes leftover after parsing attributes in process `syz.2.432'.
[  122.812669][ T7851] netlink: 12 bytes leftover after parsing attributes in process `syz.2.432'.
[  122.818274][ T7851] netlink: 60 bytes leftover after parsing attributes in process `syz.2.432'.
[  122.820885][ T7851] netlink: 104 bytes leftover after parsing attributes in process `syz.2.432'.
[  122.914016][ T7851] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  122.990418][ T5950] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  123.019906][ T7855] Process accounting resumed
[  123.613342][ T7863] netlink: 4 bytes leftover after parsing attributes in process `syz.3.438'.
[  123.616870][ T7863] netlink: 'syz.3.438': attribute type 2 has an invalid length.
[  123.663322][ T7865] Process accounting resumed
[  123.690384][ T5950] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  123.697295][ T7866] binder: 7861:7866 ioctl c018620c 20000140 returned -22
[  123.870184][ T7868] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  124.576071][ T5986] libceph: connect (1)[c::]:6789 error -101
[  124.577938][ T5986] libceph: mon0 (1)[c::]:6789 connect error
[  124.724887][ T7876] ceph: No mds server is up or the cluster is laggy
[  125.300994][   T40] kauditd_printk_skb: 59 callbacks suppressed
[  125.301061][   T40] audit: type=1804 audit(1736050736.803:85): pid=7901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.445" name="/newroot/102/file0/cgroup.controllers" dev="9p" ino=37098977 res=1 errno=0
[  125.963934][ T7908] mmap: syz.0.443 (7908) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  126.469078][ T7915] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  126.809542][ T7923] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  128.404485][ T5950] Bluetooth: hci0: unexpected event for opcode 0x0c03
[  128.475969][ T7952] netlink: 32 bytes leftover after parsing attributes in process `syz.0.457'.
[  128.667146][   T40] audit: type=1326 audit(1736050740.183:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.1.459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  128.669377][ T7958] tmpfs: Bad value for 'grpquota_inode_hardlimit'
[  128.678869][   T40] audit: type=1326 audit(1736050740.183:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.1.459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  128.696406][   T40] audit: type=1326 audit(1736050740.183:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.1.459" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  128.715111][   T40] audit: type=1326 audit(1736050740.183:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.1.459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  128.724982][   T40] audit: type=1326 audit(1736050740.183:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.1.459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  128.733672][   T40] audit: type=1326 audit(1736050740.183:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.1.459" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  128.742188][   T40] audit: type=1326 audit(1736050740.183:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.1.459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  128.750469][   T40] audit: type=1326 audit(1736050740.183:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.1.459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  128.758953][   T40] audit: type=1326 audit(1736050740.183:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7957 comm="syz.1.459" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f24579 code=0x7ffc0000
[  128.771196][ T7962] netlink: 'syz.1.461': attribute type 1 has an invalid length.
[  129.700815][ T7979] netlink: 8 bytes leftover after parsing attributes in process `syz.3.467'.
[  129.928181][ T7988] netlink: 'syz.0.470': attribute type 1 has an invalid length.
[  129.980768][   T35] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  130.022421][ T7995] netlink: 4 bytes leftover after parsing attributes in process `syz.0.473'.
[  130.024972][ T7995] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  130.027243][ T7995] batman_adv: batadv0: Removing interface: batadv_slave_0
[  130.029777][ T7995] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  130.033898][ T7995] batman_adv: batadv0: Removing interface: batadv_slave_1
[  130.078809][ T7996] netlink: 8 bytes leftover after parsing attributes in process `syz.0.473'.
[  130.131686][   T35] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  130.134897][   T35] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  130.137780][   T35] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  130.140712][   T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.145759][ T7981] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  130.149757][   T35] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  130.192955][ T7998] netlink: 4 bytes leftover after parsing attributes in process `syz.2.474'.
[  130.195623][ T7998] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  130.197803][ T7998] batman_adv: batadv0: Removing interface: batadv_slave_0
[  130.205043][ T7998] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  130.207617][ T7998] batman_adv: batadv0: Removing interface: batadv_slave_1
[  130.222412][ T7998] bond0: (slave batadv0): Releasing backup interface
[  130.299292][ T8004] netlink: 8 bytes leftover after parsing attributes in process `syz.2.474'.
[  130.352699][ T5982] usb 8-1: USB disconnect, device number 11
[  130.998040][ T8028] netlink: 'syz.1.480': attribute type 1 has an invalid length.
[  131.429725][ T8037] netlink: 4 bytes leftover after parsing attributes in process `syz.3.483'.
[  131.434195][ T8037] netlink: 8 bytes leftover after parsing attributes in process `syz.3.483'.
[  131.520925][ T8044] input: syz1 as /devices/virtual/input/input9
[  131.557851][ T8043] input: syz0 as /devices/virtual/input/input10
[  132.212447][ T8059] binder: 8057:8059 ioctl c018620c 20000140 returned -22
[  132.222109][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[  132.224698][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[  132.236746][ T8060] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  132.472258][   T67] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  132.474887][   T67] Bluetooth: hci0: Injecting HCI hardware error event
[  132.479258][ T5956] Bluetooth: hci0: hardware error 0x00
[  132.580582][ T8068] netlink: 4 bytes leftover after parsing attributes in process `syz.3.492'.
[  132.632132][ T8068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.492'.
[  132.798371][ T8082] usb 2-1: USB disconnect, device number 3
[  132.968535][ T8086] hub 2-0:1.0: USB hub found
[  132.984994][ T8086] hub 2-0:1.0: 6 ports detected
[  133.160382][    T9] usb 2-1: new high-speed USB device number 4 using ehci-pci
[  133.355085][    T9] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00
[  133.372787][    T9] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10
[  133.377880][    T9] usb 2-1: Product: QEMU USB Tablet
[  133.383670][    T9] usb 2-1: Manufacturer: QEMU
[  133.396131][    T9] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1
[  133.444074][    T9] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0004/input/input11
[  133.515899][    T9] hid-generic 0003:0627:0001.0004: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0
[  133.978255][ T8103] binder: 8101:8103 ioctl c018620c 20000140 returned -22
[  134.176848][ T8107] overlayfs: failed to resolve './file1': -2
[  134.186757][ T8107] netlink: 'syz.1.501': attribute type 1 has an invalid length.
[  134.220677][   T67] Bluetooth: hci3: command 0x0c1a tx timeout
[  134.258147][ T8110] netlink: 8 bytes leftover after parsing attributes in process `syz.0.503'.
[  134.274753][ T8112] netlink: 4 bytes leftover after parsing attributes in process `syz.1.502'.
[  134.352353][ T8115] netlink: 8 bytes leftover after parsing attributes in process `syz.1.502'.
[  134.540390][ T5956] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  134.569059][ T8128] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  134.964864][ T5956] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  134.980653][ T8141] Process accounting resumed
[  135.000358][   T35] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  135.162076][   T35] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  135.166404][   T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.180687][   T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.183481][   T35] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  135.207618][   T35] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  135.210313][   T35] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  135.213100][   T35] usb 8-1: Manufacturer: syz
[  135.222933][   T35] usb 8-1: config 0 descriptor??
[  135.243473][ T8143] overlayfs: failed to resolve './file1': -2
[  135.248966][ T8143] netlink: 'syz.2.511': attribute type 1 has an invalid length.
[  135.332003][ T8149] devtmpfs: Too few inodes for current use
[  135.586702][ T8161] capability: warning: `syz.0.518' uses 32-bit capabilities (legacy support in use)
[  135.721865][   T35] appleir 0003:05AC:8243.0005: unknown main item tag 0x0
[  135.724555][   T35] appleir 0003:05AC:8243.0005: No inputs registered, leaving
[  135.730550][   T35] appleir 0003:05AC:8243.0005: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  136.088692][ T5982] IPVS: starting estimator thread 0...
[  136.240330][ T8173] IPVS: using max 38 ests per chain, 91200 per kthread
[  136.321851][ T5956] Bluetooth: hci3: command 0x0c1a tx timeout
[  137.181012][ T5982] usb 8-1: reset high-speed USB device number 12 using dummy_hcd
[  137.240762][ T8187] vxcan1: entered promiscuous mode
[  137.242977][ T8187] vxcan1: entered allmulticast mode
[  138.085772][   T59] usb 8-1: USB disconnect, device number 12
[  138.220375][ T8214] netlink: 1268 bytes leftover after parsing attributes in process `syz.3.532'.
[  138.224633][ T8214] openvswitch: netlink: Message has 12 unknown bytes.
[  138.419242][ T8224] Process accounting resumed
[  138.450881][ T8226] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  139.101897][ T8237] dvmrp8: entered allmulticast mode
[  139.107533][ T8236] dvmrp8: left allmulticast mode
[  140.000170][ T8274] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  140.813234][ T8289] syz.3.551 (8289): drop_caches: 2
[  140.830823][ T8290] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  141.221222][ T5986] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  141.373142][ T5986] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.377091][ T5986] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.381193][ T5986] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  141.384877][ T5986] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.389693][ T5986] usb 8-1: config 0 descriptor??
[  141.545899][ T8297] netlink: 'syz.1.553': attribute type 1 has an invalid length.
[  141.650596][ T8303] capability: warning: `syz.1.555' uses deprecated v2 capabilities in a way that may be insecure
[  141.800765][ T5986] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor
[  141.807180][ T5986] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0926:3333.0006/input/input12
[  141.885880][ T8311] lo speed is unknown, defaulting to 1000
[  141.907032][ T5986] keytouch 0003:0926:3333.0006: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  142.010721][   T59] usb 8-1: USB disconnect, device number 13
[  142.223083][ T8322] FAULT_INJECTION: forcing a failure.
[  142.223083][ T8322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.226789][ T8322] CPU: 2 UID: 0 PID: 8322 Comm: syz.2.560 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  142.229960][ T8322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  142.233039][ T8322] Call Trace:
[  142.234004][ T8322]  <TASK>
[  142.234866][ T8322]  dump_stack_lvl+0x16c/0x1f0
[  142.236240][ T8322]  should_fail_ex+0x497/0x5b0
[  142.237649][ T8322]  _copy_from_iter+0x29b/0x1400
[  142.239098][ T8322]  ? trace_lock_acquire+0x14e/0x1f0
[  142.240612][ T8322]  ? __pfx__copy_from_iter+0x10/0x10
[  142.242139][ T8322]  ? __virt_addr_valid+0x1a4/0x590
[  142.243637][ T8322]  ? __virt_addr_valid+0x5e/0x590
[  142.245096][ T8322]  ? __phys_addr_symbol+0x30/0x80
[  142.246582][ T8322]  ? __check_object_size+0x488/0x710
[  142.248612][ T8322]  hci_sock_sendmsg+0x46d/0x25e0
[  142.250093][ T8322]  ? __pfx_aa_sk_perm+0x10/0x10
[  142.251523][ T8322]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  142.253109][ T8322]  sock_write_iter+0x4fe/0x5b0
[  142.254499][ T8322]  ? __pfx_sock_write_iter+0x10/0x10
[  142.256016][ T8322]  ? bpf_lsm_file_permission+0x9/0x10
[  142.257579][ T8322]  ? security_file_permission+0x71/0x210
[  142.259226][ T8322]  vfs_write+0x5ae/0x1150
[  142.260522][ T8322]  ? __pfx_sock_write_iter+0x10/0x10
[  142.262066][ T8322]  ? __pfx_vfs_write+0x10/0x10
[  142.263452][ T8322]  ? __fget_files+0x40/0x3a0
[  142.264813][ T8322]  ksys_write+0x207/0x250
[  142.266067][ T8322]  ? __pfx_ksys_write+0x10/0x10
[  142.267501][ T8322]  __do_fast_syscall_32+0x73/0x120
[  142.269022][ T8322]  do_fast_syscall_32+0x32/0x80
[  142.270756][ T8322]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  142.272725][ T8322] RIP: 0023:0xf7f17579
[  142.273906][ T8322] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  142.279559][ T8322] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  142.282646][ T8322] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000080
[  142.285589][ T8322] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000000
[  142.288525][ T8322] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  142.291460][ T8322] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  142.294400][ T8322] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  142.296692][ T8322]  </TASK>
[  142.362223][ T8324] netlink: 4 bytes leftover after parsing attributes in process `syz.1.561'.
[  143.016559][ T5986] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[  143.035386][ T5950] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  143.041700][ T8350] Process accounting resumed
[  143.162130][ T5986] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  143.165061][ T5986] usb 6-1: config 0 has no interfaces?
[  143.166668][ T5986] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  143.169292][ T5986] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.172903][ T5986] usb 6-1: config 0 descriptor??
[  143.443320][   T58] usb 6-1: USB disconnect, device number 13
[  143.651969][ T8360] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  143.769081][ T8361] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  143.771538][ T8361] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  143.775019][ T8361] vhci_hcd vhci_hcd.0: Device attached
[  143.861411][ T8364] netlink: 'syz.0.571': attribute type 10 has an invalid length.
[  143.864627][ T8364] syz_tun: entered promiscuous mode
[  143.878096][ T8364] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  144.030347][ T6001] vhci_hcd: vhci_device speed not set
[  144.090537][ T6001] usb 37-1: new full-speed USB device number 3 using vhci_hcd
[  145.052827][ T8362] vhci_hcd: connection reset by peer
[  145.061565][   T11] vhci_hcd: stop threads
[  145.063299][   T11] vhci_hcd: release socket
[  145.065147][   T11] vhci_hcd: disconnect device
[  145.152793][ T8386] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  145.154961][ T8386] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  145.159623][ T8386] vhci_hcd vhci_hcd.0: Device attached
[  145.913706][ T8398] netlink: 4 bytes leftover after parsing attributes in process `syz.3.579'.
[  145.916209][ T8398] netlink: 'syz.3.579': attribute type 2 has an invalid length.
[  145.972751][ T8401] binder: 8397:8401 ioctl c018620c 20000140 returned -22
[  146.412343][ T8387] vhci_hcd: connection closed
[  146.416190][   T69] vhci_hcd: stop threads
[  146.418695][   T69] vhci_hcd: release socket
[  146.420104][   T69] vhci_hcd: disconnect device
[  146.995241][ T8403] ALSA: mixer_oss: invalid OSS volume 'DIG¨TAL1'
[  147.014697][ T8414] FAULT_INJECTION: forcing a failure.
[  147.014697][ T8414] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.014728][ T8414] 
[  147.014730][ T8414] ======================================================
[  147.014733][ T8414] WARNING: possible circular locking dependency detected
[  147.014736][ T8414] 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 Not tainted
[  147.014742][ T8414] ------------------------------------------------------
[  147.014744][ T8414] syz.1.584/8414 is trying to acquire lock:
[  147.014749][ T8414] ffffffff8dda89f8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x12/0x70
[  147.014775][ T8414] 
[  147.014775][ T8414] but task is already holding lock:
[  147.014777][ T8414] ffff88802b42a898 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220
[  147.014800][ T8414] 
[  147.014800][ T8414] which lock already depends on the new lock.
[  147.014800][ T8414] 
[  147.014802][ T8414] 
[  147.014802][ T8414] the existing dependency chain (in reverse order) is:
[  147.014805][ T8414] 
[  147.014805][ T8414] -> #3 (&base->lock){-.-.}-{2:2}:
[  147.014816][ T8414]        _raw_spin_lock_irqsave+0x3a/0x60
[  147.014826][ T8414]        lock_timer_base+0x5d/0x220
[  147.014837][ T8414]        __mod_timer+0x426/0xdc0
[  147.014844][ T8414]        add_timer_global+0x8a/0xc0
[  147.014851][ T8414]        __queue_delayed_work+0x1ba/0x2e0
[  147.014861][ T8414]        queue_delayed_work_on+0x12a/0x150
[  147.014869][ T8414]        psi_task_change+0x1a2/0x2d0
[  147.014880][ T8414]        enqueue_task+0x2e7/0x3e0
[  147.014889][ T8414]        wake_up_new_task+0x686/0xd40
[  147.014897][ T8414]        kernel_clone+0x236/0x960
[  147.014907][ T8414]        user_mode_thread+0xb4/0xf0
[  147.014917][ T8414]        rest_init+0x23/0x2b0
[  147.014928][ T8414]        start_kernel+0x3e4/0x4d0
[  147.014939][ T8414]        x86_64_start_reservations+0x18/0x30
[  147.014950][ T8414]        x86_64_start_kernel+0xb2/0xc0
[  147.014960][ T8414]        common_startup_64+0x13e/0x148
[  147.014971][ T8414] 
[  147.014971][ T8414] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  147.014982][ T8414]        _raw_spin_lock_nested+0x31/0x40
[  147.014990][ T8414]        raw_spin_rq_lock_nested+0x29/0x130
[  147.014998][ T8414]        task_rq_lock+0xcf/0x3b0
[  147.015006][ T8414]        cgroup_move_task+0x82/0x250
[  147.015017][ T8414]        css_set_move_task+0x288/0x5f0
[  147.015030][ T8414]        cgroup_post_fork+0x1c6/0x910
[  147.015040][ T8414]        copy_process+0x578d/0x6f20
[  147.015049][ T8414]        kernel_clone+0xfd/0x960
[  147.015059][ T8414]        user_mode_thread+0xb4/0xf0
[  147.015069][ T8414]        rest_init+0x23/0x2b0
[  147.015080][ T8414]        start_kernel+0x3e4/0x4d0
[  147.015090][ T8414]        x86_64_start_reservations+0x18/0x30
[  147.015101][ T8414]        x86_64_start_kernel+0xb2/0xc0
[  147.015111][ T8414]        common_startup_64+0x13e/0x148
[  147.015120][ T8414] 
[  147.015120][ T8414] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  147.015131][ T8414]        _raw_spin_lock_irqsave+0x3a/0x60
[  147.015140][ T8414]        try_to_wake_up+0xb6/0x1490
[  147.015147][ T8414]        up+0x79/0xb0
[  147.015156][ T8414]        __up_console_sem+0x85/0xe0
[  147.015164][ T8414]        console_unlock+0x1dc/0x210
[  147.015174][ T8414]        vga_remove_vgacon+0x90/0xd0
[  147.015184][ T8414]        aperture_remove_conflicting_pci_devices+0x16a/0x1e0
[  147.015198][ T8414]        bochs_pci_probe+0x29/0xcd0
[  147.015209][ T8414]        local_pci_probe+0xde/0x1b0
[  147.015219][ T8414]        pci_device_probe+0x676/0x7a0
[  147.015231][ T8414]        really_probe+0x23e/0xa90
[  147.015241][ T8414]        __driver_probe_device+0x1de/0x440
[  147.015253][ T8414]        driver_probe_device+0x4c/0x1b0
[  147.015264][ T8414]        __driver_attach+0x283/0x580
[  147.015274][ T8414]        bus_for_each_dev+0x13c/0x1d0
[  147.015283][ T8414]        bus_add_driver+0x2e9/0x690
[  147.015292][ T8414]        driver_register+0x15c/0x4b0
[  147.015304][ T8414]        bochs_pci_driver_init+0x67/0x80
[  147.015316][ T8414]        do_one_initcall+0x128/0x630
[  147.015328][ T8414]        kernel_init_freeable+0x58f/0x8b0
[  147.015351][ T8414]        kernel_init+0x1c/0x2b0
[  147.015364][ T8414]        ret_from_fork+0x45/0x80
[  147.015372][ T8414]        ret_from_fork_asm+0x1a/0x30
[  147.015383][ T8414] 
[  147.015383][ T8414] -> #0 ((console_sem).lock){-.-.}-{2:2}:
[  147.015394][ T8414]        __lock_acquire+0x249e/0x3c40
[  147.015402][ T8414]        lock_acquire.part.0+0x11b/0x380
[  147.015409][ T8414]        _raw_spin_lock_irqsave+0x3a/0x60
[  147.015417][ T8414]        down_trylock+0x12/0x70
[  147.015427][ T8414]        __down_trylock_console_sem+0x40/0x140
[  147.015435][ T8414]        vprintk_emit+0x3e3/0x6f0
[  147.015444][ T8414]        vprintk+0x7f/0xa0
[  147.015454][ T8414]        _printk+0xc8/0x100
[  147.015461][ T8414]        should_fail_ex+0x46c/0x5b0
[  147.015472][ T8414]        strncpy_from_user+0x3b/0x2d0
[  147.015481][ T8414]        strncpy_from_user_nofault+0x7f/0x180
[  147.015492][ T8414]        bpf_probe_read_compat_str+0x131/0x170
[  147.015506][ T8414]        bpf_prog_82e513068e5df70f+0x4e/0x50
[  147.015513][ T8414]        bpf_trace_run2+0x231/0x590
[  147.015524][ T8414]        enqueue_timer+0x2b0/0x550
[  147.015531][ T8414]        __mod_timer+0x8d7/0xdc0
[  147.015538][ T8414]        sk_reset_timer+0x21/0xc0
[  147.015554][ T8414]        tipc_sk_finish_conn+0x183/0x790
[  147.015566][ T8414]        tipc_socketpair+0x364/0x470
[  147.015577][ T8414]        __sys_socketpair+0x2f0/0x5a0
[  147.015586][ T8414]        __ia32_sys_socketpair+0x95/0x100
[  147.015596][ T8414]        __do_fast_syscall_32+0x73/0x120
[  147.015607][ T8414]        do_fast_syscall_32+0x32/0x80
[  147.015617][ T8414]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.015631][ T8414] 
[  147.015631][ T8414] other info that might help us debug this:
[  147.015631][ T8414] 
[  147.015633][ T8414] Chain exists of:
[  147.015633][ T8414]   (console_sem).lock --> &rq->__lock --> &base->lock
[  147.015633][ T8414] 
[  147.015646][ T8414]  Possible unsafe locking scenario:
[  147.015646][ T8414] 
[  147.015648][ T8414]        CPU0                    CPU1
[  147.015650][ T8414]        ----                    ----
[  147.015652][ T8414]   lock(&base->lock);
[  147.015657][ T8414]                                lock(&rq->__lock);
[  147.015662][ T8414]                                lock(&base->lock);
[  147.015667][ T8414]   lock((console_sem).lock);
[  147.015672][ T8414] 
[  147.015672][ T8414]  *** DEADLOCK ***
[  147.015672][ T8414] 
[  147.015674][ T8414] 2 locks held by syz.1.584/8414:
[  147.015679][ T8414]  #0: ffff88802b42a898 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220
[  147.015702][ T8414]  #1: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590
[  147.015726][ T8414] 
[  147.015726][ T8414] stack backtrace:
[  147.015729][ T8414] CPU: 0 UID: 0 PID: 8414 Comm: syz.1.584 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  147.015740][ T8414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.015745][ T8414] Call Trace:
[  147.015748][ T8414]  <TASK>
[  147.015751][ T8414]  dump_stack_lvl+0x116/0x1f0
[  147.015763][ T8414]  print_circular_bug+0x41c/0x610
[  147.015777][ T8414]  check_noncircular+0x31a/0x400
[  147.015790][ T8414]  ? __pfx_check_noncircular+0x10/0x10
[  147.015803][ T8414]  ? __pfx_format_decode+0x10/0x10
[  147.015818][ T8414]  ? lockdep_lock+0xc6/0x200
[  147.015829][ T8414]  ? __pfx_lockdep_lock+0x10/0x10
[  147.015841][ T8414]  __lock_acquire+0x249e/0x3c40
[  147.015851][ T8414]  ? __pfx___lock_acquire+0x10/0x10
[  147.015860][ T8414]  ? vprintk_store+0x222/0xc30
[  147.015886][ T8414]  lock_acquire.part.0+0x11b/0x380
[  147.015896][ T8414]  ? down_trylock+0x12/0x70
[  147.015907][ T8414]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  147.015915][ T8414]  ? rcu_is_watching+0x12/0xc0
[  147.015927][ T8414]  ? trace_lock_acquire+0x14e/0x1f0
[  147.015938][ T8414]  ? down_trylock+0x12/0x70
[  147.015949][ T8414]  ? lock_acquire+0x2f/0xb0
[  147.015956][ T8414]  ? down_trylock+0x12/0x70
[  147.015967][ T8414]  ? vprintk+0x7f/0xa0
[  147.015978][ T8414]  _raw_spin_lock_irqsave+0x3a/0x60
[  147.015986][ T8414]  ? down_trylock+0x12/0x70
[  147.015997][ T8414]  down_trylock+0x12/0x70
[  147.016007][ T8414]  __down_trylock_console_sem+0x40/0x140
[  147.016017][ T8414]  vprintk_emit+0x3e3/0x6f0
[  147.016027][ T8414]  ? __pfx_vprintk_emit+0x10/0x10
[  147.016038][ T8414]  ? hlock_class+0x4e/0x130
[  147.016048][ T8414]  ? __lock_acquire+0xcc5/0x3c40
[  147.016057][ T8414]  vprintk+0x7f/0xa0
[  147.016068][ T8414]  _printk+0xc8/0x100
[  147.016076][ T8414]  ? __pfx__printk+0x10/0x10
[  147.016083][ T8414]  ? __pfx___lock_acquire+0x10/0x10
[  147.016091][ T8414]  ? ___ratelimit+0x24c/0x570
[  147.016101][ T8414]  ? __pfx____ratelimit+0x10/0x10
[  147.016112][ T8414]  should_fail_ex+0x46c/0x5b0
[  147.016123][ T8414]  strncpy_from_user+0x3b/0x2d0
[  147.016133][ T8414]  strncpy_from_user_nofault+0x7f/0x180
[  147.016145][ T8414]  bpf_probe_read_compat_str+0x131/0x170
[  147.016159][ T8414]  bpf_prog_82e513068e5df70f+0x4e/0x50
[  147.016166][ T8414]  bpf_trace_run2+0x231/0x590
[  147.016178][ T8414]  ? __pfx_bpf_trace_run2+0x10/0x10
[  147.016191][ T8414]  ? lock_acquire+0x2f/0xb0
[  147.016199][ T8414]  ? lock_timer_base+0x5d/0x220
[  147.016212][ T8414]  enqueue_timer+0x2b0/0x550
[  147.016220][ T8414]  __mod_timer+0x8d7/0xdc0
[  147.016229][ T8414]  ? __pfx___mod_timer+0x10/0x10
[  147.016238][ T8414]  ? net_generic+0xea/0x2a0
[  147.016249][ T8414]  ? __pfx_lock_release+0x10/0x10
[  147.016256][ T8414]  ? trace_lock_acquire+0x14e/0x1f0
[  147.016268][ T8414]  sk_reset_timer+0x21/0xc0
[  147.016279][ T8414]  tipc_sk_finish_conn+0x183/0x790
[  147.016291][ T8414]  tipc_socketpair+0x364/0x470
[  147.016303][ T8414]  __sys_socketpair+0x2f0/0x5a0
[  147.016313][ T8414]  ? __pfx___sys_socketpair+0x10/0x10
[  147.016323][ T8414]  ? fput+0x67/0x440
[  147.016335][ T8414]  ? __pfx_ksys_write+0x10/0x10
[  147.016346][ T8414]  __ia32_sys_socketpair+0x95/0x100
[  147.016357][ T8414]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  147.016368][ T8414]  __do_fast_syscall_32+0x73/0x120
[  147.016379][ T8414]  do_fast_syscall_32+0x32/0x80
[  147.016390][ T8414]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.016403][ T8414] RIP: 0023:0xf7f24579
[  147.016410][ T8414] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  147.016419][ T8414] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000168
[  147.016427][ T8414] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000000002
[  147.016433][ T8414] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000000
[  147.016439][ T8414] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.016444][ T8414] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  147.016449][ T8414] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.016457][ T8414]  </TASK>
[  147.308064][ T8414] CPU: 0 UID: 0 PID: 8414 Comm: syz.1.584 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  147.308079][ T8414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.308085][ T8414] Call Trace:
[  147.308089][ T8414]  <TASK>
[  147.308094][ T8414]  dump_stack_lvl+0x116/0x1f0
[  147.317915][ T8414]  should_fail_ex+0x497/0x5b0
[  147.319262][ T8414]  strncpy_from_user+0x3b/0x2d0
[  147.320672][ T8414]  strncpy_from_user_nofault+0x7f/0x180
[  147.322241][ T8414]  bpf_probe_read_compat_str+0x131/0x170
[  147.323840][ T8414]  bpf_prog_82e513068e5df70f+0x4e/0x50
[  147.325393][ T8414]  bpf_trace_run2+0x231/0x590
[  147.326754][ T8414]  ? __pfx_bpf_trace_run2+0x10/0x10
[  147.328251][ T8414]  ? lock_acquire+0x2f/0xb0
[  147.329576][ T8414]  ? lock_timer_base+0x5d/0x220
[  147.330973][ T8414]  enqueue_timer+0x2b0/0x550
[  147.332305][ T8414]  __mod_timer+0x8d7/0xdc0
[  147.333579][ T8414]  ? __pfx___mod_timer+0x10/0x10
[  147.334993][ T8414]  ? net_generic+0xea/0x2a0
[  147.336305][ T8414]  ? __pfx_lock_release+0x10/0x10
[  147.337746][ T8414]  ? trace_lock_acquire+0x14e/0x1f0
[  147.339183][ T8414]  sk_reset_timer+0x21/0xc0
[  147.340503][ T8414]  tipc_sk_finish_conn+0x183/0x790
[  147.341972][ T8414]  tipc_socketpair+0x364/0x470
[  147.343339][ T8414]  __sys_socketpair+0x2f0/0x5a0
[  147.344741][ T8414]  ? __pfx___sys_socketpair+0x10/0x10
[  147.346248][ T8414]  ? fput+0x67/0x440
[  147.347367][ T8414]  ? __pfx_ksys_write+0x10/0x10
[  147.348730][ T8414]  __ia32_sys_socketpair+0x95/0x100
[  147.350224][ T8414]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  147.351994][ T8414]  __do_fast_syscall_32+0x73/0x120
[  147.353674][ T8414]  do_fast_syscall_32+0x32/0x80
[  147.355365][ T8414]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  147.357745][ T8414] RIP: 0023:0xf7f24579
[  147.359329][ T8414] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  147.364989][ T8414] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000168
[  147.367339][ T8414] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000000002
[  147.369604][ T8414] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000000
[  147.371848][ T8414] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  147.374106][ T8414] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  147.376391][ T8414] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  147.378634][ T8414]  </TASK>
[  149.170399][ T6001] vhci_hcd: vhci_device speed not set

VM DIAGNOSIS:
04:19:18  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85143ef5 RDI=ffffffff9a667200 RBP=ffffffff9a6671c0 RSP=ffffc9000d09f5b8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e33312e36
R12=0000000000000000 R13=0000000000000020 R14=ffffffff85143e90 R15=0000000000000000
RIP=ffffffff85143f1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f5075fac CR3=000000004b430000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c400000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000005c1b14 RBX=0000000000000001 RCX=ffffffff8b1a5819 RDX=ffffed10056a6fee
RSI=ffffffff8bb17080 RDI=ffffffff81702ec9 RBP=ffffed1003a50910 RSP=ffffc9000047fe08
R8 =0000000000000000 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000001
R12=0000000000000001 R13=ffff88801d284880 R14=ffffffff901ce7d0 R15=0000000000000000
RIP=ffffffff8b1a6bff RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000004 CR3=000000004fc3e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff814849ee RDX=ffff888023352440
RSI=ffffffff81484a0b RDI=0000000000000000 RBP=ffff88802b42a880 RSP=ffffc900036b7858
R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=00000000000a2001
R12=0000000000000003 R13=0000000000000003 R14=ffff88802b63fc40 R15=ffffed1005685510
RIP=ffffffff81484a0c RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f32ce88ed00 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000004 CR3=0000000049798000 CR4=00352ef0
DR0=0000000000000000 DR1=000000000000000a DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000003400003 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 697270203a732500 7325207461206465 7269707865207972 746e65203a732500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4c5755051f560000 5600055144054140 574c555d40055c57 514b40051f560000
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=9719d7ba9719d7ba 9719d7ba9719d7ba 9719d7ba9719d7ba 9719d7ba9719d7ba 9719d7ba9719d7ba 9719d7ba9719d7ba 9719d7ba9719d7ba 9719d7ba9719d7ba
ZMM22=fdfd4d60fdfd4d60 fdfd4d60fdfd4d60 fdfd4d60fdfd4d60 fdfd4d60fdfd4d60 fdfd4d60fdfd4d60 fdfd4d60fdfd4d60 fdfd4d60fdfd4d60 fdfd4d60fdfd4d60
ZMM23=f2e92d85f2e92d85 f2e92d85f2e92d85 f2e92d85f2e92d85 f2e92d85f2e92d85 f2e92d85f2e92d85 f2e92d85f2e92d85 f2e92d85f2e92d85 f2e92d85f2e92d85
ZMM24=bb35cf0dbb35cf0d bb35cf0dbb35cf0d bb35cf0dbb35cf0d bb35cf0dbb35cf0d bb35cf0dbb35cf0d bb35cf0dbb35cf0d bb35cf0dbb35cf0d bb35cf0dbb35cf0d
ZMM25=d6dc2935d6dc2935 d6dc2935d6dc2935 d6dc2935d6dc2935 d6dc2935d6dc2935 d6dc2935d6dc2935 d6dc2935d6dc2935 d6dc2935d6dc2935 d6dc2935d6dc2935
ZMM26=b5388a95b5388a95 b5388a95b5388a95 b5388a95b5388a95 b5388a95b5388a95 b5388a95b5388a95 b5388a95b5388a95 b5388a95b5388a95 b5388a95b5388a95
ZMM27=f5e725c9f5e725c9 f5e725c9f5e725c9 f5e725c9f5e725c9 f5e725c9f5e725c9 f5e725c9f5e725c9 f5e725c9f5e725c9 f5e725c9f5e725c9 f5e725c9f5e725c9
ZMM28=000001100000010f 0000010e0000010d 0000010c0000010b 0000010a00000109 0000010800000107 0000010600000105 0000010400000103 0000010200000101
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=720a0000720a0000 720a0000720a0000 720a0000720a0000 720a0000720a0000 720a0000720a0000 720a0000720a0000 720a0000720a0000 720a0000720a0000
info registers vcpu 3

CPU#3
RAX=ffff88804bff8818 RBX=dffffc0000000000 RCX=ffffffff8176c3bd RDX=1ffff110097ff103
RSI=0000000000000004 RDI=ffff888049842be8 RBP=ffffc900037f7270 RSP=ffffc900037f7130
R8 =0000000000000001 R9 =fffff520006fee14 R10=0000000000000003 R11=0000000000005f2b
R12=ffff888070130000 R13=dead000000000122 R14=0000000000000005 R15=ffff88804bff8818
RIP=ffffffff849e173b RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000004 CR3=00000000633a2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000