last executing test programs:

5.666839317s ago: executing program 2 (id=281):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0xffffffff, 0x0, 0x0, 0x200004, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
r5 = openat$rdma_cm(0xffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, &(0x7f0000000300)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0xc, 0x0, 0x0, 0x0, @in={0x2, 0x4e21, @private=0xa010100}, @in6={0xa, 0x4e21, 0x9, @mcast2, 0x2}}}, 0x118)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r7 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r6, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r7}, './file0\x00'})
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x800})
syz_emit_ethernet(0x465, &(0x7f0000000840)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x42f, 0x3a, 0xff, @remote, @mcast2, {[@dstopts={0x6, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x9}, @ra={0x5, 0x2, 0x71}]}, @srh={0x11, 0x12, 0x4, 0x9, 0x9a, 0x50, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, @private0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, @empty, @local, @mcast1, @private0]}, @fragment={0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x68}], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000050000000026000400"}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a2911426dfe63c566164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x18, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f0"}, {0xe, 0x7, "f5000000000000000000000200000000000000000000000000008879e66485201a0015ca837400"/55}, {0x0, 0x14, "5e14f0e7e72d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fa632dbf04542188b196e213408c"}, {0x3, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a30000000001400078005001500000000"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c00030003060500ad2b0000000000000000000605090000071e0000"], 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0), 0x8)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000180)=ANY=[@ANYRES8=r6], 0x0, 0x42, 0x0, 0x0, 0x1, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e00000004000000080000005e0000000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r9, @ANYBLOB="000000000200"/28], 0x48)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848360000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)

4.660643828s ago: executing program 2 (id=284):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x20200, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x800, 0x34324152, 0x2, 0xb, [{}, {}, {0xfffffffd}, {0xfffffffd}, {}, {0x0, 0x1000000}], 0x0, 0x0, 0x0, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004080}, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYRESHEX=r2, @ANYRES16=0x0, @ANYRES16=r0], 0x40}, 0x1, 0x0, 0x0, 0x20040884}, 0x4000)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r6, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_SPLICE={0x1e, 0x58, 0x0, @fd_index=0x7, 0x400, {0x0, r5}, 0x77e7f3d6, 0x1, 0x1, {0x0, 0x0, r6}})
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f00000004c0)=ANY=[@ANYRESHEX=r1], 0x10)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=@newqdisc={0x3c, 0x24, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_WASH={0x8, 0xd, 0xfffffffe}]}}]}, 0x3c}}, 0x40010)
sendmmsg$inet6(r6, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0}}], 0x17fd147c801ae9ab, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000200)={@dev}, 0x14)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="2800000010005fba000000000000000000000000983c0efca828a8bf74396e35b58dffe4830d762ac73afe06d6a6c34f62cc13ea6148085636fbfa9bbd2fc27c357192f0faca482d4583a85d02751ac7334e55e018e193780c5d014f59ebcc5d1234fb0858d29c8066010b5706d277935033eec9e2ac81f62bd8ae9c5cc9cdd3270794a329c017fb7e9c6ed9eb6afee68f231284310012177f091a323da68a9f4e55e94f67abc6", @ANYRES32=0x0, @ANYBLOB="80000200e180000008001b0000000000"], 0x28}}, 0x0)
close(0xffffffffffffffff)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)

3.813043276s ago: executing program 2 (id=286):
syz_open_dev$video4linux(0x0, 0x101, 0x0)
socket$kcm(0x29, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x3)
r0 = syz_open_dev$usbfs(0x0, 0x3, 0x40000)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000080)=@usbdevfs_disconnect={0x6fd})
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x80200)
ioctl$CEC_ADAP_S_LOG_ADDRS(r3, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x0, 0x6, 0x4d, 0x0, 0x1ff, "2179d46fd08e3c0ced34c7d0c7e6d7", "7ca24a13", '\x00', "a2d1d4a2", ["1af0b1ba1cb8fd54c9c9b587", "bed0f3d6ce7a5f7389827f04", "33af343c60abc64f2fdc9ddf", "9b3842fc63849f62b6eb1c3c"]})
syz_open_dev$cec(&(0x7f0000000180), 0x0, 0x40a04)
ioctl$CEC_TRANSMIT(r3, 0xc0386105, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0)
pipe2$watch_queue(&(0x7f00000003c0), 0x80)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$unix(0x1, 0x5, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000000080)=@raw={'raw\x00', 0x4001, 0x3, 0x288, 0x158, 0x500b, 0x148, 0x0, 0x148, 0x220, 0x240, 0x240, 0x220, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @local, 0x0, 0x0, 'ip6gretap0\x00', 'team_slave_0\x00', {}, {}, 0x21, 0x0, 0x41}, 0x0, 0xf0, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'lo\x00', {0x0, 0x0, 0x1ff, 0x0, 0x0, 0xed, 0x7}}}, @common=@unspec=@pkttype={{0x28}, {0x5, 0x1}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2e8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
r5 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380), 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000300)='dns_resolver\x00', 0x0, &(0x7f0000000280)="dee7030022cf5c6c7bc31bd2599759fafa9e5e1dbac27b0426fc029900", 0x1d, r5)

3.780888425s ago: executing program 1 (id=287):
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x10)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0x123a67)
ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r1, 0x40184150, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_open_dev$vbi(&(0x7f0000000380), 0x0, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
socket$inet_udp(0x2, 0x2, 0x0)
pselect6(0x40, &(0x7f0000000600)={0x11, 0xfffffffffffffffc, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x4, 0x8}, 0x0, &(0x7f0000000680)={0x7fc, 0x7f, 0x800000, 0x3, 0x7, 0xc3ad, 0x4}, 0x0, 0x0)
pselect6(0x40, &(0x7f00000003c0)={0x6, 0x0, 0x0, 0x40, 0x2, 0xd, 0x7fffffffffffffff, 0x7}, 0x0, &(0x7f0000000680)={0x7ff, 0x7, 0x1009, 0x3, 0x7, 0x10000000, 0x5, 0x7}, 0x0, 0x0)
r5 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x80200, 0x43, 0x10}, 0x18)
sendfile(r5, r2, &(0x7f0000000100)=0x6, 0x5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xf, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bb00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000b00)=0x6)
ioctl$SOUND_MIXER_WRITE_RECSRC(r0, 0xc0044dff, &(0x7f0000000080)=0x3ff)
ioctl$SOUND_MIXER_WRITE_RECSRC(r0, 0xc0044dff, &(0x7f0000000140)=0xef)
fsetxattr$security_ima(r6, &(0x7f00000024c0), &(0x7f0000002500)=@v1={0x2, "fa40778309e4ecbedbf787318b0306"}, 0x10, 0x0)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x20, r9, 0x301, 0xfffb7ffc, 0x0, {0x2b}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0)
read$FUSE(r7, &(0x7f0000000480)={0x2020}, 0x2020)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, 0x0, &(0x7f0000000400))

3.39682194s ago: executing program 0 (id=289):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$cec(&(0x7f00000001c0), 0x0, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r3 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(r3, 0xc0cc5640, &(0x7f0000000540)={0x1, @sdr={0x36314d4e, 0x7}})
socket$nl_route(0x10, 0x3, 0x0)
add_key(&(0x7f0000000080)='asymmetric\x00', 0x0, &(0x7f0000000500)="e306644c2f0b801228a9253e", 0xc, 0xfffffffffffffffd)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004040)=[{{&(0x7f0000000300)={0xa, 0x4e21, 0x80000000, @remote, 0x29f}, 0x1c, &(0x7f00000018c0)=[{&(0x7f0000000340)="c92b015bd88952bdaa34bdb97a1a6b239b7da91dfa3e89bd5b94d31b137a", 0x1e}, {&(0x7f0000000640)="252252d6117f2f1660807de2a3111a8f2c3f17f7e6817ea1b78fe8c868fdb8d563359af87c5bbaf7bc13674200704055db82dca43dcfd02e49bd7f8d7943db040f6359b3e52c7352315445d232f1c7bd157bfb5ac8db0a3a26502719079c8bdcca2faa85c9317ad7458d217a1e1aadbbfa558afcb4dd9c4847f882edd4b94a17798de8db70d8ee30da1240a512dbd3063f3dd07f37ad20451a80e88c324107", 0x9f}, {&(0x7f0000000700)="d4aead05561f046f83bcec0d69f18cf97699cc60483dda77c4ec8f54354b31951a1e05324c4e9b463f31904c7b3f06dc43bd78c15eb9527b5b7d00f91dfb763d574e718963be78d89ea949dfcba407e94242f47361b7261d10359af0636123091e5f1b3856e2b6b656d713e83afb3f74ae862d983f64798d84f1614e298461d9add9fe71546fa014511ada9e9b71a941900fb323ea52a3c16fdaa9ad67c5d4adeaab361c2bea694747c21ac991e9d669b2673bb699e43482dff30fc6593e1cfaa738bc5eefd7f1332c69808272ed90963747c44d024fe22fd77930b0", 0xdc}, {&(0x7f0000000800)="a65c4dd6a1645bd09c99d7261a902070c58e4a9727f3ec8ec3f47e181264c71ef08b97162a1a1a7f255b7d6df39fd15eaa288a7de004e41969f00b41705e82735cc0f71193c2fe7abece5f227bc81a317f268d2804ecff6ed45d9db0c7a842b330ddf0f18140a985d8cb3299b39fba74071583857ad10bdb457d196e09c7777411fd78ddd060f050c8bd8b534b7c79062e0deb39c9d1a58c35cd793e7ce364e93e7835b61c348ef238dba504d6170772d462f92af5c3e8", 0xb7}, {&(0x7f00000008c0)="6f81f867c67304191a6271cd1f0f5c3b8946cc49e46ef1a82934f377c0bd845ac1b81e69b60c2940c3e76bccfa64b26583042956857d34f28dba3affa666dafc95663858d5222a8fb4a37f45bf634971d7e97006edbf944b9a1da6cfad184f2a131a011fa083ca7874770b792540d4962670dfd07942194a53722064406ba63f631af8cf6a00092ff1bbf7b84a713be30e25ef2c59d8fd5975d4addb09f6fcaba3196c9341a81a5a96651634c712af79707984cee88084af149e12c65b2a6e64fe73a14c439648b6c388dc9ad67a5f016926d8fa5470ebaacad9260e3a6815b54de08997ae0e214c131e85186ceccb665ec5babbea412cfcf1f715d587094eb6db9f21d18e45c923d4838db33cc08cf7aa4e4c9c6fb0b6460e8dc329f43c2092d67aa92e6dee8d51c3618ad62e76135b6daaf219a92abbaf6d5c26d04588e9a4c6d12daeb85e2b0df1ff0ea9a0bbb7f4d73302aa0217b33a43d78ed1e880d3241b855036db9baa3f81b6489038f45f1244ddabebf50a3632b42a10efaea820c7a5edc91eed74ea5206b161f756749710bfe68ce560003850f43ebe479a7949b413bf372ce300354b2f163908aba690d4d2bdaa8d03073764f1bd5902c38a062d9183de4cecd80b1bc53eb82c458185ecd1f11372abedbed333a48cc1b43f6a6a42d9845a6eb031e2bc5d9b2488f93775d7c8a8a3c82d35ae75170b8486414a6917266efc6f1a1e1dee7238bf5b5fd5804f8f3edb46965b4da84e54988f813ea565b315c41081ae2e24deedb479bcf9ace522f622349bfb798a8d33306263448c9aea8e5703e8a3f0668a90b5c37e638ea89ce935208cc12538e6c2f697ed1c2676cf9bc91d0631cd9cb4a5ade145bb5d6ae7cf35a4cd44d374752e084ebc4e21ca624761f81f4bfa1920f70b54610da4cbcf444e9c2166780c41b0085e30712c77f83e62088b90edf373847daae4ea209e84c625ec784bcf68d6e6e620fbd0a4eed4dc4a11ce80acdbfc377e4398212d9e7153578e06235e8de6a2f998ecc0e906cac17d73b41daf8f2a5cd633ef23798f3105de326c09a7b66939a51a85a5da8e445bea4ce288cb148b4cd29735babae29bf4567df3c932bb003993e9c9c4d3f3f0db81728e4c1ed685e92a12ef82a7cc3dae6934fb2b78084bec281c8f71468c6eb9a43156e80f9710a6a01c2ec9a35255a5789830e494e87c5f17bf11343f2eca6e777aeaaf95a8c59afeb723e4c675c26c0b7ad34d3f5a60dd99ea01d792d714163c23321e0735ff4b5c7f6118bcccbc7cf08cb3cfb85640f13c933e05d376f87dfcadc82f58771beb51c3162548607aa2417abbc6d3c482456cfe7d0905a6eebaa1c097b7cd85b0671edb800d14829ac0d255480134d6ecece627645fc61b678f40cc79592a0fefdef86d2ffc80cf93af227eab0411ee4d72f7507ca43738c75ee9de67b739beef71e54bab59779839d15ff1834679896e8e105d9e634c3dc0e7e12f880e8f70742c7e146fb596c50663866e306280c362469d6a7d59c48151971d1966dde8d6a46f75225305490f351281d266045d26a3952ce16797e0c9c0521492b64dd207203bba77949184ce6ca6b40ed63758e4fc5e2a7ff5c94a7a8a867c8c2802721d48145756e3aebdb5ce374bd81faba995682faebfc3edb3a65a1380d830a43542e7f6b4baf7cdad705f2e9e886eed673f3911823edf3d9b17fb43c047ab8863886a2f26b1bada73ed75245f6f046a2c42b3b9b5db2aa2d777c9fcb8f1a0421a55cdf7404734082b955fb62b6133f1666bc0f73c29de5c74780ef6b7ae0e98f88472cb1cdb3a9c42bcfeed4b6129361f10a4d692e01b4f484b7483e32e712f2276c1edd1a87fcc01bd911876e853e69c76126dc46ad558bc608784d63b8be0f1aa1f39798d8ef6e9f6872fca89230e945110498afac72e948d6a205f645a3219e973762c629b217a7cbe17cf085ce809d240b424843c688575aaed18435af50dddcd277119029c958728f4bb78b8a10bbd0a7030e7c82a3a2b6e7268a1c12e43b93b094cdc886740084cd2abb0bcc58cb1a2ffb5c5ef36fb77ded7a8883804952cda38c8a623a6b25e8306bd9495ebe3c366031a28894cb28803b147918d0ca02b8e0f3816f3e76e93f4b9896cc059985b460a8a7e4c087e24135b64f3908b68815712bb534e26bcee1b4f707374e25d7acadfc99ae540423177a0aee219f6bcd077c3b112ee2fd2e20c47d92b2fa6060e62a714360845e7684dd1e5ef427df68b540bdaf46755274f10a902823f9cce3f1c168af532c62eb155710d32415dcc83c3f59535543ec6cd5fca11e2abd4bc887784d4cac5e85f3b63a0475716ec587dffbec9933ad22d8cd8315b48a5dab870246b92ee73c61ee71f460e2256a077af2d7f9284ec1139703ef045cfa51f55e64e68eab3746931015b616562fe8eccadec5d7649577305671d92e57fc091e8928b04b8bd6f6d203de50092e69708082bd7be59fed6460280bf4e8a673c36a2095b3ccefc04a68ec9a77492b911f69c7f51fac5814cf978de52b1e4d2e0f8cba293d9519b90ea3eb832db961cfbd76bc7aaf0918375582db855d60fb24d46396f8a2d9edcb5c5a79bdfc439796e4afcd405a3ee483e33db471f783318e1a8e9b7839135b951dcce3545c857111a3821410a39f2c49274822d9ea0d33769606d715956d6b0859c8a3b5143f88312cd4a7d75482d5396c7a6f054d9889a3eb3626bebc4299eebf632b410ae6ce7299685d7aa9ef820e45cbda616eacf3230eaf287f9b77a5ab3809ea4909d559f02bf08c95c7acb86d5efe5ef192a69c24a08610c6111e2b2b1dde8b05435d54075ce6fb5b9fc1eba5a05f54832a0794b87a2c5139c08a52128117270f328ef4b9580f0de12a819576345afda9c53254f7e9ea83e7e07c0b4b8477157b6fb3a1dd67624a5db5c8074414348c2beef702c07df9bd1cbc5191ad027e1316a9d689dbfed71c77fc34391c423599b556831f9d306a643df90223a50bd57efa3836cc4a44a2a40c93ee483e00dcbe984b63bccf378b3eb20d4d3d704d5a5f9cd4c82ed2e2531e5340b69c4e0577f96832a6e272a19dcad248a7f35997e30f3c239c9ca17343eb777c6b891f41246435e1331ac84f8d5a2ee34942ae6130e1317241c108ffd6eb57d8eecce997a4dfe6ea2800073be487f4d3144916e352b498f608280aea38660cb2ba41c85df69c0e1b07e7b1b2d3f93204bea918179ec148e40c3d0ebfe52f2932f8d91336282b06138f7956beb663e46fd5b8ec095460a3c01b524de4a4b959bf5501828beae8eea9c7afaaebf08afaa941aefe261802dc351d60734100b738f24c3f060d2a7a080f404a5d462f7cd044dbf483852ed010fe72242f06f86f83da4126e34c99ca9a088564dbc6fecbd1a1ad9756e1ec6fdc51bd237a45e405edcb2584930328dfbd0ddffcf336795bb12d3e81e8a87f25e5bbca4dd7227ede15113d2be6974c54f6cf652aa7301ecc248ac7f0a6ec3488c0bb5244be4a539e0dce0f9269f6940acb3ea5b8671fd6fc80c543e726b23b59e41672693cebe3bbdc87b84db5814267f2218fac033110f7125f5ca9013b8937a6f4d98a811a105e931196ccfee3f1f03fe5e72f4bbdd864baa0d894012d207124eb6d7f95573b4c3b91183317da6845f34a6c3002c3f57ada67ea802f5106e03c4c0dcefc81d74c2abc84e75f5d7aab2ce3c9c5daafa23a77b3446eb01d2439ac86f409a25c4400a751da5238de82d89553536a0e098ae05fffe59cbb5a52152a4dba52dc4e114c81a9a8f1ab8b6e085ed3547d9163f300b23f6cc29701163f799397bbfbda52f147e5665ac41e42248c78db677e3186acc72734d237bc06369d3d8baf7f49e41b5002d305f1839adcc42468118c498915ab5b0b7fefc45630ef836d889aca3e2a3d475191ecaeaba39c9b08f51acaa6c5f4848b01d598808e9b9ece312f472c88637de87bfa35afbf18ea0f91ca0e744f41ec64453e2fc5237271b6f02f1299304d997dc22ba5fd076b5cfb74bb79df302f4fda3f266a9ef14bfb62672a4b2a022d84b9a2de15fd14fb4433bf81d07b1950e9659d0eee2ec38f3920d885cfcedb6d708c67a4e8483a5d2c005ab858c038607d1ac66b8d4f2698b0a5914eb2c2e4afb5017818964340bee1fd553eccc91be5c348a717b39e4a3d7c33d7be921b2bf30e6e62cfc18b1e3ec9ddf4f21b57233623e9e9dfe2fe5322fe9cfa6e76a10a87184e282ed186a04f129267766e15b5bd0d9a39e7ede3772e7147d257704f66e0c0df9e8308a4034ecf8050bf1425ef476bc93a3a6bd4916f56d8d0178998cbd721b061a921ed874df0c975713e0341133b6e8f582ebe606a7b3ecdec2dac720d418ece3bc23a9052283a1e0ff60f19f591809474670fe11dddb62850af25bbc7d79d8fb078d28122dba775a83b324c518a2dbaee575da419d4ceb4d9a23f1e3ae7a65480f0ee6ea976686c866e34897c46149d84c5596d25caab95a1f3950bc988b032a0c3d33270f4e0b865443dad4c8a3520d92f867f9cbcb0f9e71618f3d87aba97f4925ecb2e07320e7760dc92df476d2e8ff40b27a532d38041461bfe85107622c862bb83a67668ab03f95700fa7cb4f97280f6a0fdf9657ea587baa76f55ff45b555e6325a82fee9465a7101964d93769f99481da6d67b7c3b02056dd4adc69d588c80511a3ace57119e266fe31c03f82dbf688ab4d9a038cf55596353f6316002f2fb7284d29ccb17653347cd08c16e9282032a13bfa0c4d83e104c5157237d33201a9c8c26c2c0e2f7652a4052e9732840f76e2fe10cd6bcd4b395ba39f627f08e06768e197688b34de1710a9f2cd474461450d05066878f1f9e7222ea08404381ccb4ba113f671f8133b44ba3b7d69d3fb52f3de36c1af39f466b22063d0346c63471c3c07c32da622f69dd3e07b9862355edf44edfc7de463c4a136bbf0206c83e5853a59d8bd9117e8c7bafe6d1b0078954345c07b76dc6de06b5fbe4dd9fc5d1a582eb5ea43b7ea3a06aa80d1709539023ae8e5aad8b6176740ff4b063381ab786e774db6d8792354b91ce97968046dfb34fb7352cddb2a8bd88313432c9a45fb79d57312696d50b0660fe20294de66a29f3dcb4f43b56dc2418ac974467369541e9a4105fe8fe2d67b82a816dd917c179f354f6da5a8bb34c5bf0b4829515c8355ee9667e04c025d6c128b94e46aeee70e1bce762b66fbfeec2896d58a6bed666890a6e767d9e399403a38e8cb74372ea8270399016454d0b8be933785f6fc0d7fae559144625dba7e55fc11b6a946a4e56828545d509706a41738298aa7481ff645cab562602dfa89027f943d7503554130f4b4f8f7e1d38153bd28795834a0a5925146cfb9b642a80eb2cbdfd16456e6233e535ba44627c1b154001a9581ebe3ae09cd20e680455cb7d23305733425cb9bb052ca3a380ca6c17f160093bca8629b852392634c3932a3d3ab6b3b0454da102d5e6ae517c7a6c5033e57f3418c4ace2b5fb4ebc586271bc1336edbf543c2855105b61ee6c02057eb7e9ea6968dba4b1bc087870fba6586fe8d231fd908d1f0f1225c35e2379cd0298cc41422163438e77fed7f9b77cf783f7ffeaa9d8fa2629df46a49dda9afb3720c1bcc1efff0155411c878b7f8d5e755c5bb946dde0c8f7bc15f909cb95d1db77b199710af867dd1b4883c68a8af97e5806debed5625fcad43a75c484f292a8784cd59414ff6552765ac0c32268ebdd027fb75aa27", 0x1000}, {&(0x7f00000003c0)="0080c41f69620bdfe63742198093eee76bf97e9be3faa22ced6250f46030d1aa87b284aa217c18a8f2a08859ba6024746de3e22200c6a42e9a16782900ed2316fc000043b799f0f0aca7c8565c8390fa701555", 0x53}, {&(0x7f0000000480)="269673d390f67c742f790316cc5306867221f5b41a5363bb0f3c2a7eda739fdd0ad153820ba1cb882e9ee89cb113e73d79c92b27681a53de44025b8fade649477ed2be6a2bb6c153ff872b355a41dc0298ed85f367ffbb2ae4689b844d1f592b57c9509d97e3bd353f83f9ba84ac7cb7e02f", 0x72}], 0x7, &(0x7f0000001980)=[@hopopts_2292={{0x1c, 0x29, 0x36, {0x6c, 0x0, '\x00', [@pad1]}}}, @rthdr={{0x34, 0x29, 0x39, {0x3b, 0x4, 0x2, 0x4, 0x0, [@mcast2, @private1={0xfc, 0x1, '\x00', 0x1}]}}}, @pktinfo={{0x20, 0x29, 0x32, {@local}}}, @hoplimit_2292={{0x10, 0x29, 0x8, 0x5}}, @rthdrdstopts={{0x9c, 0x29, 0x37, {0x6, 0x10, '\x00', [@ra={0x5, 0x2, 0xffb9}, @ra={0x5, 0x2, 0x16}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x44}}, @hao={0xc9, 0x10, @mcast2}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x38, {0x1, 0xc, 0xff, 0x6, [0x7, 0x80, 0x7fffffff, 0x101, 0x1, 0x8000]}}, @hao={0xc9, 0x10, @private2}, @jumbo={0xc2, 0x4, 0x3}]}}}, @tclass={{0x10, 0x29, 0x43, 0x7}}], 0x12c}}, {{&(0x7f0000001ac0)={0xa, 0x4e22, 0xd, @remote, 0x9}, 0x1c, &(0x7f0000002040)=[{&(0x7f0000001b00)="c3cc5c61e8abc2417be91eba6a0d3fb117d568f633249e0951000b81c93f1202b66e529eef21e9b2bfc45491f19989daf47677b0071fb257b2d4e07bb5fb0acd10c56b1a89ebf5b784c04e5efa33a53cfd6d2d1e17047800ca0bb7a081f9b2d239e6b0eb8bd68fba5095cc290096dbbb77da372ca02d6d7cbb70ca81243a35d7e0b439a3810195e7543e2e692f2ea75dab80793fa9f2d4f111ba857997ea446124abc71e9e7297aae63feaaad521a6f8a431f313978cb22b672dddd5b03f7784fdb38901fdb5acabd506ae1e94b78dc8654b46afc2a3a04373d945e987b7acbd8ff6374a113fa1277c0b52318f9f84357cbccbfebd8841", 0xf7}, {&(0x7f0000001c00)="b8c261c5e6b4a5be8fbaa8282b2f098375076a0167db18b88176b44c66d17ea668f82d0aea4a826b587398feadcda73a9dbc94b17c8bcce195bbb842ff2eb51b5402783ae008adb2e0a267c973b2dedd093abd92fda3bb96b8d31a4415d92020449c7d535ffd064d0ac502d43ab883c4c53c4cfdb19302b8fdc9034e", 0x7c}, {&(0x7f0000001c80)="aca32e170a62c56e14bf3faabff8c26fb88a4ebc790b7b4450a095f5d7e861cb695bb960b8b90970fd787ec79469cedf3984865683cf65557ac9bfa1c8486c187fa2c72872e105153ac072fa96756e6dade96f5af03aaa50b4483472e85ba833e2ed8e9cc7db8a744bb3e98d5d8df51ce03d09a02b0b308938ea8263dfd1df9262c00a747c65cff14d3ad71dfb090369b492133e4395addb57c7e4368353aa2ca36d0b191abfc0813f216ab6d34bd13385", 0xb1}, {&(0x7f0000001d40)="466b476a545397279c65bc1fd88686a8d93d8caf0148c179aea60bd1225cfb7606492bc5d7648d596759f2111af4051c268ac16f18f7a17edc8691c33fdaafa9bd0477d36e433eeaa1de8bb98e458e7b5e0067015456edeaed0162f6063e94c8a1e4563be5c4c75e5d17aa9650343f4ac6461b41b06b2980eb8f6d2219c855ec06f5b6769e1c8f833f9434d997d905800956094c0665549530829901e5a8a35e042e58df4c66609f681231de382e0ea98fc81b5f8a57ca3607cfafe6614c1dbc4425870aee8a5ddb624e9fafa159d5f4e48c2fdb515688f5fa8ab81f7c0c95", 0xdf}, {&(0x7f0000001e40)="0a00e560d263d026713047894352b5c792616559c599e32e28b0dbc101c3a7e2240bc7efe40d5716bfaa786f92d78b04fb3da29e64d6c9c4e2c7710a16262c0fb9497bff064aba34048789e4bdc15dbaeee954910db68597627687225f078301a37af08eabede4ae04372b3708ba940887e22be2", 0x74}, {&(0x7f0000001ec0)}, {&(0x7f0000001f00)="564bd93ff8eacc4997100f30ea1bb67e4a08b7cfa8a991091c872b90d20ff688a08bf1d2486902b2fa83856d96c4af8e66b545a94c03fb0381631f64bdf818f89fd42603329c58c149cf69a238623445a513bfadc0c99c6c9e8c1120972a82e96987eb87b50b0c6cff1f4da11f699a19411aacd6764d9584836d51f145302ed93328b059c449e2aaa410f7513d67a237c14435080c1f8944c1575a68d93f941e1ab6e4338d601847aa99cbadf58b610a9e695ec99f315770bfb07d429b4c32a0e8820fbee2", 0xc5}, {&(0x7f0000002000)="28240144a8a95645887b7e928bfc000784521d0153bd9db8199d2300570b9646b139c890092fc305e3933b7ac64483e29c5a45", 0x33}], 0x8, &(0x7f0000002100)=[@hopopts_2292={{0x10e4, 0x29, 0x36, {0x88, 0x219, '\x00', [@generic={0x8, 0x1000, "f4b37d8599ce915989bed6f5edd8da467ebd18d36e686eaae093e9c521107da6a7185c09d91aa99b0262f32787ee69165f03adc3d66a47bf4dc14249b1a73d2e5085039a9ead1837ba57a39b583a843adb60911705823166ea6e3742c1d21ea9d1b1ced14cbcd728a038318c8bb4e19707b2cb2dc434a113f09186790ac6b239a9b9afcd96e810f9a528d3d66887df65a3393765fed6aa21f7c27a0b1ecd4d286073fba8bfa29e74cfd27ca572c357bb26a2ef263b45fa1c8cdf913bfbd4fabe77f44a1297df89b019fcce61c8d3521da7990695fce66756b6ee28c5eee5425cf0d8c8ea6dfb9f76d3acbf32e09fc7e456e35deb504ad280689c95f9615af9d522a252211915799a9ad33d841bff68620320c237cf15cd98a344f2da7d76bd9807dc7707bdc3fa7c60652a4c3ba933dcad2b1aff83c9a95589e710f85eb32671d1f40b34a5024c23fce530c80e08f2176e486fd0e336be2867a4725a19a3423b0a840a2321210a5df6bd7e2dca625d107b191bd08347405d9636fce01bf16a274053b6c7314597c178ae899e71a99bd93cdb55088fe0b7799bde8a081c0e9b9f126302d3d19d62bc418fedfcf4875438af157f0815bec1eb16ee3b17beb4de04929cf085abbeb24b0ed110bf142ffcaa173b3d2dbd3bf08101576370988a188726b4b990dabe3ec1be902dbde3089b26907d39e03117946a24c937213d7f0825aef614b45b0ffb4fc204e8c7994add0993055ee054413a7bde437c93c9a47be7f48f1cc33e5367eb9af70290939713e0995fe80e4d6efdc20c6995ed511e3c6f57736f9de22024eed4c39df281a1fd3dc0f7d07e10dbc5569c9e39bd275ae5e7caebcd099f758f47e63d9a6032f4e9c1f82257788b8fcbeaf0e082a03d47080428d723f4eb2de242c08a5d84cf8408c92aed168d317805e482bbf83b45aed7eb5e4075f4b5a71771d03f7ae342a14976ffa47a075603044d2b78d1afce133026ea7de6cbc5ede76223477bc7cb9f4be5b75dcab4b94cd2a3dc954a1a86c669a563c609d415cd3496a9d52eccf877efbbc05d19b86685e03584399b4b8a3130fc9a8c26f883d08c643da16eaae4943a2ec89d1c50fa552c882f543fe49b930855fdde17f5c0def25477ada444671bc12381fb2419a9a5aa1ed9c3bcf075d5f403b961495509ece5d06ecc9c768c19039352b45ebfe8b4a08d8a69bcff4c7b7620df1218e9948976602ad92355bd8fbce9078c229c1e6c0d338cd81818d6ef8cf19e702a153c850b2c501a2cbd497124b52f42d6a7be94826c29d082bc37f6f6d9be3622bc8f7e9c01cab283074338c54633ce11592a74cf7e164399938684dc53fa09c79b296060fa0aa9a69c112c23ab3f054e6913054b7d98202897b835c68b386d25fbfa500e4a526533bcc421a0a680b9cf98b4cd47d07434dd4adb9317011fc231eb55c84121c4723690d3df69e01119953bb744bba25379b92d5ec298cdcbb822c70fada03b5a3f145314983d1f913b0bd431b060f4abdb1d3cce7fa2e8d73a8bffd7e76669af0680a0f911fb8581f2427b6c9e570a99a6edd9f6953fb1896768b9cfe3036391733155492a850a253ef36c2bce0554a3a66decf93877b178244f60f08657a82a8e68abafeacf2550867e778439481896e6087edc86e07b299fdfb8c7e3825630c7c2045d3533b6d08eb5329755d538a00370ab61291f8f3101d7b0ceb9bcb5bcb1a4cc877046d5765282532bf54b50db8c4ae3e31a314b8363fa3996f5470b07f6a5f81cc1fff1794ffb5773ff3590054aa0796a9c0dffe7f6ae8540cb3f1810ee1720ec240916a69aca87ee59156c9a962105a30305535df8e55a299fa7dfeacf4084cda9a8502b956ddb14e1507dd0a55a9a1a7d3da1e69a0f21a2654709cad9a715b4be3b6245f1f2f284b71ceba34b520bd1290d9612a8ebc54bf80394ab0850d26d31c4074ea5b7630ffb6c33b7d058cce9517f82e83c33b34b1e227c0247ebd408bb5bf8ac9d3ef8059ba5316be77fdd80a4ee88879adc88646909b7e4325d9598df1a332f875fc76d67700dbfedc60f80d45513c9e87849bc0eb5ff11c3592d3a1e12271c539ef61ddced488ed4c97abc1461e445a068bed937219c6b074a945508d0618d590ab9cd196271db8ab2dcee129bbd279b0b8bd60f00ff438951e4b130e241cdf84fd8f90f4a565caa829ea4c87804206d36f4e84f54201640323331c6af4559ac62f85f741c3f001367f9ba9434e0bd5090672c222ba3e304611fbcba24be5bb533c4eee936bb3ea72483a9cbc05a2576dc48bac5d9e15dd9db25ea3b091fb0a7e3a30a079b570e6435ae9406fe8fc0716dc610b037c672cb246c65267110bef4116464ab12ce581f83ba54aaa33332389c16df6c045437ec8878ef7c296f7bca154827bb74a35dd10b532ad790a39a98412eab70cb0181f0430f3905de7b51bc55a318c16359a67eb05266b2d08b4c6bb38f7c758417d7f67f79658b3ab26bc417ecf7214fb7837386261a3583f9006d12d19c506f93389e8e101221c86b4cddcea3e0ab48a103b334b30ed1c01343a5a91e92b5c5060700760a0feb9eee57a3c161ea33a030ad6024164e621232a854e5f9eea77f2435a50b83baba85ae30b9a8046662b331ed847dccbbcab90bb5093b73902e0147aa56c711a7b2e266f4f0fecba2d03274777fde7f29ef8f671795010c42b1e786264ee902583d5629252e4d81a8612d076bcc663eeaa2c857abcd15b3caabb4dca8ff3538788f0de924252a20cefc57a79f8af75aa2fc123b17668f60412a501fabaea47884eedfdf4951fb512a17a483d2d9bd2c61b888c7b88570a0c23b3e65a09253b80ec2aa7c288a63b82a21a6f0ff56d4001d5314c14c474d7c5501d933e9e1091e053568b3815f357f390d5e2f80fead0ee568359154c4268bb196ab59655de16fd221f8dc67e19bc7fb7ffd53dbd17b321e70cfe48ebf619a980bd00b38f7f47a1e1ec3a08cb30eb31251185baee882fa955677ad493b447e146762f6ba3f682ffd9e0b870405e13483da845df12df46cd91fb703d42be5e61bf7f148b5aab30f46d834e814798e61815ff1e7998e48a4968d1e1479b69579a4d404110bcdeb23f90e61230dde92049d0067f384cd82de0338ea3360016de4e6a8deb5807bafe195ac1bc2e2fb099968dd815f84e05d397f827e9f51b7180b0161de164ff7452253d2c946bbc9e9d54bd5099684244ca763b2f5dcb4c5a043252f75dedc87cec37c46c3908b61907438c9a53605f53434f596d8024bc38ee0f0050fdf1fc30ee613c3e3864ea9683e4d14ef52d815b04721a2ac44481b71173c7f97d54a5a4ae0be59223aa8a6ab59bce8c3537fbe1e0fafa117c40d9e84aa0482e450f93df9951c5ec1c38a18de242a5c0965a9eef37701bdb24e2cae2374e949e18b5e68370358780e0fa6958ccf1abb279ea9dac00172590bdd3dfa737d090083278da411025e1c3b4ecd22bbfcdb5705f2958999a7edb319162c485222339f4712494cde2a91e69fdf245ecd0fb5191c55355ffbd8d024133258e4084c4b4f63a8ad6ee3b576d6aca4cd9e38c06d2f694ae3b5362fc51b2a7414d17db48000b2b296ba5cc536719b1a01dee66f407dd71568d3e271c08f82dbf61bc2d19e89e950e4a96eb923d57622544714b8f89488e1b8ddef6f9f9b8b9c0bbf4a2a7a8c7990e42bcebe09cb1ed5cfacd39b38e36f972b1f5b6734d31a6f82f622015b951cad3489dd244418549924421ebeb762b1644fa64cdffe51f01688b1a48fbbd6b66ec38a5ec598f99a1930c7751ef4e79dbc5cd99b5674275c9dcf082f25dbeac75f969e54de1f36f997904bad85ce225b320f0f9fa759d6c9858911a1cf633d4dbf32feb89646f83b1e1c0e7dd6fcb7fd393f3db9b84a49e9730a0945e806a661d2ffe86f41b1050d28ace74689ab3c36fc36f512794394ea255a6317dd9471407417cfd92f3e263e3752a6d61bb4e8f3367f199960fe21a5fb1b6fc3cc171e32589018b5771ddb5265d600b52aaf20e86e3142e2ed3ca274c7d96c531519d7abd7d9fe00424168e24666f59495ff8322feb431d33270ffa8d39a70f0f9cbaec14c1ffae2d7aef763a6d0126a5bcb00cc22a269bdd3ba1d1ba05cb2220ec3c642d1285d8c60a3e1d83ec0f0f0f2a4ab288f8473d27f67443ee234a1dfb29e8cbce717a7b95aaf976205437b62eb0e9e3d461eb4ad047f37fb063615f6b208b372557009a4bb051a9a549e6836cb2c6ca3f7ae2575b954f84767cc4083661fde435ba17741113059598f0896d95fa42e450aacc0e9e19abde34b221f644f8a2f63c3a148f870967fe2b848165ff3349964d5feb177c6e3573d6a80a5c809bafcfa3c835d442a469d00c95ae97f79e5347468b78bf0859c310eab49df4c007912c896dd14f859c3e8464266122dc04582218e8d0f2ec55d6bdcf618e3a91496b136b9b810f60aa40c19aab180df3076a2c42a1f016ba26731d25ac292e409e4b551b0cc1022e0a831406fe7706a1ba24ba8fbaf18cc2cfc2e7ee4fd0a1b6a7e1d3b0cbb5231dc4b86190e8f083d18950e23e806720fee2dca06e4fb667dbd812a4c72cffbd8f21cd4d01f4854d3ad15b918c2fbbce8a20cf631220542f7f2a1e3db66820cea0db3ef12772f415e774ebc9b9f353cceb6398cf6289838bcb44a6b8ddba9009e091893557396d0a53371e66173d340ef51475f046bcae9e6c331825996d3b747bdbe1e765979fd7bc5c0b8363a7a3c168e742f110ad39fd286204706745026cda28baa59bb929069f83db00eff8bef8e3bedae0ea1a57defc13285f7385e663f6cec9ca32f9ceeff5efd89e8b5d35171f42b4907351a754df64ea9fa5542d479897eb996a95b77bc9329cc2482f3aefd5f821df91adc3b8684f24d2381f9af5a0e94de75e4d992a01aeea11bf03d8e85a2dbf35ab47e7f0208c7575a42e3e94abee69171d7f666c149be4d4ceedb8dce931037752cd16b629774578b401f881d8b84e435f112f6349b9ec9725fda548c5252f2d247180ef3fd030ba4b347ef967d4d9c9139a3fa24ca5388b2ab9056041e40139a8b888d82ade6e43bd27d78fbf56ce1b4a3d301b4132fd57908bb48719cb506864299fc649aa30313d7b2bc4e46e8cdbf1aa1acff76b46552b234390868606ef57bdaf6e0f327a173b047846024bacf6756b70571245b965bf6e9d52c22c42a0724d465f8ba5bf8c66b13177cb7922b13611e99ee332ac311b1e0335a15ba8c64e089a87836a5f2620197eb08c147c95f5f2d09fbcb0713dcb0902774b87a70d48dc883a636cc245ad401349829aef49e0c345daf78aa8b817a444f8cb1efb8ec3369da6fa6fe0ffe18fefe6d77c450a75d9d3b8705e21d523a58ebb419ba03c833fc2e60b3b9dad62eb20b30d7d96c0161505527890c27f4aa2556ddc44854808da021b8a5f59ffa81a7684921f21132e2e05c3b9867fea6378f661b08eb9e03bae6cbf356f60a3cfb15a656258bc87db683f873b3573fa34814807287d3def557525d6149e14241fbb3d24220fcb5e28c4b802951da891547f036d6a884bf3b313f9ec8a2a6b52c2ead3192eb413a8380214f2ab972913241a829a6f0e7a335e601f11f0e7a303761d8aed5e6c01347f770f2a0b6e6b4f1eef12626f570566a05dc1ccb2d50ff4c3a16d09461551d9f717cc7e1a4c0b5da2d257229c372b62ab8818154fe21a4e0c44fbdd80a6b856247ab266e99732392f1c7fc5df094bd6b83"}, @generic={0x9, 0x9e, "4ceab3f948f72fe7a2c59c494f54d4ca14bc37ae0cca33207fe0525eeee1666ad7947014c356b92b77f3626a76f2418dd60e76fb5959673e044e43f3afeff33fc5c0acf29fec208f16b01a679120696a1650a1f9a8175d0f96c577f677befbf2ea37abfec023651799527728b4d193eed152b8f0833496416b19ce2e1036155b92bfec2b438938620f33f4b1f7781fbee8771fcd48f1c87d1d7d86e9cebd"}, @calipso={0x7, 0x18, {0x2, 0x4, 0x9, 0x9, [0x7f, 0x7]}}, @calipso={0x7, 0x8, {0x0, 0x0, 0x0, 0xff7b}}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @rthdr_2292={{0x34, 0x29, 0x39, {0x67, 0x4, 0x0, 0x7, 0x0, [@private0, @mcast1]}}}, @rthdr={{0x34, 0x29, 0x39, {0x8, 0x4, 0x2, 0x0, 0x0, [@mcast2, @dev={0xfe, 0x80, '\x00', 0x30}]}}}, @pktinfo={{0x20, 0x29, 0x32, {@mcast2}}}], 0x116c}}, {{&(0x7f0000003280)={0xa, 0x4e24, 0x5a, @ipv4={'\x00', '\xff\xff', @loopback}, 0x8}, 0x1c, &(0x7f00000035c0)=[{&(0x7f00000032c0)="ae262022037c42ed955262086886f05a8cd47cedc0aa00c5db40d549d6cc422e98b174c5aca3b5538b4411ce206cf6971c228179d21419be5fecec01029fb3a6184114704614a4f2b8ba0a1c1d54cc1595399bdae394677921c75466950fdd4ceaf8daf417e18cf248da274aa702b41bd38ecd4458116f7f0116f139400d61ce7e656f7e446cb3ff1035f44a4916b5c9973ede0113eb3742daa317a2c0516ca0557049facfa00009ecc0d2f1e7dcf0daa368a22e34930fdd64c3012ef3cfcfc7c917eb93125f256c193a717e2fb0f9942f6fcd9093a5dfc7d6de90da42c77dc416", 0xe1}, {&(0x7f00000033c0)="2efb25f9f9b558c13fc6da6acc0008c0c191583e3977071093cb4ddccf3e7118d3122b21c1d5328eecad5927306cfe2a8d89df8a99bbc0fb7b8b18e12189326d817e15845dfe004f9cdc6b8e184babbdbddb8a5718288d6022f5360a5353d08d440634989eb24adae269098a3a8855d8c6ff3f1ce61a24810f5fe1a2240b35f5334bd36bc765bb0456894ea30d96ea7ae13770a3a36342b96b116dca6b7588765cb5200544780c69f83c004b0629632fa1a9844d51875da91cdd04861b502f6136a92ca2", 0xc4}, {&(0x7f00000034c0)="28d9d6acff60429b8d8308020f3de172ca69079ad852c235eb1ffd102d5aeaaccfeb7938b4c5c0887a51b91dfc001aa145f2fc946530108603e5493401b526c558329c2cb638689be38906a8470348f67f85ebbc10790ff3614b1dd3cc15aef844ac1aec3b2271682d075a2a7472318ab15020041a1eda3f90c15deecb7abd18d48751b042bef147d727749bae11f1edc8dccb939b0377b71f778a983a7d84fba3d4d19e0253a8b42d8fad4688762e7c5353454ab8b15aab585409edd46e48228d0700b96e76a1f8f69f3310aeab9dae92", 0xd1}], 0x3}}, {{0x0, 0x0, &(0x7f0000003680)=[{&(0x7f0000003600)="961d968bfce7b431632561a889ededee5b8a757480f1307a0f08abe2188d1b99aa44469c3c075ca47bfde9f399c0b72b12f69d224e6ab10e6737b62397f83a36b36e10fb4aea642c1acd1e226e671f068efc8e7c11434b24eddd4c47", 0x5c}], 0x1, &(0x7f00000036c0)=[@rthdrdstopts={{0x4c, 0x29, 0x37, {0x5e, 0x6, '\x00', [@calipso={0x7, 0x20, {0x3, 0x6, 0x5, 0xe, [0x100000000, 0x7, 0x26804588]}}, @hao={0xc9, 0x10, @mcast2}]}}}], 0x4c}}, {{0x0, 0x0, &(0x7f0000003780)=[{&(0x7f0000003740)="f55bfb378f16dcec137be2b5530d047a8c2dc744afe3afba614ab4338aec6ad336a024c4aa0a985a", 0x28}], 0x1, &(0x7f00000037c0)=[@dstopts={{0x2c, 0x29, 0x37, {0x6c, 0x2, '\x00', [@hao={0xc9, 0x10, @loopback}, @ra={0x5, 0x2, 0x1}]}}}, @hopopts={{0x64, 0x29, 0x36, {0x4, 0x9, '\x00', [@pad1, @enc_lim, @jumbo={0xc2, 0x4, 0x2}, @calipso={0x7, 0x20, {0x0, 0x6, 0x0, 0xf, [0x100000001, 0x51c, 0x7fffffff]}}, @jumbo={0xc2, 0x4, 0x2}, @jumbo={0xc2, 0x4, 0x3}, @enc_lim={0x4, 0x1, 0x2}, @pad1, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @rthdrdstopts={{0x44, 0x29, 0x37, {0x11, 0x5, '\x00', [@ra={0x5, 0x2, 0x80}, @pad1, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @local}}, @ra={0x5, 0x2, 0x4}, @jumbo={0xc2, 0x4, 0xd}, @padn={0x1, 0x1, [0x0]}, @enc_lim={0x4, 0x1, 0x6}]}}}, @hoplimit={{0x10, 0x29, 0x34, 0x9}}, @rthdr_2292={{0x24, 0x29, 0x39, {0xa6, 0x2, 0x1, 0x1, 0x0, [@remote]}}}, @hopopts={{0x7c, 0x29, 0x36, {0x29, 0xc, '\x00', [@hao={0xc9, 0x10, @local}, @calipso={0x7, 0x18, {0x0, 0x4, 0x5d, 0x6, [0x9, 0xffffffffffffff80]}}, @pad1, @jumbo={0xc2, 0x4, 0x1}, @ra, @calipso={0x7, 0x28, {0x2, 0x8, 0x61, 0xc96d, [0x8, 0x93, 0x6, 0x80000000]}}]}}}], 0x184}}, {{0x0, 0x0, &(0x7f0000003b40)=[{&(0x7f0000003980)="5e5028a2b7f5afe54310ef4f1c6ba2daeb6f62cbf7c8bb4f2f2ea53f7d7c9471dd5ae839194bc7af6f8e6d8396849cdd7faac841aa5b5dd0dfa9f1c9e36b2f4138e9590e8905c78b5565404796d0fe0e43a804ccf0ca62a0cb3f8136ee1063c95f9a74c81602d92b46e91fb6a30ae16b282119e925f85dbfa592eb0adfa7478441af8f5ea1c4cbe7774c3b47699758d1cb79bae6b3944d02b99dec4c926e78b48762b987fda76caeb28a79d1ae75db9b53df9042f9d4c3d67bd24b20d8b89e86f10460bdc80cf5", 0xc7}, {&(0x7f0000003a80)="28a82512a859675a0b9c6abbf9ee98a7e567e565692a99c6de2d587eed96d7fb757df76fd184b2a2956dc00763b638293d04eca217cca2462ac314ad034adcb4a86f5aecd85bbcc33c844a7d2153f355aade6ca87948a7b4f50b6a344ae2d1929929ca8e119d47173844afdfab41ccadb762de92bc2cf45c96dc", 0x7a}, {&(0x7f0000003b00)="b0dee4247ef6aaafde", 0x9}], 0x3, &(0x7f0000003b80)}}, {{0x0, 0x0, &(0x7f0000003fc0)=[{&(0x7f0000003bc0)="dc03a0d10791f56181b654835ca5c73213c8037f4c627536", 0x18}, {&(0x7f0000003c00)="866cdc93efbdb1880bd3659e84661b2bc4aeaea62cff19900c0e3ff097fd841d7bfd1de8000f18d406956e45abc81761014adc266173ad28c525779eaff1a3eb799c1901116833ea9d65d1a194f604acdfe6cbd1c2fc61d9cfff2996085cdbd22c8895ff86450ee67cf5d39ee445064331ee4f1d51502bcfb3b2af1b798c13605caa0f7fb1cf39c0a8a99547a6ce8c81228163a21d576354a1adfce3c941941fdaacf78feb5b4404e3785e9e26649dedf92c9130bf9c56516109d10ea5e1790eb063dc8819e8ba1d3afff8cef0d40adc68", 0xd1}, {&(0x7f0000003d00)="68da24fc28ee35878c6639582920710e2f4e8a5ab008237d62660f55e28b9581187ba7fa688c56c02306c133d118ce83221b4ce14f47fcd104a400f85623495b3db8fe5be368a44548762ffe96f4efe68f860ea296d3999455d8441bee7a0c619104db089e68363a852cfe067165133bc1d53cc42b9e50bd88cfa847f65b0741222a5259e2fb2576337f00e454266a0d80525b039d9ae7a1e243a4456984596079412bc27acaf88c3bd19198b1a9a3d67f0ad72876206161a5f35dc1d63846625e421133956c801119f1ee643ac00755a77d142c6097d2655ef1e9ba318205", 0xdf}, {&(0x7f0000003e00)="f8afc0dd67f7450bcb835263572bf69dc9afcf4ea0a9091b5e707e81e88e2aae567b259eb530f72dd9f77e80338a26929e38aa2b38113b35d59445027b2ed16bd2d5d7d25b17d20c457cfd5cd33c360d87122eb26f2852bd308bc1e3b6159a5b60fcc0fb88c97fbb06df8a134f3db8d494bce8f51983296cf426a846d315ce334167e1cf2610548e4f2cd68323253d94a4ac102f5e97bc3b818262172d464e89d9bc118d13873beaa02fb3d2eef7fed3b25d2d489aa9dd4eabc59303cd970c99e36711dd8b7e9e67602042866d5a7091153257e90fa354523293e28dd0054a2d339d4eeebe105349dfd75eef3957cb922caf98660d14", 0xf6}, {&(0x7f0000003f00)="ce4a0591ca520857e42c8a2edac139c31642c7818ca4f8dc74a5937b4c3c4b4ffc71a180a97b216d7d627e6a1a351d7cbb1b8d00995d646ffe25bae55cff83affc78e22250e18ae63fe6a60f0152cf54b0403c91678a1670b64d3670827c6ff93ea98e8c92d98c5ee91b00c11509cbcbe0ef9e6bcffe54789afbb9c9789e8a976f4573f2b718dcd1bdaa1d7ca6e963c51e461a540263598ef26f054c8877", 0x9e}], 0x5, &(0x7f0000004000)=[@pktinfo={{0x20, 0x29, 0x32, {@loopback}}}], 0x20}}], 0x7, 0x1)
getsockopt$bt_BT_RCVMTU(r4, 0x112, 0xd, &(0x7f00000000c0)=0x7, 0x0)

2.916992317s ago: executing program 3 (id=290):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff09"], 0x15)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f00000004c0)={0x9, "52b3bc036fff660a161973ba0db79c19678750c6c05ebd46b3005c6e799e42d884341a1f2bd03c6dcffea849a0eb62df578f469c7843e119f84f40a7093f602cc3829cb63b0d53bd0210fe772c346705f4e26e30dfcf8a5f9abc513d4a40320b63cd44241b092c46957808754cab0b54dc5ad6296a4027704243d5a6898b9350e4aa208096ce3b4b233f2f5b6136085220501164b9b432823c91002279d701ac76a1632745280f3fc4e4b701830711574e048f93cf016b4e7d42e31516fbc36d336d824e90a49f49703d5c6c4fe448615df59ce4ed558e8d0465ade08485a1837eb7e13e497698ac7fef344a349d432831ea53cb74249cc2efc4f78c98c4fd898f91a91b953cec37bfff4b553fb925e7665bbe61f522ff42c4474b30928058ecceb08d2ccc34c352c118cbf410ffe28a9667bf46ea1acb0ad03151fc26852e19a526e244464e2b4cd97b73769c364e7a66f05c4b3e569700025850ea20a9cf00dce9fbd0c75c8dfcfc2e943e7d5ddf64cec7c12ecf23c27e4c795bb42f3ab3fcec8a32cd69b5358b83c9e78e4fd9b9b27ca977bfcfc5af79fd144eaa7f8a5bec8b27768fae7258ece7f207d67462b451767fc2cf9efae350c9f5f4f0333c207b60c8bdbb7e9f05a2c2d21dab491c2369e9ee3622cd601567602515ecf42e01b2b0be629d43835cfce766fa713dc422d44be425a3e46d6c4702e974dd3df0e27d"}) (fail_nth: 3)
dup(0xffffffffffffffff)

2.844201238s ago: executing program 3 (id=291):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x80002, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f0000000340)={0x0, 0x39, "4e413ac5de383471d4b95ee036b2c6994a94196027f0adf33c940f07f4782795d3d76db3f743f2d40069d01220a782e6e369cd469b0ec55c75"}, &(0x7f00000003c0)=0x41)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x12, r7, 0xf5000000)
syz_clone3(&(0x7f00000006c0)={0x200, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$VIDIOC_DBG_S_REGISTER(r6, 0x4038564f, &(0x7f0000000300)={{0x1, @name="c42a6838d28443227483ec8fe343db49cbeecd991aef557d83b98b12db1f5b3d"}, 0x8, 0x4, 0x47})
connect$bt_sco(r5, &(0x7f0000000280), 0x8)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2.843807517s ago: executing program 1 (id=292):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x20200, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x800, 0x34324152, 0x2, 0xb, [{}, {}, {0xfffffffd}, {0xfffffffd}, {}, {0x0, 0x1000000}], 0x0, 0x0, 0x0, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004080}, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYRESHEX=r2, @ANYRES16=0x0, @ANYRES16=r0], 0x40}, 0x1, 0x0, 0x0, 0x20040884}, 0x4000)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r6, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_SPLICE={0x1e, 0x58, 0x0, @fd_index=0x7, 0x400, {0x0, r5}, 0x77e7f3d6, 0x1, 0x1, {0x0, 0x0, r6}})
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f00000004c0)=ANY=[@ANYRESHEX=r1], 0x10)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=@newqdisc={0x3c, 0x24, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_WASH={0x8, 0xd, 0xfffffffe}]}}]}, 0x3c}}, 0x40010)
sendmmsg$inet6(r6, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0}}], 0x17fd147c801ae9ab, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000200)={@dev}, 0x14)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="2800000010005fba000000000000000000000000983c0efca828a8bf74396e35b58dffe4830d762ac73afe06d6a6c34f62cc13ea6148085636fbfa9bbd2fc27c357192f0faca482d4583a85d02751ac7334e55e018e193780c5d014f59ebcc5d1234fb0858d29c8066010b5706d277935033eec9e2ac81f62bd8ae9c5cc9cdd3270794a329c017fb7e9c6ed9eb6afee68f231284310012177f091a323da68a9f4e55e94f67abc6", @ANYRES32=0x0, @ANYBLOB="80000200e180000008001b0000000000"], 0x28}}, 0x0)
close(0xffffffffffffffff)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)

2.607235711s ago: executing program 2 (id=293):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x32525942, 0x2, 0xb, [{}, {}, {}, {0xfffffffd}, {}, {0x0, 0x1000000}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000003700010320bd7002f4dbdf2509000000"], 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x4)
read$msr(r1, &(0x7f000001a480)=""/102400, 0x19000)
r3 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r3, 0x1, 0x8, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000840)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r5, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000c18000)="ad44b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r7 = accept4(r6, 0x0, 0x0, 0x800)
sendmmsg$alg(r7, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="e4e32dd2b696733552eca3e954943a18709f72fbd259a936c67ebe806ab21823f4a0c47bff45323c2b30982dfc67b46cc9a5a07c33fc", 0xff6d}, {&(0x7f0000000100)="3a10bd003aba0c7026336b", 0xb}], 0x2, &(0x7f0000000740)=ANY=[@ANYBLOB="300000000000000017e2ffff010000001800000045f43a7ce45002bdb85e47ab3e39597e422ffab456dd963a00000000180000000000000017010000040000000602000000400000180000000000000017010000030000000100000000000079240809000000ac87448793609bd8299d6dfc465829b711ce28eb8f568438917ebd0699be96bd1485f6aaa8486e00000000e301f2e09aebda6eeb1c61f96b6d3f91c0f8c1ffbb85cfdd5b8b437a3720ba4cdfb681516c3a240207b6bbdfb37747cc7411886fdba55bcbfa68226644556e8117f9f9fc5be3b7095b2ab7c19b0c6fada03a7f9b9172f0cc960ee263e82e3232edea82b9736d65309e0ad2922ecbb7cde9ce78555fabb941d114e83b37255d6b43b2927696e4f4cf3b23086021fe4e33d049de5318ef3803ceacddc02734c96a9765486a9bf8d65791b000000000000000000000000000000000000000009d97cea3f950d55b265e480ff02c27bda4848c64ca7dcbcd060b9c0dea483c6069d2cdc473cfacc9052cc2c9e3ee037042fd329173c5e7c9ef8800a51332df5a08602a72a553035711cb9159757303a5e7d389786df44441dc82a9d32c56db8a8b3578cd0faabfa23fb46e22b45a464e35315d8c2dd3fae8b530cf8eb0d8dcb682772bed766be5208e61eab965c6c9a217a4e13f0085626c0408f381205251c18a8f6a44"], 0x60}], 0x1, 0x8001)
recvmmsg(r7, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000001c0)=""/156, 0xff78}, {&(0x7f0000000300)=""/92, 0x33}], 0x2}}], 0x1, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000240), &(0x7f0000000280)=0x40)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, 0x0)
socket$kcm(0x2, 0xa, 0x2)

2.497157328s ago: executing program 0 (id=294):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x5c, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x37}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x5c}}, 0x0)

2.416402947s ago: executing program 0 (id=295):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x20200, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x800, 0x34324152, 0x2, 0xb, [{}, {}, {0xfffffffd}, {0xfffffffd}, {}, {0x0, 0x1000000}], 0x0, 0x0, 0x0, 0x1}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004080}, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4800000010000104000000000000000000000000b95fe95653c9a6f2c0553fd777612cb8c3ae3f6d4fabb1b42e83047a153c050f19752db723918fad098ebeb8f48fd9222b2f", @ANYRES32=0x0, @ANYBLOB="3a8f030000800000140012800b00010067656e6576650000040002801400350067656e65766531000000000000000000"], 0x48}}, 0x0)
sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYRESHEX=r2, @ANYRES16=0x0, @ANYRES16=r0], 0x40}, 0x1, 0x0, 0x0, 0x20040884}, 0x4000)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r5, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000540)=@IORING_OP_SPLICE={0x1e, 0x58, 0x0, @fd_index=0x7, 0x400, {}, 0x77e7f3d6, 0x1, 0x1, {0x0, 0x0, r5}})
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f00000004c0)=ANY=[@ANYRESHEX=r1], 0x10)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=@newqdisc={0x3c, 0x24, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_WASH={0x8, 0xd, 0xfffffffe}]}}]}, 0x3c}}, 0x40010)
sendmmsg$inet6(r5, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0}}], 0x17fd147c801ae9ab, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000200)={@dev}, 0x14)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="2800000010005fba000000000000000000000000983c0efca828a8bf74396e35b58dffe4830d762ac73afe06d6a6c34f62cc13ea6148085636fbfa9bbd2fc27c357192f0faca482d4583a85d02751ac7334e55e018e193780c5d014f59ebcc5d1234fb0858d29c8066010b5706d277935033eec9e2ac81f62bd8ae9c5cc9cdd3270794a329c017fb7e9c6ed9eb6afee68f231284310012177f091a323da68a9f4e55e94f67abc6", @ANYRES32=0x0, @ANYBLOB="80000200e180000008001b0000000000"], 0x28}}, 0x0)
close(0xffffffffffffffff)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)

2.353724708s ago: executing program 1 (id=296):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0xc9)
chdir(&(0x7f0000000000)='./cgroup\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open(&(0x7f0000000840)='./file0\x00', 0x10a0c0, 0x30)
poll(&(0x7f0000000040)=[{r0, 0x90}, {0xffffffffffffffff, 0x100}, {r0, 0x5494}, {r0, 0x90}, {r0, 0x1004}], 0x5, 0x79a8)
pipe2$9p(0x0, 0x0)
read$FUSE(r0, &(0x7f0000002080)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f00000000c0)={0x10, 0x0, r1}, 0x10)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff09"], 0x15)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f00000004c0)={0x9, "52b3bc036fff660a161973ba0db79c19678750c6c05ebd46b3005c6e799e42d884341a1f2bd03c6dcffea849a0eb62df578f469c7843e119f84f40a7093f602cc3829cb63b0d53bd0210fe772c346705f4e26e30dfcf8a5f9abc513d4a40320b63cd44241b092c46957808754cab0b54dc5ad6296a4027704243d5a6898b9350e4aa208096ce3b4b233f2f5b6136085220501164b9b432823c91002279d701ac76a1632745280f3fc4e4b701830711574e048f93cf016b4e7d42e31516fbc36d336d824e90a49f49703d5c6c4fe448615df59ce4ed558e8d0465ade08485a1837eb7e13e497698ac7fef344a349d432831ea53cb74249cc2efc4f78c98c4fd898f91a91b953cec37bfff4b553fb925e7665bbe61f522ff42c4474b30928058ecceb08d2ccc34c352c118cbf410ffe28a9667bf46ea1acb0ad03151fc26852e19a526e244464e2b4cd97b73769c364e7a66f05c4b3e569700025850ea20a9cf00dce9fbd0c75c8dfcfc2e943e7d5ddf64cec7c12ecf23c27e4c795bb42f3ab3fcec8a32cd69b5358b83c9e78e4fd9b9b27ca977bfcfc5af79fd144eaa7f8a5bec8b27768fae7258ece7f207d67462b451767fc2cf9efae350c9f5f4f0333c207b60c8bdbb7e9f05a2c2d21dab491c2369e9ee3622cd601567602515ecf42e01b2b0be629d43835cfce766fa713dc422d44be425a3e46d6c4702e974dd3df0e27d"})
dup(0xffffffffffffffff)

1.753805652s ago: executing program 2 (id=297):
io_setup(0xffff, &(0x7f0000000040))
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
close(r0)
socket(0x2b, 0x1, 0x1)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@ipv4_delroute={0x40, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @private=0xa010102}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @multicast2}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

1.661081733s ago: executing program 3 (id=298):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0x2, {0x2, 0x0, 0x3, 0x0, 0x4000, 0x0, {0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3ff, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000340)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x809000}}, 0x50)
bind$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x24)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl$FIBMAP(r2, 0x401070ca, &(0x7f0000000000))

1.594897771s ago: executing program 3 (id=299):
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x30, r1, 0xb97534d5fe9704cf, 0x0, 0xfffffffc, {{0x12}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x3}]}, 0x30}}, 0x0)
mmap$KVM_VCPU(&(0x7f0000ee9000/0x1000)=nil, 0x930, 0x1000009, 0x4010, 0xffffffffffffffff, 0x0)

1.594067697s ago: executing program 3 (id=300):
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x10)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0x123a67)
ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r1, 0x40184150, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_open_dev$vbi(&(0x7f0000000380), 0x0, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
socket$inet_udp(0x2, 0x2, 0x0)
pselect6(0x40, &(0x7f0000000600)={0x11, 0xfffffffffffffffc, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x4, 0x8}, 0x0, &(0x7f0000000680)={0x7fc, 0x7f, 0x800000, 0x3, 0x7, 0xc3ad, 0x4}, 0x0, 0x0)
pselect6(0x40, &(0x7f00000003c0)={0x6, 0x0, 0x0, 0x40, 0x2, 0xd, 0x7fffffffffffffff, 0x7}, 0x0, &(0x7f0000000680)={0x7ff, 0x7, 0x1009, 0x3, 0x7, 0x10000000, 0x5, 0x7}, 0x0, 0x0)
r5 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x80200, 0x43, 0x10}, 0x18)
sendfile(r5, r2, &(0x7f0000000100)=0x6, 0x5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xf, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bb00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000b00)=0x6)
ioctl$SOUND_MIXER_WRITE_RECSRC(r0, 0xc0044dff, &(0x7f0000000080)=0x3ff)
ioctl$SOUND_MIXER_WRITE_RECSRC(r0, 0xc0044dff, &(0x7f0000000140)=0xef)
fsetxattr$security_ima(r6, &(0x7f00000024c0), &(0x7f0000002500)=@v1={0x2, "fa40778309e4ecbedbf787318b0306"}, 0x10, 0x0)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x20, r9, 0x301, 0xfffb7ffc, 0x0, {0x2b}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0)
read$FUSE(r7, &(0x7f0000000480)={0x2020}, 0x2020)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, 0x0, &(0x7f0000000400))

1.487252896s ago: executing program 0 (id=301):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = request_key(&(0x7f00000002c0)='big_key\x00', &(0x7f0000000340)={'syz', 0x0}, 0x0, 0xfffffffffffffff8)
request_key(&(0x7f0000000040)='id_legacy\x00', &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000240)='/dev/dri/card#\x00', r0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
lseek(r2, 0x5, 0x4)
shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x4000)

1.486856697s ago: executing program 1 (id=302):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000040)='X', 0x1}], 0x1)
syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000300), 0xc, 0x8080)
ioctl$SNDRV_PCM_IOCTL_START(r2, 0x4142, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x8)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{0x0, 0x4, 0x9}]}]}}, 0x0, 0x32, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)='cgroup\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f00000001c0), 0x2, 0x0)
openat$vmci(0xffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[@ANYBLOB="04706982b920"], 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x4, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x42}, [@call={0x85, 0x0, 0x0, 0x5}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close(r1)

1.285821816s ago: executing program 0 (id=303):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@deltfilter={0x2c, 0x2d, 0x200, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3, 0xffe0}, {0xb, 0xf}, {0xda3114f95fcf190c, 0x9}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x30}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x4000001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002340)={0x28, 0x40, 0x9, 0xffffffff, 0x25dfdbfd, {0x1}, [@typed={0x4, 0xf9}, @nested={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x121, 0x0, 0x1, [@typed={0x4, 0x739}, @nested={0x4, 0x48}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
socket$inet6(0xa, 0x6, 0x0)
modify_ldt$write2(0x11, &(0x7f0000000040), 0x10)
modify_ldt$read(0x0, &(0x7f0000001840)=""/4105, 0x1009)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="18fb41d9ba00000000000000000000e2b373a3a027a494089500000054170f3b"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket(0x1d, 0x2, 0x6)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000040)={'wlan1\x00', &(0x7f0000000080)=@ethtool_ringparam={0x11}})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b80)=@raw={'raw\x00', 0x3c1, 0x3, 0x434, 0x2a8, 0x150, 0x150, 0x2a8, 0xf8010000, 0x36c, 0x238, 0x238, 0x36c, 0x238, 0x3, 0x0, {[{{@ipv6={@mcast1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, [], [], 'team_slave_0\x00', 'hsr0\x00', {}, {}, 0x84}, 0x0, 0x240, 0x2a8, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'batadv0\x00', {0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x4}}}, @common=@inet=@sctp={{0x144}, {[], [], [], 0x0, [], 0x0, 0x1f}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv_slave_0\x00', 'gre0\x00'}, 0x0, 0xa4, 0xc4}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x490)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x13, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='svcrdma_page_overrun_err\x00', r5, 0x0, 0xfffffffffffffffd}, 0xb)

954.948948ms ago: executing program 1 (id=304):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x80)
ioctl$I2C_PEC(r1, 0x708, 0x2)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000100)={0x0, 0x4, 0x5, &(0x7f0000000080)={0x6, "14a6c63d876ff44271f1aca6e4482718dab7299602aed83463604d70b41d4008e3"}})
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
r3 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, 0x0, 0x0, 0x0)
ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x4, 0x14a}})
socket$vsock_stream(0x28, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
dup(r0)
dup(r6)
r7 = dup(r5)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
pselect6(0x40, &(0x7f0000000600)={0x6, 0x0, 0x0, 0x40, 0x2, 0xd, 0x0, 0x7}, 0x0, &(0x7f0000000680)={0x7ff, 0x7, 0x9, 0x7, 0x3, 0x0, 0x5, 0x7}, 0x0, 0x0)
ioctl$TIOCL_PASTESEL(r4, 0x541c, &(0x7f0000000100))
ioctl$TCSETS2(r4, 0x402c542b, &(0x7f0000000080)={0xffff7523, 0x81, 0x7a, 0xc, 0x8, "f06f7902ddff0000000000979338d4c267a000", 0x0, 0x6})
ioctl$TIOCL_PASTESEL(r4, 0x541c, &(0x7f0000000000))
r8 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
mq_getsetattr(r8, 0x0, 0xffffffffffffffff)
listen(r0, 0xfffffffc)
recvfrom(r0, 0x0, 0x0, 0x60, 0x0, 0x0)

687.103025ms ago: executing program 3 (id=305):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(0xffffffffffffffff, &(0x7f00000003c0), 0x10)
sendmsg$can_bcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[], 0x48}}, 0x41)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, 0x0, &(0x7f0000000240))
syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x102)
r3 = openat$vcs(0xffffff9c, 0x0, 0x6a201, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x1000, 0x0, 0x3f4, 0x0, 0x54}, 0x9c)
bind$inet6(r7, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r7, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e24, @empty}}, 0x3}, &(0x7f0000000100)=0x90)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000180)={0x3, &(0x7f0000000140)=[{0x7f, 0xf, 0x6, 0x5}, {0x2, 0x9, 0xf, 0x1}, {0xe, 0x4, 0xb1, 0x20a18674}]}, 0x8)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x101802, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x800000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f00000004c0)='kfree\x00', r8}, 0x10)

546.726976ms ago: executing program 2 (id=306):
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
syz_usb_connect$cdc_ecm(0x3, 0x4d, &(0x7f0000001240)=ANY=[@ANYBLOB="12010000020000102505a1a44000010203010902"], 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00')
userfaultfd(0x801)
syz_open_dev$sndctrl(&(0x7f0000000240), 0x0, 0x2a8600)
r0 = syz_open_dev$dri(&(0x7f0000000380), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x401c5820, &(0x7f0000000240)={'bridge_slave_1\x00', @random="576e0723ca13"})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x40000012})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x201, 0x1, &(0x7f0000000540)=[r2], &(0x7f0000000500)=[0x1], &(0x7f0000000200), &(0x7f0000000580), 0x0, 0x7f})

121.650222ms ago: executing program 0 (id=307):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(0x0, 0x48141, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000030000000900010073797a30"], 0x48}, 0x1, 0x0, 0x0, 0x4040}, 0x158761967764310b)
r4 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r5, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
timer_create(0x2, 0x0, &(0x7f0000000280))
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00')
preadv(r6, &(0x7f0000000580)=[{&(0x7f0000000200)=""/122, 0x7a}], 0x1, 0x45, 0x0)

0s ago: executing program 1 (id=308):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000400)={0x60, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'macvtap0\x00'}}]}, 0x60}, 0x1, 0x0, 0x0, 0x854}, 0x1200)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
preadv(r4, &(0x7f0000000640)=[{&(0x7f0000000140)=""/134, 0x86}], 0x1, 0x0, 0x0)
r5 = gettid()
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20000043}, 0x4000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$int_in(r7, 0x5452, &(0x7f0000b28000)=0x3)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r9, &(0x7f0000001d80)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10, 0x0, 0x0, &(0x7f0000000700)=[@ip_retopts={{0x10}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3d}}], 0x28}}], 0x1, 0xc04c0d0)
fcntl$setsig(r7, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r8}], 0x2c, 0xffffffffffbffff8)
fcntl$setown(r7, 0x8, r5)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:34828' (ED25519) to the list of known hosts.
[   41.767598][ T5936] cgroup: Unknown subsys name 'net'
[   41.918891][ T5936] cgroup: Unknown subsys name 'cpuset'
[   41.922831][ T5936] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   42.766244][ T5936] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   45.893373][ T5957] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   45.896748][ T5957] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   45.899448][ T5957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   45.902714][ T5957] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   45.904899][ T5957] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   45.907527][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   45.909424][ T5964] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   45.909893][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   45.912410][ T5964] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   45.913888][ T5957] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   45.915891][ T5964] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   45.923082][ T5965] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   45.923273][ T5964] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   45.927613][ T5964] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   45.927771][ T5965] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   45.930270][ T5964] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   45.933672][ T5967] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   45.934949][ T5964] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   45.940511][ T5963] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   45.943425][ T5963] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   46.180942][ T5952] chnl_net:caif_netlink_parms(): no params data found
[   46.231414][ T5950] chnl_net:caif_netlink_parms(): no params data found
[   46.304145][ T5961] chnl_net:caif_netlink_parms(): no params data found
[   46.310368][ T5955] chnl_net:caif_netlink_parms(): no params data found
[   46.462057][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.464237][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.466350][ T5952] bridge_slave_0: entered allmulticast mode
[   46.468751][ T5952] bridge_slave_0: entered promiscuous mode
[   46.471971][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.473921][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.476630][ T5952] bridge_slave_1: entered allmulticast mode
[   46.478931][ T5952] bridge_slave_1: entered promiscuous mode
[   46.560331][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.562587][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.565176][ T5950] bridge_slave_0: entered allmulticast mode
[   46.567970][ T5950] bridge_slave_0: entered promiscuous mode
[   46.645149][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.649449][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.651667][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.653915][ T5950] bridge_slave_1: entered allmulticast mode
[   46.656980][ T5950] bridge_slave_1: entered promiscuous mode
[   46.659397][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.661621][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.663661][ T5955] bridge_slave_0: entered allmulticast mode
[   46.666914][ T5955] bridge_slave_0: entered promiscuous mode
[   46.683929][ T5961] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.687038][ T5961] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.689524][ T5961] bridge_slave_0: entered allmulticast mode
[   46.692978][ T5961] bridge_slave_0: entered promiscuous mode
[   46.699983][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.743584][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.745809][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.747838][ T5955] bridge_slave_1: entered allmulticast mode
[   46.750216][ T5955] bridge_slave_1: entered promiscuous mode
[   46.753196][ T5961] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.756173][ T5961] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.758901][ T5961] bridge_slave_1: entered allmulticast mode
[   46.762476][ T5961] bridge_slave_1: entered promiscuous mode
[   46.798714][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.842735][ T5961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.849290][ T5952] team0: Port device team_slave_0 added
[   46.857437][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.861938][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.868262][ T5961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.872329][ T5952] team0: Port device team_slave_1 added
[   46.904415][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.981574][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.983561][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.991235][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.996941][ T5950] team0: Port device team_slave_0 added
[   47.018314][ T5961] team0: Port device team_slave_0 added
[   47.021185][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.023111][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.030541][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.034624][ T5950] team0: Port device team_slave_1 added
[   47.038210][ T5955] team0: Port device team_slave_0 added
[   47.041303][ T5961] team0: Port device team_slave_1 added
[   47.088102][ T5955] team0: Port device team_slave_1 added
[   47.106988][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.108954][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.116003][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.160566][ T5961] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.162586][ T5961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.170290][ T5961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.174692][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.176596][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.183736][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.239572][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.242312][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.251979][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.256864][ T5961] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.259473][ T5961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.268991][ T5961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.282325][ T5952] hsr_slave_0: entered promiscuous mode
[   47.285299][ T5952] hsr_slave_1: entered promiscuous mode
[   47.288403][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.290408][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.298004][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.411103][ T5961] hsr_slave_0: entered promiscuous mode
[   47.413344][ T5961] hsr_slave_1: entered promiscuous mode
[   47.415449][ T5961] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.417578][ T5961] Cannot create hsr debugfs directory
[   47.421300][ T5950] hsr_slave_0: entered promiscuous mode
[   47.423445][ T5950] hsr_slave_1: entered promiscuous mode
[   47.425352][ T5950] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.427414][ T5950] Cannot create hsr debugfs directory
[   47.461358][ T5955] hsr_slave_0: entered promiscuous mode
[   47.463400][ T5955] hsr_slave_1: entered promiscuous mode
[   47.465389][ T5955] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.467506][ T5955] Cannot create hsr debugfs directory
[   47.802397][ T5955] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   47.807586][ T5955] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   47.816229][ T5955] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   47.823823][ T5955] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   47.839968][ T5952] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   47.844559][ T5952] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   47.848696][ T5952] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   47.865527][ T5952] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   47.881652][ T5961] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   47.886402][ T5961] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.890629][ T5961] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.895265][ T5961] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.938643][ T5950] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.944466][   T67] Bluetooth: hci2: command tx timeout
[   47.944470][ T5964] Bluetooth: hci1: command tx timeout
[   47.948848][ T5950] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.954487][   T67] Bluetooth: hci0: command tx timeout
[   47.954829][ T5950] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.960909][ T5950] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   48.024612][   T67] Bluetooth: hci3: command tx timeout
[   48.030053][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.039475][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.067197][ T5955] 8021q: adding VLAN 0 to HW filter on device team0
[   48.076229][ T5952] 8021q: adding VLAN 0 to HW filter on device team0
[   48.081239][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.083499][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.098113][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.100194][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.104843][ T5961] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.112379][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.115038][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.136518][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.138561][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.146912][ T5961] 8021q: adding VLAN 0 to HW filter on device team0
[   48.154992][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.161093][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.163186][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.180564][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.182866][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.189412][ T5950] 8021q: adding VLAN 0 to HW filter on device team0
[   48.204842][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.207149][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.214724][ T1137] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.216829][ T1137] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.287858][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.315803][ T5955] veth0_vlan: entered promiscuous mode
[   48.320987][ T5955] veth1_vlan: entered promiscuous mode
[   48.339587][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.345848][ T5955] veth0_macvtap: entered promiscuous mode
[   48.357268][ T5955] veth1_macvtap: entered promiscuous mode
[   48.378931][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.383618][ T5961] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.393454][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.397625][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.403889][ T5955] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.406542][ T5955] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.408948][ T5955] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.411328][ T5955] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.419163][ T5952] veth0_vlan: entered promiscuous mode
[   48.435419][ T5952] veth1_vlan: entered promiscuous mode
[   48.461696][ T5961] veth0_vlan: entered promiscuous mode
[   48.477029][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.477299][ T5961] veth1_vlan: entered promiscuous mode
[   48.479283][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.490201][ T5950] veth0_vlan: entered promiscuous mode
[   48.499386][ T5952] veth0_macvtap: entered promiscuous mode
[   48.505063][ T5950] veth1_vlan: entered promiscuous mode
[   48.510427][ T5952] veth1_macvtap: entered promiscuous mode
[   48.517550][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.520874][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.526641][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.529632][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.533311][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.544416][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.547754][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.552490][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.557505][ T5961] veth0_macvtap: entered promiscuous mode
[   48.562060][ T5952] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.562205][ T5955] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   48.565332][ T5952] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.570696][ T5952] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.572988][ T5952] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.580089][ T5961] veth1_macvtap: entered promiscuous mode
[   48.589737][ T5950] veth0_macvtap: entered promiscuous mode
[   48.596876][ T5950] veth1_macvtap: entered promiscuous mode
[   48.601245][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.604280][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.606842][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.609540][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.612823][ T5961] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.635300][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.638084][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.640583][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.643681][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.647300][ T5961] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.653415][ T5961] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.653460][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.656982][ T5961] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.658426][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.660524][ T5961] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.665131][ T5961] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.670752][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.673535][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.676629][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.680831][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.684872][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   48.689191][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.693306][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.704987][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.707906][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.710674][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.713488][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.717024][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   48.720240][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   48.723849][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.732037][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.732103][ T5950] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.734885][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.737305][ T5950] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.741923][ T5950] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.744425][ T5950] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.802195][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.804767][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.817462][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.819686][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.841154][ T6020] loop2: detected capacity change from 0 to 7
[   48.845006][ T6020] Dev loop2: unable to read RDB block 7
[   48.846566][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.846656][ T6020]  loop2: AHDI p1 p2 p3 p4
[   48.848786][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.851322][  T222] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.852338][ T6020] loop2: partition table partially beyond EOD, truncated
[   48.855200][  T222] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.859069][ T6020] loop2: p1 start 1601398130 is beyond EOD, truncated
[   48.860985][ T6020] loop2: p2 start 1702059890 is beyond EOD, truncated
[   48.862955][ T6020] loop2: p3 size 150995200 extends beyond EOD, truncated
[   48.964578][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.966891][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.969224][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.971505][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.072669][ T5360] Dev loop2: unable to read RDB block 7
[   49.074865][ T5360]  loop2: AHDI p1 p2 p3 p4
[   49.076216][ T5360] loop2: partition table partially beyond EOD, truncated
[   49.078528][ T5360] loop2: p1 start 1601398130 is beyond EOD, truncated
[   49.080434][ T5360] loop2: p2 start 1702059890 is beyond EOD, truncated
[   49.117213][ T5360] loop2: p3 size 150995200 extends beyond EOD, truncated
[   49.134277][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.144302][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   49.283246][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[   49.296650][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[   49.300092][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[   49.302880][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[   49.305549][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[   49.308392][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[   49.311909][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[   49.315767][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[   49.319344][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[   49.322797][ T6031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'.
[   49.924144][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.926466][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.928754][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.930936][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.034220][   T67] Bluetooth: hci1: command tx timeout
[   50.035696][ T5964] Bluetooth: hci0: command tx timeout
[   50.036082][ T5963] Bluetooth: hci2: command tx timeout
[   50.106164][ T5963] Bluetooth: hci3: command tx timeout
[   50.833683][ T6053] loop2: detected capacity change from 0 to 7
[   50.836673][ T6053] Dev loop2: unable to read RDB block 7
[   50.838307][ T6053]  loop2: AHDI p1 p2 p3 p4
[   50.840101][ T6053] loop2: partition table partially beyond EOD, truncated
[   50.856344][ T6053] loop2: p1 start 1601398130 is beyond EOD, truncated
[   50.859054][ T6053] loop2: p2 start 1702059890 is beyond EOD, truncated
[   50.861477][ T6053] loop2: p3 size 150995200 extends beyond EOD, truncated
[   50.917691][ T6051] netlink: 'syz.3.7': attribute type 10 has an invalid length.
[   51.050148][ T6051] veth0_vlan: left promiscuous mode
[   51.216224][ T6051] veth0_vlan: entered promiscuous mode
[   51.274928][ T6051] team0: Device veth0_vlan failed to register rx_handler
[   51.398054][ T5360] Dev loop2: unable to read RDB block 7
[   51.400247][ T5360]  loop2: AHDI p1 p2 p3 p4
[   51.402303][ T5360] loop2: partition table partially beyond EOD, truncated
[   51.406677][ T5360] loop2: p1 start 1601398130 is beyond EOD, truncated
[   51.409591][ T5360] loop2: p2 start 1702059890 is beyond EOD, truncated
[   51.412354][ T5360] loop2: p3 size 150995200 extends beyond EOD, truncated
[   51.447242][ T6057] capability: warning: `syz.2.11' uses 32-bit capabilities (legacy support in use)
[   51.719348][ T6070] loop2: detected capacity change from 0 to 7
[   51.724095][ T6070] Dev loop2: unable to read RDB block 7
[   51.727666][ T6070]  loop2: AHDI p1 p2 p3 p4
[   51.728996][ T6070] loop2: partition table partially beyond EOD, truncated
[   51.731229][ T6070] loop2: p1 start 1601398130 is beyond EOD, truncated
[   51.849733][ T6070] loop2: p2 start 1702059890 is beyond EOD, truncated
[   51.878704][ T6070] loop2: p3 size 150995200 extends beyond EOD, truncated
[   52.027666][ T6081] netlink: 'syz.2.14': attribute type 10 has an invalid length.
[   52.034640][   T40] audit: type=1326 audit(1743771753.065:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6078 comm="syz.1.16" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   52.046101][ T6081] veth0_vlan: left promiscuous mode
[   52.051048][   T40] audit: type=1326 audit(1743771753.065:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6078 comm="syz.1.16" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f73598 code=0x7ffc0000
[   52.057892][   T40] audit: type=1326 audit(1743771753.065:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6078 comm="syz.1.16" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f73598 code=0x7ffc0000
[   52.060978][ T6081] veth0_vlan: entered promiscuous mode
[   52.063733][   T40] audit: type=1326 audit(1743771753.065:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6078 comm="syz.1.16" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   52.068004][ T6081] team0: Device veth0_vlan failed to register rx_handler
[   52.071290][   T40] audit: type=1326 audit(1743771753.075:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6078 comm="syz.1.16" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f73598 code=0x7ffc0000
[   52.078892][   T40] audit: type=1326 audit(1743771753.075:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6078 comm="syz.1.16" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f73598 code=0x7ffc0000
[   52.084866][   T40] audit: type=1326 audit(1743771753.075:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6078 comm="syz.1.16" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f73598 code=0x7ffc0000
[   52.090580][   T40] audit: type=1326 audit(1743771753.075:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6078 comm="syz.1.16" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f73598 code=0x7ffc0000
[   52.097025][   T40] audit: type=1326 audit(1743771753.075:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6078 comm="syz.1.16" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f73598 code=0x7ffc0000
[   52.102946][   T40] audit: type=1326 audit(1743771753.075:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6078 comm="syz.1.16" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f73598 code=0x7ffc0000
[   52.114071][ T5963] Bluetooth: hci0: command tx timeout
[   52.115633][ T5963] Bluetooth: hci1: command tx timeout
[   52.117124][ T5963] Bluetooth: hci2: command tx timeout
[   52.184180][   T67] Bluetooth: hci3: command tx timeout
[   52.377615][ T6087] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   52.383330][ T6087] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   52.942049][ T6097] infiniband syz1: set down
[   52.944063][ T6097] infiniband syz1: added team_slave_0
[   52.968791][ T6097] RDS/IB: syz1: added
[   52.970159][ T6097] smc: adding ib device syz1 with port count 1
[   52.971892][ T6097] smc:    ib device syz1 port 1 has pnetid 
[   53.491722][ T6109] netlink: 'syz.1.21': attribute type 10 has an invalid length.
[   53.501919][ T6109] veth0_vlan: left promiscuous mode
[   53.506225][ T6109] veth0_vlan: entered promiscuous mode
[   53.512307][ T6109] team0: Device veth0_vlan failed to register rx_handler
[   53.971269][ T6115] configfs: Unknown parameter 'usrquota'
[   54.184565][   T67] Bluetooth: hci2: command tx timeout
[   54.185129][ T5963] Bluetooth: hci1: command tx timeout
[   54.185147][ T5964] Bluetooth: hci0: command tx timeout
[   54.266400][ T5963] Bluetooth: hci3: command tx timeout
[   54.495035][ T6125] siw: device registration error -23
[   54.711849][ T6134] __nla_validate_parse: 49 callbacks suppressed
[   54.711911][ T6134] netlink: 24 bytes leftover after parsing attributes in process `syz.0.30'.
[   55.565097][ T6149] netlink: 32 bytes leftover after parsing attributes in process `syz.1.34'.
[   55.616852][ T6149] netlink: 'syz.1.34': attribute type 10 has an invalid length.
[   55.619540][ T6149] veth0_vlan: left promiscuous mode
[   55.623197][ T6149] veth0_vlan: entered promiscuous mode
[   55.628979][ T6149] team0: Device veth0_vlan failed to register rx_handler
[   56.197678][ T6153] sd 0:0:0:0: PR command failed: 1026
[   56.199230][ T6153] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[   56.201105][ T6153] sd 0:0:0:0: Add. Sense: Invalid command operation code
[   56.341375][ T6162] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[   56.343363][ T6162] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   56.347703][ T6162] vhci_hcd vhci_hcd.0: Device attached
[   56.527859][ T5958] vhci_hcd: vhci_device speed not set
[   56.585095][ T5958] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[   56.594838][ T5995] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   56.803859][ T6168] netlink: 8 bytes leftover after parsing attributes in process `syz.0.38'.
[   56.808647][ T5995] usb 6-1: Using ep0 maxpacket: 8
[   56.823198][ T5995] usb 6-1: config 0 has no interfaces?
[   57.003512][ T5995] usb 6-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1
[   57.012870][ T5995] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   57.017343][ T5995] usb 6-1: Product: syz
[   57.018818][ T5995] usb 6-1: Manufacturer: syz
[   57.024164][ T5995] usb 6-1: SerialNumber: syz
[   57.117620][ T5995] usb 6-1: config 0 descriptor??
[   57.288554][ T5995] Process accounting resumed
[   57.330520][ T6162] syz.1.40: vmalloc error: size 2003292160, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   57.337173][ T6162] CPU: 0 UID: 0 PID: 6162 Comm: syz.1.40 Not tainted 6.14.0-syzkaller-13183-g06a22366d6a1 #0 PREEMPT(full) 
[   57.337189][ T6162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   57.337195][ T6162] Call Trace:
[   57.337199][ T6162]  <TASK>
[   57.337204][ T6162]  dump_stack_lvl+0x16c/0x1f0
[   57.337223][ T6162]  warn_alloc+0x248/0x3a0
[   57.337239][ T6162]  ? __pfx_warn_alloc+0x10/0x10
[   57.337253][ T6162]  ? stack_depot_save_flags+0x3e6/0xa50
[   57.337270][ T6162]  ? kasan_save_stack+0x42/0x60
[   57.337283][ T6162]  ? kasan_save_stack+0x33/0x60
[   57.337295][ T6162]  ? kasan_save_track+0x14/0x30
[   57.337309][ T6162]  ? __kasan_kmalloc+0xaa/0xb0
[   57.337322][ T6162]  ? vb2_vmalloc_alloc+0xf9/0x3f0
[   57.337334][ T6162]  ? vb2_core_create_bufs+0x559/0xab0
[   57.337345][ T6162]  ? vb2_create_bufs+0x5e8/0x840
[   57.337353][ T6162]  ? vb2_ioctl_create_bufs+0x244/0x3e0
[   57.337366][ T6162]  __vmalloc_node_range_noprof+0x10ea/0x1540
[   57.337383][ T6162]  ? vb2_vmalloc_alloc+0x135/0x3f0
[   57.337398][ T6162]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   57.337415][ T6162]  ? vb2_vmalloc_alloc+0x135/0x3f0
[   57.337427][ T6162]  vmalloc_user_noprof+0x6b/0x90
[   57.337440][ T6162]  ? vb2_vmalloc_alloc+0x135/0x3f0
[   57.337451][ T6162]  vb2_vmalloc_alloc+0x135/0x3f0
[   57.337464][ T6162]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[   57.337476][ T6162]  __vb2_queue_alloc+0x8c6/0x1280
[   57.337494][ T6162]  vb2_core_create_bufs+0x559/0xab0
[   57.337508][ T6162]  ? __pfx_vb2_core_create_bufs+0x10/0x10
[   57.337526][ T6162]  vb2_create_bufs+0x5e8/0x840
[   57.337538][ T6162]  ? __pfx_vb2_create_bufs+0x10/0x10
[   57.337548][ T6162]  ? v4l_sanitize_colorspace+0x213/0x400
[   57.337567][ T6162]  vb2_ioctl_create_bufs+0x244/0x3e0
[   57.337578][ T6162]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   57.337590][ T6162]  vidioc_create_bufs+0x7d/0xf0
[   57.337601][ T6162]  v4l_create_bufs+0x156/0x270
[   57.337615][ T6162]  __video_do_ioctl+0xb3d/0xfc0
[   57.337633][ T6162]  ? __pfx___video_do_ioctl+0x10/0x10
[   57.337675][ T6162]  ? __kmalloc_noprof+0x242/0x510
[   57.337699][ T6162]  video_usercopy+0x4cd/0x1720
[   57.337717][ T6162]  ? __pfx___video_do_ioctl+0x10/0x10
[   57.337733][ T6162]  ? __pfx_video_usercopy+0x10/0x10
[   57.337754][ T6162]  ? hook_file_ioctl_common+0x145/0x410
[   57.337771][ T6162]  v4l2_ioctl+0x1ba/0x250
[   57.337787][ T6162]  v4l2_compat_ioctl32+0x214/0x2c0
[   57.337801][ T6162]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[   57.337815][ T6162]  __do_compat_sys_ioctl+0x1cb/0x2c0
[   57.337829][ T6162]  __do_fast_syscall_32+0x73/0x120
[   57.337844][ T6162]  do_fast_syscall_32+0x32/0x80
[   57.337858][ T6162]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   57.337870][ T6162] RIP: 0023:0xf7f73579
[   57.337879][ T6162] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   57.337888][ T6162] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   57.337897][ T6162] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00000000c0f8565c
[   57.337903][ T6162] RDX: 00000000800001c0 RSI: 0000000000000000 RDI: 0000000000000000
[   57.337908][ T6162] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   57.337914][ T6162] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   57.337919][ T6162] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   57.337931][ T6162]  </TASK>
[   57.337935][ T6162] Mem-Info:
[   57.390259][   T46] Bluetooth: hci4: Frame reassembly failed (-84)
[   57.394130][ T6162] active_anon:7308 inactive_anon:0 isolated_anon:0
[   57.394130][ T6162]  active_file:2096 inactive_file:35002 isolated_file:0
[   57.394130][ T6162]  unevictable:1768 dirty:163 writeback:0
[   57.394130][ T6162]  slab_reclaimable:9125 slab_unreclaimable:55655
[   57.394130][ T6162]  mapped:25777 shmem:5063 pagetables:774
[   57.394130][ T6162]  sec_pagetables:304 bounce:0
[   57.394130][ T6162]  kernel_misc_reclaimable:0
[   57.394130][ T6162]  free:60104 free_pcp:6484 free_cma:0
[   57.396597][ T6184] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[   57.396924][ T6162] Node 0 active_anon:2848kB inactive_anon:0kB active_file:128kB inactive_file:28kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2980kB dirty:0kB writeback:0kB shmem:6204kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9192kB pagetables:1204kB sec_pagetables:1108kB all_unreclaimable? yes Balloon:0kB
[   57.416822][ T5958] vhci_hcd: vhci_device speed not set
[   57.421095][ T6162] Node 1 active_anon:26384kB inactive_anon:0kB active_file:8256kB inactive_file:139980kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:100128kB dirty:652kB writeback:0kB shmem:14048kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2820kB pagetables:1892kB sec_pagetables:108kB all_unreclaimable? no Balloon:0kB
[   57.471229][ T6162] Node 0 DMA free:2020kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:340kB local_pcp:56kB free_cma:0kB
[   57.474113][ T5958] usb 39-1: device descriptor read/64, error -71
[   57.480189][ T6162] lowmem_reserve[]: 0 290 290 290 290
[   57.483683][ T6162] Node 0 DMA32 free:16532kB boost:0kB min:13336kB low:16668kB high:20000kB reserved_highatomic:2048KB active_anon:2860kB inactive_anon:0kB active_file:128kB inactive_file:28kB unevictable:3536kB writepending:0kB present:1032196kB managed:297508kB mlocked:0kB bounce:0kB free_pcp:2188kB local_pcp:236kB free_cma:0kB
[   57.493574][ T6162] lowmem_reserve[]: 0 0 0 0 0
[   57.495294][ T6162] Node 1 DMA32 free:221568kB boost:0kB min:47148kB low:58932kB high:70716kB reserved_highatomic:0KB active_anon:26472kB inactive_anon:0kB active_file:8256kB inactive_file:139980kB unevictable:3536kB writepending:684kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:23280kB local_pcp:1336kB free_cma:0kB
[   57.505972][ T6162] lowmem_reserve[]: 0 0 0 0 0
[   57.507681][ T6162] Node 0 DMA: 3*4kB (UM) 27*8kB (UM) 14*16kB (UM) 3*32kB (UM) 1*64kB (M) 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2020kB
[   57.513048][ T6162] Node 0 DMA32: 3*4kB (UMH) 46*8kB (UEH) 11*16kB (UEH) 75*32kB (UMEH) 34*64kB (UME) 19*128kB (UME) 7*256kB (UME) 10*512kB (M) 2*1024kB (UM) 0*2048kB 0*4096kB = 16524kB
[   57.519218][ T6162] Node 1 DMA32: 2*4kB (ME) 19*8kB (E) 18*16kB (UE) 7*32kB (E) 64*64kB (UME) 21*128kB (UE) 10*256kB (UE) 5*512kB (UME) 2*1024kB (U) 5*2048kB (UM) 48*4096kB (M) = 221472kB
[   57.525288][ T6162] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   57.528659][ T6162] Node 0 hugepages_total=21 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   57.531971][ T6162] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   57.535399][ T6162] Node 1 hugepages_total=4294967279 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   57.538952][ T6162] 42410 total pagecache pages
[   57.541038][ T6162] 218 pages in swap cache
[   57.542594][ T6162] Free swap  = 119760kB
[   57.544138][ T6162] Total swap = 124996kB
[   57.545628][ T6162] 524155 pages RAM
[   57.547110][ T6162] 0 pages HighMem/MovableOnly
[   57.548840][ T6162] 208867 pages reserved
[   57.550404][ T6162] 0 pages cma reserved
[   57.575403][   T24] usb 6-1: USB disconnect, device number 2
[   57.595163][ T6164] vhci_hcd: connection reset by peer
[   57.597610][   T46] vhci_hcd: stop threads
[   57.599105][   T46] vhci_hcd: release socket
[   57.600869][   T46] vhci_hcd: disconnect device
[   57.791163][ T6191] netlink: 8 bytes leftover after parsing attributes in process `syz.2.46'.
[   57.805010][ T5958] vhci_hcd: vhci_device speed not set
[   58.505711][ T6198] netlink: 24 bytes leftover after parsing attributes in process `syz.2.49'.
[   58.512894][ T6198] netlink: 12 bytes leftover after parsing attributes in process `syz.2.49'.
[   58.516376][ T6198] netlink: 12 bytes leftover after parsing attributes in process `syz.2.49'.
[   58.854207][   T24] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   59.014078][   T24] usb 7-1: Using ep0 maxpacket: 8
[   59.016681][   T24] usb 7-1: config 128 has an invalid interface number: 159 but max is 0
[   59.019187][   T24] usb 7-1: config 128 has no interface number 0
[   59.021018][   T24] usb 7-1: config 128 interface 159 has no altsetting 0
[   59.023041][   T24] usb 7-1: New USB device found, idVendor=0421, idProduct=0508, bcdDevice=4b.b9
[   59.025818][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   59.143275][ T6208] netlink: 'syz.1.51': attribute type 10 has an invalid length.
[   59.150752][ T6208] 8021q: adding VLAN 0 to HW filter on device team0
[   59.154107][ T6208] bond0: (slave team0): Enslaving as an active interface with an up link
[   59.261934][   T24] usb 7-1: string descriptor 0 read error: -71
[   59.270746][   T24] rndis_host 7-1:128.159: More than one union descriptor, skipping ...
[   59.273391][   T24] usb 7-1: bad CDC descriptors
[   59.275524][   T24] cdc_acm 7-1:128.159: More than one union descriptor, skipping ...
[   59.282585][   T24] usb 7-1: USB disconnect, device number 2
[   59.464664][   T67] Bluetooth: hci4: command 0x1003 tx timeout
[   59.464675][ T5963] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   60.166893][ T6220] loop2: detected capacity change from 0 to 7
[   60.169313][ T6220] Dev loop2: unable to read RDB block 7
[   60.171155][ T6220]  loop2: AHDI p1 p2 p3 p4
[   60.172517][ T6220] loop2: partition table partially beyond EOD, truncated
[   60.174816][ T6220] loop2: p1 start 1601398130 is beyond EOD, truncated
[   60.274086][ T6220] loop2: p2 start 1702059890 is beyond EOD, truncated
[   60.276719][ T6220] loop2: p3 size 150995200 extends beyond EOD, truncated
[   60.350581][ T6224] syzkaller0: entered promiscuous mode
[   60.352002][ T6224] syzkaller0: entered allmulticast mode
[   60.451400][ T6226] netlink: 32 bytes leftover after parsing attributes in process `syz.1.56'.
[   60.497422][ T6226] netlink: 'syz.1.56': attribute type 10 has an invalid length.
[   60.500173][ T6226] veth0_vlan: left promiscuous mode
[   60.504321][ T6226] veth0_vlan: entered promiscuous mode
[   60.513602][ T6226] team0: Device veth0_vlan failed to register rx_handler
[   60.739965][   T40] kauditd_printk_skb: 281 callbacks suppressed
[   60.739980][   T40] audit: type=1326 audit(1743771761.775:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   60.749788][   T40] audit: type=1326 audit(1743771761.775:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf742e579 code=0x7ffc0000
[   60.757079][   T40] audit: type=1326 audit(1743771761.775:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   60.764240][   T40] audit: type=1326 audit(1743771761.775:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   60.770022][   T40] audit: type=1326 audit(1743771761.775:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf742e579 code=0x7ffc0000
[   60.776403][   T40] audit: type=1326 audit(1743771761.775:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   60.782348][   T40] audit: type=1326 audit(1743771761.775:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   60.789272][   T40] audit: type=1326 audit(1743771761.775:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf742e579 code=0x7ffc0000
[   60.795994][   T40] audit: type=1326 audit(1743771761.775:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   60.803519][   T40] audit: type=1326 audit(1743771761.775:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6227 comm="syz.0.58" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   61.307831][ T6241] netlink: 24 bytes leftover after parsing attributes in process `syz.1.61'.
[   61.311202][ T6241] netlink: 12 bytes leftover after parsing attributes in process `syz.1.61'.
[   61.315145][ T6241] netlink: 12 bytes leftover after parsing attributes in process `syz.1.61'.
[   61.614129][   T34] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   61.687120][ T6246] netlink: 8 bytes leftover after parsing attributes in process `syz.2.62'.
[   61.765947][   T34] usb 6-1: Using ep0 maxpacket: 8
[   61.788403][   T34] usb 6-1: config 128 has an invalid interface number: 159 but max is 0
[   61.791393][   T34] usb 6-1: config 128 has no interface number 0
[   61.793482][   T34] usb 6-1: config 128 interface 159 has no altsetting 0
[   61.797403][    C2] Illegal XDP return value 16128 on prog  (id 10) dev bond_slave_1, expect packet loss!
[   61.802296][   T34] usb 6-1: New USB device found, idVendor=0421, idProduct=0508, bcdDevice=4b.b9
[   61.805101][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.049579][ T6252] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   62.152205][   T34] usb 6-1: string descriptor 0 read error: -71
[   62.159121][   T34] rndis_host 6-1:128.159: More than one union descriptor, skipping ...
[   62.163204][   T34] usb 6-1: bad CDC descriptors
[   62.165337][   T34] cdc_acm 6-1:128.159: More than one union descriptor, skipping ...
[   62.171011][   T34] usb 6-1: USB disconnect, device number 3
[   62.182614][ T6255] mkiss: ax0: crc mode is auto.
[   62.287344][ T5963] Bluetooth: Unexpected continuation frame (len 18)
[   63.341913][ T6274] netlink: 24 bytes leftover after parsing attributes in process `syz.2.70'.
[   63.345828][ T6274] netlink: 12 bytes leftover after parsing attributes in process `syz.2.70'.
[   63.348268][ T6274] netlink: 12 bytes leftover after parsing attributes in process `syz.2.70'.
[   63.594171][   T58] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   63.716974][ T6279] 9pnet_fd: Insufficient options for proto=fd
[   63.723528][ T6279] warning: `syz.0.71' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   63.744271][   T58] usb 7-1: Using ep0 maxpacket: 8
[   63.746964][   T58] usb 7-1: config 128 has an invalid interface number: 159 but max is 0
[   63.749150][   T58] usb 7-1: config 128 has an invalid descriptor of length 122, skipping remainder of the config
[   63.752628][   T58] usb 7-1: config 128 has no interface number 0
[   63.755455][   T58] usb 7-1: config 128 interface 159 has no altsetting 0
[   63.757441][   T58] usb 7-1: New USB device found, idVendor=0421, idProduct=0508, bcdDevice=4b.b9
[   63.760379][   T58] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.979981][   T58] usb 7-1: string descriptor 0 read error: -71
[   63.983339][   T58] usb 7-1: bad CDC descriptors
[   63.989300][   T58] usb 7-1: USB disconnect, device number 3
[   64.124845][ T6287] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   64.172554][ T6286] netlink: 4 bytes leftover after parsing attributes in process `syz.1.72'.
[   64.175072][ T6286] netlink: 4 bytes leftover after parsing attributes in process `syz.1.72'.
[   64.597006][ T6298] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   65.073685][ T6308] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   65.475229][ T6311] __nla_validate_parse: 52 callbacks suppressed
[   65.475240][ T6311] netlink: 8 bytes leftover after parsing attributes in process `syz.0.78'.
[   65.536270][ T6311] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[   66.356557][ T6329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.84'.
[   66.359178][ T6329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.84'.
[   66.361884][ T6329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.84'.
[   66.364494][ T6329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.84'.
[   66.367234][ T6329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.84'.
[   66.370329][ T6329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.84'.
[   66.373013][ T6329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.84'.
[   66.375588][ T6329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.84'.
[   66.378059][ T6329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.84'.
[   67.302199][ T6340] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   67.306230][   T40] kauditd_printk_skb: 30 callbacks suppressed
[   67.306243][   T40] audit: type=1326 audit(1743771768.345:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6339 comm="syz.2.88" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x0
[   68.363603][  T835] libceph: connect (1)[c::]:6789 error -101
[   68.368903][  T835] libceph: mon0 (1)[c::]:6789 connect error
[   68.401888][ T6361] netlink: 'syz.3.92': attribute type 2 has an invalid length.
[   68.635561][  T835] libceph: connect (1)[c::]:6789 error -101
[   68.642786][  T835] libceph: mon0 (1)[c::]:6789 connect error
[   69.121488][ T6358] ceph: No mds server is up or the cluster is laggy
[   69.161225][  T835] libceph: connect (1)[c::]:6789 error -101
[   69.163052][  T835] libceph: mon0 (1)[c::]:6789 connect error
[   69.195848][ T6378] netlink: 'syz.3.98': attribute type 4 has an invalid length.
[   69.214771][ T6380] netlink: 'syz.0.99': attribute type 1 has an invalid length.
[   69.340333][ T6391] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   69.344053][   T40] audit: type=1326 audit(1743771770.375:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6385 comm="syz.0.102" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x0
[   69.574107][  T835] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   69.804177][  T835] usb 8-1: Using ep0 maxpacket: 32
[   69.815007][  T835] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   69.819433][  T835] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   69.821968][  T835] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   69.824527][  T835] usb 8-1: Product: syz
[   69.825778][  T835] usb 8-1: Manufacturer: syz
[   69.827161][  T835] usb 8-1: SerialNumber: syz
[   69.829911][  T835] usb 8-1: config 0 descriptor??
[   69.832470][ T6384] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   69.835437][  T835] hub 8-1:0.0: bad descriptor, ignoring hub
[   69.837099][  T835] hub 8-1:0.0: probe with driver hub failed with error -5
[   69.995291][ T6402] netlink: 'syz.1.105': attribute type 10 has an invalid length.
[   70.000095][ T6402] veth0_vlan: left promiscuous mode
[   70.007129][ T6402] veth0_vlan: entered promiscuous mode
[   70.014487][ T6402] team0: Device veth0_vlan failed to register rx_handler
[   70.661870][ T6412] syz.1.108 uses obsolete (PF_INET,SOCK_PACKET)
[   70.747045][ T1413] ieee802154 phy0 wpan0: encryption failed: -22
[   70.748963][ T1413] ieee802154 phy1 wpan1: encryption failed: -22
[   70.758339][ T6416] process 'syz.1.109' launched './file1' with NULL argv: empty string added
[   70.896771][  T835] usb 8-1: USB disconnect, device number 2
[   71.413181][ T6422] __nla_validate_parse: 96 callbacks suppressed
[   71.413192][ T6422] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.111'.
[   71.418965][ T6422] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.111'.
[   71.465012][ T5963] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   71.467448][ T5963] Bluetooth: hci1: Injecting HCI hardware error event
[   71.470023][   T67] Bluetooth: hci1: hardware error 0x00
[   71.656615][   T40] audit: type=1326 audit(1743771772.695:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6435 comm="syz.0.115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   71.662530][   T40] audit: type=1326 audit(1743771772.695:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6435 comm="syz.0.115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   71.669772][   T40] audit: type=1326 audit(1743771772.695:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6435 comm="syz.0.115" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf742e579 code=0x7ffc0000
[   71.678306][   T40] audit: type=1326 audit(1743771772.695:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6435 comm="syz.0.115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   71.684387][   T40] audit: type=1326 audit(1743771772.695:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6435 comm="syz.0.115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   71.690631][   T40] audit: type=1326 audit(1743771772.695:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6435 comm="syz.0.115" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf742e579 code=0x7ffc0000
[   71.696585][   T40] audit: type=1326 audit(1743771772.695:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6435 comm="syz.0.115" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000
[   71.702466][   T40] audit: type=1326 audit(1743771772.695:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6435 comm="syz.0.115" exe="/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf742e579 code=0x7ffc0000
[   71.752093][ T6441] netlink: 24 bytes leftover after parsing attributes in process `syz.2.117'.
[   71.755404][ T6441] netlink: 12 bytes leftover after parsing attributes in process `syz.2.117'.
[   71.758328][ T6441] netlink: 12 bytes leftover after parsing attributes in process `syz.2.117'.
[   71.908012][ T6443] netlink: 32 bytes leftover after parsing attributes in process `syz.1.116'.
[   71.934810][ T6443] netlink: 'syz.1.116': attribute type 10 has an invalid length.
[   71.937594][ T6443] veth0_vlan: left promiscuous mode
[   71.942128][ T6443] veth0_vlan: entered promiscuous mode
[   71.949920][ T6443] team0: Device veth0_vlan failed to register rx_handler
[   72.005884][   T58] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   72.164152][   T58] usb 7-1: Using ep0 maxpacket: 8
[   72.167159][   T58] usb 7-1: config 128 has an invalid interface number: 159 but max is 0
[   72.169497][   T58] usb 7-1: config 128 has no interface number 0
[   72.171366][   T58] usb 7-1: config 128 interface 159 has no altsetting 0
[   72.173361][   T58] usb 7-1: New USB device found, idVendor=0421, idProduct=0508, bcdDevice=4b.b9
[   72.175921][   T58] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   72.383627][   T58] usb 7-1: string descriptor 0 read error: -71
[   72.396887][   T58] rndis_host 7-1:128.159: More than one union descriptor, skipping ...
[   72.399184][   T58] usb 7-1: bad CDC descriptors
[   72.400738][   T58] cdc_acm 7-1:128.159: More than one union descriptor, skipping ...
[   72.404539][   T58] usb 7-1: USB disconnect, device number 4
[   72.599018][ T6452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.602043][ T6452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.606779][ T6452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.609670][ T6452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.612490][ T6452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.615949][ T6452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.618679][ T6452] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.621521][ T6452] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.625401][ T6452] batadv_slave_0: entered promiscuous mode
[   72.628888][ T6452] batadv_slave_0: left promiscuous mode
[   73.095874][ T6474] mmap: syz.1.125 (6474) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   73.498274][ T6476] netlink: 24 bytes leftover after parsing attributes in process `syz.0.126'.
[   73.501439][ T6476] netlink: 12 bytes leftover after parsing attributes in process `syz.0.126'.
[   73.514074][ T6476] netlink: 12 bytes leftover after parsing attributes in process `syz.0.126'.
[   73.544352][   T67] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   73.696056][ T6481] siw: device registration error -23
[   73.698273][   T40] kauditd_printk_skb: 24 callbacks suppressed
[   73.698281][   T40] audit: type=1326 audit(1743771774.735:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.1.128" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   73.709578][   T40] audit: type=1326 audit(1743771774.735:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.1.128" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   73.724120][   T40] audit: type=1326 audit(1743771774.745:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.1.128" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   73.730167][   T40] audit: type=1326 audit(1743771774.745:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.1.128" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   73.736439][   T40] audit: type=1326 audit(1743771774.745:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.1.128" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   73.742454][   T40] audit: type=1326 audit(1743771774.745:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.1.128" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   73.748605][   T40] audit: type=1326 audit(1743771774.745:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.1.128" exe="/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   73.754753][   T40] audit: type=1326 audit(1743771774.745:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.1.128" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   73.760783][   T40] audit: type=1326 audit(1743771774.745:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.1.128" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   73.767761][   T40] audit: type=1326 audit(1743771774.745:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.1.128" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   73.834082][   T64] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   73.943131][ T6484] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   73.984389][   T64] usb 5-1: Using ep0 maxpacket: 8
[   73.987015][   T64] usb 5-1: config 128 has an invalid interface number: 159 but max is 0
[   73.989416][   T64] usb 5-1: config 128 has no interface number 0
[   73.991743][   T64] usb 5-1: config 128 interface 159 has no altsetting 0
[   73.996519][   T64] usb 5-1: New USB device found, idVendor=0421, idProduct=0508, bcdDevice=4b.b9
[   73.999959][   T64] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.022312][ T6489] siw: device registration error -23
[   74.104901][ T6492] netlink: 32 bytes leftover after parsing attributes in process `syz.2.129'.
[   74.213799][   T64] usb 5-1: string descriptor 0 read error: -71
[   74.218519][   T64] rndis_host 5-1:128.159: More than one union descriptor, skipping ...
[   74.221069][   T64] usb 5-1: bad CDC descriptors
[   74.224356][   T64] cdc_acm 5-1:128.159: More than one union descriptor, skipping ...
[   74.229908][   T64] usb 5-1: USB disconnect, device number 2
[   74.562102][ T6497] FAULT_INJECTION: forcing a failure.
[   74.562102][ T6497] name failslab, interval 1, probability 0, space 0, times 1
[   74.567762][ T6497] CPU: 3 UID: 0 PID: 6497 Comm: syz.1.132 Not tainted 6.14.0-syzkaller-13183-g06a22366d6a1 #0 PREEMPT(full) 
[   74.567777][ T6497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.567783][ T6497] Call Trace:
[   74.567787][ T6497]  <TASK>
[   74.567791][ T6497]  dump_stack_lvl+0x16c/0x1f0
[   74.567809][ T6497]  should_fail_ex+0x512/0x640
[   74.567841][ T6497]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[   74.567871][ T6497]  should_failslab+0xc2/0x120
[   74.567882][ T6497]  __kmalloc_cache_node_noprof+0x6d/0x420
[   74.567895][ T6497]  ? __lock_acquire+0xaa4/0x1ba0
[   74.567904][ T6497]  ? __get_vm_area_node+0x101/0x300
[   74.567921][ T6497]  __get_vm_area_node+0x101/0x300
[   74.567937][ T6497]  __vmalloc_node_range_noprof+0x277/0x1540
[   74.567950][ T6497]  ? xt_compat_init_offsets+0xe6/0x1f0
[   74.567964][ T6497]  ? __pfx___mutex_trylock_common+0x10/0x10
[   74.567974][ T6497]  ? __pfx___might_resched+0x10/0x10
[   74.567988][ T6497]  ? rcu_is_watching+0x12/0xc0
[   74.568000][ T6497]  ? trace_contention_end+0xdd/0x130
[   74.568009][ T6497]  ? xt_compat_init_offsets+0xe6/0x1f0
[   74.568023][ T6497]  ? kasan_save_stack+0x42/0x60
[   74.568036][ T6497]  ? translate_compat_table+0x1b8/0x18d0
[   74.568052][ T6497]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   74.568063][ T6497]  ? __pfx___mutex_lock+0x10/0x10
[   74.568076][ T6497]  ? ipv6_setsockopt+0x135/0x170
[   74.568087][ T6497]  ? tcp_setsockopt+0xa4/0x100
[   74.568097][ T6497]  ? do_sock_setsockopt+0x221/0x470
[   74.568111][ T6497]  ? __do_fast_syscall_32+0x73/0x120
[   74.568124][ T6497]  ? do_fast_syscall_32+0x32/0x80
[   74.568138][ T6497]  ? xt_compat_init_offsets+0xe6/0x1f0
[   74.568151][ T6497]  vmalloc_noprof+0x6b/0x90
[   74.568164][ T6497]  ? xt_compat_init_offsets+0xe6/0x1f0
[   74.568176][ T6497]  xt_compat_init_offsets+0xe6/0x1f0
[   74.568190][ T6497]  translate_compat_table+0x1f3/0x18d0
[   74.568209][ T6497]  ? find_held_lock+0x2b/0x80
[   74.568222][ T6497]  ? __might_fault+0x13b/0x190
[   74.568236][ T6497]  ? __pfx_translate_compat_table+0x10/0x10
[   74.568260][ T6497]  compat_do_replace+0x255/0x3c0
[   74.568275][ T6497]  ? __pfx_compat_do_replace+0x10/0x10
[   74.568289][ T6497]  ? __pfx_aa_get_newest_label+0x10/0x10
[   74.568298][ T6497]  ? __local_bh_enable_ip+0xa4/0x120
[   74.568312][ T6497]  ? rcu_is_watching+0x12/0xc0
[   74.568333][ T6497]  ? bpf_lsm_capable+0x9/0x10
[   74.568346][ T6497]  ? security_capable+0x7e/0x260
[   74.568358][ T6497]  do_ip6t_set_ctl+0x5d3/0xb00
[   74.568371][ T6497]  ? nf_sockopt_find.constprop.0+0x222/0x290
[   74.568388][ T6497]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[   74.568403][ T6497]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   74.568423][ T6497]  ? nf_sockopt_find.constprop.0+0x222/0x290
[   74.568437][ T6497]  nf_setsockopt+0x8a/0xf0
[   74.568451][ T6497]  ipv6_setsockopt+0x135/0x170
[   74.568465][ T6497]  tcp_setsockopt+0xa4/0x100
[   74.568475][ T6497]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   74.568490][ T6497]  do_sock_setsockopt+0x221/0x470
[   74.568504][ T6497]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   74.568525][ T6497]  __sys_setsockopt+0x1a0/0x230
[   74.568539][ T6497]  __ia32_sys_setsockopt+0xbc/0x160
[   74.568550][ T6497]  ? lockdep_hardirqs_on+0x7c/0x110
[   74.568562][ T6497]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   74.568575][ T6497]  __do_fast_syscall_32+0x73/0x120
[   74.568589][ T6497]  do_fast_syscall_32+0x32/0x80
[   74.568602][ T6497]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   74.568615][ T6497] RIP: 0023:0xf7f73579
[   74.568623][ T6497] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   74.568631][ T6497] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[   74.568641][ T6497] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[   74.568646][ T6497] RDX: 0000000000000040 RSI: 0000000080000480 RDI: 0000000000000444
[   74.568652][ T6497] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   74.568657][ T6497] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   74.568662][ T6497] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   74.568674][ T6497]  </TASK>
[   74.568955][ T6497] syz.1.132: vmalloc error: size 24, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[   74.698077][ T6497] CPU: 2 UID: 0 PID: 6497 Comm: syz.1.132 Not tainted 6.14.0-syzkaller-13183-g06a22366d6a1 #0 PREEMPT(full) 
[   74.698099][ T6497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.698108][ T6497] Call Trace:
[   74.698114][ T6497]  <TASK>
[   74.698121][ T6497]  dump_stack_lvl+0x16c/0x1f0
[   74.698148][ T6497]  warn_alloc+0x248/0x3a0
[   74.698174][ T6497]  ? __pfx_warn_alloc+0x10/0x10
[   74.698195][ T6497]  ? kasan_quarantine_reduce+0x1b9/0x1e0
[   74.698227][ T6497]  ? __kasan_kmalloc+0x8a/0xb0
[   74.698250][ T6497]  ? __get_vm_area_node+0x1e5/0x300
[   74.698275][ T6497]  __vmalloc_node_range_noprof+0xd31/0x1540
[   74.698295][ T6497]  ? __pfx___mutex_trylock_common+0x10/0x10
[   74.698314][ T6497]  ? __pfx___might_resched+0x10/0x10
[   74.698337][ T6497]  ? rcu_is_watching+0x12/0xc0
[   74.698357][ T6497]  ? trace_contention_end+0xdd/0x130
[   74.698372][ T6497]  ? xt_compat_init_offsets+0xe6/0x1f0
[   74.698396][ T6497]  ? kasan_save_stack+0x42/0x60
[   74.698417][ T6497]  ? translate_compat_table+0x1b8/0x18d0
[   74.698444][ T6497]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   74.698464][ T6497]  ? __pfx___mutex_lock+0x10/0x10
[   74.698484][ T6497]  ? ipv6_setsockopt+0x135/0x170
[   74.698504][ T6497]  ? tcp_setsockopt+0xa4/0x100
[   74.698523][ T6497]  ? do_sock_setsockopt+0x221/0x470
[   74.698551][ T6497]  ? __do_fast_syscall_32+0x73/0x120
[   74.698572][ T6497]  ? do_fast_syscall_32+0x32/0x80
[   74.698601][ T6497]  ? xt_compat_init_offsets+0xe6/0x1f0
[   74.698626][ T6497]  vmalloc_noprof+0x6b/0x90
[   74.698646][ T6497]  ? xt_compat_init_offsets+0xe6/0x1f0
[   74.698668][ T6497]  xt_compat_init_offsets+0xe6/0x1f0
[   74.698691][ T6497]  translate_compat_table+0x1f3/0x18d0
[   74.698720][ T6497]  ? find_held_lock+0x2b/0x80
[   74.698741][ T6497]  ? __might_fault+0x13b/0x190
[   74.698765][ T6497]  ? __pfx_translate_compat_table+0x10/0x10
[   74.698809][ T6497]  compat_do_replace+0x255/0x3c0
[   74.698834][ T6497]  ? __pfx_compat_do_replace+0x10/0x10
[   74.698857][ T6497]  ? __pfx_aa_get_newest_label+0x10/0x10
[   74.698873][ T6497]  ? __local_bh_enable_ip+0xa4/0x120
[   74.698896][ T6497]  ? rcu_is_watching+0x12/0xc0
[   74.698923][ T6497]  ? bpf_lsm_capable+0x9/0x10
[   74.698948][ T6497]  ? security_capable+0x7e/0x260
[   74.698969][ T6497]  do_ip6t_set_ctl+0x5d3/0xb00
[   74.698988][ T6497]  ? nf_sockopt_find.constprop.0+0x222/0x290
[   74.699012][ T6497]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[   74.699035][ T6497]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   74.699069][ T6497]  ? nf_sockopt_find.constprop.0+0x222/0x290
[   74.699093][ T6497]  nf_setsockopt+0x8a/0xf0
[   74.699117][ T6497]  ipv6_setsockopt+0x135/0x170
[   74.699141][ T6497]  tcp_setsockopt+0xa4/0x100
[   74.699159][ T6497]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   74.699183][ T6497]  do_sock_setsockopt+0x221/0x470
[   74.699206][ T6497]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   74.699245][ T6497]  __sys_setsockopt+0x1a0/0x230
[   74.699268][ T6497]  __ia32_sys_setsockopt+0xbc/0x160
[   74.699286][ T6497]  ? lockdep_hardirqs_on+0x7c/0x110
[   74.699306][ T6497]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   74.699328][ T6497]  __do_fast_syscall_32+0x73/0x120
[   74.699351][ T6497]  do_fast_syscall_32+0x32/0x80
[   74.699373][ T6497]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   74.699393][ T6497] RIP: 0023:0xf7f73579
[   74.699406][ T6497] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   74.699421][ T6497] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[   74.699436][ T6497] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000029
[   74.699446][ T6497] RDX: 0000000000000040 RSI: 0000000080000480 RDI: 0000000000000444
[   74.699456][ T6497] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   74.699465][ T6497] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   74.699474][ T6497] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   74.699496][ T6497]  </TASK>
[   74.699502][ T6497] Mem-Info:
[   74.836104][ T6497] active_anon:4583 inactive_anon:17 isolated_anon:0
[   74.836104][ T6497]  active_file:12724 inactive_file:12503 isolated_file:0
[   74.836104][ T6497]  unevictable:1768 dirty:269 writeback:0
[   74.836104][ T6497]  slab_reclaimable:5920 slab_unreclaimable:56693
[   74.836104][ T6497]  mapped:23180 shmem:2235 pagetables:765
[   74.836104][ T6497]  sec_pagetables:301 bounce:0
[   74.836104][ T6497]  kernel_misc_reclaimable:0
[   74.836104][ T6497]  free:81051 free_pcp:1063 free_cma:0
[   74.848596][ T6497] Node 0 active_anon:456kB inactive_anon:0kB active_file:716kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:256kB dirty:0kB writeback:0kB shmem:3548kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9128kB pagetables:1100kB sec_pagetables:1112kB all_unreclaimable? yes Balloon:0kB
[   74.857792][ T6497] Node 1 active_anon:17876kB inactive_anon:68kB active_file:50180kB inactive_file:50000kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:92464kB dirty:1076kB writeback:0kB shmem:5392kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2696kB pagetables:1960kB sec_pagetables:92kB all_unreclaimable? no Balloon:0kB
[   74.867114][ T6497] Node 0 DMA free:1928kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:372kB local_pcp:116kB free_cma:0kB
[   74.875209][ T6497] lowmem_reserve[]: 0 290 290 290 290
[   74.876752][ T6497] Node 0 DMA32 free:23200kB boost:6144kB min:19480kB low:22812kB high:26144kB reserved_highatomic:2048KB active_anon:452kB inactive_anon:0kB active_file:716kB inactive_file:12kB unevictable:3536kB writepending:0kB present:1032196kB managed:297508kB mlocked:0kB bounce:0kB free_pcp:2432kB local_pcp:236kB free_cma:0kB
[   74.884724][ T6497] lowmem_reserve[]: 0 0 0 0 0
[   74.886106][ T6497] Node 1 DMA32 free:299344kB boost:8192kB min:55340kB low:67124kB high:78908kB reserved_highatomic:2048KB active_anon:17876kB inactive_anon:68kB active_file:50180kB inactive_file:50000kB unevictable:3536kB writepending:1076kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:1920kB local_pcp:128kB free_cma:0kB
[   74.894458][ T6497] lowmem_reserve[]: 0 0 0 0 0
[   74.895796][ T6497] Node 0 DMA: 14*4kB (UM) 30*8kB (UM) 4*16kB (UM) 5*32kB (UM) 0*64kB 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 1928kB
[   74.899892][ T6497] Node 0 DMA32: 10*4kB (H) 63*8kB (UEH) 86*16kB (UMEH) 108*32kB (UMEH) 89*64kB (UME) 30*128kB (UME) 10*256kB (ME) 11*512kB (UME) 0*1024kB 0*2048kB 0*4096kB = 23104kB
[   74.904619][ T6497] Node 1 DMA32: 558*4kB (UMEH) 737*8kB (UMEH) 552*16kB (UMEH) 669*32kB (UMEH) 554*64kB (UMEH) 107*128kB (UMEH) 69*256kB (UMEH) 57*512kB (UME) 45*1024kB (UME) 16*2048kB (UM) 21*4096kB (UM) = 299232kB
[   74.910114][ T6497] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   74.912733][ T6497] Node 0 hugepages_total=31 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   74.915390][ T6497] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   74.918014][ T6497] Node 1 hugepages_total=4294967269 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   74.920774][ T6497] 27787 total pagecache pages
[   74.922115][ T6497] 325 pages in swap cache
[   74.923379][ T6497] Free swap  = 119940kB
[   74.924913][ T6497] Total swap = 124996kB
[   74.926572][ T6497] 524155 pages RAM
[   74.927854][ T6497] 0 pages HighMem/MovableOnly
[   74.929785][ T6497] 208867 pages reserved
[   74.931113][ T6497] 0 pages cma reserved
[   75.010485][ T6509] =======================================================
[   75.010485][ T6509] WARNING: The mand mount option has been deprecated and
[   75.010485][ T6509]          and is ignored by this kernel. Remove the mand
[   75.010485][ T6509]          option from the mount to silence this warning.
[   75.010485][ T6509] =======================================================
[   75.019822][ T6509] 9pnet_virtio: no channels available for device syz
[   76.114940][ T6505] loop2: detected capacity change from 0 to 7
[   76.117653][ T6505] Dev loop2: unable to read RDB block 7
[   76.119166][ T6505]  loop2: AHDI p1 p2 p3 p4
[   76.120384][ T6505] loop2: partition table partially beyond EOD, truncated
[   76.122342][ T6505] loop2: p1 start 1601398130 is beyond EOD, truncated
[   76.124217][ T6505] loop2: p2 start 1702059890 is beyond EOD, truncated
[   76.126094][ T6505] loop2: p3 size 150995200 extends beyond EOD, truncated
[   76.184502][ T6520] batadv_slave_0: entered promiscuous mode
[   76.187837][ T6519] batadv_slave_0: left promiscuous mode
[   76.276734][ T6532] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   76.466801][ T6536] __nla_validate_parse: 5 callbacks suppressed
[   76.466847][ T6536] netlink: 32 bytes leftover after parsing attributes in process `syz.1.143'.
[   76.504937][   T34] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   76.654114][   T34] usb 8-1: Using ep0 maxpacket: 8
[   76.657106][   T34] usb 8-1: config 128 has an invalid interface number: 159 but max is 0
[   76.659574][   T34] usb 8-1: config 128 has no interface number 0
[   76.661409][   T34] usb 8-1: config 128 interface 159 has no altsetting 0
[   76.663483][   T34] usb 8-1: New USB device found, idVendor=0421, idProduct=0508, bcdDevice=4b.b9
[   76.666208][   T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.880050][   T34] usb 8-1: string descriptor 0 read error: -71
[   76.882425][   T34] rndis_host 8-1:128.159: More than one union descriptor, skipping ...
[   76.884755][   T34] usb 8-1: bad CDC descriptors
[   76.886363][   T34] cdc_acm 8-1:128.159: More than one union descriptor, skipping ...
[   76.889676][   T34] usb 8-1: USB disconnect, device number 3
[   77.064775][ T6541] netlink: 24 bytes leftover after parsing attributes in process `syz.0.146'.
[   77.224158][ T6546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.148'.
[   77.506991][ T6566] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   77.513436][ T6567] siw: device registration error -23
[   77.753793][ T6571] netlink: 32 bytes leftover after parsing attributes in process `syz.3.153'.
[   78.064394][ T6576] netlink: 4 bytes leftover after parsing attributes in process `syz.0.156'.
[   78.429769][ T6585] wg1 speed is unknown, defaulting to 1000
[   78.431949][ T6585] wg1 speed is unknown, defaulting to 1000
[   78.445153][ T6585] wg1 speed is unknown, defaulting to 1000
[   78.451488][ T6585] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   78.476576][ T6585] wg1 speed is unknown, defaulting to 1000
[   78.487317][ T6585] wg1 speed is unknown, defaulting to 1000
[   78.493394][ T6585] wg1 speed is unknown, defaulting to 1000
[   78.508965][ T6585] wg1 speed is unknown, defaulting to 1000
[   78.747982][ T6590] Zero length message leads to an empty skb
[   79.156916][ T6603] FAULT_INJECTION: forcing a failure.
[   79.156916][ T6603] name failslab, interval 1, probability 0, space 0, times 0
[   79.160367][ T6603] CPU: 0 UID: 0 PID: 6603 Comm: syz.0.163 Not tainted 6.14.0-syzkaller-13183-g06a22366d6a1 #0 PREEMPT(full) 
[   79.160382][ T6603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.160388][ T6603] Call Trace:
[   79.160392][ T6603]  <TASK>
[   79.160396][ T6603]  dump_stack_lvl+0x16c/0x1f0
[   79.160413][ T6603]  should_fail_ex+0x512/0x640
[   79.160424][ T6603]  ? fs_reclaim_acquire+0xae/0x150
[   79.160437][ T6603]  ? tomoyo_encode2+0x100/0x3e0
[   79.160450][ T6603]  should_failslab+0xc2/0x120
[   79.160459][ T6603]  __kmalloc_noprof+0xd2/0x510
[   79.160476][ T6603]  tomoyo_encode2+0x100/0x3e0
[   79.160491][ T6603]  tomoyo_encode+0x29/0x50
[   79.160503][ T6603]  tomoyo_realpath_from_path+0x18f/0x6e0
[   79.160518][ T6603]  ? tomoyo_profile+0x47/0x60
[   79.160533][ T6603]  tomoyo_path_number_perm+0x245/0x580
[   79.160543][ T6603]  ? tomoyo_path_number_perm+0x237/0x580
[   79.160555][ T6603]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   79.160567][ T6603]  ? find_held_lock+0x2b/0x80
[   79.160591][ T6603]  ? find_held_lock+0x2b/0x80
[   79.160602][ T6603]  ? hook_file_ioctl_common+0x145/0x410
[   79.160616][ T6603]  ? __fget_files+0x20e/0x3c0
[   79.160632][ T6603]  security_file_ioctl_compat+0x9b/0x240
[   79.160645][ T6603]  __do_compat_sys_ioctl+0x4e/0x2c0
[   79.160658][ T6603]  __do_fast_syscall_32+0x73/0x120
[   79.160673][ T6603]  do_fast_syscall_32+0x32/0x80
[   79.160686][ T6603]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   79.160698][ T6603] RIP: 0023:0xf742e579
[   79.160705][ T6603] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   79.160714][ T6603] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   79.160723][ T6603] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000004008b100
[   79.160729][ T6603] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[   79.160734][ T6603] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   79.160739][ T6603] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   79.160745][ T6603] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   79.160756][ T6603]  </TASK>
[   79.160765][ T6603] ERROR: Out of memory at tomoyo_realpath_from_path.
[   79.253133][ T6604] loop2: detected capacity change from 0 to 7
[   79.258622][ T6605] Dev loop2: unable to read RDB block 7
[   79.260283][ T6605]  loop2: AHDI p1 p2 p3
[   79.261717][ T6605] loop2: partition table partially beyond EOD, truncated
[   79.263945][ T6605] loop2: p1 start 1601398130 is beyond EOD, truncated
[   79.266589][ T6605] loop2: p2 start 1702059890 is beyond EOD, truncated
[   79.306760][ T6604] Dev loop2: unable to read RDB block 7
[   79.309650][ T6604]  loop2: AHDI p1 p2 p3
[   79.311043][ T6604] loop2: partition table partially beyond EOD, truncated
[   79.313427][ T6604] loop2: p1 start 1601398130 is beyond EOD, truncated
[   79.329485][ T6604] loop2: p2 start 1702059890 is beyond EOD, truncated
[   79.478134][ T6615] netlink: 12 bytes leftover after parsing attributes in process `syz.2.166'.
[   79.956584][ T6619] siw: device registration error -23
[   79.958880][   T40] kauditd_printk_skb: 108 callbacks suppressed
[   79.958893][   T40] audit: type=1326 audit(1743771780.995:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6618 comm="syz.1.167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   79.971262][   T40] audit: type=1326 audit(1743771780.995:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6618 comm="syz.1.167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   79.979467][   T40] audit: type=1326 audit(1743771780.995:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6618 comm="syz.1.167" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   79.990026][   T40] audit: type=1326 audit(1743771780.995:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6618 comm="syz.1.167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   79.996020][   T40] audit: type=1326 audit(1743771780.995:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6618 comm="syz.1.167" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   80.003968][   T40] audit: type=1326 audit(1743771781.005:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6618 comm="syz.1.167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   80.011854][   T40] audit: type=1326 audit(1743771781.005:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6618 comm="syz.1.167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   80.019326][   T40] audit: type=1326 audit(1743771781.005:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6618 comm="syz.1.167" exe="/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   80.025543][   T40] audit: type=1326 audit(1743771781.005:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6618 comm="syz.1.167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   80.031340][   T40] audit: type=1326 audit(1743771781.005:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6618 comm="syz.1.167" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[   80.320098][ T6632] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   80.490654][ T6629] netlink: 32 bytes leftover after parsing attributes in process `syz.0.170'.
[   80.991085][ T3229] cfg80211: failed to load regulatory.db
[   81.231707][   T67] Bluetooth: hci0: Malformed Event: 0x02
[   81.239427][ T6648] netlink: 36 bytes leftover after parsing attributes in process `syz.2.174'.
[   81.446501][ T6652] netlink: 8 bytes leftover after parsing attributes in process `syz.0.175'.
[   81.832702][ T6659] loop2: detected capacity change from 0 to 7
[   81.833402][ T6658] netlink: 4 bytes leftover after parsing attributes in process `syz.1.177'.
[   82.110253][ T6658] bond0: (slave team0): Releasing backup interface
[   82.206115][ T6659] Dev loop2: unable to read RDB block 7
[   82.212005][ T6659]  loop2: AHDI p1 p2 p3
[   82.214687][ T6658] team0 (unregistering): Port device team_slave_0 removed
[   82.216300][ T6659] loop2: partition table partially beyond EOD, truncated
[   82.226683][ T6659] loop2: p1 start 1601398130 is beyond EOD, truncated
[   82.229012][ T6659] loop2: p2 start 1702059890 is beyond EOD, truncated
[   82.229690][ T6658] team0 (unregistering): Port device team_slave_1 removed
[   82.302473][ T6666] siw: device registration error -23
[   82.597602][ T6678] netlink: 32 bytes leftover after parsing attributes in process `syz.2.181'.
[   82.602076][ T6679] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   82.644987][ T6678] netlink: 'syz.2.181': attribute type 10 has an invalid length.
[   82.648321][ T6678] veth0_vlan: left promiscuous mode
[   82.653474][ T6678] veth0_vlan: entered promiscuous mode
[   82.664318][ T6678] team0: Device veth0_vlan failed to register rx_handler
[   82.793097][ T6682] netlink: 32 bytes leftover after parsing attributes in process `syz.0.183'.
[   83.327910][ T6687] FAULT_INJECTION: forcing a failure.
[   83.327910][ T6687] name failslab, interval 1, probability 0, space 0, times 0
[   83.332197][ T6687] CPU: 3 UID: 0 PID: 6687 Comm: syz.2.185 Not tainted 6.14.0-syzkaller-13183-g06a22366d6a1 #0 PREEMPT(full) 
[   83.332211][ T6687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   83.332218][ T6687] Call Trace:
[   83.332221][ T6687]  <TASK>
[   83.332225][ T6687]  dump_stack_lvl+0x16c/0x1f0
[   83.332242][ T6687]  should_fail_ex+0x512/0x640
[   83.332254][ T6687]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   83.332274][ T6687]  should_failslab+0xc2/0x120
[   83.332283][ T6687]  __kmalloc_cache_noprof+0x6a/0x3e0
[   83.332296][ T6687]  ? copy_mount_options+0x55/0x190
[   83.332307][ T6687]  ? _copy_from_user+0x59/0xd0
[   83.332319][ T6687]  copy_mount_options+0x55/0x190
[   83.332331][ T6687]  __ia32_sys_mount+0x1ac/0x310
[   83.332341][ T6687]  ? __pfx___ia32_sys_mount+0x10/0x10
[   83.332351][ T6687]  ? rcu_is_watching+0x12/0xc0
[   83.332366][ T6687]  __do_fast_syscall_32+0x73/0x120
[   83.332380][ T6687]  do_fast_syscall_32+0x32/0x80
[   83.332393][ T6687]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   83.332405][ T6687] RIP: 0023:0xf7fc3579
[   83.332413][ T6687] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   83.332422][ T6687] RSP: 002b:00000000f50e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[   83.332432][ T6687] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000080000000
[   83.332437][ T6687] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000080000300
[   83.332443][ T6687] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   83.332448][ T6687] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   83.332453][ T6687] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   83.332464][ T6687]  </TASK>
[   83.394109][ T6275] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   83.527596][ T6690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.186'.
[   83.530823][ T6690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.186'.
[   83.534312][ T6690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.186'.
[   83.537363][ T6690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.186'.
[   83.540548][ T6690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.186'.
[   83.543633][ T6690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.186'.
[   83.546792][ T6690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.186'.
[   83.552616][ T6275] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   83.556636][ T6275] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   83.560137][ T6275] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   83.563381][ T6275] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.567785][ T6685] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   83.572463][ T6275] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[   83.777437][ T5958] usb 8-1: USB disconnect, device number 4
[   84.333133][ T6706] 9pnet_fd: Insufficient options for proto=fd
[   84.356868][ T6708] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   84.628658][ T6715] Bluetooth: MGMT ver 1.23
[   85.287850][   T40] kauditd_printk_skb: 57 callbacks suppressed
[   85.287860][   T40] audit: type=1326 audit(1743771786.325:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.2.197" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc3579 code=0x0
[   88.343143][ T6787] loop2: detected capacity change from 0 to 7
[   88.345585][ T6787] Dev loop2: unable to read RDB block 7
[   88.347185][ T6787]  loop2: AHDI p1 p2 p3 p4
[   88.348388][ T6787] loop2: partition table partially beyond EOD, truncated
[   88.350832][ T6787] loop2: p1 start 1601398130 is beyond EOD, truncated
[   88.353345][ T6787] loop2: p2 start 1702059890 is beyond EOD, truncated
[   88.356047][ T6787] loop2: p3 size 150995200 extends beyond EOD, truncated
[   88.357442][ T6777] __nla_validate_parse: 92 callbacks suppressed
[   88.357451][ T6777] netlink: 32 bytes leftover after parsing attributes in process `syz.3.210'.
[   88.418141][ T6780] netlink: 'syz.3.210': attribute type 10 has an invalid length.
[   88.421037][ T6780] veth0_vlan: left promiscuous mode
[   88.424185][ T6780] veth0_vlan: entered promiscuous mode
[   88.426733][ T6780] team0: Device veth0_vlan failed to register rx_handler
[   88.657472][ T6797] netlink: 4 bytes leftover after parsing attributes in process `syz.1.216'.
[   88.727284][ T6797] hsr_slave_1 (unregistering): left promiscuous mode
[   88.734922][ T6800] netlink: 'syz.1.216': attribute type 10 has an invalid length.
[   88.737864][ T6800] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.740320][ T6800] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.749366][ T6800] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.751360][ T6800] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.753819][ T6800] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.755835][ T6800] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.759371][ T6800] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   89.740066][ T6820] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   89.746016][ T6820] xt_hashlimit: size too large, truncated to 1048576
[   89.833865][ T6820] wg1 speed is unknown, defaulting to 1000
[   90.050204][ T6824] trusted_key: syz.3.222 sent an empty control message without MSG_MORE.
[   90.129392][ T6832] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   90.134000][   T40] audit: type=1326 audit(1743771791.165:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6826 comm="syz.0.223" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x0
[   90.347864][ T6838] netlink: 24 bytes leftover after parsing attributes in process `syz.0.223'.
[   90.683087][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.225'.
[   90.685629][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.225'.
[   90.687960][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.225'.
[   90.690260][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.225'.
[   90.692645][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.225'.
[   90.695053][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.225'.
[   90.697541][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.225'.
[   90.987602][ T6847] loop2: detected capacity change from 0 to 7
[   91.005863][ T6847] Dev loop2: unable to read RDB block 7
[   91.010421][ T6847]  loop2: AHDI p1 p2 p3 p4
[   91.013024][ T6847] loop2: partition table partially beyond EOD, truncated
[   91.191672][ T6847] loop2: p1 start 1601398130 is beyond EOD, truncated
[   91.203106][ T6847] loop2: p2 start 1702059890 is beyond EOD, truncated
[   91.211285][ T6847] loop2: p3 size 150995200 extends beyond EOD, truncated
[   91.315049][ T6850] capability: warning: `syz.3.227' uses deprecated v2 capabilities in a way that may be insecure
[   91.380887][ T6275] IPVS: starting estimator thread 0...
[   91.484208][ T6854] IPVS: using max 48 ests per chain, 115200 per kthread
[   91.529040][ T6857] macsec0: entered promiscuous mode
[   91.530674][ T6857] macsec0: entered allmulticast mode
[   91.532173][ T6857] veth1_macvtap: entered allmulticast mode
[   91.562031][ T6861] xt_TCPMSS: Only works on TCP SYN packets
[   91.966886][ T6867] netlink: 'syz.2.231': attribute type 10 has an invalid length.
[   91.969533][ T6867] veth0_vlan: left promiscuous mode
[   91.972809][ T6867] veth0_vlan: entered promiscuous mode
[   91.977942][ T6867] team0: Device veth0_vlan failed to register rx_handler
[   93.108400][ T6878] macsec0: entered promiscuous mode
[   93.110077][ T6878] macsec0: entered allmulticast mode
[   93.111257][ T6878] veth1_macvtap: entered allmulticast mode
[   93.610811][ T6887] xt_hashlimit: size too large, truncated to 1048576
[   93.735516][ T6887] wg1 speed is unknown, defaulting to 1000
[   93.745577][ T6890] loop6: detected capacity change from 0 to 524287999
[   93.750251][   T65] loop: Write error at byte offset 1, length 4096.
[   93.753103][   T65] loop: Write error at byte offset 1, length 4096.
[   93.755831][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 2 prio class 0
[   93.758809][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[   93.761278][    C1] Buffer I/O error on dev loop6, logical block 1, lost async page write
[   93.766083][   T12] loop: Write error at byte offset 1, length 4096.
[   93.767973][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[   93.770635][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[   94.041667][ T6900] loop2: detected capacity change from 0 to 7
[   94.046043][ T6900] Dev loop2: unable to read RDB block 7
[   94.047822][ T6900]  loop2: AHDI p1 p2 p3 p4
[   94.049715][ T6900] loop2: partition table partially beyond EOD, truncated
[   94.052887][ T6900] loop2: p1 start 1601398130 is beyond EOD, truncated
[   94.055808][ T6900] loop2: p2 start 1702059890 is beyond EOD, truncated
[   94.058426][ T6900] loop2: p3 size 150995200 extends beyond EOD, truncated
[   94.224910][ T6897] __nla_validate_parse: 43 callbacks suppressed
[   94.224922][ T6897] netlink: 60 bytes leftover after parsing attributes in process `syz.1.240'.
[   94.750672][ T6912] loop2: detected capacity change from 0 to 7
[   94.751154][ T6913] sp0: Synchronizing with TNC
[   94.755126][ T6912] Dev loop2: unable to read RDB block 7
[   94.756840][ T6912]  loop2: AHDI p1 p2 p3 p4
[   94.758556][ T6912] loop2: partition table partially beyond EOD, truncated
[   94.761709][ T6912] loop2: p1 start 1601398130 is beyond EOD, truncated
[   94.764784][ T6912] loop2: p2 start 1702059890 is beyond EOD, truncated
[   94.767574][ T6912] loop2: p3 size 150995200 extends beyond EOD, truncated
[   94.992835][ T6923] netlink: 60 bytes leftover after parsing attributes in process `syz.0.247'.
[   95.035193][ T6924] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   95.039268][   T40] audit: type=1326 audit(1743771796.075:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6919 comm="syz.2.248" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x0
[   95.121616][   T24] libceph: connect (1)[c::]:6789 error -101
[   95.124674][   T24] libceph: mon0 (1)[c::]:6789 connect error
[   95.199804][ T6931] netlink: 24 bytes leftover after parsing attributes in process `syz.2.248'.
[   95.384568][   T24] libceph: connect (1)[c::]:6789 error -101
[   95.387148][   T24] libceph: mon0 (1)[c::]:6789 connect error
[   95.895952][   T24] libceph: connect (1)[c::]:6789 error -101
[   95.898299][   T24] libceph: mon0 (1)[c::]:6789 connect error
[   95.957617][ T6926] ceph: No mds server is up or the cluster is laggy
[   96.013688][ T6946] fuse: Bad value for 'group_id'
[   96.016284][ T6946] fuse: Bad value for 'group_id'
[   96.267310][ T6950] loop2: detected capacity change from 0 to 7
[   96.271139][ T6950] Dev loop2: unable to read RDB block 7
[   96.272989][ T6950]  loop2: AHDI p1 p2 p3 p4
[   96.279803][ T6950] loop2: partition table partially beyond EOD, truncated
[   96.282275][ T6950] loop2: p1 start 1601398130 is beyond EOD, truncated
[   96.290498][ T6950] loop2: p2 start 1702059890 is beyond EOD, truncated
[   96.292763][ T6950] loop2: p3 size 150995200 extends beyond EOD, truncated
[   96.337206][ T6955] FAULT_INJECTION: forcing a failure.
[   96.337206][ T6955] name failslab, interval 1, probability 0, space 0, times 0
[   96.341530][ T6955] CPU: 2 UID: 0 PID: 6955 Comm: syz.3.255 Not tainted 6.14.0-syzkaller-13183-g06a22366d6a1 #0 PREEMPT(full) 
[   96.341545][ T6955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.341551][ T6955] Call Trace:
[   96.341555][ T6955]  <TASK>
[   96.341560][ T6955]  dump_stack_lvl+0x16c/0x1f0
[   96.341578][ T6955]  should_fail_ex+0x512/0x640
[   96.341590][ T6955]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   96.341608][ T6955]  should_failslab+0xc2/0x120
[   96.341618][ T6955]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   96.341633][ T6955]  ? skb_clone+0x190/0x3f0
[   96.341649][ T6955]  skb_clone+0x190/0x3f0
[   96.341662][ T6955]  nfnetlink_rcv_batch+0x1dd/0x2350
[   96.341680][ T6955]  ? kmem_cache_free+0x2d4/0x4d0
[   96.341698][ T6955]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[   96.341712][ T6955]  ? consume_skb+0xcc/0x100
[   96.341727][ T6955]  ? find_held_lock+0x2b/0x80
[   96.341740][ T6955]  ? __dev_queue_xmit+0x896/0x43e0
[   96.341751][ T6955]  ? __local_bh_enable_ip+0xa4/0x120
[   96.341764][ T6955]  ? lockdep_hardirqs_on+0x7c/0x110
[   96.341785][ T6955]  ? __pfx___dev_queue_xmit+0x10/0x10
[   96.341796][ T6955]  ? __asan_memset+0x23/0x50
[   96.341809][ T6955]  ? __nla_validate_parse+0x600/0x2880
[   96.341824][ T6955]  ? __pfx_aa_get_newest_label+0x10/0x10
[   96.341836][ T6955]  ? rcu_is_watching+0x12/0xc0
[   96.341848][ T6955]  ? __pfx___nla_validate_parse+0x10/0x10
[   96.341864][ T6955]  ? apparmor_capable+0x114/0x1d0
[   96.341876][ T6955]  ? __nla_parse+0x40/0x60
[   96.341892][ T6955]  nfnetlink_rcv+0x3c1/0x430
[   96.341907][ T6955]  ? __pfx_nfnetlink_rcv+0x10/0x10
[   96.341925][ T6955]  netlink_unicast+0x53a/0x7f0
[   96.341941][ T6955]  ? __pfx_netlink_unicast+0x10/0x10
[   96.341959][ T6955]  netlink_sendmsg+0x8d1/0xdd0
[   96.341974][ T6955]  ? __pfx_netlink_sendmsg+0x10/0x10
[   96.341989][ T6955]  ? __import_iovec+0x1c8/0x660
[   96.342005][ T6955]  ____sys_sendmsg+0xa95/0xc70
[   96.342022][ T6955]  ? __pfx_____sys_sendmsg+0x10/0x10
[   96.342037][ T6955]  ? get_compat_msghdr+0x11a/0x170
[   96.342055][ T6955]  ___sys_sendmsg+0x134/0x1d0
[   96.342069][ T6955]  ? __pfx____sys_sendmsg+0x10/0x10
[   96.342097][ T6955]  __sys_sendmsg+0x16d/0x220
[   96.342110][ T6955]  ? __pfx___sys_sendmsg+0x10/0x10
[   96.342128][ T6955]  ? rcu_is_watching+0x12/0xc0
[   96.342142][ T6955]  __do_fast_syscall_32+0x73/0x120
[   96.342157][ T6955]  do_fast_syscall_32+0x32/0x80
[   96.342171][ T6955]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   96.342185][ T6955] RIP: 0023:0xf740e579
[   96.342193][ T6955] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   96.342203][ T6955] RSP: 002b:00000000f509655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   96.342213][ T6955] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000008000c2c0
[   96.342219][ T6955] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   96.342224][ T6955] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   96.342230][ T6955] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   96.342235][ T6955] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   96.342247][ T6955]  </TASK>
[   96.461748][ T6958] siw: device registration error -23
[   96.472716][   T40] audit: type=1326 audit(1743771797.505:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.256" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000
[   96.484626][   T40] audit: type=1326 audit(1743771797.505:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.256" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000
[   96.492571][   T40] audit: type=1326 audit(1743771797.505:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.256" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc3579 code=0x7ffc0000
[   96.500173][   T40] audit: type=1326 audit(1743771797.505:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.256" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000
[   96.508957][   T40] audit: type=1326 audit(1743771797.505:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.256" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000
[   96.517471][   T40] audit: type=1326 audit(1743771797.505:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.256" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc3579 code=0x7ffc0000
[   96.525643][   T40] audit: type=1326 audit(1743771797.505:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.256" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000
[   96.532552][   T40] audit: type=1326 audit(1743771797.505:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.256" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000
[   96.538646][   T40] audit: type=1326 audit(1743771797.515:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6957 comm="syz.2.256" exe="/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf7fc3579 code=0x7ffc0000
[   97.126903][ T6973] fuse: Bad value for 'group_id'
[   97.128380][ T6973] fuse: Bad value for 'group_id'
[   97.380249][ T6986] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[   97.419859][ T6993] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[   97.513740][ T6992] wg1 speed is unknown, defaulting to 1000
[   97.644120][ T7001] netlink: 8 bytes leftover after parsing attributes in process `syz.1.267'.
[   97.720731][ T7003] netlink: 24 bytes leftover after parsing attributes in process `syz.2.264'.
[   98.028916][ T7009] netlink: 12 bytes leftover after parsing attributes in process `syz.0.269'.
[   98.200085][ T7014] siw: device registration error -23
[   98.804626][  T835] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[   99.161125][  T835] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[   99.163397][  T835] usb 6-1: config 0 has no interface number 0
[   99.165901][  T835] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   99.169861][  T835] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[   99.173241][  T835] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[   99.176673][  T835] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64
[   99.179612][  T835] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[   99.183323][  T835] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[   99.186308][  T835] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.191545][  T835] usb 6-1: config 0 descriptor??
[   99.194600][ T7020] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   99.209028][  T835] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[   99.665577][ T7033] netlink: 8 bytes leftover after parsing attributes in process `syz.1.273'.
[  100.534123][ T3229] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  100.695487][ T3229] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  100.698041][ T3229] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  100.701479][ T3229] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  100.705739][ T3229] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.710040][ T3229] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  100.712753][ T3229] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  100.715141][ T3229] usb 8-1: Product: syz
[  100.716380][ T3229] usb 8-1: Manufacturer: syz
[  100.720290][ T3229] cdc_wdm 8-1:1.0: skipping garbage
[  100.721820][ T3229] cdc_wdm 8-1:1.0: skipping garbage
[  100.724724][ T3229] cdc_wdm 8-1:1.0: cdc-wdm1: USB WDM device
[  100.726492][ T3229] cdc_wdm 8-1:1.0: Unknown control protocol
[  100.880998][ T7050] netlink: 32 bytes leftover after parsing attributes in process `syz.2.281'.
[  100.935264][ T7050] netlink: 'syz.2.281': attribute type 10 has an invalid length.
[  100.937747][ T7050] veth0_vlan: left promiscuous mode
[  100.942277][ T7050] veth0_vlan: entered promiscuous mode
[  100.949954][ T7050] team0: Device veth0_vlan failed to register rx_handler
[  101.175272][ T7055] snd_dummy snd_dummy.0: control 5:65279:0:syz0:4 is already present
[  101.179221][   T40] kauditd_printk_skb: 63 callbacks suppressed
[  101.179235][   T40] audit: type=1326 audit(1743771802.215:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7051 comm="syz.0.282" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x0
[  101.342613][ T7057] netlink: 24 bytes leftover after parsing attributes in process `syz.0.282'.
[  101.594531][   T64] usb 6-1: USB disconnect, device number 4
[  101.600196][   T64] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  102.059269][ T7066] netlink: 8 bytes leftover after parsing attributes in process `syz.2.284'.
[  102.498276][ T7068] netlink: 4 bytes leftover after parsing attributes in process `syz.1.285'.
[  102.516903][ T7068] o2cb: This node has not been configured.
[  102.519162][ T7068] o2cb: Cluster check failed. Fix errors before retrying.
[  102.521266][ T7068] (syz.1.285,7068,3):user_dlm_register:674 ERROR: status = -22
[  102.523439][ T7068] (syz.1.285,7068,3):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1"
[  103.299317][  T835] usb 8-1: USB disconnect, device number 5
[  103.656581][ T7090] netlink: 8 bytes leftover after parsing attributes in process `syz.1.292'.
[  103.985601][ T7102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.295'.
[  104.779613][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.297'.
[  104.783139][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.297'.
[  104.785611][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.297'.
[  104.787966][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.297'.
[  104.790430][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.297'.
[  104.793036][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.297'.
[  104.795595][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.297'.
[  104.797982][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.297'.
[  104.800326][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.297'.
[  104.802655][ T7111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.297'.
[  105.314669][ T7160] netlink: 'syz.0.303': attribute type 1 has an invalid length.
[  106.024171][ T5963] Bluetooth: hci3: command 0x0405 tx timeout
[  106.025585][ T6275] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  106.174190][ T6275] usb 7-1: Using ep0 maxpacket: 16
[  106.176851][ T6275] usb 7-1: config 0 has no interfaces?
[  106.180028][ T6275] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  106.182572][ T6275] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.184926][ T6275] usb 7-1: Product: syz
[  106.186137][ T6275] usb 7-1: Manufacturer: syz
[  106.187471][ T6275] usb 7-1: SerialNumber: syz
[  106.190163][ T6275] usb 7-1: config 0 descriptor??
[  106.318486][ T7179] siw: device registration error -23
[  106.322201][   T40] audit: type=1326 audit(1743771807.355:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[  106.329970][   T40] audit: type=1326 audit(1743771807.355:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[  106.337137][   T40] audit: type=1326 audit(1743771807.355:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.308" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f73579 code=0x7ffc0000
[  106.343916][   T40] audit: type=1326 audit(1743771807.355:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[  106.352717][   T40] audit: type=1326 audit(1743771807.355:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.308" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f73579 code=0x7ffc0000
[  106.359093][   T40] audit: type=1326 audit(1743771807.365:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[  106.365043][   T40] audit: type=1326 audit(1743771807.365:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.308" exe="/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf7f73579 code=0x7ffc0000
[  106.370953][   T40] audit: type=1326 audit(1743771807.365:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[  106.376811][   T40] audit: type=1326 audit(1743771807.365:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73579 code=0x7ffc0000
[  106.384261][   T40] audit: type=1326 audit(1743771807.365:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.1.308" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f73579 code=0x7ffc0000
[  106.406226][   T75] ==================================================================
[  106.409103][   T75] BUG: KASAN: slab-use-after-free in drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  106.412654][   T75] Read of size 1 at addr ffff888024014009 by task kworker/u32:4/75
[  106.417302][   T75] 
[  106.418173][   T75] CPU: 2 UID: 0 PID: 75 Comm: kworker/u32:4 Not tainted 6.14.0-syzkaller-13183-g06a22366d6a1 #0 PREEMPT(full) 
[  106.418187][   T75] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  106.418194][   T75] Workqueue: events_unbound commit_work
[  106.418212][   T75] Call Trace:
[  106.418216][   T75]  <TASK>
[  106.418220][   T75]  dump_stack_lvl+0x116/0x1f0
[  106.418235][   T75]  print_report+0xc3/0x670
[  106.418244][   T75]  ? __virt_addr_valid+0x5e/0x590
[  106.418258][   T75]  ? __phys_addr+0xc6/0x150
[  106.418271][   T75]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  106.418285][   T75]  kasan_report+0xe0/0x110
[  106.418296][   T75]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  106.418312][   T75]  drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  106.418328][   T75]  ? preempt_schedule_thunk+0x16/0x30
[  106.418338][   T75]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  106.418353][   T75]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  106.418365][   T75]  ? drm_atomic_helper_commit_hw_done+0x330/0x490
[  106.418381][   T75]  drm_atomic_helper_commit_tail+0xcb/0xf0
[  106.418395][   T75]  commit_tail+0x35b/0x400
[  106.418409][   T75]  process_one_work+0x9cc/0x1b70
[  106.418422][   T75]  ? __pfx_process_one_work+0x10/0x10
[  106.418435][   T75]  ? assign_work+0x1a0/0x250
[  106.418445][   T75]  worker_thread+0x6c8/0xf10
[  106.418458][   T75]  ? __pfx_worker_thread+0x10/0x10
[  106.418469][   T75]  kthread+0x3c2/0x780
[  106.418478][   T75]  ? __pfx_kthread+0x10/0x10
[  106.418487][   T75]  ? __pfx_kthread+0x10/0x10
[  106.418495][   T75]  ? __pfx_kthread+0x10/0x10
[  106.418504][   T75]  ? __pfx_kthread+0x10/0x10
[  106.418513][   T75]  ? rcu_is_watching+0x12/0xc0
[  106.418525][   T75]  ? __pfx_kthread+0x10/0x10
[  106.418534][   T75]  ret_from_fork+0x45/0x80
[  106.418544][   T75]  ? __pfx_kthread+0x10/0x10
[  106.418554][   T75]  ret_from_fork_asm+0x1a/0x30
[  106.418570][   T75]  </TASK>
[  106.418573][   T75] 
[  106.446083][ T7182] loop2: detected capacity change from 0 to 7
[  106.447010][   T75] Allocated by task 7174:
[  106.447023][   T75]  kasan_save_stack+0x33/0x60
[  106.447041][   T75]  kasan_save_track+0x14/0x30
[  106.447054][   T75]  __kasan_kmalloc+0xaa/0xb0
[  106.447066][   T75]  drm_atomic_helper_crtc_duplicate_state+0x70/0xd0
[  106.449772][ T7182] Dev loop2: unable to read RDB block 7
[  106.451754][   T75]  drm_atomic_get_crtc_state+0x16e/0x450
[  106.451771][   T75]  drm_atomic_get_plane_state+0x436/0x590
[  106.451780][   T75]  drm_atomic_set_property+0xa29/0x34e0
[  106.451791][   T75]  drm_mode_atomic_ioctl+0x66f/0x25f0
[  106.451801][   T75]  drm_ioctl_kernel+0x1f1/0x3e0
[  106.451813][   T75]  drm_ioctl+0x5c9/0xc30
[  106.451825][   T75]  drm_compat_ioctl+0x327/0x460
[  106.451833][   T75]  __do_compat_sys_ioctl+0x1cb/0x2c0
[  106.507331][   T75]  __do_fast_syscall_32+0x73/0x120
[  106.508784][   T75]  do_fast_syscall_32+0x32/0x80
[  106.510213][   T75]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  106.512014][   T75] 
[  106.512711][   T75] Freed by task 7173:
[  106.514012][   T75]  kasan_save_stack+0x33/0x60
[  106.515416][   T75]  kasan_save_track+0x14/0x30
[  106.516810][   T75]  kasan_save_free_info+0x3b/0x60
[  106.518270][   T75]  __kasan_slab_free+0x51/0x70
[  106.519611][   T75]  kfree+0x2b6/0x4d0
[  106.520715][   T75]  drm_atomic_state_default_clear+0x455/0xe40
[  106.522425][   T75]  __drm_atomic_state_free+0x185/0x2b0
[  106.523928][   T75]  drm_client_modeset_commit_atomic+0x6b2/0x7e0
[  106.525728][   T75]  drm_client_modeset_commit_locked+0x14d/0x580
[  106.527460][   T75]  drm_client_modeset_commit+0x4f/0x80
[  106.528958][   T75]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  106.530958][   T75]  drm_fbdev_client_restore+0x2c/0x40
[  106.532488][   T75]  drm_client_dev_restore+0x1f3/0x2a0
[  106.533997][   T75]  drm_release+0x2c4/0x360
[  106.535260][   T75]  __fput+0x3ff/0xb70
[  106.536393][   T75]  task_work_run+0x14d/0x240
[  106.537705][   T75]  syscall_exit_to_user_mode+0x27b/0x2a0
[  106.539270][   T75]  __do_fast_syscall_32+0x80/0x120
[  106.540703][   T75]  do_fast_syscall_32+0x32/0x80
[  106.542096][   T75]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  106.543849][   T75] 
[  106.544533][   T75] The buggy address belongs to the object at ffff888024014000
[  106.544533][   T75]  which belongs to the cache kmalloc-512 of size 512
[  106.548332][   T75] The buggy address is located 9 bytes inside of
[  106.548332][   T75]  freed 512-byte region [ffff888024014000, ffff888024014200)
[  106.552025][   T75] 
[  106.552703][   T75] The buggy address belongs to the physical page:
[  106.554479][   T75] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24014
[  106.556834][   T75] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  106.559146][   T75] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  106.561322][   T75] page_type: f5(slab)
[  106.562471][   T75] raw: 00fff00000000040 ffff88801b442c80 0000000000000000 dead000000000001
[  106.564825][   T75] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  106.567184][   T75] head: 00fff00000000040 ffff88801b442c80 0000000000000000 dead000000000001
[  106.569559][   T75] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  106.571938][   T75] head: 00fff00000000002 ffffea0000900501 00000000ffffffff 00000000ffffffff
[  106.574344][   T75] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  106.576713][   T75] page dumped because: kasan: bad access detected
[  106.578486][   T75] page_owner tracks the page as allocated
[  106.580051][   T75] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 6014, tgid 6014 (syz.1.2), ts 48611876854, free_ts 46867737267
[  106.585775][   T75]  post_alloc_hook+0x181/0x1b0
[  106.587206][   T75]  get_page_from_freelist+0x1193/0x39b0
[  106.588736][   T75]  __alloc_frozen_pages_noprof+0x5a8/0x23a0
[  106.590675][   T75]  new_slab+0x94/0x330
[  106.591894][   T75]  ___slab_alloc+0xd9c/0x1940
[  106.593229][   T75]  __slab_alloc.constprop.0+0x56/0xb0
[  106.594715][   T75]  __kmalloc_node_noprof+0x2ed/0x500
[  106.596186][   T75]  alloc_slab_obj_exts+0x41/0xa0
[  106.597709][   T75]  __memcg_slab_post_alloc_hook+0x27b/0x940
[  106.599454][   T75]  kmem_cache_alloc_noprof+0x307/0x3b0
[  106.600983][   T75]  __anon_vma_prepare+0xae/0x5e0
[  106.602609][   T75]  __vmf_anon_prepare+0x11c/0x240
[  106.604018][   T75]  do_pte_missing+0x1194/0x3fb0
[  106.605397][   T75]  __handle_mm_fault+0x103d/0x2a40
[  106.606822][   T75]  handle_mm_fault+0x3fe/0xad0
[  106.608169][   T75]  do_user_addr_fault+0x60c/0x1370
[  106.609618][   T75] page last free pid 5961 tgid 5961 stack trace:
[  106.611372][   T75]  __free_frozen_pages+0x69d/0xff0
[  106.612838][   T75]  __put_partials+0x16d/0x1c0
[  106.614179][   T75]  qlist_free_all+0x4e/0x120
[  106.615506][   T75]  kasan_quarantine_reduce+0x195/0x1e0
[  106.617042][   T75]  __kasan_slab_alloc+0x69/0x90
[  106.618558][   T75]  __kmalloc_noprof+0x1d4/0x510
[  106.619915][   T75]  ethnl_default_notify+0x164/0x940
[  106.621389][   T75]  ethtool_notify+0xbf/0x200
[  106.622747][   T75]  ethnl_netdev_event+0x10a/0x190
[  106.624173][   T75]  notifier_call_chain+0xb9/0x410
[  106.625614][   T75]  call_netdevice_notifiers_info+0xbe/0x140
[  106.627280][   T75]  netdev_change_features+0x81/0xb0
[  106.628743][   T75]  bond_compute_features+0x549/0x8d0
[  106.629504][ T7182]  loop2: AHDI p1 p2 p3 p4
[  106.630236][   T75]  bond_enslave+0x306a/0x6050
[  106.630248][   T75]  do_set_master+0x40c/0x730
[  106.630258][   T75]  do_setlink.constprop.0+0xfd8/0x4490
[  106.630271][   T75] 
[  106.634078][ T7182] loop2: partition table partially beyond EOD, 
[  106.634609][   T75] Memory state around the buggy address:
[  106.634617][   T75]  ffff888024013f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  106.636127][ T7182] truncated
[  106.636800][   T75]  ffff888024013f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  106.641880][ T7182] loop2: p1 start 1601398130 is beyond EOD, 
[  106.642500][   T75] >ffff888024014000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.643844][ T7182] truncated
[  106.646030][   T75]                       ^
[  106.646038][   T75]  ffff888024014080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.646049][   T75]  ffff888024014100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  106.646054][   T75] ==================================================================
[  106.646710][ T6275] usb 7-1: USB disconnect, device number 5
[  106.652330][ T7182] loop2: p2 start 1702059890 is beyond EOD, 
[  106.653787][   T75] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  106.653798][   T75] CPU: 2 UID: 0 PID: 75 Comm: kworker/u32:4 Not tainted 6.14.0-syzkaller-13183-g06a22366d6a1 #0 PREEMPT(full) 
[  106.653811][   T75] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  106.653818][   T75] Workqueue: events_unbound commit_work
[  106.653837][   T75] Call Trace:
[  106.653841][   T75]  <TASK>
[  106.653845][   T75]  dump_stack_lvl+0x3d/0x1f0
[  106.653861][   T75]  panic+0x71c/0x800
[  106.653871][   T75]  ? __pfx_panic+0x10/0x10
[  106.653880][   T75]  ? irqentry_exit+0x3b/0x90
[  106.653893][   T75]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.653906][   T75]  ? preempt_schedule_thunk+0x16/0x30
[  106.653917][   T75]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  106.653932][   T75]  ? preempt_schedule_common+0x44/0xc0
[  106.653946][   T75]  ? check_panic_on_warn+0x1f/0xb0
[  106.653956][   T75]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  106.653970][   T75]  check_panic_on_warn+0xab/0xb0
[  106.653980][   T75]  end_report+0x107/0x170
[  106.653989][   T75]  kasan_report+0xee/0x110
[  106.653999][   T75]  ? drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  106.654038][   T75]  drm_atomic_helper_wait_for_vblanks.part.0+0x8c0/0x9b0
[  106.654059][   T75]  ? preempt_schedule_thunk+0x16/0x30
[  106.654069][   T75]  ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10
[  106.654085][   T75]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  106.654098][   T75]  ? drm_atomic_helper_commit_hw_done+0x330/0x490
[  106.654114][   T75]  drm_atomic_helper_commit_tail+0xcb/0xf0
[  106.654129][   T75]  commit_tail+0x35b/0x400
[  106.654144][   T75]  process_one_work+0x9cc/0x1b70
[  106.654158][   T75]  ? __pfx_process_one_work+0x10/0x10
[  106.654171][   T75]  ? assign_work+0x1a0/0x250
[  106.654182][   T75]  worker_thread+0x6c8/0xf10
[  106.654195][   T75]  ? __pfx_worker_thread+0x10/0x10
[  106.654207][   T75]  kthread+0x3c2/0x780
[  106.654217][   T75]  ? __pfx_kthread+0x10/0x10
[  106.654226][   T75]  ? __pfx_kthread+0x10/0x10
[  106.654235][   T75]  ? __pfx_kthread+0x10/0x10
[  106.654245][   T75]  ? __pfx_kthread+0x10/0x10
[  106.654254][   T75]  ? rcu_is_watching+0x12/0xc0
[  106.654267][   T75]  ? __pfx_kthread+0x10/0x10
[  106.654277][   T75]  ret_from_fork+0x45/0x80
[  106.654288][   T75]  ? __pfx_kthread+0x10/0x10
[  106.654300][   T75]  ret_from_fork_asm+0x1a/0x30
[  106.654318][   T75]  </TASK>
[  106.655024][   T75] Kernel Offset: disabled

VM DIAGNOSIS:
13:03:27  Registers:
info registers vcpu 0

CPU#0
RAX=00000000003f9597 RBX=0000000000000000 RCX=ffffffff8b6fa419 RDX=0000000000000000
RSI=ffffffff8dbe9d2b RDI=ffffffff8bf44c00 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10
R8 =0000000000000001 R9 =ffffed10056465bd R10=ffff88802b232deb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90866210 R15=0000000000000000
RIP=ffffffff8b6f8caf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880977bc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080da8000 CR3=000000004f45c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
EAX=f6639710 EBX=ffffffff ECX=00000000 EDX=8941d510
ESI=8941d510 EDI=ffffffff EBP=f6639688 ESP=ffa8ee50
EIP=f70d79b9 EFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 575bb440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 0004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002fc04ffc CR3=000000002268e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854ba885 RDI=ffffffff9ae0fb80 RBP=ffffffff9ae0fb40 RSP=ffffc9000106f508
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3230383838666666
R12=0000000000000000 R13=0000000000000034 R14=ffffffff9ae0fb40 R15=ffffffff854ba820
RIP=ffffffff854ba8af RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880979bc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002fd09ffc CR3=0000000025e16000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000080000001 RBX=ffff88806b19a440 RCX=0000000000000006 RDX=0000000000000000
RSI=ffffffff8dbc47bf RDI=ffffffff8b723c22 RBP=ffffffff8b723c22 RSP=ffffc9000e7977c0
R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff90866217 R11=0000000000000000
R12=0000000000000002 R13=ffff88804ead2668 R14=ffff88804ead2840 R15=ffff88804ead21e8
RIP=ffffffff8b6f9108 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097abc000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002fe04ffc CR3=000000007400a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000