last executing test programs:

3.695826969s ago: executing program 1 (id=876):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1ff, 0x0)
socket(0x11, 0x2, 0x4)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x11)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0xbb8)
ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r0, 0x40045731, &(0x7f0000000080)=0x80)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0, 0x13}], 0x2)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000003c0))
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f00000001c0)={0x24, 0x14, 0x105, 0x70bc2a, 0x2ddfdb7b, {0x11}, [@INET_DIAG_REQ_BYTECODE={0xd, 0x1, "053e3e71ed07348ace"}]}, 0x24}, 0x1, 0x0, 0x0, 0x8086}, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r5 = fsopen(&(0x7f0000000000)='udf\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@bloom_filter={0x1e, 0x3, 0x0, 0xe, 0x60a00, 0xffffffffffffffff, 0xfffffff8, '\x00', 0x0, r0, 0x4, 0x5, 0x4, 0x7}, 0x50)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x4c}}, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, 0x0, &(0x7f00000000c0)='io#harset', 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, 0x6e)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0700000400000000000080ffff000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)

3.533448042s ago: executing program 1 (id=879):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r1, 0x1, 0x1, &(0x7f00000002c0)=0x5f53, 0x4)
bind$inet6(r1, 0x0, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0x338}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1001, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x1}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000440)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x38, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0xc, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}]}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x400c041}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f00009b1ffc))
gettid()
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x84, 0x2c, 0xd27, 0x30b529, 0x25dfdc00, {0x0, 0x0, 0xf0, r4, {0x0, 0x4}, {}, {0xfff2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x2, 0xfffffffffffffffd, 0xa, 0x8}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

3.012744108s ago: executing program 3 (id=882):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x802c550a, &(0x7f0000000000)=ANY=[])
socket$igmp(0x2, 0x3, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x4040011)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x5, &(0x7f0000006680))
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003d00)=[{{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000b40)="8b5a9c73903a43c81fe20ff796c802507eaab1c7", 0x14}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000000240)=' ', 0x1}], 0x1}}, {{&(0x7f0000000140)={0xa, 0x4e22, 0x20080, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x1}, 0x1c, &(0x7f0000000dc0)=[{&(0x7f0000000bc0)="71f7c7048c1aea808f5941d845bc800d08f061f45f7c2ead3f9c5b50589e0dc720184d", 0x23}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x4, 0x48800)
syz_usb_disconnect(0xffffffffffffffff)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000200)={0x56d1, 0x4, 0x2, 0x7, <r4=>0x0}, &(0x7f0000000280)=0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000380)={r4, 0x68, &(0x7f0000000300)=[@in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x4e24, 0x3ff, @local, 0x1}, @in={0x2, 0x4e20, @local}, @in6={0xa, 0x4e23, 0x4, @private0, 0x7}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f00000003c0)=0xc)
shutdown(r3, 0x2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0xffffffbe, &(0x7f0000000140)={&(0x7f00000002c0)={0x2c, r6, 0x4, 0x0, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0xffffffffffffff38}, 0x1, 0x0, 0x0, 0x40}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_LEAVE_MESH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x28, r6, 0x2, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x6, 0x1d}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x20000000)
syz_open_dev$dri(0x0, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2.95075473s ago: executing program 2 (id=884):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
r4 = socket(0xa, 0x3, 0x3a)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})
setsockopt$bt_l2cap_L2CAP_OPTIONS(r4, 0x6, 0x1, &(0x7f00000000c0)={0x6, 0x8001, 0x206, 0x1, 0x4, 0x5}, 0xc)
ioctl$USBDEVFS_ALLOC_STREAMS(r5, 0x8008551c, &(0x7f0000000000)={0x184a, 0xb, [{0x1, 0x1}, {0x2}, {0xa}, {0x5, 0x1}, {0x4}, {0x6, 0x1}, {0x6, 0x1}, {0xb}, {0xc, 0x1}, {0x3, 0x1}, {0xe}]})
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
ioctl$TCSETS(r7, 0x5402, &(0x7f0000000200)={0xfffffffc, 0x0, 0x6, 0x0, 0xff, "db8f2d2b3b7596160c6981acf8805944823a7f"})
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, 0x0)
r8 = memfd_secret(0x0)
ppoll(&(0x7f0000000100)=[{r8, 0x200}], 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000000300)={[0x10000, 0x7f55]}, 0x8)
unshare(0x40020000)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r9, r0, 0x0)

2.476452486s ago: executing program 1 (id=885):
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(r2, 0x0, 0x0, 0xfffffe04, 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x141, 0x0, 0x4}, 0x18)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f002, 0x4})
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x85c68e8ab9c77084, 0x0)
openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
gettid()
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x1, 0x1, 0x40}, 0xc)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xa4ff}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000000a40), 0x0, 0x40000002, 0x0)

2.267109132s ago: executing program 3 (id=889):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0xc)
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r3 = dup(r2)
io_setup(0x19, &(0x7f00000009c0)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
fcntl$notify(r1, 0x402, 0x17)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@delchain={0x3c, 0x65, 0x2, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x7, 0xfff1}, {0x8, 0x11}, {0x2, 0xe}}, [@TCA_RATE={0x69, 0x5, {0x2, 0xa2}}, @TCA_CHAIN={0x8, 0xb, 0x5}, @TCA_CHAIN={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r8, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
socket$netlink(0x10, 0x3, 0x14)
connect$inet(r8, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
unshare(0x22020600)

1.916172284s ago: executing program 2 (id=890):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 64)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (rerun: 64)
shutdown(r0, 0x2) (async)
syz_emit_ethernet(0x46, &(0x7f0000001600)=ANY=[@ANYBLOB="aaaaaaaaaaaa7f0a00034011080045000102ac1414aa0b029078120002282500000000000000002f00007f000001000000000000655800000000000000000000000000000000d4036d4c29dca777a8d6a947dbf05ac1f390bd7054296661e49ea11336ed187a312fb914aa6434f990861e57c30044039ab75034c9712eef7360d8a412afb16f6a46427104c22db394bbd772ee67772759a73b4344ec9a703b15b89bb1dc005d32587115eaf54f4de68d4e82f1bb4751bc8fbfeaeabda49cd9555708dce5a1751c439a5594a8125f93ff36fa65b44feb9ebf8b00e54e13431657a0ba4f6f726664e4f634c8c79f172e9d0d4173260db4170ba1650aa35116d00cf7ad5b50d1e092f47cfb1858d7f02445d678d55d4898b172f0430650656533e05fdfd5a59ad55ff05a1cb2d53a3920561e18bb49b9413941ef5225b4d02b946069a2f635251fb91cda219fb720be53647796a5c158b8917acbd450e43c305a5759f28c0e8bd9ac69ce6fee9e1864ceb2eb194c3b6f3249ea9d79d5c73a9195c9b7df62ca12759089e63f178e0249da4d10f2586993d5cfcbf5e7db8519cf4ae10adab5ea263ccd3661fdbd9f888e030d43d7c37fad"], 0x0) (async)
recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (rerun: 32)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 64)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) (rerun: 64)
close(r2)
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r2, 0xc0405519, &(0x7f00000001c0)={0x8, 0x1, 0xfffffffe, 0x5, 'syz0\x00', 0x4}) (async, rerun: 32)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r3}, 0x18) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30) (async)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_UNBLANKSCREEN(r4, 0x541c, &(0x7f0000000180)) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = userfaultfd(0x801)
mlock2(&(0x7f0000fef000/0x11000)=nil, 0x11000, 0x1) (async)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000040)) (async, rerun: 64)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1}) (async, rerun: 64)
ioctl$UFFDIO_COPY(r6, 0xc028aa03, &(0x7f0000002200)={&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x1000}) (async)
close(r5) (async)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0xfffffffc)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)

1.897783425s ago: executing program 2 (id=891):
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
r0 = openat$snapshot(0xffffff9c, &(0x7f0000000180), 0x2002, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f00000002c0)={{0x200000f, 0x3}, 0x100, './file1\x00'})
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x80, &(0x7f0000000140)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
personality(0x8)
uname(&(0x7f0000000040)=""/46)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SIOCGSKNS(r2, 0x894c, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000001000000280001801400040000000000000002000000ffffac1414aa060001000a00800008000600"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@newtaction={0x60, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ctinfo={0x48, 0x1, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x5, 0x3003, 0x3, 0x9, 0x8}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x60}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r9 = socket(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1.566385672s ago: executing program 1 (id=892):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$COMEDI_INSNLIST(0xffffffffffffffff, 0x8010640b, &(0x7f00000000c0)={0x1, &(0x7f00001b3400)=[{0x4000000, 0x0, 0x0, 0x9, 0x2007}]})
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x1fffffffffffffed, &(0x7f0000000040)=ANY=[@ANYRES64], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x9)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r3=>0x0, @dev, @local}, &(0x7f0000000340)=0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x18, 0x6, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffffff}, [@jmp={0x5, 0x0, 0x849aee721dcc84be, 0x0, 0x0, 0x2}, @jmp={0x5, 0x0, 0xc, 0x0, 0x0, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffffffffffc}]}, &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000003c0)={'syztnl1\x00', &(0x7f0000000540)={'syztnl1\x00', r3, 0x7, 0x7, 0x10000, 0x317, {{0x20, 0x4, 0x3, 0x8, 0x80, 0x66, 0x0, 0x8, 0x4, 0x0, @empty, @multicast1, {[@cipso={0x86, 0x13, 0x3, [{0x6, 0xd, "d14c095cfa9bbde56915b8"}]}, @timestamp_addr={0x44, 0x1c, 0x89, 0x1, 0x8, [{@dev={0xac, 0x14, 0x14, 0x22}, 0x9}, {@multicast1, 0x6}, {@remote, 0x9}]}, @timestamp_addr={0x44, 0x24, 0x66, 0x1, 0x0, [{@loopback, 0x5}, {@loopback, 0x2}, {@local, 0x80be}, {@broadcast, 0x80000001}]}, @lsrr={0x83, 0xb, 0x54, [@local, @broadcast]}, @timestamp_addr={0x44, 0xc, 0x61, 0x1, 0x7, [{@private=0xa010101, 0x4}]}]}}}}})
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
mknod$loop(&(0x7f00000190c0)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000019100)='./file0\x00', 0x0, 0x0)
r5 = getpid()
syz_open_procfs(r5, &(0x7f0000000080)='stat\x00')
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0xffa1, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r6, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))

1.50826771s ago: executing program 1 (id=893):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='1', 0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(0xffffffffffffffff, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETGEN(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, 0x10, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0xc004)
sendmsg$unix(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f00000004c0)="bb7595b330d5b492", 0x8}, {&(0x7f0000000680)="0b0d483e1066af2b5aa9efc67828f941bc7cd1650b1a6deeb11ed5ea0c9486d465c0babcda75b2bb61ee3d98de7c74b43fc419c86f42244f8fd409f4a37376089bbd03c2c7f83b887b569942bc0ffd49945d991678e794dbde8207dff2a5f2d3dc974091c55df20e922958beed8c2878c7f33f959fd9f1a24044de65d168b2c2b80168f45fa1be", 0x87}, {&(0x7f0000000500)="bb07abaef0409f27c1e407cc15ce55391f8f5fd6ffd39bb51b892600d4b4797ee77d34bb9bf3075095aac75dcae9350a651cf30c937d17f9696fd5284c3e", 0x3e}, {&(0x7f0000000740)="977ac5a1d109c0d39365fc922f446df7b492e751b27a45e282bea1e098f4db39ab807aa203fdaf70c0e0975e03d5a78861be7a65e5f0b51b999fee6fd17181766262eaddb88bb3503669899a93d06517dbdb39157a03d617a659a39bb035b9546b9447063d6f858860815a1197a76df15678cb9903d6b4f36587e3d67afa8c1c83229f3cd11986f9cfa0739cb3e75e198dcbe86245125f3cbe65fbd41427c96869b6909d421c588d5891d93e7eb1eaa6114febb5edb207dfcc26b954c377a1937bf3ed48ac123fb4a9b58c5c9dc434f9859a25bb5094a0495846100391dc59c81b2aeb69bcb11bce465f56000aded80720599add4cfe85ad9ee0", 0xfa}, {&(0x7f00000005c0)="902dd0aa1f515cba29f13f8268828c331f173c6b8426b7b4cc88c7d58a4f523a197b9e5f0ee22efd491ce440f8ab", 0x2e}, {&(0x7f0000000600)="bfc58c56a07371d01f473a625e6d0850b141e553a34d13dda3554e2883915c5e9ce0e5f3e423ed0ceea80f62974f35ed00ee2de2a2d0c8dd3dc1", 0x3a}, {&(0x7f0000000840)="030709ed88c4949fc5a9b25ede0a5be5f689193751bc2df714b577acbafb20fc7989abd041af85772647de61c50935509ef75cd62492b6c4291fc1e4c447d8d2ea8632fdb375fe3c640203d71567ce4394a06dee83858ec4a0f4b1cbd04e0f4b09e398809637ef6af5e36a15017ca1f115d8f45e77b695986f50ad2db6c140dbebe113e438bac01cbf4653f1ad93a4526592333697f4ad8213a43f3d1b4d78d28a49726f92a112d11415bb92e59e242763c271da1fe71a756656dc8d6dcfa19f1da873380bfe360eb5cab264a60a40cc5f103e223dfa47f1937bc265c90f972c48a312b5cd34f1e721640c46122b7775c14a2c58345baa94b62c", 0xfa}, {&(0x7f0000000940)="0d0cf4c693a3e5b4801533544b0ebfbf7f776792f7e34299083f36a3c259221ebea1b9e9cc31a1990f3692dc046b924659ea90ceea0a2132a39a6230b2fb2e972f92cfe46f5c74b1ffcbcb3f2cf5d98a1deb74821f3f876848bc0579d4878c3797c2e0db3c0d5e45fc5027c776a9a5315832e6c60370b504b9d62b3b0e6a64e4a2", 0x81}], 0x8, &(0x7f0000000a40)=ANY=[@ANYBLOB="180000000100000001000000", @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="340000000100000001000000", @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="100000000100000001000000", @ANYRES32=r1, @ANYBLOB="280000000100000001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r2, @ANYBLOB="1800000001004000020003a8e16268b1b881614982b50000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYRES32=0x0], 0x9c, 0x44084}, 0x44)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r3, &(0x7f0000000080)=""/237, 0xed, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x5e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$alg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@assoc={0x10, 0x117, 0x4, 0x8}, @op={0x10, 0x117, 0x3, 0x1}, @op={0x10, 0x117, 0x3, 0x1}], 0x30, 0x20008041}, 0x0)
r5 = io_uring_setup(0x120, &(0x7f00000000c0)={0x0, 0x0, 0x8000, 0x80000000, 0xfefffffd})
io_uring_register$IORING_REGISTER_RESIZE_RINGS(r5, 0x21, &(0x7f0000000340)={0x0, 0xebb9, 0x8, 0x3, 0xd5}, 0x1)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
ioctl$IOMMU_TEST_OP_ACCESS_RW(0xffffffffffffffff, 0x3ba0, &(0x7f0000000440)={0x48, 0x8, r1, 0x0, 0x6d6, 0x80, &(0x7f0000000240)="9be5ec0b0219dfec1c8e21752f4bbf749355aafd487a2dfcc95a11eb3bcbdeaba4775ee2c3f3882b5347c9cade254f83ed7f4ceae661d69df750487cf5180014e08ba2587db991fe28c4393feb8d91197ad1d5614e9c8e1ce0fa4f87b340c12dbadfe4febbca93790c5f540122976108377b0e038efb9a8b93bcdd80182ad530"})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmmsg$unix(r8, &(0x7f00000bd000), 0x492492492492846, 0x0)
connect$unix(r7, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
readv(r4, &(0x7f0000000000)=[{&(0x7f0000000100)=""/54, 0x36}], 0x1)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x8040}, 0x4004000)
syz_io_uring_setup(0x498, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340), &(0x7f0000000080))
eventfd(0x401)

1.3960875s ago: executing program 0 (id=894):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x3a3200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x470b923, 0x82000, {0x0, 0x0, 0x0, r7, {}, {0x5, 0xb}, {0xd, 0xd}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x1, 0x800, 0xfffc, 0xfffd, 0xa}, {0x9, 0x1, 0x400, 0x6, 0x9}}}, @TCA_TBF_BURST={0x8, 0x6, 0x7fff}]}}]}, 0x60}}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b01ffc34ec6"})

1.206177552s ago: executing program 3 (id=895):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_init(0x200, 0x0)
pselect6(0x40, &(0x7f0000000100)={0xd, 0x0, 0x0, 0x3, 0x693, 0xfffffffffffffffe, 0xffffffffffffffff}, &(0x7f0000000180)={0x1f, 0x8000000, 0x5, 0x0, 0x9, 0x2, 0x1}, 0x0, 0x0, 0x0)

1.205762527s ago: executing program 0 (id=896):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="020000000400000005000000aa"], 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r0}, 0x38)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22041000f3fe80000000000000110880febb0007aafe8000000000000027bfa7b09303960e2b80"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000080)=0x14, 0x800)
sendto$packet(r2, &(0x7f00000000c0)="e83d58608f4102cdbf8aec92ac0e21d9960e99ee4aebc78ae8cd55900c2c53401c26f40ed91cef8ebf124d622a3f181ec0b7ac52faebe7", 0x37, 0x880, 0x0, 0x0)

1.203479083s ago: executing program 3 (id=897):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(r0, &(0x7f0000000600)={0x2, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x34}, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e27, 0x7, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x44fd4b3f}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71002000000ffffffffffffffffffe7ee00050000000000000200000000", 0x58}], 0x1)

1.136361642s ago: executing program 3 (id=898):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x12, 0x8031, 0xffffffffffffffff, 0x6a855000)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000800000000000000000000008500000029000000850000000500000095000000000000007bc8b74ede95d69c6998ff7acb458c2f2a60d5a51bcf2fd075e19a4c3b704d98eb24ca164f7a92275304b93f4532b0de9de6278b31dceb4984b5f8ab64eb8d6a44912f9cb60dd511e8db9744fc3cf0245642413d0a7bb8576901c2772d997e1a4f210c2f85be2ba433a850c42dd1fcc7f18e2c2f8dc4639cb8b27f3e62b3cdbd649d8713b4768383727820c41141952491f9fd2bf942982e9bac"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={r0, 0x0, 0xf2, 0x0, &(0x7f0000000480)="00dfb080cd21d1088eee0008000097c0557bd789654254e3a8842be586f1b77380683963ab6bcb8c05b8649b158732875a8f375665894440d2ded73c46560aacec97c526707a5f09667ed16ff98fdbef9cfd36506e0de8c30bdad4495fcfb894f750f5d7be93abb420e5ee8c850f4039f0dcfadc668611a291965b3f64cb2c8adc99cba880843e3f51b74a79ce083260a3ee65fd35376baaaf280850af9daa04a202acc339e1e610b6303b5b778e77820c94ea379f55a11b76b43a5167590d90485bd450f9fa99cf6d30f8fcec27932ff0a1b71b1d4a32165ee0c3eee5f05f33ed0d05916d2c6e7d71dc4702877f412ca262", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2, 0x59032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000180)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
membarrier(0x2, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101402, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYRESHEX=r1], 0x24}}, 0x0)
socket(0x400000000010, 0x3, 0x0)
r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fb07000095000000000000006f576d404520427c2598e5f9e6f02f0d7050b195b43e61435866d81ec503a79a68bd58bad1101d0a00d519ed90d81ae33d4846b8037b8981aa44e8f2b945288b13a84539d9459831e7a7e3ed908eda"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x18)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_DEL(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="270e24fa32500000010004"], 0x14}, 0x1, 0x40030000000000}, 0x0)
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
io_setup(0x1, &(0x7f0000000b80)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r5, 0x0}])
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r7 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r7, 0x13)
tkill(r7, 0x12)
waitid(0x0, 0x0, 0x0, 0x8, 0x0)
timer_create(0x3, 0x0, &(0x7f0000044000))

1.136089908s ago: executing program 0 (id=899):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x2c, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0, @ANYRESHEX=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xc4, &(0x7f0000000500)=""/196, 0x41000, 0x27, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb4}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x4c)
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000012c0)=ANY=[], 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
syz_clone3(&(0x7f0000004dc0)={0x100100900, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58)
prlimit64(0x0, 0x8, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000200)=0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4048aecb, &(0x7f0000000100)=ANY=[@ANYBLOB="01", @ANYRESHEX=r3, @ANYRES32=r1])
ioctl$KVM_RUN(r4, 0xae80, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000001180)=[{&(0x7f00000011c0)}, {0x0}, {&(0x7f0000001080)="9cafcb144a7b6aefed34314e91f38f5bff726e9781a5c4080000009b5128c2f893a08aa14d595244821618cfa2af7a22efb6ce434562402550033812d7e48a03253bd06555aa3365adac60c2d0317d6e551680744f1319f115710072db8cfa681f2f5735d8914b4e188a900185aadd3a92fd5203030000009da86c0f80cc9073ff3378c6fa2aade7c43be07a1b0b01807d904a8b1007ef667f33dc60fe25b3eed04b1e2332fd9943b96428d01ff38b681538de15f287f87d50e025170000596e54607e7030e4d46f79a9b0d0c89b", 0xce}], 0x3)
syz_open_dev$tty1(0xc, 0x4, 0x2)
add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/consoles\x00', 0x0, 0x0)
preadv(r2, &(0x7f0000000000), 0x0, 0x80000033, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x3, &(0x7f0000000040)=0x43)

985.968908ms ago: executing program 2 (id=900):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x1c})
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x15, &(0x7f0000000180)=ANY=[@ANYRES8=r1, @ANYRESOCT=r0, @ANYRESDEC=r1, @ANYRESOCT=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
read(r0, &(0x7f0000000200)=""/145, 0x91)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}, 0x1})
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
readv(r3, &(0x7f0000000000)=[{0x0}], 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8)

985.609255ms ago: executing program 0 (id=901):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 64)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64)
r2 = socket$inet_udp(0x2, 0x2, 0x0) (rerun: 64)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10) (async)
r3 = pidfd_getfd(0xffffffffffffffff, r2, 0x0) (async)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x10000, 0x3, 0x1, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffff7}, {0x800000, 0x8, 0xfffffffffffffffc, 0x8}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in=@remote, 0x4d2, 0x6c}, 0xa, @in6=@mcast2, 0x0, 0x5, 0x0, 0xb7, 0x0, 0x4000}}, 0xe4) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0xdf, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
sendmsg$NL80211_CMD_JOIN_OCB(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES32, @ANYBLOB="200025bd7000fedbdf256c00000008000300"], 0x24}, 0x1, 0x0, 0x0, 0x8810}, 0xc810) (async)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) (async)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x99fe681834aac99b, 0x0, 0x0) (async)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff}) (async, rerun: 64)
ioctl$KVM_RUN(r6, 0xae80, 0x0) (async, rerun: 64)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) (async, rerun: 32)
r7 = syz_open_dev$sndpcmc(&(0x7f0000000d00), 0x0, 0x0) (async, rerun: 32)
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f00000019c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], 0x0}, 0x94) (async, rerun: 32)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x2000004) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x6a040000) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

895.262912ms ago: executing program 2 (id=902):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xfffe, 0x0, 0xa40}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socket$kcm(0x10, 0x2, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc3}, &(0x7f0000000300)={0x0, "10f8b00f37651afa3619457e9e16eb9a2732bd7ca767a320c4c57e2370e6e4ac36d5cd133c26f88778b60974c73dc649dc65676cea8fc6ebfe50a657648e37bd", 0x20}, 0x48, 0xfffffffffffffffa)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$USBDEVFS_FREE_STREAMS(r5, 0x802c550a, &(0x7f0000000000)=ANY=[])
ioctl$USBDEVFS_REAPURB(r5, 0x4008550d, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000280)='asymmetric\x00', 0x0)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r6, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r6, 0x8949, &(0x7f0000000000))
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x400000000, 0x0)

755.7305ms ago: executing program 0 (id=903):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x13f, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_CONNECT(r1, &(0x7f0000000280)={0x6, 0x118, 0xfa00, {{0x6, 0x529d, "92decced886d5a1a4c7c6648ca4090dc0173a64b490021f8cb2a4769ac8ecf31cedf3d704ecc45422f071c1f4089a3c6e6567788480c7f8a284fe96a8a71d6ba8d99a375af209165f9c02ac1fbacad993a190fcbbe18ded4aea7126945d280b0820253ad030ca6b7f77a5652b41123ecf5786b557106ba1a19c5f9149512ea926e1bfa99aa3b710d108e9f54c45b1269f4d41c813b0493af5fa661c46fbbaa0d89f86cabd85e9e57ed0a6363a52a8d737b8d668223edd1ce8c08c2d79ab7a86f493ffc8acf8b671fafdd76422e9a71a3699d84d4b5a0343b5d28de4aeb63f76b7882b751bbb52ac018228447abe98cec21b80556fa387f6924646af3a5197a3f", 0x7, 0x7, 0x81, 0xf3, 0xe9, 0x5, 0x8}, r2}}, 0x120)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000006080)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x24, r3, 0x300, 0x70bd27, 0x25dfdc01, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10000852)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x0, @empty=0x1000000}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)='\b\x00', 0x2}, {&(0x7f0000000100)="6306bc3795f8", 0x6}], 0x2, &(0x7f0000000180)=ANY=[@ANYBLOB="140000000000000007"], 0x14}, 0x0)

755.442675ms ago: executing program 0 (id=904):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000080)={0x0, "4fcb813dd28b42bee2b094a3de6dbfd30a74fd5feffe5c019f45d57f00", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r3, 0xc0303e03, &(0x7f0000000180)={"000000149c0286e08ffad43c40fc0a000000ab65a29e23546aad0281b3aff5eb", r3, <r4=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r4, 0xc0383e04, &(0x7f0000000000)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="b40100000002038a9ed14e0c29a3b54accc5f48181d1aaf44fd5d5d7aceac6164e2d3d106ad1d6532484f8a666fade3abb7adce3d11e7da3d00c37e373bec24be6551a5e"], 0x1b4}, 0x1, 0x0, 0x0, 0x4048000}, 0x40000)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000100))
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x100})
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380), 0x0, 0x0, 0x0})
r9 = dup3(r8, r7, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000300)=[@acquire, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000140)={0x30, 0x30, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$KDGKBTYPE(r9, 0x4b33, &(0x7f0000000140))
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r10 = openat$bsg(0xffffff9c, &(0x7f0000000000)='/dev/bsg/2:0:0:0\x00', 0x80000, 0x0)
ioctl$SG_IO(r10, 0x2285, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x0, 0x2, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x4, 0x13, 0x2, 0x0})
r11 = dup3(r6, r5, 0x0)
r12 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x2, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r12, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r12, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000300)=[@acquire, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x29, 0x0, 0x0, 0x1472, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r0)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c230000, 0x3, 0x2})

587.591311ms ago: executing program 3 (id=905):
r0 = socket$inet(0x2, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r4, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e20, 0x74df82a6, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0xb00, 0x8000000}}], 0x62, 0x0)
lseek(0xffffffffffffffff, 0x9, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @loopback}, 0xc)
writev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000340), 0x10, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="050000000406000000000100", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0xea60, @ANYBLOB="03000060010000000000002004c60000652754942db1c5b6397121c4f5609c2f954286147e628cd5ab14e2b3537a6e7dd3316d85d82f748856290cb0eaacd63d83e6455c4b46fabfccff81f145950d2e"], 0x6c}, 0x1, 0x0, 0x0, 0x24024005}, 0x40040)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYRES8=r5], 0x57)

569.733706ms ago: executing program 1 (id=906):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xfffe, 0x0, 0xa40}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$kcm(0x10, 0x2, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc3}, &(0x7f0000000300)={0x0, "10f8b00f37651afa3619457e9e16eb9a2732bd7ca767a320c4c57e2370e6e4ac36d5cd133c26f88778b60974c73dc649dc65676cea8fc6ebfe50a657648e37bd", 0x20}, 0x48, 0xfffffffffffffffa)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0xb, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$USBDEVFS_FREE_STREAMS(r5, 0x802c550a, &(0x7f0000000000)=ANY=[])
ioctl$USBDEVFS_REAPURB(r5, 0x4008550d, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000280)='asymmetric\x00', 0x0)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r6, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x400000000, 0x0)

0s ago: executing program 2 (id=907):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x6d93, 0x4)
sendmsg$sock(r0, &(0x7f0000000780)={&(0x7f0000000300)=@in6={0xa, 0x4e24, 0x401, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x41}}, 0x3}, 0x80, 0x0, 0x0, &(0x7f0000000700)=[@mark={{0x10, 0x1, 0x51, 0xfffffffb}}], 0x10}, 0x4c040)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000300)={0x18, 0x0, 0x0, {0xfffffffffffffffa}}, 0x18)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c0000000a000000000000000000000b02000000000000000300000d000000000000000003000000000000000300000004000000030000000000000000000005000000000000005f4f59cc5d48d3b7f356f6edeaf09e16aa1c8463615b318afadb850a8602f0ac5cbbdf45cb5ea8aab04d03eba826c3a721484cc02bbe9093eda82a046a91f5e3d254a3ea403599308ea3705bc1a352ef30e65c46a2876be4963e61556ef4339bbdd5153d3256d389"], 0x0, 0x5e, 0x0, 0x1}, 0x28)
r4 = syz_open_dev$hiddev(&(0x7f0000000040), 0x7, 0x40000)
ioctl$HIDIOCGUSAGES(r4, 0xd01c4813, &(0x7f0000000bc0)={{0x4, 0x1, 0xfffffff7, 0xfffffe00, 0x0, 0xc4bc}, 0x11a, [0x10001, 0x8, 0x80, 0x2, 0x7, 0x0, 0x3, 0x1, 0x3, 0x3cf, 0x80000000, 0x200, 0x7, 0x9, 0x9, 0x9, 0x400, 0x8, 0x1, 0x9, 0x5, 0x0, 0x80000001, 0x6, 0x3, 0xffff, 0x2, 0xfffffffb, 0x80, 0x6, 0x1ff, 0x7, 0x8, 0x22, 0xfffffff5, 0x2, 0x0, 0x7, 0x7, 0xfff, 0x6, 0x4, 0x1000, 0x19b, 0x401, 0x1, 0x8, 0x10000, 0x3, 0xa, 0x9, 0x6, 0x3, 0x6, 0x0, 0x7fff, 0xabc, 0xbc, 0x6, 0x6, 0x8001, 0x7, 0x2, 0x0, 0x1, 0x1, 0xffffffff, 0x8001, 0x6, 0x400, 0x0, 0x8, 0x7fff, 0x0, 0xf92, 0x23, 0x10f, 0xb, 0x8000, 0x401, 0x1, 0x401, 0x9, 0x80000001, 0x7, 0x8, 0x8, 0x507, 0x0, 0x0, 0x9, 0x3, 0x3, 0x9, 0x716, 0x8, 0x5, 0x10, 0xfffffffb, 0xe, 0x6, 0x0, 0x2, 0x9, 0x18000000, 0x20, 0x3ff, 0x2, 0x9, 0x3, 0x1000, 0x7, 0xd, 0x6, 0x6, 0x7, 0x2, 0x401, 0x42, 0x7, 0x80000000, 0x3, 0x1, 0x3, 0x8, 0x7, 0x4, 0x1ff, 0x7, 0x2, 0x1, 0x3, 0x9977, 0x1000, 0x9, 0x6, 0x9, 0x8, 0x7fffffff, 0xf50, 0x5, 0x101, 0xfffffff1, 0x8, 0x5, 0x4, 0x4, 0x4, 0xbd4, 0x8, 0x5, 0x1, 0x1c13, 0x400, 0xff, 0x2, 0x1000, 0xfffffff8, 0x6b45, 0x0, 0x2, 0x7, 0x1ff, 0x3, 0x101, 0x2, 0xc, 0x4c71e02a, 0x7, 0x1, 0x8, 0x5, 0x427, 0x7, 0x6, 0x2, 0x400, 0xfffffffb, 0x6d, 0x990, 0x8, 0x7, 0x8, 0xf54, 0x9, 0x0, 0xfffffff1, 0x9, 0x4, 0x1, 0x6, 0x27, 0xffff, 0x3, 0x4, 0x81, 0x8, 0x4, 0x6, 0x9, 0x7, 0xfffffffc, 0x5, 0xc, 0x7, 0x8, 0x6, 0x7, 0x7fff, 0x0, 0x1, 0x4, 0x9, 0x4, 0x0, 0x7fffffff, 0x8, 0x1, 0x3, 0x3, 0x1, 0x2, 0x7fff, 0x65e, 0xffff, 0xdd42, 0xef, 0x9, 0x3, 0x1, 0x5, 0x988, 0x5, 0x401, 0x7, 0x9, 0x2, 0x2, 0x6, 0x8, 0xd, 0x9, 0x4f, 0x4, 0xa52f, 0x7, 0x3, 0xf627, 0x8, 0x0, 0x10, 0xfffffffb, 0x9, 0x80000000, 0x6c, 0x4, 0x100, 0x7, 0x4, 0x0, 0x8, 0x8b0, 0xff, 0x4b6, 0x0, 0x8000, 0xf, 0x4, 0xfffffffa, 0x2e5, 0x2800, 0x8fe, 0xf, 0x8001, 0x28d, 0xffff, 0xe0, 0x5, 0x1, 0xfff, 0x8, 0x2, 0x6, 0x4, 0x8e, 0x2, 0x5, 0x200, 0x4, 0x9, 0x6, 0x4, 0x80, 0x7fff, 0x5, 0xf2, 0x401, 0x8, 0x5, 0x101, 0x1e4a, 0x708, 0x7, 0x6, 0x8, 0x6, 0x9, 0xffffe548, 0x0, 0xf52d6e5, 0x3, 0x1, 0x7, 0x3, 0xd, 0x8, 0x0, 0xffffff7f, 0x8, 0xcd, 0x7fff, 0xd181, 0x101, 0x101, 0x7, 0x8, 0x7, 0x7f, 0xfff, 0x0, 0x101, 0x1, 0xb, 0xca, 0x2, 0x9, 0xbcd, 0x2, 0xa1, 0x40, 0x9, 0x0, 0x3, 0x3, 0x1, 0x0, 0x7, 0xe, 0xe, 0x100, 0x8, 0x6, 0x8, 0x3, 0x1, 0x4, 0xfffffff8, 0x6, 0x7, 0x800, 0x6, 0x7, 0x10001, 0x5, 0x80, 0x5, 0x5, 0xcc1, 0x5, 0x7ff, 0x8, 0xe, 0x7, 0xc, 0xf, 0x2, 0x6, 0xfffffffa, 0x80, 0x6, 0xc, 0x32b3, 0x4, 0x510ea1ee, 0x8, 0x81, 0x0, 0xffff, 0x9, 0x7, 0x4, 0x9, 0x3, 0x7, 0x0, 0x489, 0xffff, 0x4, 0x23b9efe3, 0x0, 0xffffffff, 0xffffffd0, 0x0, 0x100, 0x0, 0x1, 0x1, 0x4, 0x0, 0x7, 0xfffffffe, 0x2004d559, 0x7f, 0xe, 0xe75, 0x0, 0x7, 0x101, 0xb7e0, 0xf, 0x7, 0x0, 0xe, 0xd, 0xdebd, 0x0, 0x942, 0xa, 0x9, 0x6, 0x0, 0x505926f, 0x3, 0xfffffffc, 0x200, 0x3, 0xac2, 0x800, 0xfe, 0x6, 0xffffffff, 0x51330fab, 0xa, 0x6, 0x53, 0x7, 0x8, 0xffffa2b2, 0x5, 0x10000, 0x2, 0x2, 0x2, 0x9d3, 0xffffffff, 0x1, 0xfffffffd, 0x1, 0x6, 0x1, 0x800, 0x2aceeb3c, 0x4, 0x9, 0x7, 0x110734e0, 0x6, 0x9, 0x9, 0x9, 0x40, 0x3, 0x3, 0x3, 0x3, 0x7f, 0x4, 0x3, 0x1499, 0x80000000, 0x80, 0x8, 0x7ff, 0x0, 0x4, 0x4, 0xe, 0x1, 0x5, 0xffffffff, 0x5, 0x101, 0x519, 0x1, 0x8001, 0x4, 0x8e66, 0x6, 0x7f, 0x0, 0x9, 0x3, 0x10, 0x31f, 0xff, 0xffffffff, 0x2, 0x4, 0xffffffff, 0x5a, 0x1, 0xfc, 0x10000, 0x1, 0x4, 0x80000000, 0x8, 0x10000, 0x9, 0x5, 0x1, 0x4, 0x5, 0x9249, 0x6, 0x9, 0x7, 0x0, 0x5, 0x1, 0x1, 0x7f, 0x6eca, 0x2, 0x1, 0x2, 0x7, 0xfffffffa, 0x324, 0x7, 0x6, 0x7, 0x9, 0x9, 0x1, 0x1a, 0x470, 0x4, 0xe, 0x5, 0xefc4, 0x5, 0x4, 0xd, 0x8, 0x9354, 0xe4, 0x6fc5, 0x4, 0xf7, 0x0, 0x3, 0xfffffffd, 0xa20, 0x1, 0x80000001, 0x200, 0x6d280cc2, 0x0, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0xfffffff7, 0x80, 0x6, 0x40, 0x7fff, 0x9, 0x3, 0x7f, 0x0, 0x3, 0xffffffff, 0x65, 0x1, 0x8000, 0x3, 0x7, 0x8, 0x1, 0x41f, 0x1, 0x1, 0xfffffff7, 0x6, 0x8, 0x57, 0x0, 0x469666e3, 0xfffffff9, 0x2, 0x3, 0x9, 0x3, 0x200, 0x5, 0x9, 0x1, 0x8, 0x4c1, 0xb, 0x4, 0x5, 0x200, 0x1, 0x80, 0xfffffeff, 0xa8, 0x401, 0x4, 0x8, 0x3, 0x1ff, 0x2, 0x39, 0x7, 0x5, 0x800, 0x8, 0xd, 0xffffffff, 0x6, 0x6, 0x1, 0xe7cc, 0x3, 0x3, 0x6, 0x7, 0x0, 0x7, 0xfff, 0x800, 0xc, 0xc361, 0x7fffffff, 0xb, 0x5, 0x80000000, 0x20, 0xff, 0x8, 0xfffffff4, 0x1, 0x8, 0x9, 0x8, 0x5, 0x4, 0x7, 0xfffffffc, 0x3, 0x7ff, 0x100, 0xfff80000, 0xfffffff0, 0x4, 0x6, 0x4, 0x3, 0x12, 0x9, 0x10, 0x10001, 0x8, 0x5, 0x3, 0xd, 0xfffffff7, 0x7f, 0xc, 0xe34, 0x8, 0x2, 0x400, 0x1, 0xfffffff8, 0x2, 0xfffffffc, 0x7, 0x3, 0x7, 0xc, 0x4, 0x8, 0x80000000, 0xfffeffff, 0x5, 0x9, 0x2, 0x1, 0x402, 0x40, 0x8, 0xfffffffe, 0xfffffff8, 0x3, 0x200, 0x3, 0x96, 0x3, 0x1, 0xffff7fff, 0x7, 0xb, 0x9, 0xfffffffd, 0x6, 0x9, 0x6, 0xfffffff3, 0xfffffffa, 0xfffffff5, 0x0, 0x4, 0x4, 0x5bf7, 0x6713, 0x3, 0x8, 0x401, 0x3, 0x7, 0x6, 0xc, 0xcb0, 0x77, 0x80, 0xfffffff9, 0xa3d, 0x5, 0x0, 0x3, 0x2, 0x10, 0x8001, 0x6, 0x0, 0x5, 0x1, 0x7, 0xfffffffb, 0x6, 0xecb, 0x611, 0xeb4, 0xe8a6, 0x8, 0x5, 0x5, 0x6, 0x437, 0x80000001, 0x6, 0x6, 0xe, 0x0, 0x1, 0x6, 0x6, 0xffffffff, 0x800, 0x6, 0x5, 0x3, 0x8, 0x5, 0x6, 0x78000000, 0xffff4c8a, 0x2, 0xa, 0x4, 0x9, 0x5, 0xffff, 0x8, 0x7, 0x5, 0x7fff, 0x0, 0x5, 0x3, 0x6, 0x3, 0x9, 0xa6bf, 0x5, 0x2e, 0x6, 0x5, 0x401, 0xc, 0x0, 0x48000000, 0x1, 0x5f, 0x9, 0xfffffffc, 0x3, 0x1df, 0x4, 0x6, 0xe0f7, 0x0, 0x10001, 0x8000, 0x7, 0x4336aebc, 0xfc, 0x8, 0x1, 0x0, 0x5, 0x10000, 0x4, 0xfffffffa, 0x7ff, 0x7fffffff, 0x5, 0x0, 0x100, 0x2, 0x3, 0xf, 0x0, 0xfffff150, 0x8, 0xf3, 0x4, 0xfffffffa, 0xcb30, 0x1, 0x10, 0x9, 0x400, 0xa, 0x4, 0x4, 0x4, 0xfb, 0x4, 0x5, 0x4, 0x1, 0xfffffff9, 0x2, 0x2, 0x4, 0x6, 0x9, 0x3, 0x5, 0x9, 0x3, 0x7ff, 0x10001, 0x9, 0x4, 0x3c2e, 0x8, 0x10, 0x7, 0x7fffffff, 0x537d7813, 0x3, 0x7ff, 0x0, 0x0, 0x3, 0x6b, 0xffffffff, 0x8, 0x5, 0x9, 0x9, 0x1ff000, 0x66a, 0x5, 0x9, 0x1, 0x8001, 0x9, 0x2, 0x0, 0x87365a7, 0x4, 0x6, 0x8, 0xe, 0x5b, 0x7, 0x7, 0x9, 0x9, 0x7e5, 0xc029, 0x3, 0x8ae, 0x1, 0x2, 0xffffffff, 0x1ff, 0x8, 0x80, 0xd, 0x3, 0x3, 0x4, 0x3, 0x8, 0x7, 0x83, 0xfffffffa, 0x5, 0xe2b4, 0x1, 0xb, 0x46, 0x318c, 0x1000, 0x4, 0x2, 0x7ff, 0x7fffffff, 0x7, 0x7, 0x5, 0x6, 0x7fffffff, 0x8, 0x3, 0x7, 0x80, 0x32, 0x0, 0xb, 0x1000, 0xffffffff, 0xa, 0x8, 0x401, 0x3, 0x3, 0x0, 0x81, 0x53, 0x7, 0x0, 0x80000000, 0x0, 0xf71, 0x1, 0x4, 0x0, 0x80, 0x6, 0x4, 0x0, 0x5, 0x7a, 0xfffffffd, 0x5, 0x0, 0x9524, 0x38, 0x10000, 0x120c, 0x8, 0xc998, 0x9, 0xcb, 0x0, 0x9, 0x10001, 0xab8, 0x3, 0xf, 0x7, 0x9, 0x7150, 0x5000000, 0x0, 0x1, 0x4, 0x2, 0x19, 0x6, 0x5, 0x23, 0xfffffff8, 0x6, 0x6, 0x2, 0x641, 0x2, 0x4, 0x737, 0xfff, 0x9251, 0x7f, 0xf, 0x5, 0x7b5, 0xf96, 0xb23, 0x7, 0x3, 0x8, 0x7fff, 0x5]})
write$FUSE_DIRENTPLUS(r3, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@newtaction={0x70, 0x30, 0xb, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbedit={0x58, 0x1, 0x0, 0x0, {{0xc}, {0x48, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8}, @TCA_SKBEDIT_PTYPE={0x6, 0x4}, @TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0x60}}}}]}]}, 0x70}}, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x34, 0x0, 0x1, 0x70bd2b, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_RX={0x5, 0x19, 0x1}]}, 0x34}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000020000103feffffff0000000002000000000000000400010008000a000008000005001e"], 0x50}}, 0x4000850)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r6, &(0x7f0000000280)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x4e20, @multicast2}, 0x10)
r7 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r7, &(0x7f0000000140), 0x4924b68, 0x0)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="7000000000000104000000000000000802000000240001801400ec018008000100e000000108000200000000000c0002800500010000000000240002801400018008000100ac1414bb08000200ac1e00010c000280050001000000000008000740000000000c000e8008000140000000"], 0x70}}, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
write$FUSE_INIT(r3, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x21, 0xffffffff, 0xfffffffff12bd390, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@posixacl}]}})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:30890' (ED25519) to the list of known hosts.
[   41.184999][ T5887] cgroup: Unknown subsys name 'net'
[   41.327651][ T5887] cgroup: Unknown subsys name 'cpuset'
[   41.334598][ T5887] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   42.267298][ T5887] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   45.984454][ T5335] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   45.987217][ T5335] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   45.989557][ T5335] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   45.993451][ T5983] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   45.995908][ T5983] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   46.001121][ T5982] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   46.003693][ T5981] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   46.005111][ T5982] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   46.006604][ T5981] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   46.010456][ T5982] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   46.010819][ T5981] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   46.013182][ T5982] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   46.015812][ T5981] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   46.017322][ T5982] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   46.019698][ T5981] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   46.019698][ T5986] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   46.021346][ T5986] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   46.030368][ T5986] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   46.033501][ T5986] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   46.036268][ T5986] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   46.284721][ T5971] chnl_net:caif_netlink_parms(): no params data found
[   46.365897][ T5975] chnl_net:caif_netlink_parms(): no params data found
[   46.379850][ T5973] chnl_net:caif_netlink_parms(): no params data found
[   46.486268][ T5971] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.488935][ T5971] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.491313][ T5971] bridge_slave_0: entered allmulticast mode
[   46.494015][ T5971] bridge_slave_0: entered promiscuous mode
[   46.533071][ T5971] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.536239][ T5971] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.538489][ T5971] bridge_slave_1: entered allmulticast mode
[   46.541181][ T5971] bridge_slave_1: entered promiscuous mode
[   46.636737][ T5971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.644838][ T5984] chnl_net:caif_netlink_parms(): no params data found
[   46.668837][ T5973] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.671247][ T5973] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.674473][ T5973] bridge_slave_0: entered allmulticast mode
[   46.677525][ T5973] bridge_slave_0: entered promiscuous mode
[   46.681698][ T5971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.720500][ T5973] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.722704][ T5973] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.725313][ T5973] bridge_slave_1: entered allmulticast mode
[   46.727723][ T5973] bridge_slave_1: entered promiscuous mode
[   46.762336][ T5975] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.764570][ T5975] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.766855][ T5975] bridge_slave_0: entered allmulticast mode
[   46.769395][ T5975] bridge_slave_0: entered promiscuous mode
[   46.810459][ T5973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.818340][ T5971] team0: Port device team_slave_0 added
[   46.821081][ T5975] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.824120][ T5975] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.826616][ T5975] bridge_slave_1: entered allmulticast mode
[   46.830120][ T5975] bridge_slave_1: entered promiscuous mode
[   46.842055][ T5973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.846517][ T5971] team0: Port device team_slave_1 added
[   46.959009][ T5971] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.961248][ T5971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.969441][ T5971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.030620][ T5973] team0: Port device team_slave_0 added
[   47.035779][ T5973] team0: Port device team_slave_1 added
[   47.039259][ T5971] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.042123][ T5971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.053288][ T5971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.059375][ T5975] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.076919][ T5984] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.079198][ T5984] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.081462][ T5984] bridge_slave_0: entered allmulticast mode
[   47.084250][ T5984] bridge_slave_0: entered promiscuous mode
[   47.108459][ T5975] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.123662][ T5984] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.125947][ T5984] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.128538][ T5984] bridge_slave_1: entered allmulticast mode
[   47.131813][ T5984] bridge_slave_1: entered promiscuous mode
[   47.148420][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.150592][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.159064][ T5973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.206672][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.208793][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.217357][ T5973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.221639][ T5975] team0: Port device team_slave_0 added
[   47.225003][ T5975] team0: Port device team_slave_1 added
[   47.266786][ T5971] hsr_slave_0: entered promiscuous mode
[   47.269161][ T5971] hsr_slave_1: entered promiscuous mode
[   47.288308][ T5984] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.294404][ T5984] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.333534][ T5975] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.335660][ T5975] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.345769][ T5975] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.350709][ T5975] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.352896][ T5975] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.361230][ T5975] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.431461][ T5984] team0: Port device team_slave_0 added
[   47.441116][ T5973] hsr_slave_0: entered promiscuous mode
[   47.444923][ T5973] hsr_slave_1: entered promiscuous mode
[   47.446968][ T5973] debugfs: 'hsr0' already exists in 'hsr'
[   47.448783][ T5973] Cannot create hsr debugfs directory
[   47.473714][ T5984] team0: Port device team_slave_1 added
[   47.519419][ T5984] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.522277][ T5984] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.532396][ T5984] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.599760][ T5984] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.602664][ T5984] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.612903][ T5984] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.629985][ T5975] hsr_slave_0: entered promiscuous mode
[   47.633062][ T5975] hsr_slave_1: entered promiscuous mode
[   47.636533][ T5975] debugfs: 'hsr0' already exists in 'hsr'
[   47.638901][ T5975] Cannot create hsr debugfs directory
[   47.781841][ T5984] hsr_slave_0: entered promiscuous mode
[   47.785349][ T5984] hsr_slave_1: entered promiscuous mode
[   47.787381][ T5984] debugfs: 'hsr0' already exists in 'hsr'
[   47.790233][ T5984] Cannot create hsr debugfs directory
[   47.951454][ T5971] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   47.958930][ T5971] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   47.970948][ T5971] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   48.004260][ T5971] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   48.042949][ T5973] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   48.049891][ T5973] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   48.053741][ T5973] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   48.061503][ T5973] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   48.073947][ T5976] Bluetooth: hci1: command tx timeout
[   48.073969][ T5978] Bluetooth: hci0: command tx timeout
[   48.074414][ T5986] Bluetooth: hci3: command tx timeout
[   48.074766][ T5335] Bluetooth: hci2: command tx timeout
[   48.134660][ T5975] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   48.146408][ T5975] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   48.155557][ T5975] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   48.174506][ T5975] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   48.209209][ T5984] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   48.213321][ T5984] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   48.223020][ T5971] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.229301][ T5984] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   48.233292][ T5984] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   48.260224][ T5971] 8021q: adding VLAN 0 to HW filter on device team0
[   48.277389][   T80] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.280469][   T80] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.288597][ T5973] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.307218][   T80] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.309883][   T80] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.357884][ T5973] 8021q: adding VLAN 0 to HW filter on device team0
[   48.378327][ T5971] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   48.388690][ T1178] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.391633][ T1178] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.405634][ T1178] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.408798][ T1178] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.418289][ T5975] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.433593][ T5975] 8021q: adding VLAN 0 to HW filter on device team0
[   48.443079][  T100] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.445333][  T100] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.460319][ T5984] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.470427][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.472776][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.505362][ T5984] 8021q: adding VLAN 0 to HW filter on device team0
[   48.510141][ T5973] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   48.518897][  T100] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.521123][  T100] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.533421][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.536451][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.553124][ T5975] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   48.581916][ T5971] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.614559][ T5971] veth0_vlan: entered promiscuous mode
[   48.622965][ T5971] veth1_vlan: entered promiscuous mode
[   48.640982][ T5971] veth0_macvtap: entered promiscuous mode
[   48.645870][ T5971] veth1_macvtap: entered promiscuous mode
[   48.663304][ T5971] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.666689][ T5973] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.670773][ T5971] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.684813][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.691378][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.695378][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.702721][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.730214][ T5973] veth0_vlan: entered promiscuous mode
[   48.742385][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.745742][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.747317][ T5973] veth1_vlan: entered promiscuous mode
[   48.756489][ T5984] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.777183][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.779615][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.781814][ T5975] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.800695][ T5984] veth0_vlan: entered promiscuous mode
[   48.810931][ T5971] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   48.812879][ T5984] veth1_vlan: entered promiscuous mode
[   48.821954][ T5973] veth0_macvtap: entered promiscuous mode
[   48.827530][ T5973] veth1_macvtap: entered promiscuous mode
[   48.845198][ T5975] veth0_vlan: entered promiscuous mode
[   48.854437][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.860524][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.869577][ T5984] veth0_macvtap: entered promiscuous mode
[   48.876050][ T1144] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.880749][ T5975] veth1_vlan: entered promiscuous mode
[   48.886752][ T5984] veth1_macvtap: entered promiscuous mode
[   48.889924][ T1144] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.894569][ T1144] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.908740][ T1144] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.940898][ T5984] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.961769][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.963020][ T5984] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.965507][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.976799][ T5975] veth0_macvtap: entered promiscuous mode
[   48.989359][  T100] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.992736][  T100] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.000212][ T5975] veth1_macvtap: entered promiscuous mode
[   49.009240][  T100] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.017292][   T60] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.021702][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.024290][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.035594][ T5975] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.040427][ T5975] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.051220][ T1141] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.060055][ T1141] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.064850][ T1141] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.076153][ T1141] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.081092][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.097894][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.135822][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.140047][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.160523][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.162886][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.192532][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.196668][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.269705][ T6070] wlan0 speed is unknown, defaulting to 1000
[   49.271749][ T6070] wlan0 speed is unknown, defaulting to 1000
[   49.284505][ T6070] wlan0 speed is unknown, defaulting to 1000
[   49.295141][ T6070] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   49.308288][ T6070] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   49.349840][ T6070] wlan0 speed is unknown, defaulting to 1000
[   49.355431][ T6070] wlan0 speed is unknown, defaulting to 1000
[   49.361308][ T6070] wlan0 speed is unknown, defaulting to 1000
[   49.365990][ T6070] wlan0 speed is unknown, defaulting to 1000
[   49.383460][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   49.424041][ T6070] erspan0: entered promiscuous mode
[   49.426109][ T6070] macsec1: entered promiscuous mode
[   49.430822][ T6070] erspan0: left promiscuous mode
[   49.973489][ T6083] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8'.
[   49.977134][ T6083] warning: `syz.3.8' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   49.991548][ T6083] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8'.
[   50.053647][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.153721][ T5978] Bluetooth: hci1: command tx timeout
[   50.163477][ T5976] Bluetooth: hci2: command tx timeout
[   50.166450][ T5978] Bluetooth: hci3: command tx timeout
[   50.173342][ T5335] Bluetooth: hci0: command tx timeout
[   50.183250][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   50.293297][ T6088] loop2: detected capacity change from 0 to 7
[   50.311080][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.313967][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[   50.319150][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.322724][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[   50.325883][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   50.330019][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.333619][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[   50.336829][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.339617][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[   50.347654][    C3] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.350772][    C3] Buffer I/O error on dev loop2, logical block 0, async page read
[   50.372054][    C3] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.375989][    C3] Buffer I/O error on dev loop2, logical block 0, async page read
[   50.379086][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   50.384237][    C2] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.387601][    C2] Buffer I/O error on dev loop2, logical block 0, async page read
[   50.391389][ T6088] ldm_validate_partition_table(): Disk read failed.
[   50.444445][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.447286][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[   50.451026][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.453977][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[   50.457315][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   50.460140][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[   50.539986][   T53] IPVS: starting estimator thread 0...
[   50.565548][ T6088] Dev loop2: unable to read RDB block 0
[   50.576971][ T6088]  loop2: unable to read partition table
[   50.582343][ T6088] loop2: partition table beyond EOD, truncated
[   50.592527][ T6088] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[   50.635505][ T6096] IPVS: using max 47 ests per chain, 112800 per kthread
[   50.663393][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.667046][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.669834][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.703486][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   50.966931][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.109388][ T6103] tipc: Started in network mode
[   51.111776][ T6103] tipc: Node identity 5abc85bf7523, cluster identity 4711
[   51.115864][ T6103] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   51.121363][ T6103] syzkaller0: entered promiscuous mode
[   51.123761][ T6103] syzkaller0: entered allmulticast mode
[   51.216514][ T6105] syz.2.13 uses obsolete (PF_INET,SOCK_PACKET)
[   51.442338][ T6106] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.973795][   T53] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   51.996945][ T6102] tipc: Resetting bearer <eth:syzkaller0>
[   52.009169][ T6102] tipc: Disabling bearer <eth:syzkaller0>
[   52.233684][ T5978] Bluetooth: hci3: command tx timeout
[   52.236003][ T5978] Bluetooth: hci2: command tx timeout
[   52.238278][ T5978] Bluetooth: hci0: command tx timeout
[   52.240531][ T5978] Bluetooth: hci1: command tx timeout
[   52.615089][ T6129] netlink: 'syz.1.20': attribute type 29 has an invalid length.
[   52.618909][ T6129] netlink: 8 bytes leftover after parsing attributes in process `syz.1.20'.
[   52.819122][ T6135] overlayfs: failed to decode file handle (len=4, type=248, flags=0, err=-22)
[   54.004588][ T6160] Zero length message leads to an empty skb
[   54.027941][ T6106] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.114435][ T6106] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.203485][ T6106] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.312112][   T80] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   54.313344][ T5986] Bluetooth: hci0: command tx timeout
[   54.317319][ T5976] Bluetooth: hci2: command tx timeout
[   54.319631][ T5976] Bluetooth: hci3: command tx timeout
[   54.321924][ T5978] Bluetooth: hci1: command tx timeout
[   54.337300][   T80] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   54.358646][   T80] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   54.375888][   T80] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.054117][ T6172] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   55.183094][ T6176] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   55.245024][ T6180] netlink: 'syz.1.30': attribute type 4 has an invalid length.
[   55.870467][ T6189] netlink: 24 bytes leftover after parsing attributes in process `syz.3.33'.
[   56.123371][    T9] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   56.283364][    T9] usb 8-1: Using ep0 maxpacket: 8
[   56.289681][    T9] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   56.296702][    T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   56.301124][    T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   56.305953][    T9] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   56.311327][    T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   56.315771][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   56.528360][    T9] usb 8-1: GET_CAPABILITIES returned 0
[   56.532943][    T9] usbtmc 8-1:16.0: can't read capabilities
[   56.574455][ T6202] netlink: 'syz.0.37': attribute type 9 has an invalid length.
[   56.735047][   T29] usb 8-1: USB disconnect, device number 2
[   56.794844][ T6207] FAULT_INJECTION: forcing a failure.
[   56.794844][ T6207] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   56.800025][ T6207] CPU: 2 UID: 0 PID: 6207 Comm: syz.0.38 Not tainted syzkaller #0 PREEMPT(full) 
[   56.800049][ T6207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   56.800058][ T6207] Call Trace:
[   56.800064][ T6207]  <TASK>
[   56.800071][ T6207]  dump_stack_lvl+0x16c/0x1f0
[   56.800097][ T6207]  should_fail_ex+0x512/0x640
[   56.800129][ T6207]  _copy_to_user+0x32/0xd0
[   56.800147][ T6207]  put_old_timespec32+0xb4/0x120
[   56.800169][ T6207]  ? __pfx_put_old_timespec32+0x10/0x10
[   56.800189][ T6207]  ? lockdep_hardirqs_on+0x7c/0x110
[   56.800209][ T6207]  ? read_tsc+0x9/0x20
[   56.800229][ T6207]  ? ktime_get_ts64+0x256/0x400
[   56.800253][ T6207]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   56.800278][ T6207]  poll_select_finish+0x5c0/0x6b0
[   56.800296][ T6207]  ? __pfx_poll_select_finish+0x10/0x10
[   56.800322][ T6207]  __ia32_compat_sys_pselect6_time32+0x2e3/0x390
[   56.800346][ T6207]  ? __pfx___ia32_compat_sys_pselect6_time32+0x10/0x10
[   56.800368][ T6207]  ? ksys_write+0x1ac/0x250
[   56.800387][ T6207]  ? __pfx_ksys_write+0x10/0x10
[   56.800409][ T6207]  ? rcu_is_watching+0x12/0xc0
[   56.800428][ T6207]  __do_fast_syscall_32+0x7c/0x3a0
[   56.800452][ T6207]  do_fast_syscall_32+0x32/0x80
[   56.800474][ T6207]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   56.800495][ T6207] RIP: 0023:0xf7f75579
[   56.800507][ T6207] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   56.800520][ T6207] RSP: 002b:00000000f546555c EFLAGS: 00000296 ORIG_RAX: 0000000000000134
[   56.800537][ T6207] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 0000000080000100
[   56.800546][ T6207] RDX: 0000000000000000 RSI: 0000000080000240 RDI: 0000000080000280
[   56.800557][ T6207] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   56.800565][ T6207] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   56.800573][ T6207] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   56.800593][ T6207]  </TASK>
[   57.265775][   T40] audit: type=1326 audit(1757040224.986:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6209 comm="syz.3.40" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x0
[   57.316907][ T6210] pim6reg1: entered promiscuous mode
[   57.319224][ T6210] pim6reg1: entered allmulticast mode
[   58.619276][ T6238] wlan0 speed is unknown, defaulting to 1000
[   58.721897][ T6243] netlink: 'syz.0.50': attribute type 2 has an invalid length.
[   58.771661][ T6249] sp0: Synchronizing with TNC
[   58.780807][ T6249] [U] è
[   58.886965][ T6238] netlink: 16 bytes leftover after parsing attributes in process `syz.2.48'.
[   60.065063][ T6276] overlayfs: missing 'lowerdir'
[   60.094245][ T6276] kvm: apic: phys broadcast and lowest prio
[   61.413878][ T6309] netlink: 'syz.2.67': attribute type 10 has an invalid length.
[   61.802134][ T6309] team0: Port device netdevsim0 added
[   62.609433][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   62.988202][ T6330] siw: device registration error -23
[   63.064800][ T6334] erspan0: entered promiscuous mode
[   63.066779][ T6334] macsec1: entered promiscuous mode
[   63.086555][ T6334] erspan0: left promiscuous mode
[   63.945265][   T29] IPVS: starting estimator thread 0...
[   64.043320][ T6355] IPVS: using max 25 ests per chain, 60000 per kthread
[   65.442397][ T6381] syz_tun: entered allmulticast mode
[   65.447711][ T6380] syz_tun: left allmulticast mode
[   66.135936][ T6398] affs: Unknown parameter 'grpquota'
[   66.373091][ T6407] netlink: 'syz.0.93': attribute type 4 has an invalid length.
[   67.969761][ T6430] tmpfs: Bad value for 'huge'
[   68.372844][ T6434] process 'syz.1.100' launched '/dev/fd/5' with NULL argv: empty string added
[   69.335030][ T6454] netlink: 24 bytes leftover after parsing attributes in process `syz.2.105'.
[   70.876930][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[   70.879118][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[   71.393216][   T24] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   71.548789][   T24] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[   71.551895][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.554987][   T24] usb 8-1: Product: syz
[   71.556792][   T24] usb 8-1: Manufacturer: syz
[   71.558698][   T24] usb 8-1: SerialNumber: syz
[   71.568640][   T24] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[   71.609942][  T841] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[   71.883680][   T24] usb 8-1: USB disconnect, device number 3
[   72.447854][ T6510] netlink: 8 bytes leftover after parsing attributes in process `syz.3.127'.
[   72.633200][  T841] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive
[   72.636429][  T841] ath9k_htc: Failed to initialize the device
[   72.639392][   T24] usb 8-1: ath9k_htc: USB layer deinitialized
[   72.663228][  T842] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   72.813220][  T842] usb 6-1: Using ep0 maxpacket: 16
[   72.845403][  T842] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[   72.848762][  T842] usb 6-1: config 0 has no interface number 0
[   72.851310][  T842] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   72.855952][  T842] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   72.861414][  T842] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[   72.865407][  T842] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[   72.868359][  T842] usb 6-1: Product: syz
[   72.869723][  T842] usb 6-1: SerialNumber: syz
[   72.874476][  T842] usb 6-1: config 0 descriptor??
[   72.880046][  T842] cm109 6-1:0.8: invalid payload size 0, expected 4
[   72.885029][  T842] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input5
[   72.988333][ T6527] ufs: You didn't specify the type of your ufs filesystem
[   72.988333][ T6527] 
[   72.988333][ T6527] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[   72.988333][ T6527] 
[   72.988333][ T6527] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[   72.998067][ T6527] ufs: ufstype=old is supported read-only
[   73.002445][ T6527] blk_print_req_error: 10 callbacks suppressed
[   73.002487][ T6527] I/O error, dev loop7, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[   73.291242][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[   73.293341][   T29] usb 6-1: USB disconnect, device number 2
[   73.293588][    C0] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[   73.309713][   T29] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[   73.443993][ T6533] netlink: 96 bytes leftover after parsing attributes in process `syz.0.135'.
[   73.451350][ T6533] input: syz1 as /devices/virtual/input/input6
[   73.647774][ T6538] netlink: 4 bytes leftover after parsing attributes in process `syz.0.136'.
[   73.655640][ T6538] netlink: 4 bytes leftover after parsing attributes in process `syz.0.136'.
[   73.794990][ T6543] binder: 6539:6543 ioctl c0306201 80000080 returned -14
[   74.205970][ T6553] netlink: 8 bytes leftover after parsing attributes in process `syz.0.140'.
[   74.256086][ T6553] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   74.595956][ T6560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.143'.
[   74.598802][ T6560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.143'.
[   75.328072][ T6585] netlink: 8 bytes leftover after parsing attributes in process `syz.0.152'.
[   75.332466][ T6585] netlink: 8 bytes leftover after parsing attributes in process `syz.0.152'.
[   76.510220][ T6602] GUP no longer grows the stack in syz.3.156 (6602): 80004000-8000a000 (80002000)
[   76.513652][ T6602] CPU: 2 UID: 0 PID: 6602 Comm: syz.3.156 Not tainted syzkaller #0 PREEMPT(full) 
[   76.513668][ T6602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.513675][ T6602] Call Trace:
[   76.513679][ T6602]  <TASK>
[   76.513683][ T6602]  dump_stack_lvl+0x16c/0x1f0
[   76.513702][ T6602]  gup_vma_lookup+0x1d2/0x220
[   76.513719][ T6602]  __get_user_pages+0x243/0x34a0
[   76.513740][ T6602]  ? find_held_lock+0x2b/0x80
[   76.513754][ T6602]  ? __pfx___get_user_pages+0x10/0x10
[   76.513774][ T6602]  get_user_pages_remote+0x243/0xab0
[   76.513788][ T6602]  ? mas_parent_gap+0x6f0/0x7b0
[   76.513803][ T6602]  ? __pfx_get_user_pages_remote+0x10/0x10
[   76.513821][ T6602]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   76.513840][ T6602]  __access_remote_vm+0x24d/0x850
[   76.513856][ T6602]  ? do_raw_spin_lock+0x12c/0x2b0
[   76.513871][ T6602]  ? __pfx___access_remote_vm+0x10/0x10
[   76.513889][ T6602]  proc_pid_cmdline_read+0x4de/0x8e0
[   76.513902][ T6602]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[   76.513915][ T6602]  ? rw_verify_area+0xcf/0x6c0
[   76.513926][ T6602]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[   76.513937][ T6602]  vfs_readv+0x5be/0x8b0
[   76.513951][ T6602]  ? __pfx_vfs_readv+0x10/0x10
[   76.513971][ T6602]  ? __fget_files+0x20e/0x3c0
[   76.513986][ T6602]  ? do_preadv+0x1a6/0x270
[   76.513995][ T6602]  do_preadv+0x1a6/0x270
[   76.514006][ T6602]  ? __pfx_do_preadv+0x10/0x10
[   76.514018][ T6602]  ? rcu_is_watching+0x12/0xc0
[   76.514031][ T6602]  __do_fast_syscall_32+0x7c/0x3a0
[   76.514047][ T6602]  do_fast_syscall_32+0x32/0x80
[   76.514060][ T6602]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   76.514073][ T6602] RIP: 0023:0xf7f11579
[   76.514081][ T6602] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   76.514091][ T6602] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 000000000000014d
[   76.514101][ T6602] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000040
[   76.514108][ T6602] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000
[   76.514114][ T6602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   76.514119][ T6602] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   76.514125][ T6602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   76.514138][ T6602]  </TASK>
[   76.953920][ T5978] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   77.033539][ T6613] netlink: 260 bytes leftover after parsing attributes in process `syz.3.159'.
[   77.151867][ T6617] netlink: 8 bytes leftover after parsing attributes in process `syz.2.161'.
[   77.154995][ T6617] netlink: 8 bytes leftover after parsing attributes in process `syz.2.161'.
[   77.796307][   T24] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   77.842893][ T6639] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   77.920308][ T6643] netlink: 8 bytes leftover after parsing attributes in process `syz.3.171'.
[   77.923745][ T6643] netlink: 8 bytes leftover after parsing attributes in process `syz.3.171'.
[   77.965981][   T24] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[   77.980741][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.989619][   T24] usb 5-1: Product: syz
[   77.991077][   T24] usb 5-1: Manufacturer: syz
[   77.992584][   T24] usb 5-1: SerialNumber: syz
[   78.004681][   T24] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[   78.019697][ T6172] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[   78.338703][ T6664] netlink: 'syz.2.179': attribute type 12 has an invalid length.
[   78.440422][ T6020] usb 5-1: USB disconnect, device number 2
[   78.484309][   T34] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[   78.512172][ T6668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.181'.
[   78.551918][ T6671] input: syz1 as /devices/virtual/input/input7
[   78.635467][   T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[   78.641153][   T34] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[   78.645735][   T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.649009][   T34] usb 6-1: Product: syz
[   78.649027][   T34] usb 6-1: Manufacturer: syz
[   78.649039][   T34] usb 6-1: SerialNumber: syz
[   78.654341][   T34] usb 6-1: config 0 descriptor??
[   78.663353][   T34] hub 6-1:0.0: bad descriptor, ignoring hub
[   78.663379][   T34] hub 6-1:0.0: probe with driver hub failed with error -5
[   78.666067][   T34] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input8
[   78.684805][   T34] input: failed to attach handler mousedev to device input8, error: -5
[   79.043257][ T6172] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[   79.046421][ T6172] ath9k_htc: Failed to initialize the device
[   79.459875][ T6020] usb 5-1: ath9k_htc: USB layer deinitialized
[   80.148826][ T6710] __nla_validate_parse: 2 callbacks suppressed
[   80.148837][ T6710] netlink: 16 bytes leftover after parsing attributes in process `syz.1.193'.
[   80.202491][ T6714] netlink: 8 bytes leftover after parsing attributes in process `syz.2.194'.
[   80.206058][ T6714] netlink: 8 bytes leftover after parsing attributes in process `syz.2.194'.
[   80.816011][ T6740] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   80.819722][ T6740] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[   80.824514][ T6740] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   80.908611][ T6746] netlink: 8 bytes leftover after parsing attributes in process `syz.3.205'.
[   80.911511][ T6746] netlink: 8 bytes leftover after parsing attributes in process `syz.3.205'.
[   81.227399][ T3331] cfg80211: failed to load regulatory.db
[   81.496079][ T5370] usb 6-1: reset full-speed USB device number 3 using dummy_hcd
[   81.665757][ T5370] usb 6-1: device firmware changed
[   81.672245][  T841] usb 6-1: USB disconnect, device number 3
[   81.824351][  T841] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[   82.005209][  T841] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   82.008379][  T841] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[   82.011084][  T841] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[   82.013985][  T841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.018697][  T841] usb 6-1: config 0 descriptor??
[   82.026557][  T841] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[   82.029152][  T841] dvb-usb: bulk message failed: -22 (3/0)
[   82.037012][  T841] dvb-usb: will use the device's hardware PID filter (table count: 16).
[   82.043832][  T841] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[   82.045757][ T6777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.216'.
[   82.046559][  T841] usb 6-1: media controller created
[   82.049836][ T6777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.216'.
[   82.052775][  T841] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   82.064442][  T841] dvb-usb: bulk message failed: -22 (6/0)
[   82.070976][  T841] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[   82.077582][  T841] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input9
[   82.084643][  T841] dvb-usb: schedule remote query interval to 150 msecs.
[   82.086811][  T841] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[   82.232378][   T34] usb 6-1: USB disconnect, device number 4
[   82.255298][   T34] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[   82.547201][ T6800] netlink: 8 bytes leftover after parsing attributes in process `syz.3.225'.
[   82.550710][ T6800] netlink: 8 bytes leftover after parsing attributes in process `syz.3.225'.
[   82.924201][ T6811] Invalid logical block size (201)
[   83.290357][ T6825] siw: device registration error -23
[   83.570281][ T6827] netdevsim netdevsim0: Direct firmware load for @ failed with error -2
[   83.573256][ T6827] netdevsim netdevsim0: Falling back to sysfs fallback for: @
[   83.697155][ T6826] netlink: 28 bytes leftover after parsing attributes in process `syz.0.233'.
[   84.132498][ T6840] siw: device registration error -23
[   84.179980][ T6844] kvm_intel: kvm [6843]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xcd
[   84.283008][ T6848] syz.0.241 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   84.321765][   T40] audit: type=1326 audit(1757040252.035:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[   84.338783][   T40] audit: type=1326 audit(1757040252.035:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.243" exe="/syz-executor" sig=0 arch=40000003 syscall=385 compat=1 ip=0xf7f75579 code=0x7ffc0000
[   84.347385][   T40] audit: type=1326 audit(1757040252.035:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[   84.375501][   T40] audit: type=1326 audit(1757040252.035:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[   84.391093][   T40] audit: type=1326 audit(1757040252.035:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.243" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7f75579 code=0x7ffc0000
[   84.421370][   T40] audit: type=1326 audit(1757040252.035:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[   84.431384][   T40] audit: type=1326 audit(1757040252.035:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[   84.443678][   T40] audit: type=1326 audit(1757040252.035:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.243" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f75579 code=0x7ffc0000
[   84.455736][   T40] audit: type=1326 audit(1757040252.035:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[   84.462237][   T40] audit: type=1326 audit(1757040252.035:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6851 comm="syz.0.243" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000
[   84.501954][ T6859] fuse: Unknown parameter '0xffffffffffffffff00000000000000000000'
[   85.498807][ T6885] Bluetooth: MGMT ver 1.23
[   85.711301][ T6893] __nla_validate_parse: 6 callbacks suppressed
[   85.711312][ T6893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.255'.
[   85.717894][ T6893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.255'.
[   86.596272][ T6912] netlink: 4 bytes leftover after parsing attributes in process `syz.3.257'.
[   88.050266][ T6934] netlink: 8 bytes leftover after parsing attributes in process `syz.0.264'.
[   88.053102][ T6934] netlink: 8 bytes leftover after parsing attributes in process `syz.0.264'.
[   88.623752][  T841] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   90.255098][ T6989] netlink: 8 bytes leftover after parsing attributes in process `syz.1.279'.
[   90.261384][ T6989] netlink: 8 bytes leftover after parsing attributes in process `syz.1.279'.
[   91.585879][ T7019] Illegal XDP return value 4294967274 on prog  (id 40) dev N/A, expect packet loss!
[   91.679107][  T841] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   93.185905][ T7052] netlink: 8 bytes leftover after parsing attributes in process `syz.1.295'.
[   93.189734][ T7052] netlink: 8 bytes leftover after parsing attributes in process `syz.1.295'.
[   93.953717][   T53] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   94.376885][ T7075] netlink: 9896 bytes leftover after parsing attributes in process `syz.1.302'.
[   94.848053][ T7087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.305'.
[   94.851852][ T7087] netlink: 8 bytes leftover after parsing attributes in process `syz.3.305'.
[   95.963613][   T53] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   96.085377][ T7115] netlink: 9896 bytes leftover after parsing attributes in process `syz.0.312'.
[   96.334304][ T7132] netlink: 8 bytes leftover after parsing attributes in process `syz.2.316'.
[   96.341081][ T7132] netlink: 8 bytes leftover after parsing attributes in process `syz.2.316'.
[  104.033879][ T7169] netlink: 9896 bytes leftover after parsing attributes in process `syz.3.322'.
[  104.929224][ T7185] netlink: 8 bytes leftover after parsing attributes in process `syz.0.326'.
[  104.932082][ T7185] netlink: 8 bytes leftover after parsing attributes in process `syz.0.326'.
[  105.413236][   T53] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  105.563206][   T53] usb 6-1: Using ep0 maxpacket: 8
[  105.566245][   T53] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  105.569584][   T53] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  105.572984][   T53] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  105.576253][   T53] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  105.580199][   T53] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  105.583389][   T53] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.796272][   T53] usb 6-1: GET_CAPABILITIES returned 0
[  105.800632][   T53] usbtmc 6-1:16.0: can't read capabilities
[  105.904115][ T7205] netlink: 9896 bytes leftover after parsing attributes in process `syz.0.333'.
[  105.999001][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  106.021436][ T5335] Bluetooth: hci4: sending frame failed (-49)
[  106.024425][ T5978] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  106.025595][   T10] usb 6-1: USB disconnect, device number 5
[  106.650999][ T7231] netlink: 9896 bytes leftover after parsing attributes in process `syz.3.343'.
[  107.808559][ T7259] netlink: 9896 bytes leftover after parsing attributes in process `syz.3.352'.
[  109.036594][ T7281] wlan0 speed is unknown, defaulting to 1000
[  109.289056][ T7290] binder: 7288:7290 ioctl 8008f512 80000340 returned -22
[  109.319588][ T7290] wlan0 speed is unknown, defaulting to 1000
[  109.348188][ T7291] netlink: 12 bytes leftover after parsing attributes in process `syz.0.360'.
[  109.367422][ T7291] netlink: 360 bytes leftover after parsing attributes in process `syz.0.360'.
[  109.739867][ T7302] openvswitch: netlink: Flow key attr not present in new flow.
[  111.859223][ T7395] netdevsim netdevsim2: Direct firmware load for @ failed with error -2
[  111.862336][ T7395] netdevsim netdevsim2: Falling back to sysfs fallback for: @
[  114.292548][ T7438] mmap: syz.0.386 (7438) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  115.953684][   T53] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  117.443768][   T53] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  118.056351][ T7533] netlink: 156 bytes leftover after parsing attributes in process `syz.1.412'.
[  118.281369][ T7548] netlink: 'syz.0.415': attribute type 1 has an invalid length.
[  118.285292][ T7548] netlink: 224 bytes leftover after parsing attributes in process `syz.0.415'.
[  125.983765][   T53] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  127.676468][ T7638] comedi comedi0: Minor 240 is invalid!
[  128.923749][   T53] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  130.723039][ T7699] Option '                                                                                                 ' to dns_resolver key: bad/missing value
[  130.729036][ T7700] netlink: 16 bytes leftover after parsing attributes in process `syz.2.452'.
[  131.273274][ T5335] Bluetooth: hci3: command 0x206a tx timeout
[  131.278179][ T5978] Bluetooth: hci3: Opcode 0x206a failed: -110
[  132.318172][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  132.320462][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  132.842195][ T7729] netlink: 'syz.2.460': attribute type 12 has an invalid length.
[  132.888443][ T7732] wlan0 speed is unknown, defaulting to 1000
[  132.987302][ T7738] input: syz1 as /devices/virtual/input/input10
[  133.310834][ T7753] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.397783][ T7761] netlink: 'syz.1.462': attribute type 13 has an invalid length.
[  133.858158][ T7761] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  134.413582][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  135.113308][ T5978] Bluetooth: hci0: command 0x0c1a tx timeout
[  135.210954][ T6020] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  135.217340][ T6020] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  135.711766][ T5978] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  136.448029][ T7835] can: request_module (can-proto-0) failed.
[  136.747128][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  137.014764][ T7854] wlan0 speed is unknown, defaulting to 1000
[  137.273316][ T5978] Bluetooth: hci1: command 0x0c1a tx timeout
[  137.277232][ T6020] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  137.283883][ T6020] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[  137.555574][ T7872] pim6reg: entered allmulticast mode
[  137.558055][ T7874] pim6reg: left allmulticast mode
[  137.620422][ T7872] netlink: 'syz.0.488': attribute type 1 has an invalid length.
[  137.632072][   T40] kauditd_printk_skb: 31 callbacks suppressed
[  137.632089][   T40] audit: type=1800 audit(1757040305.345:44): pid=7878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.489" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  138.211935][ T7889] =======================================================
[  138.211935][ T7889] WARNING: The mand mount option has been deprecated and
[  138.211935][ T7889]          and is ignored by this kernel. Remove the mand
[  138.211935][ T7889]          option from the mount to silence this warning.
[  138.211935][ T7889] =======================================================
[  138.230440][ T7889] netlink: 8 bytes leftover after parsing attributes in process `syz.2.494'.
[  138.235271][ T7889] netlink: 36 bytes leftover after parsing attributes in process `syz.2.494'.
[  138.350717][ T7894] netlink: 10 bytes leftover after parsing attributes in process `syz.2.496'.
[  139.175356][  T841] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  139.434828][ T5978] Bluetooth: hci2: command 0x0c1a tx timeout
[  139.437513][ T6020] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  139.440200][ T6020] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  140.834501][   T40] audit: type=1800 audit(1757040308.555:45): pid=7957 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.516" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  141.263784][  T841] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  141.523423][ T5978] Bluetooth: hci3: command 0x206a tx timeout
[  141.525472][ T6020] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  141.527555][ T6020] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  141.602834][   T29] wlan0 speed is unknown, defaulting to 1000
[  141.606488][   T29] syz2: Port: 1 Link DOWN
[  141.742809][ T7982] autofs4:pid:7982:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(4294967071.1), cmd(0xc018937e)
[  141.748680][ T7982] autofs4:pid:7982:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e)
[  141.790508][ T7982] afs: Unknown parameter '
ynLflock'
[  141.878775][ T7987] macsec1: entered allmulticast mode
[  141.915795][ T7994] netlink: 4 bytes leftover after parsing attributes in process `syz.2.526'.
[  141.919642][ T7994] netlink: 4 bytes leftover after parsing attributes in process `syz.2.526'.
[  142.041592][ T7995] netlink: 4 bytes leftover after parsing attributes in process `syz.1.524'.
[  142.045453][ T7995] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.048558][ T7995] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.053685][ T7995] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.056573][ T7995] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.763777][  T841] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  143.332307][ T8035] fuse: Bad value for 'fd'
[  143.538254][ T8042] loop2: detected capacity change from 0 to 18239
[  144.993754][ T8049] netlink: 8 bytes leftover after parsing attributes in process `syz.2.542'.
[  144.996559][ T8049] netlink: 'syz.2.542': attribute type 5 has an invalid length.
[  144.999088][ T8049] netlink: 20 bytes leftover after parsing attributes in process `syz.2.542'.
[  145.355860][ T8049] geneve2: entered promiscuous mode
[  145.358203][ T8049] geneve2: entered allmulticast mode
[  145.428190][ T7368] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  145.433258][ T7368] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  145.446476][ T7365] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  145.461701][ T7365] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  145.630070][ T8082] capability: warning: `syz.0.550' uses deprecated v2 capabilities in a way that may be insecure
[  145.883707][  T841] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  146.446913][ T8094] program syz.1.554 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  147.322318][ T8123] evm: overlay not supported
[  147.325028][ T8123] QAT: Stopping all acceleration devices.
[  147.819145][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  148.545844][ T8147] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  148.551656][ T8147] 9pnet_fd: Insufficient options for proto=fd
[  148.690172][ T8152] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'.
[  148.693923][ T8152] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'.
[  149.853661][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  149.901812][ T8183] netlink: 8 bytes leftover after parsing attributes in process `syz.0.579'.
[  149.904671][ T8183] netlink: 8 bytes leftover after parsing attributes in process `syz.0.579'.
[  157.749840][ T8251] netlink: 8 bytes leftover after parsing attributes in process `syz.3.590'.
[  157.754836][ T8251] netlink: 8 bytes leftover after parsing attributes in process `syz.3.590'.
[  159.294642][ T8315] netlink: 8 bytes leftover after parsing attributes in process `syz.2.600'.
[  159.297924][ T8315] netlink: 8 bytes leftover after parsing attributes in process `syz.2.600'.
[  159.829634][ T8348] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.760338][ T8360] netlink: 4 bytes leftover after parsing attributes in process `syz.3.606'.
[  160.798953][   T67] Process accounting resumed
[  160.870384][ T8365] syz_tun: entered allmulticast mode
[  160.876361][ T8365] dvmrp8: entered allmulticast mode
[  160.880287][   T40] audit: type=1326 audit(1757040328.595:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8364 comm="syz.3.608" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x0
[  161.256499][ T8378] tmpfs: Bad value for 'huge'
[  161.700604][ T8364] syz_tun: left allmulticast mode
[  161.703594][ T8364] dvmrp8: left allmulticast mode
[  161.837770][ T8384] netlink: 8 bytes leftover after parsing attributes in process `syz.0.613'.
[  161.840774][ T8384] netlink: 8 bytes leftover after parsing attributes in process `syz.0.613'.
[  162.121028][ T8392] netlink: 'syz.1.615': attribute type 1 has an invalid length.
[  162.124665][ T8392] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  162.355942][ T8394] /dev/sg0: Can't lookup blockdev
[  162.496041][ T8399] netlink: 14528 bytes leftover after parsing attributes in process `syz.1.618'.
[  162.871438][ T8409] netlink: 36 bytes leftover after parsing attributes in process `syz.3.621'.
[  163.051008][ T8415] befs: (nbd0): No write support. Marking filesystem read-only
[  163.057825][ T8415] block nbd0: Attempted send on invalid socket
[  163.060288][ T8415] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  163.063563][ T8415] befs: (nbd0): unable to read superblock
[  163.134239][ T8414] team0: No ports can be present during mode change
[  163.157382][ T8414] netlink: 4 bytes leftover after parsing attributes in process `syz.3.621'.
[  163.364423][ T8414] team0 (unregistering): Port device team_slave_0 removed
[  163.397736][ T8414] team0 (unregistering): Port device team_slave_1 removed
[  163.428370][ T8406] syz.2.616 (8406) used greatest stack depth: 19736 bytes left
[  163.626571][ T8412] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.845937][ T8421] netlink: 'syz.1.623': attribute type 2 has an invalid length.
[  163.848469][ T8421] netlink: 'syz.1.623': attribute type 1 has an invalid length.
[  164.135868][ T8412] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.191730][ T8424] wlan0 speed is unknown, defaulting to 1000
[  164.248829][ T8412] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.501738][ T8412] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.821761][ T7365] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.824449][ T7365] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.974571][ T7365] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.977382][ T7365] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.214881][ T8443] kAFS: unable to lookup cell ''
[  165.324782][   T40] audit: type=1326 audit(1757040333.045:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.2.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  165.343954][   T40] audit: type=1326 audit(1757040333.045:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.2.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  165.351418][   T40] audit: type=1326 audit(1757040333.045:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.2.628" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf702e579 code=0x7ffc0000
[  165.385486][   T40] audit: type=1326 audit(1757040333.045:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.2.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  165.406496][   T40] audit: type=1326 audit(1757040333.045:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.2.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  165.421254][   T40] audit: type=1326 audit(1757040333.045:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.2.628" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf702e579 code=0x7ffc0000
[  165.443641][   T40] audit: type=1326 audit(1757040333.045:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.2.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  165.452063][   T40] audit: type=1326 audit(1757040333.045:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.2.628" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  165.461854][   T40] audit: type=1326 audit(1757040333.055:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.2.628" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf702e579 code=0x7ffc0000
[  165.589534][ T8447] netlink: 28 bytes leftover after parsing attributes in process `syz.0.629'.
[  165.609703][ T8447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.629'.
[  166.862418][ T8466] block device autoloading is deprecated and will be removed.
[  166.874387][ T8466] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  167.364315][ T8485] netlink: 48 bytes leftover after parsing attributes in process `syz.3.639'.
[  168.573633][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  169.600484][ T8553] netlink: 32 bytes leftover after parsing attributes in process `syz.0.655'.
[  169.625002][ T8553] wireguard0: entered promiscuous mode
[  169.627167][ T8553] wireguard0: entered allmulticast mode
[  169.737760][ T8556] openvswitch: netlink: Flow actions attr not present in new flow.
[  183.525664][    C2] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  184.845576][ T8583] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  184.884577][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  184.884594][   T40] audit: type=1326 audit(1757040352.605:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  184.908222][   T40] audit: type=1326 audit(1757040352.605:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.660" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ee598 code=0x7ffc0000
[  184.915064][   T40] audit: type=1326 audit(1757040352.605:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  184.922952][   T40] audit: type=1326 audit(1757040352.605:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  184.929709][   T40] audit: type=1326 audit(1757040352.605:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.660" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ee598 code=0x7ffc0000
[  184.936598][   T40] audit: type=1326 audit(1757040352.605:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  184.943283][   T40] audit: type=1326 audit(1757040352.605:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.660" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  184.949824][   T40] audit: type=1326 audit(1757040352.605:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.660" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ee598 code=0x7ffc0000
[  184.956538][   T40] audit: type=1326 audit(1757040352.605:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.660" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ee598 code=0x7ffc0000
[  184.963586][   T40] audit: type=1326 audit(1757040352.605:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.1.660" exe="/syz-executor" sig=0 arch=40000003 syscall=448 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  185.207949][ T8591] block device autoloading is deprecated and will be removed.
[  186.153344][ T6161] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  186.293891][ T8618] netlink: 48 bytes leftover after parsing attributes in process `syz.0.670'.
[  186.303701][ T6161] usb 8-1: too many configurations: 9, using maximum allowed: 8
[  186.306983][ T6161] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.310108][ T6161] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  186.314245][ T6161] usb 8-1: config 0 interface 0 has no altsetting 0
[  186.318353][ T6161] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.321732][ T6161] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  186.325401][ T6161] usb 8-1: config 0 interface 0 has no altsetting 0
[  186.328225][ T6161] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.331009][ T6161] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  186.334640][ T6161] usb 8-1: config 0 interface 0 has no altsetting 0
[  186.337682][ T6161] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.340462][ T6161] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  186.344066][ T6161] usb 8-1: config 0 interface 0 has no altsetting 0
[  186.347654][ T6161] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.350395][ T6161] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  186.353918][ T6161] usb 8-1: config 0 interface 0 has no altsetting 0
[  186.356748][ T6161] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.359654][ T6161] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  186.363003][ T6161] usb 8-1: config 0 interface 0 has no altsetting 0
[  186.365859][ T6161] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.368701][ T6161] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  186.372106][ T6161] usb 8-1: config 0 interface 0 has no altsetting 0
[  186.375160][ T6161] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.377947][ T6161] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  186.381322][ T6161] usb 8-1: config 0 interface 0 has no altsetting 0
[  186.385061][ T6161] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  186.387874][ T6161] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  186.390504][ T6161] usb 8-1: Product: syz
[  186.391831][ T6161] usb 8-1: Manufacturer: syz
[  186.393481][ T6161] usb 8-1: SerialNumber: syz
[  186.396163][ T6161] usb 8-1: config 0 descriptor??
[  186.401050][ T6161] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0
[  186.662944][    C3] usb 8-1: yurex_control_callback - control failed: -71
[  186.663332][   T24] usb 8-1: USB disconnect, device number 4
[  186.668099][   T24] yurex 8-1:0.0: USB YUREX #0 now disconnected
[  186.889853][ T8636] netlink: 40 bytes leftover after parsing attributes in process `syz.0.675'.
[  187.056489][ T8640] bridge1: entered promiscuous mode
[  187.550843][ T8653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.677'.
[  187.601001][ T8643] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  187.707890][ T8656] netlink: 'syz.3.678': attribute type 1 has an invalid length.
[  188.906525][ T8690] siw: device registration error -23
[  189.804602][ T8717] kAFS: No cell specified
[  189.925102][ T8720] lo speed is unknown, defaulting to 1000
[  189.925143][ T8720] lo speed is unknown, defaulting to 1000
[  189.925499][ T8720] lo speed is unknown, defaulting to 1000
[  190.005538][ T8720] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  190.027374][ T8720] lo speed is unknown, defaulting to 1000
[  190.031942][ T8720] lo speed is unknown, defaulting to 1000
[  190.038228][ T8720] lo speed is unknown, defaulting to 1000
[  190.042760][ T8720] lo speed is unknown, defaulting to 1000
[  190.280803][ T8723] 9pnet_fd: p9_fd_create_tcp (8723): problem connecting socket to 127.0.0.1
[  190.283422][ T8724] 9pnet_fd: p9_fd_create_tcp (8724): problem connecting socket to 127.0.0.1
[  191.566439][ T8752] binder: 8743:8752 ioctl c0306201 80000540 returned -14
[  191.629564][ T8744] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  191.714252][ T8759] overlayfs: failed to clone upperpath
[  191.967489][ T8768] lo speed is unknown, defaulting to 1000
[  192.660415][ T8781] fuse: Bad value for 'fd'
[  192.742047][ T8779] netdevsim netdevsim2: Direct firmware load for @ failed with error -2
[  192.745862][ T8779] netdevsim netdevsim2: Falling back to sysfs fallback for: @
[  193.235221][ T8792] overlayfs: failed to clone upperpath
[  193.242007][ T8792] fuse: Bad value for 'fd'
[  193.495315][ T8796] netlink: 256 bytes leftover after parsing attributes in process `syz.1.713'.
[  194.063505][ T8809] geneve2: entered promiscuous mode
[  194.066978][ T8809] geneve2: entered allmulticast mode
[  194.390485][ T8827] netlink: 8 bytes leftover after parsing attributes in process `syz.3.722'.
[  194.395148][ T8827] netlink: 8 bytes leftover after parsing attributes in process `syz.3.722'.
[  195.617121][   T40] kauditd_printk_skb: 446 callbacks suppressed
[  195.617135][   T40] audit: type=1326 audit(1757040363.335:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8844 comm="syz.0.728" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f75579 code=0x0
[  195.838491][ T8848] netdevsim netdevsim2: Direct firmware load for @ failed with error -2
[  195.841328][ T8848] netdevsim netdevsim2: Falling back to sysfs fallback for: @
[  196.119733][ T8855] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  196.122564][ T8855] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  196.146933][ T8857] netlink: 20 bytes leftover after parsing attributes in process `syz.1.731'.
[  196.338325][ T8592] udevd[8592]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  196.346921][ T8593] udevd[8593]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  196.563640][ T8877] netlink: zone id is out of range
[  196.565441][ T8877] netlink: zone id is out of range
[  196.567125][ T8877] netlink: zone id is out of range
[  196.568896][ T8877] netlink: zone id is out of range
[  196.570734][ T8877] netlink: zone id is out of range
[  196.572515][ T8877] netlink: zone id is out of range
[  196.575244][ T8877] netlink: zone id is out of range
[  196.576905][ T8877] netlink: zone id is out of range
[  196.578514][ T8877] netlink: zone id is out of range
[  196.580214][ T8877] netlink: zone id is out of range
[  197.976264][ T8913] syz.3.742 (8913): drop_caches: 2
[  197.978211][ T8913] syz.3.742 (8913): drop_caches: 2
[  198.846267][ T8938] netlink: 8 bytes leftover after parsing attributes in process `syz.0.749'.
[  198.861931][ T8939] siw: device registration error -23
[  198.918489][ T8938] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.042408][ T8938] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  199.101626][ T8938] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  199.604384][ T8938] bridge1: left promiscuous mode
[  199.613960][   T67] lo speed is unknown, defaulting to 1000
[  199.614265][ T7369] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.615857][   T67] syz2: Port: 1 Link DOWN
[  199.620849][ T7369] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.624152][ T7369] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.627074][ T7369] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.721998][ T8948] fuse: Bad value for 'rootmode'
[  199.757321][ T8950] netlink: 'syz.2.755': attribute type 21 has an invalid length.
[  199.770394][ T8952] binder: 8951:8952 ioctl 40405515 80000000 returned -22
[  199.773088][ T8952] binder: 8951:8952 ioctl c0306201 800001c0 returned -22
[  199.939172][ T8957] netlink: 'syz.0.757': attribute type 10 has an invalid length.
[  199.960253][ T8959] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  200.045000][ T8970] netlink: 830 bytes leftover after parsing attributes in process `syz.1.763'.
[  200.107625][ T8975] bridge_slave_1: left allmulticast mode
[  200.109657][ T8975] bridge_slave_1: left promiscuous mode
[  200.111556][ T8975] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.121571][ T8975] bridge_slave_0: left allmulticast mode
[  200.124884][ T8975] bridge_slave_0: left promiscuous mode
[  200.126783][ T8975] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.141191][ T8981] netlink: 24 bytes leftover after parsing attributes in process `syz.2.767'.
[  200.224836][ T8988] overlayfs: missing 'lowerdir'
[  200.820962][ T9016] sp0: Synchronizing with TNC
[  200.831532][ T9016] sp0: Found TNC
[  200.958211][ T9029] netlink: 8 bytes leftover after parsing attributes in process `syz.1.780'.
[  200.979258][ T9029] macvlan2: entered allmulticast mode
[  200.981047][ T9029] veth1_vlan: entered allmulticast mode
[  200.985940][ T9029] veth1_vlan: left allmulticast mode
[  201.416901][ T9036] netlink: 148 bytes leftover after parsing attributes in process `syz.2.784'.
[  203.656636][ T9095] o2cb: This node has not been configured.
[  203.659817][ T9095] o2cb: Cluster check failed. Fix errors before retrying.
[  203.662272][ T9095] (syz.3.805,9095,3):user_dlm_register:674 ERROR: status = -22
[  203.665236][ T9095] (syz.3.805,9095,3):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus"
[  203.923405][ T6161] usb 8-1: new low-speed USB device number 5 using dummy_hcd
[  203.933677][  T841] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  204.100104][ T6161] usb 8-1: config 0 has an invalid interface number: 207 but max is 0
[  204.106640][ T6161] usb 8-1: config 0 has no interface number 0
[  204.112236][ T6161] usb 8-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=da.df
[  204.121547][ T6161] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.145803][ T6161] usb 8-1: config 0 descriptor??
[  204.164898][ T9104] net_ratelimit: 5 callbacks suppressed
[  204.164932][ T9104] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  204.191015][ T6161] usb 8-1: selecting invalid altsetting 3
[  204.193803][ T6161] comedi comedi5: could not set alternate setting 3 in high speed
[  204.196396][ T6161] usbdux 8-1:0.207: driver 'usbdux' failed to auto-configure device.
[  204.208305][ T6161] usbdux 8-1:0.207: probe with driver usbdux failed with error -22
[  204.737297][ T9120] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  205.245641][  T841] usb 8-1: USB disconnect, device number 5
[  205.793173][ T9133] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  205.795995][ T9133] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  205.865041][ T9137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.811'.
[  205.868802][ T9137] netlink: 8 bytes leftover after parsing attributes in process `syz.3.811'.
[  211.634616][ T9173] netlink: 14 bytes leftover after parsing attributes in process `syz.3.817'.
[  211.721288][ T9167] netlink: 28 bytes leftover after parsing attributes in process `syz.3.817'.
[  211.818924][ T9173] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  211.827494][ T9173] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  211.832979][ T9173] bond0 (unregistering): Released all slaves
[  212.090425][   T40] audit: type=1804 audit(1757040892.802:515): pid=9180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.820" name="/newroot/205/file0" dev="tmpfs" ino=1144 res=1 errno=0
[  212.110130][ T9183] loop2: detected capacity change from 0 to 7
[  212.114886][ T9183] Dev loop2: unable to read RDB block 7
[  212.116683][ T9183]  loop2: AHDI p1 p2 p3
[  212.117948][ T9183] loop2: partition table partially beyond EOD, truncated
[  212.127335][ T9183] loop2: p1 start 1601398130 is beyond EOD, truncated
[  212.130324][ T9183] loop2: p2 start 1702059890 is beyond EOD, truncated
[  212.159786][ T9190] atomic_op ffff8880131f6198 conn xmit_atomic 0000000000000000
[  212.178118][ T9194] FAULT_INJECTION: forcing a failure.
[  212.178118][ T9194] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.187397][ T9194] CPU: 0 UID: 0 PID: 9194 Comm: syz.0.825 Not tainted syzkaller #0 PREEMPT(full) 
[  212.187412][ T9194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.187418][ T9194] Call Trace:
[  212.187422][ T9194]  <TASK>
[  212.187426][ T9194]  dump_stack_lvl+0x16c/0x1f0
[  212.187462][ T9194]  should_fail_ex+0x512/0x640
[  212.187482][ T9194]  _copy_from_user+0x2e/0xd0
[  212.187499][ T9194]  move_addr_to_kernel+0x65/0x170
[  212.187511][ T9194]  __get_compat_msghdr+0x3f1/0x4d0
[  212.187526][ T9194]  get_compat_msghdr+0xd2/0x170
[  212.187538][ T9194]  ? __pfx_get_compat_msghdr+0x10/0x10
[  212.187555][ T9194]  ___sys_sendmsg+0x1ae/0x1d0
[  212.187569][ T9194]  ? __pfx____sys_sendmsg+0x10/0x10
[  212.187588][ T9194]  ? find_held_lock+0x2b/0x80
[  212.187608][ T9194]  __sys_sendmsg+0x16d/0x220
[  212.187621][ T9194]  ? __pfx___sys_sendmsg+0x10/0x10
[  212.187639][ T9194]  ? rcu_is_watching+0x12/0xc0
[  212.187652][ T9194]  __do_fast_syscall_32+0x7c/0x3a0
[  212.187667][ T9194]  do_fast_syscall_32+0x32/0x80
[  212.187681][ T9194]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  212.187693][ T9194] RIP: 0023:0xf7f75579
[  212.187701][ T9194] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  212.187711][ T9194] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  212.187721][ T9194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000800
[  212.187727][ T9194] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000
[  212.187733][ T9194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  212.187738][ T9194] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  212.187744][ T9194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  212.187757][ T9194]  </TASK>
[  212.289545][ T9202] netlink: 4 bytes leftover after parsing attributes in process `syz.0.828'.
[  212.302017][ T9196] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.459413][ T9196] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.539153][ T9196] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.608610][ T9196] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.644927][ T9214] FAULT_INJECTION: forcing a failure.
[  212.644927][ T9214] name failslab, interval 1, probability 0, space 0, times 1
[  212.648926][ T9214] CPU: 1 UID: 0 PID: 9214 Comm: syz.0.830 Not tainted syzkaller #0 PREEMPT(full) 
[  212.648950][ T9214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.648957][ T9214] Call Trace:
[  212.648961][ T9214]  <TASK>
[  212.648965][ T9214]  dump_stack_lvl+0x16c/0x1f0
[  212.648982][ T9214]  should_fail_ex+0x512/0x640
[  212.648997][ T9214]  ? fs_reclaim_acquire+0xae/0x150
[  212.649013][ T9214]  ? tomoyo_encode2+0x100/0x3e0
[  212.649027][ T9214]  should_failslab+0xc2/0x120
[  212.649041][ T9214]  __kmalloc_noprof+0xd2/0x510
[  212.649053][ T9214]  ? d_absolute_path+0x136/0x1a0
[  212.649070][ T9214]  tomoyo_encode2+0x100/0x3e0
[  212.649085][ T9214]  tomoyo_encode+0x29/0x50
[  212.649110][ T9214]  tomoyo_realpath_from_path+0x18f/0x6e0
[  212.649129][ T9214]  tomoyo_path_number_perm+0x245/0x580
[  212.649141][ T9214]  ? tomoyo_path_number_perm+0x237/0x580
[  212.649154][ T9214]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  212.649181][ T9214]  ? find_held_lock+0x2b/0x80
[  212.649192][ T9214]  ? hook_file_ioctl_common+0x145/0x410
[  212.649212][ T9214]  ? __fget_files+0x20e/0x3c0
[  212.649226][ T9214]  security_file_ioctl_compat+0x9b/0x240
[  212.649241][ T9214]  __ia32_compat_sys_ioctl+0xc3/0x370
[  212.649259][ T9214]  __do_fast_syscall_32+0x7c/0x3a0
[  212.649274][ T9214]  do_fast_syscall_32+0x32/0x80
[  212.649288][ T9214]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  212.649300][ T9214] RIP: 0023:0xf7f75579
[  212.649309][ T9214] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  212.649318][ T9214] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  212.649328][ T9214] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000000005411
[  212.649334][ T9214] RDX: 0000000080000240 RSI: 0000000000000000 RDI: 0000000000000000
[  212.649340][ T9214] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  212.649345][ T9214] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  212.649351][ T9214] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  212.649364][ T9214]  </TASK>
[  212.649466][ T9214] ERROR: Out of memory at tomoyo_realpath_from_path.
[  212.772492][ T7365] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.786246][ T7365] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.814874][ T7365] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.846725][ T7369] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.653658][  T841] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  214.131078][ T9248] fuse: Bad value for 'fd'
[  214.185424][ T9254] netlink: 12 bytes leftover after parsing attributes in process `syz.1.843'.
[  214.215515][ T9257] syz.3.844 (9257): /proc/9257/oom_adj is deprecated, please use /proc/9257/oom_score_adj instead.
[  215.096255][   T40] audit: type=1326 audit(1757040895.812:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9268 comm="syz.2.846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  215.102710][   T40] audit: type=1326 audit(1757040895.812:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9268 comm="syz.2.846" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000
[  215.109229][   T40] audit: type=1326 audit(1757040895.812:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9268 comm="syz.2.846" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000
[  215.116081][   T40] audit: type=1326 audit(1757040895.812:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9268 comm="syz.2.846" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000
[  215.125143][   T40] audit: type=1326 audit(1757040895.812:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9268 comm="syz.2.846" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000
[  215.131491][   T40] audit: type=1326 audit(1757040895.812:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9268 comm="syz.2.846" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000
[  215.137994][   T40] audit: type=1326 audit(1757040895.812:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9268 comm="syz.2.846" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000
[  215.144941][   T40] audit: type=1326 audit(1757040895.812:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9268 comm="syz.2.846" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000
[  215.152888][   T40] audit: type=1326 audit(1757040895.812:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9268 comm="syz.2.846" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000
[  216.268724][ T9290] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  216.914374][ T9306] ref_ctr going negative. vaddr: 0x80ffc002, curr val: -29824, delta: 1
[  216.917928][ T9306] ref_ctr increment failed for inode: 0x4a2 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88804cb22040
[  217.004902][ T9308] FAULT_INJECTION: forcing a failure.
[  217.004902][ T9308] name failslab, interval 1, probability 0, space 0, times 0
[  217.008664][ T9308] CPU: 3 UID: 0 PID: 9308 Comm: syz.0.856 Not tainted syzkaller #0 PREEMPT(full) 
[  217.008679][ T9308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  217.008685][ T9308] Call Trace:
[  217.008689][ T9308]  <TASK>
[  217.008693][ T9308]  dump_stack_lvl+0x16c/0x1f0
[  217.008710][ T9308]  should_fail_ex+0x512/0x640
[  217.008725][ T9308]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  217.008739][ T9308]  should_failslab+0xc2/0x120
[  217.008753][ T9308]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  217.008764][ T9308]  ? __alloc_skb+0x2b2/0x380
[  217.008781][ T9308]  __alloc_skb+0x2b2/0x380
[  217.008793][ T9308]  ? __pfx___alloc_skb+0x10/0x10
[  217.008805][ T9308]  ? find_held_lock+0x2b/0x80
[  217.008816][ T9308]  ? is_bpf_text_address+0x8a/0x1a0
[  217.008829][ T9308]  ? bpf_ksym_find+0x124/0x1c0
[  217.008840][ T9308]  alloc_skb_with_frags+0xe0/0x860
[  217.008855][ T9308]  ? __kernel_text_address+0xd/0x40
[  217.008864][ T9308]  ? unwind_get_return_address+0x59/0xa0
[  217.008877][ T9308]  sock_alloc_send_pskb+0x7fb/0x990
[  217.008895][ T9308]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  217.008907][ T9308]  ? __pfx___might_resched+0x10/0x10
[  217.008921][ T9308]  ? aa_sk_perm+0x2f4/0xb10
[  217.008935][ T9308]  hci_sock_sendmsg+0x1c7/0x25f0
[  217.008951][ T9308]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  217.008963][ T9308]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  217.008976][ T9308]  sock_write_iter+0x4ff/0x5b0
[  217.008986][ T9308]  ? __pfx_sock_write_iter+0x10/0x10
[  217.009001][ T9308]  ? bpf_lsm_file_permission+0x9/0x10
[  217.009015][ T9308]  ? security_file_permission+0x71/0x210
[  217.009034][ T9308]  ? rw_verify_area+0xcf/0x6c0
[  217.009046][ T9308]  vfs_write+0x7d0/0x11d0
[  217.009058][ T9308]  ? __pfx_sock_write_iter+0x10/0x10
[  217.009068][ T9308]  ? __pfx_vfs_write+0x10/0x10
[  217.009079][ T9308]  ? find_held_lock+0x2b/0x80
[  217.009096][ T9308]  ksys_write+0x1f8/0x250
[  217.009108][ T9308]  ? __pfx_ksys_write+0x10/0x10
[  217.009120][ T9308]  ? rcu_is_watching+0x12/0xc0
[  217.009133][ T9308]  __do_fast_syscall_32+0x7c/0x3a0
[  217.009149][ T9308]  do_fast_syscall_32+0x32/0x80
[  217.009162][ T9308]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  217.009175][ T9308] RIP: 0023:0xf7f75579
[  217.009183][ T9308] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  217.009192][ T9308] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  217.009202][ T9308] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000000
[  217.009208][ T9308] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000
[  217.009213][ T9308] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  217.009219][ T9308] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  217.009224][ T9308] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  217.009237][ T9308]  </TASK>
[  217.045284][ T9315] lo speed is unknown, defaulting to 1000
[  217.109315][ T9308] lo speed is unknown, defaulting to 1000
[  217.288774][ T9326] overlayfs: failed to clone upperpath
[  217.536791][ T9337] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  217.539853][ T9337] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  217.987382][ T9348] netlink: 'syz.0.869': attribute type 1 has an invalid length.
[  218.410151][ T9357] lo speed is unknown, defaulting to 1000
[  218.594279][ T9363] netlink: 44 bytes leftover after parsing attributes in process `syz.2.873'.
[  218.740918][   T40] kauditd_printk_skb: 589 callbacks suppressed
[  218.741039][   T40] audit: type=1326 audit(1757040899.452:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9362 comm="syz.2.873" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  218.757992][   T40] audit: type=1326 audit(1757040899.452:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9362 comm="syz.2.873" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  218.774337][   T40] audit: type=1326 audit(1757040899.452:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9362 comm="syz.2.873" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf702e579 code=0x7ffc0000
[  218.781121][   T40] audit: type=1326 audit(1757040899.452:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9362 comm="syz.2.873" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  218.789662][   T40] audit: type=1326 audit(1757040899.452:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9362 comm="syz.2.873" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  218.797439][   T40] audit: type=1326 audit(1757040899.452:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9362 comm="syz.2.873" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf702e579 code=0x7ffc0000
[  218.815200][   T40] audit: type=1326 audit(1757040899.452:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9362 comm="syz.2.873" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  218.826574][   T40] audit: type=1326 audit(1757040899.452:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9362 comm="syz.2.873" exe="/syz-executor" sig=0 arch=40000003 syscall=263 compat=1 ip=0xf702e579 code=0x7ffc0000
[  218.843190][   T40] audit: type=1326 audit(1757040899.452:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9362 comm="syz.2.873" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000
[  218.860540][ T9370] netlink: 8 bytes leftover after parsing attributes in process `syz.2.875'.
[  218.868484][ T9370] netlink: 8 bytes leftover after parsing attributes in process `syz.2.875'.
[  219.580769][ T9393] nfs: Unknown parameter 'ntext'
[  220.098814][ T9403] lo speed is unknown, defaulting to 1000
[  220.208542][ T9410] FAULT_INJECTION: forcing a failure.
[  220.208542][ T9410] name failslab, interval 1, probability 0, space 0, times 0
[  220.212524][ T9410] CPU: 2 UID: 0 PID: 9410 Comm: syz.0.886 Not tainted syzkaller #0 PREEMPT(full) 
[  220.212538][ T9410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  220.212544][ T9410] Call Trace:
[  220.212548][ T9410]  <TASK>
[  220.212552][ T9410]  dump_stack_lvl+0x16c/0x1f0
[  220.212570][ T9410]  should_fail_ex+0x512/0x640
[  220.212585][ T9410]  ? fs_reclaim_acquire+0xae/0x150
[  220.212601][ T9410]  ? tomoyo_encode2+0x100/0x3e0
[  220.212615][ T9410]  should_failslab+0xc2/0x120
[  220.212629][ T9410]  __kmalloc_noprof+0xd2/0x510
[  220.212641][ T9410]  ? d_absolute_path+0x136/0x1a0
[  220.212658][ T9410]  tomoyo_encode2+0x100/0x3e0
[  220.212674][ T9410]  tomoyo_encode+0x29/0x50
[  220.212687][ T9410]  tomoyo_realpath_from_path+0x18f/0x6e0
[  220.212705][ T9410]  tomoyo_path_number_perm+0x245/0x580
[  220.212717][ T9410]  ? tomoyo_path_number_perm+0x237/0x580
[  220.212730][ T9410]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  220.212760][ T9410]  ? find_held_lock+0x2b/0x80
[  220.212770][ T9410]  ? hook_file_ioctl_common+0x145/0x410
[  220.212787][ T9410]  ? __fget_files+0x20e/0x3c0
[  220.212801][ T9410]  security_file_ioctl_compat+0x9b/0x240
[  220.212815][ T9410]  __ia32_compat_sys_ioctl+0xc3/0x370
[  220.212832][ T9410]  __do_fast_syscall_32+0x7c/0x3a0
[  220.212848][ T9410]  do_fast_syscall_32+0x32/0x80
[  220.212861][ T9410]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  220.212874][ T9410] RIP: 0023:0xf7f75579
[  220.212882][ T9410] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  220.212892][ T9410] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  220.212902][ T9410] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005411
[  220.212908][ T9410] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  220.212913][ T9410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  220.212919][ T9410] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  220.212924][ T9410] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  220.212937][ T9410]  </TASK>
[  220.212947][ T9410] ERROR: Out of memory at tomoyo_realpath_from_path.
[  220.267526][   T40] audit: type=1326 audit(1757040900.982:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9404 comm="syz.1.885" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  220.299471][ T9411] pim6reg: entered allmulticast mode
[  220.303790][ T9411] pim6reg: left allmulticast mode
[  220.802974][ T9431] netlink: 8 bytes leftover after parsing attributes in process `syz.2.891'.
[  220.807489][ T9431] netlink: 8 bytes leftover after parsing attributes in process `syz.2.891'.
[  221.232339][ T9438] tipc: Started in network mode
[  221.233992][ T9438] tipc: Node identity 7aa036880c84, cluster identity 4711
[  221.236295][ T9438] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  221.240180][ T9438] syzkaller0: entered promiscuous mode
[  221.242029][ T9438] syzkaller0: entered allmulticast mode
[  221.246270][ T9438] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  221.258373][ T9438] syzkaller0: mtu less than device minimum
[  221.261200][ T9437] tipc: Resetting bearer <eth:syzkaller0>
[  221.270783][ T9437] tipc: Disabling bearer <eth:syzkaller0>
[  221.860856][ T9465] binder: BINDER_SET_CONTEXT_MGR already set
[  221.864379][ T9465] binder: 9464:9465 ioctl 4018620d 80000100 returned -16
[  221.868341][ T9465] binder: 9464:9465 ioctl 4b33 80000140 returned -22
[  222.626330][ T9476] netlink: 28 bytes leftover after parsing attributes in process `syz.2.907'.
[  222.635989][ T9476] ------------[ cut here ]------------
[  222.638214][ T9476] WARNING: CPU: 3 PID: 9476 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x30b/0x23f0
[  222.642359][ T9476] Modules linked in:
[  222.644430][ T9476] CPU: 3 UID: 0 PID: 9476 Comm: syz.2.907 Not tainted syzkaller #0 PREEMPT(full) 
[  222.649667][ T9476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  222.653944][ T9476] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0
[  222.656682][ T9476] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d b8 65 80 0e 00 75 0b c6 05 af 65 80 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8
[  222.664608][ T9476] RSP: 0018:ffffc9000e19f7d0 EFLAGS: 00010246
[  222.667026][ T9476] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  222.669399][ T9476] RDX: 0000000000000000 RSI: 000000000000001d RDI: 0000000000040d40
[  222.671842][ T9476] RBP: 000000000000001d R08: 0000000000000005 R09: 0000000000000009
[  222.674435][ T9476] R10: 000000000000001d R11: 0000000000000000 R12: 0000000000040d40
[  222.676729][ T9476] R13: 1ffff92001c33f0f R14: ffffffff9ae74a24 R15: 000000000000001d
[  222.679225][ T9476] FS:  0000000000000000(0000) GS:ffff8880977c0000(0063) knlGS:00000000f541eb40
[  222.682153][ T9476] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  222.684961][ T9476] CR2: 00000000f7339880 CR3: 00000000514ef000 CR4: 0000000000352ef0
[  222.687801][ T9476] Call Trace:
[  222.688884][ T9476]  <TASK>
[  222.690061][ T9476]  ? __do_fast_syscall_32+0x7c/0x3a0
[  222.692320][ T9476]  ? do_fast_syscall_32+0x32/0x80
[  222.694436][ T9476]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  222.696465][ T9476]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  222.698668][ T9476]  ? kasan_quarantine_put+0x10a/0x240
[  222.700728][ T9476]  ? lockdep_hardirqs_on+0x7c/0x110
[  222.702528][ T9476]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  222.705098][ T9476]  ? policy_nodemask+0xea/0x4e0
[  222.707198][ T9476]  alloc_pages_mpol+0x1fb/0x550
[  222.708879][ T9476]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  222.710570][ T9476]  ? v9fs_fid_get_acl+0x7a/0x120
[  222.712163][ T9476]  ___kmalloc_large_node+0xed/0x160
[  222.713887][ T9476]  ? v9fs_fid_get_acl+0x7a/0x120
[  222.715402][ T9476]  __kmalloc_large_node_noprof+0x1c/0x70
[  222.717152][ T9476]  __kmalloc_noprof.cold+0xc/0x61
[  222.718729][ T9476]  ? __pfx_iget5_locked+0x10/0x10
[  222.720305][ T9476]  ? v9fs_cache_inode_get_cookie+0x28f/0x3a0
[  222.722260][ T9476]  v9fs_fid_get_acl+0x7a/0x120
[  222.724290][ T9476]  v9fs_get_acl+0xee/0x530
[  222.726052][ T9476]  v9fs_inode_from_fid_dotl+0x264/0x2f0
[  222.728389][ T9476]  v9fs_mount+0x4fd/0xa90
[  222.730269][ T9476]  ? rcu_is_watching+0x12/0xc0
[  222.732360][ T9476]  ? __pfx_v9fs_mount+0x10/0x10
[  222.734574][ T9476]  ? aa_get_newest_label+0xd2/0x250
[  222.736840][ T9476]  ? apparmor_capable+0x114/0x1d0
[  222.739004][ T9476]  ? __pfx_v9fs_mount+0x10/0x10
[  222.740572][ T9476]  legacy_get_tree+0x10c/0x220
[  222.742138][ T9476]  vfs_get_tree+0x8b/0x340
[  222.743964][ T9476]  path_mount+0x1513/0x2000
[  222.745396][ T9476]  ? __pfx_path_mount+0x10/0x10
[  222.746966][ T9476]  ? kmem_cache_free+0x2d1/0x4d0
[  222.748562][ T9476]  ? putname+0x154/0x1a0
[  222.749942][ T9476]  ? getname_flags.part.0+0x1c5/0x550
[  222.751663][ T9476]  ? __ia32_sys_mount+0x28b/0x310
[  222.753826][ T9476]  __ia32_sys_mount+0x28b/0x310
[  222.755632][ T9476]  ? __pfx___ia32_sys_mount+0x10/0x10
[  222.757313][ T9476]  ? rcu_is_watching+0x12/0xc0
[  222.758829][ T9476]  __do_fast_syscall_32+0x7c/0x3a0
[  222.760468][ T9476]  do_fast_syscall_32+0x32/0x80
[  222.762018][ T9476]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  222.764117][ T9476] RIP: 0023:0xf702e579
[  222.765394][ T9476] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  222.771364][ T9476] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  222.774823][ T9476] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800003c0
[  222.778153][ T9476] RDX: 0000000080000b80 RSI: 0000000000000000 RDI: 0000000080000500
[  222.781532][ T9476] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  222.784277][ T9476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  222.786719][ T9476] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  222.789159][ T9476]  </TASK>
[  222.790183][ T9476] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  222.792611][ T9476] CPU: 3 UID: 0 PID: 9476 Comm: syz.2.907 Not tainted syzkaller #0 PREEMPT(full) 
[  222.796519][ T9476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  222.801044][ T9476] Call Trace:
[  222.802510][ T9476]  <TASK>
[  222.803836][ T9476]  dump_stack_lvl+0x3d/0x1f0
[  222.805840][ T9476]  vpanic+0x6e8/0x7a0
[  222.807593][ T9476]  ? __pfx_vpanic+0x10/0x10
[  222.809568][ T9476]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  222.812173][ T9476]  panic+0xca/0xd0
[  222.813797][ T9476]  ? __pfx_panic+0x10/0x10
[  222.815763][ T9476]  check_panic_on_warn+0xab/0xb0
[  222.817908][ T9476]  __warn+0xf6/0x3c0
[  222.819624][ T9476]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  222.822243][ T9476]  report_bug+0x3c3/0x580
[  222.824138][ T9476]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  222.826755][ T9476]  handle_bug+0x184/0x210
[  222.828632][ T9476]  exc_invalid_op+0x17/0x50
[  222.830609][ T9476]  asm_exc_invalid_op+0x1a/0x20
[  222.832612][ T9476] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0
[  222.834675][ T9476] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d b8 65 80 0e 00 75 0b c6 05 af 65 80 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8
[  222.840524][ T9476] RSP: 0018:ffffc9000e19f7d0 EFLAGS: 00010246
[  222.842502][ T9476] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  222.844925][ T9476] RDX: 0000000000000000 RSI: 000000000000001d RDI: 0000000000040d40
[  222.847387][ T9476] RBP: 000000000000001d R08: 0000000000000005 R09: 0000000000000009
[  222.849813][ T9476] R10: 000000000000001d R11: 0000000000000000 R12: 0000000000040d40
[  222.852370][ T9476] R13: 1ffff92001c33f0f R14: ffffffff9ae74a24 R15: 000000000000001d
[  222.854933][ T9476]  ? __do_fast_syscall_32+0x7c/0x3a0
[  222.856579][ T9476]  ? do_fast_syscall_32+0x32/0x80
[  222.858148][ T9476]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  222.860165][ T9476]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  222.862221][ T9476]  ? kasan_quarantine_put+0x10a/0x240
[  222.864089][ T9476]  ? lockdep_hardirqs_on+0x7c/0x110
[  222.866059][ T9476]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  222.867909][ T9476]  ? policy_nodemask+0xea/0x4e0
[  222.869427][ T9476]  alloc_pages_mpol+0x1fb/0x550
[  222.870991][ T9476]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  222.872916][ T9476]  ? v9fs_fid_get_acl+0x7a/0x120
[  222.875081][ T9476]  ___kmalloc_large_node+0xed/0x160
[  222.877320][ T9476]  ? v9fs_fid_get_acl+0x7a/0x120
[  222.879457][ T9476]  __kmalloc_large_node_noprof+0x1c/0x70
[  222.881902][ T9476]  __kmalloc_noprof.cold+0xc/0x61
[  222.884140][ T9476]  ? __pfx_iget5_locked+0x10/0x10
[  222.886299][ T9476]  ? v9fs_cache_inode_get_cookie+0x28f/0x3a0
[  222.888888][ T9476]  v9fs_fid_get_acl+0x7a/0x120
[  222.890967][ T9476]  v9fs_get_acl+0xee/0x530
[  222.892932][ T9476]  v9fs_inode_from_fid_dotl+0x264/0x2f0
[  222.895373][ T9476]  v9fs_mount+0x4fd/0xa90
[  222.897245][ T9476]  ? rcu_is_watching+0x12/0xc0
[  222.899326][ T9476]  ? __pfx_v9fs_mount+0x10/0x10
[  222.901284][ T9476]  ? aa_get_newest_label+0xd2/0x250
[  222.902999][ T9476]  ? apparmor_capable+0x114/0x1d0
[  222.904634][ T9476]  ? __pfx_v9fs_mount+0x10/0x10
[  222.906186][ T9476]  legacy_get_tree+0x10c/0x220
[  222.907831][ T9476]  vfs_get_tree+0x8b/0x340
[  222.909265][ T9476]  path_mount+0x1513/0x2000
[  222.910740][ T9476]  ? __pfx_path_mount+0x10/0x10
[  222.912450][ T9476]  ? kmem_cache_free+0x2d1/0x4d0
[  222.914186][ T9476]  ? putname+0x154/0x1a0
[  222.915607][ T9476]  ? getname_flags.part.0+0x1c5/0x550
[  222.917320][ T9476]  ? __ia32_sys_mount+0x28b/0x310
[  222.918966][ T9476]  __ia32_sys_mount+0x28b/0x310
[  222.920523][ T9476]  ? __pfx___ia32_sys_mount+0x10/0x10
[  222.922345][ T9476]  ? rcu_is_watching+0x12/0xc0
[  222.923856][ T9476]  __do_fast_syscall_32+0x7c/0x3a0
[  222.925465][ T9476]  do_fast_syscall_32+0x32/0x80
[  222.927007][ T9476]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  222.928972][ T9476] RIP: 0023:0xf702e579
[  222.930290][ T9476] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  222.937835][ T9476] RSP: 002b:00000000f541e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  222.941341][ T9476] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800003c0
[  222.944729][ T9476] RDX: 0000000080000b80 RSI: 0000000000000000 RDI: 0000000080000500
[  222.948099][ T9476] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  222.951471][ T9476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  222.954838][ T9476] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  222.958202][ T9476]  </TASK>
[  222.960335][ T9476] Kernel Offset: disabled
[  222.962237][ T9476] Rebooting in 86400 seconds..

VM DIAGNOSIS:
02:46:30  Registers:
info registers vcpu 0

CPU#0
RAX=000000000049161d RBX=0000000000000000 RCX=ffffffff8b90fbf9 RDX=0000000000000000
RSI=ffffffff8de4dc69 RDI=ffffffff8c162f00 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08
R8 =0000000000000001 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab9290 R15=0000000000000000
RIP=ffffffff8b90e75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000057c494c0 CR3=000000004bc66000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73d4ff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
EAX=00000a3d EBX=ffffffff ECX=84e0be18 EDX=ffffffff
ESI=f73d5080 EDI=f682d008 EBP=f7f05610 ESP=ffe278a0
EIP=f706e746 EFL=00000286 [--S--P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 5816a440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 0004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000032309ffc CR3=000000007247c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000038f193 RBX=0000000000000002 RCX=ffffffff8b90fbf9 RDX=0000000000000000
RSI=ffffffff8de4dc69 RDI=ffffffff8c162f00 RBP=ffffed1003bdc910 RSP=ffffc9000047fdf8
R8 =0000000000000001 R9 =ffffed1005686655 R10=ffff88802b4332ab R11=0000000000000000
R12=0000000000000002 R13=ffff88801dee4880 R14=ffffffff90ab9290 R15=0000000000000000
RIP=ffffffff8b90e75f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c0000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f51bfae5 CR3=000000002809e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000601 Opmask01=0000000000000001 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=00000000ffffffbf Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf350832b 00007ffcf350832b
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf3508830 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf3508830 0000003000000018
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030303030303020 3a39305220303030 3030303030000065 646f6d2074736100
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030303030303020 3033305220303030 3030303030000065 6465672074736100
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 69617420746f4e20 3730392e322e7a79 73203a6d6d6f4320 36373439203a4449
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3030303063666637 78303d65646f6320 3937356565303766 78303d706920313d
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7461706d6f632030 34323d6c6c616373 7973203330303030 3030343d68637261
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20303d6769732022 726f747563657865 2d7a79732f223d65 786520223538382e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312e7a7973223d6d 6d6f632034303439 3d6469702064656e 69666e6f636e753d
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85617a75 RDI=ffffffff9b0fc700 RBP=ffffffff9b0fc6c0 RSP=ffffc9000e19f140
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000037 R14=ffffffff9b0fc6c0 R15=ffffffff85617a10
RIP=ffffffff85617a9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977c0000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7339880 CR3=00000000514ef000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555aaf226c50 0000555aaf226c50
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd8016a630 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 746120676e697372 6170207265746661 207265766f746665 6c20736574796220
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2039373565653037 6678303d70692031 3d7461706d6f6320 3034323d6c6c6163
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7379732033303030 303030343d686372 6120303d67697320 22726f7475636578
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 652d7a79732f223d 6578652022353838 2e312e7a7973223d 6d6d6f6320343034
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 393d646970206465 6e69666e6f636e75 3d6a627573203539 3237363934393234
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000