last executing test programs:

7m25.757385813s ago: executing program 1 (id=4763):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4, 0x0, 0x0, 0x0, 0x2}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYRES32], 0x44}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x23010, 0x0)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000d00)={[&(0x7f0000000840)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000180), &(0x7f00000001c0))
socket$nl_netfilter(0x10, 0x3, 0xc)

7m17.619423162s ago: executing program 1 (id=4771):
socket(0x1d, 0x1, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
setrlimit(0x0, &(0x7f0000000100)={0x6, 0xa})
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="c80000000002010400000000000000000a0000003c0001800c00028005000100000000002c0001801400030000000000000000000000ffffac1414bb1400040000000000000000000000ffff000000003c0003800c00028005000100000000002c00018014000300fc00000000000000000000000000000014000400fe8000000000000000000000000000bb3c0002800c00028005000100000000002c00018014000300fc02000000000000000000000000000014000400fe8000000000000000000000000000aab5fb91a4fc73b36849c8a9be678e5df8b0291c0daa0a59ee301d2a30c7e3"], 0xc8}}, 0x0)
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
read$FUSE(r5, &(0x7f0000009780)={0x2020, 0x0, 0x0, <r6=>0x0, <r7=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000840)=ANY=[@ANYBLOB="b0000000daffffff", @ANYRES64=0x3, @ANYBLOB="040000000000000000000000000000000000000000000080040000000000000000000000ff000000010000000000f900060000000000000005000000000000009c0000000000000081000000000000007e0000000000000000000000070000006e04000000800000508c0000", @ANYRES32=r6, @ANYRES32=r7, @ANYBLOB="04000000810000000000000000000000000000000200000000000000010000000700"/44], 0xb0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = dup(0xffffffffffffffff)
ioctl$BLKZEROOUT(r8, 0x127f, &(0x7f00000000c0)={0x0, 0x80600})
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r9, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(r9, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(r9, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
unshare(0x40020000)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x42)

7m15.765579306s ago: executing program 1 (id=4774):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x0, 0x0, 0xd, 0x1, 0x200, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3b}}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000700)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x3b}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x1ff, 0xa, 0xc, 0x980, 0xffff, 0x40000044})
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000280)={{0x5}, 'syz1\x00', 0x10})
syz_open_dev$evdev(&(0x7f0000000340), 0xaa54, 0x108001)
ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502)
lseek(r3, 0x9, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f00000001c0)=ANY=[@ANYBLOB="64796e2c0069e37bf4b94eeacd224739b537"])
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0xb)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009"], 0x0)

7m11.827779157s ago: executing program 1 (id=4778):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
pipe2(&(0x7f00000003c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003400200000000000000b94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffd000/0x3000)=nil)
brk(0xffff0001)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB="2c63616368653d667363616368652c63616368657461673d14e2c311e2cb86c82d4873c6af6ddc7bde3c511a1315e4f85948a98ae388123b56361ed3cc4c3e5523eb70372d9fb8f341b24358d32f2fdd32382b9d53229b6d19d04b3461e6fbdbf7e44bb5c8945f07e63191e43c40c3372b9cb2e8453d54d5b127c3770c27d497f8bae8a00a8fc4c97fa81d88a317caa5657f596a825ae94ba0545c87758c6f4c077cc8665e0104e48e0ffe16a747d4a1efc5a76b1d45b09d2169995c5e5c5d473f452bcd7df769e2a28d4557abdc8ce959b1c8c49721bcf4efc90376f320b2c5d5f024a04b4435f49ce10dc4a0d127ad43b75a0c5b74d1ad596b90763c69649202169de1726d6b5590993406e55c"])
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000580)={0x1ff, 0x0, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil})
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
ioctl$KVM_SET_LAPIC(r5, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000456000/0x2000)=nil})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000540)={'syztnl1\x00', &(0x7f00000016c0)={'ip6gre0\x00', <r6=>0x0, 0x4, 0xff, 0x9b, 0x1, 0x8, @remote, @dev={0xfe, 0x80, '\x00', 0x43}, 0x1e, 0x40, 0x70c1, 0xffff7fff}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001a00)={r2, 0xe0, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000001740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x7, 0x8, &(0x7f0000001780)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r8=>0x0, 0x8f, &(0x7f0000001800)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000001840), &(0x7f0000001880), 0x8, 0xb6, 0x8, 0x8, &(0x7f00000018c0)}}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r9 = syz_open_procfs$pagemap(0x0, &(0x7f0000000040))
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
ioctl$PAGEMAP_SCAN(r9, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x7fffffff, 0x0, 0x0, 0x0, 0xd, 0x22, 0x3, 0xe4})
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000000), 0xffffff6a)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001a40)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x3, '\x00', 0x0, r2, 0x0, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001c80)={0x1b, 0x0, 0x0, 0x6, 0x0, r2, 0xffffffd6, '\x00', r7, r3, 0x800004, 0x5, 0x6, 0x0, @void, @value, @void, @value}, 0x50)
r13 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_NEXT_CMD_LEN(r13, 0x2283, &(0x7f0000000380)=0x3)
r14 = fcntl$dupfd(r13, 0x0, r13)
write$sndseq(r14, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0xf2, @tick=0x5, {}, {}, @raw32={[0x9, 0x8, 0x5a7]}}, {0xfb, 0x0, 0x1, 0x81, @time={0xffff, 0x80000015}, {0x8, 0x30}, {0x2}, @time=@tick=0xfffffffe}], 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000001bc0)={0x16, 0x1b, &(0x7f00000005c0)=@raw=[@btf_id={0x18, 0x0, 0x3, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @generic={0x6, 0x9, 0x8, 0x400, 0x9}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @ldst={0x1, 0x1, 0x1, 0x3, 0xa, 0xfffffffffffffff8, 0x8}, @printk={@s, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xc0}}, @exit, @printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}], &(0x7f0000000500)='GPL\x00', 0x5, 0x1000, &(0x7f00000006c0)=""/4096, 0x41000, 0x18, '\x00', r6, @flow_dissector=0x11, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r8, r10, 0x0, &(0x7f0000001b40)=[r11, r12, r2, r5, r3, r2, r14, r3], &(0x7f0000001b80), 0x10, 0x80, @void, @value}, 0x94)

7m10.615702316s ago: executing program 0 (id=4781):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74)
r3 = syz_io_uring_setup(0x917, &(0x7f0000000300)={0x0, 0x400, 0x1, 0x1000001, 0xf7fffffc}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffbfd, 0x0, 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="c50a0000000000006113b800000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r2, 0x0, &(0x7f0000000a80)={&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f00000009c0)=[{&(0x7f0000000380)=""/197, 0xc5}, {&(0x7f00000006c0)=""/231, 0xe7}, {&(0x7f0000000580)=""/162, 0xa2}, {&(0x7f00000001c0)=""/56, 0x38}, {&(0x7f0000000640)=""/120, 0x78}, {&(0x7f0000000c00)=""/227, 0xe3}, {&(0x7f00000007c0)=""/114, 0x72}, {&(0x7f00000002c0)=""/27, 0x1b}, {&(0x7f0000000840)=""/155, 0x9b}, {&(0x7f0000000900)=""/133, 0x85}], 0xa, &(0x7f0000000ac0)=""/16, 0x10}, 0x0, 0x140, 0x0, {0x1, r6}})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r7 = io_uring_setup(0x54a0, &(0x7f0000000000)={0x0, 0x70e5, 0x2, 0x2, 0xf2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r7, 0x13, &(0x7f0000000080)=[0x5, 0xa22], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r8, 0x400448cb, 0x0)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r10 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x3, 0x2e, &(0x7f0000000e80)=ANY=[@ANYBLOB="18000000000000800000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70300000000ec2464f1027dd5ff00008500000083000000bf09000000000000550901000000000095000000000000008520000005000000183b00000300000000000000000000001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000810000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082000000182b0000", @ANYRES32=r2, @ANYBLOB="000000000b00000018400000020000000000000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x45057bf4ccb05c67, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r11, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
write$dsp(r10, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r10, 0x5001, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r10, 0x40045010, &(0x7f0000000300)=0x3)
ioctl$SNDCTL_DSP_RESET(r10, 0x5000, 0x0)
bind$bt_hci(r9, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r9, &(0x7f0000000040)="05000000010000", 0x7)

7m9.143872287s ago: executing program 0 (id=4783):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000fc07ffff00000000000000008500000041000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161142, 0x0)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x8, 0x0, &(0x7f00000023c0))
socket$igmp(0x2, 0x3, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x4, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1001, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x5, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000440)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r4, 0x100000)
bpf$MAP_CREATE(0x300000000000000, 0x0, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x101000, 0xd5)
openat$cgroup(r6, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0)

7m7.886840587s ago: executing program 0 (id=4784):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
openat$urandom(0xffffffffffffff9c, 0x0, 0x200, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r3 = epoll_create(0x10001)
mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
pipe(0x0)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0, r4}, 0x18)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2def, 0x0, 0x0, 0x0, 0x0)
shutdown(r6, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$vga_arbiter(r1, &(0x7f0000000040)=@other={'lock', ' ', 'io+mem'}, 0xc)
socket$inet_smc(0x2b, 0x1, 0x0)
write$vga_arbiter(r1, &(0x7f0000000080)=@other={'decodes', ' ', 'none'}, 0xd)
ioperm(0x7, 0x7, 0x7e)
open_by_handle_at(0xffffffffffffff9c, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001540)={0x3, 0x23, &(0x7f00000006c0)=@raw=[@ldst={0xc4e45e95da6ab60f, 0x2, 0x4, 0x8, 0x4, 0xffffffffffffffff, 0x10}, @map_fd={0x18, 0x2, 0x1, 0x0, r2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @jmp={0x5, 0x1, 0x3, 0x3, 0xc, 0x1, 0x10}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x80000000}], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket(0x22, 0x2, 0x1)
recvmmsg$unix(r4, &(0x7f0000001080)=[{{&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000200)=""/86, 0x56}, {&(0x7f0000000380)=""/244, 0xf4}, {&(0x7f0000001600)=""/4096, 0x1000}, {&(0x7f0000000580)=""/96, 0x60}, {&(0x7f0000000800)=""/238, 0xee}, {&(0x7f0000000280)=""/29, 0x1d}, {&(0x7f0000000900)=""/146, 0x92}, {&(0x7f0000002600)=""/4096, 0x1000}, {&(0x7f00000009c0)=""/194, 0xc2}], 0x9, &(0x7f0000000ac0)=[@cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}], 0x48}}, {{&(0x7f0000000b40)=@abs, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000bc0)=""/100, 0x64}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000003600)=""/4096, 0x1000}, {&(0x7f0000000d00)=""/209, 0xd1}], 0x2, &(0x7f0000000e40)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}, {{&(0x7f0000000e80), 0x6e, &(0x7f0000001000)=[{&(0x7f0000000f00)=""/198, 0xc6}], 0x1, &(0x7f0000001040)=[@cred={{0x18}}, @cred={{0x18}}], 0x30}}], 0x4, 0x40010000, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

7m7.589750462s ago: executing program 1 (id=4786):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4, 0x0, 0x0, 0x0, 0x2}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYRES32], 0x44}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x23010, 0x0)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000d00)={[&(0x7f0000000840)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180), &(0x7f00000001c0))
socket$nl_netfilter(0x10, 0x3, 0xc)

7m7.270381823s ago: executing program 0 (id=4795):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x8}}, 0x2}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket(0x11, 0x800000003, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x80400, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
rmdir(&(0x7f0000000180)='./file1\x00')
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)={'team0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001640)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r7, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0xc, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x3}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd700205e1ffff04000000080009"], 0x34}}, 0x4000000)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')

7m5.833172846s ago: executing program 0 (id=4789):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0900000009000000020000000900000002000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000c6853d9d933be1dfd714164469626a146d27481484cbb5a43bede7e2a44e8e873380d076ba8d4079bb8f01e12e2bb2aa832f4523991ab5fe15336794847a1495afdd42307e427f194a003d3aa70181ca1e64bbc85a76728b17d9", @ANYRES32=0x0, @ANYRES32], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x34, 0x0, 0x8, 0x801, 0x0, 0x0, {0x3, 0x0, 0x2}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xdada}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @gre}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x3a}]}, 0x34}, 0x1, 0x0, 0x0, 0x24018100}, 0x4000000)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
unlink(&(0x7f0000000000)='./file0\x00')
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
modify_ldt$read(0x0, &(0x7f0000000400)=""/229, 0xe5)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a005124deacb12e68d5b042fd94802e899d13e0374769b03ac3273b6ab1188023b587e473253682146a9f24b52e89b42d3c836c1702078fbba099e45a9ddb039922f65e595e5fb3172b8fc94fe9185633ff84974096e32e8d6ce93ad1488698052714e15b7763bfe3d117e145752db35e4553df3a7d153ee8c27ebc9342e6eecf4d1b92e4ac8c64700aec62c72fd06f652ebc960a30868729b4b249183381de3f1879286998f3493e664e810b0c", @ANYRES32, @ANYBLOB], 0x40}}, 0x0)
syz_io_uring_setup(0x779b, &(0x7f0000000380)={0x0, 0xf5a5, 0x0, 0xffffffff, 0x2028a}, &(0x7f0000000280), &(0x7f0000000200))

7m0.752289977s ago: executing program 0 (id=4792):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a0000000400000008000000080000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000500fffffffffffffffd00000000c8000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x3, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x401, 0xffffffff, 0x8, 0x3, {0x0, 0xfffd, 0x40, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xeca5, 0x0, 0xac, "d20bddfd7d0eb9342251560ed1000000000000000000000688ba0c0cfae89a8c"}})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000009, 0x114}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$vnet(0xffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc1105518, &(0x7f0000000040)={{0x0, 0x5, 0x2, 0x0, 'syz0\x00'}, 0x1, [0x327cf3e4, 0xffeffffc, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x9, 0x4, 0x6, 0xfffffffc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffd, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x52e9, 0xad, 0x3, 0x0, 0x0, 0x1c00000, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x7ff, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x4000, 0x2, 0x7fffffffffffffff, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xba, 0xffffffff, 0x0, 0x5, 0x0, 0xfffffffe, 0x0, 0x8, 0x0, 0x0, 0x200, 0x0, 0x7, 0x0, 0x1]})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(des3_ede-generic)\x00'}, 0x58)
rseq(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x6}, 0x20, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000a59000/0x1000)=nil, 0x1000, 0x64)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})

7m0.651842167s ago: executing program 32 (id=4792):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a0000000400000008000000080000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000500fffffffffffffffd00000000c8000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x10, 0x3, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x401, 0xffffffff, 0x8, 0x3, {0x0, 0xfffd, 0x40, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xeca5, 0x0, 0xac, "d20bddfd7d0eb9342251560ed1000000000000000000000688ba0c0cfae89a8c"}})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000009, 0x114}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$vnet(0xffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc1105518, &(0x7f0000000040)={{0x0, 0x5, 0x2, 0x0, 'syz0\x00'}, 0x1, [0x327cf3e4, 0xffeffffc, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x9, 0x4, 0x6, 0xfffffffc, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffd, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x52e9, 0xad, 0x3, 0x0, 0x0, 0x1c00000, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x7ff, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x4000, 0x2, 0x7fffffffffffffff, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xba, 0xffffffff, 0x0, 0x5, 0x0, 0xfffffffe, 0x0, 0x8, 0x0, 0x0, 0x200, 0x0, 0x7, 0x0, 0x1]})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(des3_ede-generic)\x00'}, 0x58)
rseq(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x6}, 0x20, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000a59000/0x1000)=nil, 0x1000, 0x64)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})

6m56.083324835s ago: executing program 1 (id=4798):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1001, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000440)=0x2)
clock_nanosleep(0x8, 0x0, &(0x7f0000000280), 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}]}]}], {0x14}}, 0x90}, 0x1, 0x0, 0x0, 0x400c041}, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000180)={'team0\x00', &(0x7f0000000000)=@ethtool_ts_info})
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000002c80)=@generic={&(0x7f0000002c40)='./file0\x00'}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002d40)={{0xffffffffffffffff, <r6=>0xffffffffffffffff}, &(0x7f0000002cc0), &(0x7f0000002d00)}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002e00)={0x6, 0x15, &(0x7f00000028c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7b7a}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x2}, @ringbuf_query, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @exit, @generic={0x6, 0x3, 0x1, 0x9, 0xfffffff9}]}, &(0x7f0000002a00)='GPL\x00', 0x4, 0x61, &(0x7f0000002a40)=""/97, 0x40f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000002b40)={0x5, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000002d80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r5, 0x1, r6, 0xffffffffffffffff], &(0x7f0000002dc0)=[{0x0, 0x5, 0x9, 0x2}, {0x0, 0x1, 0x9, 0x9}, {0x0, 0x2, 0xc, 0x6}], 0x10, 0xfffffff5, @void, @value}, 0x94)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r3, 0x100000)
r7 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$llc_int(r7, 0x10c, 0x6, &(0x7f0000000080), 0x4)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000600)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r8 = gettid()
recvmmsg$unix(r1, &(0x7f0000002740)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000300)=""/97, 0x61}, {&(0x7f00000001c0)=""/52, 0x34}, {&(0x7f0000000480)=""/87, 0x57}], 0x3, &(0x7f0000000540)=[@rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0xc}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x44}}, {{&(0x7f0000000640)=@abs, 0x6e, &(0x7f0000001900)=[{&(0x7f00000006c0)=""/4096, 0x1000}, {&(0x7f00000005c0)}, {&(0x7f00000016c0)=""/135, 0x87}, {&(0x7f0000001780)=""/203, 0xcb}, {&(0x7f0000001880)=""/120, 0x78}], 0x5, &(0x7f0000001940)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}], 0x9c}}, {{&(0x7f0000001a00)=@abs, 0x6e, &(0x7f0000001e00)=[{&(0x7f0000001a80)=""/252, 0xfc}, {&(0x7f0000001b80)=""/240, 0xf0}, {&(0x7f0000001c80)=""/107, 0x6b}, {&(0x7f0000001d00)=""/188, 0xbc}, {&(0x7f0000001dc0)=""/29, 0x1d}], 0x5, &(0x7f0000001e40)}}, {{0x0, 0x0, &(0x7f0000002300)=[{&(0x7f0000001e80)=""/208, 0xd0}, {&(0x7f0000001f80)=""/163, 0xa3}, {&(0x7f0000002040)=""/109, 0x6d}, {&(0x7f00000020c0)=""/213, 0xd5}, {&(0x7f00000021c0)=""/46, 0x2e}, {&(0x7f0000002200)=""/245, 0xf5}], 0x6, &(0x7f0000002340)=[@cred={{0x18}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}], 0x110}}, {{&(0x7f0000002480), 0x6e, &(0x7f0000002700)=[{&(0x7f0000002500)=""/29, 0x1d}, {&(0x7f0000002540)=""/169, 0xa9}, {&(0x7f0000002600)=""/217, 0xd9}], 0x3}}], 0x5, 0x1, &(0x7f0000002800)={0x77359400})
tkill(r8, 0x13)

6m55.989778111s ago: executing program 33 (id=4798):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1001, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000440)=0x2)
clock_nanosleep(0x8, 0x0, &(0x7f0000000280), 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}]}]}], {0x14}}, 0x90}, 0x1, 0x0, 0x0, 0x400c041}, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000180)={'team0\x00', &(0x7f0000000000)=@ethtool_ts_info})
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
r5 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000002c80)=@generic={&(0x7f0000002c40)='./file0\x00'}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002d40)={{0xffffffffffffffff, <r6=>0xffffffffffffffff}, &(0x7f0000002cc0), &(0x7f0000002d00)}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002e00)={0x6, 0x15, &(0x7f00000028c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7b7a}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}}, @cb_func={0x18, 0x9, 0x4, 0x0, 0x2}, @ringbuf_query, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @exit, @generic={0x6, 0x3, 0x1, 0x9, 0xfffffff9}]}, &(0x7f0000002a00)='GPL\x00', 0x4, 0x61, &(0x7f0000002a40)=""/97, 0x40f00, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000002b40)={0x5, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000002d80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r5, 0x1, r6, 0xffffffffffffffff], &(0x7f0000002dc0)=[{0x0, 0x5, 0x9, 0x2}, {0x0, 0x1, 0x9, 0x9}, {0x0, 0x2, 0xc, 0x6}], 0x10, 0xfffffff5, @void, @value}, 0x94)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r3, 0x100000)
r7 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$llc_int(r7, 0x10c, 0x6, &(0x7f0000000080), 0x4)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000600)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r8 = gettid()
recvmmsg$unix(r1, &(0x7f0000002740)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000300)=""/97, 0x61}, {&(0x7f00000001c0)=""/52, 0x34}, {&(0x7f0000000480)=""/87, 0x57}], 0x3, &(0x7f0000000540)=[@rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0xc}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x44}}, {{&(0x7f0000000640)=@abs, 0x6e, &(0x7f0000001900)=[{&(0x7f00000006c0)=""/4096, 0x1000}, {&(0x7f00000005c0)}, {&(0x7f00000016c0)=""/135, 0x87}, {&(0x7f0000001780)=""/203, 0xcb}, {&(0x7f0000001880)=""/120, 0x78}], 0x5, &(0x7f0000001940)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}], 0x9c}}, {{&(0x7f0000001a00)=@abs, 0x6e, &(0x7f0000001e00)=[{&(0x7f0000001a80)=""/252, 0xfc}, {&(0x7f0000001b80)=""/240, 0xf0}, {&(0x7f0000001c80)=""/107, 0x6b}, {&(0x7f0000001d00)=""/188, 0xbc}, {&(0x7f0000001dc0)=""/29, 0x1d}], 0x5, &(0x7f0000001e40)}}, {{0x0, 0x0, &(0x7f0000002300)=[{&(0x7f0000001e80)=""/208, 0xd0}, {&(0x7f0000001f80)=""/163, 0xa3}, {&(0x7f0000002040)=""/109, 0x6d}, {&(0x7f00000020c0)=""/213, 0xd5}, {&(0x7f00000021c0)=""/46, 0x2e}, {&(0x7f0000002200)=""/245, 0xf5}], 0x6, &(0x7f0000002340)=[@cred={{0x18}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}], 0x110}}, {{&(0x7f0000002480), 0x6e, &(0x7f0000002700)=[{&(0x7f0000002500)=""/29, 0x1d}, {&(0x7f0000002540)=""/169, 0xa9}, {&(0x7f0000002600)=""/217, 0xd9}], 0x3}}], 0x5, 0x1, &(0x7f0000002800)={0x77359400})
tkill(r8, 0x13)

6.526952538s ago: executing program 3 (id=5854):
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
set_mempolicy(0x3, 0x0, 0x5)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_emit_ethernet(0x52, 0x0, 0x0)
ioctl$SIOCX25GCALLUSERDATA(0xffffffffffffffff, 0x89e4, &(0x7f0000000180)={0x7c, "0f9607fda5cbde5493dcb7472f3235140563c27653e6ec89a81a12a27fa9fd00e996a06ff35fb92731035d261f7142fea7c8e55658e5b54820c84defdc7056c82b884cf7d5405a0f10ea232a5b6a0bdca0f1aad123cbd58a833ba563aa6328b91d64755cfa0fae615960466da4429600a1e4a68b1e37666ab4b5e1c37c6d3863"})
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb4, 0x19, 0x1, 0x0, 0x25dfdbfe, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}}, 0xb4}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
creat(0x0, 0x50)
dup(r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000700)=ANY=[@ANYBLOB="b601000000000000bd110000000000008510000002000000850000007600000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03bf3a48dfe3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f631cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc36b3d7c734a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9d74aa222038994dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b223ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bf050c719661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebe646302bf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc02846ac5791278f18c6759e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb5d5505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6ddeb67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff82794203da18db6fcf89715c2d338f78d8b9220171b41f528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef0000000000000000000037fcffffffffffffff8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03d0e119c963a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac038e9e17136e7c698f73faaabb3d00000000000080014573789425c4c32da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767cd755783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a47464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f916b75ddbfa"], &(0x7f0000000080)='GPL\x00', 0x9, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)

5.672888954s ago: executing program 3 (id=5855):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/netstat\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
openat$dlm_control(0xffffffffffffff9c, 0x0, 0x448882, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000"], 0x48)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0xa0c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$kcm(0x21, 0x2, 0x2)
r2 = getpid()
r3 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc1105518, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r5, 0x1, 0x70bd2d, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r2}}]}, 0x3c}}, 0x8000)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00')

5.60009677s ago: executing program 5 (id=5858):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x8b32, 0x0)
r0 = syz_io_uring_setup(0x5425, &(0x7f00000002c0)={0x0, 0x4533, 0x800, 0x4000000, 0x207}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x201}, 0x1})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfe, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x8000}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x14, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace$pokeuser(0x6, r6, 0x118, 0x50000089)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
io_uring_enter(r0, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r7 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
pipe(&(0x7f0000001240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendfile(r8, r7, 0x0, 0x24)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0)

5.599785441s ago: executing program 2 (id=5860):
fsopen(&(0x7f0000000280)='nfs4\x00', 0x0)

5.579503005s ago: executing program 2 (id=5861):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4, 0x0, 0x0, 0x0, 0x2}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x44}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x23010, 0x0)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000d00)={[&(0x7f0000000840)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000180), &(0x7f00000001c0))
socket$nl_netfilter(0x10, 0x3, 0xc)

4.293187294s ago: executing program 3 (id=5862):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000009, 0x114}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$vnet(0xffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc1105518, &(0x7f0000000040)={{0x0, 0x4, 0x0, 0x0, 'syz0\x00'}, 0x1, [0x327cf3e4, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x9, 0x4, 0x6, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x52e9, 0x0, 0x3, 0x0, 0x0, 0x1c00000, 0x0, 0x0, 0x200000000, 0x0, 0xa, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x7ff, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x4000, 0x2, 0x7fffffffffffffff, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1]})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(des3_ede-generic)\x00'}, 0x58)
rseq(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x6}, 0x20, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000e0000001000040000000000000000000e000000100000000000000000000000000000068f6d142c640a15b"], 0xb8}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a00"], 0xb8}, 0x1, 0x0, 0x0, 0x90}, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000020000000000fc000000000000000000000000000000fc00000000000000000000000000000001", @ANYRES32=0xee01, @ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x80c0}, 0x0)
sendmsg$nl_xfrm(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a0040"], 0xb8}}, 0x4000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

3.074278423s ago: executing program 2 (id=5864):
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
set_mempolicy(0x3, 0x0, 0x5)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_emit_ethernet(0x52, 0x0, 0x0)
ioctl$SIOCX25GCALLUSERDATA(0xffffffffffffffff, 0x89e4, &(0x7f0000000180)={0x7c, "0f9607fda5cbde5493dcb7472f3235140563c27653e6ec89a81a12a27fa9fd00e996a06ff35fb92731035d261f7142fea7c8e55658e5b54820c84defdc7056c82b884cf7d5405a0f10ea232a5b6a0bdca0f1aad123cbd58a833ba563aa6328b91d64755cfa0fae615960466da4429600a1e4a68b1e37666ab4b5e1c37c6d3863"})
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb4, 0x19, 0x1, 0x0, 0x25dfdbfe, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}}, 0xb4}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
creat(&(0x7f0000000140)='./file0\x00', 0x50)
dup(r2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)

2.269219957s ago: executing program 3 (id=5865):
openat$rdma_cm(0xffffff9c, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x10000000}}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x800000000000013, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r3, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r3, 0x5412, &(0x7f00000000c0)=0xf9)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f00000001c0)=0x9)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000280)=0xb3)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180)=0x1)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000140)=0x4)
socket$alg(0x26, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)

2.105394722s ago: executing program 5 (id=5867):
syz_emit_ethernet(0x93, &(0x7f0000000600)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x85, 0x0, 0x0, 0xfe, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x24, 0x0, {0x1a, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x7, @local, @rand_addr=0x64010102, {[@cipso={0x86, 0x51, 0xffffffffffffffff, [{0x0, 0xc, "e256b28c59881681fb52"}, {0x0, 0x9, "020007651442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x2, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x0, 0x8, "6580a5e97612"}]}]}}, '\x00'}}}}}, 0x0)

2.105152021s ago: executing program 2 (id=5868):
syz_emit_ethernet(0x3e, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x2b, 0x0, 0x0, 0x3, 0x8, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84, 0x0, @rand_addr=0x2000000, @local}}}}}}, 0x0)

2.075960554s ago: executing program 5 (id=5869):
syz_emit_vhci(&(0x7f0000000600)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_pkts={{0x13, 0x5}, {0x1, [{0xc8}]}}}, 0x8)

2.010158127s ago: executing program 2 (id=5870):
syz_emit_ethernet(0x15, &(0x7f00000000c0)={@local, @empty, @void, {@generic={0x7, "c04cdb70112cb8"}}}, 0x0)

2.01000726s ago: executing program 5 (id=5871):
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_host_features={{0x3d, 0xe}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "fb4696af4cfc8e97"}}}, 0x11)

2.009872708s ago: executing program 2 (id=5872):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x200, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4, 0x0, 0x0, 0x0, 0x2}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x6, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[], 0x44}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x23010, 0x0)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000d00)={[&(0x7f0000000840)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000180), &(0x7f00000001c0))
socket$nl_netfilter(0x10, 0x3, 0xc)

1.928684148s ago: executing program 5 (id=5873):
request_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000240)='.,:[#\'%*\x00', 0xfffffffffffffffb)

1.928346719s ago: executing program 5 (id=5874):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x0, 0x0, 0xd, 0x1, 0x200, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3b}}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000500), 0x0, 0x48004, &(0x7f0000000180)={0xa, 0x4e20, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000700)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x3b}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x1ff, 0xa, 0xc, 0x980, 0xffff, 0x40000044})
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000280)={{0x5}, 'syz1\x00', 0x10})
syz_open_dev$evdev(&(0x7f0000000340), 0xaa54, 0x108001)
ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502)
lseek(r3, 0x9, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f00000001c0)=ANY=[@ANYBLOB="64796e2c0069e37bf4b94eeacd224739b537"])
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0xb)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009"], 0x0)

1.075634319s ago: executing program 3 (id=5875):
landlock_create_ruleset(&(0x7f00000001c0)={0xa008, 0x3, 0x5}, 0x7, 0x0)

1.034704587s ago: executing program 4 (id=5876):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000100)='romfs\x00', 0x18001, 0x0)

1.030235041s ago: executing program 3 (id=5877):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x8b32, 0x0)
r0 = syz_io_uring_setup(0x5425, &(0x7f00000002c0)={0x0, 0x4533, 0x800, 0x4000000, 0x207}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x201}, 0x1})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfe, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x8000}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x14, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace$pokeuser(0x6, r6, 0x118, 0x50000089)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
io_uring_enter(r0, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r7 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
pipe(&(0x7f0000001240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendfile(r8, r7, 0x0, 0x24)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0)

950.173867ms ago: executing program 4 (id=5878):
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
set_mempolicy(0x3, 0x0, 0x5)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_emit_ethernet(0x52, 0x0, 0x0)
ioctl$SIOCX25GCALLUSERDATA(0xffffffffffffffff, 0x89e4, &(0x7f0000000180)={0x7c, "0f9607fda5cbde5493dcb7472f3235140563c27653e6ec89a81a12a27fa9fd00e996a06ff35fb92731035d261f7142fea7c8e55658e5b54820c84defdc7056c82b884cf7d5405a0f10ea232a5b6a0bdca0f1aad123cbd58a833ba563aa6328b91d64755cfa0fae615960466da4429600a1e4a68b1e37666ab4b5e1c37c6d3863"})
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb4, 0x19, 0x1, 0x0, 0x25dfdbfe, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}}, 0xb4}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
creat(&(0x7f0000000140)='./file0\x00', 0x50)
dup(r2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)

60.194091ms ago: executing program 4 (id=5879):
r0 = socket$inet6(0xa, 0x8000000000080001, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, 0x0, 0x24000)

59.932306ms ago: executing program 4 (id=5880):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x4}, {0xac}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

149.361µs ago: executing program 4 (id=5881):
mkdir(&(0x7f0000000000)='./file0\x00', 0x42)
mount$tmpfs(0x0, &(0x7f0000000780)='./file0\x00', &(0x7f00000007c0), 0x0, &(0x7f0000000800)={[{@mpol={'mpol', 0x3d, {'prefer', '=relative', @val={0x3a, [0x30, 0x31]}}}}]})

0s ago: executing program 4 (id=5882):
syz_emit_ethernet(0x3b6, &(0x7f0000000800)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "ce5f00", 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x3, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af2502"}, {0x0, 0x1, "000000050000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f019"}, {0x21, 0x7, "b8a3e100908f61640000000200fe80ffff00000000000000ff0bc0fe00000000008879e66485201a0015ca83747357a027450004000000"}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c"}, {0x0, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

 after parsing attributes in process `syz.4.5099'.
[ 1718.983002][T29971] Cannot find del_set index 3 as target
[ 1720.729480][T29997] netlink: 'syz.2.5102': attribute type 10 has an invalid length.
[ 1721.787709][T30023] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5109'.
[ 1721.791949][T30023] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5109'.
[ 1721.796823][T30023] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5109'.
[ 1722.627345][   T40] audit: type=1326 audit(2000000569.380:2515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30035 comm="syz.3.5113" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x0
[ 1722.767034][T30039] dlm: no local IP address has been set
[ 1722.780875][T30039] dlm: cannot start dlm midcomms -107
[ 1723.041469][T28435] Bluetooth: Error in BCSP hdr checksum
[ 1723.331181][   T71] Bluetooth: Error in BCSP hdr checksum
[ 1723.471250][T30046] netlink: 'syz.4.5115': attribute type 10 has an invalid length.
[ 1723.526302][T30046] team0: Port device wlan1 added
[ 1724.841845][T27578] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1726.044555][T30098] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5124'.
[ 1726.053652][T30098] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5124'.
[ 1726.057445][T30098] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5124'.
[ 1726.834269][T30089] netlink: 'syz.5.5123': attribute type 10 has an invalid length.
[ 1726.838589][T30089] syz_tun: entered promiscuous mode
[ 1726.843814][T30089] : (slave syz_tun): Enslaving as an active interface with an up link
[ 1727.791685][T30121] 9pnet_virtio: no channels available for device ./file0/file0
[ 1728.363837][T30122] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5131'.
[ 1728.400134][T30124] tmpfs: Unknown parameter 'c©Îlocks'
[ 1728.418427][T30129] "syz.4.5133" (30129) uses obsolete ecb(arc4) skcipher
[ 1728.906533][T30141] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5135'.
[ 1728.911980][T30141] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5135'.
[ 1728.915942][T30141] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5135'.
[ 1728.919733][T30133] lo speed is unknown, defaulting to 1000
[ 1728.921668][T30133] lo speed is unknown, defaulting to 1000
[ 1728.925463][T30133] lo speed is unknown, defaulting to 1000
[ 1728.932118][T30133] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[ 1728.944129][T29847] udevd[29847]: setting mode of /dev/infiniband/uverbs3 to 020666 failed: Read-only file system
[ 1728.948444][T30133] lo speed is unknown, defaulting to 1000
[ 1728.951259][T29847] udevd[29847]: setting owner of /dev/infiniband/uverbs3 to uid=0, gid=0 failed: Read-only file system
[ 1728.955165][T30133] lo speed is unknown, defaulting to 1000
[ 1728.958062][T30133] lo speed is unknown, defaulting to 1000
[ 1728.964369][T30133] lo speed is unknown, defaulting to 1000
[ 1729.723068][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[ 1729.725697][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[ 1729.919544][T30149] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5137'.
[ 1730.348150][T30153] random: crng reseeded on system resumption
[ 1730.945730][T30154] Restarting kernel threads ...
[ 1730.947638][T30154] Done restarting kernel threads.
[ 1730.954023][T30154] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[ 1730.956101][T30154] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1730.958503][T30154] vhci_hcd vhci_hcd.0: Device attached
[ 1731.200693][T30159] vhci_hcd: connection closed
[ 1731.201067][T28413] vhci_hcd: stop threads
[ 1731.201092][T28413] vhci_hcd: release socket
[ 1731.201168][T28413] vhci_hcd: disconnect device
[ 1731.220806][ T5977] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[ 1731.227610][ T5977] usb 45-1: enqueue for inactive port 0
[ 1731.260815][T30163] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5139'.
[ 1731.292525][ T5977] vhci_hcd: vhci_device speed not set
[ 1733.126230][T30188] lo speed is unknown, defaulting to 1000
[ 1733.240601][T30194] syz.5.5147: attempt to access beyond end of device
[ 1733.240601][T30194] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1733.307567][T30188] lo speed is unknown, defaulting to 1000
[ 1733.311255][T30188] lo speed is unknown, defaulting to 1000
[ 1733.314147][T30188] lo speed is unknown, defaulting to 1000
[ 1733.576285][T30188] IPVS: length: 1986356271 != 201483275040
[ 1733.745598][T30203] 9pnet_virtio: no channels available for device ./file0/file0
[ 1734.043058][T30206] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5149'.
[ 1734.428106][T30210] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5150'.
[ 1734.445786][T30210] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5150'.
[ 1734.451495][T30210] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5150'.
[ 1737.192486][T30230] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1737.194993][T30230] overlayfs: failed to set xattr on upper
[ 1737.196795][T30230] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1737.198964][T30230] overlayfs: ...falling back to index=off.
[ 1737.202199][T30230] overlayfs: ...falling back to uuid=null.
[ 1738.021395][T30234] Cannot find del_set index 3 as target
[ 1738.039803][   T40] audit: type=1804 audit(2000000584.790:2516): pid=30238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.5155" name="/newroot/1313/file0/bus/bus" dev="overlay" ino=159749 res=1 errno=0
[ 1738.049493][   T40] audit: type=1804 audit(2000000584.800:2517): pid=30238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.5155" name="/newroot/1313/file0/bus/bus" dev="overlay" ino=159749 res=1 errno=0
[ 1739.113248][T30246] 9pnet_virtio: no channels available for device ./file0/file0
[ 1739.177380][T30248] macsec1: entered promiscuous mode
[ 1739.179183][T30248] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[ 1739.181725][T30248] macsec1: entered allmulticast mode
[ 1739.183734][T30248] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[ 1739.370077][T30254] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5159'.
[ 1739.387015][T30254] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5159'.
[ 1740.123197][   T53] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[ 1740.596714][T30268] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5163'.
[ 1740.600323][T30268] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5163'.
[ 1740.603848][T30268] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5163'.
[ 1740.627000][   T53] usb 7-1: Using ep0 maxpacket: 8
[ 1740.639400][   T53] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1740.645543][   T53] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 1740.645615][   T53] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1740.645627][   T53] usb 7-1: config 250 has no interface number 0
[ 1740.645648][   T53] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1740.645719][   T53] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1740.645732][   T53] usb 7-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1740.645745][   T53] usb 7-1: config 250 interface 228 has no altsetting 0
[ 1740.647514][   T53] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1740.647529][   T53] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1740.647539][   T53] usb 7-1: Product: syz
[ 1740.647547][   T53] usb 7-1: SerialNumber: syz
[ 1740.655769][   T53] hub 7-1:250.228: bad descriptor, ignoring hub
[ 1740.655798][   T53] hub 7-1:250.228: probe with driver hub failed with error -5
[ 1740.736682][T30270] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5162'.
[ 1742.224501][T25623] libceph: connect (1)[c::]:6789 error -101
[ 1742.226519][T25623] libceph: mon0 (1)[c::]:6789 connect error
[ 1742.271647][T30283] ceph: No mds server is up or the cluster is laggy
[ 1742.881277][T25623] usb 7-1: USB disconnect, device number 26
[ 1745.877931][T30344] rdma_rxe: rxe_newlink: failed to add lo
[ 1746.240855][T23031] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[ 1746.413089][T23031] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1746.417705][T23031] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1746.424106][T23031] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1746.427936][T23031] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1746.440352][T30340] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1746.448500][T23031] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1746.601167][   T53] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[ 1746.677230][T23031] usb 10-1: USB disconnect, device number 10
[ 1746.761088][   T53] usb 7-1: Using ep0 maxpacket: 8
[ 1746.764096][   T53] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1746.766840][   T53] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 1746.769445][   T53] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1746.773267][   T53] usb 7-1: config 250 has no interface number 0
[ 1746.775219][   T53] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1746.779312][   T53] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1746.783017][   T53] usb 7-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1746.787096][   T53] usb 7-1: config 250 interface 228 has no altsetting 0
[ 1746.921196][T25623] page_pool_release_retry() stalled pool shutdown: id 32, 22 inflight 484 sec
[ 1746.934542][   T53] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1746.937969][   T53] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1746.941883][   T53] usb 7-1: Product: syz
[ 1746.944936][   T53] usb 7-1: SerialNumber: syz
[ 1746.955831][   T53] hub 7-1:250.228: bad descriptor, ignoring hub
[ 1746.958520][   T53] hub 7-1:250.228: probe with driver hub failed with error -5
[ 1748.737849][T30376] tmpfs: Unknown parameter 'c©Îlocks'
[ 1748.935574][T30380] IPVS: length: 78 != 8
[ 1749.431207][T25623] usb 7-1: USB disconnect, device number 27
[ 1750.804491][T28455] : (slave syz_tun): Releasing backup interface
[ 1750.944852][T28413] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1751.011727][T28413] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1751.096655][T28413] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1751.159763][T28413] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1751.230050][ T5943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1751.236007][ T5943] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1751.242582][ T5943] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1751.247447][ T5943] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1751.250179][ T5943] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1751.664941][T28413]  (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1751.670840][T28413]  (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1751.675968][T28413]  (unregistering): Released all slaves
[ 1751.686675][T28413] bond1 (unregistering): Released all slaves
[ 1751.717048][T30411] lo speed is unknown, defaulting to 1000
[ 1751.778191][T30417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5194'.
[ 1751.874778][T30411] lo speed is unknown, defaulting to 1000
[ 1751.878532][T30411] lo speed is unknown, defaulting to 1000
[ 1751.882202][T30411] lo speed is unknown, defaulting to 1000
[ 1752.016086][T30411] chnl_net:caif_netlink_parms(): no params data found
[ 1752.092979][T30411] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1752.095357][T30411] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1752.097737][T30411] bridge_slave_0: entered allmulticast mode
[ 1752.100478][T30411] bridge_slave_0: entered promiscuous mode
[ 1752.104861][T30411] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1752.107155][T30411] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1752.109414][T30411] bridge_slave_1: entered allmulticast mode
[ 1752.114503][T30411] bridge_slave_1: entered promiscuous mode
[ 1752.199367][T28413] hsr_slave_0: left promiscuous mode
[ 1752.203500][T28413] hsr_slave_1: left promiscuous mode
[ 1752.205615][T28413] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1752.208024][T28413] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1752.211898][T28413] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1752.214270][T28413] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1752.251532][T28413] veth1_macvtap: left promiscuous mode
[ 1752.253699][T28413] veth0_macvtap: left promiscuous mode
[ 1752.255506][T28413] veth1_vlan: left promiscuous mode
[ 1752.257265][T28413] veth0_vlan: left promiscuous mode
[ 1752.394470][T30427] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1752.397173][T30427] overlayfs: failed to set xattr on upper
[ 1752.399449][T30427] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1752.404222][T30427] overlayfs: ...falling back to index=off.
[ 1752.406649][T30427] overlayfs: ...falling back to uuid=null.
[ 1752.787330][   T40] audit: type=1804 audit(2000000599.530:2518): pid=30434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.5195" name="/newroot/1253/file0/bus/bus" dev="overlay" ino=159930 res=1 errno=0
[ 1752.796319][   T40] audit: type=1804 audit(2000000599.550:2519): pid=30434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.5195" name="/newroot/1253/file0/bus/bus" dev="overlay" ino=159930 res=1 errno=0
[ 1753.331333][T27578] Bluetooth: hci1: command tx timeout
[ 1754.166139][T28413] team0 (unregistering): Port device team_slave_1 removed
[ 1754.178754][T30443] random: crng reseeded on system resumption
[ 1754.262994][T28413] team0 (unregistering): Port device team_slave_0 removed
[ 1755.059224][T30411] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1755.063267][ T5977] lo speed is unknown, defaulting to 1000
[ 1755.065213][ T5977] syz0: Port: 1 Link DOWN
[ 1755.066661][T30441] bridge_slave_0: default FDB implementation only supports local addresses
[ 1755.070438][T30443] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[ 1755.085727][T30411] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1755.148107][T30454] netlink: 'syz.4.5200': attribute type 4 has an invalid length.
[ 1755.151022][T30411] team0: Port device team_slave_0 added
[ 1755.153167][T30454] netlink: 152 bytes leftover after parsing attributes in process `syz.4.5200'.
[ 1755.155733][T30411] team0: Port device team_slave_1 added
[ 1755.170848][T30454] : renamed from bond0 (while UP)
[ 1755.229501][T30443] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[ 1755.238429][T30411] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1755.242928][T30411] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1755.253903][T30411] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1755.254876][T30454] syz.4.5200: attempt to access beyond end of device
[ 1755.254876][T30454] nbd4: rw=4096, sector=0, nr_sectors = 1 limit=0
[ 1755.260228][T30411] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1755.264238][T30454] XFS (nbd4): SB validate failed with error -5.
[ 1755.265437][T30411] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1755.278857][T30411] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1755.323772][T30443] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[ 1755.395471][T30411] hsr_slave_0: entered promiscuous mode
[ 1755.397809][T30411] hsr_slave_1: entered promiscuous mode
[ 1755.400204][T30411] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1755.403031][T30411] Cannot create hsr debugfs directory
[ 1755.413587][T27578] Bluetooth: hci1: command tx timeout
[ 1755.503325][T30443] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[ 1755.532903][T28413] IPVS: stop unused estimator thread 0...
[ 1755.645056][T30443] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 256 - 0
[ 1755.653027][T30443] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 256 - 0
[ 1755.665894][T30443] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 256 - 0
[ 1755.672693][T30443] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 256 - 0
[ 1755.957811][T30411] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1755.977720][T30411] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1755.985035][T30411] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1755.996527][T30411] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1756.167187][T30411] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1756.177653][T30411] 8021q: adding VLAN 0 to HW filter on device team0
[ 1756.183860][T28413] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1756.186165][T28413] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1756.206228][T28435] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1756.208477][T28435] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1756.659386][T30411] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1756.920597][T30411] veth0_vlan: entered promiscuous mode
[ 1756.926434][T30411] veth1_vlan: entered promiscuous mode
[ 1756.958102][T30411] veth0_macvtap: entered promiscuous mode
[ 1756.965697][T30411] veth1_macvtap: entered promiscuous mode
[ 1756.979998][T30411] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1756.993313][T30411] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1756.998947][T30411] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1757.001976][T30411] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1757.004756][T30411] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1757.007452][T30411] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1757.066800][ T1189] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1757.070090][ T1189] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1757.085871][ T1189] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1757.088726][ T1189] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1757.480857][T27578] Bluetooth: hci1: command tx timeout
[ 1758.210943][T30497] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5206'.
[ 1758.709456][T30497] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5206'.
[ 1759.478560][T30513] rdma_rxe: rxe_newlink: failed to add lo
[ 1759.570883][T27578] Bluetooth: hci1: command tx timeout
[ 1759.590755][ T5977] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[ 1759.740870][ T5977] usb 7-1: Using ep0 maxpacket: 8
[ 1759.745176][ T5977] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1759.748247][ T5977] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 1759.751574][ T5977] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1759.755336][ T5977] usb 7-1: config 250 has no interface number 0
[ 1759.758059][ T5977] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1759.762885][ T5977] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1759.767060][ T5977] usb 7-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1759.772587][ T5977] usb 7-1: config 250 interface 228 has no altsetting 0
[ 1759.780001][ T5977] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1759.781163][T26562] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[ 1759.783707][ T5977] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1759.789400][ T5977] usb 7-1: Product: syz
[ 1759.791235][ T5977] usb 7-1: SerialNumber: syz
[ 1759.795443][ T5977] hub 7-1:250.228: bad descriptor, ignoring hub
[ 1759.797467][ T5977] hub 7-1:250.228: probe with driver hub failed with error -5
[ 1759.933747][T26562] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1759.938067][T26562] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1759.941608][T26562] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1759.944782][T26562] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1759.949192][T30513] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1759.953400][T26562] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1760.053727][   T40] audit: type=1326 audit(2000000606.810:2520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30516 comm="syz.3.5209" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x0
[ 1761.161926][T26562] usb 7-1: USB disconnect, device number 28
[ 1762.118320][T26562] usb 10-1: USB disconnect, device number 11
[ 1762.227455][T30536] lo speed is unknown, defaulting to 1000
[ 1762.357668][T30536] lo speed is unknown, defaulting to 1000
[ 1762.368485][T30536] lo speed is unknown, defaulting to 1000
[ 1762.526061][T30548] rdma_rxe: rxe_newlink: failed to add lo
[ 1762.830740][T26562] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[ 1762.982100][T26562] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1762.985533][T26562] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1762.988578][T26562] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1762.991805][T26562] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1763.001608][T30551] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1763.005614][T26562] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1764.153768][T30568] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5218'.
[ 1764.158887][T30568] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5218'.
[ 1764.163515][T30568] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5218'.
[ 1764.438275][T30572] bridge_slave_0: default FDB implementation only supports local addresses
[ 1764.456144][T30572] random: crng reseeded on system resumption
[ 1764.547230][T30572] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1764.634156][T30572] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1764.859417][T30572] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1764.962482][T30572] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1765.097694][T30572] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1765.115252][T30572] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1765.126372][T30572] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1765.145204][T30572] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1765.499359][T30583] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5222'.
[ 1766.220815][T25623] usb 10-1: USB disconnect, device number 12
[ 1766.692281][T30591] lo speed is unknown, defaulting to 1000
[ 1766.874584][T30591] lo speed is unknown, defaulting to 1000
[ 1766.877135][T30591] lo speed is unknown, defaulting to 1000
[ 1767.301204][ T5977] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[ 1767.450835][ T5977] usb 7-1: Using ep0 maxpacket: 8
[ 1767.457716][ T5977] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1767.462260][ T5977] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 1767.465800][ T5977] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1767.469551][ T5977] usb 7-1: config 250 has no interface number 0
[ 1767.474636][ T5977] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1767.479403][ T5977] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1767.484616][ T5977] usb 7-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1767.490093][ T5977] usb 7-1: config 250 interface 228 has no altsetting 0
[ 1767.503073][ T5977] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1767.506975][ T5977] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1767.510389][ T5977] usb 7-1: Product: syz
[ 1767.512413][ T5977] usb 7-1: SerialNumber: syz
[ 1767.522666][ T5977] hub 7-1:250.228: bad descriptor, ignoring hub
[ 1767.525233][ T5977] hub 7-1:250.228: probe with driver hub failed with error -5
[ 1767.569743][T30598] random: crng reseeded on system resumption
[ 1767.958493][T30604] Restarting kernel threads ...
[ 1767.960869][T30604] Done restarting kernel threads.
[ 1767.975314][T30604] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[ 1767.977437][T30604] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1767.979926][T30604] vhci_hcd vhci_hcd.0: Device attached
[ 1768.360956][T25623] usb 47-1: new low-speed USB device number 2 using vhci_hcd
[ 1768.483379][T30605] vhci_hcd: connection reset by peer
[ 1768.485784][T28435] vhci_hcd: stop threads
[ 1768.487192][T28435] vhci_hcd: release socket
[ 1768.487393][T28435] vhci_hcd: disconnect device
[ 1768.870916][T26562] usb 7-1: USB disconnect, device number 29
[ 1769.132196][T30625] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5229'.
[ 1769.135590][T30625] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5229'.
[ 1769.138803][T30625] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5229'.
[ 1770.694430][T30647] s
z1: rxe_newlink: already configured on lo
[ 1772.061993][   T53] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[ 1772.231144][   T53] usb 10-1: Using ep0 maxpacket: 8
[ 1772.239106][   T53] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1772.244762][   T53] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[ 1772.248581][   T53] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1772.252406][   T53] usb 10-1: config 250 has no interface number 0
[ 1772.255551][   T53] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1772.259927][   T53] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1772.263674][   T53] usb 10-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1772.267950][   T53] usb 10-1: config 250 interface 228 has no altsetting 0
[ 1772.271959][   T53] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1772.274899][   T53] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1772.277541][   T53] usb 10-1: Product: syz
[ 1772.278996][   T53] usb 10-1: SerialNumber: syz
[ 1772.285892][   T53] hub 10-1:250.228: bad descriptor, ignoring hub
[ 1772.288352][   T53] hub 10-1:250.228: probe with driver hub failed with error -5
[ 1773.464930][T30679] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5242'.
[ 1773.468624][T30679] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5242'.
[ 1773.475182][T30679] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5242'.
[ 1773.589592][T25623] vhci_hcd: vhci_device speed not set
[ 1774.403410][T30684] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1774.405727][T30684] overlayfs: failed to set xattr on upper
[ 1774.407588][T30684] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1774.409768][T30684] overlayfs: ...falling back to index=off.
[ 1774.411931][T30684] overlayfs: ...falling back to uuid=null.
[ 1774.503115][   T53] usb 10-1: USB disconnect, device number 13
[ 1775.156353][T30695] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5246'.
[ 1775.162679][T30695] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5246'.
[ 1775.167680][T30695] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5246'.
[ 1776.094589][   T40] audit: type=1804 audit(2000000622.850:2521): pid=30696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5244" name="/newroot/129/file0/bus/bus" dev="overlay" ino=160231 res=1 errno=0
[ 1776.112034][   T40] audit: type=1804 audit(2000000622.860:2522): pid=30696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.5244" name="/newroot/129/file0/bus/bus" dev="overlay" ino=160231 res=1 errno=0
[ 1776.922609][T30708] overlayfs: failed to resolve './file1': -2
[ 1777.573552][T30721] IPVS: length: 78 != 8
[ 1778.546407][T30732] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5253'.
[ 1778.550992][T30732] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5253'.
[ 1778.555427][T30732] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5253'.
[ 1778.764630][   T40] audit: type=1326 audit(2000000625.520:2523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30722 comm="syz.5.5252" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7fc00000
[ 1778.909806][T30735] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5254'.
[ 1778.923044][T30735] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5254'.
[ 1778.928601][T30735] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5254'.
[ 1779.902735][T30738] program syz.2.5255 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1780.484514][T30750] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5258'.
[ 1780.489338][T30750] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5258'.
[ 1780.493701][T30750] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5258'.
[ 1780.569900][T30753] rdma_rxe: rxe_newlink: failed to add lo
[ 1780.871073][   T53] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[ 1781.023318][   T53] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1781.029322][   T53] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1781.039199][   T53] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1781.077180][   T53] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1781.306842][T30753] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1781.311550][   T53] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1782.095984][   T53] usb 10-1: USB disconnect, device number 14
[ 1782.284612][   T40] audit: type=1326 audit(2000000629.040:2524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30766 comm="syz.3.5261" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x0
[ 1784.171147][T30790] random: crng reseeded on system resumption
[ 1784.463464][T30794] Restarting kernel threads ...
[ 1784.465401][T30794] Done restarting kernel threads.
[ 1784.694840][T30796] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5266'.
[ 1784.698281][T30796] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5266'.
[ 1784.701985][T30796] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5266'.
[ 1784.716656][T30794] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[ 1784.718744][T30794] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1784.721804][T30794] vhci_hcd vhci_hcd.0: Device attached
[ 1785.030262][T30797] vhci_hcd: connection closed
[ 1785.030468][T28415] vhci_hcd: stop threads
[ 1785.034567][T28415] vhci_hcd: release socket
[ 1785.036092][T28415] vhci_hcd: disconnect device
[ 1789.076029][T30837] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5276'.
[ 1789.101647][T30837] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5276'.
[ 1789.114455][T30837] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5276'.
[ 1789.150947][T30838] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1791.164925][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[ 1791.169474][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[ 1791.173034][T30848] input: syz1 as /devices/virtual/input/input46
[ 1791.444890][T30854] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5280'.
[ 1791.455269][T30854] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5280'.
[ 1791.471749][T30854] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5280'.
[ 1791.574837][T28085] IPVS: starting estimator thread 0...
[ 1791.680833][T30858] IPVS: using max 44 ests per chain, 105600 per kthread
[ 1793.901478][T30890] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1793.907517][   T40] audit: type=1326 audit(2000000640.660:2525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30871 comm="syz.2.5285" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000
[ 1796.297839][T30931] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5295'.
[ 1796.302631][T30931] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5295'.
[ 1796.306251][T30931] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5295'.
[ 1797.911552][T30946] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1800.331819][T30991] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5309'.
[ 1800.336665][T30991] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5309'.
[ 1800.341595][T30991] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5309'.
[ 1800.401448][T25623] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[ 1800.560899][T25623] usb 10-1: Using ep0 maxpacket: 8
[ 1800.564564][T25623] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1800.567237][T25623] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[ 1800.569891][T25623] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1800.576579][T25623] usb 10-1: config 250 has no interface number 0
[ 1800.581887][T25623] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1800.601027][T25623] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1800.628797][T25623] usb 10-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1800.640869][T25623] usb 10-1: config 250 interface 228 has no altsetting 0
[ 1800.661688][T25623] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1800.664696][T25623] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1800.667507][T25623] usb 10-1: Product: syz
[ 1800.668897][T25623] usb 10-1: SerialNumber: syz
[ 1800.710018][T25623] hub 10-1:250.228: bad descriptor, ignoring hub
[ 1800.712166][T25623] hub 10-1:250.228: probe with driver hub failed with error -5
[ 1800.855428][T30994] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5310'.
[ 1801.124062][T30994] team0 (unregistering): Port device team_slave_0 removed
[ 1801.142296][T30994] team0 (unregistering): Port device team_slave_1 removed
[ 1801.166697][T30994] team0 (unregistering): Port device wlan1 removed
[ 1801.953083][T31007] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1802.741984][T25623] usb 10-1: USB disconnect, device number 15
[ 1803.317184][T31032] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5317'.
[ 1804.110394][T31046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5320'.
[ 1804.115205][T31046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5320'.
[ 1804.119421][T31046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5320'.
[ 1804.190600][T31045] loop6: detected capacity change from 0 to 524287999
[ 1804.281071][T31047] CIFS: Unable to determine destination address
[ 1804.307357][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/135.tmp-b7:6' failed: Read-only file system
[ 1804.687776][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/135.tmp-b7:6' failed: Read-only file system
[ 1804.696587][T31055] input: syz1 as /devices/virtual/input/input49
[ 1804.697106][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/135.tmp-b7:6' failed: Read-only file system
[ 1804.708013][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/136.tmp-b7:6' failed: Read-only file system
[ 1805.020822][ T5977] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[ 1805.101352][T31059] "syz.3.5323" (31059) uses obsolete ecb(arc4) skcipher
[ 1805.170858][ T5977] usb 10-1: Using ep0 maxpacket: 8
[ 1805.175731][ T5977] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1805.178307][ T5977] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[ 1805.181022][ T5977] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1805.183883][ T5977] usb 10-1: config 250 has no interface number 0
[ 1805.186037][ T5977] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1805.189636][ T5977] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1805.194668][ T5977] usb 10-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1805.198935][ T5977] usb 10-1: config 250 interface 228 has no altsetting 0
[ 1805.203092][ T5977] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1805.206053][ T5977] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1805.208563][ T5977] usb 10-1: Product: syz
[ 1805.210122][ T5977] usb 10-1: SerialNumber: syz
[ 1805.219773][ T5977] hub 10-1:250.228: bad descriptor, ignoring hub
[ 1805.222920][ T5977] hub 10-1:250.228: probe with driver hub failed with error -5
[ 1806.161858][T31071] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1807.251097][T25623] page_pool_release_retry() stalled pool shutdown: id 32, 22 inflight 545 sec
[ 1807.522711][T21622] usb 10-1: USB disconnect, device number 16
[ 1807.944262][T31097] rdma_rxe: rxe_newlink: failed to add lo
[ 1809.060762][T25623] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[ 1809.242357][T25623] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1809.245821][T25623] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1809.248873][T25623] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1809.260784][T25623] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1809.271940][T31099] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1809.295752][T25623] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1809.921494][T28350] usb 10-1: USB disconnect, device number 17
[ 1810.853527][ T6116] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1810.856037][ T6116] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1811.173727][T25623] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[ 1811.330973][T25623] usb 7-1: Using ep0 maxpacket: 8
[ 1811.419643][T25623] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1811.435649][T25623] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 1811.444978][T25623] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1811.459490][T25623] usb 7-1: config 250 has no interface number 0
[ 1811.474989][T25623] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1811.498889][T25623] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1811.542951][T25623] usb 7-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1811.619305][T25623] usb 7-1: config 250 interface 228 has no altsetting 0
[ 1811.724249][T25623] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1811.734911][T25623] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1811.746911][T25623] usb 7-1: Product: syz
[ 1811.752452][T25623] usb 7-1: SerialNumber: syz
[ 1811.831843][T25623] hub 7-1:250.228: bad descriptor, ignoring hub
[ 1811.838288][T25623] hub 7-1:250.228: probe with driver hub failed with error -5
[ 1812.061812][T31141] rdma_rxe: rxe_newlink: failed to add lo
[ 1812.365110][T31148] netlink: 'syz.3.5340': attribute type 4 has an invalid length.
[ 1812.367645][T31148] netlink: 152 bytes leftover after parsing attributes in process `syz.3.5340'.
[ 1812.371094][T25623] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[ 1812.450519][T31149] syz.3.5340: attempt to access beyond end of device
[ 1812.450519][T31149] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0
[ 1812.454843][T31149] XFS (nbd3): SB validate failed with error -5.
[ 1812.622842][T25623] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1812.626449][T25623] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1812.629617][T25623] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1812.632679][T25623] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1812.637652][T31145] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1812.643497][T25623] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1812.847616][T28350] usb 10-1: USB disconnect, device number 18
[ 1812.920810][ T5943] Bluetooth: hci4: command 0x1003 tx timeout
[ 1812.924789][T27578] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1813.721236][T25623] usb 7-1: USB disconnect, device number 30
[ 1814.270761][T31162] syz.4.5342: page allocation failure: order:0, mode:0x340cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_THISNODE), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1814.277497][T31162] CPU: 1 UID: 0 PID: 31162 Comm: syz.4.5342 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[ 1814.277536][T31162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1814.277547][T31162] Call Trace:
[ 1814.277553][T31162]  <TASK>
[ 1814.277560][T31162]  dump_stack_lvl+0x16c/0x1f0
[ 1814.277587][T31162]  warn_alloc+0x248/0x3a0
[ 1814.277611][T31162]  ? __pfx_warn_alloc+0x10/0x10
[ 1814.277631][T31162]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1814.277662][T31162]  ? __pfx_get_page_from_freelist+0x10/0x10
[ 1814.277685][T31162]  ? __pfx___might_resched+0x10/0x10
[ 1814.277707][T31162]  __alloc_frozen_pages_noprof+0xea0/0x23f0
[ 1814.277742][T31162]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1814.277765][T31162]  ? __perf_event_task_sched_in+0x27a/0xa10
[ 1814.277812][T31162]  __folio_alloc_noprof+0x11/0x220
[ 1814.277834][T31162]  alloc_migration_target+0x2bf/0x770
[ 1814.277862][T31162]  migrate_pages_batch+0x3bf/0x31a0
[ 1814.277892][T31162]  ? __pfx_alloc_migration_target+0x10/0x10
[ 1814.277926][T31162]  ? __pfx_migrate_pages_batch+0x10/0x10
[ 1814.277950][T31162]  ? find_held_lock+0x2b/0x80
[ 1814.277978][T31162]  ? mark_held_locks+0x49/0x80
[ 1814.278000][T31162]  migrate_pages_sync+0x12d/0x8a0
[ 1814.278026][T31162]  ? trace_sched_exit_tp+0xde/0x130
[ 1814.278042][T31162]  ? __pfx_alloc_migration_target+0x10/0x10
[ 1814.278073][T31162]  ? __pfx_migrate_pages_sync+0x10/0x10
[ 1814.278105][T31162]  ? __lock_acquire+0xb8a/0x1c90
[ 1814.278126][T31162]  migrate_pages+0x1b67/0x23b0
[ 1814.278155][T31162]  ? __pfx_alloc_migration_target+0x10/0x10
[ 1814.278185][T31162]  ? __pfx_migrate_pages+0x10/0x10
[ 1814.278216][T31162]  ? __lock_acquire+0xb8a/0x1c90
[ 1814.278238][T31162]  ? mtree_load+0x325/0xa40
[ 1814.278263][T31162]  move_pages_and_store_status+0xf1/0x230
[ 1814.278291][T31162]  ? __pfx_move_pages_and_store_status+0x10/0x10
[ 1814.278319][T31162]  ? __might_fault+0x13b/0x190
[ 1814.278347][T31162]  kernel_move_pages+0xc2d/0x13b0
[ 1814.278387][T31162]  ? __pfx_kernel_move_pages+0x10/0x10
[ 1814.278412][T31162]  ? rcu_is_watching+0x12/0xc0
[ 1814.278449][T31162]  ? xfd_validate_state+0x61/0x180
[ 1814.278481][T31162]  ? __pfx___ia32_sys_mount+0x10/0x10
[ 1814.278509][T31162]  __ia32_sys_move_pages+0xdd/0x1b0
[ 1814.278525][T31162]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1814.278545][T31162]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1814.278568][T31162]  __do_fast_syscall_32+0x7c/0x3a0
[ 1814.278593][T31162]  do_fast_syscall_32+0x32/0x80
[ 1814.278616][T31162]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1814.278636][T31162] RIP: 0023:0xf705e579
[ 1814.278650][T31162] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1814.278666][T31162] RSP: 002b:00000000f500c55c EFLAGS: 00000296 ORIG_RAX: 000000000000013d
[ 1814.278683][T31162] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000000020a0
[ 1814.278694][T31162] RDX: 0000000080000040 RSI: 0000000080001180 RDI: 0000000080000000
[ 1814.278705][T31162] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1814.278714][T31162] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1814.278725][T31162] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1814.278747][T31162]  </TASK>
[ 1814.278893][T31162] Mem-Info:
[ 1814.464918][T31162] active_anon:4785 inactive_anon:7681 isolated_anon:1
[ 1814.464918][T31162]  active_file:1480 inactive_file:1048 isolated_file:0
[ 1814.464918][T31162]  unevictable:1768 dirty:106 writeback:0
[ 1814.464918][T31162]  slab_reclaimable:6664 slab_unreclaimable:82397
[ 1814.464918][T31162]  mapped:34825 shmem:12515 pagetables:2113
[ 1814.464918][T31162]  sec_pagetables:346 bounce:0
[ 1814.464918][T31162]  kernel_misc_reclaimable:0
[ 1814.464918][T31162]  free:34508 free_pcp:2022 free_cma:0
[ 1814.487979][T31162] Node 0 active_anon:0kB inactive_anon:124kB active_file:0kB inactive_file:4kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:212kB dirty:0kB writeback:0kB shmem:4684kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7408kB pagetables:1256kB sec_pagetables:1236kB all_unreclaimable? no Balloon:0kB
[ 1814.608055][T31162] Node 1 active_anon:27768kB inactive_anon:30600kB active_file:5920kB inactive_file:4188kB unevictable:3536kB isolated(anon):4kB isolated(file):0kB mapped:150740kB dirty:440kB writeback:0kB shmem:53776kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6340kB pagetables:7168kB sec_pagetables:148kB all_unreclaimable? no Balloon:0kB
[ 1814.618419][T31162] Node 0 DMA free:2308kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1814.638113][T31162] lowmem_reserve[]: 0 290 290 290 290
[ 1814.640453][T31162] Node 0 DMA32 free:21504kB boost:24576kB min:37908kB low:41240kB high:44572kB reserved_highatomic:0KB active_anon:0kB inactive_anon:124kB active_file:0kB inactive_file:0kB unevictable:3536kB writepending:0kB present:1032196kB managed:297008kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1814.649679][T31162] lowmem_reserve[]: 0 0 0 0 0
[ 1814.651794][T31162] Node 1 DMA32 free:112388kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB active_anon:23668kB inactive_anon:30600kB active_file:5920kB inactive_file:4188kB unevictable:3536kB writepending:440kB present:1048432kB managed:948276kB mlocked:0kB bounce:0kB free_pcp:6256kB local_pcp:4992kB free_cma:0kB
[ 1814.661574][T31162] lowmem_reserve[]: 0 0 0 0 0
[ 1814.663146][T31162] Node 0 DMA: 17*4kB (UM) 20*8kB (UM) 8*16kB (UM) 7*32kB (UM) 3*64kB (M) 2*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2308kB
[ 1814.668227][T31162] Node 0 DMA32: 1192*4kB (UME) 364*8kB (UME) 118*16kB (UME) 181*32kB (UME) 50*64kB (UME) 15*128kB (UME) 4*256kB (UME) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 21504kB
[ 1814.673775][T31162] Node 1 DMA32: 983*4kB (UMEH) 681*8kB (UMEH) 670*16kB (UMEH) 246*32kB (UMEH) 54*64kB (UMEH) 91*128kB (UMEH) 54*256kB (UMH) 21*512kB (UM) 5*1024kB (M) 15*2048kB (UM) 2*4096kB (UE) = 111684kB
[ 1814.682375][T31162] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1814.687558][T31162] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1814.690801][T31162] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1814.693796][T31162] Node 1 hugepages_total=4 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1814.696810][T31162] 16861 total pagecache pages
[ 1814.698346][T31162] 721 pages in swap cache
[ 1814.699787][T31162] Free swap  = 80164kB
[ 1814.701902][T31162] Total swap = 124996kB
[ 1814.703295][T31162] 524155 pages RAM
[ 1814.704529][T31162] 0 pages HighMem/MovableOnly
[ 1814.706202][T31162] 208994 pages reserved
[ 1814.707885][T31162] 0 pages cma reserved
[ 1816.832690][T31196] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5348'.
[ 1816.842722][T31196] netlink: 48 bytes leftover after parsing attributes in process `syz.3.5348'.
[ 1816.931442][   T40] audit: type=1326 audit(2000000663.690:2526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31195 comm="syz.3.5348" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x0
[ 1818.141771][T31218] rdma_rxe: rxe_newlink: failed to add lo
[ 1818.815708][T31229] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5355'.
[ 1818.821936][T31229] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5355'.
[ 1818.826583][T31229] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5355'.
[ 1818.861442][T26562] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[ 1819.072018][T31231] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5356'.
[ 1820.885997][T26562] usb 7-1: Using ep0 maxpacket: 8
[ 1821.375010][T26562] usb 7-1: device descriptor read/all, error -71
[ 1821.635535][T31248] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5360'.
[ 1821.651021][T31248] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1821.653771][T31248] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1821.656575][T31248] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1821.659257][T31248] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1821.667165][T31248] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1821.669845][T31248] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1821.672756][T31248] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1821.675743][T31248] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1822.893133][T31256] binder: 31254:31256 ioctl c0306201 0 returned -14
[ 1823.023497][T31271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5363'.
[ 1823.026374][T31271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5363'.
[ 1823.029214][T31271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5363'.
[ 1823.032222][T31271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5363'.
[ 1823.035027][T31271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5363'.
[ 1823.801968][ T5943] Bluetooth: hci1: command 0x0405 tx timeout
[ 1824.772232][T31291] __nla_validate_parse: 38 callbacks suppressed
[ 1824.772249][T31291] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5369'.
[ 1824.784704][T31291] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5369'.
[ 1824.845199][   T40] audit: type=1326 audit(2000000671.600:2527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31290 comm="syz.4.5369" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x0
[ 1825.545424][T31300] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1825.746949][T31302] overlayfs: conflicting lowerdir path
[ 1825.755718][T31302] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 808
[ 1825.771238][T31302] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1826.271330][T31312] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5374'.
[ 1826.275594][T31312] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5374'.
[ 1826.278623][T31312] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5374'.
[ 1828.005635][T31329] netlink: 'syz.3.5376': attribute type 23 has an invalid length.
[ 1829.879784][T31353] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5382'.
[ 1831.737381][T31373] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5387'.
[ 1831.741194][T31373] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5387'.
[ 1831.744825][T31373] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5387'.
[ 1832.032046][T31380] lo speed is unknown, defaulting to 1000
[ 1832.034027][T31380] lo speed is unknown, defaulting to 1000
[ 1832.036489][T31380] lo speed is unknown, defaulting to 1000
[ 1832.050233][T31380] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[ 1832.075818][T31380] lo speed is unknown, defaulting to 1000
[ 1832.080503][T31380] lo speed is unknown, defaulting to 1000
[ 1832.094214][T31380] lo speed is unknown, defaulting to 1000
[ 1832.099301][T31380] lo speed is unknown, defaulting to 1000
[ 1832.147341][T30765] udevd[30765]: setting mode of /dev/infiniband/uverbs3 to 020666 failed: Read-only file system
[ 1832.150593][T30765] udevd[30765]: setting owner of /dev/infiniband/uverbs3 to uid=0, gid=0 failed: Read-only file system
[ 1833.294680][T31393] rdma_rxe: rxe_newlink: failed to add lo
[ 1838.230980][T31464] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5405'.
[ 1838.240503][T31464] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5405'.
[ 1838.259466][T31464] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5405'.
[ 1838.325510][T31465] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5406'.
[ 1838.342249][T31465] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5406'.
[ 1838.352501][T31465] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5406'.
[ 1838.368386][ T1189] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1839.162571][T31470] rdma_rxe: rxe_newlink: failed to add lo
[ 1840.360916][T27578] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1840.383294][T31474] No such timeout policy "syz0"
[ 1841.152578][T31478] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5409'.
[ 1841.173303][T31478] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1841.175872][T31478] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1841.178419][T31478] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1841.181144][T31478] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1841.215005][T31478] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1841.217745][T31478] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1841.220880][T31478] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1841.224128][T31478] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1842.044138][T31491] lo speed is unknown, defaulting to 1000
[ 1842.250013][T31491] lo speed is unknown, defaulting to 1000
[ 1842.256027][T31491] lo speed is unknown, defaulting to 1000
[ 1842.259981][T31491] lo speed is unknown, defaulting to 1000
[ 1843.000795][T31511] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5417'.
[ 1843.007975][T31511] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5417'.
[ 1843.012325][T31511] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5417'.
[ 1843.267505][T31517] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1845.275804][T31541] rdma_rxe: rxe_newlink: failed to add lo
[ 1845.581428][T31545] lo speed is unknown, defaulting to 1000
[ 1845.718634][T31545] lo speed is unknown, defaulting to 1000
[ 1845.721216][T31545] lo speed is unknown, defaulting to 1000
[ 1845.723647][T31545] lo speed is unknown, defaulting to 1000
[ 1846.179261][T26562] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[ 1846.484132][T31554] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5424'.
[ 1846.644875][T31554] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1846.648310][T31554] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1846.652237][T31554] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1846.655636][T31554] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1846.761287][T31554] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1846.764609][T31554] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1846.768082][T31554] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1846.771750][T31554] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1846.825876][T31551] Bluetooth: hci0: Opcode 0x0401 failed: -22
[ 1846.837800][T26562] usb 7-1: Using ep0 maxpacket: 8
[ 1846.844299][T26562] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1846.847000][T26562] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 1846.849700][T26562] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1846.853114][T26562] usb 7-1: config 250 has no interface number 0
[ 1846.855287][T26562] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1846.858963][T26562] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1846.862371][T26562] usb 7-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1846.866649][T26562] usb 7-1: config 250 interface 228 has no altsetting 0
[ 1846.870120][T26562] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1846.873131][T26562] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1846.875853][T26562] usb 7-1: Product: syz
[ 1846.877261][T26562] usb 7-1: SerialNumber: syz
[ 1846.883165][T26562] hub 7-1:250.228: bad descriptor, ignoring hub
[ 1846.885277][T26562] hub 7-1:250.228: probe with driver hub failed with error -5
[ 1847.044304][T31556] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5425'.
[ 1847.573234][T31562] netlink: 120 bytes leftover after parsing attributes in process `syz.5.5426'.
[ 1848.811165][T26562] usb 7-1: USB disconnect, device number 33
[ 1848.840815][T27578] Bluetooth: hci0: command tx timeout
[ 1849.479439][T31586] input: syz1 as /devices/virtual/input/input50
[ 1852.227973][T31622] s
z1: rxe_newlink: already configured on lo
[ 1852.550789][T26562] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[ 1852.603110][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[ 1852.605118][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[ 1852.706929][T31625] rdma_rxe: rxe_newlink: failed to add lo
[ 1852.711121][T26562] usb 10-1: Using ep0 maxpacket: 8
[ 1852.714399][T26562] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1852.716969][T26562] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[ 1852.719560][T26562] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1852.722479][T26562] usb 10-1: config 250 has no interface number 0
[ 1852.724491][T26562] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1852.728044][T26562] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1852.731253][T26562] usb 10-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1852.735336][T26562] usb 10-1: config 250 interface 228 has no altsetting 0
[ 1852.738809][T26562] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1852.742145][T26562] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1852.744706][T26562] usb 10-1: Product: syz
[ 1852.746055][T26562] usb 10-1: SerialNumber: syz
[ 1852.751699][T26562] hub 10-1:250.228: bad descriptor, ignoring hub
[ 1852.753691][T26562] hub 10-1:250.228: probe with driver hub failed with error -5
[ 1852.940741][T31239] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[ 1853.112316][T31239] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1853.115922][T31239] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1853.119094][T31239] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1853.122314][T31239] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1853.127392][T31625] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1853.131730][T31239] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1853.336654][T28568] usb 7-1: USB disconnect, device number 34
[ 1855.224095][T26562] usb 10-1: USB disconnect, device number 19
[ 1855.286642][T31646] netlink: 'syz.2.5444': attribute type 23 has an invalid length.
[ 1855.845591][T31639] bond1: (slave gretap1): Releasing active interface
[ 1856.748955][T31661] syz.5.5449: vmalloc error: size 34359742464, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1856.756625][T31661] CPU: 2 UID: 0 PID: 31661 Comm: syz.5.5449 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[ 1856.756655][T31661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1856.756667][T31661] Call Trace:
[ 1856.756675][T31661]  <TASK>
[ 1856.756684][T31661]  dump_stack_lvl+0x16c/0x1f0
[ 1856.756716][T31661]  warn_alloc+0x248/0x3a0
[ 1856.756746][T31661]  ? __pfx_warn_alloc+0x10/0x10
[ 1856.756771][T31661]  ? __pfx_stack_trace_save+0x10/0x10
[ 1856.756790][T31661]  ? stack_depot_save_flags+0x28/0xa40
[ 1856.756829][T31661]  ? kasan_save_stack+0x42/0x60
[ 1856.756852][T31661]  ? kasan_save_stack+0x33/0x60
[ 1856.756870][T31661]  ? kasan_save_track+0x14/0x30
[ 1856.756890][T31661]  ? xskq_create+0x52/0x1d0
[ 1856.756911][T31661]  ? xsk_setsockopt+0x684/0x840
[ 1856.756926][T31661]  ? do_sock_setsockopt+0x221/0x470
[ 1856.756951][T31661]  ? xskq_create+0xfb/0x1d0
[ 1856.756975][T31661]  __vmalloc_node_range_noprof+0x10ce/0x1520
[ 1856.757019][T31661]  ? xskq_create+0xfb/0x1d0
[ 1856.757049][T31661]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1856.757084][T31661]  ? xskq_create+0xfb/0x1d0
[ 1856.757105][T31661]  vmalloc_user_noprof+0x9e/0xe0
[ 1856.757127][T31661]  ? xskq_create+0xfb/0x1d0
[ 1856.757148][T31661]  xskq_create+0xfb/0x1d0
[ 1856.757174][T31661]  xsk_setsockopt+0x684/0x840
[ 1856.757196][T31661]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1856.757215][T31661]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1856.757238][T31661]  ? errseq_sample+0x53/0x70
[ 1856.757263][T31661]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1856.757285][T31661]  do_sock_setsockopt+0x221/0x470
[ 1856.757314][T31661]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1856.757362][T31661]  __sys_setsockopt+0x120/0x1a0
[ 1856.757391][T31661]  __ia32_sys_setsockopt+0xbc/0x160
[ 1856.757414][T31661]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1856.757437][T31661]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1856.757463][T31661]  __do_fast_syscall_32+0x7c/0x3a0
[ 1856.757489][T31661]  do_fast_syscall_32+0x32/0x80
[ 1856.757516][T31661]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1856.757540][T31661] RIP: 0023:0xf7f11579
[ 1856.757557][T31661] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1856.757575][T31661] RSP: 002b:00000000f501555c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[ 1856.757594][T31661] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000011b
[ 1856.757607][T31661] RDX: 0000000000000002 RSI: 0000000080000080 RDI: 0000000000000020
[ 1856.757619][T31661] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1856.757630][T31661] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1856.757643][T31661] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1856.757670][T31661]  </TASK>
[ 1856.757679][T31661] Mem-Info:
[ 1856.879488][T31661] active_anon:12182 inactive_anon:4039 isolated_anon:0
[ 1856.879488][T31661]  active_file:868 inactive_file:1732 isolated_file:0
[ 1856.879488][T31661]  unevictable:1768 dirty:69 writeback:0
[ 1856.879488][T31661]  slab_reclaimable:6534 slab_unreclaimable:83632
[ 1856.879488][T31661]  mapped:42133 shmem:16561 pagetables:2199
[ 1856.879488][T31661]  sec_pagetables:347 bounce:0
[ 1856.879488][T31661]  kernel_misc_reclaimable:0
[ 1856.879488][T31661]  free:23292 free_pcp:5880 free_cma:0
[ 1856.879581][T31661] Node 0 active_anon:2040kB inactive_anon:100kB active_file:116kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2180kB dirty:0kB writeback:0kB shmem:6628kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7440kB pagetables:1376kB sec_pagetables:1236kB all_unreclaimable? yes Balloon:0kB
[ 1856.879635][T31661] Node 1 active_anon:46688kB inactive_anon:16056kB active_file:3356kB inactive_file:6916kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:166352kB dirty:276kB writeback:0kB shmem:59616kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6684kB pagetables:7420kB sec_pagetables:152kB all_unreclaimable? no Balloon:0kB
[ 1856.879688][T31661] Node 0 DMA free:1884kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:424kB local_pcp:124kB free_cma:0kB
[ 1856.879743][T31661] lowmem_reserve[]: 0 290 290 290 290
[ 1856.879798][T31661] Node 0 DMA32 free:17248kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:2048KB active_anon:2040kB inactive_anon:100kB active_file:116kB inactive_file:8kB unevictable:3536kB writepending:0kB present:1032196kB managed:297008kB mlocked:0kB bounce:0kB free_pcp:1208kB local_pcp:356kB free_cma:0kB
[ 1856.879856][T31661] lowmem_reserve[]: 0 0 0 0 0
[ 1856.879897][T31661] Node 1 DMA32 free:74036kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:4096KB active_anon:46688kB inactive_anon:16056kB active_file:3356kB inactive_file:6916kB unevictable:3536kB writepending:276kB present:1048432kB managed:948276kB mlocked:0kB bounce:0kB free_pcp:21920kB local_pcp:4984kB free_cma:0kB
[ 1856.879952][T31661] lowmem_reserve[]: 0 0 0 0 0
[ 1856.880000][T31661] Node 0 DMA: 1*4kB (M) 11*8kB (UM) 6*16kB (U) 3*32kB (U) 1*64kB (M) 2*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 1884kB
[ 1856.880205][T31661] Node 0 DMA32: 688*4kB (UMEH) 231*8kB (UMEH) 111*16kB (UMEH) 121*32kB (UMEH) 55*64kB (UME) 16*128kB (ME) 5*256kB (UME) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17096kB
[ 1856.880358][T31661] Node 1 DMA32: 320*4kB (UEH) 792*8kB (UMEH) 305*16kB (UMEH) 72*32kB (UMEH) 21*64kB (UMEH) 58*128kB (UMEH) 37*256kB (UMH) 28*512kB (UMH) 8*1024kB (UM) 5*2048kB (UM) 2*4096kB (UM) = 74000kB
[ 1856.880529][T31661] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1856.880547][T31661] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1856.880564][T31661] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1856.880576][T31661] Node 1 hugepages_total=4 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1856.880592][T31661] 20009 total pagecache pages
[ 1856.880601][T31661] 851 pages in swap cache
[ 1856.880611][T31661] Free swap  = 69468kB
[ 1856.880632][T31661] Total swap = 124996kB
[ 1856.880694][T31661] 524155 pages RAM
[ 1856.880701][T31661] 0 pages HighMem/MovableOnly
[ 1856.880707][T31661] 208994 pages reserved
[ 1856.880715][T31661] 0 pages cma reserved
[ 1856.941337][T31665] tipc: Started in network mode
[ 1856.941382][T31665] tipc: Node identity 4000004, cluster identity 4711
[ 1856.941421][T31665] tipc: Node number set to 67108868
[ 1858.211214][T26562] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[ 1858.363652][T28568] libceph: connect (1)[c::]:6789 error -101
[ 1858.368947][T28568] libceph: mon0 (1)[c::]:6789 connect error
[ 1858.373976][T26562] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1858.377580][T26562] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1858.390252][T26562] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1858.401130][T26562] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1858.412161][T31684] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[ 1858.420783][T26562] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1858.633528][T28568] libceph: connect (1)[c::]:6789 error -101
[ 1858.636776][T28568] libceph: mon0 (1)[c::]:6789 connect error
[ 1858.644976][T28568] usb 10-1: USB disconnect, device number 20
[ 1858.849884][   T40] audit: type=1326 audit(2000000705.600:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31692 comm="syz.3.5455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[ 1858.856479][T31693] netlink: 288 bytes leftover after parsing attributes in process `syz.3.5455'.
[ 1858.862263][   T40] audit: type=1326 audit(2000000705.600:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31692 comm="syz.3.5455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[ 1858.872973][   T40] audit: type=1326 audit(2000000705.610:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31692 comm="syz.3.5455" exe="/syz-executor" sig=0 arch=40000003 syscall=328 compat=1 ip=0xf707e579 code=0x7ffc0000
[ 1858.880606][   T40] audit: type=1326 audit(2000000705.610:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31692 comm="syz.3.5455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[ 1858.888035][   T40] audit: type=1326 audit(2000000705.610:2532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31692 comm="syz.3.5455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[ 1858.894685][   T40] audit: type=1326 audit(2000000705.610:2533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31692 comm="syz.3.5455" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf707e579 code=0x7ffc0000
[ 1858.899004][T31693] netlink: 'syz.3.5455': attribute type 1 has an invalid length.
[ 1858.901369][   T40] audit: type=1326 audit(2000000705.620:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31692 comm="syz.3.5455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[ 1858.901396][   T40] audit: type=1326 audit(2000000705.620:2535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31692 comm="syz.3.5455" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000
[ 1858.901423][   T40] audit: type=1326 audit(2000000705.650:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31692 comm="syz.3.5455" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf707e579 code=0x7ffc0000
[ 1858.901443][   T40] audit: type=1326 audit(2000000705.650:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31692 comm="syz.3.5455" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf707e579 code=0x7ffc0000
[ 1858.931174][T31693] netlink: 224 bytes leftover after parsing attributes in process `syz.3.5455'.
[ 1859.065835][T31687] ceph: No mds server is up or the cluster is laggy
[ 1859.505551][T31701] netlink: 'syz.2.5456': attribute type 9 has an invalid length.
[ 1859.529859][T31701] macvlan0: entered promiscuous mode
[ 1859.532105][T31701] bond0: entered promiscuous mode
[ 1859.535014][T31701] 8021q: adding VLAN 0 to HW filter on device macvlan0
[ 1860.576572][T31710] Bluetooth: hci0: Opcode 0x0401 failed: -22
[ 1861.376804][T31725] can: request_module (can-proto-3) failed.
[ 1862.158816][T31737] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5466'.
[ 1862.601045][T27578] Bluetooth: hci0: command tx timeout
[ 1863.531340][T26562] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[ 1863.684101][T26562] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1863.688772][T26562] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1863.693487][T26562] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1863.697531][T26562] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1863.716220][T31749] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1863.720476][T26562] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1863.926258][T28568] usb 7-1: USB disconnect, device number 35
[ 1864.010812][T26562] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[ 1864.162563][T26562] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1864.167158][T26562] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1864.171794][T26562] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1864.175584][T26562] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1864.181943][T31758] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[ 1864.187721][T26562] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1864.492938][T25660] usb 10-1: USB disconnect, device number 21
[ 1865.987666][T31778] : (slave bond_slave_0): Releasing backup interface
[ 1865.997939][T31778] : (slave bond_slave_1): Releasing backup interface
[ 1866.010209][T31778] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1866.019551][T31778] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1866.038437][T31778] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1866.050369][T31779] netlink: 'syz.4.5475': attribute type 23 has an invalid length.
[ 1866.055778][T31778] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1866.143465][T26562] lo speed is unknown, defaulting to 1000
[ 1866.508839][T31781] random: crng reseeded on system resumption
[ 1866.721357][T31785] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5477'.
[ 1868.179204][T31801] random: crng reseeded on system resumption
[ 1868.190556][T31801] Restarting kernel threads ...
[ 1868.192825][T31801] Done restarting kernel threads.
[ 1868.212346][T26562] page_pool_release_retry() stalled pool shutdown: id 32, 22 inflight 606 sec
[ 1868.440891][T21622] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[ 1868.590833][T21622] usb 7-1: Using ep0 maxpacket: 8
[ 1868.594832][T21622] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1868.598746][T21622] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 1868.602657][T21622] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1868.606579][T21622] usb 7-1: config 250 has no interface number 0
[ 1868.609372][T21622] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1868.614418][T21622] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1868.620162][T21622] usb 7-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1868.630310][T21622] usb 7-1: config 250 interface 228 has no altsetting 0
[ 1868.635220][T21622] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1868.639088][T21622] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1868.642733][T21622] usb 7-1: Product: syz
[ 1868.644430][T21622] usb 7-1: SerialNumber: syz
[ 1868.653533][T21622] hub 7-1:250.228: bad descriptor, ignoring hub
[ 1868.656370][T21622] hub 7-1:250.228: probe with driver hub failed with error -5
[ 1870.600706][T31239] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[ 1870.772531][T31239] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1870.775956][T31239] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1870.779002][T31239] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1870.782005][T31239] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1870.786445][T31817] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1870.790409][T31239] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1870.995753][T31239] usb 10-1: USB disconnect, device number 22
[ 1871.301532][T26562] usb 7-1: USB disconnect, device number 36
[ 1872.899204][T31842] lo speed is unknown, defaulting to 1000
[ 1873.065083][T31842] lo speed is unknown, defaulting to 1000
[ 1873.067564][T31842] lo speed is unknown, defaulting to 1000
[ 1873.069986][T31842] lo speed is unknown, defaulting to 1000
[ 1875.170743][ T5943] Bluetooth: hci1: command 0x0405 tx timeout
[ 1875.515296][   T40] kauditd_printk_skb: 8 callbacks suppressed
[ 1875.515307][   T40] audit: type=1326 audit(2000000722.270:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31866 comm="syz.5.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000
[ 1875.525698][T31868] netlink: 288 bytes leftover after parsing attributes in process `syz.5.5496'.
[ 1875.526050][   T40] audit: type=1326 audit(2000000722.270:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31866 comm="syz.5.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000
[ 1875.536162][   T40] audit: type=1326 audit(2000000722.280:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31866 comm="syz.5.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=328 compat=1 ip=0xf7f11579 code=0x7ffc0000
[ 1875.544574][T31868] netlink: 'syz.5.5496': attribute type 1 has an invalid length.
[ 1875.545181][   T40] audit: type=1326 audit(2000000722.280:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31866 comm="syz.5.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000
[ 1875.554922][T31868] netlink: 224 bytes leftover after parsing attributes in process `syz.5.5496'.
[ 1875.554996][   T40] audit: type=1326 audit(2000000722.280:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31866 comm="syz.5.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000
[ 1875.566620][   T40] audit: type=1326 audit(2000000722.280:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31866 comm="syz.5.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f11579 code=0x7ffc0000
[ 1875.573540][   T40] audit: type=1326 audit(2000000722.290:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31866 comm="syz.5.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000
[ 1875.582812][   T40] audit: type=1326 audit(2000000722.290:2553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31866 comm="syz.5.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7ffc0000
[ 1875.589410][   T40] audit: type=1326 audit(2000000722.290:2554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31866 comm="syz.5.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f11579 code=0x7ffc0000
[ 1875.597629][   T40] audit: type=1326 audit(2000000722.290:2555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31866 comm="syz.5.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f11579 code=0x7ffc0000
[ 1875.860099][T31239] libceph: connect (1)[c::]:6789 error -101
[ 1875.862402][T31239] libceph: mon0 (1)[c::]:6789 connect error
[ 1875.914410][T31876] ceph: No mds server is up or the cluster is laggy
[ 1878.462157][T31895] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5499'.
[ 1878.478684][T31895] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1878.481356][T31895] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1878.483975][T31895] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1878.486910][T31895] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1878.732738][T31895] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1878.735411][T31895] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1878.737971][T31895] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1878.740593][T31895] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1878.870920][T31900] rdma_rxe: rxe_newlink: failed to add lo
[ 1879.271080][T26562] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[ 1879.320101][T31908] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5507'.
[ 1879.528677][T31910] lo speed is unknown, defaulting to 1000
[ 1879.733689][T31910] lo speed is unknown, defaulting to 1000
[ 1879.737558][T31910] lo speed is unknown, defaulting to 1000
[ 1879.741508][T31910] lo speed is unknown, defaulting to 1000
[ 1879.882890][T26562] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1879.886874][T26562] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1879.890001][T26562] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1879.892941][T26562] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1879.897772][T31903] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1879.903890][T26562] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1879.930048][T31906] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5507'.
[ 1880.119784][ T5977] usb 10-1: USB disconnect, device number 23
[ 1880.511222][T31923] syz.2.5503: vmalloc error: size 34359742464, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1880.515549][T31923] CPU: 3 UID: 0 PID: 31923 Comm: syz.2.5503 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[ 1880.515566][T31923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 1880.515573][T31923] Call Trace:
[ 1880.515578][T31923]  <TASK>
[ 1880.515584][T31923]  dump_stack_lvl+0x16c/0x1f0
[ 1880.515602][T31923]  warn_alloc+0x248/0x3a0
[ 1880.515620][T31923]  ? __pfx_warn_alloc+0x10/0x10
[ 1880.515634][T31923]  ? __pfx_stack_trace_save+0x10/0x10
[ 1880.515645][T31923]  ? stack_depot_save_flags+0x28/0xa40
[ 1880.515663][T31923]  ? __pfx_bpf_trace_run2+0x10/0x10
[ 1880.515679][T31923]  ? kasan_save_stack+0x42/0x60
[ 1880.515693][T31923]  ? kasan_save_stack+0x33/0x60
[ 1880.515707][T31923]  ? kasan_save_track+0x14/0x30
[ 1880.515720][T31923]  ? xskq_create+0x52/0x1d0
[ 1880.515731][T31923]  ? xsk_setsockopt+0x684/0x840
[ 1880.515741][T31923]  ? do_sock_setsockopt+0x221/0x470
[ 1880.515759][T31923]  ? xskq_create+0xfb/0x1d0
[ 1880.515771][T31923]  __vmalloc_node_range_noprof+0x10ce/0x1520
[ 1880.515790][T31923]  ? xskq_create+0xfb/0x1d0
[ 1880.515806][T31923]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1880.515822][T31923]  ? xskq_create+0xfb/0x1d0
[ 1880.515834][T31923]  vmalloc_user_noprof+0x9e/0xe0
[ 1880.515847][T31923]  ? xskq_create+0xfb/0x1d0
[ 1880.515859][T31923]  xskq_create+0xfb/0x1d0
[ 1880.515872][T31923]  xsk_setsockopt+0x684/0x840
[ 1880.515886][T31923]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1880.515898][T31923]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1880.515912][T31923]  ? errseq_sample+0x53/0x70
[ 1880.515926][T31923]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1880.515937][T31923]  do_sock_setsockopt+0x221/0x470
[ 1880.515954][T31923]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1880.515979][T31923]  __sys_setsockopt+0x120/0x1a0
[ 1880.515996][T31923]  __ia32_sys_setsockopt+0xbc/0x160
[ 1880.516009][T31923]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1880.516031][T31923]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[ 1880.516046][T31923]  __do_fast_syscall_32+0x7c/0x3a0
[ 1880.516064][T31923]  do_fast_syscall_32+0x32/0x80
[ 1880.516079][T31923]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1880.516095][T31923] RIP: 0023:0xf706e579
[ 1880.516105][T31923] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 1880.516115][T31923] RSP: 002b:00000000f503d55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e
[ 1880.516126][T31923] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000011b
[ 1880.516132][T31923] RDX: 0000000000000002 RSI: 0000000080000080 RDI: 0000000000000020
[ 1880.516139][T31923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1880.516145][T31923] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 1880.516151][T31923] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1880.516165][T31923]  </TASK>
[ 1880.516169][T31923] Mem-Info:
[ 1880.600836][ T5943] Bluetooth: hci1: command 0x0405 tx timeout
[ 1880.602208][T31923] active_anon:9257 inactive_anon:888 isolated_anon:0
[ 1880.602208][T31923]  active_file:1271 inactive_file:1208 isolated_file:0
[ 1880.602208][T31923]  unevictable:1768 dirty:421 writeback:0
[ 1880.602208][T31923]  slab_reclaimable:6546 slab_unreclaimable:82482
[ 1880.602208][T31923]  mapped:40302 shmem:10383 pagetables:2206
[ 1880.602208][T31923]  sec_pagetables:347 bounce:0
[ 1880.602208][T31923]  kernel_misc_reclaimable:0
[ 1880.602208][T31923]  free:35659 free_pcp:2540 free_cma:0
[ 1880.631836][T31923] Node 0 active_anon:1216kB inactive_anon:116kB active_file:0kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1344kB dirty:0kB writeback:0kB shmem:5852kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7344kB pagetables:1376kB sec_pagetables:1236kB all_unreclaimable? yes Balloon:0kB
[ 1880.643805][T31923] Node 1 active_anon:35812kB inactive_anon:3436kB active_file:5084kB inactive_file:4820kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:159872kB dirty:1684kB writeback:0kB shmem:35688kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6784kB pagetables:7448kB sec_pagetables:152kB all_unreclaimable? no Balloon:0kB
[ 1880.656100][T31923] Node 0 DMA free:1988kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:328kB local_pcp:0kB free_cma:0kB
[ 1880.666071][T31923] lowmem_reserve[]: 0 290 290 290 290
[ 1880.668174][T31923] Node 0 DMA32 free:16756kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:4096KB active_anon:1216kB inactive_anon:116kB active_file:0kB inactive_file:8kB unevictable:3536kB writepending:0kB present:1032196kB managed:297008kB mlocked:0kB bounce:0kB free_pcp:3240kB local_pcp:1092kB free_cma:0kB
[ 1880.678960][T31923] lowmem_reserve[]: 0 0 0 0 0
[ 1880.680942][T31923] Node 1 DMA32 free:123892kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:10240KB active_anon:35812kB inactive_anon:3436kB active_file:5084kB inactive_file:4820kB unevictable:3536kB writepending:1684kB present:1048432kB managed:948276kB mlocked:0kB bounce:0kB free_pcp:6536kB local_pcp:420kB free_cma:0kB
[ 1880.692159][T31923] lowmem_reserve[]: 0 0 0 0 0
[ 1880.693993][T31923] Node 0 DMA: 1*4kB (U) 8*8kB (UM) 6*16kB (U) 5*32kB (UM) 2*64kB (M) 2*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 1988kB
[ 1880.699459][T31923] Node 0 DMA32: 711*4kB (UEH) 207*8kB (UMEH) 42*16kB (UME) 148*32kB (UMEH) 55*64kB (UME) 16*128kB (ME) 5*256kB (UME) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16756kB
[ 1880.705623][T31923] Node 1 DMA32: 1645*4kB (UMEH) 1094*8kB (UMEH) 297*16kB (UMEH) 198*32kB (UMEH) 186*64kB (UMEH) 132*128kB (UMEH) 62*256kB (UMH) 25*512kB (UMH) 17*1024kB (UM) 9*2048kB (M) 1*4096kB (M) = 123828kB
[ 1880.712875][T31923] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1880.716439][T31923] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1880.719746][T31923] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1880.723394][T31923] Node 1 hugepages_total=4 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1880.726839][T31923] 13862 total pagecache pages
[ 1880.728613][T31923] 999 pages in swap cache
[ 1880.730046][T31923] Free swap  = 67180kB
[ 1880.731670][T31923] Total swap = 124996kB
[ 1880.733250][T31923] 524155 pages RAM
[ 1880.734676][T31923] 0 pages HighMem/MovableOnly
[ 1880.736509][T31923] 208994 pages reserved
[ 1880.738087][T31923] 0 pages cma reserved
[ 1882.663133][T31941] No control pipe specified
[ 1883.576873][T31942] ALSA: mixer_oss: invalid index 40000
[ 1883.732113][T31957] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1883.967579][T31962] siw: device registration error -23
[ 1884.154194][T31964] lo speed is unknown, defaulting to 1000
[ 1884.328311][T31964] lo speed is unknown, defaulting to 1000
[ 1884.331048][T31964] lo speed is unknown, defaulting to 1000
[ 1884.333572][T31964] lo speed is unknown, defaulting to 1000
[ 1885.346021][T31983] s
z1: rxe_newlink: already configured on lo
[ 1885.560993][T31239] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[ 1885.720881][T31239] usb 10-1: Using ep0 maxpacket: 8
[ 1885.723920][T31239] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1885.726517][T31239] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[ 1885.729121][T31239] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1885.732123][T31239] usb 10-1: config 250 has no interface number 0
[ 1885.734153][T31239] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1885.737806][T31239] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1885.741387][T31239] usb 10-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1885.745575][T31239] usb 10-1: config 250 interface 228 has no altsetting 0
[ 1885.751108][T31239] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1885.753924][T31239] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1885.756483][T31239] usb 10-1: Product: syz
[ 1885.757819][T31239] usb 10-1: SerialNumber: syz
[ 1885.773494][T31239] hub 10-1:250.228: bad descriptor, ignoring hub
[ 1885.776154][T31239] hub 10-1:250.228: probe with driver hub failed with error -5
[ 1887.470772][T32008] IPVS: Error joining to the multicast group
[ 1887.822263][T31239] usb 10-1: USB disconnect, device number 24
[ 1888.153160][T32019] rdma_rxe: rxe_newlink: failed to add lo
[ 1888.428064][T32018] loop6: detected capacity change from 0 to 524287999
[ 1888.497058][T32022] CIFS: Unable to determine destination address
[ 1888.569844][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/137.tmp-b7:6' failed: Read-only file system
[ 1888.680057][T32017] lo speed is unknown, defaulting to 1000
[ 1888.739905][T31239] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[ 1888.768732][T32017] lo speed is unknown, defaulting to 1000
[ 1888.771508][T32017] lo speed is unknown, defaulting to 1000
[ 1888.774134][T32017] lo speed is unknown, defaulting to 1000
[ 1888.883580][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/137.tmp-b7:6' failed: Read-only file system
[ 1888.892239][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/137.tmp-b7:6' failed: Read-only file system
[ 1888.900348][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/138.tmp-b7:6' failed: Read-only file system
[ 1889.793914][T31239] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1889.798319][T31239] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1889.810718][T31239] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1889.814363][T31239] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1889.837331][T32023] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1889.852287][T31239] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1890.256061][T32045] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5530'.
[ 1890.630585][T32045] lo speed is unknown, defaulting to 1000
[ 1890.829528][T32045] lo speed is unknown, defaulting to 1000
[ 1890.832070][T32045] lo speed is unknown, defaulting to 1000
[ 1890.834515][T32045] lo speed is unknown, defaulting to 1000
[ 1890.946792][T31239] usb 10-1: USB disconnect, device number 25
[ 1891.387131][ T5977] libceph: connect (1)[c::]:6789 error -101
[ 1891.400576][ T5977] libceph: mon0 (1)[c::]:6789 connect error
[ 1891.579190][T32062] netlink: 'syz.3.5533': attribute type 9 has an invalid length.
[ 1891.595000][T32062] macvlan0: entered promiscuous mode
[ 1891.596761][T32062] bond0: entered promiscuous mode
[ 1891.599538][T32062] 8021q: adding VLAN 0 to HW filter on device macvlan0
[ 1891.818896][T30488] libceph: connect (1)[c::]:6789 error -101
[ 1891.821562][T30488] libceph: mon0 (1)[c::]:6789 connect error
[ 1891.874885][T28415] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1891.877322][T28415] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1891.895344][T32066] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1891.901824][T32066] netlink: 224 bytes leftover after parsing attributes in process `syz.2.5535'.
[ 1891.913928][T32066] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1891.928740][T32066] sp0: Synchronizing with TNC
[ 1891.932914][T32066] [U] è
[ 1892.069045][T32053] ceph: No mds server is up or the cluster is laggy
[ 1895.253345][T32111] blktrace: Concurrent blktraces are not allowed on sg0
[ 1896.808155][T32136] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5547'.
[ 1896.881544][T32140] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5547'.
[ 1896.888438][T32141] netlink: 140 bytes leftover after parsing attributes in process `syz.2.5550'.
[ 1897.553797][T32149] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1897.566897][   T40] kauditd_printk_skb: 8 callbacks suppressed
[ 1897.566909][   T40] audit: type=1326 audit(2000000744.320:2564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32132 comm="syz.2.5550" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000
[ 1897.583157][T32153] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5554'.
[ 1897.605222][T32153] veth0: entered promiscuous mode
[ 1897.608462][T32153] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5554'.
[ 1897.955645][T32155] ceph: No mds server is up or the cluster is laggy
[ 1897.959091][T31239] libceph: connect (1)[c::]:6789 error -101
[ 1897.963481][T31239] libceph: mon0 (1)[c::]:6789 connect error
[ 1898.207662][T32167] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5555'.
[ 1898.217140][T32170] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5555'.
[ 1898.230442][T32167] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5555'.
[ 1898.675956][T28350] libceph: connect (1)[c::]:6789 error -101
[ 1898.677939][T28350] libceph: mon0 (1)[c::]:6789 connect error
[ 1899.275135][T28350] libceph: connect (1)[c::]:6789 error -101
[ 1899.277458][T28350] libceph: mon0 (1)[c::]:6789 connect error
[ 1899.352538][T32187] lo speed is unknown, defaulting to 1000
[ 1899.437265][T32187] lo speed is unknown, defaulting to 1000
[ 1899.439755][T32187] lo speed is unknown, defaulting to 1000
[ 1899.444002][T32187] lo speed is unknown, defaulting to 1000
[ 1899.499753][T32177] ceph: No mds server is up or the cluster is laggy
[ 1899.663344][T32189] syz.4.5560: attempt to access beyond end of device
[ 1899.663344][T32189] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1899.824216][T32196] 9pnet_fd: Insufficient options for proto=fd
[ 1899.829360][T32196] loop6: detected capacity change from 0 to 524287999
[ 1900.242690][T30764] udevd[30764]: symlink '../../loop6' '/dev/disk/by-diskseq/139.tmp-b7:6' failed: Read-only file system
[ 1900.464438][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/139.tmp-b7:6' failed: Read-only file system
[ 1900.477606][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/139.tmp-b7:6' failed: Read-only file system
[ 1900.489024][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/140.tmp-b7:6' failed: Read-only file system
[ 1901.946532][T32216] s
z1: rxe_newlink: already configured on lo
[ 1902.653146][T32233] ceph: No mds server is up or the cluster is laggy
[ 1902.830255][T31239] libceph: connect (1)[c::]:6789 error -101
[ 1902.833471][T31239] libceph: mon0 (1)[c::]:6789 connect error
[ 1904.869408][T32268] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5575'.
[ 1904.880460][T32268] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5575'.
[ 1904.888062][T32268] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5575'.
[ 1905.471973][T32275] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1907.228346][T32302] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5584'.
[ 1907.232155][T32301] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5584'.
[ 1907.239941][T32301] trusted_key: encrypted_key: insufficient parameters specified
[ 1907.247040][T32301] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5584'.
[ 1907.920263][T32308] rdma_rxe: rxe_newlink: failed to add lo
[ 1908.787243][T32320] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1909.779477][T32332] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5591'.
[ 1909.789791][T32332] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5591'.
[ 1909.811340][T32332] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5591'.
[ 1910.799662][T32344] 9pnet: Unknown protocol version 9p20\++}
[ 1911.063065][ T5977] libceph: connect (1)[c::]:6789 error -101
[ 1911.065093][ T5977] libceph: mon0 (1)[c::]:6789 connect error
[ 1911.239440][T32351] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1911.244445][T32351] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1911.320896][ T5977] libceph: connect (1)[c::]:6789 error -101
[ 1911.322941][ T5977] libceph: mon0 (1)[c::]:6789 connect error
[ 1911.462066][T32347] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1911.463404][T32345] ceph: No mds server is up or the cluster is laggy
[ 1913.350363][T32388] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5602'.
[ 1913.355355][T32388] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5602'.
[ 1913.359037][T32388] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5602'.
[ 1914.042884][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[ 1914.245092][T32390] rdma_rxe: rxe_newlink: failed to add lo
[ 1914.471372][T32402] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5605'.
[ 1914.475949][T32402] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5605'.
[ 1914.481216][T32402] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5605'.
[ 1914.540844][T15326] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[ 1914.692681][T15326] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1914.697440][T15326] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1914.701706][T15326] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1914.705530][T15326] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1914.719702][T32392] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1914.727707][T15326] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1914.926371][   T53] usb 10-1: USB disconnect, device number 26
[ 1915.082959][T32406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5606'.
[ 1916.033236][T27578] Bluetooth: hci2: connection err: -111
[ 1918.825225][T32445] loop6: detected capacity change from 0 to 524287999
[ 1918.963757][T32446] CIFS: Unable to determine destination address
[ 1919.227953][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/141.tmp-b7:6' failed: Read-only file system
[ 1919.369305][T32453] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1919.462150][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/141.tmp-b7:6' failed: Read-only file system
[ 1919.471492][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/142.tmp-b7:6' failed: Read-only file system
[ 1920.118312][T32460] syz.4.5619: attempt to access beyond end of device
[ 1920.118312][T32460] sr0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1920.184595][T21621] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[ 1920.193902][T21621] hid-generic 0000:0000:0000.0004: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1920.262264][T32464] fido_id[32464]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1922.066632][T32491] s
z1: rxe_newlink: already configured on lo
[ 1922.922661][T32505] lo speed is unknown, defaulting to 1000
[ 1923.183283][T32505] lo speed is unknown, defaulting to 1000
[ 1923.185890][T32505] lo speed is unknown, defaulting to 1000
[ 1923.188482][T32505] lo speed is unknown, defaulting to 1000
[ 1923.551080][T32514] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5630'.
[ 1923.556231][T32514] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5630'.
[ 1923.560317][T32514] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5630'.
[ 1924.117353][T32505] syz.4.5629: attempt to access beyond end of device
[ 1924.117353][T32505] sr0: rw=0, sector=0, nr_sectors = 8 limit=0
[ 1924.123790][T32505] hpfs: hpfs_map_sector(): read error
[ 1926.047559][T32540] loop6: detected capacity change from 0 to 524287999
[ 1926.222558][T32542] CIFS: Unable to determine destination address
[ 1926.511797][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/143.tmp-b7:6' failed: Read-only file system
[ 1926.766280][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/143.tmp-b7:6' failed: Read-only file system
[ 1926.776181][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/143.tmp-b7:6' failed: Read-only file system
[ 1926.784556][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/144.tmp-b7:6' failed: Read-only file system
[ 1928.550289][   T40] audit: type=1326 audit(2000000775.300:2565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32567 comm="syz.5.5643" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x0
[ 1928.602980][T31239] page_pool_release_retry() stalled pool shutdown: id 32, 22 inflight 666 sec
[ 1928.670117][T32583] set match dimension is over the limit!
[ 1929.829242][T32596] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5649'.
[ 1929.840809][T32596] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5649'.
[ 1929.853339][T32596] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5649'.
[ 1933.661002][T32651] netlink: 'syz.3.5658': attribute type 23 has an invalid length.
[ 1934.353637][T32659] 9pnet_fd: Insufficient options for proto=fd
[ 1934.356658][T32659] loop6: detected capacity change from 0 to 524287999
[ 1934.366335][T32661] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5661'.
[ 1934.745673][T32664] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5661'.
[ 1934.751096][T32665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5661'.
[ 1934.768786][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/145.tmp-b7:6' failed: Read-only file system
[ 1934.936197][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/145.tmp-b7:6' failed: Read-only file system
[ 1934.951131][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/145.tmp-b7:6' failed: Read-only file system
[ 1934.963335][T30765] udevd[30765]: symlink '../../loop6' '/dev/disk/by-diskseq/146.tmp-b7:6' failed: Read-only file system
[ 1935.357278][T32668] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5665'.
[ 1935.366875][T32668] netlink: 'syz.4.5665': attribute type 5 has an invalid length.
[ 1935.369784][T32668] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5665'.
[ 1935.392414][T32668] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 256 - 0
[ 1935.395322][T32668] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 256 - 0
[ 1935.398114][T32668] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 256 - 0
[ 1935.401490][T32668] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 256 - 0
[ 1935.404476][T32668] geneve2: entered promiscuous mode
[ 1935.406147][T32668] geneve2: entered allmulticast mode
[ 1936.420001][T32683] lo speed is unknown, defaulting to 1000
[ 1936.525418][T32683] lo speed is unknown, defaulting to 1000
[ 1936.527909][T32683] lo speed is unknown, defaulting to 1000
[ 1936.530353][T32683] lo speed is unknown, defaulting to 1000
[ 1937.326433][T32685] syz.5.5669: attempt to access beyond end of device
[ 1937.326433][T32685] sr0: rw=0, sector=0, nr_sectors = 8 limit=0
[ 1937.331768][T32685] hpfs: hpfs_map_sector(): read error
[ 1937.533232][T32701] xt_ipcomp: unknown flags 12
[ 1938.211010][T32712] lo speed is unknown, defaulting to 1000
[ 1938.948558][T32712] lo speed is unknown, defaulting to 1000
[ 1938.971198][T32712] lo speed is unknown, defaulting to 1000
[ 1938.973721][T32712] lo speed is unknown, defaulting to 1000
[ 1939.684033][T32731] s
z1: rxe_newlink: already configured on lo
[ 1940.999789][T32750] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[ 1941.002824][T32750] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[ 1941.006344][T32750] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[ 1941.008972][T32750] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[ 1941.013634][T32750] geneve4: entered promiscuous mode
[ 1941.015459][T32750] geneve4: entered allmulticast mode
[ 1943.066223][  T315] tmpfs: Bad value for 'nr_inodes'
[ 1943.088105][  T316] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5687'.
[ 1944.041828][  T323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5690'.
[ 1944.046517][  T323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5690'.
[ 1944.052575][  T323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5690'.
[ 1945.251044][  T339] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1945.290784][  T339] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1945.293939][  T339] netdevsim netdevsim4 eth3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1945.418479][  T339] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1945.423404][  T339] netdevsim netdevsim4 eth2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1945.511681][  T339] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1945.516833][  T339] netdevsim netdevsim4 eth1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1945.629329][  T339] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1945.633992][  T339] netdevsim netdevsim4 eth0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1945.826332][  T339] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 256 - 0
[ 1945.829297][  T339] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[ 1945.860587][  T339] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 256 - 0
[ 1945.863680][  T339] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[ 1945.962536][  T339] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 256 - 0
[ 1945.965756][  T339] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[ 1946.001698][  T339] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 256 - 0
[ 1946.005332][  T339] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[ 1947.860797][  T371] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5702'.
[ 1950.320700][T26562] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[ 1950.404832][  T398] input: syz1 as /devices/virtual/input/input55
[ 1950.470687][T26562] usb 10-1: Using ep0 maxpacket: 8
[ 1950.496490][T26562] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1950.499110][T26562] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[ 1950.508950][T26562] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1950.540665][T26562] usb 10-1: config 250 has no interface number 0
[ 1950.542739][T26562] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1950.546381][T26562] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1950.549610][T26562] usb 10-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1950.570741][T26562] usb 10-1: config 250 interface 228 has no altsetting 0
[ 1950.583968][T26562] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1950.586837][T26562] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1950.589389][T26562] usb 10-1: Product: syz
[ 1950.600821][T26562] usb 10-1: SerialNumber: syz
[ 1950.622400][T26562] hub 10-1:250.228: bad descriptor, ignoring hub
[ 1950.640717][T26562] hub 10-1:250.228: probe with driver hub failed with error -5
[ 1951.072454][  T404] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1952.169047][   T40] audit: type=1326 audit(2000000798.920:2566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=410 comm="syz.2.5712" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x0
[ 1952.474599][  T421] set match dimension is over the limit!
[ 1952.981964][T31239] usb 10-1: USB disconnect, device number 27
[ 1953.441304][  T430] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5716'.
[ 1954.666051][  T466] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1958.272465][  T510] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 1960.022825][  T536] input: syz1 as /devices/virtual/input/input56
[ 1963.001357][   T40] audit: type=1326 audit(2000000809.750:2567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=567 comm="syz.4.5745" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1963.037101][   T40] audit: type=1326 audit(2000000809.760:2568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=567 comm="syz.4.5745" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1963.244860][   T40] audit: type=1326 audit(2000000809.760:2569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=567 comm="syz.4.5745" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1963.251561][   T40] audit: type=1326 audit(2000000809.770:2570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=567 comm="syz.4.5745" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1963.258276][   T40] audit: type=1326 audit(2000000809.770:2571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=567 comm="syz.4.5745" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1963.266248][   T40] audit: type=1326 audit(2000000809.770:2572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=567 comm="syz.4.5745" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1963.272919][   T40] audit: type=1326 audit(2000000809.770:2573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=567 comm="syz.4.5745" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1963.279461][   T40] audit: type=1326 audit(2000000809.770:2574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=567 comm="syz.4.5745" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1963.287062][   T40] audit: type=1326 audit(2000000809.770:2575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=567 comm="syz.4.5745" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1963.293589][   T40] audit: type=1326 audit(2000000809.770:2576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=567 comm="syz.4.5745" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000
[ 1967.232587][  T608] s
z1: rxe_newlink: already configured on lo
[ 1969.601045][T26562] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[ 1969.761789][T26562] usb 7-1: Using ep0 maxpacket: 8
[ 1969.764699][T26562] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1969.767293][T26562] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 1969.769900][T26562] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1969.855199][T26562] usb 7-1: config 250 has no interface number 0
[ 1969.857242][T26562] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1969.860989][T26562] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1969.870913][T26562] usb 7-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1969.875042][T26562] usb 7-1: config 250 interface 228 has no altsetting 0
[ 1969.887689][T26562] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1969.890522][T26562] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1969.893290][T26562] usb 7-1: Product: syz
[ 1969.894705][T26562] usb 7-1: SerialNumber: syz
[ 1969.903422][T26562] hub 7-1:250.228: bad descriptor, ignoring hub
[ 1969.905490][T26562] hub 7-1:250.228: probe with driver hub failed with error -5
[ 1971.841300][  T667] netlink: 'syz.5.5765': attribute type 1 has an invalid length.
[ 1971.844132][  T667] netlink: 'syz.5.5765': attribute type 2 has an invalid length.
[ 1971.848411][  T667] netlink: 3 bytes leftover after parsing attributes in process `syz.5.5765'.
[ 1971.862266][T26562] usb 7-1: USB disconnect, device number 37
[ 1973.983933][  T686] hfs: unable to load iocharset "io#harset"
[ 1975.492623][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[ 1980.459659][  T793] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5795'.
[ 1980.465199][  T793] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5795'.
[ 1980.468984][  T793] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5795'.
[ 1982.499717][  T813] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1982.528836][  T813] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[ 1982.533016][  T813] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1982.631613][  T813] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[ 1982.635522][  T813] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1982.705894][  T813] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[ 1982.709749][  T813] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1982.746737][  T810] hfs: unable to load iocharset "io#harset"
[ 1982.807795][  T813] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0
[ 1982.811201][  T813] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1982.983195][  T813] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[ 1982.986799][  T813] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 256 - 0
[ 1983.002071][  T813] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[ 1983.005638][  T813] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 256 - 0
[ 1983.032633][  T813] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[ 1983.036185][  T813] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 256 - 0
[ 1983.047350][  T813] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[ 1983.051012][  T813] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 256 - 0
[ 1986.298880][  T864] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[ 1986.618390][  T871] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5812'.
[ 1986.625648][  T871] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5812'.
[ 1986.635340][  T871] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5812'.
[ 1988.962060][T23029] IPVS: starting estimator thread 0...
[ 1989.050791][  T896] IPVS: using max 43 ests per chain, 103200 per kthread
[ 1989.691499][T31239] page_pool_release_retry() stalled pool shutdown: id 32, 22 inflight 727 sec
[ 1990.731911][  T897] lo speed is unknown, defaulting to 1000
[ 1990.794040][  T921] ubi: mtd0 is already attached to ubi31
[ 1990.857993][  T923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5828'.
[ 1990.864879][  T923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5828'.
[ 1990.869291][  T923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5828'.
[ 1992.183164][  T897] lo speed is unknown, defaulting to 1000
[ 1992.184394][  T897] lo speed is unknown, defaulting to 1000
[ 1992.185710][  T897] lo speed is unknown, defaulting to 1000
[ 1993.222167][  T946] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1994.093671][  T946] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1994.200029][  T946] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1994.324270][  T946] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1994.398372][  T946] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1994.477023][  T946] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1994.487253][  T946] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1994.498515][  T946] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1994.510458][  T946] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1996.127720][ T1000] lo speed is unknown, defaulting to 1000
[ 1996.157702][ T1007] ubi: mtd0 is already attached to ubi31
[ 1997.068780][ T1000] lo speed is unknown, defaulting to 1000
[ 1997.082724][ T1000] lo speed is unknown, defaulting to 1000
[ 1997.108952][ T1000] lo speed is unknown, defaulting to 1000
[ 1997.142080][ T1015] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5844'.
[ 1997.145509][ T1015] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5844'.
[ 1997.148834][ T1015] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5844'.
[ 1998.012678][ T1018] netlink: 'syz.5.5845': attribute type 4 has an invalid length.
[ 2000.310714][T23029] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[ 2000.680824][T23029] usb 7-1: Using ep0 maxpacket: 8
[ 2000.688982][T23029] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 2000.696290][T23029] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 2000.700258][T23029] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 2000.710713][T23029] usb 7-1: config 250 has no interface number 0
[ 2000.713378][T23029] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 2000.717990][T23029] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 2000.734723][T23029] usb 7-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 2000.739270][T23029] usb 7-1: config 250 interface 228 has no altsetting 0
[ 2000.752603][T23029] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 2000.756025][T23029] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 2000.759366][T23029] usb 7-1: Product: syz
[ 2000.886037][T23029] usb 7-1: SerialNumber: syz
[ 2000.911367][T23029] hub 7-1:250.228: bad descriptor, ignoring hub
[ 2000.914079][T23029] hub 7-1:250.228: probe with driver hub failed with error -5
[ 2002.939925][T26562] usb 7-1: USB disconnect, device number 38
[ 2003.024097][ T1078] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 2003.077241][ T1078] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2003.144432][ T1078] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2003.403948][ T1078] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2003.724308][ T1078] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0
[ 2004.102611][ T1078] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[ 2004.110454][ T1078] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[ 2004.121273][ T1078] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[ 2004.127757][ T1078] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[ 2005.256903][ T1091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5862'.
[ 2005.263027][ T1091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5862'.
[ 2005.266571][ T1091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5862'.
[ 2007.030774][T21621] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[ 2007.180798][T21621] usb 10-1: Using ep0 maxpacket: 8
[ 2007.184550][T21621] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[ 2007.187329][T21621] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[ 2007.190472][T21621] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 2007.193590][T21621] usb 10-1: config 250 has no interface number 0
[ 2007.195679][T21621] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 2007.199763][T21621] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 2007.203123][T21621] usb 10-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 2007.207649][T21621] usb 10-1: config 250 interface 228 has no altsetting 0
[ 2007.212198][T21621] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 2007.219422][T21621] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 2007.225221][T21621] usb 10-1: Product: syz
[ 2007.226860][T21621] usb 10-1: SerialNumber: syz
[ 2007.237966][T21621] hub 10-1:250.228: bad descriptor, ignoring hub
[ 2007.240044][T21621] hub 10-1:250.228: probe with driver hub failed with error -5
[ 2007.490746][ T1151] syz.4.5876: attempt to access beyond end of device
[ 2007.490746][ T1151] sr0: rw=0, sector=0, nr_sectors = 8 limit=0
[ 2008.814869][ T1170] ------------[ cut here ]------------
[ 2008.817040][ T1170] UBSAN: array-index-out-of-bounds in ./include/net/ipv6.h:616:34
[ 2008.819512][ T1170] index 20 is out of range for type '__u8 [16]'
[ 2008.822131][ T1170] CPU: 3 UID: 0 PID: 1170 Comm: syz.4.5882 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[ 2008.822148][ T1170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 2008.822157][ T1170] Call Trace:
[ 2008.822161][ T1170]  <TASK>
[ 2008.822167][ T1170]  dump_stack_lvl+0x16c/0x1f0
[ 2008.822187][ T1170]  __ubsan_handle_out_of_bounds+0x11c/0x160
[ 2008.822204][ T1170]  ipv6_addr_prefix+0xf2/0x110
[ 2008.822221][ T1170]  ip6_route_info_create+0x4b6/0x870
[ 2008.822242][ T1170]  ip6_route_add+0x26/0x1d0
[ 2008.822261][ T1170]  addrconf_prefix_route+0x2fd/0x510
[ 2008.822283][ T1170]  ? __pfx_addrconf_prefix_route+0x10/0x10
[ 2008.822317][ T1170]  ? lock_acquire+0x179/0x350
[ 2008.822337][ T1170]  ? __pfx_addrconf_get_prefix_route+0x10/0x10
[ 2008.822357][ T1170]  ? find_held_lock+0x2b/0x80
[ 2008.822380][ T1170]  ? addrconf_prefix_rcv+0xa7e/0x1f70
[ 2008.822399][ T1170]  addrconf_prefix_rcv+0x1808/0x1f70
[ 2008.822423][ T1170]  ? __pfx_addrconf_prefix_rcv+0x10/0x10
[ 2008.822439][ T1170]  ? __ipv6_chk_addr_and_flags+0x2f4/0x750
[ 2008.822464][ T1170]  ? neigh_remove_one+0x270/0x310
[ 2008.822486][ T1170]  ? ndisc_router_discovery+0x1c49/0x3550
[ 2008.822504][ T1170]  ndisc_router_discovery+0x1c49/0x3550
[ 2008.822547][ T1170]  ? ip6t_do_table+0xbf5/0x1c30
[ 2008.822566][ T1170]  ? __pfx_ndisc_router_discovery+0x10/0x10
[ 2008.822580][ T1170]  ? __lock_acquire+0x622/0x1c90
[ 2008.822603][ T1170]  ? skb_checksum+0x81f/0x980
[ 2008.822622][ T1170]  ndisc_rcv+0x3fa/0x620
[ 2008.822637][ T1170]  icmpv6_rcv+0x17c6/0x1c50
[ 2008.822659][ T1170]  ? __pfx_icmpv6_rcv+0x10/0x10
[ 2008.822676][ T1170]  ip6_protocol_deliver_rcu+0xf89/0x1520
[ 2008.822698][ T1170]  ip6_input_finish+0x102/0x180
[ 2008.822712][ T1170]  ip6_input+0x105/0x2f0
[ 2008.822725][ T1170]  ip6_mc_input+0x465/0xfd0
[ 2008.822751][ T1170]  ? __pfx_ip6_mc_input+0x10/0x10
[ 2008.822766][ T1170]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 2008.822781][ T1170]  ? __pfx_ip6_mc_input+0x10/0x10
[ 2008.822793][ T1170]  ipv6_rcv+0x45d/0x680
[ 2008.822806][ T1170]  ? __pfx_ipv6_rcv+0x10/0x10
[ 2008.822817][ T1170]  __netif_receive_skb_one_core+0x12d/0x1e0
[ 2008.822832][ T1170]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[ 2008.822846][ T1170]  ? lock_acquire+0x179/0x350
[ 2008.822865][ T1170]  ? __phys_addr+0xe8/0x180
[ 2008.822878][ T1170]  __netif_receive_skb+0x1d/0x160
[ 2008.822891][ T1170]  netif_receive_skb+0x137/0x7b0
[ 2008.822905][ T1170]  ? __pfx_netif_receive_skb+0x10/0x10
[ 2008.822924][ T1170]  tun_rx_batched.isra.0+0x3ee/0x740
[ 2008.822945][ T1170]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[ 2008.822968][ T1170]  ? tun_get_user+0x1c0d/0x3b80
[ 2008.822980][ T1170]  ? rcu_is_watching+0x12/0xc0
[ 2008.823001][ T1170]  tun_get_user+0x28a2/0x3b80
[ 2008.823018][ T1170]  ? __pfx_tun_get_user+0x10/0x10
[ 2008.823029][ T1170]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 2008.823044][ T1170]  ? find_held_lock+0x2b/0x80
[ 2008.823060][ T1170]  ? tun_get+0x191/0x370
[ 2008.823074][ T1170]  tun_chr_write_iter+0xdc/0x210
[ 2008.823086][ T1170]  vfs_write+0x6c7/0x1150
[ 2008.823101][ T1170]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 2008.823114][ T1170]  ? __pfx_vfs_write+0x10/0x10
[ 2008.823125][ T1170]  ? find_held_lock+0x2b/0x80
[ 2008.823150][ T1170]  ksys_write+0x12a/0x250
[ 2008.823163][ T1170]  ? __pfx_ksys_write+0x10/0x10
[ 2008.823176][ T1170]  ? rcu_is_watching+0x12/0xc0
[ 2008.823195][ T1170]  __do_fast_syscall_32+0x7c/0x3a0
[ 2008.823212][ T1170]  do_fast_syscall_32+0x32/0x80
[ 2008.823227][ T1170]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2008.823241][ T1170] RIP: 0023:0xf705e579
[ 2008.823250][ T1170] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 2008.823261][ T1170] RSP: 002b:00000000f504e520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[ 2008.823272][ T1170] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000800
[ 2008.823279][ T1170] RDX: 00000000000003b6 RSI: 00000000f73c2ff4 RDI: 0000000000000000
[ 2008.823285][ T1170] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2008.823291][ T1170] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 2008.823297][ T1170] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2008.823310][ T1170]  </TASK>
[ 2008.823459][ T1170] ---[ end trace ]---
[ 2008.959978][ T1170] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[ 2008.962234][ T1170] CPU: 3 UID: 0 PID: 1170 Comm: syz.4.5882 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[ 2008.965825][ T1170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 2008.969150][ T1170] Call Trace:
[ 2008.970225][ T1170]  <TASK>
[ 2008.971169][ T1170]  dump_stack_lvl+0x3d/0x1f0
[ 2008.972632][ T1170]  panic+0x71c/0x800
[ 2008.973926][ T1170]  ? rcu_is_watching+0x12/0xc0
[ 2008.975426][ T1170]  ? __pfx_panic+0x10/0x10
[ 2008.976828][ T1170]  ? __pfx__printk+0x10/0x10
[ 2008.978328][ T1170]  check_panic_on_warn+0xab/0xb0
[ 2008.979896][ T1170]  __ubsan_handle_out_of_bounds+0x143/0x160
[ 2008.981736][ T1170]  ipv6_addr_prefix+0xf2/0x110
[ 2008.983248][ T1170]  ip6_route_info_create+0x4b6/0x870
[ 2008.984936][ T1170]  ip6_route_add+0x26/0x1d0
[ 2008.986381][ T1170]  addrconf_prefix_route+0x2fd/0x510
[ 2008.988067][ T1170]  ? __pfx_addrconf_prefix_route+0x10/0x10
[ 2008.990388][ T1170]  ? lock_acquire+0x179/0x350
[ 2008.992094][ T1170]  ? __pfx_addrconf_get_prefix_route+0x10/0x10
[ 2008.994073][ T1170]  ? find_held_lock+0x2b/0x80
[ 2008.995561][ T1170]  ? addrconf_prefix_rcv+0xa7e/0x1f70
[ 2008.997301][ T1170]  addrconf_prefix_rcv+0x1808/0x1f70
[ 2008.999001][ T1170]  ? __pfx_addrconf_prefix_rcv+0x10/0x10
[ 2009.000765][ T1170]  ? __ipv6_chk_addr_and_flags+0x2f4/0x750
[ 2009.002604][ T1170]  ? neigh_remove_one+0x270/0x310
[ 2009.004212][ T1170]  ? ndisc_router_discovery+0x1c49/0x3550
[ 2009.006002][ T1170]  ndisc_router_discovery+0x1c49/0x3550
[ 2009.007761][ T1170]  ? ip6t_do_table+0xbf5/0x1c30
[ 2009.009290][ T1170]  ? __pfx_ndisc_router_discovery+0x10/0x10
[ 2009.011142][ T1170]  ? __lock_acquire+0x622/0x1c90
[ 2009.012701][ T1170]  ? skb_checksum+0x81f/0x980
[ 2009.014237][ T1170]  ndisc_rcv+0x3fa/0x620
[ 2009.015574][ T1170]  icmpv6_rcv+0x17c6/0x1c50
[ 2009.017047][ T1170]  ? __pfx_icmpv6_rcv+0x10/0x10
[ 2009.018628][ T1170]  ip6_protocol_deliver_rcu+0xf89/0x1520
[ 2009.020393][ T1170]  ip6_input_finish+0x102/0x180
[ 2009.021934][ T1170]  ip6_input+0x105/0x2f0
[ 2009.023273][ T1170]  ip6_mc_input+0x465/0xfd0
[ 2009.024742][ T1170]  ? __pfx_ip6_mc_input+0x10/0x10
[ 2009.026343][ T1170]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 2009.028411][ T1170]  ? __pfx_ip6_mc_input+0x10/0x10
[ 2009.030518][ T1170]  ipv6_rcv+0x45d/0x680
[ 2009.031975][ T1170]  ? __pfx_ipv6_rcv+0x10/0x10
[ 2009.033474][ T1170]  __netif_receive_skb_one_core+0x12d/0x1e0
[ 2009.035320][ T1170]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[ 2009.037357][ T1170]  ? lock_acquire+0x179/0x350
[ 2009.038863][ T1170]  ? __phys_addr+0xe8/0x180
[ 2009.040296][ T1170]  __netif_receive_skb+0x1d/0x160
[ 2009.041889][ T1170]  netif_receive_skb+0x137/0x7b0
[ 2009.043447][ T1170]  ? __pfx_netif_receive_skb+0x10/0x10
[ 2009.045187][ T1170]  tun_rx_batched.isra.0+0x3ee/0x740
[ 2009.046867][ T1170]  ? __pfx_tun_rx_batched.isra.0+0x10/0x10
[ 2009.049337][ T1170]  ? tun_get_user+0x1c0d/0x3b80
[ 2009.051108][ T1170]  ? rcu_is_watching+0x12/0xc0
[ 2009.052622][ T1170]  tun_get_user+0x28a2/0x3b80
[ 2009.054504][ T1170]  ? __pfx_tun_get_user+0x10/0x10
[ 2009.056628][ T1170]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 2009.058980][ T1170]  ? find_held_lock+0x2b/0x80
[ 2009.060995][ T1170]  ? tun_get+0x191/0x370
[ 2009.062827][ T1170]  tun_chr_write_iter+0xdc/0x210
[ 2009.064913][ T1170]  vfs_write+0x6c7/0x1150
[ 2009.066762][ T1170]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 2009.069102][ T1170]  ? __pfx_vfs_write+0x10/0x10
[ 2009.070842][ T1170]  ? find_held_lock+0x2b/0x80
[ 2009.072347][ T1170]  ksys_write+0x12a/0x250
[ 2009.073740][ T1170]  ? __pfx_ksys_write+0x10/0x10
[ 2009.075309][ T1170]  ? rcu_is_watching+0x12/0xc0
[ 2009.076816][ T1170]  __do_fast_syscall_32+0x7c/0x3a0
[ 2009.078494][ T1170]  do_fast_syscall_32+0x32/0x80
[ 2009.080031][ T1170]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2009.081983][ T1170] RIP: 0023:0xf705e579
[ 2009.083202][ T1170] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 2009.089063][ T1170] RSP: 002b:00000000f504e520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[ 2009.091674][ T1170] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000800
[ 2009.094165][ T1170] RDX: 00000000000003b6 RSI: 00000000f73c2ff4 RDI: 0000000000000000
[ 2009.096623][ T1170] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2009.099138][ T1170] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[ 2009.101878][ T1170] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2009.104774][ T1170]  </TASK>
[ 2009.106476][ T1170] Kernel Offset: disabled
[ 2009.107872][ T1170] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:43:22  Registers:
info registers vcpu 0

CPU#0
RAX=0000000003f4d4cb RBX=0000000000000000 RCX=ffffffff8b7793e9 RDX=0000000000000000
RSI=ffffffff8dbfdaa1 RDI=ffffffff8bf51800 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e08
R8 =0000000000000001 R9 =ffffed100564663d R10=ffff88802b2331eb R11=ffffffff9ad88be8
R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90877d50 R15=0000000000000000
RIP=ffffffff8b777f4f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097782000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000800a2018 CR3=000000006a503000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000004c1491271da RBX=ffff88802b3239c0 RCX=00000000000006e0 RDX=00000000000004c1
RSI=ffff88802b3239c0 RDI=0000000000260ef5 RBP=0000000000260ef5 RSP=ffffc90000590ec8
R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000019 R15=ffff88802b327c40
RIP=ffffffff81679485 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097882000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c2ddf7f CR3=000000006d3e2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000004 RBX=0000000000000001 RCX=ffff888074b47dc0 RDX=0000000000000000
RSI=ffffffff8b44cdc6 RDI=ffff888023022884 RBP=ffff888023022440 RSP=ffffc9000712fb10
R8 =0000000000000004 R9 =00000000000001bb R10=0000000000000400 R11=0000000000000001
R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff81a04462 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097982000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005624f3d77f40 CR3=000000005605c000 CR4=00352ef0
DR0=0000000000000007 DR1=000000000000000b DR2=0000000000000002 DR3=0000000000000009 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000005d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855477b5 RDI=ffffffff9ae4cd00 RBP=ffffffff9ae4ccc0 RSP=ffffc900069c6ab0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=000000000000005d R14=ffffffff9ae4ccc0 R15=ffffffff85547750
RIP=ffffffff855477df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff888097a82000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73f6188 CR3=00000000679a8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000009 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000