last executing test programs:

8m3.744815715s ago: executing program 2 (id=24):
syz_emit_ethernet(0x4a, &(0x7f00000023c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004a00003c0000000000059078ac1414020a010100890fce7ee7806794998b2175650387ebd8e0000002ac1414bb00000000830200000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c00000090780000"], 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000004a"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x10, 0xb, &(0x7f00000009c0)=@framed={{0x18, 0x2}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @exit]}, &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0xa}, 0x94)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
move_pages(0x0, 0x42, &(0x7f0000000280)=[&(0x7f0000ffb000/0x4000)=nil], 0x0, &(0x7f0000000000), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x27ec45380e07cd16, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0x4, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
add_key$fscrypt_v1(&(0x7f0000001500), 0x0, &(0x7f0000001580)={0x0, "740c561c18c8d0520787a815169e2c2d38ce24ada46dfd910ebe32afb63c184f8aa7603c7eedb7c4014bc2f01d8020e3f1a9f99f55e81277b2f1e4dd09621d6f", 0x3e}, 0x48, 0xfffffffffffffffd)
read$FUSE(r4, &(0x7f0000000300)={0x2020}, 0x2020)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17)
move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffc000/0x1000)=nil], &(0x7f0000002640), &(0x7f0000000000), 0x0)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c)

8m3.493735634s ago: executing program 2 (id=30):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
r1 = fsmount(0xffffffffffffffff, 0x1, 0x8c)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00'}, 0x18)
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, &(0x7f0000000000)={r2})
r3 = socket$inet(0xa, 0x801, 0x20000083)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0xfffc, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r3, 0x8)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x1d, &(0x7f0000000080)=0x4f, 0x4)
accept4(r1, 0x0, 0x0, 0x80000)
r4 = syz_open_dev$MSR(&(0x7f0000000300), 0x20000, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
ioperm(0x2, 0x7, 0x13)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000700)=""/200, 0xc8, 0x0, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r6 = shmget$private(0x0, 0x800000, 0x1, &(0x7f0000173000/0x800000)=nil)
shmat(r6, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r0, 0x0, 0x0)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f00000000c0)=ANY=[@ANYBLOB="2d708a79732025b2f9f81869b5a8e2ac3469ae520b5d216e1a7177904956906ac67bf6b6"], 0x1f)

8m2.572765663s ago: executing program 2 (id=33):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xfffffff7}]}}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}}, 0x0)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000080)={0x20, 0x7, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x1}]}, 0x20}}, 0x14841)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
timer_delete(r1)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x12, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_io_uring_setup(0x8d2, &(0x7f0000000240)={0x0, 0x0, 0x400, 0x0, 0x2fb}, &(0x7f0000000140)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r5, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
setregid(0xffffffffffffffff, 0x0)
r8 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_MD5SIG(r8, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e24, 0x2, @private0, 0x2}}, 0x0, 0x0, 0xf, 0x0, "fb9a4c252063afa2cd084c42d448db39abffa17206d921129f94df96a1290c6ee7f68e50eebc43c6391ec5bb2c8b81de624b512389798fef1a05aad9f651eb19e7f0f70b0feaa42a602e322c02f5093c"}, 0xd8)

8m1.631042447s ago: executing program 2 (id=46):
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYRES64, @ANYRES16, @ANYRESDEC, @ANYRESOCT], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYRESDEC, @ANYRES64, @ANYRES16, @ANYRESDEC, @ANYRESOCT], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid() (async)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x0, 0x20048001) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x0, 0x20048001)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) (async)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x0, 0x0}) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x0, 0x0})
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x20000041) (async)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x20000041)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r3, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
ptrace(0x10, r0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) (async)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0xffffffffffffffff, r0) (async)
ptrace(0xffffffffffffffff, r0)
ptrace(0x420e, r0)
syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/3\x00')
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') (async)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r5 = openat$ppp(0xffffff9c, &(0x7f0000000000), 0x298000, 0x0)
ioctl$PPPIOCSPASS(r5, 0x40087447, &(0x7f0000000100)={0x9, &(0x7f0000000040)=[{0x0, 0x5, 0x57, 0xd}, {0x7, 0xb, 0x25, 0xe6}, {0x8, 0x7, 0xff, 0x7f}, {0x6, 0x8, 0x53, 0x6}, {0x4, 0x6, 0x2, 0xffffffff}, {0x5, 0xa3, 0x7, 0x4}, {0x2, 0x1, 0x80, 0x3}, {0x416, 0xff, 0x2, 0x2}, {0x0, 0xd, 0x2, 0xab}]})
getdents64(r4, &(0x7f00000001c0)=""/45, 0x2d)

8m1.326901338s ago: executing program 2 (id=48):
socket$packet(0x11, 0xa, 0x300)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000b0000000000011907864010101ac14142100004e20009c907801000000000000007b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a0080000008c82b8af584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424dbcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b9649a3bfbc1f39cb307b3472eb9cdb042d2643fcbb2c5a57df67d544af6e8dafe09"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000280)=ANY=[@ANYRESHEX=r0], 0x0, 0x3}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
mknod(&(0x7f0000000000)='./bus\x00', 0x10, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x301040, 0x0)
mount(&(0x7f00000000c0), &(0x7f0000000440)='./bus\x00', 0x0, 0x8c7c88, 0x0)
open(&(0x7f00000002c0)='./bus\x00', 0x0, 0x61)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@private2, 0x800, 0x0, 0x2, 0x1}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)

8m0.410428623s ago: executing program 2 (id=54):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001040), 0x0, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000000)={0xf0f03c, 0x4})
r2 = openat$binder_debug(0xffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000040), 0xc)
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="03010000b5"], 0xc8)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x10c4, 0x0, 0x0, 0x180000}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
r8 = syz_io_uring_setup(0xbd8, &(0x7f0000000640)={0x0, 0x9eb9, 0x400, 0x2, 0x40200333, 0x0, r5}, &(0x7f0000000300)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r8, 0x847ba, 0x0, 0xe, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_SET_FEATURES(r2, 0x40309439, &(0x7f0000000040)={0x1, 0x3})
r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
r13 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r13, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2b, 0xfffffffc, {0x60, 0x0, 0x0, r14, {0x0, 0x8}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0xfffffffffffffe2d, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xfff, 0x40, 0x172}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x3000c81c)
ioctl$KVM_X86_SET_MCE(r12, 0x4040ae9e, &(0x7f0000000540)={0xa800000000000000, 0x1, 0x0, 0xe, 0x6})
syz_emit_ethernet(0x52, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x1c, 0x6, 0x0, @private1, @local, {[], {{0xfffe, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x8, 0xf989, "74f65fae"}]}}}}}}}}, 0x0)

7m45.112697419s ago: executing program 32 (id=54):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001040), 0x0, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000000)={0xf0f03c, 0x4})
r2 = openat$binder_debug(0xffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000040), 0xc)
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="03010000b5"], 0xc8)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x10c4, 0x0, 0x0, 0x180000}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
r8 = syz_io_uring_setup(0xbd8, &(0x7f0000000640)={0x0, 0x9eb9, 0x400, 0x2, 0x40200333, 0x0, r5}, &(0x7f0000000300)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r8, 0x847ba, 0x0, 0xe, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_SET_FEATURES(r2, 0x40309439, &(0x7f0000000040)={0x1, 0x3})
r11 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
r13 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r13, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2b, 0xfffffffc, {0x60, 0x0, 0x0, r14, {0x0, 0x8}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0xfffffffffffffe2d, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xfff, 0x40, 0x172}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x3000c81c)
ioctl$KVM_X86_SET_MCE(r12, 0x4040ae9e, &(0x7f0000000540)={0xa800000000000000, 0x1, 0x0, 0xe, 0x6})
syz_emit_ethernet(0x52, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd318", 0x1c, 0x6, 0x0, @private1, @local, {[], {{0xfffe, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x8, 0xf989, "74f65fae"}]}}}}}}}}, 0x0)

7m28.855147637s ago: executing program 3 (id=169):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000400)=[{0x0}, {&(0x7f0000000100)="d8710bd835350f55", 0x8}], 0x2, &(0x7f00000006c0)=ANY=[], 0x280}, 0x80)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = gettid()
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
io_setup(0x3f, &(0x7f0000000140)=<r2=>0x0)
r3 = timerfd_create(0x0, 0x0)
io_submit(r2, 0x3, &(0x7f0000000500)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f0000000380)="682962ab7bb63432", 0x8, 0x0, 0x0, 0x2}, 0x0])
request_key(0x0, 0x0, &(0x7f0000000140)='\\\\@[*#)\x00', 0xfffffffffffffffe)
add_key$user(&(0x7f0000000180), &(0x7f0000000000)={'syz', 0x0}, &(0x7f00000005c0)='\x00', 0x0, 0xfffffffffffffffe)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f00000000c0)=0x4002)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x1)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r5)
r7 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r7, 0x8933, &(0x7f0000000580)={'wg0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000780)=@newqdisc={0x24, 0x26, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x9090}, 0x0)
bind$bt_hci(r7, &(0x7f0000000200), 0x6)
sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf2525af0500657673696d300000"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40004)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="040e0600120c"], 0x9)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="9feb010018000009bea80c002400000024e2718725000000080000000200000f0500000001000000000000000300000002000000040000000900000000000000000000002e00"], &(0x7f0000000280)=""/266, 0x46, 0x10a, 0x6}, 0x28)

7m27.266322417s ago: executing program 3 (id=174):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
read$FUSE(0xffffffffffffffff, &(0x7f0000001540)={0x2020}, 0x2020)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x161141)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_genetlink_get_family_id$nl80211(0x0, r2)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={&(0x7f0000000140)="ab6a562c8992ea29eba96e1cb5406d532d303147f6be265a475dcb0c52971d7eebbbde7746932ce422aab64f14b9b4178d76c3ac6d1067bab1b1f56e556490717d1e124618baed3ba915a92c731656c71d499e82866b4c20ab56e8e66e9a2e2b14eacdae7cfb3e9bef96c96053f86f382fb6e4c1be33f8f03edcda3c383b90c84190ad68b2978369218cb4a22a4f405a01d5316a878ee82ad2c4966d5903ad9d5a6d7f6ceea420ba0bd5", &(0x7f0000000200)=""/249, &(0x7f0000003580)="d24f591a62467b0bcb3912b41e4a6a842a474882616bd55cec1452989aa7cf1e408249c6af36f2fd3d862b76478d3b33ea652dfe4d6e90ca809d8133191888da4a5e90813c327f988dd5ae3b325dce6b7e7979ea733a8e6b629d82cec9fbde210af1903c8719cc30b3855d5c2dad22dedc98d63773343b1a02a7b5183db8a6ece7810b86254e31eb0447103ef64cc3bb011ed0aecb0464a639709bcb45f4168ed37f0cc1b52e5a4179d86562668091cf54eabe66d80d52aacf3a8f83b24f1f2686a4c3f198d84ad61d0faa1d9bb1e82376669d1080d855de2a487ee0936d0a9a57ca7120306e9bbae0b55b5017d279f8174f8ecc97048887334bbfe4ad2f8f0c9128aa989ea5f82da882655eb9a27d49661c8f55ff9d489d465dd61a8ccbcb2115c3db72bec72cf38bba0a7fc74c29aa0f9e2311325ecdf651079699133711af0da5c8382916479854be5db19d79c0e477d4a3c39acd00ac1a6fe8dadf8de7f2118d4888bc2a621a7aba58572485da3ea060cf70e79ec38d23ec7ed1ce75bd12b5d3acddb703b194a2f715e55ac3cd1cc4d6edb2a9b4318ce65490d08acbd4e01147fac8d446c843237d57dddf2d9ec1f829ab95549f5745eae7f51aa2d3d3bf008632b525ff6799079b47e21acfce0ae1651b0985c5bd6d80d45ebed750c8769a39130a20e892068f1fb6d44423de87b9691189da1daa45d089e1ce676d9a9642b5d11538e32433dd1c312d7fdb5ba3f75fd62693dd40e7c472e3b85729dbac004add4e89f88d8679209a0f551c930cb2c22c8d0a42314d803f5c35ce07a72a804109aaa01a88a0bae775ef9dc0d56c1c8c11b6dd49d0536ea6c2575930d59333d1ef060a15d9cce62c2307254912123a5910a9f391864e2ecd52f2fff3a31bc1e9277fa6d99b01134e62c55e09a9a778e3d2fa4c47cd3232242a2ffde39d187b555829e4294cbf629590c32d583753598a316e0363b12ae0a54b21d9bd4fa9b3896632af21cf0acb484422c7c5b2af57d7bda5ea60196a40bdb4849ac1bcb68cedeb4157b7b1c1b59113550b9b0bca956ae7df0f858fcb762beafcc85ab1b206c52bc6b8355e231e35ec474ef83def80011ca9228a8df36e6d9fe47d9f02e248ba516fffdeb35ef76f907e69404c51129d5b5e26ded6b7cff8002d7c5fb7ebd724e25dfca6fc1103db8f73084700be7a0e0da0ae28a2bbeb79cc221f2ccd6694c725b05bd57679d5d3057cfad67a3bafc227eea353b31f2abd47afd2f06b27d615cccf7120851209394c1a3f299db3b9e4fb59dd74cfed09a9e875fd70b9b64c401bfb1093e021f090d5c8a8bec715ed1e19f2f6e5d5662e4b6f6f50154b48e1a213ee98657d2ce538fd70a6b3fcf00983f94dd172aef3f74919129885d8678204b575a99bf5bc6156a20e4768de818c7a9f94f58943981646619d21e07b1c118f33bc25d8c8b249ce08ca29671caadbb25b80650f7b480b13508e1b21b73d75b3b641a98a23958fb550bab44caae34763c4d635bc4c3432562e68ce32b7e78b26a87c46b8e566d685cc45515be77055e9adbd7aa6ebcc9be4a9f7e1a2dd42744b244584d35c7fd71da74cfe7bd0c4c66bedb88d9cbd3becb88b5ca5d5827a858c10b1e730da2d3fc4cc9ccb66fd1ee903a3d611a26d0551656f1a21e6531df5c28f9b7465148ad57e998536d2dcd5435ef6f844e1e64fc8b3e82ef87e51fae6dc242308cfb2bc93515294b9622885a2f14c067f1fb3acf9382afd634acebdda3002a0266c73c141590f771b422c504a55fe01bd77cd28e08c859ff2e58059d6e4a383bd4148a62ea6098ff65833d5a743fd361fd703a85794f0e1887911cf3342e50aa1351a46914f361854cdd10f153359a1a2c3f563534339eb7c700236d133a51c8ee77e02c545ab3903dafc4c527205b701d6845c91c18195a0030ded3681af65f2d9c90a02872bf7ef1f915e4491f546d011c6caed770225eb005d187f17dbed9640fab4aa7d36f59df2279518e1eb3690bde7a92540f148fc8252d542cc609f7d0db370e1e1d9776122a5ce2c03633ec416210004a1a1b9b20439719d680e52cebb5bbc22ce2fe20572b900bd0ecbc777bbefdc79da0025852489ff9b6ec0bd260531bde64552692601fe88a2d58adf14f65a7c6b29cf0ce8d5f9789166500f959e99beb8b5542e5eb9fb6d77f0d79a6993a876f19d155aa541a01477ba31959b9c03e8e155059694846a1a522c8fb67d4f281190aa61cf9d2d355413caa8023c977f56b9f65281535af18eb070c89aa5d27f944827e3cd197ff60edc852f2a8fc988cd2a998babfcbcade9a0910115756e22d41d53164719a65c0711fad39ed1f3a7567f3d31b67195e4a47c43ee11aae3752d0ad8e5052754d9b2bbc05d32ef7524bd2ef18643a3e3f3a7beef89db4569da4f558ad8bb1a3f6519195048e7112096f81eacee9f3482c9ffdd8a209cee8bf64874ae2bd5b788ec3f8dcdbfb2f751e92fa14576cc8b834273023f45d15f940b8322555f74507a1ef34b3171fe4529802ffb05af05dfc4aa3cd7875f94f07ced6171a0e34cacafb4e24a9b14df6a1b503bc74432cebccec74306c4c1b1b54f49fc210c5268e16342444b55ccb623f0116a6b9f227d11c97d7fa912cb65790abf5fe33e964467d3b3c87254f486dced78ad3b52b6d9254d549e51d9bc4e019372e0621a7b14250d8ce02b859ca34b90b4b324536b6b15eab5713a6a9b7561c656fa99b928ae2674cbb5d821607cf828e53a73b612e9df23a02b24c1785e0873d1b57fb0872646b0d129286d557cb40f73ddd68182c8daab9da9ab0f9719f9d8ea847020d1d9a0919a4817b977b7dce940a1c5aba3c8c7df1d052078044f70dffa0e70938e734fde58844062dfc2df1305ec65fcccc196f5484bf6ae703515662985d19cbe610a183647a4e5da2d504c380f30a183e8bf66b071f015638b9b5af8c915c869b8f346cd63b1c781e8b6e60c2f4274757869dfebe41ad534e1ac7d6d7d943aac0a520a420ee6f921610412c87814376df4fe62402bb84aef5d198564694b50ac5c1bc661cc59836f57eb057c533567b110998f28de0dba3c19f374a2445d852309984a3ec93ce36dd80de11d10f1ec3a7b0818027c26a0bc054e78bd2d6156832b68d6317cb154eb07279041fc4f0b5c83e2f49a71bb2a83cbead7e49030edc89c6f37b3afa37ead680ca12e69c1a2d6436e8536168c06ca229b52164a7aabb0ca1da191d9c57eaaf3c4949d2900f6d6325742851674ca3d252cba625a773eb7e700fb0e619c3f968156ab5f4731bf3cf3e4d31813d2c581c9b94794acbe5b763b70aca63d3eafc85adc8489990f8c94f53b35bacfa3f698e17dc2692f84a2e8c6f388d237158cd4790a2dad688244408bcefd471996458e12ddf1743a19f88419a3b2448bc6cd295a796ac02bae7e1f682ae30968901a3424a735029d6087cf9373dbd47333da705f0a05de0de47f0334d315cae7db0749e6e3cd40004f8730a14fbce075d01a2698f3c726f87f1830a878bd7583566da3ed9b9a70a317ca1f82916ed5c5f757cece5c9f8a08e49c58dd8724a9ed1a3ff40f2f639bc822ea50fdb73a3a0e38ec83c24a808c89018c9490eebdcdb69a3edcb267964a1cda871c1de3286cae84ca47f2359f9739dcfa0692929ea4ba7133588f5a402fcf670398dd857e1c30cc4a7d5eb2f9e85a5761243e1a8eb1c6b642ff3939d693f92c9e00e3d393bafb3282b978f482aece2c51637fbb3bd3c8e586c2e9e033b27e0441a54aa40445ecff7073de5e1501a4db9ce14380542334a02a58c5b47134d6f4173712aff747ba2f1203eb0bb4644411d50039725fbfee4968bb1ddd77837348908a553f1624b0e1fc684df9ac465538bc7b2f0490e799bfc078401d573172492b754c6fda89ce06c5c58ef317eea60bc8dbb812b94de27f3371c243fee4e88e07a5f027c5eee5d0871801f04d738db45d665815bab760aff4f2d13b08adeee084b7fd67203a7f0a86460443a9929a27360afe117d9a27d9089632c91930c827a49675c9464d48381f9c643088aaf1713d470762bb95a836966c18b0c8446305082c41e0ab6877446136c3ced60093ef03d0572659aa2ec56fa8e53357dd250ce438647aca9d6f087b0718953f7be43d41358a1dbd1817b1813a2d25f3c1bf0051d752ef269162e46984344a3d0a4363880d724869c7eab1c8f380ad74e4e9e6fa9cf3c14596d57b1de2c54b8ae006b7881c59528730bbf66f0f463e6de65f4dbcd61fe1481bae66e91af1aade83dff169949f3078421ae83aea6dc4f5b44e2eda5b4e93e62d81bcf0937bc7210cc868913c7906f1adc9ec196efbcf314dc314e5ffb614f62f877bd58de59961012d06112d30badca391ecad74e19eb44ca96547b89c6de642917fa8d6f2d1542214657f821d9a723467882c2eccc7cc50ccdcc23afe429dcacd95b959b7993d5245ef9a991bffad6102b521149e5919f3da1a0b20b37f92082ff90c62dd85cb91b9201376cb021f840ea3600b6158c50fe2e7d61eba0939ede4622fe0ec260e4d19212590f1e1a0ec48a4e4a2be0bdd3737e2636ce0060265f96d6a40e8035c43113a4979572f950e7c5b3d07c2f9fd09e5475dd2c15d97732f2b694d6d5b3f12c1fb2e005673047dbcd8beafce63deb577f6287c44977733712cec26f5222839c6242f13ceae53d577e9780d70f34a955459f2e67c8f2ba28fc6556767a7158686808f140346fc8fef47f316aa3dcad44b597c5d9c0b43aba957b23c67f88c5a587140ffcb56bac9c2c5f06a1af1b53cb01c0a70aae3885704efa02e1f193b59052a421b50b9f9fd7ac2888b95c0472b33caa797003b3a2c6b89fb255747ecb31a10250a31311ab9e2378f3e2bf6b593b85eb6883f115068bc2d3fc53bea02b781202edd81769ee2247bcf4890b56b7153224e66709c491831a9dba871950b71263ab2ba923ab1312a691650743fe08250f573aef321cc0516f763559d0274e246267de7f07f76af25b1659673611dff1213d381ef7c056662265df3f90c6e2218ff039bc5ad5e62e43a206cd36a06111fc0c023d51345295094cc3d58fbd3514cdc764b3903bfe698fed59ca5d48e75d34256aef64c62aaf6d862e5c189c0a9c5b5ee1b8e154d5d94e4411f005cacda8832cd8f93b1833c86b2586c323bfd7ea5415984779b9152441e5d9cfd5066ff6dea29f93046e98179504f6e25f7c1743245f7d851dddecb1919fddcc40c94951961c9c2771873ac388a0e82107f19caf838e0d423b145b8f0e85c0c8d083bcf93435b2d1f1e406c78ded586e1ce08b061edbb69661efe4ccd53be79018a88e68c325a663a2542e02b37cbf3d53fd09aa2636b3eb013a5dba87603c5ae631156c91d4537f02a6d5a11549152bd81ae372037a4c46290694d0b46c81bffd743a5047b6ce4a1c71357d04f7b086f2fad174c693917526a21c1858d9c8f375604b899a9af38a9d176ef12024c43f7e5e74f700242ad22fac91e82b5883048a03e38a0ee3132b20548bf8a800a3741299572feb7469b3de687fa26fec0c95f7dd051d89828d613a23e20189a86c44413d6ec7ffdff2d3f2cd6d8c96c66faabefcb0dceaea394e395888822cb5565d55066ec075a61951832e1367129f52873c6bcc9e703a88ab7ab094aa791167b25c86240fad65eabe7191cba2e006a6a4728f93c7b0884bca4a04b6ad5c97916c1ee3ea3f6b13c8c9754df2417ba76f7ea8bd289f858ecab50017b6109", &(0x7f0000000040)="afb11a9277f8fac6ad8f0c91d6e19c220729f301596e9e1561aba89bf7e7ee3ab10b496ae0b736fe1f53f93dc1e6a0ef474fb1fd0dbf172d381f6f37b9e8e2", 0x7, r2, 0x4}, 0x38)
socket(0x11, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x8c941, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
ioctl$BLKPG(r4, 0x1269, &(0x7f00000001c0)={0x1, 0x0, 0x98, &(0x7f00000000c0)={0x0, 0x1000, 0xd}})
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r7, 0x0, r8, 0x0, 0x7, 0x5)

7m26.136409701s ago: executing program 3 (id=178):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003340)=[{{&(0x7f0000000340)=@phonet, 0x80, &(0x7f0000000ac0), 0x0, &(0x7f0000000b40)=""/160, 0xa0}, 0x8}, {{&(0x7f0000000c00)=@nfc, 0x80, &(0x7f00000004c0)}, 0x5}, {{&(0x7f0000000fc0)=@l2tp={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000001040), 0x0, &(0x7f0000001080)=""/197, 0xc5}, 0x401}, {{&(0x7f0000001180)=@pppol2tpin6={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000001280), 0x0, &(0x7f00000012c0)=""/17, 0x11}, 0x1}, {{&(0x7f0000001300)=@phonet, 0x80, &(0x7f0000001400)=[{&(0x7f0000001380)=""/115, 0x73}], 0x1}, 0x8}, {{&(0x7f0000001440)=@can, 0x80, &(0x7f00000002c0)=[{&(0x7f00000014c0)=""/221, 0xdd}, {&(0x7f00000015c0)=""/55, 0x37}], 0x2, &(0x7f0000001640)=""/239, 0xef}, 0x7}, {{&(0x7f0000001740)=@phonet, 0x80, &(0x7f0000001d00)=[{&(0x7f00000017c0)=""/8, 0x8}, {&(0x7f0000000880)=""/195, 0xc3}, {&(0x7f00000007c0)=""/145, 0x91}, {&(0x7f00000019c0)=""/67, 0x43}, {&(0x7f0000001a40)=""/38, 0x26}, {&(0x7f00000006c0)=""/71, 0x47}, {&(0x7f0000001b00)=""/181, 0xb5}, {&(0x7f0000001bc0)=""/17, 0x11}, {&(0x7f0000001c00)=""/250, 0xfa}], 0x9, &(0x7f0000001900)=""/144, 0x90}, 0x2}, {{&(0x7f0000001e40)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @remote}}}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000003480)=""/4100, 0x1004}, {&(0x7f0000001800)=""/238, 0xee}, {&(0x7f0000002fc0)=""/19, 0x13}, {&(0x7f00000003c0)=""/81, 0x51}], 0x4, &(0x7f0000000580)=""/111, 0x6f}, 0x4}, {{&(0x7f00000030c0)=@qipcrtr, 0x80, &(0x7f0000000740)=[{&(0x7f0000000980)=""/139, 0x8b}], 0x1, &(0x7f0000003180)=""/32, 0x20}, 0x4}, {{&(0x7f00000031c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000a40)=""/127, 0x7f}, {&(0x7f0000000c80)=""/185, 0xb9}, {&(0x7f0000000d40)=""/222, 0xde}, {&(0x7f0000000e40)=""/178, 0xb2}, {&(0x7f0000000ac0)=""/104, 0x68}], 0x5, &(0x7f0000003280)=""/173, 0xad}, 0xc0c}], 0xa, 0x40010002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40d4}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x48800)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0, 0x0)
socket$inet6(0xa, 0x805, 0x0)
r5 = openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000000)={0x1b0000019})
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r7=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x3})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000f40)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000f00)={&(0x7f0000001ec0)=ANY=[], 0x90}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r7, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYRES8=r5], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r8}, 0x18)
mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x81c0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000280)='./file1\x00', 0x1c0)
linkat(0xffffffffffffff9c, &(0x7f0000000500)='./file1/file4/file5\x00', 0xffffffffffffff9c, &(0x7f0000000540)='./file1/file4/file7/file5\x00', 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)

7m25.036605996s ago: executing program 3 (id=184):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)=@ipv4_delrule={0x38, 0x21, 0x1, 0x0, 0x25dfdbfb, {}, [@FRA_FLOW={0x8, 0xb, 0x1}, @FRA_GENERIC_POLICY=@FRA_OIFNAME={0x14, 0x11, 'dvmrp0\x00'}]}, 0x38}}, 0x40c4045)

7m25.036389608s ago: executing program 3 (id=185):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41"], 0x270}, 0x1, 0x0, 0x0, 0x8015}, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x24, &(0x7f0000000040)={0x1})
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, &(0x7f0000000180))

7m24.956398899s ago: executing program 3 (id=186):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x5, @remote, 0x1}, 0x1c)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
chdir(&(0x7f0000000280)='./file1\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r2, 0xffffffff80000800, 0xffffffffffffffff, &(0x7f00000000c0)={0x8, 0x2001, 0xffffffff, 0x2, 0xefffffffffff0000, 0x80000001, 0x48cd, 0x3, 0x800000df})
madvise(&(0x7f00006ae000/0x2000)=nil, 0x2000, 0xf)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r5=>r3}, './file0\x00'})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000180)={0x10, 0x0, &(0x7f0000000080)=[@release={0x40046306, 0x2}, @release={0x40046306, 0x3}], 0x73, 0x0, &(0x7f00000000c0)="d3777256570d7567492ae999aba83b444cdad15dec5b61a894c098ac7396d89127351f2d7cf0e49417c134c8fa9465a6200145042ce7ccd4c13aa11ab7270926350b2a7ea987daea9537229fc22badec74ff023dfa2459c1c38f97a237d0e558c1fe56c82c5fe2b7aaf25451f3a56ae044dcc9"})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_TDLS_MGMT(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x50, r6, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x4}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x3d}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x7}, @NL80211_ATTR_IE={0xd, 0x2a, [@mesh_config={0x71, 0x7, {0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x40}}]}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x4010)

7m9.634337952s ago: executing program 33 (id=186):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x5, @remote, 0x1}, 0x1c)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
chdir(&(0x7f0000000280)='./file1\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r2, 0xffffffff80000800, 0xffffffffffffffff, &(0x7f00000000c0)={0x8, 0x2001, 0xffffffff, 0x2, 0xefffffffffff0000, 0x80000001, 0x48cd, 0x3, 0x800000df})
madvise(&(0x7f00006ae000/0x2000)=nil, 0x2000, 0xf)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r5=>r3}, './file0\x00'})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000180)={0x10, 0x0, &(0x7f0000000080)=[@release={0x40046306, 0x2}, @release={0x40046306, 0x3}], 0x73, 0x0, &(0x7f00000000c0)="d3777256570d7567492ae999aba83b444cdad15dec5b61a894c098ac7396d89127351f2d7cf0e49417c134c8fa9465a6200145042ce7ccd4c13aa11ab7270926350b2a7ea987daea9537229fc22badec74ff023dfa2459c1c38f97a237d0e558c1fe56c82c5fe2b7aaf25451f3a56ae044dcc9"})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_TDLS_MGMT(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x50, r6, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x4}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x3d}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x7}, @NL80211_ATTR_IE={0xd, 0x2a, [@mesh_config={0x71, 0x7, {0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x40}}]}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x4010)

3.856748445s ago: executing program 5 (id=2887):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = socket(0x11, 0x800000003, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600)={'team0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000d40)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x60, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000], [0x0, 0x4]}, [@TCA_MQPRIO_MODE={0x6, 0x4}]}}}]}, 0x90}}, 0x0)
munmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSPGRP(r5, 0x5410, &(0x7f0000000440))
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x8901, &(0x7f0000000040))
sendmsg$inet(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)='h', 0x1}], 0x1}, 0x4815)
r6 = syz_io_uring_setup(0x239, &(0x7f00000001c0)={0x0, 0x1ffffe, 0x10700}, &(0x7f0000000140)=<r7=>0x0, &(0x7f0000000100)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r6, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r9 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r10 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
preadv(r10, &(0x7f0000000740)=[{&(0x7f0000002300)=""/247, 0xf7}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r10, 0xc018643a, &(0x7f0000000080)={0x4000000})

3.787159224s ago: executing program 5 (id=2888):
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$apparmor_exec(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB='exec'], 0x15)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x3a, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000180))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESHEX=0x0])
read$FUSE(r4, &(0x7f0000002480)={0x2020, 0x0, <r5=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
write$FUSE_INIT(r4, &(0x7f0000002300)={0x50, 0x0, r5, {0x7, 0x9, 0x0, 0x21831002, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x20}}, 0x50)
read$FUSE(r4, &(0x7f0000004580)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r4, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r6}, 0x10)
r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup3(r7, r4, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x18d042, 0x140)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x6, 0x11, r8, 0x0)

2.487817153s ago: executing program 5 (id=2893):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@can_newroute={0x1c, 0x18, 0x1, 0x80, 0x25dfdbfe, {}, [@CGW_LIM_HOPS={0x5, 0xd, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
futex(0x0, 0xc, 0xfffffffd, 0x0, 0x0, 0xff7ffffd)
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x894a, &(0x7f0000000000)={'ip6gre0\x00', 0x0})
syz_emit_ethernet(0x3e, &(0x7f0000000f40)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @broadcast}, @parameter_prob={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast1, @remote}}}}}}, 0x0)
vmsplice(r1, &(0x7f0000000040)=[{&(0x7f0000000000)="5044e8ff5213780ab7a27fbe9ec3baf39591c5", 0x13}], 0x1, 0xd)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x800000000, 0x10000000000f, &(0x7f0000006680))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
cachestat(r4, &(0x7f0000000180)={0xfb, 0x6}, &(0x7f0000002280), 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @multicast})
write$tun(r1, &(0x7f0000000100)={@val={0xa, 0x6003}, @val={0x0, 0x4, 0x0, 0x9614, 0x17}, @eth={@multicast, @remote, @void, {@ipv6={0x86dd, @udp={0xd, 0x6, '\x00 \x00', 0x10, 0x11, 0xff, @empty, @mcast2, {[], {0x4e22, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x0, 0x3, 0x5, 0x100}}}}}}}}}, 0x54)

2.354264059s ago: executing program 4 (id=2896):
socket$nl_generic(0x10, 0x3, 0x10)
socket$qrtr(0x2a, 0x2, 0x0)
syz_open_dev$vim2m(0x0, 0x800, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000180))
socket$nl_netfilter(0x10, 0x3, 0xc)
io_submit(0x0, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
writev(0xffffffffffffffff, &(0x7f0000000940), 0x0)
openat$6lowpan_enable(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r6], 0x54}}, 0x0)
socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@dellink={0x20, 0x11, 0x1, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, 0x8010, 0x602a1}}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

2.303942656s ago: executing program 5 (id=2898):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0)
pwrite64(r0, &(0x7f0000000000)="a5", 0xfffffe8c, 0x2)
ioctl$BLKRRPART(r0, 0x125f, 0x1f)
ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000000040)={0x2, 0x2, 0x10})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000540)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x3, @loopback, 0x3}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000240)="dc", 0x1}], 0x1}}], 0x1, 0x3404c891)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000680)={0x0, 0xf7, 0x2, [0x4, 0x3]}, 0xc)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000200001ebffffff25f58e383d510fa58caf0000000f000000"], 0x1c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
fcntl$lock(r4, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x5, 0x5})
fcntl$lock(r4, 0x24, &(0x7f0000000280)={0x0, 0x1, 0x5, 0x7})
r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f00000001c0)=0x1)
ioctl$VIDIOC_S_FREQUENCY(r5, 0x402c5639, &(0x7f0000000040)={0x0, 0x2, 0xcadb})
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x691, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)

2.29124078s ago: executing program 4 (id=2899):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)=@generic={&(0x7f0000000080)='.\x00', 0x0, 0x8}, 0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x503, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21111, 0x8831}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc, 0x4, 0x80c20001000002}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x48}, 0x1, 0x0, 0x0, 0x48890}, 0x0)

2.200484491s ago: executing program 4 (id=2901):
socket$inet6(0xa, 0x5, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, 0x0, 0x0)
bind$inet6(r0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet6(r0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
brk(0x55555ede5ffe)
restart_syscall()
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r2 = syz_open_dev$MSR(&(0x7f0000000580), 0xa, 0x0)
syz_emit_ethernet(0x2e0, &(0x7f00000009c0)={@link_local, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2aa, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, [{0x0, 0xa, "a741e54006598080a8030000004023493b87aafaff0500ffffffe723732472eefa45ad96579269748e254c1e4a948b580a9bc430d3be27df3e34060000ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "0001000000000019"}, {0x3}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}, {0x3, 0x9, "d47ae6e8805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3be"}, {0x21, 0x6, "fcf98a102ec1876d4e6fa3b20519bbaa8a029cee00b8d3485e3b63ed09bdb581c9fe68a356f542b043059ff05932e740e077e1d1"}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa76ffff9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4828288e62afbf03269f1f98aea6a58cf45d7c5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c258a6f"}, {0x0, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02c226a6bce65f81ed"}]}}}}}}, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$PIO_UNIMAP(r1, 0x4b67, &(0x7f0000000040)={0x3ffffffffffffe96, &(0x7f0000000000)=[{0x2000, 0x5}]})

2.197053665s ago: executing program 1 (id=2903):
openat$sequencer2(0xffffff9c, &(0x7f0000000040), 0x20401, 0x0)
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x2, 0x2)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x5, 0x6, 0x2, 0x0, 0x7})
memfd_create(&(0x7f0000000000)='\x00', 0x0)

2.072161932s ago: executing program 1 (id=2904):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x50)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x14, 0x22, 0x1, 0x10, 0x25dfdbfd, {0x2}}, 0x14}}, 0x800)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xb, &(0x7f00000001c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x5}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r3, 0x402c5639, &(0x7f0000000b40)={0x0, 0x1})
r4 = syz_open_procfs$pagemap(0x0, &(0x7f0000000400))
ioctl$FS_IOC_GETVERSION(r4, 0x80047601, &(0x7f0000000440))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r5 = socket(0x2, 0x5, 0x0)
r6 = openat$vim2m(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
r7 = socket$alg(0x26, 0x5, 0x0)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r5, 0x84, 0x13, &(0x7f0000000100)={<r8=>0x0, 0x101}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f00000002c0)={r8, 0x0, 0xf3a}, &(0x7f0000000300)=0x8)
bind$alg(r7, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha224)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0)
r9 = accept4(r7, 0x0, 0x0, 0x80000)
sendmsg$nl_route_sched(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000540)=@getqdisc={0x40, 0x26, 0x200, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0xfffe}, {0xfff2, 0x8}, {0x1, 0xffff}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0xfffffffffffffe9d}]}, 0x40}}, 0x4080)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r2, 0x40189429, &(0x7f00000003c0)={0x0, 0xd1, 0x2})
ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000080)={0x7f, 0x1, 0x0, "fa6a45f59a0a19972206f16bfcd9fd6243b2da50e5ec28a383e77ea33f0fdcba"})
listen(r5, 0x0)

1.994890571s ago: executing program 1 (id=2905):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x48, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5}, @IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x1, 0x1}}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000180)={{{@in6=@local, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@multicast2}, 0x0, @in=@broadcast}}, &(0x7f00000000c0)=0xe4)
mount$9p_xen(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x50, &(0x7f0000000400)={'trans=xen,', {[{@loose}, {@version_u}, {@mmap}, {@cache_readahead}, {@version_9p2000}, {@ignoreqv}], [{@fscontext={'fscontext', 0x3d, 'root'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '['}}, {@euid_lt={'euid<', r1}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\\[\xf6{\\,\xdc]}\'#!-/%&.#\xe6'}}, {@permit_directio}, {@smackfsfloor={'smackfsfloor', 0x3d, 'bridge\x00'}}]}})

1.871275613s ago: executing program 1 (id=2907):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
close$binfmt(r3)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r4, &(0x7f0000000180)=ANY=[], 0xff2e)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000dc0))
timer_create(0x3, 0x0, &(0x7f00000000c0)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000080)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
rt_sigaction(0xe, &(0x7f00000000c0)={&(0x7f0000000040)="f30f1efc66450f2832c482adbcaf07000000c4e1fd5aa13c9c43713ef2400f1ed3c4c2e93be7f2262e669f8f88a4a2e100430f12957b280000653ed9fa", 0x8000000, 0x0, {[0x8000]}}, 0x0, 0x8, &(0x7f0000000200))
r6 = syz_open_pts(r4, 0x101000)
r7 = dup3(r6, r4, 0x0)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000000)=0x11)
sendto$isdn(r7, &(0x7f0000000000)={0x5, 0x10, "76db7f9d30f4704f8dc78b657e36b227feba565f073b3ebc974fb541846fc5baf58a27c159312232a963636332aaa7da148f7427d61ed6a35df318d00871b35127d66aa143763aff03d6b76d4f19bcda333c71f3efcd37a35f513125a4546417564c51d98a0190d2aa911dab2d8b1fb2bcece422c1e5b92e6d5f21bffa43c364f11a50da722f9ffa7d7e594befb720"}, 0x97, 0x40, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0xfffffffd)
close_range(r0, 0xffffffffffffffff, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r10)
getsockname$packet(r10, &(0x7f00000002c0)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r11, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@delchain={0x3c, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r11, {0xffe0, 0x8}, {0xfff3, 0xffff}, {0xa, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40044}, 0x4804)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r7, 0x89f3, &(0x7f0000000100)={'erspan0\x00', &(0x7f0000000240)={'ip_vti0\x00', r11, 0x40, 0x40, 0x0, 0xff, {{0x1a, 0x4, 0x2, 0x13, 0x68, 0x64, 0x0, 0x3, 0x2f, 0x0, @remote, @empty, {[@ra={0x94, 0x4}, @timestamp_addr={0x44, 0x24, 0xbb, 0x1, 0x6, [{@loopback, 0x81}, {@dev={0xac, 0x14, 0x14, 0xb}, 0x2}, {@dev={0xac, 0x14, 0x14, 0x2a}, 0xe}, {@multicast1, 0x8}]}, @timestamp={0x44, 0x20, 0xdf, 0x0, 0x7, [0x4, 0x1, 0x1, 0xffffffff, 0x3, 0x4, 0x7]}, @noop, @end, @generic={0x85, 0x8, "72855421daff"}, @end]}}}}})

1.861259475s ago: executing program 0 (id=2908):
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000340)={'syz_tun\x00', 0x101})
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
close(r0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000bc0)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10202, 0x810}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x89}, @IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x0)

1.700473566s ago: executing program 0 (id=2909):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'bond_slave_0\x00', 0x10}) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'bond_slave_0\x00', 0x10})
r1 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0x2}, {0xffff, 0x1}, {0x6, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
openat$vcsa(0xffffff9c, &(0x7f0000000000), 0x41, 0x0) (async)
r4 = openat$vcsa(0xffffff9c, &(0x7f0000000000), 0x41, 0x0)
accept4$unix(r4, &(0x7f0000000140), &(0x7f00000000c0)=0x6e, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000780)=@newtfilter={0x5c, 0x2c, 0xd27, 0x870b528, 0x8000, {0x0, 0x0, 0x0, r3, {0x8, 0xc}, {}, {0xa, 0x8}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x10, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}]}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x2204402c}, 0x0)

1.561889075s ago: executing program 0 (id=2910):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r2=>0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000001000cff500000300ffffffff00000700", @ANYRES32=0x0, @ANYBLOB="000000000140060030001280080001006873720024000280050007000500000008000100", @ANYRES32=r3, @ANYBLOB="08000200", @ANYRES32=r2], 0x50}}, 0x4040040)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = dup(r4)
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
r6 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=<r7=>0x0, &(0x7f00000007c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r6, 0x4d10, 0x2, 0x2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
mount(&(0x7f0000000140)=@md0, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='omfs\x00', 0x4, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000480)={0x2b, 0x3, '\x00', [@generic={0x0, 0x19, "2350ee4995273cc8688d482bf5f0faa68aee2767149b49ab28"}, @enc_lim={0x4, 0x1, 0x3}]}, 0x28)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x14, 0x30, 0xc96f2b0dc02612b1, 0x71bd23, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
r11 = socket(0x10, 0x803, 0x0)
sendto(r11, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x8804, 0x0, 0x0)
recvmmsg(r11, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001380), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(r12, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f0000000140)={0x1c, r13, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}]}, 0x1c}}, 0x0)
r14 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), r5)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r10, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000680)=ANY=[@ANYBLOB="1d2000000e0d85d43bf3fcc544a55a14c7267f0801f2e7483efe94dba57af7d59d66d0590a6dcda915003d798e43925e91f9d7c98d30f693efabea29a91e730d0000985e6126642fb6e51c342ba8fb6cb3c1943a76c11271c10388c338f53df1c94b04ab01befc48ade8f5b7a008324e28af1f1dc60d3f18fed8f11f6bfe7fa393a0f266248ce727", @ANYRES16=r14, @ANYBLOB="010000000000000000000e000000100002800400040008000200000000001800018014000200767863616e3100"/54], 0x3c}, 0x1, 0x0, 0x0, 0x24000011}, 0x4008000)
mount(&(0x7f0000000140)=@sr0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='omfs\x00', 0x200000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r9}, 0x10)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r15 = syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1)
shutdown(r15, 0x1)

1.380802768s ago: executing program 5 (id=2911):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x20400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x74, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x67}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IFACE={0x14, 0x17, 'netdevsim0\x00'}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}]}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x9c}, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x3}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x80000000}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x10000082}, 0x20004024)

1.347065263s ago: executing program 0 (id=2912):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000feffffff0000000000000000850000002800000018010000646c6c2500000000002020207b1af8ff00000000bfa10000000000000701000001ffffffb702000008000000b7030000feffffff850000009b00000095"], &(0x7f00000000c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0bb547ed3f7ffe9abc89b6f0458", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x0, 0x32, 0x0, 0x0}, 0x4c)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
setsockopt$inet_tcp_int(r2, 0x6, 0x19, &(0x7f0000000240)=0x3, 0x4)
listen(r2, 0x0)
shutdown(r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000feffffff0000000000000000850000002800000018010000646c6c2500000000002020207b1af8ff00000000bfa10000000000000701000001ffffffb702000008000000b7030000feffffff850000009b00000095"], &(0x7f00000000c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) (async)
bpf$ENABLE_STATS(0x20, 0x0, 0x0) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0bb547ed3f7ffe9abc89b6f0458", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x0, 0x32, 0x0, 0x0}, 0x4c) (async)
socket$inet_smc(0x2b, 0x1, 0x0) (async)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0) (async)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10) (async)
setsockopt$inet_tcp_int(r2, 0x6, 0x19, &(0x7f0000000240)=0x3, 0x4) (async)
listen(r2, 0x0) (async)
shutdown(r2, 0x0) (async)

1.297075258s ago: executing program 4 (id=2913):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000140), 0x404000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x14, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0xe}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19})
bind$alg(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[], 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000040)=0x2, 0xffffffb4)
syz_emit_ethernet(0x0, 0x0, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = eventfd(0x101)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000180)=r2)
syz_clone(0x69901211, 0x0, 0x22, 0x0, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prctl$PR_SET_KEEPCAPS(0x59616d61, 0x1ffffffffffffff)
madvise(&(0x7f000018a000/0x2000)=nil, 0x2000, 0x12)
syz_clone(0x500, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)
close(r0)
bpf$MAP_CREATE(0x0, 0x0, 0x1d)

1.256861051s ago: executing program 5 (id=2914):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x78, 0x24, 0xd0f, 0xffffffff, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x4c, 0x2, [@TCA_RED_PARMS={0x14, 0x1, {0x6, 0x6, 0x8, 0x2, 0x14, 0xe, 0x1}}, @TCA_RED_MARK_BLOCK={0x8, 0x6, 0x8}, @TCA_RED_PARMS={0x14, 0x1, {0x6, 0x80000000, 0x5, 0x2, 0x16, 0x29, 0x2}}, @TCA_RED_MARK_BLOCK={0x8, 0x6, 0x80}, @TCA_RED_MARK_BLOCK={0x8, 0x6, 0xc}, @TCA_RED_MAX_P={0x8, 0x3, 0x9f}]}}]}, 0x78}, 0x1, 0x0, 0x0, 0x4940}, 0x24008890)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="010000e3ff"], 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000), 0xc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x4, 0x165}, &(0x7f0000000000)=<r9=>0x0, &(0x7f0000000280)=<r10=>0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd, 0x0, 0x0, 0x3, 0x8, 0x0, {0x0, 0x0, r4}})
io_setup(0x1, &(0x7f0000000000)=<r11=>0x0)
r12 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/devices.allow\x00', 0x101000, 0x40)
io_submit(r11, 0x1, &(0x7f0000000a40)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xfff, r12, &(0x7f0000000300)="e83924", 0x3}])
fsopen(&(0x7f0000000040)='qnx4\x00', 0x0)
io_uring_enter(r8, 0x3517, 0x173d, 0x42, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000000480)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xcb62}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x6, 0x0, 0xb, 0xa}, {0xf}}, [@printk={@i, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x2, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000080)='syzkaller\x00', 0x941, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.221627842s ago: executing program 1 (id=2915):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/warn_count', 0x80080, 0xd4)
listen(r1, 0x5) (async)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')

1.215196177s ago: executing program 0 (id=2916):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x81)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000240)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="02180006020000172cbd708672cad8623900fddbdf25a02ee5fc4220d76803c7d2244078a12acdd6b30cd8ef0e8e30f8b054cd4517127e2c"], 0x10}}, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000340)={0x2, 0x5, 0x0, 0x9, 0x2, 0x0, 0x0, 0x7}, 0x10}, 0x1, 0x400000000000000}, 0x20000000)
shmctl$SHM_LOCK(0x0, 0xb)
shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x11c0, 0x80000)
openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file4\x00', &(0x7f0000000380)={0x40440, 0x15c, 0x12}, 0x18)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r4, 0x84, 0x1b, 0x0, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$media(&(0x7f00000000c0), 0x103, 0x0)

1.13237508s ago: executing program 1 (id=2917):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @raw_data="9e9684208c1cc7b7e19c83b32dc495a7c871f9e5de0094787e81e6375d68567e01f250249d6c884c05d0d350079b1b1f967f024aafcc60b167574fecff0cd572448426c099638c978a1423fb80f20b485267b25e00097e2ae9592bff3a80e2ad9d95c5b9b3653a08e0f1ccff5d1b55bf0dc489575d53b299623f04025dfafc0ba814c7f5e3fe8a96e019f55af7150f1dc0cb5288129b6f4fb3ab2be0b246ca11b0a7f316fc03f30100000000000000d10bde1e382f1bedbf6c29fb460e51edd4b0cf848200"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x4840)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@updpolicy={0xb4, 0x19, 0x1, 0xfffffffc, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x2c}, @in6=@local, 0x4e22, 0x0, 0x4e24, 0x0, 0xa, 0x0, 0x60}, {0x0, 0x1000000000000401, 0xfffffffffffffffe, 0x40000000, 0x0, 0x1a, 0x1, 0xfffffffffffffffe}, {0x7a, 0x5, 0x0, 0x7fff}, 0x8, 0x0, 0x1, 0x1, 0x3}}, 0xb4}}, 0x0)
sendto$inet6(r2, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f00000003c0), &(0x7f0000000400)=0x4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r5=>0x0})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x24, r4, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x6}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0xffffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008091}, 0x41)
r7 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000180)={0x1, @vbi={0x0, 0x0, 0x0, 0x50323234}})
mount$tmpfs(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000f80), 0x400, &(0x7f0000000080)=ANY=[@ANYBLOB='mpol=bind:N', @ANYRESOCT])
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r4, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r5}, @void}}}, 0x28}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

178.242246ms ago: executing program 4 (id=2918):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={<r0=>0x0}, &(0x7f0000000040)=0xc)
ptrace$ARCH_SET_GS(0x1e, r0, &(0x7f0000000080), 0x1001)
ptrace$peek(0x1, r0, &(0x7f00000000c0))
r1 = openat$mice(0xffffff9c, &(0x7f0000000100), 0x280000)
write$P9_RGETLOCK(r1, &(0x7f0000000140)={0x1e, 0x37, 0x1, {0x1, 0x9, 0x9, r0}}, 0x1e)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000180)={0xaa, 0x232})
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f00000001c0)={0x5, 0x2, 0x9})
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), r1)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000500)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000280)={0x224, r2, 0x200, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_MEDIA={0xf8, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xd814}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe014}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xb69}]}]}, @TIPC_NLA_MON={0x54, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9e}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80000001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7db}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8001}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8b}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}]}, @TIPC_NLA_LINK={0xa0, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x400}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x92b1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x823d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}]}]}, 0x224}, 0x1, 0x0, 0x0, 0x80}, 0x20048000)
ptrace$pokeuser(0x6, 0x0, 0x9, 0x2)
ioctl$USBDEVFS_CLEAR_HALT(r1, 0x80045515, &(0x7f0000000540)={0x5})
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCSPGRP(r3, 0x8902, &(0x7f0000000580)=r0)
rt_sigqueueinfo(r0, 0x34, &(0x7f00000005c0)={0x3d, 0x8001, 0x9})
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r3, 0xf501, 0x0)
fcntl$notify(r3, 0x402, 0x8)
recvmsg$unix(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000640)=""/193, 0xc1}, {&(0x7f0000000740)=""/240, 0xf0}, {&(0x7f0000000840)=""/233, 0xe9}], 0x3}, 0x0)
clock_gettime(0x0, &(0x7f0000000a80)={<r4=>0x0, <r5=>0x0})
select(0x40, &(0x7f00000009c0)={0x2, 0x6, 0xfffffffffffffffd, 0xffffffffffff8000, 0x5, 0x9, 0x6, 0x8000000000000000}, &(0x7f0000000a00)={0x1600000000000, 0x4, 0x0, 0x7, 0x3, 0xa, 0x100000001, 0x7}, &(0x7f0000000a40)={0x3, 0xffffffffffffffff, 0x5, 0xfffffffffffffffe, 0x6, 0x5, 0x81, 0x5}, &(0x7f0000000ac0)={r4, r5/1000+10000})
r6 = openat$dlm_plock(0xffffff9c, &(0x7f0000000b40), 0x2c0, 0x0)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000b00), r6)
mkdirat$cgroup_root(0xffffff9c, &(0x7f0000000b80)='./cgroup/syz0\x00', 0x1ff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000c00)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000d00)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c40)={0x44, r7, 0x4, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x100}]}, 0x44}, 0x1, 0x0, 0x0, 0x20008840}, 0x80)
syncfs(0xffffffffffffffff)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_open_dev$media(&(0x7f0000000d40), 0x9, 0x20002)
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_SYNC_REGS(r9, 0x4068aea3, &(0x7f0000000d80))
fgetxattr(r6, &(0x7f0000000e00)=@known='system.advise\x00', &(0x7f0000000e40)=""/199, 0xc7)

99.860911ms ago: executing program 0 (id=2919):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r0 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00', r1}, 0x18) (async)
syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x2001) (async)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]})
close_range(r2, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) (async)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = dup(r5)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240b1c3f83800f9977752021441c5e2bbf48ab947b98a60207c9644beaf86de619f10619566f1d64dcb7ed6fe56c1cbd6ea7897e17eaa2b7a91972083d0388287e6c6bfd2d28edf944a8713c8a1441f44b9622fbfb820482785ca5093b0f43aaaf677a7203adcf0e8de91f8db1e020b240c742df8a9e358b1302b68f49cd57ac7ae0019c02dd717b14d8f8792514750144f32b057bd1de9f6c09591100dc3eb"], 0x64}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) (async)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x4) (async)
syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000340)=<r7=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async)
r8 = socket$inet6(0xa, 0x2, 0x3a)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='numa_maps\x00')
read$FUSE(r9, &(0x7f0000004180)={0x2020}, 0x2020) (async)
sendmsg$SMC_PNETID_DEL(r9, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16, @ANYBLOB="100027bd7000fbdbdf2503000000140002006261746164765f736c6176655f30000005000400010000000900010073797a31000000001400020070696d367265673100000000000000001400020076657468315f746f5f68737200000000ae9c3ba11568eb780be59fb0f1d2b390766c9506131c0d727f92a8de9944651ef78b136c35f7082cb297bc5280131ca9ab80227331ddda3071104377bfa506493c3f68219cbb12d404eea24ab2173fa0516935e3483b2b07b329ec11d7ab8f9838238f48c696bd457190716a1beef8d292324950723051dc3eb0fe102c670fdfe44368244290092cade5de4019db9d713f584243aba14fdb1b94375b9d11c95e7ac723c0402e907156416598cbc8062c2b07fa8842f455a3f0140eabd6f7d0a660b5ac01b17de3557e2db5e6250cf34d26cb8558612c730b320e79b70a627420d7cb2a83eda82879f367332c94cfbe3aac6fecfbbe0866513080981552148bae10672d156ab0ad17d6c2d94f6370df82e23d48054d0dc088aac955310a91d8532f14b7f25378b0c6ed380d9299ea26eabb82628d4e5417bed7c250c1327bf433427bae06d021cce97268e6dace42226e8551ce7cfec56095f3efd7b297522bf31a3a431f663fd61dbb7b53e5df3d56e35dcfec6da3dd9d6a97a5eb318538499592d753d1f01fca6d877720c834e084c77df3ea458d2cb143821585ef2f14f87f86369944de0697ac918cfa6a4a54d124bd027d2b61042a885c2bdcfa720786e89276dc818c503e22c745cce77993700cfe0240c612c3d05b3b4325eaaa46d46766"], 0x64}, 0x1, 0x0, 0x0, 0x20008440}, 0x804) (async)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c) (async)
sendto$inet6(r8, &(0x7f0000000100)="800037e9220ca1ce", 0x8, 0x0, &(0x7f0000000140)={0xa, 0x4e24, 0x6, @mcast2, 0xf}, 0x1c)

0s ago: executing program 4 (id=2920):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0) (async)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x200000a, 0x4c831, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWSET={0x44, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14}}, 0x6c}}, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40186f40, &(0x7f0000000440)=0x8) (async, rerun: 32)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64)
r2 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) (rerun: 64)
add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, &(0x7f0000000200)="d78d311a5261b8d913847f543445b040164bc0b9a7b33e3b49995c9af792cfb1b9b6556e26331b889f9af9c89bb0d47e9a5ed22ef85dbb75731a5cd4be9ef71d583b59f630c6394470fc566943ab81379210c6a03cb1558ec544ad40b9647daf6445bb4cdad88f247b8b43b0b48cd1ee680721be659d6ccf5b7b1e879e792f28aa688971089e2488b9d4", 0x8a, r2)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141901) (async)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000017000b63d25a80648c2594f941a3c92b", 0x14}], 0x1}, 0x0)
r5 = dup(r3)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c) (async)
r6 = syz_io_uring_setup(0x236, &(0x7f0000000340)={0x0, 0x1c28, 0x10, 0x3, 0x31b, 0x0, r5}, &(0x7f00000003c0)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r6, 0x2ded, 0x4000, 0x0, 0x0, 0x0) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x7, &(0x7f0000000240)) (async)
getgid() (async)
pipe(&(0x7f00000000c0)={<r9=>0xffffffffffffffff}) (async, rerun: 32)
r10 = socket$inet_udp(0x2, 0x2, 0x0) (rerun: 32)
splice(r9, 0x0, r10, 0x0, 0x4ffe6, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80e02, 0x0) (async, rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) (rerun: 32)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x10000, &(0x7f0000000400)={[{@subsystem='hugetlb'}, {@subsystem='memory'}, {@subsystem='cpuacct'}, {@favordynmods}]})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

kernel console output (not intermixed with test programs):

c0000
[  383.161016][   T40] audit: type=1326 audit(1756292930.156:2065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13641 comm="syz.1.2060" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf712e579 code=0x7ffc0000
[  383.458517][T13651] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2061'.
[  383.464359][T13651] tmpfs: Bad value for 'mpol'
[  383.714970][ T5978] Bluetooth: hci0: command 0x0419 tx timeout
[  383.798397][ T5984] usb 46-1: device descriptor read/8, error -110
[  384.337826][ T5984] usb usb46-port1: attempt power cycle
[  384.691427][T13674] netlink: 5 bytes leftover after parsing attributes in process `syz.1.2064'.
[  384.694253][T13674] 0猉功D: renamed from macvtap0 (while UP)
[  384.698975][T13674] 0猉功D: entered allmulticast mode
[  384.700713][T13674] veth0_macvtap: entered allmulticast mode
[  384.703074][T13674] A link change request failed with some changes committed already. Interface 
30猉功D may have been left with an inconsistent configuration, please check.
[  384.788292][T13674] hub 1-0:1.0: USB hub found
[  384.790149][T13674] hub 1-0:1.0: 2 ports detected
[  384.930240][ T5984] usb usb46-port1: unable to enumerate USB device
[  385.355593][T13694] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  385.358136][T13694] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  385.363426][T13694] vhci_hcd vhci_hcd.0: Device attached
[  385.390394][T13694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2068'.
[  385.644907][   T53] usb 38-1: SetAddress Request (2) to port 0
[  385.647658][   T53] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[  385.805270][ T5978] Bluetooth: hci0: command 0x0419 tx timeout
[  385.878349][T13705] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  385.886222][T13705] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  385.902436][T13705] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  385.904645][T13705] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  385.906356][T13695] vhci_hcd: connection reset by peer
[  385.910642][ T1259] vhci_hcd: stop threads
[  385.913598][ T1259] vhci_hcd: release socket
[  385.916255][ T1259] vhci_hcd: disconnect device
[  385.922662][T13705] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  385.924548][T13705] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  385.928379][T13705] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  385.930815][T13705] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  386.660044][T13713] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2076'.
[  386.712293][T13713] tmpfs: Bad value for 'mpol'
[  386.860145][T13717] block nbd4: Attempted send on invalid socket
[  386.862200][T13717] blk_print_req_error: 25 callbacks suppressed
[  386.862210][T13717] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  386.870990][T13717] block nbd4: Attempted send on invalid socket
[  386.873050][T13717] I/O error, dev nbd4, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  387.715126][ T2045] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  387.847638][ T2045] usb 10-1: device descriptor read/64, error -71
[  387.995607][T13735] fuse: blksize only supported for fuseblk
[  388.085041][ T2045] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  388.347740][ T2045] usb 10-1: device descriptor read/64, error -71
[  388.412928][T13739] modprobe invoked oom-killer: gfp_mask=0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), order=0, oom_score_adj=0
[  388.428440][T13739] CPU: 3 UID: 0 PID: 13739 Comm: modprobe Not tainted syzkaller #0 PREEMPT(full) 
[  388.428457][T13739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  388.428464][T13739] Call Trace:
[  388.428468][T13739]  <TASK>
[  388.428472][T13739]  dump_stack_lvl+0x16c/0x1f0
[  388.428491][T13739]  dump_header+0x101/0x930
[  388.428508][T13739]  oom_kill_process+0x272/0xa40
[  388.428520][T13739]  ? oom_cpuset_eligible.isra.0+0x199/0x2d0
[  388.428534][T13739]  out_of_memory+0x1405/0x1700
[  388.428550][T13739]  ? __pfx_out_of_memory+0x10/0x10
[  388.428567][T13739]  __alloc_frozen_pages_noprof+0x1d53/0x23f0
[  388.428586][T13739]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  388.428601][T13739]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  388.428613][T13739]  ? read_pages+0x632/0xc70
[  388.428629][T13739]  ? __lock_acquire+0x62e/0x1ce0
[  388.428645][T13739]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  388.428662][T13739]  ? policy_nodemask+0xea/0x4e0
[  388.428676][T13739]  alloc_pages_mpol+0x1fb/0x550
[  388.428691][T13739]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  388.428709][T13739]  folio_alloc_noprof+0x20/0x2d0
[  388.428725][T13739]  filemap_alloc_folio_noprof+0x3a1/0x470
[  388.428746][T13739]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  388.428764][T13739]  ? page_cache_sync_ra+0x4e9/0xa00
[  388.428778][T13739]  filemap_get_pages+0xd1f/0x1c20
[  388.428797][T13739]  ? __pfx_filemap_get_pages+0x10/0x10
[  388.428814][T13739]  ? __pfx___might_resched+0x10/0x10
[  388.428828][T13739]  filemap_read+0x3d2/0xe40
[  388.428844][T13739]  ? find_held_lock+0x2b/0x80
[  388.428857][T13739]  ? __pfx_filemap_read+0x10/0x10
[  388.428886][T13739]  generic_file_read_iter+0x344/0x450
[  388.428902][T13739]  ext4_file_read_iter+0x1d6/0x6a0
[  388.428916][T13739]  vfs_read+0x8bc/0xcf0
[  388.428932][T13739]  ? __pfx_vfs_read+0x10/0x10
[  388.428944][T13739]  ? __pfx_do_sys_openat2+0x10/0x10
[  388.428967][T13739]  ksys_read+0x12a/0x250
[  388.428979][T13739]  ? __pfx_ksys_read+0x10/0x10
[  388.428995][T13739]  do_syscall_64+0xcd/0x490
[  388.429010][T13739]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.429021][T13739] RIP: 0033:0x7fdca103a134
[  388.429030][T13739] Code: 48 3d 00 f0 ff ff 77 06 c3 0f 1f 44 00 00 f7 d8 89 05 80 41 01 00 48 c7 c0 ff ff ff ff c3 0f 1f 84 00 00 00 00 00 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 04 c3 0f 1f 00 f7 d8 89 05 58 41 01 00 48 c7
[  388.429041][T13739] RSP: 002b:00007fff57d1b388 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  388.429051][T13739] RAX: ffffffffffffffda RBX: 00007fff57d1b400 RCX: 00007fdca103a134
[  388.429058][T13739] RDX: 0000000000000340 RSI: 00007fff57d1b618 RDI: 0000000000000000
[  388.429064][T13739] RBP: 00007fff57d1b3f0 R08: 00007fff57d1b5f7 R09: 0000000000000000
[  388.429070][T13739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  388.429076][T13739] R13: 0000000000000340 R14: 00007fff57d1b610 R15: 00007fff57d1b618
[  388.429089][T13739]  </TASK>
[  388.429093][T13739] Mem-Info:
[  388.455292][ T2045] usb usb10-port1: attempt power cycle
[  388.500349][T13739] active_anon:1983 inactive_anon:1763 isolated_anon:0
[  388.500349][T13739]  active_file:403 inactive_file:857 isolated_file:0
[  388.500349][T13739]  unevictable:1768 dirty:2 writeback:0
[  388.500349][T13739]  slab_reclaimable:6584 slab_unreclaimable:64898
[  388.500349][T13739]  mapped:21539 shmem:3998 pagetables:1572
[  388.500349][T13739]  sec_pagetables:327 bounce:0
[  388.500349][T13739]  kernel_misc_reclaimable:0
[  388.500349][T13739]  free:29071 free_pcp:673 free_cma:0
[  388.552234][T13739] Node 0 active_anon:112kB inactive_anon:112kB active_file:0kB inactive_file:8kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:5076kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7952kB pagetables:1644kB sec_pagetables:1168kB all_unreclaimable? yes Balloon:0kB
[  388.563119][T13739] Node 1 active_anon:8020kB inactive_anon:6840kB active_file:1712kB inactive_file:3320kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:86040kB dirty:8kB writeback:0kB shmem:10916kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5524kB pagetables:4644kB sec_pagetables:140kB all_unreclaimable? no Balloon:0kB
[  388.574117][T13739] Node 0 DMA free:1928kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  388.584697][T13739] lowmem_reserve[]: 0 288 288 288 288
[  388.586750][T13739] Node 0 DMA32 free:10448kB boost:2048kB min:15268kB low:18572kB high:21876kB reserved_highatomic:2048KB free_highatomic:612KB active_anon:108kB inactive_anon:112kB active_file:0kB inactive_file:8kB unevictable:3536kB writepending:0kB present:1032196kB managed:295136kB mlocked:0kB bounce:0kB free_pcp:2588kB local_pcp:0kB free_cma:0kB
[  388.600661][T13739] lowmem_reserve[]: 0 0 0 0 0
[  388.602751][T13739] Node 1 DMA32 free:102600kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:8028kB inactive_anon:6840kB active_file:1752kB inactive_file:3224kB unevictable:3536kB writepending:8kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:11960kB local_pcp:16kB free_cma:0kB
[  388.615949][T13739] lowmem_reserve[]: 0 0 0 0 0
[  388.618334][T13739] Node 0 DMA: 0*4kB 3*8kB (UM) 7*16kB (UM) 4*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 1928kB
[  388.624915][T13739] Node 0 DMA32: 4*4kB (UMEH) 54*8kB (M) 97*16kB (M) 94*32kB (UMH) 45*64kB (UMH) 8*128kB (MH) 4*256kB (UH) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 10448kB
[  388.632982][T13739] Node 1 DMA32: 2601*4kB (UM) 1885*8kB (UME) 1113*16kB (UME) 562*32kB (UME) 273*64kB (UME) 61*128kB (UME) 21*256kB (UM) 16*512kB (UM) 8*1024kB (UM) 3*2048kB (M) 1*4096kB (M) = 118556kB
[  388.640701][T13739] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  388.643646][T13739] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  388.652076][T13739] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  388.658530][T13739] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  388.664813][T13739] 5644 total pagecache pages
[  388.667618][T13739] 336 pages in swap cache
[  388.670095][T13739] Free swap  = 0kB
[  388.673906][T13739] Total swap = 124996kB
[  388.676818][T13739] 524155 pages RAM
[  388.680292][T13739] 0 pages HighMem/MovableOnly
[  388.682984][T13739] 209476 pages reserved
[  388.685469][T13739] 0 pages cma reserved
[  388.687873][T13739] Unreclaimable slab info:
[  388.693725][T13739] Name                      Used          Total
[  388.698492][T13739] pid_3                     23KB         23KB
[  388.703026][T13739] pid_2                     83KB        141KB
[  388.707455][T13739] bio-360                    7KB          7KB
[  388.711565][T13739] bio-424                    8KB          8KB
[  388.715782][T13739] bio-440                    8KB          8KB
[  388.720028][T13739] bio-536                   15KB         15KB
[  388.723726][T13739] afs_inode_cache           61KB         61KB
[  388.727865][T13739] zspage-zswap1            232KB        232KB
[  388.731190][T13739] zs_handle-zswap1         319KB        320KB
[  388.733113][T13739] zswap_entry              866KB        901KB
[  388.735103][T13739] AF_VSOCK                 122KB        122KB
[  388.736963][T13739] sw_flow_stats             16KB         16KB
[  388.738927][T13739] sw_flow                   61KB         61KB
[  388.740870][T13739] batadv_tt_change_cache         16KB         16KB
[  388.743969][T13739] batadv_tl_cache           16KB         16KB
[  388.745994][T13739] ceph_osd_request         127KB        127KB
[  388.747842][T13739] ceph_msg                  30KB         30KB
[  388.749637][T13739] IEEE-802.15.4-MAC         63KB         63KB
[  388.751464][T13739] IEEE-802.15.4-RAW         94KB         94KB
[  388.753306][T13739] p9_req_t                  39KB         39KB
[  388.755453][T13739] INET_SMC                 183KB        183KB
[  388.757312][T13739] SMC6                      61KB         61KB
[  388.759231][T13739] SMC                      122KB        122KB
[  388.761046][T13739] TIPC                     123KB        123KB
[  388.762870][T13739] rds_tcp_connection         15KB         15KB
[  388.764843][T13739] RDS                      128KB        128KB
[  388.766743][T13739] rds_connection            30KB         30KB
[  388.768599][T13739] SCTPv6                   120KB        120KB
[  388.770430][T13739] SCTP                     245KB        245KB
[  388.772265][T13739] sctp_chunk                62KB        140KB
[  388.774504][T13739] sctp_bind_bucket          16KB         16KB
[  388.776454][T13739] PNPIPE                   123KB        123KB
[  388.778423][T13739] PHONET                    31KB         31KB
[  388.780457][T13739] L2TP/IPv6                127KB        127KB
[  388.782343][T13739] L2TP/IP                  121KB        121KB
[  388.784329][T13739] KCM                       95KB         95KB
[  388.786311][T13739] kcm_mux                   47KB         47KB
[  388.788223][T13739] RXRPC                    124KB        124KB
[  388.790227][T13739] rxrpc_call_jar           236KB        286KB
[  388.792145][T13739] can_receiver              11KB         11KB
[  388.794507][T13739] net_bridge_fdb_entry        102KB        102KB
[  388.796821][T13739] nf-frags                   7KB          7KB
[  388.800339][T13739] MPTCPv6                  125KB        125KB
[  388.802251][T13739] fib6_node                 80KB         96KB
[  388.804207][T13739] ip6_dst_cache            146KB        257KB
[  388.813852][T13739] mfc6_cache                12KB         12KB
[  388.816991][T13739] PINGv6                   124KB        124KB
[  388.818878][T13739] RAWv6                    186KB        186KB
[  388.820918][T13739] UDPLITEv6                127KB        127KB
[  388.822755][T13739] UDPv6                    223KB        223KB
[  388.825668][T13739] tw_sock_TCPv6             15KB         15KB
[  388.827638][T13739] request_sock_TCPv6         15KB         15KB
[  388.829837][T13739] TCPv6                    320KB        486KB
[  388.834244][T13739] nf_conntrack              31KB         31KB
[  388.837684][T13739] wg_peer                  148KB        148KB
[  388.839851][T13739] allowedips_node           19KB         19KB
[  388.842103][T13739] ubi_wl_entry_slab          3KB          3KB
[  388.847392][T13739] t10_alua_lu_gp_cache          7KB          7KB
[  388.850068][T13739] scsi_sense_cache          44KB         44KB
[  388.852646][T13739] virtio_scsi_cmd           16KB         16KB
[  388.860709][T13739] bio-136                   96KB         96KB
[  388.865565][T13739] io_kiocb                 101KB        156KB
[  388.867566][T13739] bio-264                    7KB          7KB
[  388.870323][T13739] mqueue_inode_cache        121KB        121KB
[  388.874653][T13739] f2fs_bio_post_read_ctx         23KB         23KB
[  388.880079][T13739] jfs_mp                     7KB          7KB
[  388.882276][T13739] fuse_request              31KB         31KB
[  388.884430][T13739] cifs_small_rq             16KB         16KB
[  388.893466][T13739] cifs_request              67KB         67KB
[  388.899823][T13739] cifs_mpx_ids               7KB          7KB
[  388.901851][T13739] cifs_io_subrequest         39KB         39KB
[  388.903988][T13739] cifs_io_request           95KB         95KB
[  388.908194][ T2045] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  388.908794][T13739] nfs_commit_data           15KB         15KB
[  388.912672][T13739] nfs_write_data            63KB         63KB
[  388.914551][T13739] ecryptfs_sb_cache          7KB          7KB
[  388.916566][T13739] jbd2_inode                15KB         15KB
[  388.918409][T13739] ext4_system_zone           3KB          3KB
[  388.920278][T13739] ext4_io_end_vec           15KB         15KB
[  388.922115][T13739] kioctx                   127KB        127KB
[  388.924034][T13739] aio_kiocb                 31KB         31KB
[  388.926453][ T2045] usb 10-1: device descriptor read/8, error -71
[  388.928422][T13739] userfaultfd_ctx_cache         63KB         63KB
[  388.930349][T13739] fanotify_fid_event         27KB         27KB
[  388.932201][T13739] fanotify_mark              7KB          7KB
[  388.934068][T13739] dnotify_mark               7KB          7KB
[  388.936058][T13739] dnotify_struct             7KB          7KB
[  388.937892][T13739] fasync_cache              23KB         23KB
[  388.939739][T13739] pid_namespace             30KB         30KB
[  388.941579][T13739] kvm_vcpu                 123KB        123KB
[  388.943440][T13739] kvm_mmu_page_header         46KB         46KB
[  388.945608][T13739] pte_list_desc             31KB         31KB
[  388.947466][T13739] x86_emulator             120KB        120KB
[  388.949314][T13739] rpc_buffers               95KB         95KB
[  388.951288][T13739] rpc_tasks                 23KB         23KB
[  388.953243][T13739] UNIX-STREAM              259KB        350KB
[  388.955220][T13739] UNIX                     507KB        701KB
[  388.957766][T13739] ip4-frags                 31KB         31KB
[  388.959661][T13739] mfc_cache                  4KB          4KB
[  388.961548][T13739] UDP-Lite                 124KB        124KB
[  388.963473][T13739] MPTCP                    117KB        117KB
[  388.965450][T13739] request_sock_subflow_v4          7KB          7KB
[  388.967478][T13739] tcp_bind2_bucket          16KB         16KB
[  388.969346][T13739] tcp_bind_bucket           16KB         16KB
[  388.971217][T13739] inet_peer                  8KB          8KB
[  388.973132][T13739] xfrm_dst                 110KB        133KB
[  388.975529][T13739] xfrm_state               127KB        127KB
[  388.977432][T13739] ip_fib_trie               28KB         40KB
[  388.979314][T13739] ip_fib_alias              73KB         94KB
[  388.981183][T13739] rtable                    71KB        108KB
[  388.983093][T13739] PING                     151KB        151KB
[  388.985116][T13739] RAW                      182KB        182KB
[  388.987009][T13739] UDP                      155KB        155KB
[  388.988906][T13739] tw_sock_TCP                7KB          7KB
[  388.990804][T13739] request_sock_TCP          23KB         23KB
[  388.992771][T13739] TCP                      519KB        573KB
[  388.995229][T13739] hugetlbfs_inode_cache        126KB        126KB
[  388.997229][T13739] fscache_cookie_jar         23KB         23KB
[  388.999568][T13739] netfs_subrequest         140KB        187KB
[  389.001459][T13739] netfs_request            143KB        143KB
[  389.003406][T13739] bio-280                   15KB         15KB
[  389.005597][T13739] ep_head                   16KB         16KB
[  389.007513][T13739] eventpoll_pwq             23KB         23KB
[  389.010356][T13739] eventpoll_epi             70KB         86KB
[  389.012581][T13739] inotify_inode_mark         27KB         27KB
[  389.015197][T13739] sgpool-128                29KB         29KB
[  389.017604][T13739] sgpool-64                 31KB         31KB
[  389.020001][T13739] sgpool-32                189KB        189KB
[  389.022352][T13739] sgpool-16                 62KB         62KB
[  389.024841][T13739] sgpool-8                  54KB         54KB
[  389.027292][T13739] bio_crypt_ctx              7KB          7KB
[  389.029162][T13739] bio_integrity_data          4KB          4KB
[  389.031107][T13739] request_queue            250KB        255KB
[  389.032965][T13739] blkdev_ioc                31KB         31KB
[  389.035004][T13739] bio-200                  149KB        187KB
[  389.036944][T13739] biovec-max               714KB        862KB
[  389.038812][T13739] biovec-64                220KB        252KB
[  389.040640][T13739] biovec-16                 39KB         39KB
[  389.042514][T13739] khugepaged_mm_slot         15KB         15KB
[  389.044450][T13739] ksm_mm_slot               16KB         16KB
[  389.046386][T13739] user_namespace            15KB         15KB
[  389.048342][T13739] uid_cache                 31KB         31KB
[  389.050203][T13739] iommu_iova_magazine       1008KB       1039KB
[  389.052154][T13739] iommu_iova               216KB        216KB
[  389.054050][T13739] dmaengine-unmap-256         30KB         30KB
[  389.056058][T13739] dmaengine-unmap-128         30KB         30KB
[  389.058025][T13739] dmaengine-unmap-16          4KB          4KB
[  389.059915][T13739] dmaengine-unmap-2          4KB          4KB
[  389.061788][T13739] QIPCRTR                   94KB         94KB
[  389.063658][T13739] audit_buffer              23KB         43KB
[  389.065691][T13739] skbuff_ext_cache          48KB         48KB
[  389.067561][T13739] skbuff_small_head       1958KB       2253KB
[  389.069397][T13739] skbuff_fclone_cache        335KB        398KB
[  389.071327][T13739] skbuff_head_cache       1440KB       1495KB
[  389.073212][T13739] configfs_dir_cache         12KB         12KB
[  389.075278][T13739] file_lease_cache          63KB         63KB
[  389.077155][T13739] file_lock_cache           31KB         31KB
[  389.079030][T13739] file_lock_ctx             15KB         15KB
[  389.080908][T13739] fsnotify_mark_connector         15KB         15KB
[  389.082971][T13739] posix_timers_cache         32KB         32KB
[  389.084968][T13739] taskstats                 61KB         61KB
[  389.086891][T13739] mem_cgroup_per_node        144KB        154KB
[  389.088826][T13739] mem_cgroup               117KB        117KB
[  389.090718][T13739] proc_dir_entry           615KB        679KB
[  389.092642][T13739] pde_opener                15KB         15KB
[  389.094532][T13739] seq_file                 101KB        140KB
[  389.096483][T13739] sigqueue                  66KB         86KB
[  389.098348][T13739] shmem_inode_cache       7994KB       8128KB
[  389.100279][T13739] kernfs_iattrs_cache         15KB         15KB
[  389.102785][T13739] kernfs_node_cache      25572KB      26527KB
[  389.104796][T13739] mnt_cache                126KB        133KB
[  389.106694][T13739] bfilp                      7KB          7KB
[  389.108624][T13739] filp                     383KB        543KB
[  389.110601][T13739] names_cache             4373KB       4619KB
[  389.112544][T13739] net_namespace            163KB        163KB
[  389.115572][T13739] ima_iint_cache            55KB         55KB
[  389.117714][T13739] lsm_inode_cache         1442KB       1704KB
[  389.119662][T13739] lsm_file_cache           150KB        196KB
[  389.121599][T13739] key_jar                   31KB         31KB
[  389.123529][T13739] uts_namespace             31KB         31KB
[  389.125532][T13739] nsproxy                   27KB         27KB
[  389.127404][T13739] vm_area_struct           873KB       1140KB
[  389.129300][T13739] fs_cache                  81KB         88KB
[  389.131185][T13739] files_cache              310KB        382KB
[  389.133065][T13739] signal_cache             877KB       1913KB
[  389.135019][T13739] sighand_cache           1167KB       2074KB
[  389.136935][T13739] task_struct             4368KB       4730KB
[  389.138838][T13739] cred                     170KB        340KB
[  389.140719][T13739] anon_vma_chain           329KB        389KB
[  389.142615][T13739] anon_vma                 326KB        470KB
[  389.144628][T13739] pid                      188KB        456KB
[  389.146522][T13739] Acpi-Operand             255KB        364KB
[  389.148408][T13739] Acpi-ParseExt             63KB         86KB
[  389.150317][T13739] Acpi-Parse                63KB         83KB
[  389.152240][T13739] Acpi-State                47KB         82KB
[  389.154148][T13739] Acpi-Namespace            52KB         52KB
[  389.156892][T13739] shared_policy_node          8KB          8KB
[  389.159552][T13739] numa_policy               15KB         15KB
[  389.162134][T13739] perf_event                31KB         31KB
[  389.164696][T13739] trace_event_file         540KB        540KB
[  389.167384][T13739] ftrace_event_field       1008KB       1008KB
[  389.169892][T13739] pool_workqueue          1918KB       1952KB
[  389.172434][T13739] maple_node               656KB       1424KB
[  389.176391][ T2045] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  389.180099][T13739] task_group                61KB         61KB
[  389.182873][T13739] mm_struct                473KB        679KB
[  389.185490][T13739] vmap_area                451KB        550KB
[  389.188101][T13739] debug_objects_cache       2178KB       2918KB
[  389.191144][T13739] page->ptl                141KB        185KB
[  389.193758][T13739] kmalloc-cg-8k           1616KB       1696KB
[  389.196541][T13739] kmalloc-cg-4k          11720KB      13760KB
[  389.199190][T13739] kmalloc-cg-2k           8316KB      10208KB
[  389.201866][ T2045] usb 10-1: device descriptor read/8, error -71
[  389.204125][T13739] kmalloc-cg-1k           1766KB       2240KB
[  389.207044][T13739] kmalloc-cg-512          1149KB       1344KB
[  389.209561][T13739] kmalloc-cg-256           440KB        536KB
[  389.212012][T13739] kmalloc-cg-128           227KB        252KB
[  389.214562][T13739] kmalloc-cg-64            109KB        116KB
[  389.219031][T13739] kmalloc-cg-32             89KB        160KB
[  389.221594][T13739] kmalloc-cg-16             28KB         40KB
[  389.224091][T13739] kmalloc-cg-8              36KB         36KB
[  389.226108][T13739] kmalloc-cg-192            84KB        100KB
[  389.228010][T13739] kmalloc-cg-96             72KB         88KB
[  389.229910][T13739] kmalloc-8k              6096KB       6304KB
[  389.231946][T13739] kmalloc-4k             24712KB      25152KB
[  389.233879][T13739] kmalloc-2k             12672KB      13440KB
[  389.236388][T13739] kmalloc-1k              8518KB       9568KB
[  389.239030][T13739] kmalloc-512             7700KB       8944KB
[  389.241602][T13739] kmalloc-256             3670KB       4328KB
[  389.244183][T13739] kmalloc-128              981KB       1136KB
[  389.247344][T13739] kmalloc-64             19647KB      27872KB
[  389.249300][T13739] kmalloc-32              1526KB       2424KB
[  389.251267][T13739] kmalloc-16               501KB        516KB
[  389.253215][T13739] kmalloc-8                385KB        452KB
[  389.257166][T13739] kmalloc-192             1518KB       1748KB
[  389.259121][T13739] kmalloc-96              2534KB       3424KB
[  389.261040][T13739] kmem_cache_node          224KB        232KB
[  389.263766][T13739] kmem_cache               203KB        203KB
[  389.266048][T13739] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/,task=modprobe,pid=13739,uid=0
[  389.271297][T13739] Out of memory (oom_kill_allocating_task): Killed process 13739 (modprobe) total-vm:3204kB, anon-rss:0kB, file-rss:312kB, shmem-rss:0kB, UID:0 pgtables:40kB oom_score_adj:0
[  389.317874][ T2045] usb usb10-port1: unable to enumerate USB device
[  389.726966][   T40] kauditd_printk_skb: 55 callbacks suppressed
[  389.726978][   T40] audit: type=1326 audit(1756292936.806:2121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13755 comm="syz.4.2091" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  389.735897][   T40] audit: type=1326 audit(1756292936.806:2122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13755 comm="syz.4.2091" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  389.742484][   T40] audit: type=1326 audit(1756292936.806:2123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13755 comm="syz.4.2091" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  389.750219][   T40] audit: type=1326 audit(1756292936.806:2124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13755 comm="syz.4.2091" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  389.756900][   T40] audit: type=1326 audit(1756292936.806:2125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13755 comm="syz.4.2091" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  389.764465][   T40] audit: type=1326 audit(1756292936.806:2126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13755 comm="syz.4.2091" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  389.773556][   T40] audit: type=1326 audit(1756292936.806:2127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13755 comm="syz.4.2091" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  389.781437][   T40] audit: type=1326 audit(1756292936.806:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13755 comm="syz.4.2091" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  389.789429][   T40] audit: type=1326 audit(1756292936.806:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13755 comm="syz.4.2091" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  389.797338][   T40] audit: type=1326 audit(1756292936.806:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13755 comm="syz.4.2091" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  389.844867][T13759] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2092'.
[  389.885543][T13759] tmpfs: Bad value for 'mpol'
[  390.756611][   T53] usb 38-1: device descriptor read/8, error -110
[  391.568552][   T53] usb usb38-port1: attempt power cycle
[  393.635714][   T53] usb usb38-port1: unable to enumerate USB device
[  393.795602][T13803] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2104'.
[  393.812574][T13803] tmpfs: Bad value for 'mpol'
[  394.563967][T13820] netlink: 'syz.4.2105': attribute type 4 has an invalid length.
[  394.712474][T13825] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  394.723338][T13812] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2105'.
[  394.766925][   T40] kauditd_printk_skb: 48 callbacks suppressed
[  394.766942][   T40] audit: type=1326 audit(1756292941.846:2179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.4.2105" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  394.779362][   T40] audit: type=1326 audit(1756292941.846:2180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13807 comm="syz.4.2105" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  395.340942][   T40] audit: type=1804 audit(1756292942.416:2181): pid=13817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2107" name="/newroot/15/file1" dev="fuse" ino=1 res=1 errno=0
[  395.352021][   T40] audit: type=1800 audit(1756292942.416:2182): pid=13817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2107" name="/" dev="fuse" ino=1 res=0 errno=0
[  395.361179][   T40] audit: type=1800 audit(1756292942.416:2183): pid=13817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2107" name="/" dev="fuse" ino=1 res=0 errno=0
[  396.332237][T13851] input: syz1 as /devices/virtual/input/input18
[  398.354215][T13868] batadv_slave_0: left promiscuous mode
[  398.425151][T13868] veth0_macvtap: left allmulticast mode
[  398.428681][T13868] 1猉功D: left allmulticast mode
[  398.466581][T13868] hsr0: left allmulticast mode
[  398.468291][T13868] hsr_slave_0: left allmulticast mode
[  398.470246][T13868] hsr_slave_1: left allmulticast mode
[  398.472042][T13868] hsr0: left promiscuous mode
[  398.474577][T13868] macvlan2: left promiscuous mode
[  398.478219][T13868] macvlan2: left allmulticast mode
[  398.630817][   T40] audit: type=1804 audit(1756292945.706:2184): pid=13867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.2119" name="/newroot/347/file1" dev="fuse" ino=1 res=1 errno=0
[  398.639510][   T40] audit: type=1800 audit(1756292945.706:2185): pid=13867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2119" name="/" dev="fuse" ino=1 res=0 errno=0
[  398.646234][   T40] audit: type=1800 audit(1756292945.706:2186): pid=13867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2119" name="/" dev="fuse" ino=1 res=0 errno=0
[  398.906131][T13879] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2121'.
[  398.912681][T13879] tmpfs: Bad value for 'mpol'
[  399.257531][   T40] audit: type=1326 audit(1756292946.336:2187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13884 comm="syz.0.2124" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  399.265332][   T40] audit: type=1326 audit(1756292946.336:2188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13884 comm="syz.0.2124" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  400.822357][T13912] fuse: blksize only supported for fuseblk
[  400.994316][   T40] kauditd_printk_skb: 15 callbacks suppressed
[  400.994333][   T40] audit: type=1804 audit(1756292948.066:2204): pid=13908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2131" name="/newroot/91/file1" dev="fuse" ino=1 res=1 errno=0
[  401.067061][   T40] audit: type=1800 audit(1756292948.066:2205): pid=13908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2131" name="/" dev="fuse" ino=1 res=0 errno=0
[  401.078014][   T40] audit: type=1800 audit(1756292948.066:2206): pid=13908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2131" name="/" dev="fuse" ino=1 res=0 errno=0
[  401.326072][T13925] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2136'.
[  401.332573][T13925] tmpfs: Bad value for 'mpol'
[  401.983327][T13932] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2137'.
[  402.224423][T13944] fuse: Bad value for 'user_id'
[  402.229590][T13944] fuse: Bad value for 'user_id'
[  402.282334][T13951] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2142'.
[  403.141256][T13969] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  403.144470][T13969] overlayfs: overlapping lowerdir path
[  403.383465][T13972] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2147'.
[  403.388647][T13972] tmpfs: Bad value for 'mpol'
[  404.015000][ T2295] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  404.164858][ T2295] usb 10-1: Using ep0 maxpacket: 8
[  404.170075][ T2295] usb 10-1: config 1 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 128, changing to 11
[  404.173668][ T2295] usb 10-1: config 1 interface 0 has no altsetting 0
[  404.179205][ T2295] usb 10-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.40
[  404.182061][ T2295] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.185482][ T2295] usb 10-1: Product: 酄�
[  404.186885][ T2295] usb 10-1: Manufacturer: 霊簛猕撴ū姒嬮柤鎮畾頌撿姡陣扳蜘疃樶獣鞁惧伒齑瘝鍦氾鍔岆叧斓炿泝璐♀噲铻呴潗甓涬釣恒槦雸瘁拸鍗愥à鈵ㄩ肟濆棌岙栥拰涓╇罴庢寴纰栭浖陱岀﹦瑁斥ぅ飰凤�夛伖鐩搞眬雲滀�﹃１锊兼箒鍊粪牶陥�リ憤宓庫杓炩寑瓒愩渾閯傜墧妤箘夂堢
[  404.194395][ T2295] usb 10-1: SerialNumber: 岌�
[  404.436203][ T2295] usbhid 10-1:1.0: can't add hid device: -71
[  404.438144][ T2295] usbhid 10-1:1.0: probe with driver usbhid failed with error -71
[  404.454884][ T2295] usb 10-1: USB disconnect, device number 17
[  404.498198][   T40] audit: type=1326 audit(1756292951.576:2207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.1.2154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  404.505591][   T40] audit: type=1326 audit(1756292951.576:2208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.1.2154" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf712e579 code=0x7ffc0000
[  404.512443][   T40] audit: type=1326 audit(1756292951.576:2209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.1.2154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  404.519501][   T40] audit: type=1326 audit(1756292951.576:2210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.1.2154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  404.527746][   T40] audit: type=1326 audit(1756292951.576:2211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.1.2154" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf712e579 code=0x7ffc0000
[  404.536010][   T40] audit: type=1326 audit(1756292951.576:2212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.1.2154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  404.542660][   T40] audit: type=1326 audit(1756292951.576:2213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13985 comm="syz.1.2154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  405.515767][T14004] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2160'.
[  405.528412][T14004] tmpfs: Bad value for 'mpol'
[  406.323204][T14016] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2164'.
[  406.339604][T14016] tmpfs: Bad value for 'mpol'
[  407.114307][ T5857] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  407.301329][T14036] fuse: blksize only supported for fuseblk
[  407.319588][ T5857] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  407.323112][ T5857] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  407.326624][ T5857] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  407.331031][ T5857] usb 6-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[  407.333931][ T5857] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.341541][ T5857] usb 6-1: config 0 descriptor??
[  407.760336][ T5857] usbhid 6-1:0.0: can't add hid device: -71
[  407.764194][ T5857] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  407.769807][ T5857] usb 6-1: USB disconnect, device number 6
[  408.922221][T14067] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2177'.
[  408.926743][T14070] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2179'.
[  408.946356][T14067] tmpfs: Bad value for 'mpol'
[  408.949069][T14070] tmpfs: Bad value for 'mpol'
[  409.056377][T14072] fuse: blksize only supported for fuseblk
[  410.648436][T14098] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2187'.
[  411.091350][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  411.091362][   T40] audit: type=1804 audit(1756292958.166:2223): pid=14106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.2189" name="/newroot/366/file1" dev="fuse" ino=1 res=1 errno=0
[  411.100162][   T40] audit: type=1800 audit(1756292958.166:2224): pid=14106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2189" name="/" dev="fuse" ino=1 res=0 errno=0
[  411.106835][   T40] audit: type=1800 audit(1756292958.166:2225): pid=14106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2189" name="/" dev="fuse" ino=1 res=0 errno=0
[  411.519523][T14110] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2190'.
[  411.529617][T14110] tmpfs: Bad value for 'mpol'
[  412.249482][T14119] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2193'.
[  412.260649][T14119] tmpfs: Bad value for 'mpol'
[  412.665739][T14129] tc_dump_action: action bad kind
[  413.591242][T14145] fuse: blksize only supported for fuseblk
[  413.771444][T14154] fuse: Unknown parameter '0xffffffffffffffff��������'
[  414.025799][T14160] bridge0: entered promiscuous mode
[  414.027559][T14160] bridge0: entered allmulticast mode
[  414.061430][   T40] audit: type=1800 audit(1756292961.136:2226): pid=14154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2202" name="file1" dev="tmpfs" ino=594 res=0 errno=0
[  414.081539][T14162] netlink: 'syz.5.2205': attribute type 39 has an invalid length.
[  414.722773][T14173] input: syz0 as /devices/virtual/input/input19
[  414.825812][T14174] befs: (nbd0): No write support. Marking filesystem read-only
[  414.836267][T14174] block nbd0: Attempted send on invalid socket
[  414.840104][T14174] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  414.848215][T14174] befs: (nbd0): unable to read superblock
[  414.857403][T14175] ip6tnl1: entered promiscuous mode
[  414.859244][T14175] ip6tnl1: entered allmulticast mode
[  414.862270][T14175] team0: Device ip6tnl1 is up. Set it down before adding it as a team port
[  415.060133][T14180] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2209'.
[  415.087977][T14180] tmpfs: Bad value for 'mpol'
[  417.228304][T14215] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2217'.
[  417.245598][T14217] netlink: 'syz.1.2225': attribute type 13 has an invalid length.
[  417.248217][T14217] netlink: 'syz.1.2225': attribute type 17 has an invalid length.
[  417.330901][T14218] tmpfs: Bad value for 'mpol'
[  417.460744][T14217] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  418.610037][T14227] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2219'.
[  418.612948][T14227] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  418.949907][    C3] vcan0: j1939_tp_rxtimer: 0xffff88804fee7000: rx timeout, send abort
[  419.450888][    C3] vcan0: j1939_tp_rxtimer: 0xffff88801333f000: rx timeout, send abort
[  419.453962][    C3] vcan0: j1939_tp_rxtimer: 0xffff88804fee7000: abort rx timeout. Force session deactivation
[  419.578330][T14241] netlink: 'syz.0.2224': attribute type 1 has an invalid length.
[  419.580846][T14241] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2224'.
[  419.583742][T14241] netlink: 'syz.0.2224': attribute type 2 has an invalid length.
[  419.586191][T14241] netlink: 'syz.0.2224': attribute type 1 has an invalid length.
[  419.709598][   T40] audit: type=1804 audit(1756292966.786:2227): pid=14245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.2222" name="/newroot/378/file1" dev="fuse" ino=1 res=1 errno=0
[  419.718562][   T40] audit: type=1800 audit(1756292966.786:2228): pid=14245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2222" name="/" dev="fuse" ino=1 res=0 errno=0
[  419.725756][   T40] audit: type=1800 audit(1756292966.786:2229): pid=14245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2222" name="/" dev="fuse" ino=1 res=0 errno=0
[  419.953920][    C3] vcan0: j1939_tp_rxtimer: 0xffff88801333f000: abort rx timeout. Force session deactivation
[  420.067304][T14251] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2226'.
[  420.078890][T14251] tmpfs: Bad value for 'mpol'
[  420.760878][T14261] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2229'.
[  420.774051][T14261] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2229'.
[  422.668097][T14280] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2235'.
[  422.675332][T14280] tmpfs: Bad value for 'mpol'
[  422.945637][T14282] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  423.342523][   T40] audit: type=1804 audit(1756292970.416:2230): pid=14291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.2238" name="/newroot/382/file1" dev="fuse" ino=1 res=1 errno=0
[  423.354894][   T40] audit: type=1800 audit(1756292970.416:2231): pid=14291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2238" name="/" dev="fuse" ino=1 res=0 errno=0
[  423.367881][   T40] audit: type=1800 audit(1756292970.426:2232): pid=14291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2238" name="/" dev="fuse" ino=1 res=0 errno=0
[  423.662052][T14296] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2239'.
[  423.668847][T14296] tmpfs: Bad value for 'mpol'
[  424.100867][T14302] lo speed is unknown, defaulting to 1000
[  424.902503][T14311] netlink: 'syz.5.2244': attribute type 2 has an invalid length.
[  424.905743][T14311] netlink: 'syz.5.2244': attribute type 1 has an invalid length.
[  424.908967][T14311] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2244'.
[  425.031622][T14316] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2244'.
[  425.537820][T14322] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2245'.
[  425.541993][T14322] tmpfs: Bad value for 'mpol'
[  426.048050][ T9027] udevd[9027]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  426.214001][T14324] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  426.216042][T14324] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  426.234922][T14324] vhci_hcd vhci_hcd.0: Device attached
[  426.325899][T14335] vhci_hcd: connection closed
[  426.326132][   T91] vhci_hcd: stop threads
[  426.329080][   T91] vhci_hcd: release socket
[  426.330485][   T91] vhci_hcd: disconnect device
[  426.414973][ T6018] usb 9-1: new low-speed USB device number 16 using dummy_hcd
[  426.462576][T14341] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2250'.
[  426.472077][T14341] tmpfs: Bad value for 'mpol'
[  426.555491][ T6018] usb 9-1: device descriptor read/64, error -71
[  426.794993][ T6018] usb 9-1: new low-speed USB device number 17 using dummy_hcd
[  426.924905][ T6018] usb 9-1: device descriptor read/64, error -71
[  427.007958][T14344] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2251'.
[  427.044101][ T6018] usb usb9-port1: attempt power cycle
[  427.191413][T14351] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2254'.
[  427.198152][T14351] tmpfs: Bad value for 'mpol'
[  427.405041][ T6018] usb 9-1: new low-speed USB device number 18 using dummy_hcd
[  427.436622][ T6018] usb 9-1: device descriptor read/8, error -71
[  427.674905][ T6018] usb 9-1: new low-speed USB device number 19 using dummy_hcd
[  427.697107][ T6018] usb 9-1: device descriptor read/8, error -71
[  427.810324][ T6018] usb usb9-port1: unable to enumerate USB device
[  428.047120][T14362] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2258'.
[  428.050871][T14362] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2258'.
[  428.053928][T14362] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  428.070533][ T5978] block nbd0: Receive control failed (result -107)
[  428.104844][T14361] nbd0: detected capacity change from 0 to 63
[  428.112301][T14359] netlink: 'syz.1.2257': attribute type 2 has an invalid length.
[  428.112392][ T9027] block nbd0: Dead connection, failed to find a fallback
[  428.114834][T14359] netlink: 'syz.1.2257': attribute type 1 has an invalid length.
[  428.114845][T14359] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2257'.
[  428.125355][ T9027] block nbd0: shutting down sockets
[  428.129323][ T9027] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  428.133362][ T9027] buffer_io_error: 25 callbacks suppressed
[  428.133378][ T9027] Buffer I/O error on dev nbd0, logical block 0, async page read
[  428.139515][ T9027] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  428.143182][ T9027] Buffer I/O error on dev nbd0, logical block 1, async page read
[  428.152003][ T9027] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  428.157822][ T9027] Buffer I/O error on dev nbd0, logical block 2, async page read
[  428.161294][ T9027] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  428.164551][ T9027] Buffer I/O error on dev nbd0, logical block 3, async page read
[  428.167626][ T9027] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  428.170979][ T9027] Buffer I/O error on dev nbd0, logical block 0, async page read
[  428.173797][ T9027] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  428.177440][ T9027] Buffer I/O error on dev nbd0, logical block 1, async page read
[  428.183381][ T9027] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  428.187719][ T9027] Buffer I/O error on dev nbd0, logical block 2, async page read
[  428.190413][ T9027] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  428.193472][ T9027] Buffer I/O error on dev nbd0, logical block 3, async page read
[  428.198010][ T9027] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  428.201224][ T9027] Buffer I/O error on dev nbd0, logical block 0, async page read
[  428.203831][ T9027] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  428.207335][ T9027] Buffer I/O error on dev nbd0, logical block 1, async page read
[  428.211443][ T9027] ldm_validate_partition_table(): Disk read failed.
[  428.219107][ T9027] Dev nbd0: unable to read RDB block 0
[  428.231640][ T9027]  nbd0: unable to read partition table
[  428.233494][T14368] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2259'.
[  428.246921][T14368] tmpfs: Bad value for 'mpol'
[  428.281386][T14359] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2257'.
[  428.321670][ T9027] ldm_validate_partition_table(): Disk read failed.
[  428.335835][ T9027] Dev nbd0: unable to read RDB block 0
[  428.342445][ T9027]  nbd0: unable to read partition table
[  428.466320][ T9003] udevd[9003]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  428.482975][T14377] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2261'.
[  428.723294][T14387] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2264'.
[  429.230512][T14396] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2266'.
[  429.240217][T14396] tmpfs: Bad value for 'mpol'
[  430.140318][T14397] delete_channel: no stack
[  430.177402][T14410] macvlan4: entered promiscuous mode
[  430.700695][T14429] netlink: 428 bytes leftover after parsing attributes in process `syz.5.2277'.
[  430.740862][   T40] audit: type=1326 audit(1756292977.816:2233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14430 comm="syz.5.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  430.749808][   T40] audit: type=1326 audit(1756292977.826:2234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14430 comm="syz.5.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70ee5a7 code=0x7ffc0000
[  430.757616][   T40] audit: type=1326 audit(1756292977.826:2235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14430 comm="syz.5.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  430.765238][   T40] audit: type=1326 audit(1756292977.826:2236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14430 comm="syz.5.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70ee5a7 code=0x7ffc0000
[  430.773648][   T40] audit: type=1326 audit(1756292977.826:2237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14430 comm="syz.5.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  430.783312][   T40] audit: type=1326 audit(1756292977.826:2238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14430 comm="syz.5.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  430.790765][   T40] audit: type=1326 audit(1756292977.826:2239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14430 comm="syz.5.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  430.798085][   T40] audit: type=1326 audit(1756292977.826:2240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14430 comm="syz.5.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  430.805405][   T40] audit: type=1326 audit(1756292977.826:2241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14430 comm="syz.5.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  430.814323][   T40] audit: type=1326 audit(1756292977.826:2242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14430 comm="syz.5.2278" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  431.108653][T14440] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2279'.
[  431.119938][T14440] tmpfs: Bad value for 'mpol'
[  431.899844][T14459] fuse: blksize only supported for fuseblk
[  432.239032][T14469] netlink: 'syz.5.2292': attribute type 10 has an invalid length.
[  433.020153][T14485] tmpfs: Bad value for 'mpol'
[  434.136500][T14498] __nla_validate_parse: 1 callbacks suppressed
[  434.136592][T14498] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2298'.
[  434.175865][T14503] random: crng reseeded on system resumption
[  434.176918][T14498] tmpfs: Bad value for 'mpol'
[  434.405989][T14505] lo speed is unknown, defaulting to 1000
[  436.234308][T14529] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2307'.
[  436.290024][T14528] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2306'.
[  436.389292][T14528] tmpfs: Bad value for 'mpol'
[  437.063660][T14542] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2310'.
[  437.104788][T14542] tmpfs: Bad value for 'mpol'
[  437.176447][T14546] ieee802154 phy0 wpan0: encryption failed: -22
[  438.421737][T14556] wlan0 speed is unknown, defaulting to 1000
[  438.432312][T14556] wlan0 speed is unknown, defaulting to 1000
[  438.577725][T14556] wlan0 speed is unknown, defaulting to 1000
[  438.924422][T14556] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  438.990908][T14556] wlan0 speed is unknown, defaulting to 1000
[  439.000499][T14556] wlan0 speed is unknown, defaulting to 1000
[  439.016761][T14556] wlan0 speed is unknown, defaulting to 1000
[  439.049243][T14556] wlan0 speed is unknown, defaulting to 1000
[  439.560359][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  439.562551][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  439.573390][   T40] kauditd_printk_skb: 36 callbacks suppressed
[  439.573405][   T40] audit: type=1326 audit(1756292986.646:2279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14571 comm="syz.4.2319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  439.604900][   T40] audit: type=1326 audit(1756292986.646:2280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14571 comm="syz.4.2319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  439.614244][   T40] audit: type=1326 audit(1756292986.656:2281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14571 comm="syz.4.2319" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  439.621362][   T40] audit: type=1326 audit(1756292986.656:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14571 comm="syz.4.2319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  439.629358][   T40] audit: type=1326 audit(1756292986.656:2283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14571 comm="syz.4.2319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  439.636246][   T40] audit: type=1326 audit(1756292986.666:2284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14571 comm="syz.4.2319" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  439.642713][T14573] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  439.643090][   T40] audit: type=1326 audit(1756292986.666:2285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14571 comm="syz.4.2319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  439.656031][   T40] audit: type=1326 audit(1756292986.666:2286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14571 comm="syz.4.2319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  439.662832][   T40] audit: type=1326 audit(1756292986.666:2287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14571 comm="syz.4.2319" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  439.669998][   T40] audit: type=1326 audit(1756292986.666:2288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14571 comm="syz.4.2319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  439.739539][T14575] netlink: 'syz.0.2317': attribute type 1 has an invalid length.
[  440.147707][T14584] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  440.153387][T14584] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  440.174961][T14588] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2323'.
[  440.232433][T14589] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2322'.
[  440.235997][T14590] fuse: blksize only supported for fuseblk
[  440.242495][T14589] tmpfs: Bad value for 'mpol'
[  440.279238][T14575] gretap1: entered promiscuous mode
[  440.284551][T14575] bond1: (slave gretap1): making interface the new active one
[  440.298496][T14575] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  440.727399][T14570] macvlan2: entered promiscuous mode
[  440.729337][T14570] macvlan2: entered allmulticast mode
[  440.733457][T14570] bond1: entered promiscuous mode
[  440.737368][T14570] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  440.745772][T14570] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  440.751467][T14570] bond1: left promiscuous mode
[  441.064522][T14596] FAULT_INJECTION: forcing a failure.
[  441.064522][T14596] name failslab, interval 1, probability 0, space 0, times 0
[  441.068697][T14596] CPU: 0 UID: 0 PID: 14596 Comm: syz.0.2325 Not tainted syzkaller #0 PREEMPT(full) 
[  441.068732][T14596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  441.068741][T14596] Call Trace:
[  441.068745][T14596]  <TASK>
[  441.068749][T14596]  dump_stack_lvl+0x16c/0x1f0
[  441.068767][T14596]  should_fail_ex+0x512/0x640
[  441.068782][T14596]  ? fs_reclaim_acquire+0xae/0x150
[  441.068800][T14596]  ? tomoyo_encode2+0x100/0x3e0
[  441.068814][T14596]  should_failslab+0xc2/0x120
[  441.068829][T14596]  __kmalloc_noprof+0xd2/0x510
[  441.068846][T14596]  ? d_absolute_path+0x136/0x1a0
[  441.068863][T14596]  tomoyo_encode2+0x100/0x3e0
[  441.068880][T14596]  tomoyo_encode+0x29/0x50
[  441.068894][T14596]  tomoyo_realpath_from_path+0x18f/0x6e0
[  441.068913][T14596]  tomoyo_path_number_perm+0x245/0x580
[  441.068925][T14596]  ? tomoyo_path_number_perm+0x237/0x580
[  441.068939][T14596]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  441.068966][T14596]  ? find_held_lock+0x2b/0x80
[  441.068977][T14596]  ? hook_file_ioctl_common+0x145/0x410
[  441.068994][T14596]  ? __fget_files+0x20e/0x3c0
[  441.069009][T14596]  security_file_ioctl_compat+0x9b/0x240
[  441.069024][T14596]  __ia32_compat_sys_ioctl+0xc3/0x370
[  441.069042][T14596]  __do_fast_syscall_32+0x7c/0x3a0
[  441.069058][T14596]  do_fast_syscall_32+0x32/0x80
[  441.069073][T14596]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  441.069086][T14596] RIP: 0023:0xf7f35579
[  441.069094][T14596] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  441.069104][T14596] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  441.069115][T14596] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000541b
[  441.069121][T14596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  441.069127][T14596] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  441.069133][T14596] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  441.069139][T14596] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  441.069152][T14596]  </TASK>
[  441.069216][T14596] ERROR: Out of memory at tomoyo_realpath_from_path.
[  441.166260][T14599] fuse: blksize only supported for fuseblk
[  441.979808][T14621] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2333'.
[  441.987750][T14621] tmpfs: Bad value for 'mpol'
[  442.707036][T14633] fuse: blksize only supported for fuseblk
[  443.070076][T14660] fuse: Unknown parameter ''
[  443.397046][T14666] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2341'.
[  443.415533][T14666] tmpfs: Bad value for 'mpol'
[  444.281060][T14676] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2344'.
[  444.375315][T14676] tmpfs: Bad value for 'mpol'
[  444.512799][T14681] wg1: entered promiscuous mode
[  444.514471][T14681] wg1: entered allmulticast mode
[  444.638816][T14683] fuse: Unknown parameter 'L�'
[  444.731323][T14686] fuse: blksize only supported for fuseblk
[  444.988396][T14704] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  445.738674][   T40] kauditd_printk_skb: 22 callbacks suppressed
[  445.738685][   T40] audit: type=1804 audit(1756292992.816:2311): pid=14721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2353" name="/newroot/444/file1" dev="fuse" ino=1 res=1 errno=0
[  445.768019][   T40] audit: type=1800 audit(1756292992.816:2312): pid=14721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2353" name="/" dev="fuse" ino=1 res=0 errno=0
[  445.776246][   T40] audit: type=1800 audit(1756292992.836:2313): pid=14721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2353" name="/" dev="fuse" ino=1 res=0 errno=0
[  446.026626][T14730] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2363'.
[  446.032455][T14730] tmpfs: Bad value for 'mpol'
[  446.155756][T14725] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2354'.
[  446.246721][T14731] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2355'.
[  446.267139][T14731] tmpfs: Bad value for 'mpol'
[  446.320760][T14725] tmpfs: Bad value for 'mpol'
[  446.949259][   T40] audit: type=1326 audit(1756292994.026:2314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14737 comm="syz.1.2358" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  446.985262][   T40] audit: type=1326 audit(1756292994.026:2315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14737 comm="syz.1.2358" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  447.002205][   T40] audit: type=1326 audit(1756292994.026:2316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14737 comm="syz.1.2358" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf712e579 code=0x7ffc0000
[  447.011550][   T40] audit: type=1326 audit(1756292994.026:2317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14737 comm="syz.1.2358" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  447.019112][   T40] audit: type=1326 audit(1756292994.026:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14737 comm="syz.1.2358" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  447.027178][   T40] audit: type=1326 audit(1756292994.026:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14737 comm="syz.1.2358" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf712e579 code=0x7ffc0000
[  447.043037][   T40] audit: type=1326 audit(1756292994.046:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14737 comm="syz.1.2358" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  447.948422][T14295] kernel write not supported for file /dsp1 (pid: 14295 comm: kworker/3:0)
[  448.645371][T14782] fuse: blksize only supported for fuseblk
[  449.014085][T14790] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2371'.
[  449.030271][T14790] tmpfs: Bad value for 'mpol'
[  450.105318][T14811] fuse: blksize only supported for fuseblk
[  450.181769][T14814] fuse: blksize only supported for fuseblk
[  450.326399][T14817] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  450.803217][T14830] fuse: Unknown parameter ''
[  450.825676][T14828] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.071743][T14828] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.240179][T14828] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.346176][T14828] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.040970][ T1140] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  452.044991][ T1143] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  452.090020][ T1143] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  452.093587][ T1140] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  452.146564][T14843] ceph: No mds server is up or the cluster is laggy
[  452.183322][   T53] libceph: connect (1)[c::]:6789 error -22
[  452.208232][   T53] libceph: mon0 (1)[c::]:6789 connect error
[  452.298500][T14849] fuse: blksize only supported for fuseblk
[  452.659813][T14859] fuse: blksize only supported for fuseblk
[  453.468660][T14856] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2389'.
[  453.530538][T14855] tmpfs: Bad value for 'mpol'
[  453.672265][T14873] IPVS: set_ctl: invalid protocol: 255 0.0.0.0:20001
[  453.684993][T14876] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2393'.
[  453.698250][T14876] tmpfs: Bad value for 'mpol'
[  453.741661][T14881] fuse: blksize only supported for fuseblk
[  454.796674][   T40] kauditd_printk_skb: 110 callbacks suppressed
[  454.796687][   T40] audit: type=1804 audit(1756293001.876:2431): pid=14871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2394" name="/newroot/93/file1" dev="fuse" ino=1 res=1 errno=0
[  454.810065][   T40] audit: type=1800 audit(1756293001.876:2432): pid=14871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2394" name="/" dev="fuse" ino=1 res=0 errno=0
[  454.817807][   T40] audit: type=1800 audit(1756293001.876:2433): pid=14871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2394" name="/" dev="fuse" ino=1 res=0 errno=0
[  455.188592][T14913] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2402'.
[  455.257233][T14913] tmpfs: Bad value for 'mpol'
[  455.921787][T14924] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  456.081823][T14932] fuse: blksize only supported for fuseblk
[  456.214899][   T53] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  456.494820][   T53] usb 9-1: Using ep0 maxpacket: 32
[  456.506538][   T53] usb 9-1: config index 0 descriptor too short (expected 29220, got 36)
[  456.510818][   T53] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  456.514858][   T53] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81
[  456.519038][   T53] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  456.523592][   T53] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  456.528637][   T53] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  456.534805][   T53] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  456.550143][   T53] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  456.591937][   T53] usb 9-1: config 0 descriptor??
[  456.755307][ T5989] Bluetooth: hci2: command 0x1003 tx timeout
[  456.755723][ T5978] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  457.023712][   T53] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 20 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  457.061875][T14295] usb 9-1: USB disconnect, device number 20
[  457.068980][T14295] usblp0: removed
[  457.338333][T14948] fuse: blksize only supported for fuseblk
[  457.604419][T14964] fuse: blksize only supported for fuseblk
[  459.130128][   T40] audit: type=1804 audit(1756293006.206:2434): pid=14985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2426" name="/newroot/462/file1" dev="fuse" ino=1 res=1 errno=0
[  459.137195][   T40] audit: type=1800 audit(1756293006.206:2435): pid=14985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2426" name="/" dev="fuse" ino=1 res=0 errno=0
[  459.144399][   T40] audit: type=1800 audit(1756293006.216:2436): pid=14984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2426" name="/" dev="fuse" ino=1 res=0 errno=0
[  459.896029][T15006] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  459.898044][T15006] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  459.900730][T15006] vhci_hcd vhci_hcd.0: Device attached
[  459.943360][T15009] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2432'.
[  459.991864][T15009] tmpfs: Bad value for 'mpol'
[  460.084805][T14295] vhci_hcd: vhci_device speed not set
[  460.597134][T14295] usb 47-1: new high-speed USB device number 2 using vhci_hcd
[  460.844400][T15007] vhci_hcd: connection reset by peer
[  460.848196][ T1143] vhci_hcd: stop threads
[  460.849634][ T1143] vhci_hcd: release socket
[  460.852761][ T1143] vhci_hcd: disconnect device
[  460.853231][ T9027] udevd[9027]: inotify_add_watch(7, /dev/pmem0p13, 10) failed: No such file or directory
[  460.916056][T15021] fuse: blksize only supported for fuseblk
[  461.265490][T15029] input: syz0 as /devices/virtual/input/input21
[  461.841630][   T13] Bluetooth: hci2: Frame reassembly failed (-90)
[  461.846815][T15033] Bluetooth: hci2: Frame reassembly failed (-84)
[  461.851421][T15033] fuse: Bad value for 'group_id'
[  461.853100][T15033] fuse: Bad value for 'group_id'
[  462.203772][T15037] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2440'.
[  462.219565][T15037] tmpfs: Bad value for 'mpol'
[  462.318116][   T40] audit: type=1804 audit(1756293009.396:2437): pid=15043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2441" name="/newroot/161/file1" dev="fuse" ino=1 res=1 errno=0
[  462.327245][   T40] audit: type=1800 audit(1756293009.396:2438): pid=15043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2441" name="/" dev="fuse" ino=1 res=0 errno=0
[  462.344841][   T40] audit: type=1800 audit(1756293009.396:2439): pid=15038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2441" name="/" dev="fuse" ino=1 res=0 errno=0
[  462.888774][T15052] Bluetooth: MGMT ver 1.23
[  463.237381][T15063] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2447'.
[  463.249427][T15066] fuse: blksize only supported for fuseblk
[  463.268000][T15063] tmpfs: Bad value for 'mpol'
[  463.875057][ T5978] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  463.876190][ T5989] Bluetooth: hci2: command 0x1003 tx timeout
[  464.497835][T15087] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2454'.
[  464.519243][T15087] ubi31: attaching mtd0
[  464.522563][T15087] ubi31 error: validate_ec_hdr: bad VID header offset 64, expected 127
[  464.528651][T15087] ubi31 error: validate_ec_hdr: bad EC header
[  464.532818][T15087] Erase counter header dump:
[  464.535452][T15087] 	magic          0x55424923
[  464.537175][T15087] 	version        1
[  464.538701][T15087] 	ec             1
[  464.553920][T15087] 	vid_hdr_offset 64
[  464.562803][T15087] 	data_offset    128
[  464.565148][T15087] 	image_seq      717219902
[  464.568097][T15087] 	hdr_crc        0xf8b49fca
[  464.570982][T15087] erase counter header hexdump:
[  464.574095][T15087] CPU: 1 UID: 0 PID: 15087 Comm: syz.0.2454 Not tainted syzkaller #0 PREEMPT(full) 
[  464.574120][T15087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  464.574133][T15087] Call Trace:
[  464.574141][T15087]  <TASK>
[  464.574150][T15087]  dump_stack_lvl+0x16c/0x1f0
[  464.574181][T15087]  validate_ec_hdr+0x28c/0x330
[  464.574209][T15087]  ubi_io_read_ec_hdr+0x63b/0x6c0
[  464.574236][T15087]  ubi_attach+0x5e7/0x4bd0
[  464.574274][T15087]  ? __pfx_ubi_msg+0x10/0x10
[  464.574294][T15087]  ? __pfx_ubi_attach+0x10/0x10
[  464.574324][T15087]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  464.574341][T15087]  ? __vmalloc_node_noprof+0xad/0xf0
[  464.574359][T15087]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  464.574409][T15087]  ubi_attach_mtd_dev+0x15a7/0x35d0
[  464.574442][T15087]  ? __pfx_ubi_attach_mtd_dev+0x10/0x10
[  464.574461][T15087]  ? __pfx_get_mtd_device+0x10/0x10
[  464.574495][T15087]  ctrl_cdev_ioctl+0x337/0x3d0
[  464.574515][T15087]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  464.574536][T15087]  ? __fget_files+0x20e/0x3c0
[  464.574554][T15087]  ? __ia32_compat_sys_openat+0x160/0x210
[  464.574576][T15087]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  464.574602][T15087]  compat_ptr_ioctl+0x6e/0xa0
[  464.574629][T15087]  ? __pfx_compat_ptr_ioctl+0x10/0x10
[  464.574656][T15087]  __ia32_compat_sys_ioctl+0x242/0x370
[  464.574687][T15087]  __do_fast_syscall_32+0x7c/0x3a0
[  464.574730][T15087]  do_fast_syscall_32+0x32/0x80
[  464.574756][T15087]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  464.574779][T15087] RIP: 0023:0xf7f35579
[  464.574795][T15087] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  464.574812][T15087] RSP: 002b:00000000f543555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  464.574830][T15087] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000040186f40
[  464.574842][T15087] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000
[  464.574854][T15087] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  464.574864][T15087] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  464.574874][T15087] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  464.574898][T15087]  </TASK>
[  464.668038][T15087] ubi31 error: ubi_io_read_ec_hdr: validation failed for PEB 0
[  464.720457][T15087] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  464.737654][   T40] audit: type=1804 audit(1756293011.816:2440): pid=15088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.2453" name="/newroot/442/file1" dev="fuse" ino=1 res=1 errno=0
[  464.744688][   T40] audit: type=1800 audit(1756293011.816:2441): pid=15088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2453" name="/" dev="fuse" ino=1 res=0 errno=0
[  464.751713][   T40] audit: type=1800 audit(1756293011.816:2442): pid=15084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2453" name="/" dev="fuse" ino=1 res=0 errno=0
[  465.925795][T15125] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2461'.
[  465.939056][T15125] tmpfs: Bad value for 'mpol'
[  465.975310][T14295] vhci_hcd: vhci_device speed not set
[  465.993410][T15127] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2462'.
[  466.170997][   T40] audit: type=1326 audit(1756293013.246:2443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15133 comm="syz.4.2464" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  466.179167][   T40] audit: type=1326 audit(1756293013.246:2444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15133 comm="syz.4.2464" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  466.188023][   T40] audit: type=1326 audit(1756293013.256:2445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15133 comm="syz.4.2464" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  466.197889][   T40] audit: type=1326 audit(1756293013.256:2446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15133 comm="syz.4.2464" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000
[  468.231342][T15171] fuse: blksize only supported for fuseblk
[  468.317931][T15174] fuse: Unknown parameter 'growp_id'
[  468.321983][T15174] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  468.527462][T15182] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2474'.
[  468.532097][T15182] tmpfs: Bad value for 'mpol'
[  469.452190][T15186] fuse: blksize only supported for fuseblk
[  469.531246][   T40] kauditd_printk_skb: 21 callbacks suppressed
[  469.531264][   T40] audit: type=1326 audit(1756293016.606:2468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15191 comm="syz.4.2478" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa1579 code=0x0
[  469.537835][T15187] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2475'.
[  469.602987][T15187] tmpfs: Bad value for 'mpol'
[  469.824838][T14295] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  469.948016][T15198] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  469.951788][T15198] qnx6: wrong signature (magic) in superblock #1.
[  469.953899][T15198] qnx6: unable to read the first superblock
[  469.994893][T14295] usb 9-1: Using ep0 maxpacket: 32
[  470.005616][T14295] usb 9-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  470.008582][T14295] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.023224][T14295] usb 9-1: config 0 descriptor??
[  470.038601][T14295] as10x_usb: device has been detected
[  470.040810][T14295] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  470.063902][T14295] usb 9-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  470.084703][T14295] as10x_usb: error during firmware upload part1
[  470.087823][T14295] Registered device nBox DVB-T Dongle
[  470.284144][T15208] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2483'.
[  470.292105][T15208] tmpfs: Bad value for 'mpol'
[  470.834371][T15212] FAULT_INJECTION: forcing a failure.
[  470.834371][T15212] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  470.839216][T15212] CPU: 3 UID: 0 PID: 15212 Comm: syz.0.2484 Not tainted syzkaller #0 PREEMPT(full) 
[  470.839232][T15212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  470.839239][T15212] Call Trace:
[  470.839243][T15212]  <TASK>
[  470.839247][T15212]  dump_stack_lvl+0x16c/0x1f0
[  470.839265][T15212]  should_fail_ex+0x512/0x640
[  470.839283][T15212]  _copy_to_user+0x32/0xd0
[  470.839295][T15212]  simple_read_from_buffer+0xcb/0x170
[  470.839307][T15212]  proc_fail_nth_read+0x197/0x240
[  470.839319][T15212]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  470.839331][T15212]  ? rw_verify_area+0xcf/0x6c0
[  470.839342][T15212]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  470.839353][T15212]  vfs_read+0x1e4/0xcf0
[  470.839368][T15212]  ? __pfx_vfs_read+0x10/0x10
[  470.839378][T15212]  ? find_held_lock+0x2b/0x80
[  470.839392][T15212]  ? __fget_files+0x20e/0x3c0
[  470.839407][T15212]  ksys_read+0x12a/0x250
[  470.839419][T15212]  ? __pfx_ksys_read+0x10/0x10
[  470.839432][T15212]  ? rcu_is_watching+0x12/0xc0
[  470.839445][T15212]  __do_fast_syscall_32+0x7c/0x3a0
[  470.839462][T15212]  do_fast_syscall_32+0x32/0x80
[  470.839476][T15212]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  470.839489][T15212] RIP: 0023:0xf7f35579
[  470.839498][T15212] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  470.839507][T15212] RSP: 002b:00000000f5456590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  470.839518][T15212] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5456620
[  470.839524][T15212] RDX: 000000000000000f RSI: 00000000f73c4ff4 RDI: 0000000000000000
[  470.839531][T15212] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  470.839536][T15212] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  470.839542][T15212] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  470.839555][T15212]  </TASK>
[  470.906615][    C3] vkms_vblank_simulate: vblank timer overrun
[  471.170326][T15218] vivid-000: disconnect
[  471.367220][T15225] fuse: blksize only supported for fuseblk
[  471.540243][T15232] fuse: Bad value for 'blksize'
[  471.702139][T15235] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2492'.
[  471.711524][T15235] tmpfs: Bad value for 'mpol'
[  471.712562][T15237] fuse: blksize only supported for fuseblk
[  471.945282][T15217] vivid-000: reconnect
[  472.415207][T15246] 9pnet_virtio: no channels available for device syz
[  472.709152][T15247] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2495'.
[  472.721021][T15247] tmpfs: Bad value for 'mpol'
[  472.867519][T12587] usb 9-1: USB disconnect, device number 21
[  472.927340][T12587] Unregistered device nBox DVB-T Dongle
[  472.928399][T12587] as10x_usb: device has been disconnected
[  473.516963][T15274] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  473.649902][T15276] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  474.185781][T15285] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2507'.
[  474.293632][T15285] tmpfs: Bad value for 'mpol'
[  474.805991][T15295] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2509'.
[  474.814080][T15295] tmpfs: Bad value for 'mpol'
[  475.239814][T15300] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  475.239823][T15301] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  475.388274][T15303] fuse: blksize only supported for fuseblk
[  475.577980][T15311] fuse: blksize only supported for fuseblk
[  475.658710][T15314] fuse: Bad value for 'user_id'
[  475.660310][T15314] fuse: Bad value for 'user_id'
[  476.583560][T15325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2521'.
[  476.930044][T15324] tmpfs: Bad value for 'mpol'
[  477.014987][   T40] audit: type=1326 audit(1756293024.086:2469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.5.2523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  477.036696][   T40] audit: type=1326 audit(1756293024.086:2470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.5.2523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  477.044291][   T40] audit: type=1326 audit(1756293024.096:2471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.5.2523" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  477.056948][   T40] audit: type=1326 audit(1756293024.096:2472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.5.2523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  477.064311][   T40] audit: type=1326 audit(1756293024.096:2473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.5.2523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  477.071205][   T40] audit: type=1326 audit(1756293024.096:2474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.5.2523" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  477.131349][   T40] audit: type=1326 audit(1756293024.206:2475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.5.2523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  477.140718][   T40] audit: type=1326 audit(1756293024.216:2476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.5.2523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  477.154129][   T40] audit: type=1326 audit(1756293024.226:2477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.5.2523" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  477.167039][   T40] audit: type=1326 audit(1756293024.226:2478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15337 comm="syz.5.2523" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  477.276139][T15352] fuse: blksize only supported for fuseblk
[  477.323602][T15354] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2528'.
[  479.010827][T15378] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2534'.
[  479.018039][T15378] tmpfs: Bad value for 'mpol'
[  480.444376][T15408] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2543'.
[  480.560179][T15409] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2542'.
[  480.569082][T15409] tmpfs: Bad value for 'mpol'
[  481.266423][T15416] 9pnet_virtio: no channels available for device syz
[  481.283851][T15418] 9pnet_virtio: no channels available for device syz
[  482.312884][T15430] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  482.919842][T15447] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2554'.
[  482.933906][T15447] tmpfs: Bad value for 'mpol'
[  483.271537][T15449] fuse: Unknown parameter 'blksi�
[  483.271537][T15449] 灱ze'
[  483.541613][T15453] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2556'.
[  483.547394][T15453] tmpfs: Bad value for 'mpol'
[  483.800227][T15465] fuse: Bad value for 'rootmode'
[  483.986624][T15467] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2558'.
[  483.990335][T15467] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2558'.
[  484.859362][T15478] /dev/sr0: Can't open blockdev
[  486.301577][ T6018] kernel write not supported for file /nvme-fabrics (pid: 6018 comm: kworker/3:3)
[  486.554365][T15505] fuse: blksize only supported for fuseblk
[  486.626120][T15508] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.2571'.
[  486.652059][T15510] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2572'.
[  487.705589][   T40] kauditd_printk_skb: 49 callbacks suppressed
[  487.705606][   T40] audit: type=1326 audit(1756293034.786:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15526 comm="syz.1.2577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  487.718535][   T40] audit: type=1326 audit(1756293034.786:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15526 comm="syz.1.2577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  487.725927][   T40] audit: type=1326 audit(1756293034.786:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15526 comm="syz.1.2577" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf712e579 code=0x7ffc0000
[  487.733822][   T40] audit: type=1326 audit(1756293034.786:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15526 comm="syz.1.2577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  487.744204][   T40] audit: type=1326 audit(1756293034.786:2532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15526 comm="syz.1.2577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  487.753187][   T40] audit: type=1326 audit(1756293034.786:2533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15526 comm="syz.1.2577" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf712e579 code=0x7ffc0000
[  487.762034][   T40] audit: type=1326 audit(1756293034.786:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15526 comm="syz.1.2577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  487.770863][   T40] audit: type=1326 audit(1756293034.786:2535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15526 comm="syz.1.2577" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf712e579 code=0x7ffc0000
[  487.780812][   T40] audit: type=1326 audit(1756293034.786:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15526 comm="syz.1.2577" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  487.787809][   T40] audit: type=1326 audit(1756293034.786:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15526 comm="syz.1.2577" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf712e579 code=0x7ffc0000
[  488.951176][T15546] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  489.017546][T15550] fuse: blksize only supported for fuseblk
[  489.124322][T15556] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2586'.
[  489.130862][T15556] tmpfs: Bad value for 'mpol'
[  489.214662][T15541] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2580'.
[  489.221896][T15541] tmpfs: Bad value for 'mpol'
[  489.608782][T15562] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2578'.
[  489.725985][T15564] tmpfs: Bad value for 'mpol'
[  490.223645][T15568] fuse: blksize only supported for fuseblk
[  491.304907][T15587] fuse: blksize only supported for fuseblk
[  491.408059][T15590] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2596'.
[  491.454366][T15590] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2596'.
[  491.516768][T15590] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2596'.
[  491.537069][T15590] random: crng reseeded on system resumption
[  491.800222][T15606] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2598'.
[  491.809289][T15606] tmpfs: Bad value for 'mpol'
[  491.974881][T15614] lo speed is unknown, defaulting to 1000
[  491.978562][T15614] wlan0 speed is unknown, defaulting to 1000
[  492.713936][T15621] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2602'.
[  492.982197][T15626] fuse: blksize only supported for fuseblk
[  493.107974][T15632] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2605'.
[  493.643254][T15556] Set syz1 is full, maxelem 65536 reached
[  493.650049][T15645] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2610'.
[  493.688737][T15645] tmpfs: Bad value for 'mpol'
[  493.928201][T15650] tmpfs: Bad value for 'mpol'
[  494.717415][T15656] __nla_validate_parse: 1 callbacks suppressed
[  494.717427][T15656] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2612'.
[  494.728124][T15656] tmpfs: Bad value for 'mpol'
[  494.917732][T15718] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2616'.
[  495.016685][T15722] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not bonding slave
[  495.020123][T15722] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  496.042243][T15748] fuse: blksize only supported for fuseblk
[  496.865858][T15754] block nbd1: server does not support multiple connections per device.
[  496.874460][T15754] block nbd1: shutting down sockets
[  499.176423][   T24] libceph: connect (1)[c::]:6789 error -101
[  499.179220][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  499.191772][T15805] ceph: No mds server is up or the cluster is laggy
[  499.198812][T15808] vxfs: WRONG superblock magic 00000000 at 1
[  499.200893][T15808] vxfs: WRONG superblock magic 00000000 at 8
[  499.202795][T15808] vxfs: can't find superblock.
[  499.207215][T15804] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2637'.
[  499.230138][T15804] 0猉功D: renamed from 
31猉功D
[  499.250005][T15804] 0猉功D: entered allmulticast mode
[  499.254486][T15804] veth0_macvtap: entered allmulticast mode
[  499.263153][T15804] A link change request failed with some changes committed already. Interface 
30猉功D may have been left with an inconsistent configuration, please check.
[  499.332530][T15804] hub 1-0:1.0: USB hub found
[  499.337954][T15804] hub 1-0:1.0: 2 ports detected
[  500.252936][T15822] tmpfs: Unknown parameter 'usrquota_inode_hardli閠'
[  500.295806][T15822] overlayfs: failed to resolve './file2': -2
[  500.838240][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  500.838251][   T40] audit: type=1326 audit(1756293047.916:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15840 comm="syz.1.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  500.861768][   T40] audit: type=1326 audit(1756293047.926:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15840 comm="syz.1.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  500.871889][   T40] audit: type=1326 audit(1756293047.926:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15840 comm="syz.1.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf712e579 code=0x7ffc0000
[  500.886420][   T40] audit: type=1326 audit(1756293047.926:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15840 comm="syz.1.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  500.905052][   T40] audit: type=1326 audit(1756293047.926:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15840 comm="syz.1.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  500.918435][   T40] audit: type=1326 audit(1756293047.926:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15840 comm="syz.1.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf712e579 code=0x7ffc0000
[  500.991340][   T40] audit: type=1326 audit(1756293048.066:2553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15840 comm="syz.1.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  500.998858][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  501.001020][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  501.006188][   T40] audit: type=1326 audit(1756293048.076:2554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15840 comm="syz.1.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  501.072904][   T40] audit: type=1326 audit(1756293048.146:2555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15840 comm="syz.1.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf712e579 code=0x7ffc0000
[  501.935312][   T40] audit: type=1326 audit(1756293049.016:2556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15840 comm="syz.1.2647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  501.946597][T15847] ALSA: mixer_oss: invalid OSS volume ''
[  502.097434][T15857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2651'.
[  502.105352][T15857] tmpfs: Bad value for 'mpol'
[  502.114695][T15859] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2652'.
[  502.118661][T15859] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2652'.
[  502.190488][T15859] bridge0: port 2(bridge_slave_1) entered disabled state
[  502.194079][T15859] bridge0: port 1(bridge_slave_0) entered disabled state
[  502.237451][T15859] wg1: left promiscuous mode
[  502.239450][T15859] wg1: left allmulticast mode
[  502.296254][T15859] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  502.309742][T15859] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  502.408172][T15859] gretap1: left promiscuous mode
[  502.416488][T15862] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  502.426058][T15706] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  502.427395][T15865] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2654'.
[  502.430961][T15706] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  502.437937][T15706] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  502.467069][T15865] tmpfs: Bad value for 'mpol'
[  502.743255][T15874] netlink: 5 bytes leftover after parsing attributes in process `syz.5.2656'.
[  502.747239][T15874] 0猉功D: renamed from macvtap0
[  502.752779][T15874] 0猉功D: entered allmulticast mode
[  502.754499][T15874] veth0_macvtap: entered allmulticast mode
[  502.759449][T15874] A link change request failed with some changes committed already. Interface 
30猉功D may have been left with an inconsistent configuration, please check.
[  502.809681][T15874] usb usb1: usbfs: interface 0 claimed by hub while 'syz.5.2656' sets config #0
[  503.607119][T15887] 9pnet_virtio: no channels available for device syz
[  503.834075][T15895] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2662'.
[  503.944066][T15895] hsr_slave_1 (unregistering): left promiscuous mode
[  504.218822][T15907] netlink: 'syz.5.2667': attribute type 2 has an invalid length.
[  504.221470][T15907] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2667'.
[  504.319144][T15907] bond0: entered promiscuous mode
[  504.337907][T15907] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  505.341552][T15940] fuse: blksize only supported for fuseblk
[  505.682019][T15955] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow
[  506.635437][T15959] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  507.297816][   T40] kauditd_printk_skb: 19 callbacks suppressed
[  507.297828][   T40] audit: type=1804 audit(1756293054.376:2576): pid=15982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2681" name="/newroot/219/file1" dev="fuse" ino=1 res=1 errno=0
[  507.377513][   T40] audit: type=1800 audit(1756293054.376:2577): pid=15982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2681" name="/" dev="fuse" ino=1 res=0 errno=0
[  507.386546][   T40] audit: type=1800 audit(1756293054.376:2578): pid=15981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2681" name="/" dev="fuse" ino=1 res=0 errno=0
[  508.710619][T15995] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2684'.
[  509.138619][T16002] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  510.754963][   T54] usb 9-1: new full-speed USB device number 22 using dummy_hcd
[  510.906389][   T54] usb 9-1: not running at top speed; connect to a high speed hub
[  511.534799][   T54] usb 9-1: config 9 has an invalid interface number: 144 but max is 1
[  511.537675][   T54] usb 9-1: config 9 contains an unexpected descriptor of type 0x2, skipping
[  511.541144][   T54] usb 9-1: config 9 has an invalid interface number: 32 but max is 1
[  511.544289][   T54] usb 9-1: config 9 has an invalid descriptor of length 155, skipping remainder of the config
[  511.594848][   T54] usb 9-1: config 9 has no interface number 0
[  511.597046][   T54] usb 9-1: config 9 has no interface number 1
[  511.599396][   T54] usb 9-1: config 9 interface 144 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  511.603842][   T54] usb 9-1: config 9 interface 32 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  511.614808][   T54] usb 9-1: config 9 interface 144 has no altsetting 0
[  511.628395][   T54] usb 9-1: New USB device found, idVendor=12d1, idProduct=9108, bcdDevice=70.79
[  511.631725][   T54] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  511.637573][   T54] usb 9-1: Product: 澹�
[  511.639022][   T54] usb 9-1: Manufacturer: 鞓朵肮鋰蹭悘陳匡幐釁︼獾￠皑頁湱鑼氣壀毪緜罟ㄤ皟鈯硅噸氙勬ǖ陳滊叝璋忟皫锝ａ�鹃〝瞀椼彻鋫屽槈鈼告焊浃犻璀忣偔旯ㄧ竸氪魂儰鏀鈳氳悗銑曨姖缇侩櫖釔寸ゲ霌搞エ岖壷羔矆岙橃媽飩材曘姰韬憭歃�铫囲窓喟掚煢顙燀杺敫岋搳韨庝獉慊╇啷ㄠ鼎肟晱飷筋惢雱嗚幈顕�
[  511.649512][   T54] usb 9-1: SerialNumber: 姣烩ū峋㈦剰詈侁檹雼庨緷鍏掗潗飙§煋瑙婍効飲樿瞟鳖寕飒炩┛鑸欎暊飱巾敠氪欐笍韮庢帋雲庬崟铴饱氇撶彙韱滉雿澂霛羔禎搿祲飩椷滉瀲韰�靻岆姏榧崍娲庒。绶褐踞糠绨忛竣釢斾撼旒ㄢ唹鈴曪晱鍗夛憧ユ崼昃戙澊闀п湋岬炵紳顪炧牉姒冭洳拌；韮こ闊︻父啶夸崥瓒浶鹃兏釞⒁栫湜釢ń岍欙牨妫岊净畀ャ惒浠斥銡�獐愯喘閻勨瓉娲ゆ鋿ф簚顢锋伔锍抽腹鐝颁皽
[  511.749482][T16048] macvtap0: mtu greater than device maximum
[  511.935710][   T54] option 9-1:9.144: GSM modem (1-port) converter detected
[  511.995053][   T54] hub 9-1:9.32: Invalid hub with more than one config or interface
[  511.998344][   T54] hub 9-1:9.32: probe with driver hub failed with error -22
[  512.010406][T16053] 9pnet_virtio: no channels available for device syz
[  512.243931][   T54] usb 9-1: USB disconnect, device number 22
[  512.286788][   T54] option 9-1:9.144: device disconnected
[  512.391941][T16057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2703'.
[  512.411688][T16057] tmpfs: Bad value for 'mpol'
[  513.371439][T16067] fuse: blksize only supported for fuseblk
[  513.375523][T16069] RDS: rds_bind could not find a transport for fc01::1, load rds_tcp or rds_rdma?
[  513.920942][T16090] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2715'.
[  514.867137][T16107] Set syz0 is full, maxelem 0 reached
[  515.859884][T16135] netlink: 3 bytes leftover after parsing attributes in process `syz.0.2729'.
[  515.869977][T16135] batadv1: entered allmulticast mode
[  515.879378][   T40] audit: type=1326 audit(1756293062.956:2579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16148 comm="syz.1.2732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  515.888250][   T40] audit: type=1326 audit(1756293062.956:2580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16148 comm="syz.1.2732" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf712e579 code=0x7ffc0000
[  515.896346][   T40] audit: type=1326 audit(1756293062.956:2581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16148 comm="syz.1.2732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  515.905479][   T40] audit: type=1326 audit(1756293062.956:2582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16148 comm="syz.1.2732" exe="/syz-executor" sig=0 arch=40000003 syscall=226 compat=1 ip=0xf712e579 code=0x7ffc0000
[  515.912413][   T40] audit: type=1326 audit(1756293062.956:2583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16148 comm="syz.1.2732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  515.925807][T16150] input: syz1 as /devices/virtual/input/input22
[  515.938387][   T40] audit: type=1326 audit(1756293062.956:2584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16148 comm="syz.1.2732" exe="/syz-executor" sig=0 arch=40000003 syscall=229 compat=1 ip=0xf712e579 code=0x7ffc0000
[  515.949153][   T40] audit: type=1326 audit(1756293062.956:2585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16148 comm="syz.1.2732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  515.956992][   T40] audit: type=1326 audit(1756293062.956:2586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16148 comm="syz.1.2732" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf712e579 code=0x7ffc0000
[  515.964235][   T40] audit: type=1326 audit(1756293062.956:2587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16148 comm="syz.1.2732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  515.972165][   T40] audit: type=1326 audit(1756293062.956:2588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16148 comm="syz.1.2732" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e579 code=0x7ffc0000
[  516.200803][T16162] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2734'.
[  516.455710][T16162] tmpfs: Bad value for 'mpol'
[  517.498179][T16184] 9pnet: Unknown protocol version 9p20\++}
[  517.507698][T16184] RDS: rds_bind could not find a transport for fe88::1, load rds_tcp or rds_rdma?
[  517.655115][T16192] netlink: 'syz.0.2745': attribute type 13 has an invalid length.
[  517.657586][T16192] netlink: 'syz.0.2745': attribute type 17 has an invalid length.
[  518.626571][T16192] syz_tun: refused to change device tx_queue_len
[  518.639343][T16192] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  518.865220][T16211] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  521.411125][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  521.411142][   T40] audit: type=1800 audit(1756293068.486:2595): pid=16263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2762" name="file1" dev="overlay" ino=2821 res=0 errno=0
[  522.042655][   T40] audit: type=1804 audit(1756293069.116:2596): pid=16273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2765" name="/newroot/237/file1" dev="fuse" ino=1 res=1 errno=0
[  522.072682][   T40] audit: type=1800 audit(1756293069.126:2597): pid=16273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2765" name="/" dev="fuse" ino=1 res=0 errno=0
[  522.082565][   T40] audit: type=1800 audit(1756293069.136:2598): pid=16273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2765" name="/" dev="fuse" ino=1 res=0 errno=0
[  522.732458][T16290] 9pnet_virtio: no channels available for device syz
[  522.977759][T16298] affs: No valid root block on device nbd1
[  523.697563][   T40] audit: type=1326 audit(1756293070.776:2599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16300 comm="syz.0.2774" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  523.704659][   T40] audit: type=1326 audit(1756293070.776:2600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16300 comm="syz.0.2774" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  523.817962][   T40] audit: type=1326 audit(1756293070.776:2601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16300 comm="syz.0.2774" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  523.825585][   T40] audit: type=1326 audit(1756293070.776:2602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16300 comm="syz.0.2774" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  523.897685][   T40] audit: type=1326 audit(1756293070.776:2603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16300 comm="syz.0.2774" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  523.908167][   T40] audit: type=1326 audit(1756293070.776:2604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16300 comm="syz.0.2774" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  525.494865][   T24] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  525.507198][T16345] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  525.509303][T16345] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  525.513419][T16345] vhci_hcd vhci_hcd.0: Device attached
[  525.656297][   T24] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  525.659476][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  525.664140][   T24] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  525.668477][   T24] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  525.671616][   T24] usb 6-1: Product: syz
[  525.673261][   T24] usb 6-1: Manufacturer: syz
[  525.675415][   T24] usb 6-1: SerialNumber: syz
[  525.678857][   T24] usb 6-1: config 0 descriptor??
[  525.691108][   T24] usb 6-1: selecting invalid altsetting 0
[  525.754815][ T6067] usb 47-1: new low-speed USB device number 3 using vhci_hcd
[  525.933493][   T24] usb 6-1: USB disconnect, device number 7
[  526.035371][T16356] netlink: 'syz.4.2787': attribute type 10 has an invalid length.
[  526.038253][T16356] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2787'.
[  526.054954][T16346] vhci_hcd: connection reset by peer
[  526.070334][T15710] vhci_hcd: stop threads
[  526.071775][T15710] vhci_hcd: release socket
[  526.073245][T15710] vhci_hcd: disconnect device
[  526.083601][T16356] macsec1: entered promiscuous mode
[  526.086092][T16356] veth1_to_batadv: entered promiscuous mode
[  526.515230][T16361] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2789'.
[  526.534995][T16361] tmpfs: Bad value for 'mpol'
[  527.195816][T16376] openvswitch: netlink: IP tunnel dst address not specified
[  527.894306][T16388] usb usb7: usbfs: process 16388 (syz.1.2797) did not claim interface 0 before use
[  527.908058][T16388] block nbd1: Attempted send on invalid socket
[  527.910509][T16388] blk_print_req_error: 138 callbacks suppressed
[  527.910520][T16388] I/O error, dev nbd1, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  527.914649][T16390] binder: Unknown parameter 'subj_type'
[  527.919496][T16388] qnx6: unable to read the first superblock
[  527.921648][T16388] block nbd1: Attempted send on invalid socket
[  527.923695][T16388] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  527.927780][T16388] qnx6: unable to read the first superblock
[  527.929711][T16388] qnx6: unable to read the first superblock
[  527.952148][T16388] 9pnet_fd: Insufficient options for proto=fd
[  528.090144][T16395] veth0_macvtap: left allmulticast mode
[  528.110240][T16395] veth1_to_batadv: left promiscuous mode
[  528.385052][T14295] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[  528.544894][T14295] usb 9-1: Using ep0 maxpacket: 8
[  528.551219][T14295] usb 9-1: unable to get BOS descriptor or descriptor too short
[  528.557100][T14295] usb 9-1: config 4 interface 0 has no altsetting 0
[  528.568703][T14295] usb 9-1: string descriptor 0 read error: -22
[  528.571874][T14295] usb 9-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  528.579000][T14295] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.597436][T14295] usb 9-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  528.607432][T14295] usb 9-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  528.611884][T14295] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  528.615535][T14295] usb 9-1: media controller created
[  528.652155][T14295] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  528.797094][T14295] zl10353_read_register: readreg error (reg=127, ret==0)
[  528.831242][T14295] usb 9-1: USB disconnect, device number 23
[  528.937616][T16417] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2805'.
[  528.960878][T16417] tmpfs: Bad value for 'mpol'
[  530.331947][   T40] kauditd_printk_skb: 76 callbacks suppressed
[  530.331964][   T40] audit: type=1804 audit(1756293077.406:2681): pid=16441 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2810" name="/newroot/200/file1" dev="fuse" ino=1 res=1 errno=0
[  530.344344][   T40] audit: type=1800 audit(1756293077.406:2682): pid=16441 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2810" name="/" dev="fuse" ino=1 res=0 errno=0
[  530.356401][   T40] audit: type=1800 audit(1756293077.406:2683): pid=16438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2810" name="/" dev="fuse" ino=1 res=0 errno=0
[  530.503936][T16451] netlink: 'syz.5.2815': attribute type 10 has an invalid length.
[  530.516037][T16451] hsr_slave_0: left promiscuous mode
[  530.656643][T16452] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2814'.
[  530.862524][T16449] tmpfs: Bad value for 'mpol'
[  530.904855][ T6067] vhci_hcd: vhci_device speed not set
[  531.451047][T16417] Set syz1 is full, maxelem 65536 reached
[  531.634322][T16466] team0: Unable to change to the same mode the team is in
[  531.656707][T16466] vlan0: entered promiscuous mode
[  531.660452][T16466] tipc: Enabled bearer <eth:team0>, priority 0
[  531.994888][   T24] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  532.155134][   T24] usb 6-1: Using ep0 maxpacket: 8
[  532.158606][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  532.161399][   T24] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  532.185080][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.235381][   T24] usb 6-1: config 0 descriptor??
[  532.415746][T15712] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  532.418247][T15712] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  532.544963][ T5857] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  532.656001][T15705] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  532.658552][T15705] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  532.673638][T16477] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  532.694883][ T5857] usb 10-1: Using ep0 maxpacket: 8
[  532.723244][ T5857] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  532.727891][ T5857] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  532.740294][ T5857] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  532.744859][ T5857] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  532.750480][ T5857] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  532.754466][ T5857] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  533.008351][ T5857] usb 10-1: GET_CAPABILITIES returned 0
[  533.010672][ T5857] usbtmc 10-1:16.0: can't read capabilities
[  533.223098][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.226040][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.229038][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.231937][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.234800][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.237769][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.248330][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.252218][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.255140][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.258014][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.265102][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.267914][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.270913][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.273798][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.276679][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.279579][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  533.367088][T16478] netlink: 'syz.5.2822': attribute type 10 has an invalid length.
[  533.441077][ T6031] usb 10-1: USB disconnect, device number 18
[  533.551538][   T24] usbhid 6-1:0.0: can't add hid device: -71
[  533.554878][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  533.578629][   T24] usb 6-1: USB disconnect, device number 8
[  533.857319][T16489] netlink: 'syz.4.2826': attribute type 9 has an invalid length.
[  534.496868][T16511] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2832'.
[  535.011510][T16513] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2830'.
[  535.561789][T16526] netlink: 'syz.4.2836': attribute type 10 has an invalid length.
[  537.392363][T16558] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  537.403853][T16558] CIFS mount error: No usable UNC path provided in device string!
[  537.403853][T16558] 
[  537.407442][T16558] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  537.489251][T16561] netlink: 'syz.5.2842': attribute type 1 has an invalid length.
[  537.492712][T16561] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2842'.
[  537.497560][T16561] nbd: illegal input index 1048576
[  537.736886][T16581] 9pnet_fd: Insufficient options for proto=fd
[  538.255933][   T40] audit: type=1326 audit(1756293085.326:2684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16601 comm="syz.5.2851" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  538.257884][T16603] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  538.269056][   T40] audit: type=1326 audit(1756293085.326:2685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16601 comm="syz.5.2851" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  538.289392][   T40] audit: type=1326 audit(1756293085.326:2686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16601 comm="syz.5.2851" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  538.312216][   T40] audit: type=1326 audit(1756293085.336:2687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16601 comm="syz.5.2851" exe="/syz-executor" sig=0 arch=40000003 syscall=229 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  538.322195][   T40] audit: type=1326 audit(1756293085.336:2688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16601 comm="syz.5.2851" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  538.331822][   T40] audit: type=1326 audit(1756293085.336:2689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16601 comm="syz.5.2851" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  538.355345][   T40] audit: type=1326 audit(1756293085.336:2690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16601 comm="syz.5.2851" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  538.364685][   T40] audit: type=1326 audit(1756293085.336:2691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16601 comm="syz.5.2851" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  538.375298][   T40] audit: type=1326 audit(1756293085.336:2692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16601 comm="syz.5.2851" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  538.386816][   T40] audit: type=1326 audit(1756293085.336:2693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16601 comm="syz.5.2851" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf70ee579 code=0x7ffc0000
[  538.540947][T16609] debugfs: Invalid gid '0x00000000ffffffff'
[  538.557058][T16607] tmpfs: Bad value for 'grpquota_block_hardlimit'
[  538.690294][T16618] syzkaller1: entered promiscuous mode
[  538.692622][T16618] syzkaller1: entered allmulticast mode
[  538.852572][T16623] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2859'.
[  538.858586][T16623] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2859'.
[  538.890752][T16627] qnx4: no qnx4 filesystem (no root dir).
[  538.900063][T16623] netlink: 15672 bytes leftover after parsing attributes in process `syz.4.2859'.
[  538.902885][T16627] ubi31: attaching mtd0
[  538.905621][T16627] ubi31: scanning is finished
[  538.907136][T16623] netlink: 3116 bytes leftover after parsing attributes in process `syz.4.2859'.
[  538.983081][T16627] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  538.989331][T16627] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  538.992282][T16627] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  538.996702][T16627] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  538.999214][T16627] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  539.002308][T16627] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  539.006571][T16627] ubi31: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 717219902
[  539.012113][T16627] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  539.020501][T16630] ubi31: background thread "ubi_bgt31d" started, PID 16630
[  539.084109][T16633] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  539.095515][T16633] veth1_to_bond: entered allmulticast mode
[  539.107119][T16633] tipc: Enabling <eth:lo> not permitted
[  539.114797][T16633] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  539.125332][T16633] ubi31: detaching mtd0
[  539.131659][T16633] ubi31: mtd0 is detached
[  539.140628][T16632] veth1_to_bond: left allmulticast mode
[  539.286194][T16647] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2865'.
[  539.380328][T16647] tmpfs: Bad value for 'mpol'
[  539.397547][T16650] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2867'.
[  539.501624][T16654] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2868'.
[  540.152865][T16670] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  540.522064][T16667] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  540.524168][T16667] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  540.531641][T16667] vhci_hcd vhci_hcd.0: Device attached
[  540.544585][T16667] netdevsim netdevsim1: Direct firmware load for @ failed with error -2
[  540.553621][T16667] netdevsim netdevsim1: Falling back to sysfs fallback for: @
[  540.817351][ T5984] usb 40-1: SetAddress Request (2) to port 0
[  540.820539][ T5984] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  540.891426][T16684] vhci_hcd: connection reset by peer
[  540.894504][T15706] vhci_hcd: stop threads
[  540.896864][T15706] vhci_hcd: release socket
[  540.898690][T15706] vhci_hcd: disconnect device
[  541.236297][T16711] netlink: 'syz.5.2878': attribute type 4 has an invalid length.
[  541.492805][T16722] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2882'.
[  541.587116][T16727] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2882'.
[  542.187787][T16747] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2889'.
[  542.700856][T16751] block device autoloading is deprecated and will be removed.
[  542.714264][T16757] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  542.716883][T16757] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  542.722193][T16757] vhci_hcd vhci_hcd.0: Device attached
[  542.724561][T16758] vhci_hcd: connection closed
[  542.724990][T15706] vhci_hcd: stop threads
[  542.729031][T15706] vhci_hcd: release socket
[  542.730743][T15706] vhci_hcd: disconnect device
[  543.240416][T16766] syzkaller1: entered promiscuous mode
[  543.242848][T16766] syzkaller1: entered allmulticast mode
[  543.323468][T16772] netlink: 'syz.4.2896': attribute type 1 has an invalid length.
[  543.388759][T16778] lo speed is unknown, defaulting to 1000
[  543.392276][T16778] wlan0 speed is unknown, defaulting to 1000
[  543.707026][T16778] netlink: 'syz.5.2898': attribute type 13 has an invalid length.
[  543.731755][T16778] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  543.878530][T16806] netlink: 'syz.0.2908': attribute type 10 has an invalid length.
[  543.881577][T16806] syz_tun: entered promiscuous mode
[  543.887406][T16806] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  544.074369][T16807] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2907'.
[  544.104577][T16816] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2910'.
[  544.262600][T16816] /dev/sr0: Can't open blockdev
[  544.323398][T16819] netlink: 84 bytes leftover after parsing attributes in process `syz.5.2911'.
[  544.464689][T16830] netlink: 'syz.1.2915': attribute type 10 has an invalid length.
[  545.542192][T16838] tmpfs: Bad value for 'mpol'
[  545.884886][T16835] BUG: sleeping function called from invalid context at mm/vmalloc.c:3409
[  545.888304][T16835] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 16835, name: syz.5.2914
[  545.891830][T16835] preempt_count: 1, expected: 0
[  545.892515][ T5984] usb 40-1: device descriptor read/8, error -110
[  545.894288][T16835] RCU nest depth: 0, expected: 0
[  545.898227][T16835] 1 lock held by syz.5.2914/16835:
[  545.900387][T16835]  #0: ffff8880570bf458 (&u->iolock){+.+.}-{4:4}, at: __unix_dgram_recvmsg+0x255/0xc30
[  545.904471][T16835] Preemption disabled at:
[  545.904481][T16835] [<ffffffff812c5d36>] preempt_schedule_thunk+0x16/0x30
[  545.909399][T16835] CPU: 3 UID: 0 PID: 16835 Comm: syz.5.2914 Not tainted syzkaller #0 PREEMPT(full) 
[  545.909423][T16835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  545.909434][T16835] Call Trace:
[  545.909441][T16835]  <TASK>
[  545.909449][T16835]  dump_stack_lvl+0x16c/0x1f0
[  545.909476][T16835]  __might_resched+0x3c0/0x5e0
[  545.909498][T16835]  ? __pfx___might_resched+0x10/0x10
[  545.909515][T16835]  ? pcpu_block_update+0x562/0x660
[  545.909548][T16835]  vfree+0x75/0xb50
[  545.909579][T16835]  ? rcu_is_watching+0x12/0xc0
[  545.909598][T16835]  ? kfree+0x24f/0x4d0
[  545.909615][T16835]  ? free_percpu+0x6db/0x13c0
[  545.909660][T16835]  futex_hash_free+0x98/0xc0
[  545.909683][T16835]  __mmdrop+0x33f/0x580
[  545.909704][T16835]  ? mark_held_locks+0x49/0x80
[  545.909731][T16835]  finish_task_switch.isra.0+0x7a4/0xc10
[  545.909750][T16835]  ? __switch_to+0x7a5/0x11a0
[  545.909776][T16835]  __schedule+0x1198/0x5de0
[  545.909807][T16835]  ? try_to_wake_up+0xa5d/0x1870
[  545.909830][T16835]  ? __pfx___schedule+0x10/0x10
[  545.909849][T16835]  ? try_to_wake_up+0x160/0x1870
[  545.909872][T16835]  ? mark_held_locks+0x49/0x80
[  545.909895][T16835]  ? irqentry_exit+0x3b/0x90
[  545.909922][T16835]  ? lockdep_hardirqs_on+0x7c/0x110
[  545.909947][T16835]  ? preempt_schedule_thunk+0x16/0x30
[  545.909974][T16835]  preempt_schedule_common+0x44/0xc0
[  545.909998][T16835]  preempt_schedule_thunk+0x16/0x30
[  545.910029][T16835]  _raw_spin_unlock_irqrestore+0x61/0x80
[  545.910053][T16835]  __unix_dgram_recvmsg+0x315/0xc30
[  545.910085][T16835]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  545.910115][T16835]  ? __lock_acquire+0xb97/0x1ce0
[  545.910143][T16835]  ? rcu_is_watching+0x12/0xc0
[  545.910160][T16835]  ? irqentry_exit+0x3b/0x90
[  545.910187][T16835]  unix_dgram_recvmsg+0xd0/0x110
[  545.910215][T16835]  ____sys_recvmsg+0x5f6/0x6b0
[  545.910240][T16835]  ? __pfx_____sys_recvmsg+0x10/0x10
[  545.910255][T16835]  ? import_iovec+0x86/0xb0
[  545.910284][T16835]  ? __pfx___schedule+0x10/0x10
[  545.910309][T16835]  ___sys_recvmsg+0x114/0x1a0
[  545.910334][T16835]  ? __pfx____sys_recvmsg+0x10/0x10
[  545.910374][T16835]  ? __pfx___might_resched+0x10/0x10
[  545.910392][T16835]  ? do_recvmmsg+0x368/0x750
[  545.910415][T16835]  ? do_recvmmsg+0x379/0x750
[  545.910441][T16835]  do_recvmmsg+0x55d/0x750
[  545.910469][T16835]  ? __pfx_do_recvmmsg+0x10/0x10
[  545.910498][T16835]  ? rcu_is_watching+0x12/0xc0
[  545.910527][T16835]  ? __pfx_sched_setaffinity+0x10/0x10
[  545.910553][T16835]  __sys_recvmmsg+0x21c/0x280
[  545.910579][T16835]  ? __pfx___sys_recvmmsg+0x10/0x10
[  545.910606][T16835]  ? __pfx___ia32_compat_sys_sched_setaffinity+0x10/0x10
[  545.910634][T16835]  __ia32_compat_sys_recvmmsg_time32+0xc4/0x160
[  545.910659][T16835]  ? lockdep_hardirqs_on+0x7c/0x110
[  545.910682][T16835]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  545.910708][T16835]  __do_fast_syscall_32+0x7c/0x3a0
[  545.910736][T16835]  do_fast_syscall_32+0x32/0x80
[  545.910762][T16835]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  545.910785][T16835] RIP: 0023:0xf70ee579
[  545.910799][T16835] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  545.910817][T16835] RSP: 002b:00000000f54bd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000151
[  545.910835][T16835] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000800000c0
[  545.910847][T16835] RDX: 0000000000010106 RSI: 0000000000000002 RDI: 0000000000000000
[  545.910858][T16835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  545.910868][T16835] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  545.910879][T16835] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  545.910904][T16835]  </TASK>
[  546.295292][ T5984] usb usb40-port1: attempt power cycle
[  546.459574][T16882] tmpfs: Bad value for 'mpol'
[  546.871320][ T5984] usb usb40-port1: unable to enumerate USB device

VM DIAGNOSIS:
11:11:33  Registers:
info registers vcpu 0

CPU#0
RAX=00000000014ba4c3 RBX=0000000000000000 RCX=ffffffff8b90abf9 RDX=0000000000000000
RSI=ffffffff8de4cac1 RDI=ffffffff8c162d00 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08
R8 =0000000000000001 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=ffffffff9b045468
R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab8290 R15=0000000000000000
RIP=ffffffff8b90975f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880974c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f1a7fff0 CR3=00000000545fa000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
EAX=00000011 EBX=f7454ff4 ECX=ffffffff EDX=8960dd83
ESI=f7485080 EDI=8960dd87 EBP=f7fb5610 ESP=ffd33130
EIP=f710e686 EFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 00000000 ffffffff 00c00000
GS =0063 57164440 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 00000000 ffffffff 00c00000
TR =0040 0004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000327faff8 CR3=000000004d7d7000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000bc664b RBX=0000000000000002 RCX=ffffffff8b90abf9 RDX=0000000000000000
RSI=ffffffff8de4cac1 RDI=ffffffff8c162d00 RBP=ffffed1003861910 RSP=ffffc9000047fdf8
R8 =0000000000000001 R9 =ffffed1005686655 R10=ffff88802b4332ab R11=0000000000000000
R12=0000000000000002 R13=ffff88801c30c880 R14=ffffffff90ab8290 R15=0000000000000000
RIP=ffffffff8b90975f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880976c3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7f955c0 CR3=000000006e65f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000006e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85617045 RDI=ffffffff9b0f9700 RBP=ffffffff9b0f96c0 RSP=ffffc900036aef58
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000006e R14=ffffffff9b0f96c0 R15=ffffffff85616fe0
RIP=ffffffff8561706f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff8880977c3000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000080000000 CR3=000000004d7d7000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000