last executing test programs:

36.408086628s ago: executing program 2 (id=40):
getsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
eventfd2(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x141a82, 0x0)
dup(r0)
r1 = open(0x0, 0x18d542, 0x2)
ftruncate(r1, 0xee72)
r2 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x400}, &(0x7f0000000280), &(0x7f0000000480))
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), r3)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x63b4746a3224e34f, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)
r9 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
listen(r9, 0x1ad72f7)
accept4$netrom(r9, 0x0, 0x0, 0x80000)
read(r9, &(0x7f00000003c0)=""/137, 0x89)
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000300)='contention_end\x00', r10}, 0x18)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="140100002d0001000000000000000000030100800c0000000000000000000000140001000100000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd712090000002348c26c2026237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc0"], 0x114}], 0x1}, 0x0)

35.574245355s ago: executing program 2 (id=47):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x800, 0x70bd2c}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f0000000000), 0x400000000000041, 0xffffffff)

35.499739202s ago: executing program 2 (id=49):
eventfd2(0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="a1ab000000000000000032"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = getpid()
process_vm_readv(r4, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
r5 = open(0x0, 0x300, 0x64)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r5, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x844}, 0x28841)
mknodat$loop(r5, &(0x7f00000002c0)='./file0\x00', 0x200, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r6 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x3)
r7 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSTI(r7, 0x80047456, &(0x7f0000000080))
r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r8, 0xc0105b08, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000ffffffff00850000006dfc9f4c85a986c350ec9aef9e0000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

32.43325591s ago: executing program 2 (id=73):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x220000, 0x0)
r1 = openat$tun(0xffffff9c, &(0x7f0000000040), 0x82002, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2) (async)
socket$kcm(0x2, 0xa, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000580), 0x41, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000180)={'veth1_to_team\x00', @random='M#\x00'}) (async)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000180)={'veth1_to_team\x00', @random='M#\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f00000001c0)={0x0, 0x8}, 0x8)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x80700a, 0x0) (async)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x80700a, 0x0)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r4, 0xffffffffffffffff, 0x0)
write$tun(r0, &(0x7f0000000240)={@val, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0xc, 0x4, 0x0, 0xd, 0x38, 0x66, 0x0, 0xd3, 0x1, 0x0, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@end, @lsrr={0x83, 0xf, 0x10, [@empty, @dev={0xac, 0x14, 0x14, 0x38}, @private=0xa010100]}, @ssrr={0x89, 0xb, 0x5d, [@private=0xa010101, @dev={0xac, 0x14, 0x14, 0x40}]}]}}, @info_request={0xf, 0x0, 0x0, 0x3ff, 0x7ff}}}}}}, 0x4a) (async)
write$tun(r0, &(0x7f0000000240)={@val, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0xc, 0x4, 0x0, 0xd, 0x38, 0x66, 0x0, 0xd3, 0x1, 0x0, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@end, @lsrr={0x83, 0xf, 0x10, [@empty, @dev={0xac, 0x14, 0x14, 0x38}, @private=0xa010100]}, @ssrr={0x89, 0xb, 0x5d, [@private=0xa010101, @dev={0xac, 0x14, 0x14, 0x40}]}]}}, @info_request={0xf, 0x0, 0x0, 0x3ff, 0x7ff}}}}}}, 0x4a)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c00000043000900fffffffffddbdf2501"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

32.306118121s ago: executing program 2 (id=75):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0xd, &(0x7f0000000040)=@framed={{0x18, 0x2, 0x0, 0x0, 0x8}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5000000, 0x0, 0x0, 0x0, 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x8}, 0x50)

31.793318074s ago: executing program 2 (id=76):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, 0x0)

31.701307108s ago: executing program 32 (id=76):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, 0x0)

2.224635519s ago: executing program 4 (id=356):
syz_emit_vhci(&(0x7f0000000700)=ANY=[], 0xa)
openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mknod$loop(&(0x7f0000000180)='./file1\x00', 0x80, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f00000002c0)={0x0, 0x10000, 0x0, [], [0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe3a, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
write(r0, &(0x7f0000000040), 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d00000007000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
write$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1, @le_set_adv_set_rand_addr={{0x2035, 0x7}, {0xaa, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0xb)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f046})

2.212430081s ago: executing program 4 (id=358):
getsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
eventfd2(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x141a82, 0x0)
dup(r0)
r1 = open(0x0, 0x18d542, 0x2)
ftruncate(r1, 0xee72)
r2 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x400}, &(0x7f0000000280), &(0x7f0000000480))
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), r3)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x63b4746a3224e34f, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)
r9 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
listen(r9, 0x1ad72f7)
accept4$netrom(r9, 0x0, 0x0, 0x80000)
read(r9, &(0x7f00000003c0)=""/137, 0x89)
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000300)='contention_end\x00'}, 0x18)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="140100002d0001000000000000000000030100800c0000000000000000000000140001000100000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd712090000002348c26c2026237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc0"], 0x114}], 0x1}, 0x0)

2.142488712s ago: executing program 3 (id=360):
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r0, &(0x7f0000000580)='1\x00', 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x40440, 0x0)
write$P9_RGETATTR(r1, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a3c000000090a050600000000000000000100000008000a40000000000900020000000000000000000900010073797a3000000000080005400000001414000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14, 0x10, 0x9000, 0x6}, [@NFT_MSG_DELSET={0x2c, 0xb, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x1}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x64, 0x0, 0x0, {0x0, 0x84}}}, 0x54}}, 0x0)
ioctl$IMGETCOUNT(r1, 0x80044943, &(0x7f0000000240))
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x5, 0x3, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x6, 0x3, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000bc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f08000000480100100000000019002b000a0001000500000000000072080003000500000000", 0x39}], 0x1)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
syz_usbip_server_init(0x5)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f00000002c0), &(0x7f0000000000), 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r4)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, r7, 0x200, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_COALESCE_PKT_RATE_LOW={0x8, 0xd, 0x5}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0x1ff}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0xe, 0xa}, @ETHTOOL_A_COALESCE_RX_USECS_LOW={0x8, 0xe, 0x7}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_TX={0x5, 0x18, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x20000800)
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, 0x0)
write$sysctl(r0, &(0x7f0000000000)='2\x00', 0x2)

1.963157881s ago: executing program 1 (id=363):
r0 = socket$l2tp(0x2, 0x2, 0x73)
getsockname$l2tp(r0, &(0x7f0000000000), &(0x7f0000000040)=0x10)
ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4008af04, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x4d, &(0x7f00000009c0)={&(0x7f0000000040)={0x14, 0x25, 0x1, 0x70bd2b, 0x25dfdbfc, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x4814}, 0x14)
r2 = mq_open(&(0x7f0000000a00)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xeeux\x00\xbf@\xf4\x1c\xbce\xca\x97\xd5pkv\x88L\xe8$\xef\xfeI\xdaW1\xfcg\xa1\xdb$,0y$\xcd{zl.\xae\x805\xa8\xd6\x85\x15\xd2\x0e~\xcc\x90\x97\xe8h\v\x1a9X\a\xca{\x11#\x95m{U\xe5-\xabRw\xcafy\xe6\aNhX4Ll[\x14\x15<z\xb2\x03d\xad\x925\xbfP\x1b\xea\vt\xe9C\xe9\xb4R\x85*\xdc\xc4@\xee\xd2\xae\x06\x1a\xe1\xd2s\x01\xb8\xf3\xf2\rr\x01mq\xd2\xaf\xe2{\xe4\x1a\xd3Z\x01C\xfbW', 0x6e93ebbbcc0884f2, 0x1c4, &(0x7f0000000040)={0x0, 0x1, 0x4, 0x3})
mq_timedreceive(r2, &(0x7f0000000180)=""/196, 0xc4, 0x800000000000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000002c2cb63c56c8217af4bf4eee0000850000002a00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d40)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000005000000000000c72fe93d3078ac062453"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaa86082b9827c186dd60cb653e003c3a00fc020000000000000000000000000000ff020000000000000000000000000001040090780000000060974300102100fe880000000000000000000000000001fe80000000002d04d7ea80cad29c0098d361f900000000000000aae4073d2d"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
bpf$BPF_TASK_FD_QUERY(0x24, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
syz_emit_ethernet(0x5eb, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd6000000005b53afffe80002000000000000000000000000cfe8000000000000000000000000000aa860090780000050000000000000000000316004af660fdcd24e5ff1fec61d05cd2481e5f16a2e0c0c7a77da8e54574913307583a126de92dd2f27575716d36ceade2ad37f45e18289a13311b1525e24fd1078f16a632b7d9e170e1e59580de090000000000000026862b4351000964ab32e55e4339bb2937602534c310d016fa7537403ddcdd12341a16f2bdef862e5ba4d76e965de44b86e123844d8361242c7809117c5eacdc237022f54dc68760d4711978c0575160dd2dfe2e00063abc2ac2bfb0f9366574005770a981d0425b685b7f39f2bf671c534e4af4347759f70e051bc102a9d7655956b8bc8486cde8bc388d009704640bcae346286d0e12a26ae0b9306929a0b858d121c73730ae09dfd2728cb2b0cce5481bf0927da7d9461cac12d399767fef07a793c77c9628d16b0551a4a033367841b9469c9ef1b9eff68ad8edb00922c3e3518c0926eca71a9b010ae5d9dde15c3ed291778999408550e554455a13bc8f2fe1a284c72c7fb4a12680d256d3677d79c6b2df69b699ef6fb0d7fdafc6e1a028cee81c7bf0702461ebad1952d42a15a3e3906c9e2ca33b0a1005ba756f54c831fe836b3efe7bc4c11d228e93438ca5e1ab9c9fff72cf0d2219f58224c342cac0a80fac82262ee05206e70f21935d7a695a1cc0a94ed336af67e9bac97c7c5fa4f300a0e9ca314da9d26d3c4589546bd588945c97201d5a4088945cc8feabc93170b8faaad5bcc635610e03c5925ce468138598b4f197b89afc19d5cf45771a652011a9963eae8acd27cdadbe46cea242c13964d3177e0cc04f9f2bab688e51081dbde4169bdc7e292e4e0d2ff48ad2666b554fdb1d4ca4e3c59f49cf6016a5c4852bb55d89b92ce72042268e7872d3310fa2692c44d564fa15b7b4d9af0e79eb63f384d1de2b0b5ca67e84df5dfed6fe41f6822fac0b864a433b7e21e1ebd1475abc71dd801239bce9e03385354eb4a4a1250a9682507bce25c85474f186c5610be3fdc53336e0dd39136ab965001fa7d2dc2ac375e31d6681618ce68f2aba5fb5e1fde42d9b5698d49362c3daf8da0b801670c2df17f7d509a7df56be4aacbc3666c25bc6a530c870f6399203bbd58bf121b1310f4abd1ea50a90d308edc540e74d77571b0eea07e5f04d4c283d861f81e213526ea307e085e452338b2f8adad0fa9e71ea8e37595ce1f730107459354e452af2293e475fe35eb836cfade2a387df3dbc02262c76555251fa9c455fc0b517a85c36d0d6d9f9f3db9d0d687a7bc5d71f005416416a4bba57e710285033310091768ace229534932f8e0221e1288a4a1d6fd6c6a6875428155b023e29a4d8d1460b1d05621e102f3b4642c57d954626ec361536f1a24ef71f28dc6f008c13ea4cb45e23a590b436c2319b0629ed8fee581a339a4508149bb46011a5cd9def21802a8869a6669e8e09d118a329d98eeb546f3ea3d915f8983a22e2632c5859d665352bd3c849bdf21bfcd4cd7b7e9b9ea3d75ff09cc306b52c23308356205ca8f6c52b52be52f19fbac9c888e1792022cbde83bb4dda4ec229dc87f704136f2d91bf8e44cfbfeeb8aaf6dcd9a6c9ed49efffafef73a86de6244a93b315f6281f932f54bac128902a219671b6ab7fd25eaee70ac19dfea6a6b2226cafaa3cb429aa377e61d6900a7766c07562306df015162d5209f851e442c22418d487f92f179f3abb7baa6c279ef87572a703aecf8e2ed0c54aed836036bdb3b915f78d38b052310c7a31065903d1cf37565a637f98bc2bdf6a804b0f3916202f72046be4121e0426b9e4894493bc964ce3ed285a60ff003cc1258f47d2133e1fcc47caff9982d7bfba72fede4d0d2ba9a7c4373b579b986b0bb0015d28ac81fdf3744e5bc66118bb7c561e24929cbc4eebe20c01598d246081ea92e6536395c1a393619090e5abf57b9157812d18e82634b43b7931885765bf0d3fb6274badb1b26597ea9f7aff4a6d0e19b3fdb92d3758f4fd43a077ae3e3fc2a719dd764ad3f7d52d62e5b11c8a12a223e2f9d93e51f78a7a36539b00"/1515], 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r5, 0x4b66, &(0x7f00000000c0)={0x1, &(0x7f0000000780)=[{}]})
r6 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, 0x0)
dup3(0xffffffffffffffff, r6, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x0, 0x0, @remote, 0x34}]}, &(0x7f0000002100)=0x10)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000040)=0x3, 0x4)
socket$netlink(0x10, 0x3, 0x0)

1.637935002s ago: executing program 0 (id=366):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100), 0x106}}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet6(0xa, 0x2, 0x3a)
r2 = dup(r1)
bind$unix(r2, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r4, 0x541c, &(0x7f0000000240))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
r7 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
r10 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r10, 0x4601, &(0x7f0000000100)={0x400, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0xffffffff}, {}, {}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.474324281s ago: executing program 3 (id=367):
syz_emit_vhci(&(0x7f0000000700)=ANY=[], 0xa)
openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mknod$loop(&(0x7f0000000180)='./file1\x00', 0x80, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f00000002c0)={0x0, 0x10000, 0x0, [], [0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe3a, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
write(r0, &(0x7f0000000040), 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d00000007000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
pselect6(0x40, &(0x7f00000045c0), 0x0, &(0x7f0000004640)={0xf8}, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
write$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1, @le_set_adv_set_rand_addr={{0x2035, 0x7}, {0xaa, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0xb)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f046})

1.387280456s ago: executing program 3 (id=368):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r2, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028008000000000000000800090001"], 0x44}, 0x1, 0x0, 0x0, 0x40850}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={0x0, 0x3c}}, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x3, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1800000000000000000480000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000cc0)='contention_begin\x00', r3}, 0x18)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0})
socket$alg(0x26, 0x5, 0x0)
setresgid(0xee00, 0xee01, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090000000000000000000000850000002a000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='vm_unmapped_area\x00', r4, 0x0, 0xfffffffffffffffc}, 0x18)
io_setup(0x202, &(0x7f0000000200))
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_procfs(0x0, 0x0)
r6 = open(0x0, 0x10b942, 0x0)
sendfile(r6, r5, 0x0, 0x80000000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', <r8=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000002140)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r8, @ANYBLOB="000000000000000018003780080001007674b779c89902800800050000000000050027000000f900040014"], 0x44}}, 0x0)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
r10 = socket(0x1d, 0x3, 0x1)
getsockopt$nfc_llcp(r10, 0x118, 0x4, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff0180c200000186dd61357bb100083a012001000000000000000000000000000000000000000000000000000000e9ff008000907807fd01090da6ddb91d7c89245412554e51c3279cae2e3e26e18b8401000000faad1c1cb3dbb475e2c152d373ef678f71d3f8ee17fbb4ff000000f56216cccef74097a5ad42929e2e21b7dacb629754d8878784310d39c861140e54eca60108d2eee0979b2a98bdb4faa7b4dcc0c9e4921b352f1478a1157c9be5aa04514da8dee807b30d42caed68960cee24fb1eb9c8936bd128e1b38180fb2119ad68d79771fc92f98c92f7ffadfed12cd0d676c07cca53f37e62d11d6f7025940dc4f05dcc16275be7f9ee99e54216d2b96dfb71d206"], 0x0)

1.32803171s ago: executing program 0 (id=369):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0, <r2=>0x0}, &(0x7f00000000c0)=0x5)
setuid(r2)
r3 = getpid()
prlimit64(r3, 0xe, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r4 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r4, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@assoc={0x18, 0x117, 0x4, 0x6}], 0x18, 0x24044901}, 0x20002081)
sendmsg$nl_route_sched_retired(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000002ac0)=@newchain={0x24, 0x64, 0x1, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0xf}, {0x5, 0xb}, {0xc}}}, 0x24}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'gre0\x00'})
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="0401040000000000240012800b00010062726964676500007953797a250629914d1400028005002b000300000005002a31e356ed804fbe52f877b1ca00000000000800250004000000c9c0ab5852f32493aba9f62630bf0dbddcba1939d39ea44d547dc174dbfa75374807db787c1e434e1f3e6572c486c98d1db5011eca8df2e64e2662958265acb338bb387ed8bbd68fe2c25544cc25d548036261594caac697e1c5b77514b7a155f9ab69a85bca138e82a15fad3585d40baafc692b2c3e0463fb5d5eda1c77cf5bf738e0b3e600"/218], 0x4c}, 0x1, 0xffffffea, 0x0, 0x4004}, 0x0)
r8 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r10, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
ioctl$TIOCL_SCROLLCONSOLE(r8, 0x541c, &(0x7f0000000080)={0xd, 0x800})
r11 = dup(r10)
socket$inet6_sctp(0xa, 0x1, 0x84)
r12 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r12, 0x84, 0xc, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
write$FUSE_BMAP(r11, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r11, &(0x7f00000000c0)={0xffffffffffffffa4}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x2278402, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=\tX,rfdno=', @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB=',cache=mmap'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)

1.316508104s ago: executing program 4 (id=370):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@getqdisc={0x24, 0x26, 0x705, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x16, 0x0, {0x1, 0xfff1}, {0x10, 0x8}, {0x4, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x4c88b}, 0x0)

1.315155746s ago: executing program 0 (id=371):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r2 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
fcntl$addseals(r2, 0x409, 0x7)
r3 = ioctl$UDMABUF_CREATE(r1, 0x40187542, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x13, r3, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000002c0)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x1006}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$CDROM_SEND_PACKET(r5, 0x5393, &(0x7f0000000100)={"4689d4c4841a41c9e4641d9d", &(0x7f0000000580)="dd4ddfa6fc50d1594c8fa8d688f85930d60eb5e2ba4ccc745a32c00faba05cc4c1fb0e59058cfb8c113709fe8d89f3a446e856a9e0bde2d437304f6dc1e9a42993612c9d2165151a562f6774693e8b2399c8afe2a3f895a3315b4734b4cd9cb6ab0e08e022c7e585649c2de0a73e7b26c8ccbfb10845517ac79530b58238e05908c48921de51ced8778a37ab0fa76b5e821809c582ac46f7aa41edb8b760feae296b02faae64d6e8", 0xa8, 0x8000001f, 0x0, 0x1, 0x0, 0x0, 0x0})
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000080)=0x454e, 0x4)
bind$inet(r6, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)

1.205793478s ago: executing program 4 (id=372):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x44}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r1, 0x0, 0x19, &(0x7f0000000000)=0x2, 0x4)
sendto$inet(r1, &(0x7f0000000140)="f461c5bbd75c35832c3137fd7a7c9ededb9aa4982eb7d5559f29307ab622103fb2913ca0cb03ba14338725d08871fc8e1e", 0x31, 0x61f4, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)
recvmmsg(r1, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

1.205575733s ago: executing program 3 (id=373):
getsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
eventfd2(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x141a82, 0x0)
dup(r0)
r1 = open(0x0, 0x18d542, 0x2)
ftruncate(r1, 0xee72)
r2 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x400}, &(0x7f0000000280), &(0x7f0000000480))
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), r3)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x63b4746a3224e34f, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)
r9 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
listen(r9, 0x1ad72f7)
accept4$netrom(r9, 0x0, 0x0, 0x80000)
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000300)='contention_end\x00', r10}, 0x18)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="140100002d0001000000000000000000030100800c0000000000000000000000140001000100000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd712090000002348c26c2026237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc0"], 0x114}], 0x1}, 0x0)

1.017310036s ago: executing program 1 (id=374):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100), 0x106}}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet6(0xa, 0x2, 0x3a)
r2 = dup(r1)
bind$unix(r2, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r4, 0x541c, &(0x7f0000000240))
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)

974.90071ms ago: executing program 1 (id=375):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000004ac0)={0x0, 0x0, &(0x7f0000004a80)={&(0x7f0000004a00)="682ec8005a86a242745b2c2f135ad986c58dca30b5", 0x15}, 0x1, 0x0, 0x0, 0x20044090}, 0x200000c0)

908.131695ms ago: executing program 1 (id=376):
syz_emit_vhci(&(0x7f0000000700)=ANY=[], 0xa)
openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mknod$loop(&(0x7f0000000180)='./file1\x00', 0x80, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f00000002c0)={0x0, 0x10000, 0x0, [], [0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe3a, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
write(r0, &(0x7f0000000040), 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d00000007000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
pselect6(0x40, &(0x7f00000045c0), 0x0, &(0x7f0000004640)={0xf8}, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
write$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1, @le_set_adv_set_rand_addr={{0x2035, 0x7}, {0xaa, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0xb)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f046})

907.777408ms ago: executing program 1 (id=377):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100), 0x106}}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet6(0xa, 0x2, 0x3a)
r2 = dup(r1)
bind$unix(r2, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
r9 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r9, 0x4601, &(0x7f0000000100)={0x400, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0xffffffff}, {}, {}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)

567.776694ms ago: executing program 1 (id=378):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x1})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340), 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000001c0))
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000004c0)="e0"})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000200)=[@acquire, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x13, r2, 0xcbff9000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f00000002c0)=[@reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})

458.131923ms ago: executing program 0 (id=379):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100), 0x106}}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet6(0xa, 0x2, 0x3a)
r2 = dup(r1)
bind$unix(r2, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r4, 0x541c, &(0x7f0000000240))
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)

408.170617ms ago: executing program 3 (id=380):
ioperm(0x0, 0x20, 0x3f)
memfd_create(&(0x7f00000005c0)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x99\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8\xfb\x16\x8e\x8b-W\xd4\xc9\xbc\x94CR[Du8U^\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xbd+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18', 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000900)={0x28, 0x3, 0x6, 0x201, 0x0, 0x0, {0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}}, 0x0)

407.110214ms ago: executing program 3 (id=381):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = openat$vhost_vsock(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7})
getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='contention_end\x00', r1}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = open(&(0x7f00000024c0)='./file0\x00', 0x325000, 0x5)
mkdirat(r4, &(0x7f0000002040)='./file0\x00', 0x0)
ioctl$HIDIOCINITREPORT(r4, 0x4805, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x200)

348.147907ms ago: executing program 4 (id=382):
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r1, &(0x7f0000000780)=[{&(0x7f00000004c0)='4', 0x1}], 0x1)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
r4 = syz_open_dev$loop(&(0x7f00000001c0), 0x40000000001, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000200)={r5, 0x0, {0x0, 0x0, 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1c, "a5bfcb2a66ef507540a2a54fcaf1860b5a61f8e207db0000009f1bb9930200000000000000cf61f3164a3790887d279d4afc7cfd1762729912aabe49225f8d79", "c943e1db06869da66fb3d998ba914272ca193f8dd5ecfdc81f22af8042677e0b2543667e306c360ce82f41f7d0431065868f4a367fb9ec6ec8cbf57917653a8a", "ae3151b9dd0fe9ca443e8ae600", [0x2]}})
syz_open_pts(r5, 0x300)
bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r3, 0x40010000)
ioctl$int_in(r3, 0x5421, &(0x7f0000000100)=0x9)
accept4(r3, 0x0, 0x0, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r8], 0x4c}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bind$rxrpc(r6, &(0x7f0000000180)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24)
write$sysctl(r2, &(0x7f0000000580)='1\x00', 0x2)

135.908446ms ago: executing program 0 (id=383):
setreuid(0x0, 0xee00)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x8000003d)
fcntl$setsig(r4, 0xa, 0x21)
getresuid(&(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)=<r5=>0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000400)={0x0, 0x0, <r6=>0x0}, &(0x7f0000000440)=0xc)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000480)=<r7=>0x0)
mount$fuse(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40492, &(0x7f0000000580)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id', 0x3d, r5}, 0x2c, {'group_id', 0x3d, r6}, 0x2c, {[{@default_permissions}, {@default_permissions}], [{@obj_role={'obj_role', 0x3d, '\x05-'}}, {@dont_measure}, {@pcr={'pcr', 0x3d, 0x40}}, {@func={'func', 0x3d, 'MODULE_CHECK'}}, {@smackfsdef={'smackfsdef', 0x3d, '\x00'}}, {@subj_type={'subj_type', 0x3d, ':-+)#'}}, {@smackfsdef={'smackfsdef', 0x3d, 'group_id'}}, {@uid_gt={'uid>', r7}}, {@appraise_type}]}})
sendmsg$ETHTOOL_MSG_RINGS_SET(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="010300000000000000002d"], 0x14}}, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r8=>0x0}, &(0x7f0000cab000)=0x32)
setresuid(0x0, r8, 0x0)
r9 = getgid()
mount$fuseblk(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x40000, &(0x7f0000000200)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r8}, 0x2c, {'group_id', 0x3d, r9}, 0x2c, {[{@allow_other}, {@allow_other}, {@max_read={'max_read', 0x3d, 0x5}}, {@default_permissions}, {@max_read={'max_read', 0x3d, 0x80}}, {@allow_other}, {@blksize={'blksize', 0x3d, 0x1000}}], [{@pcr={'pcr', 0x3d, 0x35}}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@obj_type={'obj_type', 0x3d, '\x00'}}]}})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000000100000bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff00000000ae04020000000000be400300000000006504030001ed00007b130000000000004d44000000000000630a04fe0000000071330000000000009f030000000000009500000000000000023bc065b7a379d17cf9333379fc05000000912435f1a864a710aad58db6a693002e7f3be361907adef6ee1c8a2a4f8ef1e50bec919bc461e91a7168c5181554d1b583c587e436fe275daf51efd601b6bf01c8e8b1b526375ec5dd6fcd82e4fee5bef7af9a0200000000000000e3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f645679c294392cf538b07ce2646cb7798b3e6440c2fbdb00a3e35208b0bb1d2cd871c5548930be3835f2554b4a28610643a98d9ec21ead2ed51b104d4d91af25b84550a7925c3109b151b8b9f75d80000000eda88c658d42ecbf28bf7076c15b463bebc72f526d8e4a9e231d512381e7a78afcb913466aae7f6df70252e79166d858fc152b659da074e1320060d0b11008e59a5923906f88b53987ad1714e72ba7a5b74f0c33d39000d06a59ff61622cfd9aa58fe8d485ae2c0cc65c2a36aaec2477584b6a89adaf17b0a6041bde4cc3ed54d27f777e92b87496e6649cf728d236619074d6ebdf098bc908c423d228a40f9411fe7226a40409d6e37c4f46756d31cb46761bade70063e5291569b33d21dae356e1c51f03fb8a63e089679216da18de0ae564162a27afea62d84f3a10746443d64364f56e24e6d21053d901204a1deeed41556175cbd4041b7d301bcb72652d950ad31928b0b093778b68e2e9853c02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f98928d5e9b94ff9ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cff538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595bcf50ab32d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063b59261b2e1aab1675b34a220488c126aeef5f510a8f1aded94a129e4aec6f8c3a13596c2ea3e2e04cfdce669e51731b2875353193f82ade69d0540059fe6c7fe7c00fb7502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abd47b64a1b304502dda787343ce3c95300000000010000003baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022af46667cf25c5d3038816106dec28eaeb88343261a48a18f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfeff59d54d1f92ecc4e95dd2d18383117c03987d198899b212c55318294270a1ad10d30fef7c24b78b29d83238273f4fc87afce829ba0f85da6d888f18ea40ab959f6074ab2a4009b9e5f07ab513cdc6c0e57fb1c1ca571380d7b4ead8eaf68b0c5dda0467d35a3807000000b702396df7e0cbbf93f04beb72f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ea1e717d29135753208165b9cdbae037f315c7d951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d7012c1b45f6ada1ee7baa5b6a686b50f09b7f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac4d73a008364e0602a594817031fc2ff2c32a1989e00f52f8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a9037d2283c42efc54fa84323a3c3e6e4fd2e016820f78b796a825b3dad9ce7b37507e0b83c3ecd01549bca6a016b3e18a00c748894dc3bfe5efda8b0a477d6a6562fdee45eb16e276dee992094ba9830f6c164179e7d532d86060bea930118d3cae1b8f916b9671b7000000000040f4bee5ad2dea2d14e195265504c05bba38b095e1679f96ddef65ba5de9c8cfb6465ae4165c0689a314a6eb6b36aa705b957edef3035e14b879d4e7dc00624708042e00bf9a7f7ae5f308744770759558e4fcb99c0dc957521ef255362bf2f3966f3754e81fb9bdef22c19f5a49147b85343f9f36bcda9f64b7a5c5b2f5452f5b1de02e6f15c5640bf89d4a74d51dc233dee628c1dfbb5566b98478c174b34eb234481547e484c6af101396b6977dd668b401391c1dc54f2edccf1cabe6be9868d383eb937efdfd9ade018106f544f04fc07ad525497f65fbad3cf145396acf3b0d38e6b46e28d86880fd6f62c373000000000000000000005d194c27cd4d8f6727f59c71dc84311c0f1fb6c87081c7be9355288610c32c2d8c18bf2027212182903687f48262aea54c5f8a315c9aa4a5af1aa2c4007d1baae38c270012b7eb9411ae451204dba30f8321b07a18db97c3e0cf6a15170e515b1cc463a67a5b2b23ec5662ccfa898b8d5075647bdfb390cde56efb8fd42df12c5c8f66bdc58449ec2b38bf12f5f0a49dcbcf4e6f11c47d23fa34793a0000a1cbb1e06e9a8d2449451d7a05ec0a0d3c9716f505ddeba488c60ebf44cac05c2739694359c925148137376dd3f1330ed0e9211f73ee279cc0b5c298422395ce438f48a39ff569375e609f9e904aacc3d8011326d5e4d654c74501cf16bbf72d3984f9b4ef000000003a8a3d49fc837001e4622e58e3a4ef6b55a8dd0680d951cdb6e54ed92a9a6a0e5e494b7b7b0ef4b4bafc5d964551b2a22bfd12b0761ef07a103e51e84917ee44f860b9785e264343f6a80e9318edecf73df6940856cd56c56eb3831445833c701044aaa49439a44a624267580b3c0980d7f87437bf498f6e1915450400000000000000564a02552c0a5fedbcf4da0db6ed03b9dbc224ee76d20aaf1ac74bcb7eb6f202209e64cc4d130dcf6ab3df8ae4911deb4bb5c7df97fc348d151e834be73915f854272f69d88123f666448b6a8e73322b04fffea9cc05e4129debf311c73b4d1a244b1e5b9943028745a0b6477686740ab877315e35624d791e6f71adb1acd3e22cf472ff7e048b16c11c84da9a3b16b92665912132a4dba680052919c20e191311d8092a09f3c609823fed1bd651ce1c34de105790ba2ca3afa26647f66efbf97b109e7226c74e32beb14ff3fd6918e255fc9b42f86b0188cf885afcc9bb77a7fc3ca7ec1015af494add960f8a11422ca005f24006867cd156e0350022943e301b2c07f4d37d07b05ac2fa1f1d5a0d6eb7e992b076bd77509c26034d2a740d578476310b413591884136259693effaf27e7bcfb58efa92625fb9bd68ecca42047f6e7d24b0446ea16a310073c163d1c6aa3ba1fe76b4e88d5f98cc05c6d033e2c28b4990892230d6b4e5c083a601a25145eb22f4f77313117f8147810d95c64fb78b0a000000000000000000000000e92ba8b066e4bd82bb6003d5da8791d838bcd6eefb13000000000000000000000000000000b652ff6fbad82da75114742bc6a27cba894ef490531be709a3a3c81b267dfafa55e6f855200b4e7518682c30f40808cd5bb8f00beb63b4989cc01d8e75a182337b9f9e08430ccec9bda0134d07a9f54b60033182f5d2bb61fd130d65e68bf148d26470060c707a8cf750ca954ee63c78cd975c7f565783383f02edcb7ce4a9ed0c511d18fe32352276d72eefe0d566f97ccae16b3492f60b96574aac4f1862fb6e4932c181dbf8c68ca16b765de9edba0bf5bfb9c4950d19c0bc31db02f374ce62141160436639d4b6cb0033a47ffdc54d55f1136743b1b26946f200000000000000007590ab8f29c7accd9d11786c4ca1271cd2293b572f14a3dfcaa3467f2783fc09e3eee3fa4b82b7b6ce904e05fa797a2f7ff63e4f874bd870821f6460904e05d7a3f8295a9a5fba1e3587b9d9e878c86ba9b66c4491fcff607d9cbf156f3fc0fb8c827d4e6cac493a3e2746bd5f0f8bc024352200a4250785cdca4fe3c546972d0a56e3905d1e72c33d64f6591fe25f312f47e7ec6b4640f1f6dc4efee4b8d3cfbfcbf77bfd52f0a99adc7d359233cfea0a11f5dcb87603885f08d633e842644988d2f45a1824361b5df707f726fad22d53727b4396b3d05df34933262fdb09f19837fdc2af1c721b17d54076e25ab625ae0a4c9cd900"/2994], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080)={0x0, 0x0, 0xfffffffc}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

808.919µs ago: executing program 0 (id=384):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x6)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000001c0))
ioctl$SIOCGIFHWADDR(r1, 0x8927, &(0x7f0000000080)={'veth1_macvtap\x00'})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r3)
sendmsg$IEEE802154_LIST_IFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="130326ff00"/14], 0x14}, 0x1, 0x0, 0x0, 0x200c000d}, 0x800)
socket(0xb, 0x800, 0x2010f7)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(r6, 0xc0844123, &(0x7f0000000380)=0x6)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0xf503, 0x0)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_GET_VLAN(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="2715a87c1c1fc63878998c66010000000000", @ANYRES32=r8, @ANYBLOB], 0x1c}}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r9 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x4, 0x100, 0x0, 0x1}, &(0x7f0000000300)=<r10=>0x0, &(0x7f0000000340)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x7, 0x0, 0x0, 0x0, 0xc})
io_uring_enter(r9, 0x47f6, 0x0, 0x0, 0x0, 0x0)
sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="740400001200000425bd7000fbdbdf251107c4064e204e2006000000030000000f0000000500000002000000000000000500000005000000", @ANYRES32=r8, @ANYBLOB="090000000000010000000000080000000400010006000100e5c70000ed00010027e93faf0c9012f3831570201eba89da7c6b86849eb55c65ba38b31ed2d0855d4816e8885597562b9afb7905297a9a29e7dfc072703a38c923ab37c96ef6f41f92deccdc059274b74fcdba3116ce9e04931c3427638a2b16a3f3cfceddb30fdb13ded2ce60db6e6f9d833270cfb10f96f9a3b957ddb086df5d8abb3a4978d31e314f08b8816a8870ef7fc4043ec605115bc72a51a426dd3482a5581f9045601808e8ae9eaa02563c699b94b0f94b827ba647bf876ceba9a3180cb88bff391c5d43fee2771fe7993854a813058b6118c5c093572f6a3e0783ac518a975541fb323392c72bb6b74f2e6000000096000100552dd92d18240f83eb2927db58267b48db06a9da156cce9a49d4a0d6887db31e0a1d767af6a37a49ef1aa2ec6b57914605716df223a51d03ffce488cfabebbd52312467207292f42f4f946268f11b17c82b579e2fdf4836028f10f5096951d9f334b25bb8180d628e5290ae27ff32b4efd2139910247a727b0f81c94a0a5a5755497b79894366f93a185147bc4bdefd623700000b6000100e596f514dc267140f5a2a76b5f6180e9ae209754b72335cb681e85977c9b8a69fda42e023e30c9f3a44ffb95e5757d05414769ba7b91ac978240f44ccdcb4bf94438f41146f9798c629c885a3b516edb8f70e57037f314cb6b2fe20fc7e05baed9c48c2633e1d1ca38f3e2155f42f8fb2fbfc9b3311a32b3c569f023dd7fd8c2c60160f033d9c0adf655515aa4c8c9380c827869bb8a6134e5c6f16ae49aa785dcf5b43e7e1b3ee8ccb9164b737b12002f860000c8000100b13e546ea268c1b7b7f87857cde34c228f852542c179738e46effec623d65607c71d8bd4c71293c9acfa9a2a003a7c06cb69a7bd2fb8a30ce1e9ac3b66702b02bd6a7f40ee2b8d9b2d9cfe19a53e5718be0331187dfd092ad690cebf82d21a90d2d36e8471f2d537387cdbc86b86c23a5f8453adfb07c6a10df073fcdff140a5068321caf5c0e4eca2c47ad9892ca1439125f94b2a7e512b57cff32e5abecc98bdb2a540dba6dadfcb0e34eaaefdf82627325934b4edbe90307e1cabb67842ead221a181cf000100537aac7d9cae5a0c29778fc9287cdad3baebf06df51df0f537c97a8c61018db5967ef51da327f5781e20d423a22a312e804c93c017701c5e8041022bcb4061258acf5b634724f28b6b6d92b1ebade1ded3d17d492b2728385f3bae9014bd5ae6c68743d7f561243d978178415b82e44ee7058291818277385ccb634dbba3db2a75a7f922464f1504dd86691e6d819474c38d2b56bbdacd37e52e0c015e321be5e16455a0714edcf88ff004471aba61425e5abc97d4c05b981655f4a22f779a2a8413a28566943cbe1bb50000440001003e977803c4b43632bc1d8c3037c24de3cf55ccfec23a651d04a25c8f88ff6363ec0ee3805bdb806ce639ceb786f73e66d97cce85"], 0x474}, 0x1, 0x0, 0x0, 0x40}, 0x4004800)
openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
io_setup(0x6, &(0x7f0000000540))
syz_open_procfs(0x0, &(0x7f0000000100)='attr/current\x00')
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

0s ago: executing program 4 (id=385):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
ppoll(&(0x7f0000000340)=[{r0}], 0x200000000000006c, &(0x7f0000000380)={0x0, 0x989680}, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae03, 0x4a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = socket$kcm(0x29, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x85, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
r4 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x4, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r5, 0xc02c564a, &(0x7f0000001200)={0x0, 0x300b})
pwritev(r4, &(0x7f0000000040)=[{&(0x7f0000000480)="db", 0x1}], 0x1, 0x4000001, 0x0)
sendfile(r3, r4, 0x0, 0x8000fb00)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000280)={0x0, 0x2, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r8, 0x4138ae84, &(0x7f0000000100)={{}, {}, {0xd5c76000, 0x8000000}, {0x0, 0x1000}, {0x2000}, {}, {}, {}, {}, {}, 0xddf8ffdb})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_TRANSLATE(r8, 0xc018ae85, &(0x7f0000000040))
r9 = openat$vga_arbiter(0xffffff9c, &(0x7f0000000780), 0x1, 0x0)
write$vga_arbiter(r9, &(0x7f00000007c0)=@other={'lock', ' ', 'none'}, 0xa)
socket$inet6_udplite(0xa, 0x2, 0x88)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:44272' (ED25519) to the list of known hosts.
[   31.584149][ T5852] cgroup: Unknown subsys name 'net'
[   31.691762][ T5852] cgroup: Unknown subsys name 'cpuset'
[   31.694940][ T5852] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   32.444375][ T5852] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   34.995286][ T5926] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   35.003262][ T5932] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   35.007645][ T5932] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   35.010248][ T5932] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   35.012529][ T5932] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   35.015176][ T5932] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   35.018139][ T5932] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   35.019804][ T5935] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   35.020500][ T5932] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   35.022532][ T5935] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   35.024395][ T5932] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   35.027345][ T5936] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   35.028565][ T5932] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   35.030544][ T5936] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   35.033014][ T5932] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   35.034442][ T5936] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   35.036449][ T5932] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   35.040039][ T5293] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   35.040737][ T5932] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   35.042461][ T5293] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   35.043887][ T5938] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   35.044109][ T5938] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   35.046303][ T5293] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   35.052077][ T5938] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   35.194316][ T5922] chnl_net:caif_netlink_parms(): no params data found
[   35.216266][ T5933] chnl_net:caif_netlink_parms(): no params data found
[   35.267898][ T5923] chnl_net:caif_netlink_parms(): no params data found
[   35.275530][ T5929] chnl_net:caif_netlink_parms(): no params data found
[   35.334980][ T5933] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.337379][ T5933] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.339657][ T5933] bridge_slave_0: entered allmulticast mode
[   35.341818][ T5933] bridge_slave_0: entered promiscuous mode
[   35.362216][ T5922] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.364458][ T5922] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.366506][ T5922] bridge_slave_0: entered allmulticast mode
[   35.369191][ T5922] bridge_slave_0: entered promiscuous mode
[   35.410381][ T5933] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.412494][ T5933] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.414549][ T5933] bridge_slave_1: entered allmulticast mode
[   35.416663][ T5933] bridge_slave_1: entered promiscuous mode
[   35.422430][ T5922] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.424497][ T5922] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.426539][ T5922] bridge_slave_1: entered allmulticast mode
[   35.428641][ T5922] bridge_slave_1: entered promiscuous mode
[   35.490298][ T5922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.492981][ T5923] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.495012][ T5923] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.497155][ T5923] bridge_slave_0: entered allmulticast mode
[   35.499339][ T5923] bridge_slave_0: entered promiscuous mode
[   35.516588][ T5929] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.518675][ T5929] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.521596][ T5929] bridge_slave_0: entered allmulticast mode
[   35.523721][ T5929] bridge_slave_0: entered promiscuous mode
[   35.526693][ T5922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.529431][ T5923] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.531665][ T5923] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.533771][ T5923] bridge_slave_1: entered allmulticast mode
[   35.535960][ T5923] bridge_slave_1: entered promiscuous mode
[   35.548083][ T5933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.551865][ T5929] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.553946][ T5929] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.556021][ T5929] bridge_slave_1: entered allmulticast mode
[   35.558384][ T5929] bridge_slave_1: entered promiscuous mode
[   35.583895][ T5923] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.587583][ T5933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.615777][ T5922] team0: Port device team_slave_0 added
[   35.618306][ T5923] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.629113][ T5929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.633103][ T5929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.647892][ T5922] team0: Port device team_slave_1 added
[   35.659061][ T5933] team0: Port device team_slave_0 added
[   35.663198][ T5933] team0: Port device team_slave_1 added
[   35.701511][ T5929] team0: Port device team_slave_0 added
[   35.713517][ T5923] team0: Port device team_slave_0 added
[   35.715663][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_0
[   35.717651][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.725246][ T5933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   35.730184][ T5929] team0: Port device team_slave_1 added
[   35.732164][ T5922] batman_adv: batadv0: Adding interface: batadv_slave_0
[   35.734179][ T5922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.742173][ T5922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   35.746815][ T5923] team0: Port device team_slave_1 added
[   35.749045][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_1
[   35.751128][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.758439][ T5933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   35.769897][ T5922] batman_adv: batadv0: Adding interface: batadv_slave_1
[   35.771957][ T5922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.779637][ T5922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   35.807846][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_0
[   35.810438][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.817743][ T5929] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   35.821521][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_1
[   35.823809][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.831089][ T5929] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   35.836667][ T5923] batman_adv: batadv0: Adding interface: batadv_slave_0
[   35.838718][ T5923] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.846974][ T5923] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   35.851680][ T5923] batman_adv: batadv0: Adding interface: batadv_slave_1
[   35.853697][ T5923] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   35.861209][ T5923] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   35.908632][ T5933] hsr_slave_0: entered promiscuous mode
[   35.911470][ T5933] hsr_slave_1: entered promiscuous mode
[   35.915636][ T5923] hsr_slave_0: entered promiscuous mode
[   35.917601][ T5923] hsr_slave_1: entered promiscuous mode
[   35.919835][ T5923] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   35.922231][ T5923] Cannot create hsr debugfs directory
[   35.950271][ T5922] hsr_slave_0: entered promiscuous mode
[   35.952583][ T5922] hsr_slave_1: entered promiscuous mode
[   35.954464][ T5922] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   35.956644][ T5922] Cannot create hsr debugfs directory
[   35.962164][ T5929] hsr_slave_0: entered promiscuous mode
[   35.964364][ T5929] hsr_slave_1: entered promiscuous mode
[   35.966229][ T5929] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   35.968414][ T5929] Cannot create hsr debugfs directory
[   36.153900][ T5933] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   36.160025][ T5933] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   36.164555][ T5933] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   36.171101][ T5933] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   36.205296][ T5923] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   36.208889][ T5923] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   36.212286][ T5923] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   36.223838][ T5923] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   36.236327][ T5929] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   36.241478][ T5929] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   36.249284][ T5929] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   36.252838][ T5929] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   36.274428][ T5922] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   36.279060][ T5922] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   36.282739][ T5922] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   36.288314][ T5922] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   36.326970][ T5933] 8021q: adding VLAN 0 to HW filter on device bond0
[   36.333285][ T5923] 8021q: adding VLAN 0 to HW filter on device bond0
[   36.344326][ T5923] 8021q: adding VLAN 0 to HW filter on device team0
[   36.355832][ T5933] 8021q: adding VLAN 0 to HW filter on device team0
[   36.367717][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.369994][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.375765][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.378355][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.382268][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.384853][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.390529][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.393123][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.397611][ T5929] 8021q: adding VLAN 0 to HW filter on device bond0
[   36.411157][ T5929] 8021q: adding VLAN 0 to HW filter on device team0
[   36.418060][ T5922] 8021q: adding VLAN 0 to HW filter on device bond0
[   36.424983][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.427055][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.437694][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.439807][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.452897][ T5922] 8021q: adding VLAN 0 to HW filter on device team0
[   36.462280][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.464361][ T1146] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.471897][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.473952][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.512298][ T5933] 8021q: adding VLAN 0 to HW filter on device batadv0
[   36.527876][ T5933] veth0_vlan: entered promiscuous mode
[   36.534111][ T5933] veth1_vlan: entered promiscuous mode
[   36.545261][ T5923] 8021q: adding VLAN 0 to HW filter on device batadv0
[   36.551994][ T5933] veth0_macvtap: entered promiscuous mode
[   36.556202][ T5933] veth1_macvtap: entered promiscuous mode
[   36.568172][ T5929] 8021q: adding VLAN 0 to HW filter on device batadv0
[   36.572688][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_0
[   36.580053][ T5922] 8021q: adding VLAN 0 to HW filter on device batadv0
[   36.582691][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_1
[   36.586359][ T5933] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   36.588960][ T5933] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   36.591550][ T5933] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   36.594052][ T5933] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   36.608947][ T5923] veth0_vlan: entered promiscuous mode
[   36.618459][ T5923] veth1_vlan: entered promiscuous mode
[   36.645831][ T5929] veth0_vlan: entered promiscuous mode
[   36.659320][ T5922] veth0_vlan: entered promiscuous mode
[   36.662588][ T5929] veth1_vlan: entered promiscuous mode
[   36.667829][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.670523][ T5922] veth1_vlan: entered promiscuous mode
[   36.670697][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.673090][ T5923] veth0_macvtap: entered promiscuous mode
[   36.682323][ T5923] veth1_macvtap: entered promiscuous mode
[   36.694045][   T96] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.698351][   T96] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.699900][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.703508][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.706726][ T5923] batman_adv: batadv0: Interface activated: batadv_slave_0
[   36.711862][ T5922] veth0_macvtap: entered promiscuous mode
[   36.714095][ T5929] veth0_macvtap: entered promiscuous mode
[   36.717092][ T5923] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.720625][ T5923] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.724290][ T5923] batman_adv: batadv0: Interface activated: batadv_slave_1
[   36.729406][ T5922] veth1_macvtap: entered promiscuous mode
[   36.736612][ T5933] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   36.736887][ T5923] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   36.743580][ T5923] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   36.746050][ T5923] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   36.748550][ T5923] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   36.757887][ T5929] veth1_macvtap: entered promiscuous mode
[   36.764682][ T5922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.768552][ T5922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.771726][ T5922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.774675][ T5922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.777913][ T5922] batman_adv: batadv0: Interface activated: batadv_slave_0
[   36.781293][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.784313][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.787094][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.790843][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.793623][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.796587][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.799899][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_0
[   36.809716][ T5922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.812687][ T5922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.815436][ T5922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.818354][ T5922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.822200][ T5922] batman_adv: batadv0: Interface activated: batadv_slave_1
[   36.825198][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.828177][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.831102][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.834050][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.836802][ T5929] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.839919][ T5929] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.843090][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_1
[   36.847258][ T5929] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   36.849942][ T5929] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   36.852420][ T5929] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   36.854916][ T5929] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   36.860420][ T5997] syzkaller0: entered allmulticast mode
[   36.863643][ T5922] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   36.866399][ T5922] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   36.869083][ T5922] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   36.871853][ T5922] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   36.907121][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.910285][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.933198][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.935472][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.941785][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.944031][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.951078][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.953420][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.955736][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.958067][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.977365][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.981129][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   37.029760][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   37.032996][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   37.036007][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   37.038989][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   37.061007][ T5938] Bluetooth: hci3: command tx timeout
[   37.061079][ T5931] Bluetooth: hci0: command tx timeout
[   37.134464][ T6012] Zero length message leads to an empty skb
[   37.140216][ T5931] Bluetooth: hci2: command tx timeout
[   37.140292][ T5938] Bluetooth: hci1: command tx timeout
[   37.166580][ T6006] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   37.169039][ T6006] IPv6: NLM_F_CREATE should be set when creating new route
[   37.176021][ T6006] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   37.239762][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   37.262641][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   37.699698][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   37.702984][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   37.706494][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   37.710583][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   38.076976][ T6046] netlink: 'syz.0.11': attribute type 1 has an invalid length.
[   38.115918][ T6046] Bluetooth: MGMT ver 1.23
[   38.307613][ T6049] kvm: Disabled LAPIC found during irq injection
[   39.117212][ T6059] trusted_key: syz.1.14 sent an empty control message without MSG_MORE.
[   39.143652][ T5995] IPVS: starting estimator thread 0...
[   39.151136][ T5938] Bluetooth: hci3: command tx timeout
[   39.151165][ T5931] Bluetooth: hci0: command tx timeout
[   39.229622][ T5931] Bluetooth: hci1: command tx timeout
[   39.230152][ T5938] Bluetooth: hci2: command tx timeout
[   39.231520][ T6067] IPVS: using max 41 ests per chain, 98400 per kthread
[   39.679305][ T6073] syz.1.17: attempt to access beyond end of device
[   39.679305][ T6073] loop1: rw=0, sector=0, nr_sectors = 1 limit=0
[   39.684186][ T6073] FAT-fs (loop1): unable to read boot sector
[   39.764005][ T6073] 9pnet_fd: Insufficient options for proto=fd
[   39.849682][ T6089] netlink: 32 bytes leftover after parsing attributes in process `syz.3.20'.
[   39.853398][ T6089] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode
[   40.747979][ T6129] netlink: 187320 bytes leftover after parsing attributes in process `syz.2.26'.
[   40.752828][ T6129] netlink: zone id is out of range
[   40.754771][ T6129] netlink: zone id is out of range
[   40.774347][ T6129] process 'syz.2.26' launched './file0' with NULL argv: empty string added
[   40.812140][ T6135] netlink: 'syz.3.27': attribute type 1 has an invalid length.
[   40.837099][ T6135] bond1 (unregistering): Released all slaves
[   41.064650][ T6144] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   41.129003][ T6148] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   41.219775][ T5938] Bluetooth: hci0: command tx timeout
[   41.222662][ T5938] Bluetooth: hci3: command tx timeout
[   41.224212][   T39] audit: type=1400 audit(1735092978.278:2): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F0413
[   41.299992][ T5931] Bluetooth: hci2: command tx timeout
[   41.325758][    C2] vkms_vblank_simulate: vblank timer overrun
[   41.329631][ T5938] Bluetooth: hci1: command tx timeout
[   41.335205][ T6156] kvm: Disabled LAPIC found during irq injection
[   41.639594][ T6170] netlink: 'syz.3.36': attribute type 1 has an invalid length.
[   42.308246][ T6209] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   42.450885][ T6214] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   42.459252][   T39] audit: type=1400 audit(1735092979.508:3): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F0413
[   42.514564][ T6172] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   42.551189][ T6172] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[   42.563430][ T6172] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   42.565178][ T6172] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[   42.584676][ T6172] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   42.586387][ T6172] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[   42.600222][ T6172] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   42.601997][ T6172] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[   43.176703][ T6238] can0: slcan on ttyS3.
[   43.189600][   T57] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   43.339541][   T57] usb 7-1: Using ep0 maxpacket: 8
[   43.344181][   T57] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   43.346951][   T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   43.349783][   T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   43.352573][   T57] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   43.356278][   T57] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   43.358824][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   43.570657][   T57] usb 7-1: usb_control_msg returned -32
[   43.572504][   T57] usbtmc 7-1:16.0: can't read capabilities
[   43.573869][ T6234] netlink: 16 bytes leftover after parsing attributes in process `syz.2.49'.
[   43.718286][ T6247] warning: `syz.3.53' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   43.754988][ T6251] FAULT_INJECTION: forcing a failure.
[   43.754988][ T6251] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   43.758790][ T6251] CPU: 2 UID: 0 PID: 6251 Comm: syz.3.54 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0
[   43.761736][ T6251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   43.764721][ T6251] Call Trace:
[   43.765687][ T6251]  <TASK>
[   43.766544][ T6251]  dump_stack_lvl+0x16c/0x1f0
[   43.767895][ T6251]  should_fail_ex+0x497/0x5b0
[   43.769271][ T6251]  _copy_to_user+0x32/0xd0
[   43.770580][ T6251]  simple_read_from_buffer+0xd0/0x160
[   43.772150][ T6251]  proc_fail_nth_read+0x198/0x270
[   43.773571][ T6251]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   43.775143][ T6251]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   43.776737][ T6251]  vfs_read+0x1df/0xbe0
[   43.777942][ T6251]  ? __fget_files+0x1fc/0x3a0
[   43.779360][ T6251]  ? __pfx___mutex_lock+0x10/0x10
[   43.780957][ T6251]  ? __pfx_vfs_read+0x10/0x10
[   43.782360][ T6251]  ? __fget_files+0x206/0x3a0
[   43.783734][ T6251]  ksys_read+0x12b/0x250
[   43.784968][ T6251]  ? __pfx_ksys_read+0x10/0x10
[   43.786347][ T6251]  __do_fast_syscall_32+0x73/0x120
[   43.787849][ T6251]  do_fast_syscall_32+0x32/0x80
[   43.789284][ T6251]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   43.791098][ T6251] RIP: 0023:0xf7fcf579
[   43.792265][ T6251] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   43.797703][ T6251] RSP: 002b:00000000f5126590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   43.800116][ T6251] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5126620
[   43.802362][ T6251] RDX: 000000000000000f RSI: 00000000f7463ff4 RDI: 0000000000000000
[   43.804613][ T6251] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   43.806886][ T6251] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   43.809150][ T6251] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   43.811384][ T6251]  </TASK>
[   43.812381][    C2] vkms_vblank_simulate: vblank timer overrun
[   43.814421][    C2] hpet: Lost 2 RTC interrupts
[   43.845940][ T6253] netlink: 'syz.1.52': attribute type 1 has an invalid length.
[   43.857448][ T6256] FAULT_INJECTION: forcing a failure.
[   43.857448][ T6256] name failslab, interval 1, probability 0, space 0, times 1
[   43.861460][ T6256] CPU: 2 UID: 0 PID: 6256 Comm: syz.3.55 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0
[   43.864498][ T6256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   43.867523][ T6256] Call Trace:
[   43.868492][ T6256]  <TASK>
[   43.869418][ T6256]  dump_stack_lvl+0x16c/0x1f0
[   43.871023][ T6256]  should_fail_ex+0x497/0x5b0
[   43.872425][ T6256]  should_failslab+0xc2/0x120
[   43.873800][ T6256]  kmem_cache_alloc_noprof+0x6e/0x3b0
[   43.875361][ T6256]  ? skb_clone+0x190/0x3f0
[   43.876612][ T6256]  skb_clone+0x190/0x3f0
[   43.877877][ T6256]  netlink_deliver_tap+0xafd/0xca0
[   43.879796][ T6256]  netlink_unicast+0x6b4/0x7f0
[   43.881668][ T6256]  ? __pfx_netlink_unicast+0x10/0x10
[   43.883719][ T6256]  ? lockdep_hardirqs_on+0x7c/0x110
[   43.885661][ T6256]  ? __dev_queue_xmit+0x89b/0x43e0
[   43.887627][ T6256]  ? __local_bh_enable_ip+0xa4/0x120
[   43.889638][ T6256]  netlink_ack+0x6a5/0xb20
[   43.891216][ T6256]  netlink_rcv_skb+0x327/0x410
[   43.893023][ T6256]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   43.894978][ T6256]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   43.896982][ T6256]  ? __pfx_aa_get_newest_label+0x10/0x10
[   43.899076][ T6256]  ? bpf_lsm_capable+0x9/0x10
[   43.900396][ T6256]  ? security_capable+0x7e/0x260
[   43.901769][ T6256]  ? ns_capable+0xd7/0x110
[   43.903026][ T6256]  nfnetlink_rcv+0x1b4/0x430
[   43.904334][ T6256]  ? __pfx_nfnetlink_rcv+0x10/0x10
[   43.905753][ T6256]  ? netlink_deliver_tap+0x1ae/0xca0
[   43.907236][ T6256]  netlink_unicast+0x53c/0x7f0
[   43.908598][ T6256]  ? __pfx_netlink_unicast+0x10/0x10
[   43.910027][ T6256]  ? __phys_addr_symbol+0x30/0x80
[   43.911475][ T6256]  ? __check_object_size+0x488/0x710
[   43.912965][ T6256]  netlink_sendmsg+0x8b8/0xd70
[   43.914340][ T6256]  ? __pfx_netlink_sendmsg+0x10/0x10
[   43.915810][ T6256]  ____sys_sendmsg+0x9ae/0xb40
[   43.917136][ T6256]  ? __pfx_____sys_sendmsg+0x10/0x10
[   43.918665][ T6256]  ? get_compat_msghdr+0x11b/0x170
[   43.920140][ T6256]  ___sys_sendmsg+0x135/0x1e0
[   43.921478][ T6256]  ? __pfx____sys_sendmsg+0x10/0x10
[   43.922982][ T6256]  ? __pfx_lock_release+0x10/0x10
[   43.924434][ T6256]  ? trace_lock_acquire+0x14e/0x1f0
[   43.925931][ T6256]  ? __fget_files+0x206/0x3a0
[   43.927279][ T6256]  __sys_sendmsg+0x16e/0x220
[   43.928637][ T6256]  ? __pfx___sys_sendmsg+0x10/0x10
[   43.930109][ T6256]  __do_fast_syscall_32+0x73/0x120
[   43.931577][ T6256]  do_fast_syscall_32+0x32/0x80
[   43.932944][ T6256]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   43.934706][ T6256] RIP: 0023:0xf7fcf579
[   43.935899][ T6256] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   43.941327][ T6256] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   43.943700][ T6256] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0
[   43.945878][ T6256] RDX: 0000000004008080 RSI: 0000000000000000 RDI: 0000000000000000
[   43.948086][ T6256] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   43.950265][ T6256] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   43.952515][ T6256] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   43.954705][ T6256]  </TASK>
[   43.955678][    C2] vkms_vblank_simulate: vblank timer overrun
[   43.960328][ T6235] can0 (unregistered): slcan off ttyS3.
[   45.101604][ T6294] netlink: 224 bytes leftover after parsing attributes in process `syz.3.67'.
[   45.959833][ T2175] usb 7-1: USB disconnect, device number 2
[   46.012521][ T6314] syz.2.73 uses obsolete (PF_INET,SOCK_PACKET)
[   46.060873][   T64] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   46.079371][ T6315] netlink: 8 bytes leftover after parsing attributes in process `syz.2.73'.
[   46.220308][   T64] usb 5-1: Using ep0 maxpacket: 16
[   46.233428][   T64] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[   46.237089][   T64] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[   46.240668][   T64] usb 5-1: Product: syz
[   46.242488][   T64] usb 5-1: Manufacturer: syz
[   46.244345][   T64] usb 5-1: SerialNumber: syz
[   46.248293][   T64] usb 5-1: config 0 descriptor??
[   46.516384][  T835] usb 5-1: USB disconnect, device number 2
[   46.542731][ T5928] udevd[5928]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   46.666728][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.765062][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.849120][ T5938] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   46.854034][ T5938] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   46.857355][ T5938] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   46.865483][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.865620][ T5938] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   46.878087][ T5938] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   46.881841][ T5938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   46.896095][ T5931] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   46.899185][ T5931] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   46.901747][ T5931] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   46.904487][ T5931] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   46.909105][ T5931] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   46.912056][ T5931] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   46.950869][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.014608][ T6329] chnl_net:caif_netlink_parms(): no params data found
[   47.061543][ T6329] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.063607][ T6329] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.065667][ T6329] bridge_slave_0: entered allmulticast mode
[   47.067768][ T6329] bridge_slave_0: entered promiscuous mode
[   47.071389][ T6329] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.073557][ T6329] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.075675][ T6329] bridge_slave_1: entered allmulticast mode
[   47.077742][ T6329] bridge_slave_1: entered promiscuous mode
[   47.121586][ T6329] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.125628][   T11] bridge_slave_1: left allmulticast mode
[   47.127891][   T11] bridge_slave_1: left promiscuous mode
[   47.130340][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.138891][   T11] bridge_slave_0: left allmulticast mode
[   47.141585][   T11] bridge_slave_0: left promiscuous mode
[   47.143349][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.401256][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   47.405071][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   47.408316][   T11] bond0 (unregistering): Released all slaves
[   47.414233][ T6329] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.473143][ T6329] team0: Port device team_slave_0 added
[   47.498876][ T6329] team0: Port device team_slave_1 added
[   47.525932][ T6329] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.528091][ T6329] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.536876][ T6329] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.541608][ T6329] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.543877][ T6329] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.552772][ T6329] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.568172][ T6353] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   47.579664][ T6347] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   47.580927][ T6353] netlink: 12 bytes leftover after parsing attributes in process `syz.1.83'.
[   47.582369][ T6347] IPv6: NLM_F_CREATE should be set when creating new route
[   47.620632][ T6329] hsr_slave_0: entered promiscuous mode
[   47.622964][ T6329] hsr_slave_1: entered promiscuous mode
[   47.625417][ T6329] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.628427][ T6329] Cannot create hsr debugfs directory
[   47.782337][   T11] hsr_slave_0: left promiscuous mode
[   47.784445][   T11] hsr_slave_1: left promiscuous mode
[   47.786587][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   47.788806][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[   47.796040][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   47.798156][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[   47.835868][   T11] veth1_macvtap: left promiscuous mode
[   47.837717][   T11] veth0_macvtap: left promiscuous mode
[   47.839431][   T11] veth1_vlan: left promiscuous mode
[   47.844437][   T11] veth0_vlan: left promiscuous mode
[   48.159681][ T5977] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   48.323661][   T11] team0 (unregistering): Port device team_slave_1 removed
[   48.329560][ T5977] usb 5-1: Using ep0 maxpacket: 16
[   48.334021][ T5977] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[   48.336967][ T5977] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[   48.340360][ T5977] usb 5-1: Product: syz
[   48.341641][ T5977] usb 5-1: Manufacturer: syz
[   48.343058][ T5977] usb 5-1: SerialNumber: syz
[   48.345534][ T5977] usb 5-1: config 0 descriptor??
[   48.395534][   T11] team0 (unregistering): Port device team_slave_0 removed
[   48.561956][ T6370] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0
[   48.573321][   T35] usb 5-1: USB disconnect, device number 3
[   48.743402][ T6366] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   48.745480][ T6366] IPv6: NLM_F_CREATE should be set when creating new route
[   48.777861][ T6329] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   48.788860][ T6329] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   48.806629][ T6329] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   48.818963][ T5928] udevd[5928]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   48.834039][ T6329] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   48.886896][ T6329] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.893684][ T6384] 9pnet_fd: Insufficient options for proto=fd
[   48.899824][ T6329] 8021q: adding VLAN 0 to HW filter on device team0
[   48.904124][   T76] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.906141][   T76] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.935236][   T76] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.937311][   T76] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.984762][   T39] audit: type=1326 audit(1735092986.028:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6388 comm="syz.3.93" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fcf579 code=0x0
[   48.989876][ T5938] Bluetooth: hci0: command tx timeout
[   49.029429][ T6329] 8021q: adding VLAN 0 to HW filter on device batadv0
[   49.136295][ T6410] netlink: 'syz.3.95': attribute type 29 has an invalid length.
[   49.140953][ T6410] vivid-000: =================  START STATUS  =================
[   49.143456][ T6410] vivid-000: Test Pattern: 75% Colorbar
[   49.145151][ T6410] vivid-000: Fill Percentage of Frame: 100
[   49.146861][ T6410] vivid-000: Horizontal Movement: No Movement
[   49.148805][ T6410] vivid-000: Vertical Movement: No Movement
[   49.161598][ T6410] vivid-000: OSD Text Mode: All
[   49.163075][ T6410] vivid-000: Show Border: false
[   49.164507][ T6410] vivid-000: Show Square: false
[   49.165923][ T6410] vivid-000: Sensor Flipped Horizontally: false
[   49.167732][ T6410] vivid-000: Sensor Flipped Vertically: false
[   49.172895][ T6410] vivid-000: Insert SAV Code in Image: false
[   49.174708][ T6410] vivid-000: Insert EAV Code in Image: false
[   49.176461][ T6410] vivid-000: Insert Video Guard Band: false
[   49.178200][ T6410] vivid-000: Reduced Framerate: false
[   49.181822][ T6410] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[   49.184139][ T6410] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[   49.186395][ T6410] vivid-000: Enable Capture Cropping: true
[   49.188157][ T6410] vivid-000: Enable Capture Composing: true
[   49.190228][ T6410] vivid-000: Enable Capture Scaler: true
[   49.193102][ T6410] vivid-000: Timestamp Source: End of Frame
[   49.197277][ T6410] vivid-000: Colorspace: sRGB
[   49.198776][ T6410] vivid-000: Transfer Function: Default
[   49.202322][ T6410] vivid-000: Y'CbCr Encoding: Default
[   49.204096][ T6410] vivid-000: HSV Encoding: Hue 0-179
[   49.205927][ T6410] vivid-000: Quantization: Default
[   49.207498][ T6410] vivid-000: Apply Alpha To Red Only: false
[   49.209272][ T6410] vivid-000: Standard Aspect Ratio: 4x3
[   49.210149][ T6329] veth0_vlan: entered promiscuous mode
[   49.215396][ T6329] veth1_vlan: entered promiscuous mode
[   49.220199][ T6410] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[   49.223359][ T6410] vivid-000: DV Timings: 640x480p59 inactive
[   49.225783][ T6410] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[   49.228718][ T6410] vivid-000: Maximum EDID Blocks: 2
[   49.229664][ T6329] veth0_macvtap: entered promiscuous mode
[   49.234137][ T6329] veth1_macvtap: entered promiscuous mode
[   49.244149][ T6329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   49.247604][ T6329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   49.247800][ T6410] vivid-000: Limited RGB Range (16-235): false
[   49.252150][ T6329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   49.255536][ T6329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   49.258383][ T6329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   49.259616][ T6410] vivid-000: Rx RGB Quantization Range: Automatic
[   49.262971][ T6329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   49.263897][ T6410] vivid-000: Power Present: 0x00000001
[   49.268390][ T6410] tpg source WxH: 640x360 (Y'CbCr)
[   49.275890][ T6329] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.278945][ T6410] tpg field: 1
[   49.281069][ T6410] tpg crop: 640x360@0x0
[   49.282722][ T6410] tpg compose: 640x360@0x0
[   49.284018][ T6410] tpg colorspace: 8
[   49.285117][ T6410] tpg transfer function: 0/0
[   49.286424][ T6410] tpg Y'CbCr encoding: 0/0
[   49.287697][ T6410] tpg quantization: 0/0
[   49.288923][ T6410] tpg RGB range: 0/2
[   49.290657][ T6410] vivid-000: ==================  END STATUS  ==================
[   49.295237][ T6329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   49.298771][ T6329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   49.304081][ T6329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   49.308125][ T6329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   49.320703][ T6329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   49.323893][ T6329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   49.327093][ T6329] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.345919][ T6329] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.350091][ T6329] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.353623][ T6329] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.359675][ T6329] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.400604][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.403837][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.418692][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   49.421457][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.441817][ T6428] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   49.443937][ T6428] IPv6: NLM_F_CREATE should be set when creating new route
[   49.446399][ T6428] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   49.531889][ T6438] =======================================================
[   49.531889][ T6438] WARNING: The mand mount option has been deprecated and
[   49.531889][ T6438]          and is ignored by this kernel. Remove the mand
[   49.531889][ T6438]          option from the mount to silence this warning.
[   49.531889][ T6438] =======================================================
[   49.558055][ T6442] random: crng reseeded on system resumption
[   49.860509][ T6460] sd 0:0:0:0: PR command failed: 1026
[   49.862085][ T6460] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[   49.864380][ T6460] sd 0:0:0:0: Add. Sense: Invalid command operation code
[   50.058936][ T6479] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   50.119862][ T6479] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   50.179366][ T6479] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   50.505486][ T6494] netlink: 260 bytes leftover after parsing attributes in process `syz.3.106'.
[   50.508285][ T6494] netlink: 256 bytes leftover after parsing attributes in process `syz.3.106'.
[   50.510949][ T6494] unsupported nlmsg_type 40
[   50.678571][ T6498] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   50.710232][ T6498] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   50.730784][ T6499] netlink: 8 bytes leftover after parsing attributes in process `syz.1.107'.
[   50.756371][ T6499] sit1: entered promiscuous mode
[   50.757927][ T6499] sit1: entered allmulticast mode
[   50.972682][ T6509] ieee802154 phy1 wpan1: encryption failed: -22
[   51.069701][ T5938] Bluetooth: hci0: command tx timeout
[   51.547870][ T6529] netlink: 'syz.1.115': attribute type 29 has an invalid length.
[   51.556186][ T6529] vivid-000: =================  START STATUS  =================
[   51.558399][ T6529] vivid-000: Test Pattern: 75% Colorbar
[   51.560893][ T6529] vivid-000: Fill Percentage of Frame: 100
[   51.562651][ T6529] vivid-000: Horizontal Movement: No Movement
[   51.564526][ T6529] vivid-000: Vertical Movement: No Movement
[   51.566297][ T6529] vivid-000: OSD Text Mode: All
[   51.567806][ T6529] vivid-000: Show Border: false
[   51.569259][ T6529] vivid-000: Show Square: false
[   51.571029][ T6529] vivid-000: Sensor Flipped Horizontally: false
[   51.576512][ T6529] vivid-000: Sensor Flipped Vertically: false
[   51.579732][ T6529] vivid-000: Insert SAV Code in Image: false
[   51.581462][ T6529] vivid-000: Insert EAV Code in Image: false
[   51.583149][ T6529] vivid-000: Insert Video Guard Band: false
[   51.584813][ T6529] vivid-000: Reduced Framerate: false
[   51.586309][ T6529] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[   51.588411][ T6529] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[   51.590776][ T6529] vivid-000: Enable Capture Cropping: true
[   51.592401][ T6529] vivid-000: Enable Capture Composing: true
[   51.594041][ T6529] vivid-000: Enable Capture Scaler: true
[   51.595606][ T6529] vivid-000: Timestamp Source: End of Frame
[   51.597251][ T6529] vivid-000: Colorspace: sRGB
[   51.598561][ T6529] vivid-000: Transfer Function: Default
[   51.600576][ T6529] vivid-000: Y'CbCr Encoding: Default
[   51.602079][ T6529] vivid-000: HSV Encoding: Hue 0-179
[   51.603567][ T6529] vivid-000: Quantization: Default
[   51.604988][ T6529] vivid-000: Apply Alpha To Red Only: false
[   51.606627][ T6529] vivid-000: Standard Aspect Ratio: 4x3
[   51.608233][ T6529] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[   51.610673][ T6529] vivid-000: DV Timings: 640x480p59 inactive
[   51.612351][ T6529] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[   51.614574][ T6529] vivid-000: Maximum EDID Blocks: 2
[   51.616023][ T6529] vivid-000: Limited RGB Range (16-235): false
[   51.617743][ T6529] vivid-000: Rx RGB Quantization Range: Automatic
[   51.619683][ T6529] vivid-000: Power Present: 0x00000001
[   51.621205][ T6529] tpg source WxH: 640x360 (Y'CbCr)
[   51.622610][ T6529] tpg field: 1
[   51.623806][ T6529] tpg crop: 640x360@0x0
[   51.624971][ T6529] tpg compose: 640x360@0x0
[   51.626219][ T6529] tpg colorspace: 8
[   51.627598][ T6529] tpg transfer function: 0/0
[   51.628967][ T6529] tpg Y'CbCr encoding: 0/0
[   51.630302][ T6529] tpg quantization: 0/0
[   51.631474][ T6529] tpg RGB range: 0/2
[   51.632522][ T6529] vivid-000: ==================  END STATUS  ==================
[   52.479967][ T5977] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   52.542189][ T6571] binder: 6568:6571 ioctl c0306201 20000580 returned -14
[   53.139624][ T5938] Bluetooth: hci0: command tx timeout
[   53.348727][ T6591] netlink: 28 bytes leftover after parsing attributes in process `syz.4.133'.
[   53.358148][ T6591] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   53.634586][ T6594] ieee802154 phy1 wpan1: encryption failed: -22
[   53.637221][ T6594] blktrace: Concurrent blktraces are not allowed on pmem0
[   54.523266][ T6632] ieee802154 phy1 wpan1: encryption failed: -22
[   54.525808][ T6632] blktrace: Concurrent blktraces are not allowed on pmem0
[   54.594439][ T6647] FAULT_INJECTION: forcing a failure.
[   54.594439][ T6647] name failslab, interval 1, probability 0, space 0, times 0
[   54.599000][ T6647] CPU: 1 UID: 0 PID: 6647 Comm: syz.3.151 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0
[   54.602612][ T6647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   54.606281][ T6647] Call Trace:
[   54.607452][ T6647]  <TASK>
[   54.608445][ T6647]  dump_stack_lvl+0x16c/0x1f0
[   54.610119][ T6647]  should_fail_ex+0x497/0x5b0
[   54.611815][ T6647]  ? fs_reclaim_acquire+0xae/0x150
[   54.613636][ T6647]  should_failslab+0xc2/0x120
[   54.615306][ T6647]  __kmalloc_noprof+0xce/0x4f0
[   54.616998][ T6647]  ? __list_lru_init+0xe8/0x4c0
[   54.618719][ T6647]  __list_lru_init+0xe8/0x4c0
[   54.620374][ T6647]  alloc_super+0x909/0xbd0
[   54.621895][ T6647]  ? __pfx_super_s_dev_test+0x10/0x10
[   54.623402][ T6647]  sget_fc+0x116/0xb90
[   54.624533][ T6647]  ? __pfx_super_s_dev_set+0x10/0x10
[   54.626304][ T6647]  sget_dev+0x9c/0xe0
[   54.627409][ T6647]  ? __pfx_sget_dev+0x10/0x10
[   54.628582][ T6647]  ? vfs_parse_fs_string+0xfb/0x150
[   54.629910][ T6647]  nilfs_get_tree+0x1d3/0x10f0
[   54.631163][ T6647]  ? __pfx_aa_get_newest_label+0x10/0x10
[   54.632693][ T6647]  ? __pfx_nilfs_get_tree+0x10/0x10
[   54.634532][ T6647]  ? apparmor_capable+0x114/0x1d0
[   54.636309][ T6647]  ? bpf_lsm_capable+0x9/0x10
[   54.637958][ T6647]  vfs_get_tree+0x8f/0x380
[   54.639171][ T6647]  path_mount+0x6e1/0x1f10
[   54.640374][ T6647]  ? kmem_cache_free+0x152/0x4c0
[   54.641635][ T6647]  ? __pfx_path_mount+0x10/0x10
[   54.642993][ T6647]  ? putname+0x13c/0x180
[   54.644083][ T6647]  __ia32_sys_mount+0x292/0x310
[   54.645322][ T6647]  ? __pfx___ia32_sys_mount+0x10/0x10
[   54.646698][ T6647]  __do_fast_syscall_32+0x73/0x120
[   54.648027][ T6647]  do_fast_syscall_32+0x32/0x80
[   54.649278][ T6647]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   54.651215][ T6647] RIP: 0023:0xf7fcf579
[   54.652655][ T6647] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   54.658756][ T6647] RSP: 002b:00000000f512655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[   54.660961][ T6647] RAX: ffffffffffffffda RBX: 0000000020000380 RCX: 0000000020000100
[   54.663393][ T6647] RDX: 0000000020000b00 RSI: 0000000000000000 RDI: 0000000020000980
[   54.666137][ T6647] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   54.668824][ T6647] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   54.672231][ T6647] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   54.672269][ T6647]  </TASK>
[   55.083691][ T6669] netlink: 8 bytes leftover after parsing attributes in process `syz.0.162'.
[   55.087075][ T6669] FAULT_INJECTION: forcing a failure.
[   55.087075][ T6669] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.093288][ T6669] CPU: 0 UID: 0 PID: 6669 Comm: syz.0.162 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0
[   55.096241][ T6669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   55.099212][ T6669] Call Trace:
[   55.100168][ T6669]  <TASK>
[   55.101017][ T6669]  dump_stack_lvl+0x16c/0x1f0
[   55.102331][ T6669]  should_fail_ex+0x497/0x5b0
[   55.103812][ T6669]  _copy_to_user+0x32/0xd0
[   55.105088][ T6669]  simple_read_from_buffer+0xd0/0x160
[   55.106573][ T6669]  proc_fail_nth_read+0x198/0x270
[   55.107977][ T6669]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   55.109531][ T6669]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   55.111070][ T6669]  vfs_read+0x1df/0xbe0
[   55.112221][ T6669]  ? __fget_files+0x1fc/0x3a0
[   55.113545][ T6669]  ? __pfx___mutex_lock+0x10/0x10
[   55.114985][ T6669]  ? __pfx_vfs_read+0x10/0x10
[   55.116299][ T6669]  ? __fget_files+0x206/0x3a0
[   55.117627][ T6669]  ksys_read+0x12b/0x250
[   55.118825][ T6669]  ? __pfx_ksys_read+0x10/0x10
[   55.120158][ T6669]  __do_fast_syscall_32+0x73/0x120
[   55.121606][ T6669]  do_fast_syscall_32+0x32/0x80
[   55.122971][ T6669]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   55.124736][ T6669] RIP: 0023:0xf706e579
[   55.125912][ T6669] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   55.131222][ T6669] RSP: 002b:00000000f5060590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   55.133513][ T6669] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5060620
[   55.135795][ T6669] RDX: 000000000000000f RSI: 00000000f73a3ff4 RDI: 0000000000000000
[   55.137960][ T6669] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[   55.140114][ T6669] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   55.142310][ T6669] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   55.144587][ T6669]  </TASK>
[   55.161127][ T6665] ieee802154 phy1 wpan1: encryption failed: -22
[   55.215820][   T39] audit: type=1400 audit(1735092992.268:5): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=6680 comm="syz.1.166"
[   55.220225][ T5938] Bluetooth: hci0: command tx timeout
[   55.281338][ T6689] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   55.285094][ T6689] FAULT_INJECTION: forcing a failure.
[   55.285094][ T6689] name failslab, interval 1, probability 0, space 0, times 0
[   55.288606][ T6689] CPU: 3 UID: 0 PID: 6689 Comm: syz.0.169 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0
[   55.291487][ T6689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   55.294419][ T6689] Call Trace:
[   55.295358][ T6689]  <TASK>
[   55.296174][ T6689]  dump_stack_lvl+0x16c/0x1f0
[   55.297447][ T6689]  should_fail_ex+0x497/0x5b0
[   55.298776][ T6689]  ? fs_reclaim_acquire+0xae/0x150
[   55.300197][ T6689]  should_failslab+0xc2/0x120
[   55.301523][ T6689]  kmem_cache_alloc_node_noprof+0x72/0x3b0
[   55.303132][ T6689]  ? __alloc_skb+0x2b3/0x380
[   55.304426][ T6689]  __alloc_skb+0x2b3/0x380
[   55.305682][ T6689]  ? __pfx___alloc_skb+0x10/0x10
[   55.307075][ T6689]  ? lock_acquire+0x2f/0xb0
[   55.308354][ T6689]  netlink_alloc_large_skb+0x69/0x130
[   55.309840][ T6689]  netlink_sendmsg+0x689/0xd70
[   55.311331][ T6689]  ? __pfx_netlink_sendmsg+0x10/0x10
[   55.312804][ T6689]  ____sys_sendmsg+0x9ae/0xb40
[   55.314210][ T6689]  ? __pfx_____sys_sendmsg+0x10/0x10
[   55.315743][ T6689]  ? get_compat_msghdr+0x11b/0x170
[   55.317211][ T6689]  ___sys_sendmsg+0x135/0x1e0
[   55.318558][ T6689]  ? __pfx____sys_sendmsg+0x10/0x10
[   55.320059][ T6689]  ? __pfx_lock_release+0x10/0x10
[   55.321482][ T6689]  ? trace_lock_acquire+0x14e/0x1f0
[   55.322959][ T6689]  ? __fget_files+0x206/0x3a0
[   55.324311][ T6689]  __sys_sendmsg+0x16e/0x220
[   55.325645][ T6689]  ? __pfx___sys_sendmsg+0x10/0x10
[   55.327094][ T6689]  __do_fast_syscall_32+0x73/0x120
[   55.328560][ T6689]  do_fast_syscall_32+0x32/0x80
[   55.329936][ T6689]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   55.331743][ T6689] RIP: 0023:0xf706e579
[   55.332905][ T6689] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   55.338335][ T6689] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   55.340713][ T6689] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000020000540
[   55.342965][ T6689] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   55.345244][ T6689] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   55.347502][ T6689] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   55.349763][ T6689] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   55.352472][ T6689]  </TASK>
[   55.434048][ T6700] netlink: 256 bytes leftover after parsing attributes in process `syz.0.173'.
[   55.585530][ T6708] ieee802154 phy1 wpan1: encryption failed: -22
[   56.015247][ T6725] netlink: 28 bytes leftover after parsing attributes in process `syz.3.181'.
[   56.017907][ T6725] netlink: 8 bytes leftover after parsing attributes in process `syz.3.181'.
[   56.208437][ T6730] netlink: 8 bytes leftover after parsing attributes in process `syz.0.183'.
[   56.339584][ T5826] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   56.469648][ T5826] usb 8-1: device descriptor read/64, error -71
[   56.589023][ T6736] netlink: 'syz.4.187': attribute type 4 has an invalid length.
[   56.709685][ T5826] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[   56.849881][ T5826] usb 8-1: device descriptor read/64, error -71
[   56.974465][ T5826] usb usb8-port1: attempt power cycle
[   57.055201][ T6761] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   57.319597][ T5826] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[   57.340102][ T5826] usb 8-1: device descriptor read/8, error -71
[   57.600033][ T5826] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[   57.631119][ T5826] usb 8-1: device descriptor read/8, error -71
[   57.749912][ T5826] usb usb8-port1: unable to enumerate USB device
[   58.141727][ T6785] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   58.253614][ T6789] 9p: Unknown uid 00000000004294967295
[   58.609583][   T64] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   58.759604][   T64] usb 5-1: Using ep0 maxpacket: 8
[   58.764715][   T64] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   58.768515][   T64] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   58.772405][   T64] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   58.776174][   T64] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   58.781108][   T64] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   58.784502][   T64] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.789557][ T1326] usb 9-1: new low-speed USB device number 2 using dummy_hcd
[   58.951433][ T1326] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[   58.953766][ T1326] usb 9-1: config 0 has no interface number 0
[   58.955604][ T1326] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[   58.958714][ T1326] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[   58.961929][ T1326] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   58.964536][ T1326] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   58.967914][ T1326] usb 9-1: config 0 descriptor??
[   58.969701][ T6796] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[   58.974067][ T1326] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[   58.995500][   T64] usb 5-1: usb_control_msg returned -32
[   58.997178][   T64] usbtmc 5-1:16.0: can't read capabilities
[   58.998413][ T6794] netlink: 16 bytes leftover after parsing attributes in process `syz.0.202'.
[   59.116414][ T6803] netlink: 4 bytes leftover after parsing attributes in process `syz.3.206'.
[   59.121264][ T6803] netlink: 8 bytes leftover after parsing attributes in process `syz.3.206'.
[   59.176280][ T2175] usb 9-1: USB disconnect, device number 2
[   59.178108][    C3] iowarrior 9-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[   59.489591][   T35] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[   59.652691][   T35] usb 8-1: Using ep0 maxpacket: 8
[   59.655433][   T35] usb 8-1: config 167 has too many interfaces: 202, using maximum allowed: 32
[   59.657972][   T35] usb 8-1: config 167 has 1 interface, different from the descriptor's value: 202
[   59.662215][   T35] usb 8-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice=fe.29
[   59.664884][   T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   59.667154][   T35] usb 8-1: Product: syz
[   59.668382][   T35] usb 8-1: Manufacturer: syz
[   59.669894][   T35] usb 8-1: SerialNumber: syz
[   59.680874][   T35] dvb-usb: found a 'Unknown USB1.1 DVB-T device ???? please report the name to the author' in warm state.
[   59.684504][   T35] dvb-usb: bulk message failed: -22 (3/0)
[   59.703351][   T35] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   59.706503][   T35] dvbdev: DVB: registering new adapter (Unknown USB1.1 DVB-T device ???? please report the name to the author)
[   59.710533][   T35] usb 8-1: media controller created
[   59.718092][   T35] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   59.725790][   T35] dvb-usb: bulk message failed: -22 (6/0)
[   59.728358][   T35] dvb-usb: no frontend was attached by 'Unknown USB1.1 DVB-T device ???? please report the name to the author'
[   59.733925][   T35] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input5
[   59.741833][   T35] dvb-usb: schedule remote query interval to 150 msecs.
[   59.747380][   T35] dvb-usb: bulk message failed: -22 (3/0)
[   59.769575][   T35] dvb-usb: Unknown USB1.1 DVB-T device ???? please report the name to the author successfully initialized and connected.
[   59.887947][   T30] usb 8-1: USB disconnect, device number 6
[   59.911251][   T30] dvb-usb: Unknown USB1.1 DVB-T device ???? please successfully deinitialized and disconnected.
[   60.021821][ T6819] netlink: 24 bytes leftover after parsing attributes in process `syz.4.210'.
[   60.350846][ T6831] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.428382][ T6831] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.504833][ T6831] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.551604][ T6842] lo speed is unknown, defaulting to 1000
[   60.555352][ T6842] lo speed is unknown, defaulting to 1000
[   60.557259][ T6842] lo speed is unknown, defaulting to 1000
[   60.590838][ T6831] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.591917][ T6842] infiniband s
z1: set active
[   60.596750][ T6842] infiniband s
z1: added lo
[   60.601030][   T30] lo speed is unknown, defaulting to 1000
[   60.618305][ T6842] RDS/IB: s
z1: added
[   60.619918][ T6842] smc: adding ib device s
z1 with port count 1
[   60.621763][ T6842] smc:    ib device s
z1 port 1 has pnetid 
[   60.624561][ T6842] lo speed is unknown, defaulting to 1000
[   60.643437][   T30] lo speed is unknown, defaulting to 1000
[   60.667772][ T6831] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   60.670960][ T6842] lo speed is unknown, defaulting to 1000
[   60.673678][ T6831] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   60.680485][ T6831] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   60.686793][ T6831] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   60.714712][ T6842] lo speed is unknown, defaulting to 1000
[   60.785135][ T6842] lo speed is unknown, defaulting to 1000
[   61.139610][   T30] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   61.299661][   T30] usb 6-1: Using ep0 maxpacket: 16
[   61.302370][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   61.305619][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   61.308492][   T30] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[   61.312589][   T30] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[   61.315230][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.319881][   T30] usb 6-1: config 0 descriptor??
[   61.361330][ T6879] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   61.369777][ T5826] usb 5-1: USB disconnect, device number 4
[   61.444967][ T6885] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   61.447647][ T6885] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[   61.450452][ T6885] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   61.709749][ T5826] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   61.727178][   T39] audit: type=1800 audit(1735092998.778:6): pid=6897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.224" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[   61.736642][   T30] shield 0003:0955:7214.0002: unknown main item tag 0x0
[   61.738724][   T30] shield 0003:0955:7214.0002: unknown main item tag 0x0
[   61.741103][   T30] shield 0003:0955:7214.0002: unknown main item tag 0x0
[   61.743088][   T30] shield 0003:0955:7214.0002: unknown main item tag 0x0
[   61.743787][ T6899] smc: removing ib device s
z1
[   61.744977][   T30] shield 0003:0955:7214.0002: unknown main item tag 0x0
[   61.753940][   T30] input: HID 0955:7214 Haptics as /devices/virtual/input/input6
[   61.769869][   T30] shield 0003:0955:7214.0002: Registered Thunderstrike controller
[   61.775513][   T30] shield 0003:0955:7214.0002: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0
[   61.939790][ T5826] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   61.956940][ T5826] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   61.960938][ T5826] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   61.964208][ T5826] usb 5-1: Product: syz
[   61.965930][ T5826] usb 5-1: Manufacturer: syz
[   61.967614][ T5826] usb 5-1: SerialNumber: syz
[   61.974047][ T6862] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.976730][ T6862] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.141290][ T6920] netlink: 20 bytes leftover after parsing attributes in process `syz.3.226'.
[   62.191233][   T63] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[   62.194687][   T30] usb 6-1: USB disconnect, device number 2
[   62.200210][   T63] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   62.203407][   T63] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   62.206505][   T63] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   62.728455][ T6932] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   62.730613][ T6932] IPv6: NLM_F_CREATE should be set when creating new route
[   63.000734][ T5826] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[   63.002668][ T5826] cdc_ncm 5-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[   63.004819][ T5826] cdc_ncm 5-1:1.0: setting rx_max = 2048
[   63.112442][ T6948] binder: BINDER_SET_CONTEXT_MGR already set
[   63.114469][ T6948] binder: 6947:6948 ioctl 4018620d 200001c0 returned -16
[   63.405807][ T6883] (syz.0.219,6883,2):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "ßÕ~gžœ<+‹€( ™.µ1 1'êƉÇ9T¬»¬ª" or missing value
[   63.410259][ T6883] (syz.0.219,6883,2):ocfs2_fill_super:1178 ERROR: status = -22
[   63.422842][ T6883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.426225][ T6883] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.429747][ T5826] cdc_ncm 5-1:1.0: setting tx_max = 184
[   63.437645][ T5826] cdc_ncm 5-1:1.0 eth6: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[   63.444513][ T5826] usb 5-1: USB disconnect, device number 5
[   63.446561][ T5826] cdc_ncm 5-1:1.0 eth6: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP)
[   64.034165][ T6975] netlink: 'syz.4.241': attribute type 5 has an invalid length.
[   64.087382][ T6983] No control pipe specified
[   64.189659][   T63] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   64.191299][ T6988] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   64.194091][ T6988] IPv6: NLM_F_CREATE should be set when creating new route
[   64.319043][ T6994] binder: 6993:6994 ioctl c0306201 0 returned -14
[   64.369573][   T30] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[   64.371887][   T63] usb 5-1: Using ep0 maxpacket: 16
[   64.374830][   T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   64.378388][   T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   64.381517][   T63] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[   64.385306][   T63] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[   64.388055][   T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.392975][   T63] usb 5-1: config 0 descriptor??
[   64.520041][   T30] usb 9-1: too many configurations: 9, using maximum allowed: 8
[   64.523770][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   64.526425][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   64.530547][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[   64.533741][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   64.536364][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   64.539997][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[   64.543306][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   64.545907][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   64.549427][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[   64.552389][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   64.555091][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   64.559051][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[   64.563281][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   64.566916][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   64.571438][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[   64.574566][ T6998] 9pnet_fd: Insufficient options for proto=fd
[   64.577644][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   64.580288][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   64.584065][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[   64.588799][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   64.591528][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   64.595087][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[   64.597859][   T30] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   64.600587][   T30] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   64.604897][   T30] usb 9-1: config 0 interface 0 has no altsetting 0
[   64.609073][ T6998] lo speed is unknown, defaulting to 1000
[   64.611258][ T6998] lo speed is unknown, defaulting to 1000
[   64.613692][   T30] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   64.616354][   T30] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   64.618745][   T30] usb 9-1: Product: syz
[   64.620334][ T6998] lo speed is unknown, defaulting to 1000
[   64.625468][ T6998] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   64.629555][   T30] usb 9-1: Manufacturer: syz
[   64.631304][   T30] usb 9-1: SerialNumber: syz
[   64.633880][   T30] usb 9-1: config 0 descriptor??
[   64.640082][   T30] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[   64.645157][ T6998] lo speed is unknown, defaulting to 1000
[   64.648542][ T6998] lo speed is unknown, defaulting to 1000
[   64.651207][ T6998] lo speed is unknown, defaulting to 1000
[   64.653945][ T6998] lo speed is unknown, defaulting to 1000
[   64.807874][   T63] shield 0003:0955:7214.0003: unknown main item tag 0x0
[   64.810056][   T63] shield 0003:0955:7214.0003: unknown main item tag 0x0
[   64.812165][   T63] shield 0003:0955:7214.0003: unknown main item tag 0x0
[   64.814431][   T63] shield 0003:0955:7214.0003: unknown main item tag 0x0
[   64.816652][   T63] shield 0003:0955:7214.0003: unknown main item tag 0x0
[   64.819610][   T63] input: HID 0955:7214 Haptics as /devices/virtual/input/input7
[   64.827740][   T63] shield 0003:0955:7214.0003: Registered Thunderstrike controller
[   64.830660][   T63] shield 0003:0955:7214.0003: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0
[   64.841789][ T6986] netlink: 'syz.4.245': attribute type 1 has an invalid length.
[   64.844731][ T6986] netlink: 224 bytes leftover after parsing attributes in process `syz.4.245'.
[   64.854466][ T6986] netlink: 176 bytes leftover after parsing attributes in process `syz.4.245'.
[   64.857911][ T6986] netlink: 176 bytes leftover after parsing attributes in process `syz.4.245'.
[   64.862865][ T1326] usb 9-1: USB disconnect, device number 3
[   64.867531][ T1326] yurex 9-1:0.0: USB YUREX #0 now disconnected
[   65.021108][ T6967] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   65.027910][ T6967] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   65.234380][   T64] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[   65.234561][ T1326] usb 5-1: USB disconnect, device number 6
[   65.237587][   T64] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   65.330526][   T64] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   65.334051][   T64] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   65.639600][   T35] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[   65.654718][ T7007] MINIX-fs: blocksize too small for device
[   65.688897][ T7007] syz.3.252: attempt to access beyond end of device
[   65.688897][ T7007] loop3: rw=0, sector=64, nr_sectors = 2 limit=0
[   65.693340][ T7007] isofs_fill_super: bread failed, dev=loop3, iso_blknum=16, block=32
[   65.790977][   T35] usb 9-1: too many configurations: 9, using maximum allowed: 8
[   65.794047][   T35] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   65.796704][   T35] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   65.799949][   T35] usb 9-1: config 0 interface 0 has no altsetting 0
[   65.802925][   T35] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   65.806044][   T35] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   65.807096][ T7010] autofs: Bad value for 'fd'
[   65.809196][   T35] usb 9-1: config 0 interface 0 has no altsetting 0
[   65.813360][   T35] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   65.815990][   T35] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   65.819139][   T35] usb 9-1: config 0 interface 0 has no altsetting 0
[   65.822108][   T35] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   65.825115][   T35] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   65.829159][   T35] usb 9-1: config 0 interface 0 has no altsetting 0
[   65.832313][   T35] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   65.834984][   T35] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   65.838122][   T35] usb 9-1: config 0 interface 0 has no altsetting 0
[   65.841152][   T35] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   65.843779][   T35] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   65.846881][   T35] usb 9-1: config 0 interface 0 has no altsetting 0
[   65.849570][   T35] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   65.852300][   T35] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   65.855403][   T35] usb 9-1: config 0 interface 0 has no altsetting 0
[   65.858284][   T35] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9
[   65.861056][   T35] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   65.864221][   T35] usb 9-1: config 0 interface 0 has no altsetting 0
[   65.867820][   T35] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   65.870691][   T35] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   65.873061][   T35] usb 9-1: Product: syz
[   65.874341][   T35] usb 9-1: Manufacturer: syz
[   65.875700][   T35] usb 9-1: SerialNumber: syz
[   65.880036][   T35] usb 9-1: config 0 descriptor??
[   65.886205][   T35] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0
[   66.090377][ T7004] netlink: 'syz.4.251': attribute type 1 has an invalid length.
[   66.092645][ T7004] netlink: 224 bytes leftover after parsing attributes in process `syz.4.251'.
[   66.599863][ T7022] netlink: 4 bytes leftover after parsing attributes in process `syz.1.257'.
[   66.631779][ T7024] binder: 7023:7024 ioctl c0306201 0 returned -14
[   67.054425][ T7034] netlink: 8 bytes leftover after parsing attributes in process `syz.0.259'.
[   67.499354][ T7039] Illegal XDP return value 220412096 on prog  (id 60) dev N/A, expect packet loss!
[   67.853333][ T7049] autofs: Bad value for 'fd'
[   68.116659][ T7055] netlink: 8 bytes leftover after parsing attributes in process `syz.1.267'.
[   68.147943][ T5977] usb 9-1: USB disconnect, device number 4
[   68.150627][ T5977] yurex 9-1:0.0: USB YUREX #0 now disconnected
[   68.569545][   T30] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   68.705909][ T7061] binder: 7060:7061 ioctl c0306201 0 returned -14
[   68.720717][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   68.723893][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.726701][   T30] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   68.730877][   T30] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   68.734115][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.740924][   T30] usb 5-1: config 0 descriptor??
[   68.834759][   T39] audit: type=1326 audit(1735093005.888:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.1.271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf715e579 code=0x7ffc0000
[   68.840833][   T39] audit: type=1326 audit(1735093005.888:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.1.271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf715e579 code=0x7ffc0000
[   68.846711][   T39] audit: type=1326 audit(1735093005.888:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.1.271" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf715e579 code=0x7ffc0000
[   68.853309][   T39] audit: type=1326 audit(1735093005.888:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.1.271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf715e579 code=0x7ffc0000
[   68.859278][   T39] audit: type=1326 audit(1735093005.888:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.1.271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf715e579 code=0x7ffc0000
[   68.865726][   T39] audit: type=1326 audit(1735093005.888:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.1.271" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf715e579 code=0x7ffc0000
[   68.871771][   T39] audit: type=1326 audit(1735093005.888:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf715e579 code=0x7ffc0000
[   68.878100][   T39] audit: type=1326 audit(1735093005.888:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf715e579 code=0x7ffc0000
[   68.887805][   T39] audit: type=1326 audit(1735093005.888:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf715e579 code=0x7ffc0000
[   68.896457][   T39] audit: type=1326 audit(1735093005.888:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf715e579 code=0x7ffc0000
[   68.936664][ T7069] netlink: 8 bytes leftover after parsing attributes in process `syz.1.273'.
[   68.944703][ T7069] tipc: Started in network mode
[   68.946196][ T7069] tipc: Node identity ac14142f, cluster identity 4711
[   68.948900][ T7069] tipc: New replicast peer: 0.0.0.0
[   68.950739][ T7069] tipc: Enabled bearer <udp:syz2>, priority 10
[   68.953368][ T7069] tipc: New replicast peer: 100.1.1.0
[   69.015974][ T7077] autofs: Unknown parameter '0x0000000000000000'
[   69.147816][   T30] usbhid 5-1:0.0: can't add hid device: -71
[   69.149734][   T30] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[   69.162317][   T30] usb 5-1: USB disconnect, device number 7
[   69.522529][ T7096] netlink: 40 bytes leftover after parsing attributes in process `syz.1.282'.
[   69.572944][ T7103] netlink: 'syz.4.283': attribute type 10 has an invalid length.
[   69.575899][ T7103] syz_tun: entered promiscuous mode
[   69.580406][ T7103] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   69.594373][ T7106] autofs: Unknown parameter '0x0000000000000000'
[   69.863599][ T7125] FAULT_INJECTION: forcing a failure.
[   69.863599][ T7125] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.877517][ T7125] CPU: 1 UID: 0 PID: 7125 Comm: syz.4.290 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0
[   69.880609][ T7125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.883736][ T7125] Call Trace:
[   69.884706][ T7125]  <TASK>
[   69.885589][ T7125]  dump_stack_lvl+0x16c/0x1f0
[   69.887080][ T7125]  should_fail_ex+0x497/0x5b0
[   69.889008][ T7125]  _copy_from_user+0x2e/0xd0
[   69.890366][ T7125]  get_old_itimerspec32+0x83/0x1e0
[   69.891913][ T7125]  ? __pfx_get_old_itimerspec32+0x10/0x10
[   69.893555][ T7125]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   69.895282][ T7125]  __ia32_sys_timerfd_settime32+0x15f/0x280
[   69.897018][ T7125]  ? __pfx___ia32_sys_timerfd_settime32+0x10/0x10
[   69.898978][ T7125]  ? ksys_write+0x1ba/0x250
[   69.900317][ T7125]  __do_fast_syscall_32+0x73/0x120
[   69.901781][ T7125]  do_fast_syscall_32+0x32/0x80
[   69.903240][ T7125]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   69.905037][ T7125] RIP: 0023:0xf7fe4579
[   69.906197][ T7125] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   69.912470][ T7125] RSP: 002b:00000000f50f455c EFLAGS: 00000296 ORIG_RAX: 0000000000000145
[   69.914850][ T7125] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003
[   69.917144][ T7125] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[   69.919432][ T7125] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   69.921696][ T7125] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   69.923987][ T7125] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   69.926243][ T7125]  </TASK>
[   70.080953][ T5977] tipc: Node number set to 2886997039
[   70.752050][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[   70.898460][ T7146] autofs: Unknown parameter '0x0000000000000000'
[   70.949592][   T35] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   71.099963][   T35] usb 5-1: too many configurations: 9, using maximum allowed: 8
[   71.102922][   T35] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   71.105494][   T35] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   71.108766][   T35] usb 5-1: config 0 interface 0 has no altsetting 0
[   71.111731][   T35] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   71.114520][   T35] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   71.117699][   T35] usb 5-1: config 0 interface 0 has no altsetting 0
[   71.120573][   T35] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   71.123240][   T35] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   71.126463][   T35] usb 5-1: config 0 interface 0 has no altsetting 0
[   71.130222][   T35] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   71.134366][   T35] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   71.139420][   T35] usb 5-1: config 0 interface 0 has no altsetting 0
[   71.142021][   T35] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   71.144847][   T35] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   71.148035][   T35] usb 5-1: config 0 interface 0 has no altsetting 0
[   71.150945][   T35] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   71.153569][   T35] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   71.156788][   T35] usb 5-1: config 0 interface 0 has no altsetting 0
[   71.159400][   T35] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   71.162075][   T35] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   71.165210][   T35] usb 5-1: config 0 interface 0 has no altsetting 0
[   71.167958][   T35] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[   71.171440][   T35] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   71.171455][   T35] usb 5-1: config 0 interface 0 has no altsetting 0
[   71.172885][   T35] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   71.179823][   T35] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   71.179835][   T35] usb 5-1: Product: syz
[   71.179843][   T35] usb 5-1: Manufacturer: syz
[   71.179852][   T35] usb 5-1: SerialNumber: syz
[   71.180272][ T7157] netlink: 4 bytes leftover after parsing attributes in process `syz.1.301'.
[   71.180658][   T35] usb 5-1: config 0 descriptor??
[   71.191038][   T35] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[   71.247469][ T7158] netlink: 4 bytes leftover after parsing attributes in process `syz.1.301'.
[   71.396494][ T7141] netlink: 'syz.0.296': attribute type 1 has an invalid length.
[   71.399080][ T7141] netlink: 224 bytes leftover after parsing attributes in process `syz.0.296'.
[   71.414169][ T7141] netlink: 176 bytes leftover after parsing attributes in process `syz.0.296'.
[   71.416837][ T7141] netlink: 176 bytes leftover after parsing attributes in process `syz.0.296'.
[   71.421775][   T35] usb 5-1: USB disconnect, device number 8
[   71.427381][   T35] yurex 5-1:0.0: USB YUREX #0 now disconnected
[   71.965395][ T7171] binder: BINDER_SET_CONTEXT_MGR already set
[   71.967204][ T7171] binder: 7169:7171 ioctl 4018620d 200001c0 returned -16
[   71.997805][ T7173] autofs: Unknown parameter '0x0000000000000000'
[   72.043195][ T7176] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[   72.053488][ T7176] CIFS mount error: No usable UNC path provided in device string!
[   72.053488][ T7176] 
[   72.057821][ T7176] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[   72.112937][ T7181] netlink: 'syz.1.308': attribute type 1 has an invalid length.
[   72.350612][ T7193] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[   72.514512][ T7198] autofs: Unknown parameter '0x0000000000000000'
[   73.029974][   T35] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[   73.065278][ T7221] autofs: Unknown parameter '0x0000000000000000'
[   73.181176][   T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   73.185633][   T35] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   73.188777][   T35] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   73.191712][   T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.195095][   T35] usb 8-1: config 0 descriptor??
[   73.349560][   T30] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   73.500980][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   73.525578][   T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   73.529561][   T30] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[   73.535683][   T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.546479][   T30] usb 5-1: config 0 descriptor??
[   73.770434][   T30] usbhid 5-1:0.0: can't add hid device: -71
[   73.772244][   T30] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[   73.789870][   T30] usb 5-1: USB disconnect, device number 9
[   74.004288][   T35] usbhid 8-1:0.0: can't add hid device: -71
[   74.006065][   T35] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[   74.011548][   T35] usb 8-1: USB disconnect, device number 7
[   74.103887][ T7233] FAULT_INJECTION: forcing a failure.
[   74.103887][ T7233] name failslab, interval 1, probability 0, space 0, times 0
[   74.107863][ T7233] CPU: 2 UID: 0 PID: 7233 Comm: syz.4.329 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0
[   74.110989][ T7233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.114414][ T7233] Call Trace:
[   74.115410][ T7233]  <TASK>
[   74.116275][ T7233]  dump_stack_lvl+0x16c/0x1f0
[   74.117637][ T7233]  should_fail_ex+0x497/0x5b0
[   74.119034][ T7233]  ? fs_reclaim_acquire+0xae/0x150
[   74.121035][ T7233]  should_failslab+0xc2/0x120
[   74.122445][ T7233]  __kmalloc_noprof+0xce/0x4f0
[   74.123982][ T7233]  ? lock_acquire+0x2f/0xb0
[   74.125475][ T7233]  ? __get_fs_type+0x21/0x170
[   74.127080][ T7233]  ? tomoyo_encode2+0x100/0x3e0
[   74.128633][ T7233]  tomoyo_encode2+0x100/0x3e0
[   74.130205][ T7233]  tomoyo_encode+0x2c/0x40
[   74.131530][ T7233]  tomoyo_mount_acl+0x314/0x880
[   74.133080][ T7233]  ? hlock_class+0x4e/0x130
[   74.134548][ T7233]  ? __lock_acquire+0x15a9/0x3c40
[   74.135994][ T7233]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[   74.137534][ T7233]  ? __pfx___lock_acquire+0x10/0x10
[   74.139238][ T7233]  ? stack_trace_save+0x95/0xd0
[   74.140561][ T7233]  ? __pfx_lock_release+0x10/0x10
[   74.142030][ T7233]  ? trace_lock_acquire+0x14e/0x1f0
[   74.143560][ T7233]  ? tomoyo_mount_permission+0x149/0x420
[   74.145155][ T7233]  ? lock_acquire+0x2f/0xb0
[   74.146416][ T7233]  ? tomoyo_mount_permission+0x149/0x420
[   74.147968][ T7233]  tomoyo_mount_permission+0x16e/0x420
[   74.149573][ T7233]  ? tomoyo_mount_permission+0x149/0x420
[   74.151210][ T7233]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[   74.152953][ T7233]  ? get_current_fs_domain+0x184/0x1f0
[   74.154727][ T7233]  security_sb_mount+0x9b/0x260
[   74.156129][ T7233]  path_mount+0x129/0x1f10
[   74.157420][ T7233]  ? kmem_cache_free+0x152/0x4c0
[   74.158998][ T7233]  ? __pfx_path_mount+0x10/0x10
[   74.160508][ T7233]  ? putname+0x13c/0x180
[   74.161793][ T7233]  __ia32_sys_mount+0x292/0x310
[   74.163341][ T7233]  ? __pfx___ia32_sys_mount+0x10/0x10
[   74.165119][ T7233]  __do_fast_syscall_32+0x73/0x120
[   74.166728][ T7233]  do_fast_syscall_32+0x32/0x80
[   74.168174][ T7233]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   74.170186][ T7233] RIP: 0023:0xf7fe4579
[   74.171477][ T7233] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   74.177151][ T7233] RSP: 002b:00000000f513655c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[   74.179823][ T7233] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000200000c0
[   74.182129][ T7233] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000020000100
[   74.184578][ T7233] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   74.187127][ T7233] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   74.189435][ T7233] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   74.191684][ T7233]  </TASK>
[   74.192651][    C2] vkms_vblank_simulate: vblank timer overrun
[   74.524151][ T7254] binder: 7253:7254 ioctl c018620c 20000140 returned -22
[   74.526692][ T7254] netlink: 16 bytes leftover after parsing attributes in process `syz.1.337'.
[   74.554028][ T7256] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 40
[   74.721169][ T7268] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   74.723452][ T7268] IPv6: NLM_F_CREATE should be set when creating new route
[   75.212819][ T7246] Bluetooth: hci0: Opcode 0x0401 failed: -4
[   75.466677][ T7292] capability: warning: `syz.0.347' uses deprecated v2 capabilities in a way that may be insecure
[   75.592175][ T7313] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   75.594651][ T7313] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   75.865405][   T25] cfg80211: failed to load regulatory.db
[   75.898964][ T7327] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[   75.917334][ T7327] FAULT_INJECTION: forcing a failure.
[   75.917334][ T7327] name failslab, interval 1, probability 0, space 0, times 0
[   75.939227][ T7327] CPU: 3 UID: 0 PID: 7327 Comm: syz.4.352 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0
[   75.943559][ T7327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.947850][ T7327] Call Trace:
[   75.949175][ T7327]  <TASK>
[   75.950368][ T7327]  dump_stack_lvl+0x16c/0x1f0
[   75.952302][ T7327]  should_fail_ex+0x497/0x5b0
[   75.954204][ T7327]  should_failslab+0xc2/0x120
[   75.955933][ T7327]  __kmalloc_cache_noprof+0x68/0x420
[   75.958077][ T7327]  sctp_add_bind_addr+0x9d/0x3e0
[   75.960025][ T7327]  sctp_copy_local_addr_list+0x39e/0x5a0
[   75.962220][ T7327]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[   75.964534][ T7327]  ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360
[   75.966756][ T7327]  ? sctp_bind_addr_copy+0xe0/0x530
[   75.968736][ T7327]  sctp_bind_addr_copy+0xe0/0x530
[   75.970690][ T7327]  sctp_connect_new_asoc+0x1d8/0x790
[   75.972742][ T7327]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[   75.975004][ T7327]  ? mark_held_locks+0x9f/0xe0
[   75.976865][ T7327]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[   75.978542][ T7327]  sctp_sendmsg+0x162a/0x1f10
[   75.979833][ T7327]  ? __pfx___lock_acquire+0x10/0x10
[   75.981272][ T7327]  ? __pfx_sctp_sendmsg+0x10/0x10
[   75.982695][ T7327]  ? __pfx___might_resched+0x10/0x10
[   75.984539][ T7327]  ? __pfx_aa_sk_perm+0x10/0x10
[   75.986090][ T7327]  ? __import_iovec+0x1f2/0x6d0
[   75.987622][ T7327]  ? __pfx_sctp_sendmsg+0x10/0x10
[   75.989375][ T7327]  inet_sendmsg+0x119/0x140
[   75.991068][ T7327]  ____sys_sendmsg+0x907/0xb40
[   75.992635][ T7327]  ? __pfx_____sys_sendmsg+0x10/0x10
[   75.994565][ T7327]  ? get_compat_msghdr+0x11b/0x170
[   75.996027][ T7327]  ___sys_sendmsg+0x135/0x1e0
[   75.997601][ T7327]  ? __pfx____sys_sendmsg+0x10/0x10
[   75.999266][ T7327]  ? trace_lock_acquire+0x14e/0x1f0
[   76.000830][ T7327]  __sys_sendmmsg+0x2fa/0x420
[   76.002161][ T7327]  ? __pfx___sys_sendmmsg+0x10/0x10
[   76.003830][ T7327]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   76.005878][ T7327]  ? fput+0x67/0x440
[   76.007141][ T7327]  ? ksys_write+0x1ba/0x250
[   76.008464][ T7327]  ? __pfx_ksys_write+0x10/0x10
[   76.009890][ T7327]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[   76.011560][ T7327]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[   76.013664][ T7327]  __do_fast_syscall_32+0x73/0x120
[   76.015336][ T7327]  do_fast_syscall_32+0x32/0x80
[   76.016653][ T7327]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   76.018469][ T7327] RIP: 0023:0xf7fe4579
[   76.019651][ T7327] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   76.025068][ T7327] RSP: 002b:00000000f513655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[   76.027430][ T7327] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020003c40
[   76.029690][ T7327] RDX: 0000000000000001 RSI: 0000000000000044 RDI: 0000000000000000
[   76.031927][ T7327] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   76.034165][ T7327] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   76.036350][ T7327] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   76.038602][ T7327]  </TASK>
[   76.121072][ T7318] syz.1.348: attempt to access beyond end of device
[   76.121072][ T7318] loop1: rw=0, sector=64, nr_sectors = 2 limit=0
[   76.126238][ T7318] isofs_fill_super: bread failed, dev=loop1, iso_blknum=16, block=32
[   76.246089][ T7302] MINIX-fs: blocksize too small for device
[   76.271583][ T7342] sit0: entered promiscuous mode
[   76.278075][ T7342] netlink: 'syz.3.360': attribute type 1 has an invalid length.
[   76.281272][ T7342] netlink: 1 bytes leftover after parsing attributes in process `syz.3.360'.
[   76.296583][ T7342] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[   76.299727][ T7342] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   76.300830][ T7342] vhci_hcd vhci_hcd.0: Device attached
[   76.333421][ T7349] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[   76.429662][ T5938] Bluetooth: hci0: command 0x0401 tx timeout
[   76.432086][ T7344] vhci_hcd: connection closed
[   76.437367][   T65] vhci_hcd: stop threads
[   76.441614][   T65] vhci_hcd: release socket
[   76.443095][   T65] vhci_hcd: disconnect device
[   76.506479][ T5998] IPVS: starting estimator thread 0...
[   76.510714][ T7355] tipc: Started in network mode
[   76.512172][ T7355] tipc: Node identity ac1414aa, cluster identity 4711
[   76.515076][ T7355] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   76.517171][ T7355] tipc: Enabled bearer <udp:s>, priority 10
[   76.599760][ T7360] IPVS: using max 41 ests per chain, 98400 per kthread
[   76.649759][    C0] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   76.789557][    C0] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   76.929660][    C0] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   77.005964][ T7374] netlink: 'syz.3.368': attribute type 10 has an invalid length.
[   77.008739][ T7374] syz_tun: entered promiscuous mode
[   77.013972][ T7374] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   77.069571][    C0] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   77.219537][    C0] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   77.359678][    C0] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   77.463290][ T7393] ieee802154 phy1 wpan1: encryption failed: -22
[   77.499599][    C0] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   77.733627][ T1326] tipc: Node number set to 2886997162
[   77.789594][    C0] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   78.059612][    C0] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[   78.230423][ T7412] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   78.235070][ T7412] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   78.618188][ T7421] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   78.707855][ T7420] 
[   78.708612][ T7420] =============================
[   78.710021][ T7420] [ BUG: Invalid wait context ]
[   78.711449][ T7420] 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0 Not tainted
[   78.714382][ T7420] -----------------------------
[   78.716356][ T7420] syz.0.384/7420 is trying to lock:
[   78.717870][ T7420] ffff888023fdef18 (&sighand->siglock){-.-.}-{3:3}, at: __lock_task_sighand+0xc2/0x340
[   78.720674][ T7420] other info that might help us debug this:
[   78.722380][ T7420] context-{5:5}
[   78.723419][ T7420] 4 locks held by syz.0.384/7420:
[   78.724953][ T7420]  #0: ffff8880450340a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_handle_tw_list+0x27c/0x540
[   78.728399][ T7420]  #1: ffff88805eaf98c0 (&acct->lock){+.+.}-{2:2}, at: io_wq_enqueue+0x20a/0xb30
[   78.731908][ T7420]  #2: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590
[   78.735110][ T7420]  #3: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: __lock_task_sighand+0x3f/0x340
[   78.738716][ T7420] stack backtrace:
[   78.740165][ T7420] CPU: 3 UID: 0 PID: 7420 Comm: syz.0.384 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0
[   78.744072][ T7420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.748007][ T7420] Call Trace:
[   78.749085][ T7420]  <TASK>
[   78.749979][ T7420]  dump_stack_lvl+0x116/0x1f0
[   78.751378][ T7420]  __lock_acquire+0x878/0x3c40
[   78.752780][ T7420]  ? __pfx___lock_acquire+0x10/0x10
[   78.754290][ T7420]  ? __pfx___lock_acquire+0x10/0x10
[   78.756117][ T7420]  ? mark_lock+0xb5/0xc60
[   78.757469][ T7420]  ? mark_lock+0xb5/0xc60
[   78.758828][ T7420]  lock_acquire.part.0+0x11b/0x380
[   78.760465][ T7420]  ? __lock_task_sighand+0xc2/0x340
[   78.762255][ T7420]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   78.764409][ T7420]  ? rcu_is_watching+0x12/0xc0
[   78.766212][ T7420]  ? trace_lock_acquire+0x14e/0x1f0
[   78.768228][ T7420]  ? trace_lock_acquire+0x14e/0x1f0
[   78.770190][ T7420]  ? __lock_task_sighand+0xc2/0x340
[   78.771993][ T7420]  ? lock_acquire+0x2f/0xb0
[   78.773736][ T7420]  ? __lock_task_sighand+0xc2/0x340
[   78.775570][ T7420]  _raw_spin_lock_irqsave+0x3a/0x60
[   78.777081][ T7420]  ? __lock_task_sighand+0xc2/0x340
[   78.778685][ T7420]  __lock_task_sighand+0xc2/0x340
[   78.780571][ T7420]  group_send_sig_info+0x290/0x300
[   78.782313][ T7420]  ? __pfx_group_send_sig_info+0x10/0x10
[   78.783946][ T7420]  ? __pfx___lock_acquire+0x10/0x10
[   78.785472][ T7420]  ? hlock_class+0x4e/0x130
[   78.786779][ T7420]  ? __lock_acquire+0xcc5/0x3c40
[   78.788201][ T7420]  bpf_send_signal_common+0x415/0x520
[   78.789768][ T7420]  ? __pfx_bpf_send_signal_common+0x10/0x10
[   78.791475][ T7420]  ? trace_lock_acquire+0x14e/0x1f0
[   78.792988][ T7420]  ? bpf_trace_run2+0x1c2/0x590
[   78.794395][ T7420]  bpf_send_signal+0x1d/0x30
[   78.795766][ T7420]  bpf_prog_631417f49dd64198+0x25/0x48
[   78.797332][ T7420]  bpf_trace_run2+0x231/0x590
[   78.798744][ T7420]  ? __pfx_bpf_trace_run2+0x10/0x10
[   78.800261][ T7420]  ? hlock_class+0x4e/0x130
[   78.801585][ T7420]  trace_contention_end.constprop.0+0xf0/0x170
[   78.803358][ T7420]  __pv_queued_spin_lock_slowpath+0x27e/0xc90
[   78.805112][ T7420]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[   78.807012][ T7420]  ? lock_acquire.part.0+0x11b/0x380
[   78.808552][ T7420]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   78.810179][ T7420]  do_raw_spin_lock+0x210/0x2c0
[   78.811621][ T7420]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   78.813169][ T7420]  ? lock_acquire+0x2f/0xb0
[   78.814491][ T7420]  ? io_wq_enqueue+0x20a/0xb30
[   78.816047][ T7420]  io_wq_enqueue+0x20a/0xb30
[   78.817515][ T7420]  ? io_arm_poll_handler+0x133/0xc60
[   78.819033][ T7420]  ? __pfx_io_wq_enqueue+0x10/0x10
[   78.820474][ T7420]  ? __pfx_io_wq_work_match_item+0x10/0x10
[   78.822102][ T7420]  ? io_prep_async_work+0x54c/0x770
[   78.823560][ T7420]  io_queue_iowq+0x28b/0x5c0
[   78.824862][ T7420]  io_queue_async+0x1e7/0x420
[   78.826180][ T7420]  io_req_task_submit+0x1c8/0x1f0
[   78.827606][ T7420]  ? __pfx_io_req_task_submit+0x10/0x10
[   78.829191][ T7420]  io_handle_tw_list+0x4c3/0x540
[   78.830647][ T7420]  ? __pfx_io_handle_tw_list+0x10/0x10
[   78.832202][ T7420]  ? lock_acquire.part.0+0x11b/0x380
[   78.833682][ T7420]  ? find_held_lock+0x2d/0x110
[   78.835069][ T7420]  tctx_task_work_run+0xac/0x390
[   78.836492][ T7420]  tctx_task_work+0x7b/0xd0
[   78.837806][ T7420]  ? __pfx_tctx_task_work+0x10/0x10
[   78.839295][ T7420]  ? _raw_spin_unlock_irq+0x23/0x50
[   78.840764][ T7420]  ? lockdep_hardirqs_on+0x7c/0x110
[   78.842231][ T7420]  task_work_run+0x14e/0x250
[   78.843576][ T7420]  ? __pfx_task_work_run+0x10/0x10
[   78.845061][ T7420]  get_signal+0x1d3/0x2610
[   78.846359][ T7420]  ? __pfx_get_signal+0x10/0x10
[   78.847791][ T7420]  ? fput+0x67/0x440
[   78.848917][ T7420]  ? __do_sys_io_uring_enter+0x5fb/0x1620
[   78.850582][ T7420]  arch_do_signal_or_restart+0x90/0x7e0
[   78.852175][ T7420]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   78.853958][ T7420]  ? rcu_is_watching+0x12/0xc0
[   78.855364][ T7420]  syscall_exit_to_user_mode+0x150/0x2a0
[   78.856986][ T7420]  __do_fast_syscall_32+0x80/0x120
[   78.858525][ T7420]  do_fast_syscall_32+0x32/0x80
[   78.859964][ T7420]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   78.861767][ T7420] RIP: 0023:0xf706e579
[   78.862957][ T7420] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   78.868524][ T7420] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa
[   78.870865][ T7420] RAX: 0000000000000200 RBX: 000000000000000a RCX: 00000000000047f6
[   78.873166][ T7420] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   78.875456][ T7420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   78.877767][ T7420] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   78.880049][ T7420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   78.882325][ T7420]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   79.054718][ T6583] bond0: (slave syz_tun): Releasing backup interface
[   79.213116][   T45] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.236017][ T7410] bond0: (slave syz_tun): Releasing backup interface
[   79.291452][   T45] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.423248][   T45] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.501355][   T45] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.620422][   T45] bridge_slave_1: left allmulticast mode
[   79.622624][   T45] bridge_slave_1: left promiscuous mode
[   79.624932][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.628119][   T45] bridge_slave_0: left allmulticast mode
[   79.629932][   T45] bridge_slave_0: left promiscuous mode
[   79.631596][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.748388][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   79.754513][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   79.758838][   T45] bond0 (unregistering): Released all slaves
[   80.025330][   T45] hsr_slave_0: left promiscuous mode
[   80.027546][   T45] hsr_slave_1: left promiscuous mode
[   80.029597][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   80.032307][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[   80.035491][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   80.038055][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[   80.041999][   T45] veth1_macvtap: left promiscuous mode
[   80.043963][   T45] veth0_macvtap: left promiscuous mode
[   80.045639][   T45] veth1_vlan: left promiscuous mode
[   80.047203][   T45] veth0_vlan: left promiscuous mode
[   80.207954][   T45] team0 (unregistering): Port device team_slave_1 removed
[   80.240966][   T45] team0 (unregistering): Port device team_slave_0 removed
[   80.756344][   T45] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.812894][   T45] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.853648][   T45] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.902511][   T45] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.982975][   T45] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.051987][   T45] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.113037][   T45] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.165549][   T45] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.252599][   T45] bridge_slave_1: left allmulticast mode
[   81.254735][   T45] bridge_slave_1: left promiscuous mode
[   81.256831][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.260296][   T45] bridge_slave_0: left allmulticast mode
[   81.261859][   T45] bridge_slave_0: left promiscuous mode
[   81.263880][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.267602][   T45] bridge_slave_1: left allmulticast mode
[   81.269216][   T45] bridge_slave_1: left promiscuous mode
[   81.271733][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.275553][   T45] bridge_slave_0: left allmulticast mode
[   81.277540][   T45] bridge_slave_0: left promiscuous mode
[   81.279834][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.485360][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   81.490065][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   81.494233][   T45] bond0 (unregistering): Released all slaves
[   81.501985][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   81.506221][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   81.510670][   T45] bond0 (unregistering): Released all slaves
[   81.571770][   T45] tipc: Disabling bearer <udp:s>
[   81.573292][   T45] tipc: Left network mode
[   81.574971][   T45] tipc: Disabling bearer <udp:syz2>
[   81.576497][   T45] tipc: Left network mode
[   82.034130][   T45] hsr_slave_0: left promiscuous mode
[   82.035964][   T45] hsr_slave_1: left promiscuous mode
[   82.037708][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   82.039882][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[   82.043203][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   82.045277][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[   82.048487][   T45] hsr_slave_0: left promiscuous mode
[   82.050464][   T45] hsr_slave_1: left promiscuous mode
[   82.052129][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   82.054170][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[   82.056372][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   82.058434][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[   82.062430][   T45] veth1_macvtap: left promiscuous mode
[   82.064010][   T45] veth0_macvtap: left promiscuous mode
[   82.065563][   T45] veth1_vlan: left promiscuous mode
[   82.067049][   T45] veth0_vlan: left promiscuous mode
[   82.068963][   T45] veth1_macvtap: left promiscuous mode
[   82.071095][   T45] veth0_macvtap: left promiscuous mode
[   82.072915][   T45] veth1_vlan: left promiscuous mode
[   82.074539][   T45] veth0_vlan: left promiscuous mode
[   82.240819][   T45] team0 (unregistering): Port device team_slave_1 removed
[   82.275136][   T45] team0 (unregistering): Port device team_slave_0 removed
[   82.648953][   T45] team0 (unregistering): Port device team_slave_1 removed
[   82.681416][   T45] team0 (unregistering): Port device team_slave_0 removed
[   83.387254][   T45] IPVS: stop unused estimator thread 0...

VM DIAGNOSIS:
02:16:55  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff90ada36e RBX=ffffffff902d4ba0 RCX=dffffc0000000000 RDX=1ffffffff205a974
RSI=0000000000000000 RDI=ffffffff902d4ba0 RBP=ffffffff902d4ba0 RSP=ffffc9000395f578
R8 =ffffffff90ada374 R9 =0000000000000000 R10=ffffc9000395f678 R11=0000000000004914
R12=ffffffff902d4ba0 R13=ffffffff8149149b R14=ffffffff902d4ba0 R15=ffffffff902d4ba0
RIP=ffffffff8148e4f0 RFL=00000806 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f7715697280 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c345bca CR3=00000000639a4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000feffff00 Opmask01=000000000000007f Opmask02=00000000fffeff7f Opmask03=0000000008004000
Opmask04=00000000fbfffdff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 003d45444f4d5645 44003d524f4e494d
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc1d640eb0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a2a2a2a2a2a2a 2a2a2a2a2a2a2a2a
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 494349415c434943 4941071614011207
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5c4107001c1b5c40 1207125c415d1542
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 722f766564752f62 696c2f7273752f00 534b4e494c564544 00454d414e564544
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4a414d003d454d 414e564544003d58 45444e494649003d 4550595456454400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4a414d0018454d 414e564544001858 45444e4946490018 4550595456454400
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000031 0000000000000000 34706f6f6c2f6b63 6f6c622f6c617574
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343d730000000000 00005630d2972e10 00007f7700303a31 31622f3530303030
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005630d2963870 00005630d29637f0 00005630d294eb50 00005630d294ead0
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005630d2964ba0 00005630d2964b20 00005630d2963550 00005630d29634f0
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3872563a3872563a 3872563a3872563a 3872563a3872563a 3872563a3872563a
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=dffffc0000000000 RBX=ffff888021064880 RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff81a8de4e RDI=ffff888021064cc4 RBP=00007f7715316b6a RSP=ffffc9000398f608
R8 =0000000000000007 R9 =ffffffffff600000 R10=00007f7715316000 R11=00000000000a2001
R12=ffffffff81852e40 R13=ffffc9000398f738 R14=0000000000000000 R15=ffff888021064880
RIP=ffffffff817f05ba RFL=00000803 [-O----C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f7715697280 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002d8feffc CR3=00000000639a6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefef800 Opmask01=000000000000007f Opmask02=00000000fffeff7f Opmask03=0008004000040442
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 003d45444f4d5645 44003d524f4e494d
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc1d640eb0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6464646464646464 6464646464646464
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff ffffff00ffffff00
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 19694645585e4445 4905194e584b4905
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e445f4559051a04 1a101b071f051b07
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 722f766564752f62 696c2f7273752f00 534b4e494c564544 00454d414e564544
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4a414d003d454d 414e564544003d58 45444e494649003d 4550595456454400
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4a414d0018454d 414e564544001858 45444e4946490018 4550595456454400
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 647261632d736d6b 762d6d726f667461 6c706632785c6874 61702d7962663278
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343d736500000000 00005630d2972e10 00007f771529aa2a 00313a363232632f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a66409aa9a884657 00000005630d2954 00000000000000d1 0000306e00305f65
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 383a3a263d383a3a 263c383a3a263f38 3a3a263e383a3a26 39383a3a2638383a
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000003 RCX=1ffffffff203a2da RDX=ffff88801f230000
RSI=ffffffff81484a34 RDI=ffffffff81484a21 RBP=ffff88805eaf98a8 RSP=ffffc900270bfb28
R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff901ce3d7 R11=0000000000000b8f
R12=0000000000000003 R13=0000000000000003 R14=ffff88802b63fc40 R15=ffffed100bd5f315
RIP=ffffffff81484a36 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000690d2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85142d25 RDI=ffffffff9a667240 RBP=ffffffff9a667200 RSP=ffffc90002ecedd8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=0000000000000034 R14=ffffffff85142cc0 R15=0000000000000000
RIP=ffffffff85142d4f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c01300
GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=00000000690d2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000