last executing test programs:

10.198075005s ago: executing program 0 (id=1046):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000540)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000fef000/0x1000)=nil})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
write$qrtrtun(r3, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r7 = socket$unix(0x1, 0x5, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x62)
io_uring_enter(r3, 0x5869, 0x0, 0x4, 0x0, 0x0)
dup2(r7, r6)

8.548054857s ago: executing program 0 (id=1059):
socket$inet6_tcp(0xa, 0x1, 0x0)
ioperm(0x0, 0x9, 0x5)
inotify_init1(0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x0, "ee471a55b5e2c266422ef07bbfd7a61e37466e060403bbd8115bd48970e86a02"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r0, &(0x7f0000000440)={&(0x7f0000000300)={0x2, 0x4e24, @empty}, 0x10, 0x0}, 0x9d8d2a5017a9ed00)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_getscheduler(0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="2c0000003d0007010000000000000000047c0002040000001400018006000600800a000008001400e0000001"], 0x2c}}, 0x8004)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r6 = getpid()
sendmsg$nl_route(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c0009000000000000007399fbdbdf250008000200", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=r3, @ANYBLOB=' _\x00\x00', @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="080003002c38c3fcab635633e3d91860e27bbde80100f9fbf28414d1b19a177e05bb7baf8e0428ff7ebe78286dd272ffa38c59f2747351127891bd65dfdc1837ddba89c93be3bd6507986722c789ee62492c5fe88779321f6ebb41e2c90adebf769c97dddef339a5f7fd6ae8035c69b858ecf9c0510a8e99d3b55e41c1562659953915ed32fdd29fb1d4653caddaf19051fa2dc360c0674d737f4e5f0931ece2c0c0829fc68cbd643aae31d01eef35909057f607eb55e309fa583865fdcac561c34e0379be0631a91725444cce28e30031545fa6b8297bb53ef38849a7fe2a0a46828a9c28962888c1ef84bd729ab8996d33fa8dbc117bf321cce973a3d23a409424a38dd21c43166a7536f3417d7c302fd60eebf10300c66a01fc507402af32649598fb8f91cad45f898d7e34d7f741ffe401576629fb1680b81730935e86a00663081b9be2fc9fbd", @ANYRES32, @ANYRESDEC, @ANYRES32=r6, @ANYBLOB='\x00\x00\x00'], 0x4c}, 0x1, 0x0, 0x0, 0x20008040}, 0x14)
ioperm(0x0, 0x9, 0x5)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)

7.613518215s ago: executing program 0 (id=1054):
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
close(r0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r2=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000063012400000000000800000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
mq_unlink(0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r5, 0x11b, 0x7, &(0x7f0000001040), 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86, 0x0, 0x0, 0x0, 0x0, 0x1966cd75, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800003, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x641, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff122]}, 0x45c)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0100000004000000e47f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000f000000000000000000020000000000000000000009947c14d463c1fe11604829eb5bdd8a6502d31ff654e53e0e0594100eda1a8cb75df150944829da314dd4035fa0992a26ddce8d11856664e5ad823326bbb05bf40ed47b979b22978aac4c3c88f296d2eb7b0991c52d48127c79dcd5ceb8f9ed24a444fdb4ca060c871c98593341613560d4630f317cb6b8a949bb218a412e26ed2d11a59cd47891b968eaedecb9f05ed5460a347adb54b4db82ef5512330b5b6185e6240acad408ccdee4931773c23afe87068029274837392bb4f46045aa3"], 0x48)
ftruncate(0xffffffffffffffff, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000600)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYBLOB="01000000", @ANYRES32=r7, @ANYBLOB="0c00990000000000000000000800a0004e16000008009f0005000000080026000816"], 0x40}}, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000600)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00', @ANYRES16=r6, @ANYBLOB="00042bbd7000fcdbdf251b00000007002100616100000400cc000400cc000400"], 0x30}, 0x1, 0x0, 0x0, 0x200c004}, 0xc010)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)={0x1c, 0x2c, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x5, 0xb, 0x0, 0x0, @str='\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x404000d}, 0x20000000)

6.247689767s ago: executing program 1 (id=1058):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000001c00)='./file0\x00', 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r3 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r3, &(0x7f0000000380)=[{&(0x7f0000000a40)=""/65, 0x41}], 0x1, 0x6, 0x0)

5.80820218s ago: executing program 3 (id=1061):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xc, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
io_setup(0x4082, &(0x7f0000000380))
unshare(0x400)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x14)

5.267354085s ago: executing program 1 (id=1062):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = gettid()
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000046842, 0x0)
io_setup(0x222, &(0x7f0000000280)=<r3=>0x0)
io_submit(r3, 0x4, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000000)='%', 0x1a000}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x404, 0xfffa}, 0x3d, [0x6, 0xc95a, 0xfffffff3, 0x8, 0x80, 0x6, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0x0, 0xffff2d37, 0x220, 0x6, 0x7, 0x0, 0x80000001, 0x7, 0x7, 0x3, 0x3c5b, 0x1, 0x0, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x10000, 0xe661, 0x4, 0x1000007, 0x4, 0x8001, 0x4c74, 0x8f00, 0x642, 0x6, 0xa, 0x0, 0x71, 0x7, 0x1000007, 0x103, 0x2, 0x5, 0x3d, 0x8f, 0x6, 0x1, 0x4, 0x5, 0x5, 0x5, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x80010002, 0x12b, 0x8000, 0x10, 0xfffffff3, 0xb, 0x3, 0xf9, 0xd, 0x2bf, 0x6c9, 0x1ff, 0xfffffffe, 0x3, 0xcb, 0x7, 0x10000005, 0x2f, 0xe, 0x313, 0x40078, 0xea4, 0x6, 0x4, 0x4, 0x8000, 0x5, 0x400, 0x1, 0x5, 0x400001, 0xfe, 0x1005, 0x7ff, 0x5f31, 0x3, 0xffffffff, 0x6, 0x1000004, 0x9, 0x4, 0x9, 0x8, 0x9, 0x7, 0x5, 0x0, 0x3, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x8, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0xfc], [0x7, 0x1, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x8, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x1, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x40002, 0xf, 0x8, 0x84, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x8004, 0xa2, 0x7, 0x53cf697b, 0x5, 0x4, 0x54fe12da, 0xbf, 0x5, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0xfffffff3, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xfffffffc, 0x5, 0x938, 0x6, 0x6, 0x87, 0x613c, 0xce7, 0x1ff, 0x6, 0x7, 0x8, 0x3, 0x104, 0x80000000, 0x5, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x8000014c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000003, 0x5, 0x8, 0xffffffff, 0x3, 0x3, 0xffff, 0x3, 0x8, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c0b, 0x0, 0x2, 0x5, 0xb1c, 0x1, 0x200, 0xfff, 0x7]}, 0x464)
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x12d8)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r5 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r5, 0x400, 0x0)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r6, &(0x7f0000001440)=""/126, 0x7e, 0x0)

4.567967621s ago: executing program 2 (id=1064):
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x181942, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x22e41, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000004000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff1d6405000000000065040400210000000404000001e37c60b7040000000000006a0a00fe000000008500000032000000b70000000000000095000000000000000ce0de7621e5e832249c04112cf7af2b75d0d1f034b1b3fb6bd3ce8fa62c7941272ff49142d860010ab162aa2264ab67e55a00000000000000edfe0969a9ddc125b686a1e83c8790c893d713b3295dad0ea697181d1e85b64126b5d72f204754d1d4a93f24215dee354e93cfc3f50ff23f8432c72012f021c84c59a9d4c142f439d3040cfee621589fb3a2f1407c7cbed48e7026f8d52d4bca2608c79aa4a73732028f88ce07ed1075da4a2ef44e3d8b88873f0b1de87dfb6d15936ec0a27cb554def9e27396df6b7851ffa26237ea6730880f06371beb3b290b7d8629a6f0373fefa0acb60888fc14ad2b83ca03ac2aee792482ced58af4140cc4ce3efef26e00c5b2200a91cb80c6065a697d6fc8aa8b65aee0783b04cff0218ce82c9687b4474da89c474c23727555fc5e5f8ad0f2f7a261140440fce1f12cc6df312accd011d888384283092d987c40bbb46f68c2431b97906f00000000349834fa147bd5923bbd4e606708034931a8f1a89bdf77093a0000427aab8e21e1a33d3fe093547532fce6549dd648ad233e05a7b3ea178007c1c32e871ac81f287c4aabbd153390b16d1d41ee433e3aee000000000009e106d6b5289f0000000000000000000000f7bc9f46cb71f6b889d37807865e3b4e9916dd0f72c9d58ea333b90f8886dcbf5ddda0e42ca08e3303632401f2f5212b40c0e88c957fd767dbfc80b07ad668b4f6f92fb209d7c2dbac597843c8eb7bf92fe6d0bb0b72549795c2ed19e441eb69869844152ba9da0588e42cdbc5fcd245ce5e3ef0dca64931276702a312db7956f0a75eb9caa17d47a6331c7c963cbf86a845ce27c26b7136d3e7207318b1df7a6320c64f18ccd926eaeddcde8d5006d6c38db117fb1115221a66169172720ccca770bff37e59511b2606138377eda44b2f288b491ab8aae0e11a98303b0e407e0f9d21f4a3ebbd3fabf6da9a1a1f869a339fab465d8322b7280b0734fd115a19b33c8644fff71b3c62f2e1b827e2663e06a751182e968c8ab05fb1d0115d4b11d944f2c06acc023a02b7416a9a10218d21503cda13bb5df6c992e52e1c01793b728eac000058ab3b3900d279297dadc127e2f38fc60c23af2e1fefa5a83456647191ba1953d320f59aa261fe79613df6bf43884e9649691e32680d75a541c27ffe74f9d13340f2cf1c7dc2b7db01213216cd4ecfd30efe137641471987289b7e23482e026b26eacd1b97443e2ea2d1d6e31a01ee0ae7fa195a2152b2338b086423a3883f2ce3e2f84e04f4d52c985eac4b46336908599564b47db0e6aa97ee51a360f4382fd99745725d44c77d097f69d19fe86f71c38a0226d44ebe0ecbd959f14b540745cd03b8c9f02b825ba45ca85706c73115f70871db9d2a1bc2a517b39f9648123917a5db07ba4e27f961373767e1ea8f7cc558e483abef1a9923c5cfa2081e430680950b7d7c377726b557ad31fdee17ba7057741f39d29d8ab295222f96297a777bb235416e72c84afef2bdb08fb375147b028b89f15af45bc8976b91158c13c9876daa71e7db0f5a17376be39ea79ce1246c547c740e31c64e5d293e0e5a544dd166010061d6ccae46c173b8e11721e4bce22c16af00000021f80ac6c3971006db853e3c40a5417d6eac09eb0e01ac6bd4c6dacdcb1d6d2ef9c8bdea91c984022821e961236d08f8b9072ec6cb5d5a68833fd5b4e80a5ac2bc6ff323f5ce612b59ce8177956c1affcc8baf4c8b59ab959aff9a7bd81f7c7c1f1bb92ddbeed6bce8041c7f0c1c584e6ae027678ce3cfbfea938aecc3c5119c5875b7fb35dc20f5c7aaae1e276104f607a73fe501c1045873a2b1eb80e95c87f099d98028dc82bdc7ef08c871fb3061c3c5ebd613e6e5e8cf099bb6e8c0441a133c85138b36a02c47fbedf7ed1d3ce74c9ec2c676c0b2d4b5eca61d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4138ae84, &(0x7f0000000c40)=@x86={0x3, 0xf, 0x8, 0x0, 0x5, 0x4d, 0xfe, 0x3, 0x1, 0x4, 0xd, 0x5, 0x0, 0x5, 0x80000, 0x5, 0xff, 0xc, 0x5, '\x00', 0x5, 0x101})
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x12)
remap_file_pages(&(0x7f000055b000/0x2000)=nil, 0x2000, 0x100000b, 0x20, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r6 = openat$vcsu(0xffffff9c, &(0x7f00000000c0), 0x103000, 0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/rcu_expedited', 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r7, &(0x7f0000000180)=ANY=[@ANYRESOCT=r7, @ANYRESDEC=r7], 0x28)
openat$cgroup_freezer_state(r7, &(0x7f0000000180), 0x2, 0x0)
getsockopt$inet_mreq(r6, 0x0, 0x24, &(0x7f0000000100)={@broadcast, @empty}, &(0x7f0000000140)=0x8)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}, 0x1, 0x0, 0x0, 0x8000}, 0x4008050)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000240), r2)
r8 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'bond0\x00', <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r9, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x6, 0x4, 0x4000000}]}]}]}}]}, 0xa4}}, 0x0)

4.567547088s ago: executing program 3 (id=1065):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'veth0_to_bridge\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = socket$inet6(0xa, 0x80002, 0x0)
r4 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x12, r5, 0x0)
syz_clone3(&(0x7f00000006c0)={0x200, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x7c2, 0x41414770, 0x58595556, 0x425, 0x10001, 0x6, 0x2, 0x1, 0x3, 0x0, 0x6}})
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000280), 0x8)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e24, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

4.561230314s ago: executing program 0 (id=1072):
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
close(r0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r2=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000063012400000000000800000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0)
mq_unlink(0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r5, 0x11b, 0x7, &(0x7f0000001040), 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86, 0x0, 0x0, 0x0, 0x0, 0x1966cd75, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800003, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x641, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffff122]}, 0x45c)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0100000004000000e47f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000f000000000000000000020000000000000000000009947c14d463c1fe11604829eb5bdd8a6502d31ff654e53e0e0594100eda1a8cb75df150944829da314dd4035fa0992a26ddce8d11856664e5ad823326bbb05bf40ed47b979b22978aac4c3c88f296d2eb7b0991c52d48127c79dcd5ceb8f9ed24a444fdb4ca060c871c98593341613560d4630f317cb6b8a949bb218a412e26ed2d11a59cd47891b968eaedecb9f05ed5460a347adb54b4db82ef5512330b5b6185e6240acad408ccdee4931773c23afe87068029274837392bb4f46045aa3"], 0x48)
ftruncate(0xffffffffffffffff, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000600)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYBLOB="01000000", @ANYRES32=r7, @ANYBLOB="0c00990000000000000000000800a0004e16000008009f0005000000080026000816"], 0x40}}, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000600)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00', @ANYRES16=r6, @ANYBLOB="00042bbd7000fcdbdf251b00000007002100616100000400cc000400cc000400"], 0x30}, 0x1, 0x0, 0x0, 0x200c004}, 0xc010)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)={0x1c, 0x2c, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x5, 0xb, 0x0, 0x0, @str='\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x404000d}, 0x20000000)

4.198160524s ago: executing program 1 (id=1066):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, 0x0, &(0x7f0000000000)='GPL\x00', 0xc, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
syz_emit_ethernet(0x40, &(0x7f0000000240)={@link_local={0x3, 0x80, 0xc2, 0x0, 0x0, 0x3}, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x32, 0x64, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0xea452954ff7d0934, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @empty}, "0018"}}}}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
io_setup(0x4082, &(0x7f0000000380))
unshare(0x400)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x7fa962bfffff, 0x13012, r2, 0x0)
madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x14)

4.11860894s ago: executing program 2 (id=1067):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x50, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1, 0x0, 0x0, {{0x7, 0x31, 0x4}}}]}]}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)

3.991428338s ago: executing program 2 (id=1068):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'veth0_to_bridge\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x80002, 0x0)
r5 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x12, r6, 0x0)
syz_clone3(&(0x7f00000006c0)={0x200, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x7c2, 0x41414770, 0x58595556, 0x425, 0x10001, 0x6, 0x2, 0x1, 0x3, 0x0, 0x6}})
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000280), 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e24, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

3.447548067s ago: executing program 3 (id=1069):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x80002, 0x0)
r5 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x12, r6, 0x0)
syz_clone3(&(0x7f00000006c0)={0x200, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x7c2, 0x41414770, 0x58595556, 0x425, 0x10001, 0x6, 0x2, 0x1, 0x3, 0x0, 0x6}})
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000280), 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e24, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2.888731427s ago: executing program 1 (id=1070):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'veth0_to_bridge\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x80002, 0x0)
r5 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x12, r6, 0x0)
syz_clone3(&(0x7f00000006c0)={0x200, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x7c2, 0x41414770, 0x58595556, 0x425, 0x10001, 0x6, 0x2, 0x1, 0x3, 0x0, 0x6}})
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000280), 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e24, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2.638008708s ago: executing program 2 (id=1071):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000001c00)='./file0\x00', 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r3 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r3, &(0x7f0000000380)=[{&(0x7f0000000a40)=""/65, 0x41}], 0x1, 0x6, 0x0)

1.867563593s ago: executing program 3 (id=1073):
socket$inet6_tcp(0xa, 0x1, 0x0)
ioperm(0x0, 0x9, 0x5)
inotify_init1(0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000140)={0x0, 0x1, 0x0, "ee471a55b5e2c266422ef07bbfd7a61e37466e060403bbd8115bd48970e86a02"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r0, &(0x7f0000000440)={&(0x7f0000000300)={0x2, 0x4e24, @empty}, 0x10, 0x0}, 0x9d8d2a5017a9ed00)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_getscheduler(0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="2c0000003d0007010000000000000000047c0002040000001400018006000600800a000008001400e0000001"], 0x2c}}, 0x8004)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r6 = getpid()
sendmsg$nl_route(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c0009000000000000007399fbdbdf250008000200", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=r3, @ANYBLOB=' _\x00\x00', @ANYRES32, @ANYBLOB="08000300", @ANYRES32, @ANYBLOB="080003002c38c3fcab635633e3d91860e27bbde80100f9fbf28414d1b19a177e05bb7baf8e0428ff7ebe78286dd272ffa38c59f2747351127891bd65dfdc1837ddba89c93be3bd6507986722c789ee62492c5fe88779321f6ebb41e2c90adebf769c97dddef339a5f7fd6ae8035c69b858ecf9c0510a8e99d3b55e41c1562659953915ed32fdd29fb1d4653caddaf19051fa2dc360c0674d737f4e5f0931ece2c0c0829fc68cbd643aae31d01eef35909057f607eb55e309fa583865fdcac561c34e0379be0631a91725444cce28e30031545fa6b8297bb53ef38849a7fe2a0a46828a9c28962888c1ef84bd729ab8996d33fa8dbc117bf321cce973a3d23a409424a38dd21c43166a7536f3417d7c302fd60eebf10300c66a01fc507402af32649598fb8f91cad45f898d7e34d7f741ffe401576629fb1680b81730935e86a00663081b9be2fc9fbd3f5137", @ANYRES32, @ANYRESDEC, @ANYRES32=r6, @ANYBLOB='\x00\x00\x00'], 0x4c}, 0x1, 0x0, 0x0, 0x20008040}, 0x14)
ioperm(0x0, 0x9, 0x5)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.626649366s ago: executing program 0 (id=1074):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000540)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000fef000/0x1000)=nil})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
write$qrtrtun(r3, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r7 = socket$unix(0x1, 0x5, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x62)
io_uring_enter(r3, 0x5869, 0x0, 0x4, 0x0, 0x0)
dup2(r7, r6)

1.136324084s ago: executing program 2 (id=1075):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x12, r5, 0x0)
syz_clone3(&(0x7f00000006c0)={0x200, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x7c2, 0x41414770, 0x58595556, 0x425, 0x10001, 0x6, 0x2, 0x1, 0x3, 0x0, 0x6}})

1.126818846s ago: executing program 1 (id=1076):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xc, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
io_setup(0x4082, &(0x7f0000000380))
unshare(0x400)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x14)

977.660496ms ago: executing program 3 (id=1077):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000200)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000300)={{}, {0x77359400}}, 0x0)
modify_ldt$write2(0x11, &(0x7f0000000080)={0x5, 0x20000000, 0xffffffffffffffff, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10)
timer_settime(r2, 0x1, &(0x7f00000001c0)={{}, {0x0, 0x3938700}}, &(0x7f0000000200))
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff})
timer_gettime(r2, 0x0)
syz_pidfd_open(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/fs/cgroup', 0x0, 0x0)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0xed8d, 0x10100, 0x0, 0x87}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r4, 0x0, 0x0, 0x0, {}, 0x1})
ioctl$USBDEVFS_CONTROL(r3, 0xc0105500, &(0x7f0000000340)={0x21, 0x7, 0x81, 0x43, 0xa9, 0x8000, &(0x7f00000000c0)="34365e2f047c704e66923d7727647b1f57cfd1ba171add643946e0bc87f7809160ed54979b7dcac0557c6d2cb14f8709d7b316cd7022e86a0997a69fdf52d46142b15a9383cb582e2eb3bca08ba26b2f90832594bc2689f3263d41ccc64ada9bc9d7f845502fe9012e1baf8b1d4b0b79bdc5873e0b7b52b382a29aed1c4e7fd22a8a8e43448ceb849d8e8ba700e19023a8ba4f1a6eb12d6382746349b750a9610f5d46f6e8f1e77a87"})
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x109000)
r9 = syz_open_dev$dri(&(0x7f00000008c0), 0x105, 0x498180)
setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x2, &(0x7f00000005c0)=0xffbffff9, 0x4)
ioctl$DRM_IOCTL_MODE_GETFB2(r9, 0xc06864ce, &(0x7f0000000200)={0x0, 0x40013e, 0x0, 0x4, 0x2, [], [0xfffffffe, 0x0, 0x0, 0x3], [0x0, 0x3, 0x1000], [0x4, 0x0, 0x10000000000000]})
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x80, 0x4, 0x7fff0000}]})
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r9, 0xc00c642e, &(0x7f0000000300))
io_uring_enter(r6, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x1, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x4, 0x400000000, 0x4, 0x80000000}, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

447.163622ms ago: executing program 0 (id=1078):
socket$pppoe(0x18, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)=@newtaction={0x1038, 0x30, 0x400, 0x0, 0x25dfdbfc, {}, [{0x1024, 0x1, [@m_ct={0x44, 0x6, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_pedit={0xfdc, 0x9, 0x0, 0x0, {{0xa}, {0xecc, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xec8, 0x2, {{{0x59669c59, 0x5, 0x0, 0x6, 0x8}, 0x7, 0x0, [{0x81, 0x0, 0x8, 0x7ff, 0x5, 0x4}, {0x6, 0xffff8000, 0xb, 0xffffff7e, 0x401, 0x3bb}, {0x5, 0x7, 0x4, 0xfffffff2, 0x74, 0x1}, {0x0, 0x101, 0x80000001, 0x2, 0x100, 0x80000001}, {0x91, 0x2, 0x5, 0x7, 0x71b, 0x4}, {0x4, 0x2d9, 0x0, 0x7fff, 0x0, 0x10000}, {0x3, 0x9, 0x7, 0x800, 0x4de, 0x26c}]}, [{0x0, 0x413b, 0x0, 0x81, 0x1, 0x1ff}, {0x10001, 0x4, 0x80000000, 0x5, 0x4, 0xfffffffe}, {0x4, 0x1, 0x1ec, 0xa32, 0xfffffff9, 0x3}, {0x7, 0x40, 0x2a5, 0x96, 0x9, 0x6}, {0x7, 0x7fff, 0x6, 0x0, 0x5, 0x2}, {0x4, 0x1, 0xffffffb7, 0x100, 0x2, 0x75}, {0x64be, 0x8, 0x3cbec4a7, 0xf, 0x8, 0x69ce}, {0xe, 0x8, 0x1, 0x7, 0x13c4f2ca, 0xb}, {0xfffffff9, 0x5, 0x8, 0xe, 0x9, 0x40}, {0x100, 0xffff0553, 0x7fff, 0x10001, 0x3, 0x8}, {0x74d4, 0x9, 0x0, 0xfffffffc, 0xfffffff9, 0x8}, {0x8, 0x7, 0x401, 0xff, 0x808c, 0x1}, {0x400, 0x6, 0x9, 0xc1, 0x1c, 0x1000}, {0x9, 0x9, 0x7, 0x7fffffff, 0xac, 0x2}, {0x1, 0x7fffffff, 0x5, 0x1, 0x6, 0x1}, {0x0, 0x2, 0x10001, 0x7fffffff, 0xffffff7f, 0x400}, {0x0, 0x401, 0xdd, 0x10, 0x9, 0x5}, {0x6d, 0x0, 0xd, 0x101, 0x800, 0x4}, {0x92c, 0x50000, 0x5, 0x1, 0x4, 0xffff}, {0x3ff, 0x7, 0xa28, 0x4, 0x401, 0x10000}, {0xaf84, 0x0, 0xfe, 0x81, 0x7, 0x80000001}, {0x6, 0x4, 0x9, 0x1, 0xffff0000, 0x5dd5}, {0x8001, 0x6, 0x3cb5, 0x0, 0x4, 0x80000000}, {0x4, 0x5, 0xfffffffe, 0xcc1c, 0x80000000, 0x3}, {0x2879, 0x7, 0x4, 0x10001, 0x2, 0xf}, {0x0, 0x2, 0x3, 0xa, 0x1}, {0x4, 0x4, 0xff, 0x9, 0x1, 0xc}, {0xe, 0x5, 0x1, 0x1, 0x9, 0x700a46c5}, {0x1, 0x7, 0xa, 0x200, 0x5, 0x8}, {0x0, 0x5, 0x1, 0x2, 0x7, 0x19e4}, {0x91f, 0x10001, 0x4, 0x757, 0x9, 0xfffffff8}, {0x1, 0x7ff, 0x0, 0x3, 0x0, 0x8}, {0x1, 0x0, 0x6, 0x4, 0xd, 0x55}, {0x8, 0x0, 0x0, 0x0, 0x7fffffff, 0x5}, {0x10000, 0x2, 0x3, 0x0, 0x9, 0x9}, {0xc, 0x7, 0x5, 0x8, 0xe9, 0x3ff}, {0x8, 0xc0, 0x7, 0xfff, 0x0, 0x2}, {0x4, 0x1, 0xd00, 0x9, 0x3, 0x1}, {0xff, 0x8, 0xff, 0xdd60, 0x1, 0x8ad}, {0x4, 0x8, 0x9, 0x0, 0x3c, 0x6}, {0x2df8, 0xf, 0xff, 0xb, 0xd, 0x400}, {0x7fff, 0x1, 0xb, 0x4, 0x4, 0x1}, {0x5, 0x3f53, 0x101, 0x7fff, 0xffff, 0x5}, {0x101, 0x40000000, 0x5, 0x3, 0x50, 0x8001}, {0xfffffffb, 0x8, 0x3, 0xe5e, 0x5}, {0x8, 0x4, 0x4, 0xffff9be2, 0x8, 0x9}, {0x3, 0x2, 0x81, 0x81, 0x100, 0xfd}, {0xc, 0x0, 0x2, 0x4, 0x4, 0x1}, {0x2f7, 0x200, 0xffffffb6, 0x8, 0x6, 0xfffff97c}, {0x400, 0x7612, 0x956, 0x2, 0x7, 0x8}, {0x9, 0x81, 0x0, 0x3, 0x7cdb, 0x45f2}, {0x7ff, 0x394, 0x10000, 0x77, 0x47b8, 0x5}, {0xf6d, 0x3, 0x4, 0x4, 0x4, 0x6}, {0xe, 0xa, 0xc0000, 0x0, 0x0, 0x3}, {0x9, 0xfffffffc, 0x8000, 0x8, 0xa, 0x9}, {0x4, 0x1, 0x3, 0x2, 0xb0e, 0x7}, {0x7, 0x5, 0xbb3, 0x5, 0x1000, 0x3}, {0x459d, 0x122, 0xe, 0x0, 0x9, 0x2}, {0xe, 0x61c, 0xfffffffc, 0xffffffff, 0xf, 0x1b20}, {0x2, 0x7, 0x8, 0x100, 0x3, 0x2}, {0x401, 0x8001, 0x7, 0x7, 0x5, 0x2}, {0x1, 0xe, 0x40, 0x0, 0x8000000}, {0x2, 0x3ff, 0x10000, 0x68, 0x9, 0x6}, {0x2, 0x4, 0x3a, 0x6, 0x6, 0x3}, {0x9, 0x0, 0x46, 0x2, 0x1ff, 0x4}, {0x2, 0x10001, 0xf, 0x6, 0xf6, 0x68c0}, {0x5, 0x60000000, 0x4, 0xe, 0x2b97, 0x5}, {0x33, 0x800, 0x7, 0x5, 0x3, 0x7fffffff}, {0x5316f934, 0x5, 0x7, 0x6, 0xff, 0x8}, {0x8, 0x62, 0x1, 0x978, 0x9, 0x80}, {0x1, 0x8, 0x5, 0x100, 0x8, 0x4}, {0x245, 0x10, 0x10000, 0xd3dc, 0x4}, {0x8, 0x1, 0x8, 0x1, 0x0, 0x3}, {0xc8e355d, 0xfffffffa, 0x0, 0x3, 0x4, 0x9}, {0x3, 0xfffffff8, 0x4, 0xffffff01, 0x4, 0x6}, {0x10, 0x8, 0x0, 0x3, 0x7fff, 0x3}, {0x3, 0x0, 0xe5e6, 0x0, 0x9}, {0xffffff01, 0xff, 0xfffffffd, 0xf, 0x304, 0x3}, {0x800, 0x6, 0x7f, 0x3, 0x1, 0x9}, {0x80, 0x9, 0x4b5, 0x89, 0xfffffff8, 0x4}, {0xd5, 0x0, 0x7, 0x1, 0x6, 0x4}, {0x6, 0x3, 0x6, 0x2, 0x8, 0x8}, {0x10001, 0x4, 0xfffff001, 0x9, 0x6643, 0x7fff}, {0x8, 0xfffffffa, 0xa, 0x6, 0x5, 0x6}, {0x0, 0x0, 0x5f06, 0x8, 0x8, 0xffffffff}, {0x9, 0x9, 0x9, 0x401, 0x2, 0x4}, {0xfffffffc, 0x1000, 0x6, 0xf7, 0x91, 0xfead}, {0x5, 0xba3, 0xffffffff, 0x8, 0x2, 0x9e5}, {0x8, 0x2, 0x1ff, 0x5b6, 0x7, 0x7}, {0x391f, 0xffffff59, 0xf31, 0x8000, 0x101, 0x8859}, {0x8, 0xfffffff9, 0x8, 0xfffffffa, 0xbb6, 0x3b}, {0x3, 0x8, 0x31f, 0x9, 0x4, 0x5}, {0x5, 0x1, 0x7, 0x9bf, 0x7fffffff, 0x3}, {0x8, 0x9, 0x7c, 0x1f, 0x100, 0x3}, {0x8, 0x7fff, 0xfffff00f, 0x4, 0xfffeffff}, {0x6, 0x1580000, 0xf6, 0x9, 0x0, 0x1}, {0xb, 0x80, 0xfffffe01, 0x0, 0xe490}, {0x10000, 0x2, 0xbd, 0xfff, 0xfffff27c, 0x4}, {0xfe89, 0x2, 0x5, 0x4, 0xfde, 0x4}, {0x8d, 0x5, 0xf, 0x0, 0x1ff, 0x3}, {0x2c000000, 0x3, 0x7f, 0x6, 0x93, 0xf}, {0xfffffff9, 0x4ff, 0xe7fa, 0xe9ff, 0x8, 0x9}, {0x2, 0x101, 0x5, 0xeb61, 0x1, 0x565e975c}, {0x5, 0x3, 0x4, 0x3ad, 0x494, 0x6}, {0x9, 0x3, 0x0, 0xc, 0x9, 0x8}, {0x13, 0x7f, 0x8000, 0x3, 0x81}, {0x2, 0x5, 0x0, 0x0, 0xffff0001, 0x3}, {0x3, 0x3, 0x200, 0x12b3, 0x1000, 0x4}, {0x2, 0xfff, 0x2, 0x1, 0x9, 0x9}, {0x9, 0x2f123e8a, 0x8, 0x7ff, 0x2, 0x7980}, {0x8, 0x0, 0x4, 0x2d, 0x6, 0xc0a}, {0x8, 0x10000, 0x7, 0x7, 0x4, 0x101}, {0x6, 0x101, 0x9, 0x164, 0x5, 0x5}, {0x546a, 0x5, 0x31, 0x4, 0x0, 0x1ff}, {0x6f1, 0x6, 0xfffeffff, 0x200, 0x4, 0x8001}, {0x4, 0xd, 0x3, 0x3, 0x2, 0x3}, {0x3, 0xffffffff, 0x0, 0x3}, {0x420e90a6, 0xfffffffa, 0xa27, 0xe9a0, 0xf4, 0x1000}, {0x47d, 0x1, 0xffff, 0x4, 0x60, 0x8000}, {0x2, 0x976, 0x7, 0x4c, 0xf}, {0x3, 0x2, 0xffff80ef, 0x6000, 0x8, 0x3}, {0x0, 0x9, 0x7, 0x3, 0x251, 0x4}, {0xe, 0x8, 0x10000, 0xd, 0x7, 0x120d}, {0x2, 0x4, 0x401, 0x2, 0x3, 0xffff}, {0x5, 0x7ff, 0x0, 0x1, 0x4, 0x6}, {0x1, 0x6, 0x5ad4, 0x5, 0x8, 0x8000}, {0x7, 0x4, 0x1, 0x0, 0xffff, 0x7ff}, {0x10000, 0x6, 0x8, 0x8, 0x3}], [{0x3, 0x1}, {0xe87a40230c1a2e74, 0x1}, {0x4}, {0x4}, {0x1, 0x1}, {}, {0x3}, {0x4, 0x1}, {0x0, 0x1}, {0x3}, {0x2, 0x1}, {0x4}, {0x4}, {0x2, 0x1}, {0x5}, {}, {0x5, 0x1}, {0x3}, {0x4, 0x1}, {0x5}, {0x6}, {0x4, 0x1}, {0x3}, {0x4, 0x43532c2b9b536e3e}, {0x3}, {0x2}, {0x1, 0x1}, {0x5}, {0x2}, {0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x5}, {0x5}, {0x3, 0x1}, {0x0, 0x1}, {0x4}, {0x2, 0x1}, {0x3}, {0x0, 0x1}, {0x2, 0x1}, {}, {0x1}, {}, {0x5}, {0x4, 0x1}, {0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x5}, {0x2, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x3}, {0x1, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x5}, {0x4, 0x1}, {0x0, 0x1}, {0x5}, {0x4, 0x1}, {0x3}, {0x5}, {0x2, 0x1}, {}, {0x4}, {0x2}, {0x2, 0x1}, {0x1}, {0x5}, {0x3, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1}, {0x0, 0x1}, {0x4}, {}, {0x1, 0x1}, {0x3, 0x1}, {0x6, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x2}, {0x2, 0x1}, {0x5}, {}, {0x3}, {0x2, 0x1}, {0x4}, {0x5, 0x1}, {0x4, 0x1}, {}, {}, {0x5, 0x1}, {0x5}, {}, {0x4, 0x1}, {0x1, 0x1}, {0x2}, {0x4}, {0x2, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x4}, {0x2}, {0x3}, {0x2}, {0x1}, {0x5}, {0x0, 0x1}, {0x5}, {0x2, 0x1}], 0x1}}]}, {0xe5, 0x6, "6a9c402c4ad63356a1e7e4f8bab9878c557544b65eeebfa82cfded01ee28f245c639ce107d1230e152d14130e31af32dc09bedd2e52b75d51e8242732c1524ab3ca4ef3685419fc6a95d2c4cf72e58a88ed00edd7f1565bb795cddeededda664549a36a05e78c4a3629bfee6536851a02abc11bbfe872fc400971422e9967cdd8ea02a02e7772bea29cd443ac6a28cb707a92b70562563793ede76b79a5a4e71eaec1a182e7928c74d260eba7e5cd6026ecf3c22d357a39f25806a1d6f318de63f9241155ac7685e532f7c33eb7fba7c6f669bb54c34fefa62093ce455a2d9fdb7"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x1038}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = gettid()
r4 = syz_open_dev$vim2m(0x0, 0x10001, 0x2)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_MM_MAP_SIZE(0x23, 0xf, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x1f3a2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f000001b700)=[{{&(0x7f0000000400)=@abs={0xdf0370136b516df5, 0x0, 0x4e22}, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000480)="a9042b0e835412904bd0a2abb33e2fc5c4ef831b3d06e04e6daa17086a4c5222963414f1613d9db5b338f049a4a7458a731d7e1dfad015a81937e9816135d26888551bdbdd6764d0720d8517b6302f06a7073484e2081e297618", 0x5a}, {&(0x7f0000000500)="84b4728292567fe65950745b96f6bcbe3aa6f0fe9da49a4ae82d963154ef6066587b719c08a4a86d2bd5e3364b13d32c0c26bc3e14a13c78315d74a0acbd0ac61586de4e5ade3eeaeee6c83f3abda7a8c254afa32a06340d6e03528796e86616db65c3973e04fc09c287f20994d7b2223931240ab5261b1c53f69ba1f8045e36a4bdd3c8aa871ca9bbca996e2c6fd00d420b0ec781d582de8d6fb5b3aa3dfa320eecf4adecd3086b052cb1d5a08e5b17d3ed03cd5af7bb2795155036b47946f22d1eb6b7cd690aa2f310f3c500c43a1a13079f6b48c97df4094bd96465708d0e33f22717abe009961f549d39588c45d70b62135227354d", 0xf7}, {&(0x7f0000000600)="0393438fda29c79882", 0x9}, {&(0x7f0000000640)="19030c28e2aecb7c3cc024772f5ac7221bf10c687d05c5930295f0c13754d869dd621b1d428a228cf2eaa8ab702238b95fa27b7ec5824a66076cab728dc83f58f001d78d0ab554b3085528fc134cad295a42d3edfda6e28fa0d43fad319a52b1694ffef2b4cb3db37ae17de573f4d22b273ec336c2fdf630bbc821d9bf0339729841b8b2206c2ad9491dc96b57678fae1050b332f0e0c936", 0x98}, {&(0x7f0000000700)}, {&(0x7f0000000740)="2f34b0ef100812090216e499181766345e6ea7209f99e08d6f0574f99d8bb57d1621e14aa3fa93033de111e9e5d664e267c0e9ed9ba1ec95f844430a580c9dbdb56a7f236845c09b588ad23cf050476c67bf2561db4fa6fcaa0fdaad28660b187d35b9a1fec054d436ee4218588c5d72cd3dd51fe35a968cc5d4e68912460e636fb983588ec11bb6f50f38a9da7a3455d3f663ae77c4377a73a3ee27bc1034c63e1497c6074cf1d207611c389bb11994fdc33bf9200003236be8aa8c099a7fa5", 0xc0}], 0x6, &(0x7f0000002a00)=ANY=[@ANYBLOB="180000000100000001000000", @ANYRES32=r2, @ANYRES32=r5, @ANYRES32=r2, @ANYBLOB="1c0000000100000001000000", @ANYRES32=r4, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=r6, @ANYBLOB="240300"/12, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r5, @ANYRES32=r1, @ANYRES32=r4, @ANYRES32=r2, @ANYBLOB="180000000100000002000000", @ANYRES32=r7, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="140000000100000001000000", @ANYRES32=r4, @ANYRES32=r1], 0x9c, 0x4080}}, {{&(0x7f0000002ac0)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000003040)=[{&(0x7f0000002b40)="030e47c6937513962612b97807339daa99a8aa2abc5708cb9903476da16ce6ad6503afdbd2d7e150da2518008ba720ffb39c44cd74bb1f3e4cd4c8a7b7127a3e7b5876653312e545b60a8942de38efc97510a0bf917ff57a56d67d0013fabaad66c9a37605604b1b6c840de637a4", 0x6e}, {&(0x7f0000002bc0)="c20cda3c9b4e8f73ea492d86830f9eee86ea337a8fa7931a806cbe0e8bcb29a0350030f3e79914a25f0d4575e1c91cbaa5a354caec5b4252d57d6ce3d9f88b", 0x3f}, {&(0x7f0000002c00)="a856b56faa39794891291ed1c0c20579f4b09ba22d596c846a3872c2ba11731da4c9e1f3136fd12ba8d7c79af894acff33ced6b17a8c27e74a53e47cf8a58de586bf9a09d8e63f5bf28ba7fe77dfbea43acc8bad00cdaf9362715969513d93bc0ecfffbf5c72fc028b0428d08be75b4e494270a1a397e8da1a16e654bda5c370ee037cb29b62e5527d159385ca94ef4023aaaa969087de1e33698487e0432b8efbd701b7534c2ab604df76ce2500fbdd8d2720a3028ce9188260b65cb1324148fa4582b715f39b8ce9f28a3170d8fa9a1a1aacbf5a37a9b55d5b35a2452a553d598950932bfc0af376c2bb428972f00c953037c7411ab5292b9b1aee5139", 0xfe}, {&(0x7f0000002d00)="a5d3c8aefce3e79f65a8b77419b2a77ad1c34177fd5df644ac1a5dfd42cad78606c3e8fecb1becf60544830061b6ae7483fa52583b5cf64d5bfff12d5725f4938dc352b2cba6c73230af9baef411378a8d02348e38ab15967420ebb3e06a78af064d0d42684db1998378f815bc1e7a09ba4a5440feac0bd665ae376f48838386fdac33c776df81e1120c7c1421d4cd34592894", 0x93}, {&(0x7f0000002dc0)="5f1a78b2c83f3f01a87336019ad34d02d5c0b949f28bef8af12270eb97dd6506a3bd387d2068ceaa269ae52fec3c05d457baef4763c2b4e11c1ad227d3913b0b9c17901389e40c1cc70ed63aea0b2f00506d6fd6731d9ea1ba716b6e964935", 0x5f}, {&(0x7f0000002e40)="aeb184b79a13af9e1425b11e1897b63d2655c8541adda4fff4f1ee34320ac91f44b5ddf636258de3152052b562478a7dc8bcb94b832cfe5216ae56037e37dafb81d06d243562e7a25c1c0ff5b748a16b2e251cacd3fa7abe7fe905a4884912aa0c283a9105f2b98e3ffcac6d08813c3fb446e0aeb9595e294ba97a66aeedb8ea0b45320a88d9c244eaae5dc3112955e29effa6cb1b48b6525caf26bfef5e29d5c58e0522a1065a8cce63007a813051eac2772aa8fde43c74fee3026882e164461a239b301fac99c02130470ad96791a8e509", 0xd2}, {&(0x7f0000002f40)="1cf4690b86d38325e0ee6ea04304098624cf209784c335778e89b1ab16dd1ed44d3f72b96cca71ea4e33baf1f7b7b7492d9c927222c1e274eb8a2b487cd785b377a1d6beb8273d08311a16f38306fa9663d8ea81ab06e2d0bef3bca97625b5f1d040a890d47b895e18a4e6b36a02e3a0c18687a2a9d9530d72ad9cb6c45ae01442f717d9235e29aae1743d861c7655dbcd8d1f91489702886fe97753c39d5344ac6c8b518174a9cafec5e9591143237991df65ec33a745819be4bd2e8f4694c1374e45", 0xc3}], 0x7, &(0x7f0000003200)=ANY=[@ANYBLOB="180000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="340000000100000001000000", @ANYRES32, @ANYRES32=r4, @ANYRES32, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r7, @ANYRES32, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="18000000010800", @ANYRES32=r3, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="240000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=r7, @ANYRES32, @ANYRES32=r8, @ANYRES32=r2, @ANYBLOB="100000000100000001000000", @ANYRES32=r7], 0x98, 0x80}}], 0x2, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240)=<r9=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ptype\x00')
read$msr(r10, &(0x7f0000000040)=""/59, 0xffb5)
r11 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x9, &(0x7f0000000000)=ANY=[@ANYBLOB="180100002020702500000000002033207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000960000009500000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="4800000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006272696467bb00000800090000000000e608793fb081d4173494b4dc9a65e59d85b8c87949c7e98f7b657db2062c97a2f2a9452baff37fe3f8aedca23300"/93], 0x48}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x5)

107.241214ms ago: executing program 2 (id=1079):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'veth0_to_bridge\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = socket$inet6(0xa, 0x80002, 0x0)
r4 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x12, r5, 0x0)
syz_clone3(&(0x7f00000006c0)={0x200, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x7c2, 0x41414770, 0x58595556, 0x425, 0x10001, 0x6, 0x2, 0x1, 0x3, 0x0, 0x6}})
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000280), 0x8)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e24, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

106.651327ms ago: executing program 3 (id=1080):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'veth0_to_bridge\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x80002, 0x0)
r5 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x12, r6, 0x0)
syz_clone3(&(0x7f00000006c0)={0x200, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x200, 0x7c2, 0x41414770, 0x58595556, 0x425, 0x10001, 0x6, 0x2, 0x1, 0x3, 0x0, 0x6}})
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000280), 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e24, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

0s ago: executing program 1 (id=1081):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
gettid()
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000046842, 0x0)
io_setup(0x222, &(0x7f0000000280)=<r2=>0x0)
io_submit(r2, 0x4, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000)='%', 0x1a000}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x404, 0xfffa}, 0x3d, [0x6, 0xc95a, 0xfffffff3, 0x8, 0x80, 0x6, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0xa, 0x0, 0xffff2d37, 0x220, 0x6, 0x7, 0x0, 0x80000001, 0x7, 0x7, 0x3, 0x3c5b, 0x1, 0x0, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x10000, 0xe661, 0x4, 0x1000007, 0x4, 0x8001, 0x4c74, 0x8f00, 0x642, 0x6, 0xa, 0x0, 0x71, 0x7, 0x1000007, 0x103, 0x2, 0x5, 0x3d, 0x8f, 0x6, 0x1, 0x4, 0x5, 0x5, 0x5, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x80010002, 0x12b, 0x8000, 0x10, 0xfffffff3, 0xb, 0x3, 0xf9, 0xd, 0x2bf, 0x6c9, 0x1ff, 0xfffffffe, 0x3, 0xcb, 0x7, 0x10000005, 0x2f, 0xe, 0x313, 0x40078, 0xea4, 0x6, 0x4, 0x4, 0x8000, 0x5, 0x400, 0x1, 0x5, 0x400001, 0xfe, 0x1005, 0x7ff, 0x5f31, 0x3, 0xffffffff, 0x6, 0x1000004, 0x9, 0x4, 0x9, 0x8, 0x9, 0x7, 0x5, 0x0, 0x3, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x8, 0x3, 0x4, 0x1, 0x7, 0x6, 0x9, 0x48c93690, 0x2, 0xfc], [0x7, 0x1, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x8, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x1, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x40002, 0xf, 0x8, 0x84, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x8004, 0xa2, 0x7, 0x53cf697b, 0x5, 0x4, 0x54fe12da, 0xbf, 0x5, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0xfffffff3, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xfffffffc, 0x5, 0x938, 0x6, 0x6, 0x87, 0x613c, 0xce7, 0x1ff, 0x6, 0x7, 0x8, 0x3, 0x104, 0x80000000, 0x5, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x8000014c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000003, 0x5, 0x8, 0xffffffff, 0x3, 0x3, 0xffff, 0x3, 0x8, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c0b, 0x0, 0x2, 0x5, 0xb1c, 0x1, 0x200, 0xfff, 0x7]}, 0x464)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
write$char_usb(r3, &(0x7f0000000040)="e2", 0x12d8)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r4 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r5, &(0x7f0000001440)=""/126, 0x7e, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:43884' (ED25519) to the list of known hosts.
[   41.850455][ T5930] cgroup: Unknown subsys name 'net'
[   41.977146][ T5930] cgroup: Unknown subsys name 'cpuset'
[   41.980912][ T5930] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   42.784534][ T5930] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   44.785348][ T5944] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   44.798611][ T5948] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   44.800905][ T5951] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   44.801217][ T5948] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   44.803664][ T5951] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   44.805922][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   44.808193][ T5951] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   44.809430][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   44.811414][ T5951] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   44.813221][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   44.815328][ T5951] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   44.816984][ T5948] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   44.818837][ T5951] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   44.818959][ T5953] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   44.820522][ T5953] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   44.820993][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   44.821023][ T5953] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   44.833639][ T5948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   44.835413][ T5955] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   44.837244][ T5948] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   44.840749][ T5948] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   44.842092][ T5955] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   44.845763][ T5955] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   44.848543][ T5955] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   44.962969][ T5946] chnl_net:caif_netlink_parms(): no params data found
[   45.020092][ T5942] chnl_net:caif_netlink_parms(): no params data found
[   45.065246][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.067669][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.069712][ T5946] bridge_slave_0: entered allmulticast mode
[   45.071800][ T5946] bridge_slave_0: entered promiscuous mode
[   45.093873][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.095885][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.097839][ T5946] bridge_slave_1: entered allmulticast mode
[   45.099920][ T5946] bridge_slave_1: entered promiscuous mode
[   45.135511][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.159142][ T5941] chnl_net:caif_netlink_parms(): no params data found
[   45.169722][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.172293][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.174909][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.176973][ T5942] bridge_slave_0: entered allmulticast mode
[   45.179149][ T5942] bridge_slave_0: entered promiscuous mode
[   45.207913][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.210479][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.212685][ T5942] bridge_slave_1: entered allmulticast mode
[   45.215594][ T5942] bridge_slave_1: entered promiscuous mode
[   45.229120][ T5950] chnl_net:caif_netlink_parms(): no params data found
[   45.238439][ T5946] team0: Port device team_slave_0 added
[   45.241906][ T5946] team0: Port device team_slave_1 added
[   45.296028][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.316987][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.318967][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.326175][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.332249][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.335894][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.338673][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.341429][ T5941] bridge_slave_0: entered allmulticast mode
[   45.344607][ T5941] bridge_slave_0: entered promiscuous mode
[   45.348758][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.351482][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.354332][ T5941] bridge_slave_1: entered allmulticast mode
[   45.357352][ T5941] bridge_slave_1: entered promiscuous mode
[   45.365054][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.367020][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.374150][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.418034][ T5942] team0: Port device team_slave_0 added
[   45.428765][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.438542][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.440605][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.442603][ T5950] bridge_slave_0: entered allmulticast mode
[   45.445016][ T5950] bridge_slave_0: entered promiscuous mode
[   45.456788][ T5942] team0: Port device team_slave_1 added
[   45.459390][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.471183][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.473209][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.475775][ T5950] bridge_slave_1: entered allmulticast mode
[   45.477904][ T5950] bridge_slave_1: entered promiscuous mode
[   45.524732][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.528739][ T5946] hsr_slave_0: entered promiscuous mode
[   45.530867][ T5946] hsr_slave_1: entered promiscuous mode
[   45.533357][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.535308][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.541993][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.546746][ T5941] team0: Port device team_slave_0 added
[   45.549256][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.552189][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.554539][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.561490][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.569234][ T5941] team0: Port device team_slave_1 added
[   45.595857][ T5950] team0: Port device team_slave_0 added
[   45.615108][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.617084][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.624347][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.638164][ T5950] team0: Port device team_slave_1 added
[   45.647870][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.649807][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.656757][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.693057][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0
[   45.695495][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.704026][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   45.709452][ T5942] hsr_slave_0: entered promiscuous mode
[   45.711605][ T5942] hsr_slave_1: entered promiscuous mode
[   45.713637][ T5942] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.716401][ T5942] Cannot create hsr debugfs directory
[   45.724951][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1
[   45.726822][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   45.733839][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   45.779409][ T5941] hsr_slave_0: entered promiscuous mode
[   45.781405][ T5941] hsr_slave_1: entered promiscuous mode
[   45.783160][ T5941] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.785485][ T5941] Cannot create hsr debugfs directory
[   45.820498][ T5950] hsr_slave_0: entered promiscuous mode
[   45.822414][ T5950] hsr_slave_1: entered promiscuous mode
[   45.824404][ T5950] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   45.827139][ T5950] Cannot create hsr debugfs directory
[   45.926842][ T5946] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   45.948361][ T5946] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   45.976829][ T5946] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   45.983126][ T5946] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   46.020605][ T5942] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   46.024411][ T5942] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   46.032464][ T5942] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   46.037358][ T5942] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   46.051935][ T5941] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   46.055727][ T5941] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   46.058735][ T5941] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   46.062214][ T5941] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   46.088941][ T5950] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   46.096344][ T5950] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   46.103661][ T5950] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   46.107760][ T5950] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   46.149924][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.184930][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.191055][ T5946] 8021q: adding VLAN 0 to HW filter on device team0
[   46.194544][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.204742][ T5941] 8021q: adding VLAN 0 to HW filter on device team0
[   46.209072][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.211144][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.217925][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0
[   46.222420][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.224501][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.227932][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.229801][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.241356][ T5942] 8021q: adding VLAN 0 to HW filter on device team0
[   46.248156][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.250160][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.255572][ T5950] 8021q: adding VLAN 0 to HW filter on device team0
[   46.260054][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.261989][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.265271][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.267206][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.276341][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.278319][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.289480][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.291755][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.344564][ T5950] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   46.407560][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.426792][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.430761][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.444459][ T5946] veth0_vlan: entered promiscuous mode
[   46.456043][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0
[   46.458857][ T5946] veth1_vlan: entered promiscuous mode
[   46.471821][ T5941] veth0_vlan: entered promiscuous mode
[   46.480804][ T5941] veth1_vlan: entered promiscuous mode
[   46.499065][ T5950] veth0_vlan: entered promiscuous mode
[   46.505789][ T5942] veth0_vlan: entered promiscuous mode
[   46.513012][ T5941] veth0_macvtap: entered promiscuous mode
[   46.516832][ T5946] veth0_macvtap: entered promiscuous mode
[   46.519624][ T5950] veth1_vlan: entered promiscuous mode
[   46.522275][ T5941] veth1_macvtap: entered promiscuous mode
[   46.525234][ T5942] veth1_vlan: entered promiscuous mode
[   46.532142][ T5946] veth1_macvtap: entered promiscuous mode
[   46.542851][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.554599][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.560933][ T5941] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.563964][ T5941] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.567057][ T5941] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.569365][ T5941] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.575448][ T5950] veth0_macvtap: entered promiscuous mode
[   46.578263][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.581299][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.585360][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.592113][ T5942] veth0_macvtap: entered promiscuous mode
[   46.595088][ T5950] veth1_macvtap: entered promiscuous mode
[   46.600574][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.604142][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.607234][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.616107][ T5942] veth1_macvtap: entered promiscuous mode
[   46.629750][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.632565][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.635508][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.638194][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.641577][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.644999][ T5946] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.647755][ T5946] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.650354][ T5946] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.652971][ T5946] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.659951][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.663691][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.666742][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.669877][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.672625][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.675826][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.678998][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.687043][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.688921][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.689396][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.693147][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.698612][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.701567][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.706073][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.709957][ T5950] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.712440][ T5950] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.715675][ T5950] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.718341][ T5950] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.724318][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.728199][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.731831][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.736072][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.739451][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.742242][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.746137][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.762896][ T5942] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.765827][ T5942] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.768248][ T5942] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.770694][ T5942] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.781252][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.784622][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.816780][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.818958][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.833799][ T5955] Bluetooth: hci1: command tx timeout
[   46.833801][ T5296] Bluetooth: hci2: command tx timeout
[   46.836575][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.840254][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.846031][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.846882][ T5941] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   46.853301][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.868843][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.871741][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.876720][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.879695][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.892161][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.895546][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.915258][ T5296] Bluetooth: hci3: command tx timeout
[   46.923408][ T5296] Bluetooth: hci0: command tx timeout
[   46.953011][ T6012] program syz.0.1 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   46.955690][ T6014] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   46.976990][ T6012] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1'.
[   47.253450][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.263656][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.266679][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.503393][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   47.803532][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.103831][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.111617][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.114959][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.121805][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   48.914885][ T5955] Bluetooth: hci1: command tx timeout
[   48.923570][ T5955] Bluetooth: hci2: command tx timeout
[   49.003411][ T5955] Bluetooth: hci0: command tx timeout
[   49.003459][ T5948] Bluetooth: hci3: command tx timeout
[   49.401067][ T6080] overlayfs: workdir and upperdir must be separate subtrees
[   50.993777][ T5948] Bluetooth: hci1: command tx timeout
[   50.996132][ T5955] Bluetooth: hci2: command tx timeout
[   51.073478][ T5948] Bluetooth: hci3: command 0x040f tx timeout
[   51.073570][ T5955] Bluetooth: hci0: command tx timeout
[   51.391637][ T6108] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0
[   51.433427][ T5969] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[   51.453574][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   51.628046][ T5969] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   51.631933][ T5969] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[   51.636517][ T5969] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[   51.640395][ T5969] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 99, setting to 64
[   51.646098][ T5969] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   51.653120][ T5969] usb 7-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[   51.656463][ T5969] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   51.659459][ T5969] usb 7-1: Product: syz
[   51.661128][ T5969] usb 7-1: Manufacturer: syz
[   51.662926][ T5969] usb 7-1: SerialNumber: syz
[   51.667448][ T5969] usb 7-1: config 0 descriptor??
[   51.670767][ T6096] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   51.678158][ T5969] input: KB Gear Tablet as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input5
[   51.952196][ T6039] usb 7-1: USB disconnect, device number 2
[   52.862615][ T6134] netlink: 'syz.3.26': attribute type 5 has an invalid length.
[   52.865725][ T6134] netlink: 4 bytes leftover after parsing attributes in process `syz.3.26'.
[   53.083433][ T5955] Bluetooth: hci2: command tx timeout
[   53.083666][ T5948] Bluetooth: hci1: command tx timeout
[   53.153659][ T5948] Bluetooth: hci0: command tx timeout
[   53.164137][ T5948] Bluetooth: hci3: command 0x040f tx timeout
[   53.309336][ T6149] random: crng reseeded on system resumption
[   53.622881][ T6152] Cannot find set identified by id 0 to match
[   54.576726][ T6161] netlink: 84 bytes leftover after parsing attributes in process `syz.2.33'.
[   55.234164][ T6171] kernel profiling enabled (shift: 7)
[   55.243443][ T5296] Bluetooth: hci3: command 0x040f tx timeout
[   56.245763][ T6185] netlink: 'syz.1.39': attribute type 10 has an invalid length.
[   56.301461][ T6186] netlink: 'syz.1.39': attribute type 10 has an invalid length.
[   56.417489][ T6185] team0: Port device netdevsim0 added
[   56.493325][ T6186] team0: Port device netdevsim0 removed
[   56.495988][ T6186] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   57.314704][ T5948] Bluetooth: hci3: command 0x040f tx timeout
[   57.345135][ T5296] Bluetooth: hci2: SCO packet for unknown connection handle 0
[   58.146157][ T6200] /dev/nullb0: Can't open blockdev
[   58.533759][   T36] IPVS: starting estimator thread 0...
[   58.643359][ T6219] IPVS: using max 39 ests per chain, 93600 per kthread
[   58.785301][ T6223] netlink: 'syz.1.47': attribute type 39 has an invalid length.
[   58.837886][ T6224] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   58.908123][ T6221] macsec0: entered promiscuous mode
[   58.909669][ T6221] macsec0: entered allmulticast mode
[   58.911233][ T6221] veth1_macvtap: entered allmulticast mode
[   59.393406][ T5296] Bluetooth: hci3: command 0x040f tx timeout
[   60.442753][ T6244] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   61.127979][ T6252] mmap: syz.2.54 (6252) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   61.765075][ T6260] /dev/nullb0: Can't open blockdev
[   63.559106][ T6288] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   64.263466][ T6297] wireguard0: entered promiscuous mode
[   64.265140][ T6297] wireguard0: entered allmulticast mode
[   64.717491][ T6295] process 'syz.2.65' launched '/dev/fd/6' with NULL argv: empty string added
[   64.832100][   T40] audit: type=1400 audit(1742399035.356:2): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=6301 comm="syz.0.66"
[   64.908472][ T6308] netlink: 20 bytes leftover after parsing attributes in process `syz.0.69'.
[   64.951026][ T5296] Bluetooth: hci0: SCO packet for unknown connection handle 0
[   64.973122][ T6312] syz.0.69 uses obsolete (PF_INET,SOCK_PACKET)
[   65.482270][ T6327] block device autoloading is deprecated and will be removed.
[   65.714584][ T6319] /dev/nullb0: Can't open blockdev
[   66.983330][ T6039] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   67.143899][ T6039] usb 7-1: too many configurations: 9, using maximum allowed: 8
[   67.147396][ T6039] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.149861][ T6039] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.152864][ T6039] usb 7-1: config 0 interface 0 has no altsetting 0
[   67.157238][ T6039] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.159757][ T6039] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.162755][ T6039] usb 7-1: config 0 interface 0 has no altsetting 0
[   67.165727][ T6039] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.168318][ T6039] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.171305][ T6039] usb 7-1: config 0 interface 0 has no altsetting 0
[   67.175020][ T6039] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.177622][ T6039] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.180739][ T6039] usb 7-1: config 0 interface 0 has no altsetting 0
[   67.184995][ T6039] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.187494][ T6039] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.190553][ T6039] usb 7-1: config 0 interface 0 has no altsetting 0
[   67.225119][ T6039] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.227630][ T6039] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.230614][ T6039] usb 7-1: config 0 interface 0 has no altsetting 0
[   67.233213][ T6039] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.236110][ T6039] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.239136][ T6039] usb 7-1: config 0 interface 0 has no altsetting 0
[   67.246582][ T6039] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   67.249042][ T6039] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   67.252001][ T6039] usb 7-1: config 0 interface 0 has no altsetting 0
[   67.255707][ T6039] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   67.258265][ T6039] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   67.260589][ T6039] usb 7-1: Product: syz
[   67.261759][ T6039] usb 7-1: Manufacturer: syz
[   67.263105][ T6039] usb 7-1: SerialNumber: syz
[   67.266551][ T6039] usb 7-1: config 0 descriptor??
[   67.273554][ T6039] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[   67.471956][ T6039] usb 7-1: USB disconnect, device number 3
[   67.475758][ T6039] yurex 7-1:0.0: USB YUREX #0 now disconnected
[   68.364386][ T5948] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   68.366888][ T5948] Bluetooth: hci1: Injecting HCI hardware error event
[   68.369704][ T5948] Bluetooth: hci1: hardware error 0x00
[   68.433435][ T5955] Bluetooth: hci3: command 0x040f tx timeout
[   68.883681][ T6370] netlink: 'syz.2.88': attribute type 10 has an invalid length.
[   68.886924][ T6370] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.889518][ T6370] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.900890][ T6370] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.902939][ T6370] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.905837][ T6370] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.907828][ T6370] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.911978][ T6370] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   68.916916][ T6370] netlink: 4 bytes leftover after parsing attributes in process `syz.2.88'.
[   68.919380][ T6370] bridge_slave_1: left allmulticast mode
[   68.921046][ T6370] bridge_slave_1: left promiscuous mode
[   68.922711][ T6370] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.940598][ T6370] bridge_slave_0: left allmulticast mode
[   68.942216][ T6370] bridge_slave_0: left promiscuous mode
[   68.944272][ T6370] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.961397][ T6370] bond0: (slave bridge0): Releasing backup interface
[   69.208733][ T6377] @: renamed from vlan0 (while UP)
[   69.455022][ T6039] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[   69.603438][ T6039] usb 8-1: Using ep0 maxpacket: 32
[   69.606044][ T6039] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[   69.610701][ T6039] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   69.613197][ T6039] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   69.615781][ T6039] usb 8-1: Product: syz
[   69.616985][ T6039] usb 8-1: Manufacturer: syz
[   69.618275][ T6039] usb 8-1: SerialNumber: syz
[   69.621280][ T6039] usb 8-1: config 0 descriptor??
[   69.623321][ T6377] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   69.687647][ T6385] netlink: 96 bytes leftover after parsing attributes in process `syz.2.94'.
[   69.690335][ T6385] netlink: 96 bytes leftover after parsing attributes in process `syz.2.94'.
[   69.949608][ T5296] Bluetooth: unknown link type 108
[   69.951099][ T5296] Bluetooth: hci0: connection err: -111
[   69.958293][ T6386] netlink: 'syz.2.94': attribute type 11 has an invalid length.
[   70.029595][ T6377] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   70.035964][ T6377] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   70.095998][ T6002] usb 8-1: USB disconnect, device number 2
[   70.433425][ T5948] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   70.762186][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[   70.874115][ T6409] capability: warning: `syz.3.99' uses deprecated v2 capabilities in a way that may be insecure
[   71.436453][ T6422] block device autoloading is deprecated and will be removed.
[   71.442361][ T6422] syz.3.101: attempt to access beyond end of device
[   71.442361][ T6422] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   72.741966][ T6456] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1926430720 (3852861440 ns) > initial count (2369312970 ns). Using initial count to start timer.
[   75.498235][ T6490] uprobe: syz.0.117:6490 failed to unregister, leaking uprobe
[   78.898781][ T6535] uprobe: syz.1.130:6535 failed to unregister, leaking uprobe
[   80.996086][   T79] cfg80211: failed to load regulatory.db
[   81.035872][ T6593] Zero length message leads to an empty skb
[   83.152180][ T6611] uprobe: syz.0.150:6611 failed to unregister, leaking uprobe
[   86.033475][ T6660] uprobe: syz.1.162:6660 failed to unregister, leaking uprobe
[   89.127900][ T6727] netlink: 20 bytes leftover after parsing attributes in process `syz.0.178'.
[   89.130361][ T6727] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[   89.844884][ T6729] overlayfs: failed to resolve './file1': -2
[   90.049101][ T6718] uprobe: syz.3.176:6718 failed to unregister, leaking uprobe
[   91.455915][ T6761] netlink: 20 bytes leftover after parsing attributes in process `syz.0.187'.
[   91.463289][ T6761] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[   93.559492][ T6776] uprobe: syz.3.192:6776 failed to unregister, leaking uprobe
[   93.976486][ T6798] netlink: 20 bytes leftover after parsing attributes in process `syz.1.198'.
[   93.979267][ T6798] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[   96.131202][ T6820] uprobe: syz.3.205:6820 failed to unregister, leaking uprobe
[   96.603311][   T40] audit: type=1800 audit(1742399067.126:3): pid=6842 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.209" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[   96.604772][ T6842] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   96.917017][ T6846] openvswitch: netlink: Message has 8 unknown bytes.
[   98.713390][ T6864] uprobe: syz.1.217:6864 failed to unregister, leaking uprobe
[   99.556518][ T6887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.222'.
[   99.770801][ T6894] openvswitch: netlink: Message has 8 unknown bytes.
[  101.428959][ T6908] uprobe: syz.0.228:6908 failed to unregister, leaking uprobe
[  102.442148][ T6936] netlink: 28 bytes leftover after parsing attributes in process `syz.2.236'.
[  102.444966][ T6936] netlink: 28 bytes leftover after parsing attributes in process `syz.2.236'.
[  102.725669][ T6942] openvswitch: netlink: Message has 8 unknown bytes.
[  104.744610][ T6958] uprobe: syz.1.243:6958 failed to unregister, leaking uprobe
[  107.589169][ T7002] uprobe: syz.0.255:7002 failed to unregister, leaking uprobe
[  110.886964][ T7047] uprobe: syz.0.268:7047 failed to unregister, leaking uprobe
[  110.964471][ T7065] overlay: Unknown parameter 'permit_directio'
[  111.022123][ T7066] netlink: 28 bytes leftover after parsing attributes in process `syz.3.272'.
[  111.022755][ T7069] netlink: 28 bytes leftover after parsing attributes in process `syz.3.272'.
[  111.029405][ T7069] netlink: 8 bytes leftover after parsing attributes in process `syz.3.272'.
[  112.797879][ T7087] syz.0.278: vmalloc error: size 70778880, failed to allocated page array size 138240, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  112.802905][ T7087] CPU: 1 UID: 0 PID: 7087 Comm: syz.0.278 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  112.802918][ T7087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  112.802924][ T7087] Call Trace:
[  112.802927][ T7087]  <TASK>
[  112.802931][ T7087]  dump_stack_lvl+0x16c/0x1f0
[  112.802949][ T7087]  warn_alloc+0x24d/0x3a0
[  112.802965][ T7087]  ? __pfx_warn_alloc+0x10/0x10
[  112.802984][ T7087]  ? __get_vm_area_node+0x1b0/0x2f0
[  112.802996][ T7087]  ? __get_vm_area_node+0x1dc/0x2f0
[  112.803010][ T7087]  __vmalloc_node_range_noprof+0x1102/0x1530
[  112.803023][ T7087]  ? path_mount+0x14e6/0x1f10
[  112.803038][ T7087]  ? __ia32_sys_mount+0x28d/0x310
[  112.803050][ T7087]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  112.803068][ T7087]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  112.803085][ T7087]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  112.803099][ T7087]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  112.803113][ T7087]  vmalloc_user_noprof+0x6b/0x90
[  112.803126][ T7087]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  112.803140][ T7087]  vb2_vmalloc_alloc+0x11e/0x3d0
[  112.803156][ T7087]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  112.803170][ T7087]  __vb2_queue_alloc+0x896/0x1230
[  112.803190][ T7087]  vb2_core_reqbufs+0xa73/0xfb0
[  112.803206][ T7087]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  112.803227][ T7087]  __vb2_init_fileio+0x3f3/0x1110
[  112.803251][ T7087]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  112.803267][ T7087]  ? p9_pollwait+0x184/0x200
[  112.803284][ T7087]  vb2_core_poll+0x5ec/0x700
[  112.803299][ T7087]  vb2_poll+0x33/0x150
[  112.803312][ T7087]  vb2_fop_poll+0x10f/0x2c0
[  112.803325][ T7087]  ? __pfx_vb2_fop_poll+0x10/0x10
[  112.803338][ T7087]  v4l2_poll+0x160/0x320
[  112.803349][ T7087]  ? __pfx_v4l2_poll+0x10/0x10
[  112.803359][ T7087]  p9_fd_poll+0x10e/0x2c0
[  112.803374][ T7087]  p9_conn_create+0x3cd/0x550
[  112.803389][ T7087]  p9_fd_create+0x323/0x490
[  112.803404][ T7087]  ? __pfx_p9_fd_create+0x10/0x10
[  112.803419][ T7087]  ? p9_client_create+0x7cf/0x1200
[  112.803434][ T7087]  p9_client_create+0x836/0x1200
[  112.803450][ T7087]  ? __pfx_p9_client_create+0x10/0x10
[  112.803465][ T7087]  ? rcu_is_watching+0x12/0xc0
[  112.803475][ T7087]  ? trace_kmalloc+0x2d/0xd0
[  112.803489][ T7087]  ? __raw_spin_lock_init+0x3a/0x110
[  112.803500][ T7087]  v9fs_session_init+0x1f8/0x1a80
[  112.803518][ T7087]  ? __pfx_v9fs_session_init+0x10/0x10
[  112.803537][ T7087]  v9fs_mount+0xc6/0xa30
[  112.803550][ T7087]  ? __pfx_v9fs_mount+0x10/0x10
[  112.803565][ T7087]  ? apparmor_capable+0x114/0x1d0
[  112.803577][ T7087]  ? __pfx_v9fs_mount+0x10/0x10
[  112.803589][ T7087]  legacy_get_tree+0x109/0x220
[  112.803605][ T7087]  vfs_get_tree+0x8b/0x340
[  112.803617][ T7087]  path_mount+0x14e6/0x1f10
[  112.803633][ T7087]  ? kmem_cache_free+0x2e2/0x4d0
[  112.803646][ T7087]  ? __pfx_path_mount+0x10/0x10
[  112.803663][ T7087]  ? putname+0x13c/0x180
[  112.803674][ T7087]  __ia32_sys_mount+0x28d/0x310
[  112.803683][ T7087]  ? __pfx___ia32_sys_mount+0x10/0x10
[  112.803696][ T7087]  __do_fast_syscall_32+0x73/0x120
[  112.803712][ T7087]  do_fast_syscall_32+0x32/0x80
[  112.803726][ T7087]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  112.803742][ T7087] RIP: 0023:0xf73de579
[  112.803750][ T7087] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  112.803759][ T7087] RSP: 002b:00000000f502455c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  112.803768][ T7087] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800001c0
[  112.803774][ T7087] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 00000000800002c0
[  112.803780][ T7087] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  112.803785][ T7087] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  112.803795][ T7087] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  112.803806][ T7087]  </TASK>
[  112.907821][    C1] vkms_vblank_simulate: vblank timer overrun
[  112.989782][ T7087] Mem-Info:
[  113.033319][ T7087] active_anon:12435 inactive_anon:3138 isolated_anon:0
[  113.033319][ T7087]  active_file:1715 inactive_file:11417 isolated_file:0
[  113.033319][ T7087]  unevictable:1768 dirty:60 writeback:0
[  113.033319][ T7087]  slab_reclaimable:9907 slab_unreclaimable:58004
[  113.033319][ T7087]  mapped:32357 shmem:9755 pagetables:827
[  113.033319][ T7087]  sec_pagetables:299 bounce:0
[  113.033319][ T7087]  kernel_misc_reclaimable:0
[  113.033319][ T7087]  free:58343 free_pcp:1284 free_cma:0
[  113.073403][ T7087] Node 0 active_anon:3544kB inactive_anon:0kB active_file:72kB inactive_file:10548kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5928kB dirty:8kB writeback:0kB shmem:4384kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9452kB pagetables:656kB sec_pagetables:1124kB all_unreclaimable? yes
[  113.081766][ T7087] Node 1 active_anon:50232kB inactive_anon:12552kB active_file:6788kB inactive_file:35120kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:127608kB dirty:232kB writeback:0kB shmem:38672kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2540kB pagetables:2632kB sec_pagetables:72kB all_unreclaimable? no
[  113.120452][ T7087] Node 0 DMA free:3696kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:400kB local_pcp:152kB free_cma:0kB
[  113.129543][ T7087] lowmem_reserve[]: 0 294 294 294 294
[  113.131414][ T7087] Node 0 DMA32 free:26028kB boost:18432kB min:31992kB low:35380kB high:38768kB reserved_highatomic:4096KB active_anon:3544kB inactive_anon:0kB active_file:72kB inactive_file:10544kB unevictable:3536kB writepending:8kB present:1032196kB managed:301724kB mlocked:0kB bounce:0kB free_pcp:144kB local_pcp:0kB free_cma:0kB
[  113.139685][ T7087] lowmem_reserve[]: 0 0 0 0 0
[  113.142716][ T7087] Node 1 DMA32 free:197000kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:10240KB active_anon:51560kB inactive_anon:12552kB active_file:6788kB inactive_file:35128kB unevictable:3536kB writepending:256kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:6228kB local_pcp:4376kB free_cma:0kB
[  113.151165][ T7087] lowmem_reserve[]: 0 0 0 0 0
[  113.152620][ T7087] Node 0 DMA: 68*4kB (UM) 32*8kB (UM) 6*16kB (U) 16*32kB (UM) 4*64kB (UM) 2*128kB (M) 2*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 3696kB
[  113.169548][ T7087] Node 0 DMA32: 279*4kB (UMH) 140*8kB (UMEH) 77*16kB (UMH) 199*32kB (UMH) 59*64kB (UMH) 17*128kB (UMH) 6*256kB (UM) 5*512kB (M) 2*1024kB (M) 0*2048kB 1*4096kB (M) = 26028kB
[  113.174899][ T7087] Node 1 DMA32: 4*4kB (EH) 53*8kB (MEH) 15*16kB (EH) 72*32kB (UMEH) 123*64kB (UMEH) 41*128kB (UMEH) 39*256kB (UMEH) 48*512kB (UME) 58*1024kB (UMEH) 18*2048kB (UMH) 12*4096kB (UM) = 196072kB
[  113.181116][ T7087] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  113.183928][ T7087] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  113.186559][ T7087] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  113.189203][ T7087] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  113.191956][ T7087] 24204 total pagecache pages
[  113.193499][ T7087] 0 pages in swap cache
[  113.194962][ T7087] Free swap  = 124824kB
[  113.196288][ T7087] Total swap = 124996kB
[  113.197554][ T7087] 524155 pages RAM
[  113.198699][ T7087] 0 pages HighMem/MovableOnly
[  113.200068][ T7087] 207821 pages reserved
[  113.201388][ T7087] 0 pages cma reserved
[  113.479152][ T7099] uprobe: syz.1.281:7099 failed to unregister, leaking uprobe
[  115.694504][ T7132] uprobe: syz.2.290:7132 failed to unregister, leaking uprobe
[  115.912921][ T7142] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  115.922069][ T7142] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  118.487955][ T7173] uprobe: syz.0.302:7173 failed to unregister, leaking uprobe
[  121.230380][ T7214] uprobe: syz.2.313:7214 failed to unregister, leaking uprobe
[  122.370980][ T7218] syz.1.312 (7218) used greatest stack depth: 18480 bytes left
[  122.505549][ T7236] netlink: 8 bytes leftover after parsing attributes in process `syz.3.318'.
[  122.555494][ T7238] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  122.557572][ T7238] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  122.563793][ T7238] hsr_slave_0: left promiscuous mode
[  122.565824][ T7238] hsr_slave_1: left promiscuous mode
[  123.252973][ T7249] uprobe: syz.1.323:7249 failed to unregister, leaking uprobe
[  125.516899][ T7278] warn_alloc: 1 callbacks suppressed
[  125.516910][ T7278] syz.3.329: vmalloc error: size 70778880, failed to allocated page array size 138240, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  125.523161][ T7278] CPU: 1 UID: 0 PID: 7278 Comm: syz.3.329 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  125.523173][ T7278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.523179][ T7278] Call Trace:
[  125.523183][ T7278]  <TASK>
[  125.523186][ T7278]  dump_stack_lvl+0x16c/0x1f0
[  125.523204][ T7278]  warn_alloc+0x24d/0x3a0
[  125.523220][ T7278]  ? __pfx_warn_alloc+0x10/0x10
[  125.523249][ T7278]  ? __get_vm_area_node+0x1b0/0x2f0
[  125.523263][ T7278]  ? __get_vm_area_node+0x1dc/0x2f0
[  125.523277][ T7278]  __vmalloc_node_range_noprof+0x1102/0x1530
[  125.523291][ T7278]  ? path_mount+0x14e6/0x1f10
[  125.523305][ T7278]  ? __ia32_sys_mount+0x28d/0x310
[  125.523317][ T7278]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  125.523336][ T7278]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  125.523353][ T7278]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  125.523368][ T7278]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  125.523382][ T7278]  vmalloc_user_noprof+0x6b/0x90
[  125.523395][ T7278]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  125.523409][ T7278]  vb2_vmalloc_alloc+0x11e/0x3d0
[  125.523425][ T7278]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  125.523439][ T7278]  __vb2_queue_alloc+0x896/0x1230
[  125.523459][ T7278]  vb2_core_reqbufs+0xa73/0xfb0
[  125.523476][ T7278]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  125.523497][ T7278]  __vb2_init_fileio+0x3f3/0x1110
[  125.523511][ T7278]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  125.523525][ T7278]  ? p9_pollwait+0x184/0x200
[  125.523542][ T7278]  vb2_core_poll+0x5ec/0x700
[  125.523557][ T7278]  vb2_poll+0x33/0x150
[  125.523569][ T7278]  vb2_fop_poll+0x10f/0x2c0
[  125.523583][ T7278]  ? __pfx_vb2_fop_poll+0x10/0x10
[  125.523599][ T7278]  v4l2_poll+0x160/0x320
[  125.523609][ T7278]  ? __pfx_v4l2_poll+0x10/0x10
[  125.523620][ T7278]  p9_fd_poll+0x10e/0x2c0
[  125.523635][ T7278]  p9_conn_create+0x3cd/0x550
[  125.523650][ T7278]  p9_fd_create+0x323/0x490
[  125.523665][ T7278]  ? __pfx_p9_fd_create+0x10/0x10
[  125.523680][ T7278]  ? p9_client_create+0x7cf/0x1200
[  125.523696][ T7278]  p9_client_create+0x836/0x1200
[  125.523711][ T7278]  ? __pfx_p9_client_create+0x10/0x10
[  125.523731][ T7278]  ? __raw_spin_lock_init+0x3a/0x110
[  125.523743][ T7278]  v9fs_session_init+0x1f8/0x1a80
[  125.523761][ T7278]  ? __pfx_v9fs_session_init+0x10/0x10
[  125.523781][ T7278]  v9fs_mount+0xc6/0xa30
[  125.523794][ T7278]  ? __pfx_v9fs_mount+0x10/0x10
[  125.523809][ T7278]  ? apparmor_capable+0x114/0x1d0
[  125.523820][ T7278]  ? __pfx_v9fs_mount+0x10/0x10
[  125.523833][ T7278]  legacy_get_tree+0x109/0x220
[  125.523848][ T7278]  vfs_get_tree+0x8b/0x340
[  125.523860][ T7278]  path_mount+0x14e6/0x1f10
[  125.523875][ T7278]  ? kmem_cache_free+0x2e2/0x4d0
[  125.523889][ T7278]  ? __pfx_path_mount+0x10/0x10
[  125.523906][ T7278]  ? putname+0x13c/0x180
[  125.523917][ T7278]  __ia32_sys_mount+0x28d/0x310
[  125.523927][ T7278]  ? __pfx___ia32_sys_mount+0x10/0x10
[  125.523940][ T7278]  __do_fast_syscall_32+0x73/0x120
[  125.523955][ T7278]  do_fast_syscall_32+0x32/0x80
[  125.523969][ T7278]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  125.523985][ T7278] RIP: 0023:0xf7f8f579
[  125.523993][ T7278] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  125.524002][ T7278] RSP: 002b:00000000f507455c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  125.524011][ T7278] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800001c0
[  125.524017][ T7278] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 00000000800002c0
[  125.524023][ T7278] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  125.524028][ T7278] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  125.524033][ T7278] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  125.524045][ T7278]  </TASK>
[  125.622111][    C1] vkms_vblank_simulate: vblank timer overrun
[  125.645048][ T7278] Mem-Info:
[  125.645993][ T7278] active_anon:9550 inactive_anon:2649 isolated_anon:0
[  125.645993][ T7278]  active_file:6161 inactive_file:8622 isolated_file:0
[  125.645993][ T7278]  unevictable:1768 dirty:78 writeback:0
[  125.645993][ T7278]  slab_reclaimable:8646 slab_unreclaimable:57374
[  125.645993][ T7278]  mapped:30043 shmem:10630 pagetables:800
[  125.645993][ T7278]  sec_pagetables:300 bounce:0
[  125.645993][ T7278]  kernel_misc_reclaimable:0
[  125.645993][ T7278]  free:52616 free_pcp:6895 free_cma:0
[  125.658154][ T7278] Node 0 active_anon:3544kB inactive_anon:0kB active_file:72kB inactive_file:10548kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5928kB dirty:0kB writeback:0kB shmem:4384kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9452kB pagetables:656kB sec_pagetables:1124kB all_unreclaimable? yes
[  125.666757][ T7278] Node 1 active_anon:23556kB inactive_anon:10596kB active_file:24572kB inactive_file:23940kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:114244kB dirty:312kB writeback:0kB shmem:27136kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2384kB pagetables:2544kB sec_pagetables:76kB all_unreclaimable? no
[  125.675556][ T7278] Node 0 DMA free:3968kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:124kB local_pcp:0kB free_cma:0kB
[  125.772357][ T7284] uprobe: syz.0.332:7284 failed to unregister, leaking uprobe
[  125.833780][ T7278] lowmem_reserve[]: 0 294 294 294 294
[  125.835352][ T7278] Node 0 DMA32 free:30304kB boost:18432kB min:31992kB low:35380kB high:38768kB reserved_highatomic:2048KB active_anon:3544kB inactive_anon:0kB active_file:72kB inactive_file:10544kB unevictable:3536kB writepending:0kB present:1032196kB managed:301724kB mlocked:0kB bounce:0kB free_pcp:60kB local_pcp:4kB free_cma:0kB
[  125.873402][ T7278] lowmem_reserve[]: 0 0 0 0 0
[  125.874782][ T7278] Node 1 DMA32 free:175684kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:8192KB active_anon:23080kB inactive_anon:10592kB active_file:24572kB inactive_file:22940kB unevictable:3536kB writepending:312kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:40100kB local_pcp:22808kB free_cma:0kB
[  125.893586][ T7278] lowmem_reserve[]: 0 0 0 0 0
[  125.894960][ T7278] Node 0 DMA: 94*4kB (UM) 45*8kB (UM) 8*16kB (UM) 17*32kB (UM) 4*64kB (UM) 2*128kB (M) 2*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 3968kB
[  125.899200][ T7278] Node 0 DMA32: 318*4kB (UMH) 169*8kB (UMEH) 86*16kB (UMEH) 242*32kB (UMEH) 76*64kB (UMEH) 19*128kB (UMEH) 8*256kB (UMEH) 6*512kB (ME) 2*1024kB (M) 0*2048kB 1*4096kB (M) = 30304kB
[  125.933307][ T7278] Node 1 DMA32: 508*4kB (UMEH) 203*8kB (UMEH) 115*16kB (UMEH) 188*32kB (UMEH) 207*64kB (UMEH) 134*128kB (MEH) 50*256kB (MEH) 54*512kB (UM) 47*1024kB (UMH) 17*2048kB (UMH) 3*4096kB (U) = 177592kB
[  125.938930][ T7278] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  125.941495][ T7278] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  125.963293][ T7278] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  125.965897][ T7278] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  125.968401][ T7278] 22507 total pagecache pages
[  125.969703][ T7278] 13 pages in swap cache
[  125.970895][ T7278] Free swap  = 106144kB
[  125.972050][ T7278] Total swap = 124996kB
[  125.983806][ T7278] 524155 pages RAM
[  125.984962][ T7278] 0 pages HighMem/MovableOnly
[  125.986318][ T7278] 207821 pages reserved
[  125.987507][ T7278] 0 pages cma reserved
[  129.344508][ T7320] uprobe: syz.2.344:7320 failed to unregister, leaking uprobe
[  131.497800][ T7362] loop6: detected capacity change from 0 to 524287999
[  131.502944][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.505858][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  131.510188][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.513412][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  131.516644][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.519149][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  131.522458][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.524925][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  131.527232][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.529615][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  131.532140][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.534548][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  131.537066][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.539467][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  131.544256][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.546765][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  131.549035][ T7362] ldm_validate_partition_table(): Disk read failed.
[  131.551248][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.553986][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  131.556465][    C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  131.558938][    C3] Buffer I/O error on dev loop6, logical block 0, async page read
[  131.563485][ T7362] Dev loop6: unable to read RDB block 0
[  131.584539][ T7362]  loop6: unable to read partition table
[  131.586421][ T7362] loop_reread_partitions: partition scan of loop6 (3��x��C�

) failed (rc=-5)
[  131.680516][ T7363] loop6: detected capacity change from 524287999 to 524288000
[  132.196930][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  132.870506][ T7368] uprobe: syz.2.357:7368 failed to unregister, leaking uprobe
[  133.209544][ T7383] tmpfs: Bad value for 'mpol'
[  133.588258][ T7391] FAULT_INJECTION: forcing a failure.
[  133.588258][ T7391] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  133.591857][ T7391] CPU: 3 UID: 0 PID: 7391 Comm: syz.3.361 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  133.591870][ T7391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  133.591876][ T7391] Call Trace:
[  133.591889][ T7391]  <TASK>
[  133.591893][ T7391]  dump_stack_lvl+0x16c/0x1f0
[  133.591912][ T7391]  should_fail_ex+0x50a/0x650
[  133.591922][ T7391]  ? __pfx___might_resched+0x10/0x10
[  133.591939][ T7391]  should_fail_alloc_page+0xe7/0x130
[  133.591950][ T7391]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  133.591963][ T7391]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  133.591976][ T7391]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  133.591992][ T7391]  ? unwind_get_return_address+0x59/0xa0
[  133.592007][ T7391]  ? arch_stack_walk+0xa7/0x100
[  133.592020][ T7391]  ? hlock_class+0x4e/0x130
[  133.592030][ T7391]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  133.592049][ T7391]  ? __pfx___lock_acquire+0x10/0x10
[  133.592062][ T7391]  ? kasan_save_stack+0x42/0x60
[  133.592075][ T7391]  ? kasan_save_stack+0x33/0x60
[  133.592088][ T7391]  ? kasan_save_track+0x14/0x30
[  133.592100][ T7391]  ? __kasan_slab_alloc+0x89/0x90
[  133.592114][ T7391]  ? kmem_cache_alloc_node_noprof+0x223/0x3c0
[  133.592128][ T7391]  ? alloc_vmap_area+0x636/0x2a60
[  133.592139][ T7391]  ? __get_vm_area_node+0x19e/0x2f0
[  133.592150][ T7391]  ? __vmalloc_node_range_noprof+0x26a/0x1530
[  133.592163][ T7391]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  133.592179][ T7391]  ? policy_nodemask+0xea/0x4e0
[  133.592190][ T7391]  alloc_pages_mpol+0x1fc/0x540
[  133.592199][ T7391]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  133.592208][ T7391]  ? __page_table_check_ptes_set+0x16b/0x3e0
[  133.592224][ T7391]  ? do_raw_spin_lock+0x12d/0x2c0
[  133.592233][ T7391]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  133.592243][ T7391]  alloc_pages_noprof+0x131/0x390
[  133.592252][ T7391]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  133.592266][ T7391]  get_free_pages_noprof+0xc/0x40
[  133.592276][ T7391]  kasan_populate_vmalloc_pte+0x2d/0x160
[  133.592289][ T7391]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  133.592303][ T7391]  __apply_to_page_range+0x5fd/0xd30
[  133.592317][ T7391]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  133.592332][ T7391]  ? __pfx___apply_to_page_range+0x10/0x10
[  133.592346][ T7391]  ? insert_vmap_area+0x2ef/0x4d0
[  133.592358][ T7391]  alloc_vmap_area+0x93e/0x2a60
[  133.592373][ T7391]  ? __pfx_alloc_vmap_area+0x10/0x10
[  133.592387][ T7391]  __get_vm_area_node+0x19e/0x2f0
[  133.592402][ T7391]  __vmalloc_node_range_noprof+0x26a/0x1530
[  133.592415][ T7391]  ? array_map_alloc+0x27d/0x730
[  133.592425][ T7391]  ? mark_lock+0xb5/0xc60
[  133.592440][ T7391]  ? array_map_alloc+0x27d/0x730
[  133.592450][ T7391]  ? find_held_lock+0x2d/0x110
[  133.592462][ T7391]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  133.592477][ T7391]  ? apparmor_capable+0x114/0x1d0
[  133.592489][ T7391]  ? array_map_alloc+0x27d/0x730
[  133.592499][ T7391]  __bpf_map_area_alloc+0xea/0x190
[  133.592509][ T7391]  ? array_map_alloc+0x27d/0x730
[  133.592524][ T7391]  array_map_alloc+0x27d/0x730
[  133.592536][ T7391]  map_create+0x5c5/0x1d20
[  133.592552][ T7391]  ? __pfx_lock_release+0x10/0x10
[  133.592564][ T7391]  ? trace_lock_acquire+0x14e/0x1f0
[  133.592575][ T7391]  ? __pfx_map_create+0x10/0x10
[  133.592589][ T7391]  ? lock_acquire+0x2f/0xb0
[  133.592601][ T7391]  ? __might_fault+0xe3/0x190
[  133.592610][ T7391]  ? __might_fault+0xe3/0x190
[  133.592622][ T7391]  __sys_bpf+0x4391/0x49c0
[  133.592637][ T7391]  ? __pfx_lock_release+0x10/0x10
[  133.592650][ T7391]  ? __pfx___sys_bpf+0x10/0x10
[  133.592664][ T7391]  ? vfs_write+0x306/0x1150
[  133.592679][ T7391]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  133.592701][ T7391]  ? fput+0x67/0x440
[  133.592710][ T7391]  ? ksys_write+0x1ba/0x250
[  133.592722][ T7391]  ? __pfx_ksys_write+0x10/0x10
[  133.592737][ T7391]  __ia32_sys_bpf+0x76/0xe0
[  133.592746][ T7391]  __do_fast_syscall_32+0x73/0x120
[  133.592762][ T7391]  do_fast_syscall_32+0x32/0x80
[  133.592775][ T7391]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  133.592791][ T7391] RIP: 0023:0xf7f8f579
[  133.592799][ T7391] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  133.592808][ T7391] RSP: 002b:00000000f509555c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  133.592817][ T7391] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800002c0
[  133.592823][ T7391] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[  133.592837][ T7391] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  133.592843][ T7391] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  133.592848][ T7391] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  133.592859][ T7391]  </TASK>
[  134.139885][ T7398] netlink: 'syz.0.364': attribute type 1 has an invalid length.
[  134.164066][ T7398] 8021q: adding VLAN 0 to HW filter on device bond1
[  134.205398][ T7398] veth3: entered promiscuous mode
[  134.211115][ T7398] bond1: (slave veth3): Enslaving as an active interface with a down link
[  134.250159][ T7398] bond1: (slave vlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  134.861367][ T7409] netlink: 'syz.3.367': attribute type 10 has an invalid length.
[  136.457977][ T7432] netlink: 28 bytes leftover after parsing attributes in process `syz.0.375'.
[  136.460964][ T7432] netlink: 'syz.0.375': attribute type 7 has an invalid length.
[  136.463749][ T7432] netlink: 'syz.0.375': attribute type 8 has an invalid length.
[  136.466178][ T7432] netlink: 4 bytes leftover after parsing attributes in process `syz.0.375'.
[  136.470319][ T7432] syz_tun: entered promiscuous mode
[  136.472358][ T7432] erspan0: entered promiscuous mode
[  136.474443][ T7432] gretap0: entered promiscuous mode
[  136.595141][ T5969] IPVS: starting estimator thread 0...
[  136.683491][ T7440] IPVS: using max 38 ests per chain, 91200 per kthread
[  136.705468][ T7441] /dev/sr0: Can't open blockdev
[  137.569136][ T7457] openvswitch: netlink: EtherType 50a is less than min 600
[  137.727482][ T7466] netlink: 28 bytes leftover after parsing attributes in process `syz.3.385'.
[  137.730659][ T7466] netlink: 28 bytes leftover after parsing attributes in process `syz.3.385'.
[  137.737489][ T7466] gretap0: entered promiscuous mode
[  137.739643][ T7466] bond0: entered promiscuous mode
[  137.741099][ T7466] bond_slave_0: entered promiscuous mode
[  137.742733][ T7466] bond_slave_1: entered promiscuous mode
[  137.745614][ T7466] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  137.747636][ T7466] Cannot create hsr debugfs directory
[  138.083345][ T6039] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  138.243387][ T6039] usb 8-1: Using ep0 maxpacket: 8
[  138.247363][ T6039] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  138.251155][ T6039] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  138.254900][ T6039] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.762315][ T7494] uprobe: syz.0.393:7494 failed to unregister, leaking uprobe
[  140.826821][ T6039] usb 8-1: USB disconnect, device number 3
[  140.892436][ T7513] uprobe: syz.3.398:7513 failed to unregister, leaking uprobe
[  142.414374][ T7546] uprobe: syz.1.408:7546 failed to unregister, leaking uprobe
[  143.473044][ T7564] netlink: 4 bytes leftover after parsing attributes in process `syz.0.413'.
[  144.484955][ T7591] ubi31: attaching mtd0
[  144.487038][ T7591] ubi31: scanning is finished
[  144.488394][ T7591] ubi31: empty MTD device detected
[  144.552676][ T7591] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  144.555063][ T7591] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  144.557055][ T7591] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  144.558943][ T7591] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  144.560869][ T7591] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  144.562715][ T7591] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  144.565214][ T7591] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2276205157
[  144.567995][ T7591] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  144.571482][ T7596] ubi31: background thread "ubi_bgt31d" started, PID 7596
[  144.971265][ T7588] syz.3.418: vmalloc error: size 70778880, failed to allocated page array size 138240, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  144.976580][ T7588] CPU: 1 UID: 0 PID: 7588 Comm: syz.3.418 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  144.976594][ T7588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.976600][ T7588] Call Trace:
[  144.976612][ T7588]  <TASK>
[  144.976618][ T7588]  dump_stack_lvl+0x16c/0x1f0
[  144.976636][ T7588]  warn_alloc+0x24d/0x3a0
[  144.976652][ T7588]  ? __pfx_warn_alloc+0x10/0x10
[  144.976674][ T7588]  ? __get_vm_area_node+0x1b0/0x2f0
[  144.976686][ T7588]  ? __get_vm_area_node+0x1dc/0x2f0
[  144.976701][ T7588]  __vmalloc_node_range_noprof+0x1102/0x1530
[  144.976713][ T7588]  ? path_mount+0x14e6/0x1f10
[  144.976728][ T7588]  ? __ia32_sys_mount+0x28d/0x310
[  144.976741][ T7588]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  144.976760][ T7588]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  144.976777][ T7588]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  144.976792][ T7588]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  144.976806][ T7588]  vmalloc_user_noprof+0x6b/0x90
[  144.976819][ T7588]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  144.976837][ T7588]  vb2_vmalloc_alloc+0x11e/0x3d0
[  144.976860][ T7588]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  144.976876][ T7588]  __vb2_queue_alloc+0x896/0x1230
[  144.976897][ T7588]  vb2_core_reqbufs+0xa73/0xfb0
[  144.976914][ T7588]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  144.976935][ T7588]  __vb2_init_fileio+0x3f3/0x1110
[  144.976949][ T7588]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  144.976963][ T7588]  ? p9_pollwait+0x184/0x200
[  144.976980][ T7588]  vb2_core_poll+0x5ec/0x700
[  144.976995][ T7588]  vb2_poll+0x33/0x150
[  144.977008][ T7588]  vb2_fop_poll+0x10f/0x2c0
[  144.977022][ T7588]  ? __pfx_vb2_fop_poll+0x10/0x10
[  144.977034][ T7588]  v4l2_poll+0x160/0x320
[  144.977044][ T7588]  ? __pfx_v4l2_poll+0x10/0x10
[  144.977055][ T7588]  p9_fd_poll+0x10e/0x2c0
[  144.977070][ T7588]  p9_conn_create+0x3cd/0x550
[  144.977085][ T7588]  p9_fd_create+0x323/0x490
[  144.977099][ T7588]  ? __pfx_p9_fd_create+0x10/0x10
[  144.977114][ T7588]  ? p9_client_create+0x7cf/0x1200
[  144.977129][ T7588]  p9_client_create+0x836/0x1200
[  144.977142][ T7588]  ? lockdep_hardirqs_on+0x7c/0x110
[  144.977157][ T7588]  ? __pfx_p9_client_create+0x10/0x10
[  144.977172][ T7588]  ? rcu_is_watching+0x12/0xc0
[  144.977184][ T7588]  ? trace_kmalloc+0x2d/0xd0
[  144.977197][ T7588]  ? __raw_spin_lock_init+0x3a/0x110
[  144.977208][ T7588]  v9fs_session_init+0x1f8/0x1a80
[  144.977226][ T7588]  ? __pfx_v9fs_session_init+0x10/0x10
[  144.977246][ T7588]  v9fs_mount+0xc6/0xa30
[  144.977259][ T7588]  ? __pfx_v9fs_mount+0x10/0x10
[  144.977273][ T7588]  ? apparmor_capable+0x114/0x1d0
[  144.977284][ T7588]  ? __pfx_v9fs_mount+0x10/0x10
[  144.977297][ T7588]  legacy_get_tree+0x109/0x220
[  144.977312][ T7588]  vfs_get_tree+0x8b/0x340
[  144.977323][ T7588]  path_mount+0x14e6/0x1f10
[  144.977338][ T7588]  ? kmem_cache_free+0x2e2/0x4d0
[  144.977352][ T7588]  ? __pfx_path_mount+0x10/0x10
[  144.977368][ T7588]  ? putname+0x13c/0x180
[  144.977380][ T7588]  __ia32_sys_mount+0x28d/0x310
[  144.977389][ T7588]  ? __pfx___ia32_sys_mount+0x10/0x10
[  144.977402][ T7588]  __do_fast_syscall_32+0x73/0x120
[  144.977421][ T7588]  do_fast_syscall_32+0x32/0x80
[  144.977435][ T7588]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  144.977452][ T7588] RIP: 0023:0xf7f8f579
[  144.977460][ T7588] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  144.977469][ T7588] RSP: 002b:00000000f507455c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  144.977478][ T7588] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800001c0
[  144.977484][ T7588] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 00000000800002c0
[  144.977490][ T7588] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  144.977495][ T7588] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  144.977500][ T7588] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  144.977512][ T7588]  </TASK>
[  144.977552][ T7588] Mem-Info:
[  145.143331][ T7588] active_anon:4231 inactive_anon:3117 isolated_anon:0
[  145.143331][ T7588]  active_file:6530 inactive_file:6430 isolated_file:0
[  145.143331][ T7588]  unevictable:1768 dirty:230 writeback:0
[  145.143331][ T7588]  slab_reclaimable:6295 slab_unreclaimable:60302
[  145.143331][ T7588]  mapped:25762 shmem:6044 pagetables:819
[  145.143331][ T7588]  sec_pagetables:302 bounce:0
[  145.143331][ T7588]  kernel_misc_reclaimable:0
[  145.143331][ T7588]  free:58562 free_pcp:7685 free_cma:0
[  145.156745][ T7588] Node 0 active_anon:348kB inactive_anon:2624kB active_file:4kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:3496kB dirty:0kB writeback:0kB shmem:6376kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9560kB pagetables:1028kB sec_pagetables:1124kB all_unreclaimable? no
[  145.174015][ T7588] Node 1 active_anon:9368kB inactive_anon:9464kB active_file:26132kB inactive_file:25708kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:99580kB dirty:920kB writeback:0kB shmem:10340kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2476kB pagetables:2268kB sec_pagetables:84kB all_unreclaimable? no
[  145.183315][ T7588] Node 0 DMA free:2332kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:4kB inactive_anon:76kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:388kB local_pcp:212kB free_cma:0kB
[  145.190762][ T7588] lowmem_reserve[]: 0 294 294 294 294
[  145.271374][ T7588] Node 0 DMA32 free:18792kB boost:2048kB min:15608kB low:18996kB high:22384kB reserved_highatomic:2048KB active_anon:7320kB inactive_anon:2488kB active_file:4kB inactive_file:12kB unevictable:3536kB writepending:0kB present:1032196kB managed:301724kB mlocked:0kB bounce:0kB free_pcp:2640kB local_pcp:2104kB free_cma:0kB
[  145.280439][ T7588] lowmem_reserve[]: 0 0 0 0 0
[  145.360258][ T7588] Node 1 DMA32 free:220492kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:6144KB active_anon:25136kB inactive_anon:9464kB active_file:26132kB inactive_file:25708kB unevictable:3536kB writepending:920kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:4920kB local_pcp:1552kB free_cma:0kB
[  145.369613][ T7588] lowmem_reserve[]: 0 0 0 0 0
[  145.374754][ T7588] Node 0 DMA: 9*4kB (UM) 7*8kB (UM) 9*16kB (UM) 5*32kB (UM) 7*64kB (UM) 2*128kB (UM) 2*256kB (UM) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 2124kB
[  145.383323][ T7588] Node 0 DMA32: 16*4kB (H) 73*8kB (UMEH) 34*16kB (UEH) 68*32kB (MEH) 78*64kB (UMEH) 37*128kB (MEH) 16*256kB (UMEH) 3*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 18728kB
[  145.387841][ T7588] Node 1 DMA32: 151*4kB (UME) 125*8kB (UME) 408*16kB (UME) 316*32kB (UMEH) 364*64kB (UMEH) 131*128kB (UMEH) 77*256kB (UMEH) 62*512kB (UM) 46*1024kB (UM) 21*2048kB (UMH) 5*4096kB (UM) = 220356kB
[  145.393026][ T7588] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  145.396703][ T7588] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  145.399475][ T7588] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  145.402080][ T7588] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  145.404701][ T7588] 23163 total pagecache pages
[  145.406025][ T7588] 338 pages in swap cache
[  145.407232][ T7588] Free swap  = 101972kB
[  145.408415][ T7588] Total swap = 124996kB
[  145.409577][ T7588] 524155 pages RAM
[  145.410811][ T7588] 0 pages HighMem/MovableOnly
[  145.412187][ T7588] 207821 pages reserved
[  145.413454][ T7588] 0 pages cma reserved
[  146.323814][ T7635] netlink: 24 bytes leftover after parsing attributes in process `syz.0.435'.
[  147.200486][ T7632] uprobe: syz.1.434:7632 failed to unregister, leaking uprobe
[  148.020112][ T7661] fuse: Bad value for 'rootmode'
[  148.941870][ T7672] netlink: 'syz.0.444': attribute type 4 has an invalid length.
[  149.888723][ T7682] uprobe: syz.2.450:7682 failed to unregister, leaking uprobe
[  149.922559][ T7694] netlink: 36 bytes leftover after parsing attributes in process `syz.1.452'.
[  149.925258][ T7694] netlink: 16 bytes leftover after parsing attributes in process `syz.1.452'.
[  149.927710][ T7694] netlink: 36 bytes leftover after parsing attributes in process `syz.1.452'.
[  149.930363][ T7694] netlink: 36 bytes leftover after parsing attributes in process `syz.1.452'.
[  150.173045][ T7699] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  150.223745][ T7703] netlink: 'syz.3.456': attribute type 2 has an invalid length.
[  150.225991][ T7703] netlink: 'syz.3.456': attribute type 11 has an invalid length.
[  150.228201][ T7703] netlink: 132 bytes leftover after parsing attributes in process `syz.3.456'.
[  150.271709][   T40] audit: type=1804 audit(1742399120.796:4): pid=7707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.458" name="/newroot/108/file0" dev="tmpfs" ino=603 res=1 errno=0
[  151.241056][ T7724] Cannot find set identified by id 0 to match
[  151.742118][ T7714] uprobe: syz.0.461:7714 failed to unregister, leaking uprobe
[  151.915780][ T7732] qrtr: Invalid version 0
[  152.031717][ T7740] netlink: 'syz.1.469': attribute type 10 has an invalid length.
[  152.034688][ T7740] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.036873][ T7740] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.043200][ T7740] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.045494][ T7740] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.048063][ T7740] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.050160][ T7740] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.056221][ T7740] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  153.308255][ T7752] uprobe: syz.2.474:7752 failed to unregister, leaking uprobe
[  153.754074][ T1104] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  153.756528][ T1104] ata1: failed to read log page 10h (errno=-5)
[  153.760131][ T1104] ata1.00: exception Emask 0x1 SAct 0x1 SErr 0x0 action 0x0
[  153.763015][ T1104] ata1.00: irq_stat 0x40000000
[  153.765037][ T1104] ata1.00: failed command: WRITE FPDMA QUEUED
[  153.767226][ T1104] ata1.00: cmd 61/18:00:fa:07:10/00:00:00:00:00/40 tag 0 ncq dma 12288 out
[  153.767226][ T1104]          res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  153.773745][ T1104] ata1.00: status: { DRDY }
[  153.776143][ T1104] ata1.00: configured for UDMA/100
[  153.778250][ T1104] ata1: EH complete
[  153.986165][ T7787] netlink: 'syz.2.482': attribute type 3 has an invalid length.
[  153.988409][ T7787] netlink: 'syz.2.482': attribute type 3 has an invalid length.
[  153.996738][ T7787] netlink: 16 bytes leftover after parsing attributes in process `syz.2.482'.
[  154.077350][ T7793] bond0: (slave bond_slave_0): Releasing backup interface
[  154.084896][ T7793] bond0: (slave bond_slave_1): Releasing backup interface
[  154.100858][ T7793] team0: Port device team_slave_0 removed
[  154.107988][ T7793] team0: Port device team_slave_1 removed
[  154.110979][ T7793] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  154.113093][ T7793] batman_adv: batadv0: Removing interface: batadv_slave_0
[  154.116575][ T7793] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  154.118682][ T7793] batman_adv: batadv0: Removing interface: batadv_slave_1
[  154.313729][ T7796] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6
[  155.763870][ T5969] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  155.769876][ T7825] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  155.807140][ T7830] netlink: 4 bytes leftover after parsing attributes in process `syz.3.493'.
[  155.883689][ T7837] tmpfs: Cannot disable swap on remount
[  155.951149][ T7846] netlink: 24 bytes leftover after parsing attributes in process `syz.1.497'.
[  156.242729][ T7815] uprobe: syz.0.490:7815 failed to unregister, leaking uprobe
[  162.987346][ T7883] netlink: 16 bytes leftover after parsing attributes in process `syz.2.501'.
[  163.449954][ T7895] FAULT_INJECTION: forcing a failure.
[  163.449954][ T7895] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  163.453548][ T7895] CPU: 2 UID: 0 PID: 7895 Comm: syz.1.505 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  163.453562][ T7895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.453568][ T7895] Call Trace:
[  163.453571][ T7895]  <TASK>
[  163.453575][ T7895]  dump_stack_lvl+0x16c/0x1f0
[  163.453593][ T7895]  should_fail_ex+0x50a/0x650
[  163.453605][ T7895]  _copy_from_user+0x2e/0xd0
[  163.453616][ T7895]  rfkill_fop_write+0x11f/0x570
[  163.453632][ T7895]  ? __pfx_rfkill_fop_write+0x10/0x10
[  163.453647][ T7895]  ? bpf_lsm_inode_getlsmprop+0x10/0x10
[  163.453663][ T7895]  ? security_file_permission+0x71/0x210
[  163.453677][ T7895]  ? rw_verify_area+0xcf/0x680
[  163.453690][ T7895]  ? __pfx_rfkill_fop_write+0x10/0x10
[  163.453704][ T7895]  vfs_write+0x24c/0x1150
[  163.453718][ T7895]  ? __fget_files+0x1fc/0x3a0
[  163.453732][ T7895]  ? __pfx_lock_release+0x10/0x10
[  163.453746][ T7895]  ? __pfx_vfs_write+0x10/0x10
[  163.453760][ T7895]  ? lock_acquire+0x2f/0xb0
[  163.453772][ T7895]  ? __fget_files+0x40/0x3a0
[  163.453787][ T7895]  ? __fget_files+0x206/0x3a0
[  163.453804][ T7895]  ksys_write+0x207/0x250
[  163.453816][ T7895]  ? __pfx_ksys_write+0x10/0x10
[  163.453833][ T7895]  __do_fast_syscall_32+0x73/0x120
[  163.453848][ T7895]  do_fast_syscall_32+0x32/0x80
[  163.453862][ T7895]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  163.453879][ T7895] RIP: 0023:0xf7ff5579
[  163.453886][ T7895] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  163.453895][ T7895] RSP: 002b:00000000f511655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  163.453905][ T7895] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000080
[  163.453911][ T7895] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000
[  163.453916][ T7895] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  163.453921][ T7895] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  163.453927][ T7895] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  163.453937][ T7895]  </TASK>
[  165.124191][ T7908] uprobe: syz.2.508:7908 failed to unregister, leaking uprobe
[  166.053124][ T7945] block device autoloading is deprecated and will be removed.
[  166.891590][ T7959] netlink: 28 bytes leftover after parsing attributes in process `syz.2.522'.
[  167.522563][ T7969] ata1.00: invalid multi_count 128 ignored
[  167.576754][ T7955] uprobe: syz.0.523:7955 failed to unregister, leaking uprobe
[  170.116100][ T5955] Bluetooth: hci2: command 0x0406 tx timeout
[  170.117888][ T5296] Bluetooth: hci0: command 0x0406 tx timeout
[  170.847119][ T8015] uprobe: syz.2.538:8015 failed to unregister, leaking uprobe
[  171.715768][ T8048] netlink: 8 bytes leftover after parsing attributes in process `syz.1.547'.
[  171.718953][ T8048] netlink: 8 bytes leftover after parsing attributes in process `syz.1.547'.
[  171.955963][ T8057] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  171.963219][ T8057] xt_TPROXY: Can be used only with -p tcp or -p udp
[  173.074179][ T8083] ALSA: mixer_oss: invalid OSS volume 'DIG�TAL1'
[  173.402356][ T8067] uprobe: syz.0.552:8067 failed to unregister, leaking uprobe
[  173.829538][   T40] audit: type=1326 audit(1742399144.356:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8087 comm="syz.0.557" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  173.840197][   T40] audit: type=1326 audit(1742399144.356:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8087 comm="syz.0.557" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  173.848502][   T40] audit: type=1326 audit(1742399144.356:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8087 comm="syz.0.557" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  173.857665][   T40] audit: type=1326 audit(1742399144.356:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8087 comm="syz.0.557" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  173.865568][   T40] audit: type=1326 audit(1742399144.356:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8087 comm="syz.0.557" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  173.873077][   T40] audit: type=1326 audit(1742399144.356:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8087 comm="syz.0.557" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  173.881559][   T40] audit: type=1326 audit(1742399144.356:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8087 comm="syz.0.557" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  173.889312][   T40] audit: type=1326 audit(1742399144.356:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8087 comm="syz.0.557" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  173.900306][   T40] audit: type=1326 audit(1742399144.356:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8087 comm="syz.0.557" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000
[  173.908862][   T40] audit: type=1326 audit(1742399144.356:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8087 comm="syz.0.557" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000
[  173.993690][ T8092] FAULT_INJECTION: forcing a failure.
[  173.993690][ T8092] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.997351][ T8092] CPU: 2 UID: 0 PID: 8092 Comm: syz.0.558 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  173.997364][ T8092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  173.997370][ T8092] Call Trace:
[  173.997373][ T8092]  <TASK>
[  173.997377][ T8092]  dump_stack_lvl+0x16c/0x1f0
[  173.997413][ T8092]  should_fail_ex+0x50a/0x650
[  173.997425][ T8092]  _copy_from_user+0x2e/0xd0
[  173.997437][ T8092]  do_compat_sigaltstack+0xf7/0x310
[  173.997449][ T8092]  ? __pfx_do_compat_sigaltstack+0x10/0x10
[  173.997459][ T8092]  ? ia32_restore_sigcontext+0x416/0x5d0
[  173.997474][ T8092]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  173.997492][ T8092]  ? _raw_spin_unlock_irq+0x23/0x50
[  173.997505][ T8092]  ? lockdep_hardirqs_on+0x7c/0x110
[  173.997520][ T8092]  compat_restore_altstack+0x17/0x40
[  173.997531][ T8092]  __do_compat_sys_rt_sigreturn+0x197/0x1f0
[  173.997546][ T8092]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  173.997564][ T8092]  do_int80_emulation+0x104/0x200
[  173.997579][ T8092]  asm_int80_emulation+0x1a/0x20
[  173.997593][ T8092] RIP: 0023:0xf73de577
[  173.997600][ T8092] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  173.997609][ T8092] RSP: 002b:00000000f506655c EFLAGS: 00000296
[  173.997618][ T8092] RAX: 0000000000000091 RBX: 0000000000000004 RCX: 00000000800001c0
[  173.997623][ T8092] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[  173.997628][ T8092] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  173.997633][ T8092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  173.997639][ T8092] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  173.997649][ T8092]  </TASK>
[  174.120139][ T8099] netlink: 156 bytes leftover after parsing attributes in process `syz.2.560'.
[  174.682849][ T8113] vlan0: entered promiscuous mode
[  174.691054][ T8113] team0: Port device vlan0 added
[  175.409392][ T8135] =======================================================
[  175.409392][ T8135] WARNING: The mand mount option has been deprecated and
[  175.409392][ T8135]          and is ignored by this kernel. Remove the mand
[  175.409392][ T8135]          option from the mount to silence this warning.
[  175.409392][ T8135] =======================================================
[  175.434802][ T8134] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  175.438961][ T8109] uprobe: syz.3.565:8109 failed to unregister, leaking uprobe
[  175.439051][ T8134] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  175.975383][ T8142] vxcan3: entered promiscuous mode
[  175.976971][ T8142] vxcan3: entered allmulticast mode
[  177.567479][ T8170] /dev/sr0: Can't open blockdev
[  177.766379][ T8165] uprobe: syz.1.581:8165 failed to unregister, leaking uprobe
[  178.006438][ T8182] netlink: 40 bytes leftover after parsing attributes in process `syz.0.586'.
[  179.541220][ T8221] bond0: (slave bridge0): Releasing backup interface
[  179.550405][ T8221] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.552386][ T8221] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.558544][ T8221] bridge_slave_0: left allmulticast mode
[  179.560131][ T8221] bridge_slave_0: left promiscuous mode
[  179.561774][ T8221] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.565391][ T8221] bridge_slave_1: left allmulticast mode
[  179.566978][ T8221] bridge_slave_1: left promiscuous mode
[  179.568576][ T8221] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.572080][ T8221] bond0: (slave bond_slave_0): Releasing backup interface
[  179.577027][ T8221] bond0: (slave bond_slave_1): Releasing backup interface
[  179.587388][ T8221] team0: Port device team_slave_0 removed
[  179.591510][ T8221] team0: Port device team_slave_1 removed
[  179.593670][ T8221] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  179.595883][ T8221] batman_adv: batadv0: Removing interface: batadv_slave_0
[  179.598643][ T8221] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  179.600880][ T8221] batman_adv: batadv0: Removing interface: batadv_slave_1
[  179.608374][ T8221] team0: Port device vlan0 removed
[  179.611736][ T8221] bond0: (slave netdevsim0): Releasing backup interface
[  179.705923][ T8221] team0: Mode changed to "broadcast"
[  179.713375][ T8221] team0: Port device vlan0 added
[  179.729820][ T8221] tipc: Started in network mode
[  179.731268][ T8221] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  179.734968][ T8221] tipc: Enabled bearer <eth:team0>, priority 0
[  180.855322][   T10] tipc: Node number set to 11578026
[  180.893453][ T8228] uprobe: syz.1.595:8228 failed to unregister, leaking uprobe
[  184.641708][ T8288] uprobe: syz.1.610:8288 failed to unregister, leaking uprobe
[  186.633727][ T8324] uprobe: syz.3.621:8324 failed to unregister, leaking uprobe
[  187.861330][ T8360] netlink: 'syz.3.629': attribute type 1 has an invalid length.
[  187.886373][ T8360] 8021q: adding VLAN 0 to HW filter on device bond1
[  188.137119][ T8360] veth3: entered promiscuous mode
[  188.141145][ T8360] bond1: (slave veth3): Enslaving as an active interface with a down link
[  188.146255][ T8363] bond1: (slave vlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  188.383505][ T8369] tmpfs: Bad value for 'mpol'
[  188.432781][ T8352] uprobe: syz.1.627:8352 failed to unregister, leaking uprobe
[  189.058541][   T40] kauditd_printk_skb: 44 callbacks suppressed
[  189.058552][   T40] audit: type=1800 audit(1742399159.586:59): pid=8383 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.635" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  192.372192][ T8396] uprobe: syz.0.639:8396 failed to unregister, leaking uprobe
[  192.375335][ T8403] uprobe: syz.1.642:8403 failed to unregister, leaking uprobe
[  193.647715][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  198.542711][ T8498] /dev/nullb0: Can't open blockdev
[  198.843986][ T8489] /dev/sr0: Can't open blockdev
[  200.366084][ T8518] team0: Mode changed to "broadcast"
[  200.372169][ T8518] vlan0: entered promiscuous mode
[  200.389789][ T8518] team0: Port device vlan0 added
[  200.525262][ T8518] tipc: Started in network mode
[  200.526781][ T8518] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  200.528830][ T8518] tipc: Enabled bearer <eth:team0>, priority 0
[  201.535114][ T5982] tipc: Node number set to 11578026
[  202.158721][ T8526] uprobe: syz.1.678:8526 failed to unregister, leaking uprobe
[  202.316460][ T8551] syz.0.682: attempt to access beyond end of device
[  202.316460][ T8551] loop0: rw=6144, sector=128, nr_sectors = 8 limit=0
[  202.321615][ T8551] gfs2: error -5 reading superblock
[  207.410405][ T8627] netlink: 'syz.1.709': attribute type 10 has an invalid length.
[  207.414344][ T8627] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  207.418050][ T8627] netlink: 4 bytes leftover after parsing attributes in process `syz.1.709'.
[  207.430194][ T8627] bond0: (slave bridge0): Releasing backup interface
[  207.889573][ T8619] uprobe: syz.2.700:8619 failed to unregister, leaking uprobe
[  211.081069][ T8680] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  211.693390][   T10] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  211.854412][   T10] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  211.860335][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  211.863539][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  211.866702][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  211.870370][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  211.874241][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  211.877803][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  211.881949][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  211.885494][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  211.889349][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  211.893458][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  211.896454][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  211.899550][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  211.905993][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  211.909195][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  211.912388][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  211.918215][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  211.921167][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  211.924314][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  211.928703][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  211.931544][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  211.935097][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  211.938941][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  211.942259][   T10] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  211.945797][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  211.949971][   T10] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  211.953432][   T10] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  211.956226][   T10] usb 6-1: Product: syz
[  211.957985][   T10] usb 6-1: Manufacturer: syz
[  211.959685][   T10] usb 6-1: SerialNumber: syz
[  211.962743][   T10] usb 6-1: config 0 descriptor??
[  211.967960][   T10] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  212.177940][   T36] usb 6-1: USB disconnect, device number 2
[  212.186291][   T36] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  213.189451][ T8712] syz.3.723: attempt to access beyond end of device
[  213.189451][ T8712] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  214.488299][ T8715] uprobe: syz.0.724:8715 failed to unregister, leaking uprobe
[  214.582187][ T8738] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  215.400265][ T8758] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  216.204602][ T8774] Invalid ELF header magic: != ELF
[  217.233457][ T8778] uprobe: syz.1.739:8778 failed to unregister, leaking uprobe
[  218.548953][ T8831] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  218.558891][ T8831] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  219.659043][   T40] audit: type=1326 audit(1742399190.166:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8839 comm="syz.3.755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f8f579 code=0x7ffc0000
[  219.729337][   T40] audit: type=1326 audit(1742399190.166:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8839 comm="syz.3.755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f8f579 code=0x7ffc0000
[  219.737143][   T40] audit: type=1326 audit(1742399190.166:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8839 comm="syz.3.755" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f8f579 code=0x7ffc0000
[  219.744853][   T40] audit: type=1326 audit(1742399190.166:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8839 comm="syz.3.755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f8f579 code=0x7ffc0000
[  219.752095][   T40] audit: type=1326 audit(1742399190.166:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8839 comm="syz.3.755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f8f579 code=0x7ffc0000
[  219.759613][   T40] audit: type=1326 audit(1742399190.166:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8839 comm="syz.3.755" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f8f579 code=0x7ffc0000
[  219.767163][   T40] audit: type=1326 audit(1742399190.166:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8839 comm="syz.3.755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f8f579 code=0x7ffc0000
[  219.774623][   T40] audit: type=1326 audit(1742399190.166:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8839 comm="syz.3.755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f8f579 code=0x7ffc0000
[  219.781772][   T40] audit: type=1326 audit(1742399190.166:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8839 comm="syz.3.755" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7f8f579 code=0x7ffc0000
[  219.789375][   T40] audit: type=1326 audit(1742399190.166:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8839 comm="syz.3.755" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f8f579 code=0x7ffc0000
[  219.851153][ T8833] uprobe: syz.2.753:8833 failed to unregister, leaking uprobe
[  220.071229][ T8856] netlink: 24 bytes leftover after parsing attributes in process `syz.0.758'.
[  220.127625][ T8857] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  220.423187][ T8863] netlink: 8 bytes leftover after parsing attributes in process `syz.3.761'.
[  222.289369][ T5357] udevd[5357]: worker [8689] terminated by signal 33 (Unknown signal 33)
[  222.291759][ T5357] udevd[5357]: worker [8689] failed while handling '/devices/serio2'
[  223.558140][ T8905] uprobe: syz.3.774:8905 failed to unregister, leaking uprobe
[  223.792578][ T8909] uprobe: syz.1.775:8909 failed to unregister, leaking uprobe
[  226.068482][ T8950] uprobe: syz.2.786:8950 failed to unregister, leaking uprobe
[  226.570646][ T8973] netlink: 4 bytes leftover after parsing attributes in process `syz.2.790'.
[  226.599580][ T8973] netlink: 24 bytes leftover after parsing attributes in process `syz.2.790'.
[  227.513874][ T8981] vxcan0: tx drop: invalid sa for name 0x0000000000000003
[  227.553489][ T8988] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  227.590829][ T8983] /dev/nullb0: Can't open blockdev
[  228.509877][ T9004] netlink: 28 bytes leftover after parsing attributes in process `syz.3.800'.
[  228.514470][ T9004] netlink: 'syz.3.800': attribute type 7 has an invalid length.
[  228.517386][ T9004] netlink: 'syz.3.800': attribute type 8 has an invalid length.
[  228.520250][ T9004] netlink: 4 bytes leftover after parsing attributes in process `syz.3.800'.
[  228.524044][ T5944] Bluetooth: hci3: command 0x040f tx timeout
[  228.532554][ T9004] syz_tun: entered promiscuous mode
[  228.536001][ T9004] erspan0: entered promiscuous mode
[  228.538579][ T9004] syz_tun: left promiscuous mode
[  228.540640][ T9004] erspan0: left promiscuous mode
[  228.690854][   T40] kauditd_printk_skb: 19 callbacks suppressed
[  228.690864][   T40] audit: type=1326 audit(1742399199.216:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.3.801" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f8f579 code=0x0
[  228.698558][   T40] audit: type=1326 audit(1742399199.216:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.3.801" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f8f579 code=0x0
[  229.077222][ T8993] uprobe: syz.2.798:8993 failed to unregister, leaking uprobe
[  229.158229][ T9014] vlan0: entered allmulticast mode
[  229.160704][ T9014] bridge0: port 3(vlan0) entered blocking state
[  229.162529][ T9014] bridge0: port 3(vlan0) entered disabled state
[  229.166201][ T9014] vlan0: entered promiscuous mode
[  229.168736][ T9014] bridge0: port 3(vlan0) entered blocking state
[  229.170747][ T9014] bridge0: port 3(vlan0) entered forwarding state
[  231.040532][ T9041] netlink: 28 bytes leftover after parsing attributes in process `syz.2.810'.
[  231.043075][ T9041] netlink: 28 bytes leftover after parsing attributes in process `syz.2.810'.
[  231.047154][ T9041] gretap0: entered promiscuous mode
[  231.049090][ T9041] bond0: entered promiscuous mode
[  231.050884][ T9041] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  231.052998][ T9041] Cannot create hsr debugfs directory
[  231.054631][ T9041] hsr1: Slave B (bond0) is not up; please bring it up to get a fully working HSR network
[  232.111720][ T9046] uprobe: syz.2.813:9046 failed to unregister, leaking uprobe
[  235.324937][ T9113] capability: warning: `syz.2.830' uses 32-bit capabilities (legacy support in use)
[  235.583381][   T36] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  235.651368][ T9103] uprobe: syz.3.827:9103 failed to unregister, leaking uprobe
[  235.766123][   T36] usb 7-1: config 1 interface 0 altsetting 3 bulk endpoint 0x1 has invalid maxpacket 1024
[  235.768935][   T36] usb 7-1: config 1 interface 0 altsetting 3 bulk endpoint 0x82 has invalid maxpacket 8
[  235.771574][   T36] usb 7-1: config 1 interface 0 has no altsetting 0
[  235.776477][   T36] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  235.779047][   T36] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.781310][   T36] usb 7-1: Product: 殙៎⩁뢫꣤漢曲⦘蝵駝뜭洞槊롈㩆䓧㭸斸⵨堿耇럖ꋎ㢧⌁؏ݓ⤣펱៿颉垆
[  235.785373][   T36] usb 7-1: SerialNumber: syz
[  235.788478][ T9113] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  235.790337][ T9113] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  235.995839][ T9113] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.998573][ T9113] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  236.012339][   T36] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 3 proto 1 vid 0x0525 pid 0xA4A8
[  236.022481][   T36] usb 7-1: USB disconnect, device number 4
[  236.026477][   T36] usblp0: removed
[  238.050398][   T40] audit: type=1326 audit(1742399208.466:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9153 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7fc00000
[  238.352194][ T9139] uprobe: syz.1.839:9139 failed to unregister, leaking uprobe
[  238.669264][   T40] audit: type=1326 audit(1742399209.196:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9153 comm="syz.2.841" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fb5579 code=0x7fc00000
[  239.442981][ T9187] random: crng reseeded on system resumption
[  239.517522][ T9191] loop2: detected capacity change from 0 to 7
[  239.520550][ T9191] Dev loop2: unable to read RDB block 7
[  239.522203][ T9191]  loop2: unable to read partition table
[  239.524826][ T9191] loop2: partition table beyond EOD, truncated
[  239.543488][ T9191] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  239.993925][ T9206] netlink: 4 bytes leftover after parsing attributes in process `syz.2.856'.
[  240.866458][ T9207] uprobe: syz.2.857:9207 failed to unregister, leaking uprobe
[  242.995578][ T9253] uprobe: syz.2.872:9253 failed to unregister, leaking uprobe
[  243.174662][ T5948] Bluetooth: hci0: SCO packet for unknown connection handle 200
[  244.541728][ T9287] uprobe: syz.1.885:9287 failed to unregister, leaking uprobe
[  245.467825][ T9320] netlink: 1280 bytes leftover after parsing attributes in process `syz.3.893'.
[  245.470257][ T9320] openvswitch: netlink: Flow actions attr not present in new flow.
[  246.023941][ T9310] uprobe: syz.2.891:9310 failed to unregister, leaking uprobe
[  246.145362][ T9331] tmpfs: Bad value for 'mpol'
[  248.889997][ T9352] uprobe: syz.2.903:9352 failed to unregister, leaking uprobe
[  250.780121][ T9407] fuse: Bad value for 'rootmode'
[  251.394105][ T9401] uprobe: syz.2.917:9401 failed to unregister, leaking uprobe
[  251.579273][ T9414] bridge0: port 3(syz_tun) entered blocking state
[  251.582100][ T9414] bridge0: port 3(syz_tun) entered disabled state
[  251.587148][ T9414] syz_tun: entered allmulticast mode
[  251.589916][ T9414] syz_tun: left allmulticast mode
[  251.719368][ T9420] netlink: 24 bytes leftover after parsing attributes in process `syz.1.923'.
[  254.215748][ T9459] uprobe: syz.2.932:9459 failed to unregister, leaking uprobe
[  255.075869][ T1414] ieee802154 phy1 wpan1: encryption failed: -22
[  255.293318][ T6003] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  255.443458][ T6003] usb 6-1: Using ep0 maxpacket: 8
[  255.446924][ T6003] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  255.449716][ T6003] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  255.452252][ T6003] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.867757][ T9538] uprobe: syz.0.956:9538 failed to unregister, leaking uprobe
[  258.002824][ T5969] usb 6-1: USB disconnect, device number 3
[  258.502340][ T9567] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  259.754872][ T9583] geneve2: entered promiscuous mode
[  259.794983][ T9587] netlink: 20 bytes leftover after parsing attributes in process `syz.1.969'.
[  260.690462][ T9589] uprobe: syz.1.970:9589 failed to unregister, leaking uprobe
[  262.840209][ T9642] netlink: 36 bytes leftover after parsing attributes in process `syz.0.982'.
[  262.842905][ T9642] netlink: 16 bytes leftover after parsing attributes in process `syz.0.982'.
[  262.846297][ T9642] netlink: 36 bytes leftover after parsing attributes in process `syz.0.982'.
[  262.849424][ T9642] netlink: 36 bytes leftover after parsing attributes in process `syz.0.982'.
[  263.377962][ T9636] uprobe: syz.3.981:9636 failed to unregister, leaking uprobe
[  264.010774][ T9659] netlink: 32 bytes leftover after parsing attributes in process `syz.0.987'.
[  264.017096][ T9659] tmpfs: Unknown parameter 'usrquota@'
[  264.029154][ T9659] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  264.123515][ T9666] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  266.276043][ T9688] uprobe: syz.1.994:9688 failed to unregister, leaking uprobe
[  267.108600][ T9717] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  269.068922][ T9747] fuse: Bad value for 'fd'
[  269.116909][ T9750] geneve2: entered promiscuous mode
[  269.246871][ T9747] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  269.252179][ T9747] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  269.280365][ T9747] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  269.284197][ T9747] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  269.291244][ T9747] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  269.293178][ T9747] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  269.810746][ T9743] uprobe: syz.1.1007:9743 failed to unregister, leaking uprobe
[  271.303345][ T9789] loop6: detected capacity change from 524288000 to 0
[  272.755723][ T9803] uprobe: syz.0.1022:9803 failed to unregister, leaking uprobe
[  275.712685][ T9846] uprobe: syz.1.1034:9846 failed to unregister, leaking uprobe
[  276.916205][ T9867] fuse: Bad value for 'rootmode'
[  278.526617][ T9913] netlink: 'syz.3.1045': attribute type 4 has an invalid length.
[  279.468634][ T9915] uprobe: syz.0.1046:9915 failed to unregister, leaking uprobe
[  281.254933][ T9942] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  281.444282][ T9957] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1053'.
[  281.447938][ T9957] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1053'.
[  281.450942][ T9957] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1053'.
[  281.453532][ T9957] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1053'.
[  281.943221][ T9953] syz.0.1054: vmalloc error: size 70778880, failed to allocated page array size 138240, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  281.958812][ T9953] CPU: 1 UID: 0 PID: 9953 Comm: syz.0.1054 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  281.958826][ T9953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  281.958832][ T9953] Call Trace:
[  281.958835][ T9953]  <TASK>
[  281.958840][ T9953]  dump_stack_lvl+0x16c/0x1f0
[  281.958859][ T9953]  warn_alloc+0x24d/0x3a0
[  281.958875][ T9953]  ? __pfx_warn_alloc+0x10/0x10
[  281.958894][ T9953]  ? __get_vm_area_node+0x1b0/0x2f0
[  281.958907][ T9953]  ? __get_vm_area_node+0x1dc/0x2f0
[  281.958922][ T9953]  __vmalloc_node_range_noprof+0x1102/0x1530
[  281.958935][ T9953]  ? path_mount+0x14e6/0x1f10
[  281.958950][ T9953]  ? __ia32_sys_mount+0x28d/0x310
[  281.958962][ T9953]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  281.958980][ T9953]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  281.958998][ T9953]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  281.959013][ T9953]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  281.959027][ T9953]  vmalloc_user_noprof+0x6b/0x90
[  281.959040][ T9953]  ? vb2_vmalloc_alloc+0x11e/0x3d0
[  281.959055][ T9953]  vb2_vmalloc_alloc+0x11e/0x3d0
[  281.959069][ T9953]  ? __vb2_queue_alloc+0xc39/0x1230
[  281.959083][ T9953]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  281.959098][ T9953]  __vb2_queue_alloc+0x896/0x1230
[  281.959118][ T9953]  vb2_core_reqbufs+0xa73/0xfb0
[  281.959138][ T9953]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  281.959160][ T9953]  __vb2_init_fileio+0x3f3/0x1110
[  281.959176][ T9953]  ? vb2_get_num_buffers+0xc/0x90
[  281.959188][ T9953]  ? vb2_get_num_buffers+0x31/0x90
[  281.959203][ T9953]  vb2_core_poll+0x5ec/0x700
[  281.959219][ T9953]  vb2_poll+0x33/0x150
[  281.959232][ T9953]  vb2_fop_poll+0x10f/0x2c0
[  281.959246][ T9953]  ? __pfx_vb2_fop_poll+0x10/0x10
[  281.959259][ T9953]  v4l2_poll+0x160/0x320
[  281.959269][ T9953]  ? __pfx_v4l2_poll+0x10/0x10
[  281.959280][ T9953]  p9_fd_poll+0x10e/0x2c0
[  281.959296][ T9953]  p9_conn_create+0x3cd/0x550
[  281.959311][ T9953]  p9_fd_create+0x323/0x490
[  281.959326][ T9953]  ? __pfx_p9_fd_create+0x10/0x10
[  281.959342][ T9953]  ? p9_client_create+0x7cf/0x1200
[  281.959356][ T9953]  p9_client_create+0x836/0x1200
[  281.959372][ T9953]  ? __pfx_p9_client_create+0x10/0x10
[  281.959387][ T9953]  ? rcu_is_watching+0x12/0xc0
[  281.959398][ T9953]  ? trace_kmalloc+0x2d/0xd0
[  281.959411][ T9953]  ? __raw_spin_lock_init+0x3a/0x110
[  281.959423][ T9953]  v9fs_session_init+0x1f8/0x1a80
[  281.959441][ T9953]  ? __pfx_v9fs_session_init+0x10/0x10
[  281.959460][ T9953]  v9fs_mount+0xc6/0xa30
[  281.959474][ T9953]  ? __pfx_v9fs_mount+0x10/0x10
[  281.959488][ T9953]  ? apparmor_capable+0x114/0x1d0
[  281.959501][ T9953]  ? __pfx_v9fs_mount+0x10/0x10
[  281.959514][ T9953]  legacy_get_tree+0x109/0x220
[  281.959529][ T9953]  vfs_get_tree+0x8b/0x340
[  281.959540][ T9953]  path_mount+0x14e6/0x1f10
[  281.959556][ T9953]  ? kmem_cache_free+0x2e2/0x4d0
[  281.959569][ T9953]  ? __pfx_path_mount+0x10/0x10
[  281.959590][ T9953]  ? putname+0x13c/0x180
[  281.959602][ T9953]  __ia32_sys_mount+0x28d/0x310
[  281.959611][ T9953]  ? __pfx___ia32_sys_mount+0x10/0x10
[  281.959624][ T9953]  __do_fast_syscall_32+0x73/0x120
[  281.959640][ T9953]  do_fast_syscall_32+0x32/0x80
[  281.959654][ T9953]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  281.959670][ T9953] RIP: 0023:0xf73de579
[  281.959679][ T9953] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  281.959688][ T9953] RSP: 002b:00000000f502455c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  281.959698][ T9953] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000800001c0
[  281.959704][ T9953] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 00000000800002c0
[  281.959710][ T9953] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  281.959715][ T9953] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  281.959721][ T9953] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  281.959732][ T9953]  </TASK>
[  281.959736][ T9953] Mem-Info:
[  282.043913][ T9965] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  282.073363][ T9953] active_anon:9389 inactive_anon:783 isolated_anon:0
[  282.073363][ T9953]  active_file:425 inactive_file:7314 isolated_file:0
[  282.073363][ T9953]  unevictable:1768 dirty:106 writeback:0
[  282.073363][ T9953]  slab_reclaimable:6772 slab_unreclaimable:64484
[  282.073363][ T9953]  mapped:30880 shmem:10383 pagetables:791
[  282.073363][ T9953]  sec_pagetables:308 bounce:0
[  282.073363][ T9953]  kernel_misc_reclaimable:0
[  282.073363][ T9953]  free:57373 free_pcp:2807 free_cma:0
[  282.088032][ T9953] Node 0 active_anon:4308kB inactive_anon:52kB active_file:508kB inactive_file:8kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2972kB dirty:0kB writeback:0kB shmem:7328kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9528kB pagetables:968kB sec_pagetables:1132kB all_unreclaimable? yes
[  282.113750][ T9953] Node 1 active_anon:33620kB inactive_anon:3080kB active_file:1192kB inactive_file:29248kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:124648kB dirty:424kB writeback:0kB shmem:34204kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2588kB pagetables:2208kB sec_pagetables:100kB all_unreclaimable? no
[  282.122574][ T9953] Node 0 DMA free:2092kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:256kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:328kB local_pcp:24kB free_cma:0kB
[  282.130239][ T9953] lowmem_reserve[]: 0 294 294 294 294
[  282.133079][ T9953] Node 0 DMA32 free:22272kB boost:4096kB min:17656kB low:21044kB high:24432kB reserved_highatomic:2048KB active_anon:4052kB inactive_anon:52kB active_file:508kB inactive_file:8kB unevictable:3536kB writepending:0kB present:1032196kB managed:301724kB mlocked:0kB bounce:0kB free_pcp:3304kB local_pcp:856kB free_cma:0kB
[  282.141932][ T9953] lowmem_reserve[]: 0 0 0 0 0
[  282.144338][ T9953] Node 1 DMA32 free:204872kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB active_anon:33620kB inactive_anon:3080kB active_file:1192kB inactive_file:29248kB unevictable:3536kB writepending:424kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:7356kB local_pcp:4776kB free_cma:0kB
[  282.152782][ T9953] lowmem_reserve[]: 0 0 0 0 0
[  282.154387][ T9953] Node 0 DMA: 17*4kB (U) 19*8kB (UM) 5*16kB (U) 12*32kB (UM) 4*64kB (UM) 3*128kB (UM) 1*256kB (M) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 2092kB
[  282.158532][ T9953] Node 0 DMA32: 32*4kB (UME) 124*8kB (UMEH) 74*16kB (UMH) 146*32kB (UMEH) 72*64kB (UEH) 26*128kB (UMEH) 19*256kB (UM) 5*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 22336kB
[  282.163322][ T9953] Node 1 DMA32: 7*4kB (UME) 34*8kB (E) 17*16kB (UME) 471*32kB (UME) 600*64kB (ME) 192*128kB (UME) 69*256kB (UME) 64*512kB (UM) 36*1024kB (UM) 19*2048kB (UMH) 0*4096kB = 204828kB
[  282.168259][ T9953] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  282.170953][ T9953] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  282.173785][ T9953] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  282.176433][ T9953] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  282.178980][ T9953] 18774 total pagecache pages
[  282.180313][ T9953] 652 pages in swap cache
[  282.181543][ T9953] Free swap  = 72000kB
[  282.182686][ T9953] Total swap = 124996kB
[  282.184084][ T9953] 524155 pages RAM
[  282.185177][ T9953] 0 pages HighMem/MovableOnly
[  282.186574][ T9953] 207821 pages reserved
[  282.187780][ T9953] 0 pages cma reserved
[  284.395958][ T9993] netlink: 'syz.2.1064': attribute type 4 has an invalid length.
[  287.780018][T10046] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  288.539909][T10053] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1078'.
[  289.125570][   T45] page: refcount:2 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x4a0c8
[  289.128752][   T45] flags: 0x4fff00000010001(locked|reclaim|node=1|zone=1|lastcpupid=0x7ff)
[  289.131980][   T45] raw: 04fff00000010001 ffffc900006c7588 ffffc900006c7588 ffffffff8b7e0602
[  289.134508][   T45] raw: ffff888000000000 0000000000000002 00000002ffffffff 0000000000000000
[  289.137344][   T45] page dumped because: VM_BUG_ON_PAGE(!((__builtin_constant_p(PAGE_CLAIMED) && __builtin_constant_p((uintptr_t)(&page->private) != (uintptr_t)((void *)0)) && (uintptr_t)(&page->private) != (uintptr_t)((void *)0) && __builtin_constant_p(*(const unsigned long *)(&page->private))) ? const_test_bit(PAGE_CLAIMED, &page->private) : _test_bit(PAGE_CLAIMED, &page->private)))
[  289.146631][   T45] page_owner tracks the page as allocated
[  289.148214][   T45] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12800(GFP_NOWAIT|__GFP_NORETRY), pid 115, tgid 115 (kswapd1), ts 289051564089, free_ts 288173477840
[  289.152685][   T45]  post_alloc_hook+0x181/0x1b0
[  289.154126][   T45]  get_page_from_freelist+0xfce/0x2f80
[  289.155731][   T45]  __alloc_frozen_pages_noprof+0x221/0x2470
[  289.157394][   T45]  alloc_pages_mpol+0x1fc/0x540
[  289.158736][   T45]  alloc_pages_noprof+0x131/0x390
[  289.160125][   T45]  z3fold_zpool_malloc+0x853/0x14f0
[  289.161565][   T45]  zswap_store+0xf9d/0x2690
[  289.162828][   T45]  swap_writepage+0x3b6/0x1120
[  289.164217][   T45]  pageout+0x3b2/0xaa0
[  289.165329][   T45]  shrink_folio_list+0x2f7f/0x40c0
[  289.166670][   T45]  evict_folios+0x774/0x1ab0
[  289.167878][   T45]  try_to_shrink_lruvec+0x5a2/0x9a0
[  289.169250][   T45]  shrink_one+0x3e3/0x7b0
[  289.170374][   T45]  shrink_node+0x2761/0x3e60
[  289.171596][   T45]  balance_pgdat+0xbab/0x19c0
[  289.172847][   T45]  kswapd+0x590/0xb70
[  289.173955][   T45] page last free pid 30 tgid 30 stack trace:
[  289.175599][   T45]  free_frozen_pages+0x6db/0xfb0
[  289.176933][   T45]  tlb_remove_table_rcu+0x116/0x1a0
[  289.178338][   T45]  rcu_core+0x79d/0x14d0
[  289.179511][   T45]  handle_softirqs+0x213/0x8f0
[  289.180859][   T45]  __irq_exit_rcu+0x109/0x170
[  289.182147][   T45]  irq_exit_rcu+0x9/0x30
[  289.183308][   T45]  sysvec_call_function_single+0xa4/0xc0
[  289.184802][   T45]  asm_sysvec_call_function_single+0x1a/0x20
[  289.186479][   T45] ------------[ cut here ]------------
[  289.187934][   T45] kernel BUG at mm/z3fold.c:1293!
[  289.189339][   T45] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  289.191853][   T45] CPU: 3 UID: 0 PID: 45 Comm: kcompactd1 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  289.195420][   T45] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.198351][   T45] RIP: 0010:z3fold_page_migrate+0xc6b/0x1390
[  289.199989][   T45] Code: 20 93 ff 48 c7 c6 c0 fd 7d 8b 48 89 ef e8 6d a1 d9 ff 90 0f 0b e8 a5 20 93 ff 48 c7 c6 20 fe 7d 8b 48 89 ef e8 56 a1 d9 ff 90 <0f> 0b e8 8e 20 93 ff 48 8d bb a0 00 00 00 48 b8 00 00 00 00 00 fc
[  289.205223][   T45] RSP: 0018:ffffc900006c7400 EFLAGS: 00010293
[  289.206927][   T45] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  289.209077][   T45] RDX: ffff8880404c4880 RSI: ffffffff8226d1ba RDI: ffff8880404c4cc4
[  289.211221][   T45] RBP: ffffea0001283200 R08: 0000000000000001 R09: 0000000000000001
[  289.213374][   T45] R10: ffffffff90628c17 R11: ffffffff818bbc0e R12: ffffea0001cfd380
[  289.215551][   T45] R13: ffffea0001283228 R14: 0000000000000001 R15: ffffea0001283218
[  289.217748][   T45] FS:  0000000000000000(0000) GS:ffff88802b700000(0000) knlGS:0000000000000000
[  289.220171][   T45] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  289.222624][   T45] CR2: 00000000f73c1b28 CR3: 00000000658f6000 CR4: 0000000000352ef0
[  289.225721][   T45] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  289.228757][   T45] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  289.231765][   T45] Call Trace:
[  289.233080][   T45]  <TASK>
[  289.234267][   T45]  ? die+0x31/0x80
[  289.235719][   T45]  ? do_trap+0x232/0x430
[  289.237379][   T45]  ? z3fold_page_migrate+0xc6b/0x1390
[  289.239434][   T45]  ? z3fold_page_migrate+0xc6b/0x1390
[  289.241556][   T45]  ? do_error_trap+0xf4/0x230
[  289.243481][   T45]  ? z3fold_page_migrate+0xc6b/0x1390
[  289.245561][   T45]  ? handle_invalid_op+0x34/0x40
[  289.247466][   T45]  ? z3fold_page_migrate+0xc6b/0x1390
[  289.249529][   T45]  ? exc_invalid_op+0x2e/0x50
[  289.251330][   T45]  ? asm_exc_invalid_op+0x1a/0x20
[  289.253280][   T45]  ? select_task_rq_fair+0x36e/0x44f0
[  289.255329][   T45]  ? z3fold_page_migrate+0xc6a/0x1390
[  289.257409][   T45]  ? z3fold_page_migrate+0xc6b/0x1390
[  289.259459][   T45]  move_to_new_folio+0x449/0x700
[  289.261373][   T45]  migrate_pages_batch+0x2009/0x3150
[  289.263407][   T45]  ? __pfx_compaction_free+0x10/0x10
[  289.265424][   T45]  ? __pfx_migrate_pages_batch+0x10/0x10
[  289.267540][   T45]  ? __pfx_mark_lock+0x10/0x10
[  289.269392][   T45]  migrate_pages_sync+0x4f1/0x910
[  289.271325][   T45]  ? __pfx_compaction_alloc+0x10/0x10
[  289.273380][   T45]  ? __pfx_compaction_free+0x10/0x10
[  289.275355][   T45]  ? __pfx_migrate_pages_sync+0x10/0x10
[  289.277114][   T45]  ? isolate_movable_page+0x3b/0x750
[  289.279069][   T45]  migrate_pages+0x1acf/0x2290
[  289.280664][   T45]  ? __pfx_compaction_alloc+0x10/0x10
[  289.282557][   T45]  ? __pfx_compaction_free+0x10/0x10
[  289.284310][   T45]  ? __pfx_migrate_pages+0x10/0x10
[  289.286156][   T45]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  289.288226][   T45]  ? __pfx_move_freelist_tail+0x10/0x10
[  289.289815][   T45]  compact_zone+0x1f66/0x4220
[  289.291137][   T45]  ? __pfx_compact_zone+0x10/0x10
[  289.292531][   T45]  ? compaction_suitable+0x112/0x2f0
[  289.293982][   T45]  ? compaction_suit_allocation_order+0x116/0x260
[  289.295823][   T45]  kcompactd_do_work+0x43d/0x9b0
[  289.297233][   T45]  ? __pfx_kcompactd_do_work+0x10/0x10
[  289.298728][   T45]  ? psi_task_change+0x1a2/0x2d0
[  289.300107][   T45]  ? psi_memstall_enter+0x1c4/0x2b0
[  289.301553][   T45]  ? lockdep_hardirqs_on+0x7c/0x110
[  289.302984][   T45]  kcompactd+0x8ad/0xdd0
[  289.304166][   T45]  ? __pfx_kcompactd+0x10/0x10
[  289.305532][   T45]  ? __pfx_autoremove_wake_function+0x10/0x10
[  289.307207][   T45]  ? lockdep_hardirqs_on+0x7c/0x110
[  289.308647][   T45]  ? __kthread_parkme+0x148/0x220
[  289.310028][   T45]  ? __pfx_kcompactd+0x10/0x10
[  289.311389][   T45]  kthread+0x3af/0x750
[  289.312531][   T45]  ? __pfx_kthread+0x10/0x10
[  289.313809][   T45]  ? __pfx_kthread+0x10/0x10
[  289.315147][   T45]  ret_from_fork+0x45/0x80
[  289.316506][   T45]  ? __pfx_kthread+0x10/0x10
[  289.317792][   T45]  ret_from_fork_asm+0x1a/0x30
[  289.319120][   T45]  </TASK>
[  289.319981][   T45] Modules linked in:
[  289.321463][   T45] ---[ end trace 0000000000000000 ]---
[  289.323416][   T45] RIP: 0010:z3fold_page_migrate+0xc6b/0x1390
[  289.325364][   T45] Code: 20 93 ff 48 c7 c6 c0 fd 7d 8b 48 89 ef e8 6d a1 d9 ff 90 0f 0b e8 a5 20 93 ff 48 c7 c6 20 fe 7d 8b 48 89 ef e8 56 a1 d9 ff 90 <0f> 0b e8 8e 20 93 ff 48 8d bb a0 00 00 00 48 b8 00 00 00 00 00 fc
[  289.331236][   T45] RSP: 0018:ffffc900006c7400 EFLAGS: 00010293
[  289.333867][   T45] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  289.337073][   T45] RDX: ffff8880404c4880 RSI: ffffffff8226d1ba RDI: ffff8880404c4cc4
[  289.340141][   T45] RBP: ffffea0001283200 R08: 0000000000000001 R09: 0000000000000001
[  289.343120][   T45] R10: ffffffff90628c17 R11: ffffffff818bbc0e R12: ffffea0001cfd380
[  289.346607][   T45] R13: ffffea0001283228 R14: 0000000000000001 R15: ffffea0001283218
[  289.349765][   T45] FS:  0000000000000000(0000) GS:ffff88802b700000(0000) knlGS:0000000000000000
[  289.353025][   T45] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  289.354939][   T45] CR2: 00000000f73c1b28 CR3: 00000000658f6000 CR4: 0000000000352ef0
[  289.356972][   T45] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  289.358926][   T45] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  289.360889][   T45] Kernel panic - not syncing: Fatal exception
[  289.362787][   T45] Kernel Offset: disabled
[  289.363871][   T45] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:47:39  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000ede79b RBX=0000000000000000 RCX=ffffffff8b557469 RDX=0000000000000000
RSI=ffffffff8b6cfc80 RDI=ffffffff8bd35960 RBP=fffffbfff1bd2ee8 RSP=ffffffff8de07e20
R8 =0000000000000001 R9 =ffffed1005686f85 R10=ffff88802b437c2b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8de97740 R14=ffffffff90628c10 R15=0000000000000000
RIP=ffffffff8b55884f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffd3d150ff8 CR3=0000000028752000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000001 Opmask01=0000000000000020 Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=00000000fffffffe Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffef2715f10 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3320646970206565 7266207473616c20 65676170205d3534 542020205b5d3500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3320646370206565 7266207473616620 6567617020573534 5420202051573500
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3034383720203335 31382020205b5d35 38363235202c3938 3020203531343000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3032202620202c29 3132202020504628 2035313120263332 3020203531222000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 637a2a262353585e 4f584544555a4c4d 5555765e434b5d45 44555a4c4d223a3a
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a3e323d3d3e393d 3b3232382a797e55 6f6f786c2a263332 3a3e3c3f3b3f3a33
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000984474 RBX=0000000000000001 RCX=ffffffff8b557469 RDX=ffffed10056a6f86
RSI=ffffffff8bd358e0 RDI=ffffffff819084e9 RBP=ffffed1003ad9000 RSP=ffffc9000048fe08
R8 =0000000000000000 R9 =ffffed10056a6f85 R10=ffff88802b537c2b R11=0000000000000001
R12=0000000000000001 R13=ffff88801d6c8000 R14=ffffffff90628c10 R15=0000000000000000
RIP=ffffffff8b55884f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3c61d0 CR3=0000000074b80000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000012000000000 0000000300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000027683c RBX=0000000000000002 RCX=ffffffff8b557469 RDX=ffffed10056c6f86
RSI=ffffffff8bd358e0 RDI=ffffffff819084e9 RBP=ffffed1003ad9488 RSP=ffffc9000049fe08
R8 =0000000000000000 R9 =ffffed10056c6f85 R10=ffff88802b637c2b R11=0000000000000001
R12=0000000000000002 R13=ffff88801d6ca440 R14=ffffffff90628c10 R15=0000000000000000
RIP=ffffffff8b55884f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000556c784e9280 CR3=000000004f4b0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008220202 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc95efffe0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4154414600544549 55510029646c253d 646970282064253a 29287338342e253a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4154414600544549 5551000c41490018 414c550d0541001f 0c0d561d110b001f
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=137e2331137e2331 137e2331137e2331 137e2331137e2331 137e2331137e2331 137e2331137e2331 137e2331137e2331 137e2331137e2331 137e2331137e2331
ZMM22=5a028ce65a028ce6 5a028ce65a028ce6 5a028ce65a028ce6 5a028ce65a028ce6 5a028ce65a028ce6 5a028ce65a028ce6 5a028ce65a028ce6 5a028ce65a028ce6
ZMM23=c611be86c611be86 c611be86c611be86 c611be86c611be86 c611be86c611be86 c611be86c611be86 c611be86c611be86 c611be86c611be86 c611be86c611be86
ZMM24=09c1450d09c1450d 09c1450d09c1450d 09c1450d09c1450d 09c1450d09c1450d 09c1450d09c1450d 09c1450d09c1450d 09c1450d09c1450d 09c1450d09c1450d
ZMM25=2b55494e2b55494e 2b55494e2b55494e 2b55494e2b55494e 2b55494e2b55494e 2b55494e2b55494e 2b55494e2b55494e 2b55494e2b55494e 2b55494e2b55494e
ZMM26=1ba48d081ba48d08 1ba48d081ba48d08 1ba48d081ba48d08 1ba48d081ba48d08 1ba48d081ba48d08 1ba48d081ba48d08 1ba48d081ba48d08 1ba48d081ba48d08
ZMM27=e1c18003e1c18003 e1c18003e1c18003 e1c18003e1c18003 e1c18003e1c18003 e1c18003e1c18003 e1c18003e1c18003 e1c18003e1c18003 e1c18003e1c18003
ZMM28=000001c0000001bf 000001be000001bd 000001bc000001bb 000001ba000001b9 000001b8000001b7 000001b6000001b5 000001b4000001b3 000001b2000001b1
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=770c0000770c0000 770c0000770c0000 770c0000770c0000 770c0000770c0000 770c0000770c0000 770c0000770c0000 770c0000770c0000 770c0000770c0000
info registers vcpu 3

CPU#3
RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff853eac75 RDI=ffffffff9ab72ea0 RBP=ffffffff9ab72e60 RSP=ffffc900006c6d40
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043
R12=0000000000000000 R13=000000000000003a R14=ffffffff9ab72e60 R15=0000000000000000
RIP=ffffffff853eac9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f73c1b28 CR3=00000000658f6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 78df715580f2bb56 687c742e7536ce5a
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f5a6b9221f6ab6fd a540eaa2a0ca5a6c
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c72b6f11bd3d0b55 4c3ba253f867f3fc
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 702544fb7c597add 910016204d886e73
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000002580
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000af000000af 0f937df81888a460
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000af000000b0 00800100188992b0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000aff8630ad6 f4146736f1fce4b4
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00800100000000b0 000000b0ec9d6772
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 74139dbea8bca13f bfb079b7044b7d7b
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a55d5d3b6503ceee 1cd3d29bce2ae3f7
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000