last executing test programs:

4m15.942615966s ago: executing program 3 (id=569):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000300)={0x2, 0x0, [{0x250, 0x0, 0x100000001}, {0x25d, 0x0, 0xf35}]})
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r7 = memfd_create(&(0x7f0000000080)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea\x7f\x8cZ7`_4t\xcda\x9b\x11\x11\x0e\xa1\xcf\x00'/51, 0x2)
ftruncate(r7, 0x1000006)
fcntl$addseals(r7, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r6, 0x40187542, &(0x7f0000000000)={r7, 0x0, 0x0, 0x1000000})
ioctl$UDMABUF_CREATE(r6, 0x40187542, &(0x7f00000001c0)={r7, 0x0, 0x200000000000000, 0x1000000})

4m14.586348821s ago: executing program 3 (id=572):
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES64, @ANYRES64=0x0, @ANYRES64, @ANYRES32=0x0], 0x9)

4m14.489710737s ago: executing program 3 (id=573):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f0000000240), 0x800, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r3)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffdfc, {0x0, 0x0, 0x0, r11, {0x4}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0x2, 0x2, 0x7, 0x7, 0x10, 0x22, 0x4, 0x2, 0xf, 0x6, 0x6, 0x5, 0x2, 0x4, 0x10, 0x4], 0x3, [0x8b, 0x101, 0x4, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x5, 0xb, 0x3, 0x2, 0x6, 0xd, 0x100], [0xfff1, 0xfffd, 0xffff, 0xfff5, 0x3, 0x8, 0x1, 0x9, 0x5, 0x1, 0x2c, 0x40, 0x100, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
close(r5)
socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$SIOCSIFHWADDR(r5, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
openat$kvm(0xffffff9c, &(0x7f0000000280), 0x28000, 0x0)
r12 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x26)
r13 = eventfd(0xa09)
ioctl$KVM_IOEVENTFD(r12, 0x4040ae79, &(0x7f0000000040)={0x4, 0x4000, 0x8, r13, 0xb})
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

4m14.052554496s ago: executing program 3 (id=575):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x439, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r2, 0x21801, 0x1103}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2f}}, @IFLA_IPTUN_6RD_RELAY_PREFIXLEN={0x6, 0xe, 0x8}]}}}]}, 0x40}}, 0x4048084)
syz_usb_connect$uac1(0x5, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0x4018aee3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="3400000010000108002d455c927a3e24cc000000", @ANYRES32=0x0, @ANYBLOB="80400100000001000c002b8008000100", @ANYRES32=r4, @ANYBLOB="08001b0000000000"], 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r6, 0x8922, &(0x7f00000002c0)={'netdevsim0\x00', 0x7fff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb101e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r7 = fsopen(&(0x7f0000000000)='exfat\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000001100)='iocharset', &(0x7f0000001140)='\xe0^@&&}\'\x00', 0x0)
close(0x3)
syz_clone(0x126400, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x80000, 0x0)
socket$netlink(0x10, 0x3, 0x0)

4m13.162202752s ago: executing program 3 (id=578):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xe9)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000040)={0xa, 0x8, 0x0, 0x4, 0x0, 0xfffd})
ptrace$ARCH_SHSTK_STATUS(0x1e, r0, &(0x7f0000000300), 0x5005)
socket$netlink(0x10, 0x3, 0x15)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xb, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070250000000000202020f8ffffff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000712b4986f533eefc35521c8e6f5554d30000009503347fa949cae25a40b82a38232f23e1294fb49b40697b120a79cef9d91a6ada88b9746b5df47174fc433e2ddb44ab1ff61cc27eda3a481c7823cdd991bfb0aa46ffd2df58237595eb37496dc2a271e58844a8e91e8351639a31e4dbb5b55b66eddc99b56c7d440a37ce69312cd576918986f2fd86ea0956cd5c5a1a450244e4c4f8854f127a26d32df2a4cb6463b31553968307ffa92ea9b931f3945b607d00"/270], &(0x7f00000001c0)='GPL\x00', 0xfb2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_open_procfs(0x0, &(0x7f00000190c0)='net/ipv6_route\x00')
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
lseek(r3, 0x289e0cb5, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="190000000c000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000005c0)=ANY=[@ANYBLOB="48bd1800000002010000110000c800000000000000000088079ff86b930000000014da4ac44415", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b7040000000000008500000033000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703f25084aa00000000000085000000060000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r5, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000140)=0x4)

4m12.962819801s ago: executing program 3 (id=579):
r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x141040, 0x42)
name_to_handle_at(r0, 0x0, 0x0, 0x0, 0x1200)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x200000000000011, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(0xffffffffffffffff, 0x18, 0x0, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x1, 0xfffffffd, {0x7, r4}, [@MDBA_SET_ENTRY={0x20, 0x1, {r6, 0x0, 0x0, 0x1, {@ip4=@loopback}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r7 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
setsockopt$inet6_int(r7, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
sendmmsg$inet6(r7, &(0x7f00000002c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xfffffffd}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r7, &(0x7f00000005c0), 0x6a, 0x12141, 0x0)

4m12.895621151s ago: executing program 32 (id=579):
r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x141040, 0x42)
name_to_handle_at(r0, 0x0, 0x0, 0x0, 0x1200)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x200000000000011, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(0xffffffffffffffff, 0x18, 0x0, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x1, 0xfffffffd, {0x7, r4}, [@MDBA_SET_ENTRY={0x20, 0x1, {r6, 0x0, 0x0, 0x1, {@ip4=@loopback}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r7 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
setsockopt$inet6_int(r7, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
sendmmsg$inet6(r7, &(0x7f00000002c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xfffffffd}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r7, &(0x7f00000005c0), 0x6a, 0x12141, 0x0)

2m40.910965277s ago: executing program 1 (id=1026):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000011c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x3, [@ptr={0x0, 0x0, 0x0, 0x2, 0x2}, @typedef={0x1, 0x0, 0x0, 0x8, 0x3}, @func={0x1}]}, {0x0, [0x5f]}}, 0x0, 0x3f}, 0x20)
getsockopt$inet_mreq(r0, 0x0, 0x23, 0x0, &(0x7f0000000100))
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x10000, 0x2000, &(0x7f0000ffc000/0x2000)=nil})
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000b00)=@filter={'filter\x00', 0xe, 0x4, 0x66c, [0x0, 0x80000480, 0x8000068c, 0x80000926], 0x0, &(0x7f0000000180), &(0x7f0000000480)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff02000000110000003100000060036272696467655f736c6176655f30000076657468305f746f5f687372000000007663616e300000000000000000000000766c616e31000000000000000000a80000ffffffffffffff00ff000000c62e182f1c67ff00ff00ff006e0000006e000000b20000004552524f520000000000000000000000000000000000000000000000000000002000000063f6700faa549e9894c47c7b4debac0dfc07ac5ed7c8e901eca3392a630900001100000010000000888476657468315f746f5f62726964676500776c616e3100000000000000000000007465616d5f736c6176655f310000000070696d36726567000000000000000000bbbbbbbbbbbb00ff00ff0000000000000000ff00ffffff006e000000020100002a0100006c6f67000000000000000000000000000000000000000000000000000000000024000000000644a1c6b0b9432c3b8b58572c4ef54ab9b5b777ee2ab307875b7c71d8ed000800000049444c4554494d45520000000000000000000000000000000000000000000000280000000900000073797a310000000000000000000000000000000000000000000000000500000000000000434c415353494659000000000000000000000000000000000000000000000000040000000900000000000000000000000000000000000000000000000000000000000000000000000000000002000000fcffffff010000000900000012000000d0ed76657468305f6d616376746170000000766c616e3000000000000000000000007767300000000000000000000000000076657468305f6d616376746170000000aaaaaaaaaabb00000000ffff0180c200000e00ff000000ff160100003e0100006a02000069700000000000000000000000000000000000000000000000000000000000001c000000ac1414aa7f00000100000000000000ff002f08104e214e214e204e22706879736465760000000000000000000000000000000000000000000000000044000000626f6e645f736c6176655f3100000000000000000000000000000000000000006261746164765f736c6176655f300000ff00000000000000000000000000000009000000000000000000000000000000000000000000000000000000000000000000000004000000000000005345434d41524b0000000000000000000000000000000000000000000000000008010000010000000200000073797374656d5f753a6f626a6563745f723a73797374656d645f6c6f676765725f657865635f743a73300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000feffffff010000000600000010000000809b736974300000000000000000000000006772657461703000000000000000000076657468315f746f5f6261746164760076657468300000000000000000000000aaaaaaaaaabb00000000ffffaaaaaaaaaa18ff0000ff00ffaa0000001a01000066010000636f6e6e62797465730000000000000000000000000000000000000000000000180000000d00000000000000080000000000000000020000000000006c6f6700000000000000000000000000000000000000000000000000000000002400000007904a96873c006e9b2f590b8df56217f6ae5b2c3d6ce5be745fde015c960000030000004155444954000000000000000000000000000000000000000000000000000000040000000100000049444c4554494d4552000000000000000000000000000000000000000000000028000000d50b000073797a310000000000000000000000000000000000000000000000000b000000000000"]}, 0x6bc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r1, 0xffffffff80000800, 0xee01, &(0x7f00000000c0)={0x0, 0x1, 0x2000200000a95c, 0x9, 0x4000000201, 0x80000001, 0x48cd, 0xfffffffffffffffc, 0x800000df})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = socket$inet(0x2, 0x802, 0x1)
getsockopt$inet_int(r2, 0x0, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x181ac1, 0x0)
fchown(r3, 0xee01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

2m40.741976468s ago: executing program 1 (id=1027):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/profiling', 0x42701, 0x192)
io_setup(0x1, &(0x7f00000016c0)=<r0=>0x0)
io_submit(r0, 0x0, 0x0)

2m40.551171269s ago: executing program 1 (id=1028):
syz_open_procfs(0x0, &(0x7f0000001100)='net/wireless\x00')
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xf)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
gettid()
fcntl$addseals(r1, 0x409, 0x9)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
mount(&(0x7f00000006c0)=@sr0, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='iso9660\x00', 0x204001, 0x0)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x1e3003, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f0000000300))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000004140)=ANY=[@ANYBLOB="02000000040000", @ANYBLOB="000000000000000018004a28e495d6e91be6fb1d9a20ff730e5fe4621b8768", @ANYBLOB="1f15c2663936d0145be26d7ea8653335edd2c09ae5d13b36b3b2bc2aa842eff83a79fdd5ee1df58091818dbb6626a40810775e9d28a17419d6bd9352db10ad75b1f266d7981e716ed50c327f3f47b39900b4cbf7c9c986326f64e1ae288183b5f805cb2d8ad8c4a5500ecccf633d269f00c8cdfe3e0f667b511e50e4298f7884adc92b88f6a77285de48a88e0a92f57d1868982854595982fa60f18770cf39291bcf95ef86b88afee986d75ae1aebb530030166ea2a20e1133989ff904bd411675d89d9827261ed3044e5d1f0b114a6a434a92dd433ac0e84d55ff09fe13469fbfe12bb093f01635f55d4943abe6e949539a7dc64167b725e4c1b4cd8fcb52b989174ffb58e85ab2af3d46538d616af5adc3f936c5b86b2a0afec1039716c381200e26603dd9844570ab737cfc65bb147eab3863834ee8f971f1d23fde1d8586681f97b9fc715b9b81211ba0a3638565a6e389c01608080909f0b3a7ca675f52922e19cf40b1ef127bc79b0ea80671e74c326fe22e0115d3f3dff88f7ed2c313648d28c6fc8e218b528b56b1af9d2b4a898abf8f5638aedc49b9ccab69fc1d179f22d0b58093e67cddf2af12c8bc3016217ec8de0c2a191bdee789111014395b73a35000de9a4d44e974067e22773d569be4e0731f9347536dcb7a6ac924958cd9b299c67b09b9e0fb8673c596b53ff6b9714d5a86b833176b9b4c57b907a807e2505c73977a16a6f30fb3f821ed46256832c57df3b42e7cbbcf3de0fc09d6eb78d0e1d0afd002940fa0d4aa1e7e11e01b410d9a6f9dbee760f81329772033b1045649907c80d89e86adbd860a5ce55b9ca9a5fbef774be0b084746640a8ada57a684ac3f6e61d64eb766f5c0dfd9c4c2553c8fea17be7a2c438f2445198feab6149085e002482a655809b5fb523dad38bc22a506871a7f749e6dd32c25d12dd3cef6257aec8a684e87c380cf21d961dcc6a19997f07c655e0bfa1d7944b71281becac52b6d1cf6929abb6ed4f36b33a2340a18f1044159e623a592f0d9bfbea1fc66dd71a9118259b155984fdbea2aef572daed20d58cb441ed0ee395cfde5ac54e60d41210b71c9d42f52e05755aa937f8bfff15a68c493e9208b7b66203bcfd06cbeca3128832cb19ee48f246731a350aad250a70b950e90fa9d2bd641dd1c247f1a18a85d2b444a93bbe10616a864b811c8bf733a6bc603a7b4d515c156e73eba4fee34a2afa1df7d802c8ab9d5b68749f0f7c61112862ad790772d07ebd5a4cb305d826c0584e38b5eea90cac7c5799ad8bade81df39827c0797d3baa42f2227c27c2c40c29196586819547c2b9c0c6b07860b7d1af749c240273526f294be6395a4b6e19411d7cce4ade0533bd5b8bcfda54cca4c248223a35bf124a18c74c079e1d31d06729b9eb08cd39e58574de56c40fc96d62df67c0c2811ad641d1c6285b8107516aa6f0ffd69fc5e600d98d2d6dfe2c2b9603275406423fd0ce4c88f99e9962eb75be45102b2ff3b89fa0de79ea80eb65f5fd4583b86d88d34dcdced1282fc451b4d75cd43f88fd5bd74210a2785abd9d3e4f9101f5c6b8684cd7a8f4b4050dd999cc13339c3a98817da0396997b311c7e6c95ad8d40c9f96162b4a444fe07ef620c83757978584b19afe68e623a2960d215062622c0fddbdb0d2a029290b8587a4a155adcbd5629746eb981d6c9f0da4bcad8dcbc72942ec3c220b89a65f7d1bbd25e4f83100109e957c14e5dad53311de7a10c11fe2dcb1940763e9cffed673f943e382f05999e6d5dbf29d6f0fc529194d07ebae66e0172274d736058cb64d56de1774b3df1738a3acea60a763475c322a48c8932111ee01ec85e0e43ecd955541ba14a33cf67af40eee1709e2ae014eb017741ec62bddd8660eb5947c9911000b57ca81760f36c9bfa7bcf2fdbb7992a1e53f690f66582026a3e4b58812d93a8145c0066a20619f4597a70a5a9157182cd4cae9ff3e547f836b260ca93b4493ffb8a3ca1a7fb9cc21d8704fbf99cfdf2f710915fca25673e2f00a71a9754a51cb8c20738d79640932ef2c215cb142e7df1ca2ff27ead10b318f9700b7ca07c2b4858f9472c79d55b1c11a050870a67d6a9fec6b017fcdf9e1301abd00968b5f172ffe6b2c8f58092eb4ef96b71cca0c20045cff2b03dbd9f8571a5f331bee427ed38980f52899d8e8254f96bc5e65c2f2021ae7054f418489e645ab167c897aaef892a69955ce498cbc6035b0e38fdd777bf0d3b6860e4240168c343bb3152a079c204158acb052b7bcd2c55deafbf068cc194b9c4d51078fe7033df94e262082a0bbdf2ff56731ae5311e2e1b4a8dd62d54b02463befae273e35406d4607155d3cfffaddb8ddf55dfc56a6f80e3042d882711052edcd869af2019f13104ea63c04b19112577a98848468642e46b49ae3cc81e72bf5c63cb126a3312f364b0efa12b9dd97a96871459a274a127eb0d11d8c599b3309dec99ff510fb84ff916eb4c23671efb21acb61c853bc540db8dcc17a5b0e48e9402baa58ddfa1c3fc06b61cecf3162c349c77215c3b96dd8d89bd04a9bb2c3e265bbe372ccae14d81b8ba6ea331bf7a4e4bd986ec01adf275b048a6f1874834ae9d6ad768b5f0b24ddd3c1f96b496c9c5ce935de869cf964cd6331f34a86226fcf2529eec25f7baa40da08dd7ff963d4f0fdf2ef8f6685568150684b34ddf01df753b78e3750b07709e998767887f8c02ffd9d3f4817ef6e94b72cd25bc625bb9143031290d23f090f3c99a204e82089b78c2e56e5fe5b8da2ef8b7c6ec1f86b78a03c683af177088135dfa3d3ec078d950bd35930fec3864e77e2c5fcb91beb28ecdd6ba7d0855612af8ac057741becd5ffa10f44d09453dec0e0bed733144526fcbc6c39fc329f5f8368e2ede988adf2721bd67a3aac5e269f8804cdf61c33cf7b5709167b84749b8c215fdf0d7a6137167dfd78d41eba56862b9256359ac59dc6eeb22cc1b16a87733389db4404db53188a9c0d437bd530fed71df9974c487554404f3ebab7e8a64c37bb743fafbb47b74a79847ebde16c32dc22c48549a45879e4379ba5e30fd12f49faf1cd32bf67830f18c3e8334054816588492f0e070370142a7383cb05989c534d14b372d50d4900d5d7eebc3bf97808b3eea035729046743294de4d81ad2590475b9db75f9d26f34e4b1ba61fe6e30a2ba61927f63cbd4a089a9d44ca9cabb4e2bfd971f9e085e933129fdfb698ea32fbd1a962e97370f2a2ae58e0e2fa1bc59250ea8a8edeaa8125d16742e6394350eac919df4ee9a498bf08a970f76d20b241e1659f85a414167e5329fa3445b8197bfb1217582ad60c8ef8fcd4af290b48610445e8b491fe8e416f80cf6a4749ee8f98232e4407fd70689629823c4191cca64f5b5b960fe86a0409ab928f847796d26e372115772b2a16279957d96c131d103dbc292e62f1e8a5527acd3f135b9f616f74181c9514f99b77cf0c1113157ad1d2b6cb6af0384f9ac66de79868ca8f9dd4362342fa3737c2355398fd15015588ac51752670833603991a35ced11671c5254bbbaeb355b52b9efb92af097e5983b29fda57f4d9fc9220890cd982c97d0fa8e595033de3987a0652a9eef2318d36e3f2321976a2c7d7a10ae583d2859733544955032e1b13bb164870c41c19e723d7d1a6745abcfdc9becb30bf6e4fe5affbfd50c8718280bd4ed9800ce3d07870ef17ffed58cbe5505e8d50b27009c91f95188b0eb14d6bc73ea2202feeb02cdb7920d021b623d4eaa34388a8dbc9969a9d6c8e2b1166f1817f8d1f2e1ca5d675e0e898582bf429a2eb4653ad5f97a67346d881c6f450a4146604e555b247e57aa673506c3520b006dff3a53c0fea3373691ffe41bf31888d557e568ee49f8503dd83f16bf945b1bb41f234052ff2241a0df6f5ce9f54bbd2a97c2906fe1a106292580b2332c36d7813d23be7306f07a3b3c1a6ddc809047015eb8ea575d61691c31bbba34c3db97068c38da267fae47bd61964c360ead45cb6ee8b93a963cdf3d10ba9f22922695ed6bc6756a727448e3dffc8e331a4c497670296cc6a2331a5896df6314d5ab6925d2e8f18f615cb4a1a5200735d4a6e94a93f704ace359c1a0920a76ab932723c2f80895a733e9bf6f4586fbac54fe2dc94133bf5c98e0b78ff3df1323f28e545aa79c265e63521d288f741c32f3882229fbff67db8a7f9aab82e8d13c582911395366e2d9ea1d67d9ed4b75869a5894730612fe6cedc9182cec5b50e2929369138e70dda057b71f33bff986997245bd85498cba0184c0262d7372457bf88f90d4d77bc3c619e7c80d7ab75a0372b5ee54820e34efdab41d9597f2c971617a3cadefd84f7700574eac7e75db6da8300efc300c0a2a4bd8291cc4b3fd44797ee6d76ebbd5da91a28f33f8cba5d47de4d0859696c71d400abf72d1857bdbd2e36e52173dc1996e832da8a1e703315e5d4bce4061d824a844caf3c4c6b761525210f9f8fc343d06569f0645f23d586cced89849f44a5735a6272c79bccc977c319a0a7c4d3aa45af3d0675500562b5c0e5341e2a86a6355fa510e987e5998f1589e1b0f071678682c68fc3443d3e60304acfb6b5665cddcb7c4f9e6ff56e7b3e902c8bb80a0bb064762eef5df0c7751baab61f57152a80dcf151dcd458c45dc0c7461fa8462b38bebf483a58fd18a8639d601232cc6f83471822f32817aac1e8323dd8ed5cf339301faaf858c0ebc89ea5f948348b6997f509526eb95257fb8b3f42e2f705ef94c9d79087c219df28026998ea9ff1bb78ba7dbb4b4aafec20b55760da94509de0dba45eb8d4f51fc6c19f4cd1b01852efad7af6f546c1bc71cf553d7f72a9847c2fff23c9a110cb61e981d8fe2b236da79d593afc0e524cf7ef2bc446ecf5ecccb7e8a071907ffe6e3c5b80a33e913dcd7754c7736c8253bd6b524362ae437cbb01a9c063e9fb42e4fda93221203a409d239dd0af6aaff671d36c79503f0fd99b78c171a80d29bbbe5d1a2440c6add499bbdc766ce09030ef5a615430e1bdfc60a1ae7a491e9787fce0e266051525fed232697877c76cc39b3a77329780606b105ac5b7f7ab81814f4a2f629f07d42bcfcab3ee6fae67ea15ff30dde0560e91e509e944510722e97b566494daad981e3c972baec7ab1ad9672210b60fa7db5359f53a5567c0ebe7187f9a9f81bee34e4821b5fedde56b0c376a8c7d4955a88857639842dd53fc9c3f71be193e40144d41ffc1cc6f087558634f57f7c3bb89cc87d09098c7b66b992b44f8842db25ecaed77af16b8c84e3c2da5217cf47f5728260051dfe5e4a09739922737497f308e0108b1e60dce601068060d49c1e4640ba506140130d23f35c35f5cf11895e58334fdeb890d74d7a07ed7fec2e91370f283d7c252c7724345f0d58e7f7fb688f35b05b298022eb7269c85c29256777dac8199c12cbdb406ccf4e50a2de8fddd3d378daa6326ed1afcbfe077ba1aaa12848f46f9a24b6076dd06bfb54f35f6818e6dd75ac618a9cb80aa429c843c21d8d0dcfbe06507c5c4c23c048222e9dc165f9b72182e7d7e6aadcf4abd728dddb11c7e67ccad569dd034aadc63d5b2d5bf3f7e60b506fb30aaf7287eb3a0104430a9161990498e89e79e5acce74296b5770187058cdce277a38c4f82a5d3197e4f3ea691d668ebaee814fd", @ANYRESDEC=r0, @ANYBLOB="000000000200"/28], 0x50)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r5, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

2m39.22903645s ago: executing program 1 (id=1032):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="180000100000000600000000000000"], &(0x7f00000001c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x2c}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x3)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r0, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0xfffffffffffffd3a, 0x0, 0x0, 0x0, 0x1000000, 0x8, 0x0, 0x0}}, 0x10)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r1}, 0x94)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x101302, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000440), 0x0)
ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x4})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000140)={r2, r1, 0x25, 0x8, @void}, 0x10)

2m39.131776185s ago: executing program 1 (id=1033):
gettid()
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f512, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000300)=ANY=[], 0x54}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000500), 0x42, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = dup(r2)
io_setup(0x19, &(0x7f00000009c0)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000500)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x2}])
write$UHID_INPUT(r3, &(0x7f0000000880)={0x8, {"42d1d92b458e9ea9121673103f96e2a6f652a6bdda39b5d7420184a77546c6fff4a436cebd267e2cba6384cfd34afd4d775ba7dae05a62136afcfc54f5d02449793625a11ecd264a66c65811ec065bf3384ba3a94511f88032621b01045583e45e0f9b8befcefeee83c1c07af866dc99b3a7fe5fdee5dc46a3e9cb1edaeba78d42d3be0bca7db3ac5afa44e7331dbdb3ac881558a185f17f98bf0eb96c68c011a16cae07edc32699fe15c4c964be095ef651bfa7c0d94f13fa1c3170e9fb1b6da3eced5ba82a5bf3198a410a82d22a2c9d70affcfa48c6dec8448cee3e26219817c2faa2f4bc424789791e43a266ee715ab789495c7570726e2250d43fb1b1d113097c8fd4c1cb3668b8c892b1adefbe6eeee0516dc7a83e698bd9cc63df91ecf51c3c34cef6dc62c1eabbafdb9fb960522f2241e383b943609aea34880728553c1caf4d435f517ce3364bc62a340cb999324a1b2af232a945cab0bacc01cc3f5aae8e09c0592c78cc75bfbe5419f1b6dcc226456dc3473036665c91f00267de753b542060780257d2e8d72fbccdbad113381ba1cf207c86d959843aa68dbb7a753e6800ebfc3328034691a8a30296741cd1a895cf54ce89a556c2070a7cbb8e682cd8a79a57f484f19f10f34bd307d631a9d215bfabebf4a7aeda75c6d217568c5b281b38470982ec48ac6f636909d15758d95c1461540711b09398a4693fa62c3c93822048ae9675d9d6881191c8f9ec846c188f473cdcfa5273bbbcad0d5d7d36763bc3861076722bd48c3345498cc48048222f5574ec7378bc7efe5252795065bbcdb7ce499e0c0bebee079be6f4c7c5c15cd7e56b6413dd07ad8327044f8b725e8fa9c99c45c0b9daef51afa7c291006b684375316e7a501d35041b18e55b1391e36becf00194ba3630dcee4fde391d15347bc28c6c53cf3cccffe116330739d93a6ff56be34c316a71410281f3c619e7ad12e37c668b1f4795fd27e6f483b85c9763ce42524a66d1ba6ee7156e36678cb78c779d976dbdbdebdff36049aaf0b59c93725746eeeb960d938485c4dfa2b4caa029c6a142fb0119d7247baa3d065fc61f3afb531dd579f857adc835f7ebe3545c6f5ca8b3a749c0832cfe6be5dae01543ea3a56663b5cf58de7daaace2c3271848a65d9bbff1a13b354dd614fbf223dde719dfe6591bb5fe4edc3ac31d9ae18432740b7c05de02b9fb86cf9fe4454961da31cd41ddb6fb95a72e5723d6cc3cb57520806d09a853ecfe29c9cdfce35395f1fd7f2593600f9d5bd7b6b157d5575672430509c7eeebe3805438cfae86a5993cd3e6fa39f9567000c9baf665254042ca19fb1adfdec37720d41dca15523a8073e5c49db4add9caeefdec2b7aafdca5baafe78b9a7f8c2bdd5c58baa8a87ec2f8fcf708045ec7ab899c47481c59184bd10f8319f73263d9b4efefb0247a39fc6d451cae8d3a3a51b6e98977be59b2e1beec3a1a9e0dd8475123c3162d0927eab50f44e48c39a95938a033015b8ef9fc02fdee10540b123c7a53d6706f7476ab88d0d5121676e7d7cbc2635ba281b369f3378afaef92a60c92393efe9c45ccf60f1bdb69097e5f1bc67b1597e6b5de3dd5a7f162690972c6768cf63a9b4a7875268c97b31a427b983196f601d28f1648fd40b4b6a16b4ff4b2737cbd0d14b0c43b0c33d5c876df6591efa0b51bc44413fff32524dab4d198f045b2622c4e2fdcec8e6606b88ed3de71ad0d3dd0dbd661e39acd69af980e1b7c7d539d6498d68b64bac9233efd7d4b00db3fea8c0bf02aebcfb2240bc11ec5bceccccad5b00007a29f345620ae4673f1d41c514e9f5b583433adde93069a1cd01621b50d87dfffd5d410d077b9b4b6b8a807298ee871ff649e8620b06af7988f3d4ae20cb5482121875cdcd9b4e44a74c691c09bac1e7947f2f4f4d228146a1f867633c19ee3b709a86968428f2810d92598bdbcd18b93fbc9a705dda58691ebad397335e80a0cd17b1e6518386251341129e8fdb252b12b741847a4bb8da0e617bbe203f65cfd52cd271dc267598ec0ed469a57fe98e338468839a3cb20caec617f94fa65262e55bd34f2ebd64a88b75779993e6903a50d6ceb7fbf1c6bd1f83b7afa213471d86f52b060c9af2559f3332eab72bbef58de69c481122ad0fdaf499aee6121a52d0ed2b9fc2d62412f8f77e331f025f2ca21adba1434e41577580fae31a3892fdf3e08d1627c6cd1791abc41ac64da3d8aafbd6fbb5ff3d582030162bfc20dbb7aec5ba68a7f88167124d675674b15012930b491540f3d8ea93a6486b64ac5a88bce5491822f0c79cb43a90e349d8480929343b307662ac67934ac3bc5c6e4bc409340ae234f86febf422eae94f22fe41cfacf9b62703a64dca51a81995d646ddb91f0962ebe9c93597349635e73b7604024edb816a07863fbc80febd2d024e497ff03bf91b7f2e6e74601f9564ac8a30bc6571f9e0c6e9cb105bd8204d3a6de3a21952005c22aa4ad68fe4d4d79377d7f19241961cc1993d7cd7fe02bb023702a65024f8cf7e18072ed500ea6a2b545951023f794a0fefb317531ea1f702002ef5897b4629308c28724554d8f0d89fb0369fb6270fa7a885df66e49b6353b65924578e0aea8dd4ee65d32ebeebbc238973aae8fa25b9e4dc36df1a15b174b2ca3c8650ac1f255a1707d46b5d555a61ddccf6c232488c92949e1756e0bbc7d845676b4143ab12ad17f214bc5caae48e410df19616e9e371f8dfc8d00bb4a4a510594479c75276474d9a346db1d357bedb5de96e56846d306a2dfe98d24fd676e79f89e560a95d8894d1160bda8b46bb8e061a6199d373e94c2947f852f4e54c58476d4bc37c66ecfd0d23f967fc73667f9ae39dcc4b14fcb9ab524e04143d624d04c3031dbd9259864c5040a481a5906b870ed4be35818bc6cd45ce4f91bd8e39b424526e36afb87b298eedb187883d5005c4407637f0edacac29f5f6eb38f525a662a6c3c201fd48b811519bc621494440c09f9f2c989dafe2fe8215d1050ef3769f49aad149cbddd4b5133a1711a055e5172894fa617dcf9801b78695e75754bd590deaf816a4233f63311c2e5e9f82413e66f743e96ace48083fb97c869c3d07c8593e0e6a4b8446471e44bc04b6381ba359baba2a60daf4e29fd25d2ddf7ac1a60191474c09e4a4bde1e1ab97dfa01bdbb95cc356c51cde94d26848d60ac4c310fd9691425edd6f14304775f2271b04412473c623b4b74eb53c8e3e4251209ea44689b6144993ee4287353f8a41659cdf456e2544d116064b0e6ea6d0ef105cc207ef3e63f0ff27ecdb32fc1bed4a9f261e3234207bc8d601ae3aebf56bdf6957c49d98e23ac43b90fecd89630fe7b8e7f9c2845c3f791fb7140d9dfe24ef9564b96f1e449fcb84e2e9ec41255f60f5b61994bac1fde331f2560a3d183f96de605e51c48789ef15edd9a85f34978df474811c92a19b838a24fe956fe4b8c4dacf48518418d7d0a276c72a759f0f0fe7efc27ff8f2478164615cd0b86fcff3bf6c4f78e0154267af5f40f52cbf0bac7184d84a1ddae1a8fcfa9d9da983dd470b5d1f656e716eb7309bf07d4cd71818b55927e679033b3ea63f1fe5ec1b0280607e0976e90d714eebbc6710e5fc1dae090dfbcbf6e67f77928615d60bb672e1ef8140eeccaed9a22c122699b4615ff52abd5bda6327b019471f3ecf18497335b8eae99b99211e88ecd068aaad527506c307240fb1949ce6168995120aecb013abbc05b654dee28bc95f5b96b22e69abfd6923eef1a90b6d1152327aaacf5f138547255043723c26711ea3dd937a68445a1fd69642b23336190ae3c5e0555a3def9a38431e8fe95395dbc0c5b7b929f9847a6e74ea21c7bacf248c9830839286af319a94c8c4d01b37779b74e159c4b40ae7004ad95de5db6967e6d5dc8313c9067e6ed161c1fd210c2d17cbfc49061e867154624ed93fb6c06f546d03e8141fe00f983551c4888285c584dce9a3541d24ba38c3a149e865318a8ec53ec577de540b9e421700cb24347368c06eeb568ebca9dd044591cab837fe7a6e70bf2622062753ed1dc2051f2d7867b4c23f657777dc5eafbf4ed86d3e295ea7edfe7213aa0990da23fb288a289dbfd59d4c524cf3f02a2afb25f5e9d7d8cd0166a13ec56d05596152e1a83259ec852f96971afe3aa47a5971bf3b12281f588fd3fe59d29b1ebc6e797d766ec717d76d28f03c1225e85cbd9f5d09080aa9e85dc3dba8be5e3de98cb98aec4c9db811cebe8fe4883dc9c55455c6a7010e8d82d98c20efa3146939c5d1634dfac84310450a7410073e879b0172fc4587450ac286b0b50de0edcec3d97a25a9e12d879ac90d12f8fb0fa38e90289946ede3e1953d4bb896138a733218d9e3b198c5717fba844a72e9622c56bb1df9a9c71fd21111434b3362ebdb0e4b75b348fb53287bc64689d8dc7c2d0ecdf15900ab5f4d5d54cfc4c0c6f6805247bd309dc329a63944a40bac7b21a6d587c1a372ba113d74cb8b102d41cd34dff7d8d4c721fbfd718263c6976983c9dfbc8903fbf05198bc9d7909ccd2e9233f147b8f4827e390ca06e148051ddac02d6e0315638cf85c2ae259d903e7ce2a9fb19c81e9d368663f9b8c2d86a627812cdb36c4f7fd9fd033bb9d1ea26acf621909c791ed181fb16b1553f5654ac2eaff7c77049a6605ab08f19b64b200a276cbb9915b50da6305d07a40d9af915a5c43adfa42e07806b91fca4da099a72ca9375755f8b57d657f567696106ca1fb8abe0c76bebe1a00ac475c3d98137968d1fdb77d1b1ab5f4369e0e5a496ab9d4403e5c25b469096ba7957faf5aa8b8eb1562609279db8570e32947f723e2e4802e43f391a696ce4db76b780a1bea0087bfe9ed878cc7a72e79fde3b6e29eeaebab382488a38cfe20766ce14289e89d91d7b7fd7f8e222968b94c7edcde8144ae48d3ff6253fc86514137b804535cb0276b9a51692ba08c2ab831c82eac25f7d8f9549ad6916bc0ab3667a63dcbf3f4ab81e37fbcdef650ea24ffc952b71cdd0e4abc8ac803a4153877403e14adc800687f5978f9ed73617edd1931e1d777d7e8fe346a169a645b844c639355e8970ecf43e9fc37e78f7d311787de593128d671f2fe8d1efcf9c30be758e39686b3810a354f8f70c3b8875d10f251d14e9f510103d370b4c2a35fc0b7bd4fc4672957889719b982ce9696900570a292a755b85c7aa68bf9d867be67052075ff8e376c58b3471dd7423f5c40cd72f0c27d054d2ddd7b06e63153e67a408b412ee94489c6f9f7add7d19fdf269c3db26a1a6565cb9fa4a8567f398276c50d1c439da577c4018f912fff16262d8b86dbc3b1cf7d56fcf25cf4dce6b1c99f83bcd85beef32bb7f12d6f9eb366be1cb8ca6dd43476be8b3e6c82b8ce48e9a7c279d31f8906014e5e371a102a87a6037d228719caa2c096ed5d8d5d7a6cbda9bf720ae5bf460188afd0ec006eccc1c3e8efc1dc8fbf8ffc1e1fc02ee42e4d65d225fcfc9cf8388afbc51f0b15187477fdabd8fbd1766c09b1c6940a2abe3366018db6834e41c8ccbd65cb049c06659031fd2973f983b4cb4414fc62479c50b0d0bd422b4f826194d2fb83ae56cc3dbd7bb7856c2f33f716bfbedb965c3f08882ab088d6f66d1f2a94f82100e6481c184ee58a98a318ca04561c6140da0a87bc1bec0c13d3517a2dff36223205aa65a00d053f268125a608f52138c6ce64de980391f7adb1563c3fe97ae8bc84142ac7823a9e7645d99f64db79d1fb9dd4dd2afefa", 0x1000}}, 0x1006)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0cc5605, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xe)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000140)=r5)
syz_io_uring_setup(0x50d0, &(0x7f0000000000)={0x0, 0x75c0, 0x4000, 0x3, 0x351}, &(0x7f0000000100), &(0x7f00000001c0))
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x1}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x2, 0x0, 0x6, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)

2m38.961167407s ago: executing program 1 (id=1036):
socket(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r3 = socket$inet6(0xa, 0x80002, 0x0)
modify_ldt$read(0x0, &(0x7f0000000100)=""/155, 0x9b)
rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
r4 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r4, 0x8)
r5 = accept4(r4, 0x0, 0x0, 0x0)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000080)="ef", 0x1}], 0x1)
sendto$inet6(r5, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x4}, 0x8)
close(r5)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2m38.873923282s ago: executing program 33 (id=1036):
socket(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r3 = socket$inet6(0xa, 0x80002, 0x0)
modify_ldt$read(0x0, &(0x7f0000000100)=""/155, 0x9b)
rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
r4 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r4, 0x8)
r5 = accept4(r4, 0x0, 0x0, 0x0)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000080)="ef", 0x1}], 0x1)
sendto$inet6(r5, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x4}, 0x8)
close(r5)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

10.83465828s ago: executing program 2 (id=1647):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
shmat(0x0, &(0x7f0000479000/0x1000)=nil, 0x9000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_POWER(r2, 0x112, 0x9, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
inotify_init1(0x800)
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x400aee2, 0x400, 0xffffffff, 0xbfe00000}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r7}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo/3\x00')
read$eventfd(r8, &(0x7f0000000080), 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1b, 0x0, 0xfffffffd, 0x8000, 0x0, 0xffffffffffffffff, 0xbea}, 0x50)
r9 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r9, 0xc018643a, &(0x7f0000000040)={0x4000001, 0x71, 0x1})
pread64(r9, 0x0, 0x0, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
ioctl$DRM_IOCTL_RM_MAP(r0, 0x4018641b, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f0000479000/0x3000)=nil})

10.816675202s ago: executing program 5 (id=1648):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x400000000003, 0x7ffff, &(0x7f0000006680)) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) (async, rerun: 64)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) (async, rerun: 64)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) (async, rerun: 64)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x82, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0) (async)
ioctl$TCXONC(r0, 0x540a, 0x1) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0xffffffffffffffff, 0x4, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1c0000, 0x1, &(0x7f0000000040))
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x48c00, 0x0) (async)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async)
userfaultfd(0x802)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x3d7b82, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000800000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000032ce8500000004000000850000000500000095", @ANYRES16=r1], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='global_dirty_state\x00', r4}, 0x10) (async, rerun: 64)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8a002, 0x0) (rerun: 64)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000068020000009fc8a14b"])
r8 = syz_io_uring_setup(0x32ba, &(0x7f0000000180)={0x0, 0xc27c, 0x1000, 0x3, 0x169}, &(0x7f0000000080), &(0x7f0000000040))
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000240)=0x5) (async)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) (async)
io_uring_register$IORING_REGISTER_PROBE(r8, 0x8, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x10)
mmap$binder(&(0x7f0000225000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x4)
sendfile(r3, r3, 0x0, 0x2000fb)

9.821243826s ago: executing program 5 (id=1651):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
shmat(0x0, &(0x7f0000479000/0x1000)=nil, 0x9000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_POWER(r2, 0x112, 0x9, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
inotify_init1(0x800)
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x400aee2, 0x400, 0xffffffff, 0xbfe00000}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r7}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
read$eventfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1b, 0x0, 0xfffffffd, 0x8000, 0x0, 0xffffffffffffffff, 0xbea}, 0x50)
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r8, 0xc018643a, &(0x7f0000000040)={0x4000001, 0x71, 0x1})
pread64(r8, 0x0, 0x0, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
ioctl$DRM_IOCTL_RM_MAP(r0, 0x4018641b, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f0000479000/0x3000)=nil})

9.78979637s ago: executing program 2 (id=1652):
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
shmat(0x0, &(0x7f0000479000/0x1000)=nil, 0x9000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_POWER(r1, 0x112, 0x9, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
inotify_init1(0x800)
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x400aee2, 0x400, 0xffffffff, 0xbfe00000}, &(0x7f0000000000), &(0x7f0000000280))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
gettid()
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo/3\x00')
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f0000000040)={0x4000001, 0x71, 0x1})
pread64(r2, 0x0, 0x0, 0x1)

7.376982593s ago: executing program 0 (id=1657):
syz_open_procfs(0x0, &(0x7f0000001100)='net/wireless\x00')
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xf)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000710000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
gettid()
fcntl$addseals(r1, 0x409, 0x9)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[])
mount(&(0x7f00000006c0)=@sr0, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='iso9660\x00', 0x204001, 0x0)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x1e3003, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f0000000300))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000004140)=ANY=[@ANYBLOB="02000000040000", @ANYBLOB="000000000000000018004a28e495d6e91be6fb1d9a20ff730e5fe4621b8768", @ANYBLOB="1f15c2663936d0145be26d7ea8653335edd2c09ae5d13b36b3b2bc2aa842eff83a79fdd5ee1df58091818dbb6626a40810775e9d28a17419d6bd9352db10ad75b1f266d7981e716ed50c327f3f47b39900b4cbf7c9c986326f64e1ae288183b5f805cb2d8ad8c4a5500ecccf633d269f00c8cdfe3e0f667b511e50e4298f7884adc92b88f6a77285de48a88e0a92f57d1868982854595982fa60f18770cf39291bcf95ef86b88afee986d75ae1aebb530030166ea2a20e1133989ff904bd411675d89d9827261ed3044e5d1f0b114a6a434a92dd433ac0e84d55ff09fe13469fbfe12bb093f01635f55d4943abe6e949539a7dc64167b725e4c1b4cd8fcb52b989174ffb58e85ab2af3d46538d616af5adc3f936c5b86b2a0afec1039716c381200e26603dd9844570ab737cfc65bb147eab3863834ee8f971f1d23fde1d8586681f97b9fc715b9b81211ba0a3638565a6e389c01608080909f0b3a7ca675f52922e19cf40b1ef127bc79b0ea80671e74c326fe22e0115d3f3dff88f7ed2c313648d28c6fc8e218b528b56b1af9d2b4a898abf8f5638aedc49b9ccab69fc1d179f22d0b58093e67cddf2af12c8bc3016217ec8de0c2a191bdee789111014395b73a35000de9a4d44e974067e22773d569be4e0731f9347536dcb7a6ac924958cd9b299c67b09b9e0fb8673c596b53ff6b9714d5a86b833176b9b4c57b907a807e2505c73977a16a6f30fb3f821ed46256832c57df3b42e7cbbcf3de0fc09d6eb78d0e1d0afd002940fa0d4aa1e7e11e01b410d9a6f9dbee760f81329772033b1045649907c80d89e86adbd860a5ce55b9ca9a5fbef774be0b084746640a8ada57a684ac3f6e61d64eb766f5c0dfd9c4c2553c8fea17be7a2c438f2445198feab6149085e002482a655809b5fb523dad38bc22a506871a7f749e6dd32c25d12dd3cef6257aec8a684e87c380cf21d961dcc6a19997f07c655e0bfa1d7944b71281becac52b6d1cf6929abb6ed4f36b33a2340a18f1044159e623a592f0d9bfbea1fc66dd71a9118259b155984fdbea2aef572daed20d58cb441ed0ee395cfde5ac54e60d41210b71c9d42f52e05755aa937f8bfff15a68c493e9208b7b66203bcfd06cbeca3128832cb19ee48f246731a350aad250a70b950e90fa9d2bd641dd1c247f1a18a85d2b444a93bbe10616a864b811c8bf733a6bc603a7b4d515c156e73eba4fee34a2afa1df7d802c8ab9d5b68749f0f7c61112862ad790772d07ebd5a4cb305d826c0584e38b5eea90cac7c5799ad8bade81df39827c0797d3baa42f2227c27c2c40c29196586819547c2b9c0c6b07860b7d1af749c240273526f294be6395a4b6e19411d7cce4ade0533bd5b8bcfda54cca4c248223a35bf124a18c74c079e1d31d06729b9eb08cd39e58574de56c40fc96d62df67c0c2811ad641d1c6285b8107516aa6f0ffd69fc5e600d98d2d6dfe2c2b9603275406423fd0ce4c88f99e9962eb75be45102b2ff3b89fa0de79ea80eb65f5fd4583b86d88d34dcdced1282fc451b4d75cd43f88fd5bd74210a2785abd9d3e4f9101f5c6b8684cd7a8f4b4050dd999cc13339c3a98817da0396997b311c7e6c95ad8d40c9f96162b4a444fe07ef620c83757978584b19afe68e623a2960d215062622c0fddbdb0d2a029290b8587a4a155adcbd5629746eb981d6c9f0da4bcad8dcbc72942ec3c220b89a65f7d1bbd25e4f83100109e957c14e5dad53311de7a10c11fe2dcb1940763e9cffed673f943e382f05999e6d5dbf29d6f0fc529194d07ebae66e0172274d736058cb64d56de1774b3df1738a3acea60a763475c322a48c8932111ee01ec85e0e43ecd955541ba14a33cf67af40eee1709e2ae014eb017741ec62bddd8660eb5947c9911000b57ca81760f36c9bfa7bcf2fdbb7992a1e53f690f66582026a3e4b58812d93a8145c0066a20619f4597a70a5a9157182cd4cae9ff3e547f836b260ca93b4493ffb8a3ca1a7fb9cc21d8704fbf99cfdf2f710915fca25673e2f00a71a9754a51cb8c20738d79640932ef2c215cb142e7df1ca2ff27ead10b318f9700b7ca07c2b4858f9472c79d55b1c11a050870a67d6a9fec6b017fcdf9e1301abd00968b5f172ffe6b2c8f58092eb4ef96b71cca0c20045cff2b03dbd9f8571a5f331bee427ed38980f52899d8e8254f96bc5e65c2f2021ae7054f418489e645ab167c897aaef892a69955ce498cbc6035b0e38fdd777bf0d3b6860e4240168c343bb3152a079c204158acb052b7bcd2c55deafbf068cc194b9c4d51078fe7033df94e262082a0bbdf2ff56731ae5311e2e1b4a8dd62d54b02463befae273e35406d4607155d3cfffaddb8ddf55dfc56a6f80e3042d882711052edcd869af2019f13104ea63c04b19112577a98848468642e46b49ae3cc81e72bf5c63cb126a3312f364b0efa12b9dd97a96871459a274a127eb0d11d8c599b3309dec99ff510fb84ff916eb4c23671efb21acb61c853bc540db8dcc17a5b0e48e9402baa58ddfa1c3fc06b61cecf3162c349c77215c3b96dd8d89bd04a9bb2c3e265bbe372ccae14d81b8ba6ea331bf7a4e4bd986ec01adf275b048a6f1874834ae9d6ad768b5f0b24ddd3c1f96b496c9c5ce935de869cf964cd6331f34a86226fcf2529eec25f7baa40da08dd7ff963d4f0fdf2ef8f6685568150684b34ddf01df753b78e3750b07709e998767887f8c02ffd9d3f4817ef6e94b72cd25bc625bb9143031290d23f090f3c99a204e82089b78c2e56e5fe5b8da2ef8b7c6ec1f86b78a03c683af177088135dfa3d3ec078d950bd35930fec3864e77e2c5fcb91beb28ecdd6ba7d0855612af8ac057741becd5ffa10f44d09453dec0e0bed733144526fcbc6c39fc329f5f8368e2ede988adf2721bd67a3aac5e269f8804cdf61c33cf7b5709167b84749b8c215fdf0d7a6137167dfd78d41eba56862b9256359ac59dc6eeb22cc1b16a87733389db4404db53188a9c0d437bd530fed71df9974c487554404f3ebab7e8a64c37bb743fafbb47b74a79847ebde16c32dc22c48549a45879e4379ba5e30fd12f49faf1cd32bf67830f18c3e8334054816588492f0e070370142a7383cb05989c534d14b372d50d4900d5d7eebc3bf97808b3eea035729046743294de4d81ad2590475b9db75f9d26f34e4b1ba61fe6e30a2ba61927f63cbd4a089a9d44ca9cabb4e2bfd971f9e085e933129fdfb698ea32fbd1a962e97370f2a2ae58e0e2fa1bc59250ea8a8edeaa8125d16742e6394350eac919df4ee9a498bf08a970f76d20b241e1659f85a414167e5329fa3445b8197bfb1217582ad60c8ef8fcd4af290b48610445e8b491fe8e416f80cf6a4749ee8f98232e4407fd70689629823c4191cca64f5b5b960fe86a0409ab928f847796d26e372115772b2a16279957d96c131d103dbc292e62f1e8a5527acd3f135b9f616f74181c9514f99b77cf0c1113157ad1d2b6cb6af0384f9ac66de79868ca8f9dd4362342fa3737c2355398fd15015588ac51752670833603991a35ced11671c5254bbbaeb355b52b9efb92af097e5983b29fda57f4d9fc9220890cd982c97d0fa8e595033de3987a0652a9eef2318d36e3f2321976a2c7d7a10ae583d2859733544955032e1b13bb164870c41c19e723d7d1a6745abcfdc9becb30bf6e4fe5affbfd50c8718280bd4ed9800ce3d07870ef17ffed58cbe5505e8d50b27009c91f95188b0eb14d6bc73ea2202feeb02cdb7920d021b623d4eaa34388a8dbc9969a9d6c8e2b1166f1817f8d1f2e1ca5d675e0e898582bf429a2eb4653ad5f97a67346d881c6f450a4146604e555b247e57aa673506c3520b006dff3a53c0fea3373691ffe41bf31888d557e568ee49f8503dd83f16bf945b1bb41f234052ff2241a0df6f5ce9f54bbd2a97c2906fe1a106292580b2332c36d7813d23be7306f07a3b3c1a6ddc809047015eb8ea575d61691c31bbba34c3db97068c38da267fae47bd61964c360ead45cb6ee8b93a963cdf3d10ba9f22922695ed6bc6756a727448e3dffc8e331a4c497670296cc6a2331a5896df6314d5ab6925d2e8f18f615cb4a1a5200735d4a6e94a93f704ace359c1a0920a76ab932723c2f80895a733e9bf6f4586fbac54fe2dc94133bf5c98e0b78ff3df1323f28e545aa79c265e63521d288f741c32f3882229fbff67db8a7f9aab82e8d13c582911395366e2d9ea1d67d9ed4b75869a5894730612fe6cedc9182cec5b50e2929369138e70dda057b71f33bff986997245bd85498cba0184c0262d7372457bf88f90d4d77bc3c619e7c80d7ab75a0372b5ee54820e34efdab41d9597f2c971617a3cadefd84f7700574eac7e75db6da8300efc300c0a2a4bd8291cc4b3fd44797ee6d76ebbd5da91a28f33f8cba5d47de4d0859696c71d400abf72d1857bdbd2e36e52173dc1996e832da8a1e703315e5d4bce4061d824a844caf3c4c6b761525210f9f8fc343d06569f0645f23d586cced89849f44a5735a6272c79bccc977c319a0a7c4d3aa45af3d0675500562b5c0e5341e2a86a6355fa510e987e5998f1589e1b0f071678682c68fc3443d3e60304acfb6b5665cddcb7c4f9e6ff56e7b3e902c8bb80a0bb064762eef5df0c7751baab61f57152a80dcf151dcd458c45dc0c7461fa8462b38bebf483a58fd18a8639d601232cc6f83471822f32817aac1e8323dd8ed5cf339301faaf858c0ebc89ea5f948348b6997f509526eb95257fb8b3f42e2f705ef94c9d79087c219df28026998ea9ff1bb78ba7dbb4b4aafec20b55760da94509de0dba45eb8d4f51fc6c19f4cd1b01852efad7af6f546c1bc71cf553d7f72a9847c2fff23c9a110cb61e981d8fe2b236da79d593afc0e524cf7ef2bc446ecf5ecccb7e8a071907ffe6e3c5b80a33e913dcd7754c7736c8253bd6b524362ae437cbb01a9c063e9fb42e4fda93221203a409d239dd0af6aaff671d36c79503f0fd99b78c171a80d29bbbe5d1a2440c6add499bbdc766ce09030ef5a615430e1bdfc60a1ae7a491e9787fce0e266051525fed232697877c76cc39b3a77329780606b105ac5b7f7ab81814f4a2f629f07d42bcfcab3ee6fae67ea15ff30dde0560e91e509e944510722e97b566494daad981e3c972baec7ab1ad9672210b60fa7db5359f53a5567c0ebe7187f9a9f81bee34e4821b5fedde56b0c376a8c7d4955a88857639842dd53fc9c3f71be193e40144d41ffc1cc6f087558634f57f7c3bb89cc87d09098c7b66b992b44f8842db25ecaed77af16b8c84e3c2da5217cf47f5728260051dfe5e4a09739922737497f308e0108b1e60dce601068060d49c1e4640ba506140130d23f35c35f5cf11895e58334fdeb890d74d7a07ed7fec2e91370f283d7c252c7724345f0d58e7f7fb688f35b05b298022eb7269c85c29256777dac8199c12cbdb406ccf4e50a2de8fddd3d378daa6326ed1afcbfe077ba1aaa12848f46f9a24b6076dd06bfb54f35f6818e6dd75ac618a9cb80aa429c843c21d8d0dcfbe06507c5c4c23c048222e9dc165f9b72182e7d7e6aadcf4abd728dddb11c7e67ccad569dd034aadc63d5b2d5bf3f7e60b506fb30aaf7287eb3a0104430a9161990498e89e79e5acce74296b5770187058cdce277a38c4f82a5d3197e4f3ea691d668ebaee814fd", @ANYRESDEC=r0, @ANYBLOB="000000000200"/28], 0x50)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r5, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

7.046983894s ago: executing program 5 (id=1658):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
shmat(0x0, &(0x7f0000479000/0x1000)=nil, 0x9000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_POWER(r2, 0x112, 0x9, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
inotify_init1(0x800)
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x400aee2, 0x400, 0xffffffff, 0xbfe00000}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo/3\x00')
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1b, 0x0, 0xfffffffd, 0x8000, 0x0, 0xffffffffffffffff, 0xbea}, 0x50)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r7, 0xc018643a, &(0x7f0000000040)={0x4000001, 0x71, 0x1})
pread64(r7, 0x0, 0x0, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$DRM_IOCTL_RM_MAP(r0, 0x4018641b, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f0000479000/0x3000)=nil})

6.624884747s ago: executing program 2 (id=1659):
gettid()
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f512, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="54000000020601040000000000000000000000000c00078008000640000000010500010006000000050005000a00000005000400000000000900020073797a31000000000d000300686173683a6e657400000000bffb2648c216955eadf2594f9a8b282112759761b8fbd6cd305a1b3bfee9337edf84371ab0475b8ec7c4416bd2d503c975aaed22ca96f54d7d7cc8c089ab39"], 0x54}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000500), 0x42, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = dup(r2)
io_setup(0x19, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000500)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x2}])
write$UHID_INPUT(r3, &(0x7f0000000880)={0x8, {"42d1d92b458e9ea9121673103f96e2a6f652a6bdda39b5d7420184a77546c6fff4a436cebd267e2cba6384cfd34afd4d775ba7dae05a62136afcfc54f5d02449793625a11ecd264a66c65811ec065bf3384ba3a94511f88032621b01045583e45e0f9b8befcefeee83c1c07af866dc99b3a7fe5fdee5dc46a3e9cb1edaeba78d42d3be0bca7db3ac5afa44e7331dbdb3ac881558a185f17f98bf0eb96c68c011a16cae07edc32699fe15c4c964be095ef651bfa7c0d94f13fa1c3170e9fb1b6da3eced5ba82a5bf3198a410a82d22a2c9d70affcfa48c6dec8448cee3e26219817c2faa2f4bc424789791e43a266ee715ab789495c7570726e2250d43fb1b1d113097c8fd4c1cb3668b8c892b1adefbe6eeee0516dc7a83e698bd9cc63df91ecf51c3c34cef6dc62c1eabbafdb9fb960522f2241e383b943609aea34880728553c1caf4d435f517ce3364bc62a340cb999324a1b2af232a945cab0bacc01cc3f5aae8e09c0592c78cc75bfbe5419f1b6dcc226456dc3473036665c91f00267de753b542060780257d2e8d72fbccdbad113381ba1cf207c86d959843aa68dbb7a753e6800ebfc3328034691a8a30296741cd1a895cf54ce89a556c2070a7cbb8e682cd8a79a57f484f19f10f34bd307d631a9d215bfabebf4a7aeda75c6d217568c5b281b38470982ec48ac6f636909d15758d95c1461540711b09398a4693fa62c3c93822048ae9675d9d6881191c8f9ec846c188f473cdcfa5273bbbcad0d5d7d36763bc3861076722bd48c3345498cc48048222f5574ec7378bc7efe5252795065bbcdb7ce499e0c0bebee079be6f4c7c5c15cd7e56b6413dd07ad8327044f8b725e8fa9c99c45c0b9daef51afa7c291006b684375316e7a501d35041b18e55b1391e36becf00194ba3630dcee4fde391d15347bc28c6c53cf3cccffe116330739d93a6ff56be34c316a71410281f3c619e7ad12e37c668b1f4795fd27e6f483b85c9763ce42524a66d1ba6ee7156e36678cb78c779d976dbdbdebdff36049aaf0b59c93725746eeeb960d938485c4dfa2b4caa029c6a142fb0119d7247baa3d065fc61f3afb531dd579f857adc835f7ebe3545c6f5ca8b3a749c0832cfe6be5dae01543ea3a56663b5cf58de7daaace2c3271848a65d9bbff1a13b354dd614fbf223dde719dfe6591bb5fe4edc3ac31d9ae18432740b7c05de02b9fb86cf9fe4454961da31cd41ddb6fb95a72e5723d6cc3cb57520806d09a853ecfe29c9cdfce35395f1fd7f2593600f9d5bd7b6b157d5575672430509c7eeebe3805438cfae86a5993cd3e6fa39f9567000c9baf665254042ca19fb1adfdec37720d41dca15523a8073e5c49db4add9caeefdec2b7aafdca5baafe78b9a7f8c2bdd5c58baa8a87ec2f8fcf708045ec7ab899c47481c59184bd10f8319f73263d9b4efefb0247a39fc6d451cae8d3a3a51b6e98977be59b2e1beec3a1a9e0dd8475123c3162d0927eab50f44e48c39a95938a033015b8ef9fc02fdee10540b123c7a53d6706f7476ab88d0d5121676e7d7cbc2635ba281b369f3378afaef92a60c92393efe9c45ccf60f1bdb69097e5f1bc67b1597e6b5de3dd5a7f162690972c6768cf63a9b4a7875268c97b31a427b983196f601d28f1648fd40b4b6a16b4ff4b2737cbd0d14b0c43b0c33d5c876df6591efa0b51bc44413fff32524dab4d198f045b2622c4e2fdcec8e6606b88ed3de71ad0d3dd0dbd661e39acd69af980e1b7c7d539d6498d68b64bac9233efd7d4b00db3fea8c0bf02aebcfb2240bc11ec5bceccccad5b00007a29f345620ae4673f1d41c514e9f5b583433adde93069a1cd01621b50d87dfffd5d410d077b9b4b6b8a807298ee871ff649e8620b06af7988f3d4ae20cb5482121875cdcd9b4e44a74c691c09bac1e7947f2f4f4d228146a1f867633c19ee3b709a86968428f2810d92598bdbcd18b93fbc9a705dda58691ebad397335e80a0cd17b1e6518386251341129e8fdb252b12b741847a4bb8da0e617bbe203f65cfd52cd271dc267598ec0ed469a57fe98e338468839a3cb20caec617f94fa65262e55bd34f2ebd64a88b75779993e6903a50d6ceb7fbf1c6bd1f83b7afa213471d86f52b060c9af2559f3332eab72bbef58de69c481122ad0fdaf499aee6121a52d0ed2b9fc2d62412f8f77e331f025f2ca21adba1434e41577580fae31a3892fdf3e08d1627c6cd1791abc41ac64da3d8aafbd6fbb5ff3d582030162bfc20dbb7aec5ba68a7f88167124d675674b15012930b491540f3d8ea93a6486b64ac5a88bce5491822f0c79cb43a90e349d8480929343b307662ac67934ac3bc5c6e4bc409340ae234f86febf422eae94f22fe41cfacf9b62703a64dca51a81995d646ddb91f0962ebe9c93597349635e73b7604024edb816a07863fbc80febd2d024e497ff03bf91b7f2e6e74601f9564ac8a30bc6571f9e0c6e9cb105bd8204d3a6de3a21952005c22aa4ad68fe4d4d79377d7f19241961cc1993d7cd7fe02bb023702a65024f8cf7e18072ed500ea6a2b545951023f794a0fefb317531ea1f702002ef5897b4629308c28724554d8f0d89fb0369fb6270fa7a885df66e49b6353b65924578e0aea8dd4ee65d32ebeebbc238973aae8fa25b9e4dc36df1a15b174b2ca3c8650ac1f255a1707d46b5d555a61ddccf6c232488c92949e1756e0bbc7d845676b4143ab12ad17f214bc5caae48e410df19616e9e371f8dfc8d00bb4a4a510594479c75276474d9a346db1d357bedb5de96e56846d306a2dfe98d24fd676e79f89e560a95d8894d1160bda8b46bb8e061a6199d373e94c2947f852f4e54c58476d4bc37c66ecfd0d23f967fc73667f9ae39dcc4b14fcb9ab524e04143d624d04c3031dbd9259864c5040a481a5906b870ed4be35818bc6cd45ce4f91bd8e39b424526e36afb87b298eedb187883d5005c4407637f0edacac29f5f6eb38f525a662a6c3c201fd48b811519bc621494440c09f9f2c989dafe2fe8215d1050ef3769f49aad149cbddd4b5133a1711a055e5172894fa617dcf9801b78695e75754bd590deaf816a4233f63311c2e5e9f82413e66f743e96ace48083fb97c869c3d07c8593e0e6a4b8446471e44bc04b6381ba359baba2a60daf4e29fd25d2ddf7ac1a60191474c09e4a4bde1e1ab97dfa01bdbb95cc356c51cde94d26848d60ac4c310fd9691425edd6f14304775f2271b04412473c623b4b74eb53c8e3e4251209ea44689b6144993ee4287353f8a41659cdf456e2544d116064b0e6ea6d0ef105cc207ef3e63f0ff27ecdb32fc1bed4a9f261e3234207bc8d601ae3aebf56bdf6957c49d98e23ac43b90fecd89630fe7b8e7f9c2845c3f791fb7140d9dfe24ef9564b96f1e449fcb84e2e9ec41255f60f5b61994bac1fde331f2560a3d183f96de605e51c48789ef15edd9a85f34978df474811c92a19b838a24fe956fe4b8c4dacf48518418d7d0a276c72a759f0f0fe7efc27ff8f2478164615cd0b86fcff3bf6c4f78e0154267af5f40f52cbf0bac7184d84a1ddae1a8fcfa9d9da983dd470b5d1f656e716eb7309bf07d4cd71818b55927e679033b3ea63f1fe5ec1b0280607e0976e90d714eebbc6710e5fc1dae090dfbcbf6e67f77928615d60bb672e1ef8140eeccaed9a22c122699b4615ff52abd5bda6327b019471f3ecf18497335b8eae99b99211e88ecd068aaad527506c307240fb1949ce6168995120aecb013abbc05b654dee28bc95f5b96b22e69abfd6923eef1a90b6d1152327aaacf5f138547255043723c26711ea3dd937a68445a1fd69642b23336190ae3c5e0555a3def9a38431e8fe95395dbc0c5b7b929f9847a6e74ea21c7bacf248c9830839286af319a94c8c4d01b37779b74e159c4b40ae7004ad95de5db6967e6d5dc8313c9067e6ed161c1fd210c2d17cbfc49061e867154624ed93fb6c06f546d03e8141fe00f983551c4888285c584dce9a3541d24ba38c3a149e865318a8ec53ec577de540b9e421700cb24347368c06eeb568ebca9dd044591cab837fe7a6e70bf2622062753ed1dc2051f2d7867b4c23f657777dc5eafbf4ed86d3e295ea7edfe7213aa0990da23fb288a289dbfd59d4c524cf3f02a2afb25f5e9d7d8cd0166a13ec56d05596152e1a83259ec852f96971afe3aa47a5971bf3b12281f588fd3fe59d29b1ebc6e797d766ec717d76d28f03c1225e85cbd9f5d09080aa9e85dc3dba8be5e3de98cb98aec4c9db811cebe8fe4883dc9c55455c6a7010e8d82d98c20efa3146939c5d1634dfac84310450a7410073e879b0172fc4587450ac286b0b50de0edcec3d97a25a9e12d879ac90d12f8fb0fa38e90289946ede3e1953d4bb896138a733218d9e3b198c5717fba844a72e9622c56bb1df9a9c71fd21111434b3362ebdb0e4b75b348fb53287bc64689d8dc7c2d0ecdf15900ab5f4d5d54cfc4c0c6f6805247bd309dc329a63944a40bac7b21a6d587c1a372ba113d74cb8b102d41cd34dff7d8d4c721fbfd718263c6976983c9dfbc8903fbf05198bc9d7909ccd2e9233f147b8f4827e390ca06e148051ddac02d6e0315638cf85c2ae259d903e7ce2a9fb19c81e9d368663f9b8c2d86a627812cdb36c4f7fd9fd033bb9d1ea26acf621909c791ed181fb16b1553f5654ac2eaff7c77049a6605ab08f19b64b200a276cbb9915b50da6305d07a40d9af915a5c43adfa42e07806b91fca4da099a72ca9375755f8b57d657f567696106ca1fb8abe0c76bebe1a00ac475c3d98137968d1fdb77d1b1ab5f4369e0e5a496ab9d4403e5c25b469096ba7957faf5aa8b8eb1562609279db8570e32947f723e2e4802e43f391a696ce4db76b780a1bea0087bfe9ed878cc7a72e79fde3b6e29eeaebab382488a38cfe20766ce14289e89d91d7b7fd7f8e222968b94c7edcde8144ae48d3ff6253fc86514137b804535cb0276b9a51692ba08c2ab831c82eac25f7d8f9549ad6916bc0ab3667a63dcbf3f4ab81e37fbcdef650ea24ffc952b71cdd0e4abc8ac803a4153877403e14adc800687f5978f9ed73617edd1931e1d777d7e8fe346a169a645b844c639355e8970ecf43e9fc37e78f7d311787de593128d671f2fe8d1efcf9c30be758e39686b3810a354f8f70c3b8875d10f251d14e9f510103d370b4c2a35fc0b7bd4fc4672957889719b982ce9696900570a292a755b85c7aa68bf9d867be67052075ff8e376c58b3471dd7423f5c40cd72f0c27d054d2ddd7b06e63153e67a408b412ee94489c6f9f7add7d19fdf269c3db26a1a6565cb9fa4a8567f398276c50d1c439da577c4018f912fff16262d8b86dbc3b1cf7d56fcf25cf4dce6b1c99f83bcd85beef32bb7f12d6f9eb366be1cb8ca6dd43476be8b3e6c82b8ce48e9a7c279d31f8906014e5e371a102a87a6037d228719caa2c096ed5d8d5d7a6cbda9bf720ae5bf460188afd0ec006eccc1c3e8efc1dc8fbf8ffc1e1fc02ee42e4d65d225fcfc9cf8388afbc51f0b15187477fdabd8fbd1766c09b1c6940a2abe3366018db6834e41c8ccbd65cb049c06659031fd2973f983b4cb4414fc62479c50b0d0bd422b4f826194d2fb83ae56cc3dbd7bb7856c2f33f716bfbedb965c3f08882ab088d6f66d1f2a94f82100e6481c184ee58a98a318ca04561c6140da0a87bc1bec0c13d3517a2dff36223205aa65a00d053f268125a608f52138c6ce64de980391f7adb1563c3fe97ae8bc84142ac7823a9e7645d99f64db79d1fb9dd4dd2afefa", 0x1000}}, 0x1006)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0cc5605, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xe)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000140)=r4)
syz_io_uring_setup(0x50d0, &(0x7f0000000000)={0x0, 0x75c0, 0x4000, 0x3, 0x351}, &(0x7f0000000100), &(0x7f00000001c0))
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x1}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x2, 0x0, 0x6, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)

6.423988815s ago: executing program 0 (id=1660):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x218580, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xffffffff)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e22}, 0xf6)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x0, 0x12002, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x20000000)
pipe2(&(0x7f0000001040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = gettid()
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f00000002c0), 0x0)
write$P9_RGETLOCK(r6, &(0x7f00000000c0)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
tee(r5, r8, 0xfffffffffffffc01, 0x0)
tee(r5, r8, 0x60000000000, 0x0)
socket(0x1f, 0x3, 0xfa)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x40, 0x0)
setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), &(0x7f0000000880)="22cff58056ac", 0xffd7, 0x1)
setxattr$incfs_metadata(&(0x7f0000000000)='./cgroup\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)
r9 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r10 = fcntl$dupfd(r9, 0x0, r9)
write$binfmt_script(r10, &(0x7f0000000100), 0xfffffd9d)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xffff, 0x6, 0x0, 0x0, 0xb, 0x1004, 0x45c5, 0x5, 0x7, 0x2, 0xffffffffffffffff, 0x0, 0x80000004000001, 0x7fffffff], 0xdddd1000, 0x2018d3})

5.480145624s ago: executing program 2 (id=1663):
r0 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f0000000080), 0x4)
socket$nl_route(0x10, 0x3, 0x0)
fchmodat(0xffffffffffffff9c, 0x0, 0x20)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newtaction={0x74, 0x30, 0x9, 0x0, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x2}}, @TCA_MPLS_PROTO={0x6}, @TCA_MPLS_LABEL={0x8}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_open_procfs(r2, &(0x7f0000000380)='net/if_inet6\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r7)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r8 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r8)
execve(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000640)={0x2020}, 0x2020)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01', &(0x7f0000000a40)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
recvmsg(r1, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x0)

5.368567814s ago: executing program 4 (id=1664):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x2c, 0x40, 0x107, 0x70bd2b, 0x0, {0x4, 0x7c}, [@nested={0xfffffffffffffe7e, 0x1c2}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x84;'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x19}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
listen(r2, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @random="0000101d00", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x23, 0x28, 0x64, 0x0, 0x7, 0x6, 0x0, @rand_addr=0x64010102, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x8, 0x87, 0x0, 0xe7}}}}}}, 0x0)

5.280068677s ago: executing program 4 (id=1665):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$CDROM_SEND_PACKET(r3, 0x5393, &(0x7f0000000100)={"0000000000000008e4641d9d", &(0x7f0000000580)="dd4ddfa6fc50d1594c8fa8d688f85930d60eb5e2ba4ccc745a32c00faba05cc4", 0x20, 0x80000001, 0x0, 0x1, 0x0, 0x0, 0x0})
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f00000005c0)=""/114, 0xfffffffffffffff8}, {&(0x7f0000002140)=""/4096}, {&(0x7f0000000400)=""/186}, {&(0x7f00000004c0)=""/160}, {&(0x7f0000000640)=""/113}, {&(0x7f0000004140)=""/4109}], 0x1, 0x3fc, 0xfc8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
connect$l2tp6(r4, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r4, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff14)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114e2, 0x0, 0x3, 0x89}, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4})
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="66643f0aad88f18b", @ANYRESHEX=r5, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYBLOB=',group_id', @ANYRESDEC=0x0])

5.150568638s ago: executing program 0 (id=1666):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$CDROM_SEND_PACKET(r3, 0x5393, &(0x7f0000000100)={"0000000000000008e4641d9d", &(0x7f0000000580)="dd4ddfa6fc50d1594c8fa8d688f85930d60eb5e2ba4ccc745a32c00faba05cc4", 0x20, 0x80000001, 0x0, 0x1, 0x0, 0x0, 0x0})
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f27, 0x5, 0x10000, 0x4, 0x5, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]})
preadv(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f00000005c0)=""/114, 0xfffffffffffffff8}, {&(0x7f0000002140)=""/4096}, {&(0x7f0000000400)=""/186}, {&(0x7f00000004c0)=""/160}, {&(0x7f0000000640)=""/113}, {&(0x7f0000004140)=""/4109}], 0x1, 0x3fc, 0xfc8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r4 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
connect$l2tp6(r4, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r4, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff14)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114e2, 0x0, 0x3, 0x89}, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4})
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="66643f0aad88f18b", @ANYRESHEX=r5, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYBLOB=',group_id', @ANYRESDEC=0x0])

4.252165668s ago: executing program 4 (id=1667):
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffe000/0x1000)=nil)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xfffffeff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000021404d2277a9b8dd3e6b2d22a9763a88226ba18052ab25d2ac9ee920e979e492806afa3f828b836772d93cb77533ae3292418941eea71b2064e13be4d86511c6daec7bae21063123a42646b4fafe97eb99e19c9fb59637a4b4cc468809c7cd10d2a4091d5547f92a22a237c12724c88d4dc83c03c17cc46025678c16019076a42a4db12974f5eeb4f552645c"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
r3 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r3, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x35}}, 0x10, 0x0}, 0x4cbe8)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000340)=<r4=>0x0)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r4, 0x3, 0x4002)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000005c0), &(0x7f0000000600)=0xc)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r5, &(0x7f0000000000), 0xe)
listen(r5, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0xb}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x39}, 0x0, 0x1, 0x0, 0x4}, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='net/kcm\x00')

4.086881716s ago: executing program 0 (id=1668):
syz_open_procfs(0x0, &(0x7f0000001100)='net/wireless\x00')
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xf)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000710000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
gettid()
fcntl$addseals(r1, 0x409, 0x9)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[])
mount(&(0x7f00000006c0)=@sr0, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='iso9660\x00', 0x204001, 0x0)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x1e3003, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f0000000300))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000004140)=ANY=[@ANYBLOB="02000000040000", @ANYBLOB="000000000000000018004a28e495d6e91be6fb1d9a20ff730e5fe4621b8768", @ANYBLOB="1f15c2663936d0145be26d7ea8653335edd2c09ae5d13b36b3b2bc2aa842eff83a79fdd5ee1df58091818dbb6626a40810775e9d28a17419d6bd9352db10ad75b1f266d7981e716ed50c327f3f47b39900b4cbf7c9c986326f64e1ae288183b5f805cb2d8ad8c4a5500ecccf633d269f00c8cdfe3e0f667b511e50e4298f7884adc92b88f6a77285de48a88e0a92f57d1868982854595982fa60f18770cf39291bcf95ef86b88afee986d75ae1aebb530030166ea2a20e1133989ff904bd411675d89d9827261ed3044e5d1f0b114a6a434a92dd433ac0e84d55ff09fe13469fbfe12bb093f01635f55d4943abe6e949539a7dc64167b725e4c1b4cd8fcb52b989174ffb58e85ab2af3d46538d616af5adc3f936c5b86b2a0afec1039716c381200e26603dd9844570ab737cfc65bb147eab3863834ee8f971f1d23fde1d8586681f97b9fc715b9b81211ba0a3638565a6e389c01608080909f0b3a7ca675f52922e19cf40b1ef127bc79b0ea80671e74c326fe22e0115d3f3dff88f7ed2c313648d28c6fc8e218b528b56b1af9d2b4a898abf8f5638aedc49b9ccab69fc1d179f22d0b58093e67cddf2af12c8bc3016217ec8de0c2a191bdee789111014395b73a35000de9a4d44e974067e22773d569be4e0731f9347536dcb7a6ac924958cd9b299c67b09b9e0fb8673c596b53ff6b9714d5a86b833176b9b4c57b907a807e2505c73977a16a6f30fb3f821ed46256832c57df3b42e7cbbcf3de0fc09d6eb78d0e1d0afd002940fa0d4aa1e7e11e01b410d9a6f9dbee760f81329772033b1045649907c80d89e86adbd860a5ce55b9ca9a5fbef774be0b084746640a8ada57a684ac3f6e61d64eb766f5c0dfd9c4c2553c8fea17be7a2c438f2445198feab6149085e002482a655809b5fb523dad38bc22a506871a7f749e6dd32c25d12dd3cef6257aec8a684e87c380cf21d961dcc6a19997f07c655e0bfa1d7944b71281becac52b6d1cf6929abb6ed4f36b33a2340a18f1044159e623a592f0d9bfbea1fc66dd71a9118259b155984fdbea2aef572daed20d58cb441ed0ee395cfde5ac54e60d41210b71c9d42f52e05755aa937f8bfff15a68c493e9208b7b66203bcfd06cbeca3128832cb19ee48f246731a350aad250a70b950e90fa9d2bd641dd1c247f1a18a85d2b444a93bbe10616a864b811c8bf733a6bc603a7b4d515c156e73eba4fee34a2afa1df7d802c8ab9d5b68749f0f7c61112862ad790772d07ebd5a4cb305d826c0584e38b5eea90cac7c5799ad8bade81df39827c0797d3baa42f2227c27c2c40c29196586819547c2b9c0c6b07860b7d1af749c240273526f294be6395a4b6e19411d7cce4ade0533bd5b8bcfda54cca4c248223a35bf124a18c74c079e1d31d06729b9eb08cd39e58574de56c40fc96d62df67c0c2811ad641d1c6285b8107516aa6f0ffd69fc5e600d98d2d6dfe2c2b9603275406423fd0ce4c88f99e9962eb75be45102b2ff3b89fa0de79ea80eb65f5fd4583b86d88d34dcdced1282fc451b4d75cd43f88fd5bd74210a2785abd9d3e4f9101f5c6b8684cd7a8f4b4050dd999cc13339c3a98817da0396997b311c7e6c95ad8d40c9f96162b4a444fe07ef620c83757978584b19afe68e623a2960d215062622c0fddbdb0d2a029290b8587a4a155adcbd5629746eb981d6c9f0da4bcad8dcbc72942ec3c220b89a65f7d1bbd25e4f83100109e957c14e5dad53311de7a10c11fe2dcb1940763e9cffed673f943e382f05999e6d5dbf29d6f0fc529194d07ebae66e0172274d736058cb64d56de1774b3df1738a3acea60a763475c322a48c8932111ee01ec85e0e43ecd955541ba14a33cf67af40eee1709e2ae014eb017741ec62bddd8660eb5947c9911000b57ca81760f36c9bfa7bcf2fdbb7992a1e53f690f66582026a3e4b58812d93a8145c0066a20619f4597a70a5a9157182cd4cae9ff3e547f836b260ca93b4493ffb8a3ca1a7fb9cc21d8704fbf99cfdf2f710915fca25673e2f00a71a9754a51cb8c20738d79640932ef2c215cb142e7df1ca2ff27ead10b318f9700b7ca07c2b4858f9472c79d55b1c11a050870a67d6a9fec6b017fcdf9e1301abd00968b5f172ffe6b2c8f58092eb4ef96b71cca0c20045cff2b03dbd9f8571a5f331bee427ed38980f52899d8e8254f96bc5e65c2f2021ae7054f418489e645ab167c897aaef892a69955ce498cbc6035b0e38fdd777bf0d3b6860e4240168c343bb3152a079c204158acb052b7bcd2c55deafbf068cc194b9c4d51078fe7033df94e262082a0bbdf2ff56731ae5311e2e1b4a8dd62d54b02463befae273e35406d4607155d3cfffaddb8ddf55dfc56a6f80e3042d882711052edcd869af2019f13104ea63c04b19112577a98848468642e46b49ae3cc81e72bf5c63cb126a3312f364b0efa12b9dd97a96871459a274a127eb0d11d8c599b3309dec99ff510fb84ff916eb4c23671efb21acb61c853bc540db8dcc17a5b0e48e9402baa58ddfa1c3fc06b61cecf3162c349c77215c3b96dd8d89bd04a9bb2c3e265bbe372ccae14d81b8ba6ea331bf7a4e4bd986ec01adf275b048a6f1874834ae9d6ad768b5f0b24ddd3c1f96b496c9c5ce935de869cf964cd6331f34a86226fcf2529eec25f7baa40da08dd7ff963d4f0fdf2ef8f6685568150684b34ddf01df753b78e3750b07709e998767887f8c02ffd9d3f4817ef6e94b72cd25bc625bb9143031290d23f090f3c99a204e82089b78c2e56e5fe5b8da2ef8b7c6ec1f86b78a03c683af177088135dfa3d3ec078d950bd35930fec3864e77e2c5fcb91beb28ecdd6ba7d0855612af8ac057741becd5ffa10f44d09453dec0e0bed733144526fcbc6c39fc329f5f8368e2ede988adf2721bd67a3aac5e269f8804cdf61c33cf7b5709167b84749b8c215fdf0d7a6137167dfd78d41eba56862b9256359ac59dc6eeb22cc1b16a87733389db4404db53188a9c0d437bd530fed71df9974c487554404f3ebab7e8a64c37bb743fafbb47b74a79847ebde16c32dc22c48549a45879e4379ba5e30fd12f49faf1cd32bf67830f18c3e8334054816588492f0e070370142a7383cb05989c534d14b372d50d4900d5d7eebc3bf97808b3eea035729046743294de4d81ad2590475b9db75f9d26f34e4b1ba61fe6e30a2ba61927f63cbd4a089a9d44ca9cabb4e2bfd971f9e085e933129fdfb698ea32fbd1a962e97370f2a2ae58e0e2fa1bc59250ea8a8edeaa8125d16742e6394350eac919df4ee9a498bf08a970f76d20b241e1659f85a414167e5329fa3445b8197bfb1217582ad60c8ef8fcd4af290b48610445e8b491fe8e416f80cf6a4749ee8f98232e4407fd70689629823c4191cca64f5b5b960fe86a0409ab928f847796d26e372115772b2a16279957d96c131d103dbc292e62f1e8a5527acd3f135b9f616f74181c9514f99b77cf0c1113157ad1d2b6cb6af0384f9ac66de79868ca8f9dd4362342fa3737c2355398fd15015588ac51752670833603991a35ced11671c5254bbbaeb355b52b9efb92af097e5983b29fda57f4d9fc9220890cd982c97d0fa8e595033de3987a0652a9eef2318d36e3f2321976a2c7d7a10ae583d2859733544955032e1b13bb164870c41c19e723d7d1a6745abcfdc9becb30bf6e4fe5affbfd50c8718280bd4ed9800ce3d07870ef17ffed58cbe5505e8d50b27009c91f95188b0eb14d6bc73ea2202feeb02cdb7920d021b623d4eaa34388a8dbc9969a9d6c8e2b1166f1817f8d1f2e1ca5d675e0e898582bf429a2eb4653ad5f97a67346d881c6f450a4146604e555b247e57aa673506c3520b006dff3a53c0fea3373691ffe41bf31888d557e568ee49f8503dd83f16bf945b1bb41f234052ff2241a0df6f5ce9f54bbd2a97c2906fe1a106292580b2332c36d7813d23be7306f07a3b3c1a6ddc809047015eb8ea575d61691c31bbba34c3db97068c38da267fae47bd61964c360ead45cb6ee8b93a963cdf3d10ba9f22922695ed6bc6756a727448e3dffc8e331a4c497670296cc6a2331a5896df6314d5ab6925d2e8f18f615cb4a1a5200735d4a6e94a93f704ace359c1a0920a76ab932723c2f80895a733e9bf6f4586fbac54fe2dc94133bf5c98e0b78ff3df1323f28e545aa79c265e63521d288f741c32f3882229fbff67db8a7f9aab82e8d13c582911395366e2d9ea1d67d9ed4b75869a5894730612fe6cedc9182cec5b50e2929369138e70dda057b71f33bff986997245bd85498cba0184c0262d7372457bf88f90d4d77bc3c619e7c80d7ab75a0372b5ee54820e34efdab41d9597f2c971617a3cadefd84f7700574eac7e75db6da8300efc300c0a2a4bd8291cc4b3fd44797ee6d76ebbd5da91a28f33f8cba5d47de4d0859696c71d400abf72d1857bdbd2e36e52173dc1996e832da8a1e703315e5d4bce4061d824a844caf3c4c6b761525210f9f8fc343d06569f0645f23d586cced89849f44a5735a6272c79bccc977c319a0a7c4d3aa45af3d0675500562b5c0e5341e2a86a6355fa510e987e5998f1589e1b0f071678682c68fc3443d3e60304acfb6b5665cddcb7c4f9e6ff56e7b3e902c8bb80a0bb064762eef5df0c7751baab61f57152a80dcf151dcd458c45dc0c7461fa8462b38bebf483a58fd18a8639d601232cc6f83471822f32817aac1e8323dd8ed5cf339301faaf858c0ebc89ea5f948348b6997f509526eb95257fb8b3f42e2f705ef94c9d79087c219df28026998ea9ff1bb78ba7dbb4b4aafec20b55760da94509de0dba45eb8d4f51fc6c19f4cd1b01852efad7af6f546c1bc71cf553d7f72a9847c2fff23c9a110cb61e981d8fe2b236da79d593afc0e524cf7ef2bc446ecf5ecccb7e8a071907ffe6e3c5b80a33e913dcd7754c7736c8253bd6b524362ae437cbb01a9c063e9fb42e4fda93221203a409d239dd0af6aaff671d36c79503f0fd99b78c171a80d29bbbe5d1a2440c6add499bbdc766ce09030ef5a615430e1bdfc60a1ae7a491e9787fce0e266051525fed232697877c76cc39b3a77329780606b105ac5b7f7ab81814f4a2f629f07d42bcfcab3ee6fae67ea15ff30dde0560e91e509e944510722e97b566494daad981e3c972baec7ab1ad9672210b60fa7db5359f53a5567c0ebe7187f9a9f81bee34e4821b5fedde56b0c376a8c7d4955a88857639842dd53fc9c3f71be193e40144d41ffc1cc6f087558634f57f7c3bb89cc87d09098c7b66b992b44f8842db25ecaed77af16b8c84e3c2da5217cf47f5728260051dfe5e4a09739922737497f308e0108b1e60dce601068060d49c1e4640ba506140130d23f35c35f5cf11895e58334fdeb890d74d7a07ed7fec2e91370f283d7c252c7724345f0d58e7f7fb688f35b05b298022eb7269c85c29256777dac8199c12cbdb406ccf4e50a2de8fddd3d378daa6326ed1afcbfe077ba1aaa12848f46f9a24b6076dd06bfb54f35f6818e6dd75ac618a9cb80aa429c843c21d8d0dcfbe06507c5c4c23c048222e9dc165f9b72182e7d7e6aadcf4abd728dddb11c7e67ccad569dd034aadc63d5b2d5bf3f7e60b506fb30aaf7287eb3a0104430a9161990498e89e79e5acce74296b5770187058cdce277a38c4f82a5d3197e4f3ea691d668ebaee814fd", @ANYRESDEC=r0, @ANYBLOB="000000000200"/28], 0x50)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r5, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

3.871852294s ago: executing program 5 (id=1669):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000340)=""/116, 0x74}], 0x1, &(0x7f00000005c0)=""/166, 0xa6}, 0x9}], 0x1, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[], 0x48)
syz_open_dev$video4linux(0x0, 0x65a, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
close(0x3)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000140), 0x5, r3}, 0x38)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r4 = socket$kcm(0x2b, 0x1, 0x0)
r5 = syz_io_uring_setup(0x88f, 0x0, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0x47f6, 0x0, 0x2, 0x0, 0x0)
sendmsg$inet(r4, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000c08d)
shutdown(r4, 0x1)
dup(0xffffffffffffffff)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0)

3.831688337s ago: executing program 2 (id=1670):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x1})
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000140)={0x2, 0x0, [{0x1b, 0x0, 0x1ff}, {0x98d, 0x0, 0x3}]})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
timerfd_create(0x7, 0x80800)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r5, &(0x7f0000000400)={0x2020}, 0x2020)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
dup3(r0, r4, 0x80000)
r6 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_G_FMT(r6, 0xc0d05604, &(0x7f0000000440)={0x5, @sliced={0x100, [0x3, 0x4, 0x5, 0x1003, 0xfff1, 0x3, 0x0, 0xe8ac, 0x8, 0x5, 0x0, 0x1e, 0xa82f, 0xffff, 0x6, 0x8, 0x8, 0x3, 0x9, 0x3, 0xfffd, 0x4, 0x1, 0x3, 0x83d9, 0x8, 0x87e, 0xf, 0x4, 0x200, 0x2, 0x6, 0x1b67, 0x4, 0x3ff, 0xc15e, 0x3, 0x0, 0x9, 0xaa, 0xfffc, 0x6, 0x7, 0x3, 0xfffb, 0xfff, 0x8, 0x15c6], 0x3}})
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r7, 0x0)
r8 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r8, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r8, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r8, 0x7b2, &(0x7f0000000280)={0x0, 0x2, 0x0, 0x6})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f00000001c0))
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000004c0)="e0"})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000200)=[@acquire, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
r9 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r9, 0x89f2, &(0x7f0000000300)={'syztnl0\x00', &(0x7f0000002440)={'syztnl2\x00', <r10=>0x0, 0x8000, 0x700, 0x8, 0x3, {{0xb, 0x4, 0x3, 0x9, 0x2c, 0x66, 0x0, 0x5, 0x29, 0x0, @broadcast, @broadcast, {[@rr={0x7, 0x17, 0x32, [@remote, @local, @loopback, @broadcast, @private=0xa010102]}, @end]}}}}})
sendmsg$nl_route_sched(r9, &(0x7f0000002540)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000380)={&(0x7f00000024c0)=@deltfilter={0x50, 0x2d, 0x100, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r10, {0x0, 0x6}, {0x9e8368208d36da24, 0x4}, {0xfff1, 0xfff9}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0x9, 0x4}}]}}, @TCA_RATE={0x6, 0x5, {0x2}}, @TCA_RATE={0x6, 0x5, {0x8, 0x3}}, @TCA_CHAIN={0x8, 0xb, 0x7f}]}, 0x50}}, 0x4000)
read$FUSE(r9, &(0x7f0000006380)={0x2020}, 0x2020)

3.336759937s ago: executing program 5 (id=1671):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
shmat(0x0, &(0x7f0000479000/0x1000)=nil, 0x9000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_POWER(r2, 0x112, 0x9, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
inotify_init1(0x800)
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x400aee2, 0x400, 0xffffffff, 0xbfe00000}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
read$eventfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1b, 0x0, 0xfffffffd, 0x8000, 0x0, 0xffffffffffffffff, 0xbea}, 0x50)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r7, 0xc018643a, &(0x7f0000000040)={0x4000001, 0x71, 0x1})
pread64(r7, 0x0, 0x0, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$DRM_IOCTL_RM_MAP(r0, 0x4018641b, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f0000479000/0x3000)=nil})

3.309918948s ago: executing program 4 (id=1672):
socket$kcm(0x11, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x400000000000000, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket(0x8000000010, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000b40)='neigh_create\x00', r0}, 0x18)
write(r1, &(0x7f00000002c0)="fc0000001c000704ab5b2509b86803000aab087a0400000001481193210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

3.12270321s ago: executing program 0 (id=1673):
socket$nl_netfilter(0x10, 0x3, 0xc)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f00000007c0)={'syz0\x00', {0x0, 0x0, 0x0, 0x7f}, 0x0, [0x80000000, 0x3, 0x3ff, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x7a1d, 0x0, 0x0, 0xf5b1, 0xffffffff, 0x8, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x6, 0x0, 0x1], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffff8, 0x2, 0xfffffffc, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4771], [0x0, 0x7f, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x10, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xf, 0xfffffffc, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4], [0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, 0xfffffffd, 0x0, 0x0, 0x0, 0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r0, 0x5501)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(0xffffffffffffffff, 0x12, 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000001180)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
r2 = add_key(&(0x7f0000000000)='id_legacy\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0xffffffffffffffff)
read$FUSE(0xffffffffffffffff, &(0x7f0000002d80)={0x2020}, 0xfffffffffffffe79)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$sequencer(0xffffff9c, &(0x7f0000000780), 0x100, 0x0)
r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
dup2(r3, r3)
socket$inet6_tcp(0xa, 0x1, 0x0)

3.060206265s ago: executing program 4 (id=1674):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r2, &(0x7f0000001140)=[{&(0x7f0000000c00)=@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001000)=[{&(0x7f0000000c40)="d73d", 0x2}], 0x1, &(0x7f00000010c0)=ANY=[@ANYBLOB="14000000840000000500000000000000080000001c000000840000000800000100000000000000000000000000000001"], 0x30, 0x49}], 0x1, 0x20040000)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000005800000000000000000f0e00fda2fab18eedaba101800095000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
ioctl$FUSE_DEV_IOC_CLONE(r3, 0xe503, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x854}, 0x4004000)
r7 = openat$uhid(0xffffff9c, 0x0, 0x2, 0x0)
r8 = openat$vimc1(0xffffff9c, &(0x7f0000000400), 0x2, 0x0)
poll(&(0x7f0000000440)=[{0xffffffffffffffff, 0x20}, {r3}, {r5, 0x141}, {r7, 0x2200}, {r8, 0x1084}, {r3, 0x4200}, {r1, 0x200}], 0x7, 0x1)
writev(0xffffffffffffffff, 0x0, 0x0)
r9 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0xa800, 0x0)
ioctl$RTC_WKALM_RD(r9, 0x80287010, 0x0)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x4)
r10 = fsopen(&(0x7f0000000040)='ocfs2\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r10, 0x1, &(0x7f0000000200)='source', &(0x7f00000002c0)='\\/\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x02\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\xda\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xa1\xc3j$v\xefw\x96/\xff\xa2\xfc\xe3\xb8\xc7\x0f\xaaQ\x98F*T\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0)
r11 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
setsockopt$PNPIPE_INITSTATE(r1, 0x113, 0x4, &(0x7f00000001c0)=0x1, 0x4)
ioctl$COMEDI_LOCK(r11, 0x6405)
r12 = syz_open_dev$sndctrl(&(0x7f0000000240), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r12, 0xc1105511, &(0x7f0000000300)={{0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$HIDIOCSFLAG(r1, 0x4004480f, &(0x7f0000000180)=0x1)
clock_adjtime(0x0, &(0x7f0000000000)={0x0, 0x80000001, 0x800000000b, 0xff, 0x4, 0x20000000008, 0x79800000, 0xffff, 0x6, 0x6, 0xffffffffffffffff, 0x5, 0x810f, 0x3, 0xfffffffffffffffc, 0xffffffff, 0xfffffffffffffff0, 0x1, 0x5, 0x800, 0x8000, 0x2, 0x0, 0x4, 0x4, 0x8})
r13 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400200142603600e122f00160006000400a8000600200003400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xfb}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)

2.867347852s ago: executing program 0 (id=1675):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
shmat(0x0, &(0x7f0000479000/0x1000)=nil, 0x9000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_POWER(r2, 0x112, 0x9, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
inotify_init1(0x800)
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x400aee2, 0x400, 0xffffffff, 0xbfe00000}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo/3\x00')
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1b, 0x0, 0xfffffffd, 0x8000, 0x0, 0xffffffffffffffff, 0xbea}, 0x50)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r7, 0xc018643a, &(0x7f0000000040)={0x4000001, 0x71, 0x1})
pread64(r7, 0x0, 0x0, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$DRM_IOCTL_RM_MAP(r0, 0x4018641b, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f0000479000/0x3000)=nil})

2.588640571s ago: executing program 2 (id=1676):
getpeername$l2tp6(0xffffffffffffffff, 0x0, &(0x7f0000000100))
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
r1 = creat(0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r1, 0x0)
sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f0000000500)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000004c0)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x20000091}, 0x40001)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = getpgid(0x0)
ptrace(0x10, r3)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_int(r2, 0x6, 0x18, &(0x7f0000000080)=0x80000049, 0x4)
getsockopt$inet_tcp_int(r2, 0x6, 0x18, 0x0, &(0x7f0000000040))
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x891}, 0x4000000)
ioctl$COMEDI_INSNLIST(r0, 0x8008640b, &(0x7f00000000c0)={0x47, &(0x7f000017b6c0)=[{0x4000000, 0x92ff, 0x0, 0x0, 0x1}]})
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
sync()
openat2(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x420000, 0x82, 0x8}, 0x18)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff8)
keyctl$invalidate(0x15, r4)

1.87178005s ago: executing program 4 (id=1677):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f27, 0x5, 0x10000, 0x4, 0x5, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]})
preadv(0xffffffffffffffff, &(0x7f0000000300)=[{&(0x7f00000005c0)=""/114, 0xfffffffffffffff8}, {&(0x7f0000002140)=""/4096}, {&(0x7f0000000400)=""/186}, {&(0x7f00000004c0)=""/160}, {&(0x7f0000000640)=""/113}, {&(0x7f0000004140)=""/4109}], 0x1, 0x3fc, 0xfc8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r3 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)
connect$l2tp6(r3, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r3, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff14)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114e2, 0x0, 0x3, 0x89}, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4})
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="66643f0aad88f18b", @ANYRESHEX=r4, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYBLOB=',group_id', @ANYRESDEC=0x0])

0s ago: executing program 5 (id=1678):
syz_open_dev$sndctrl(&(0x7f0000000040), 0x1, 0x48001)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000e00)=ANY=[@ANYBLOB="180000000000000000000095000000000010009c07b346cb5e13f8772644f4971e732de04fedad572bac3404f614c6921cc6566233111a04388a1dd9abd53082a556d3870cc36484b7afd31929aee457d4af6b6ec2d0aec2be5822d676d4d9c11f086b9ee55435fa635bf655e9a79e6ef3c3e8ad04cf1da9c1a928f766b975a31f0c49d8b56581c9304a570a7c27812e5da8d9143ea1ecc8e0f700befc1d70bf4fa9b153672e1e6924fddc5f747e8013"], &(0x7f0000000140)='syzkaller\x00', 0xfffffe01, 0x0, 0x0, 0x0, 0x22}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x9, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4040001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb0100", 0x25}, {&(0x7f0000000040)="aa1d484ea0a00000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfb", 0x26}], 0x2)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0)
recvmsg(r4, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x2062)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}}, 0x0)

kernel console output (not intermixed with test programs):

rface deactivated: batadv_slave_0
[  270.076719][   T95] batman_adv: batadv0: Removing interface: batadv_slave_0
[  270.080735][   T95] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  270.090579][   T95] batman_adv: batadv0: Removing interface: batadv_slave_1
[  270.263958][ T9863] netlink: 'syz.2.1044': attribute type 13 has an invalid length.
[  270.284913][   T95] veth1_macvtap: left promiscuous mode
[  270.287707][   T95] veth0_macvtap: left promiscuous mode
[  270.290285][   T95] veth1_vlan: left promiscuous mode
[  270.292833][   T95] veth0_vlan: left promiscuous mode
[  271.126400][   T95] team0 (unregistering): Port device team_slave_1 removed
[  271.215428][   T95] team0 (unregistering): Port device team_slave_0 removed
[  271.397562][ T9887] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  271.620568][ T9888] fuse: Unknown parameter 'u00000000000000000000'
[  271.772603][ T6000] usb 42-1: device descriptor read/8, error -110
[  271.805302][ T9863] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  272.047290][ T9897] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1052'.
[  272.050947][ T9897] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1052'.
[  272.057777][ T9892] netlink: 332 bytes leftover after parsing attributes in process `syz.4.1051'.
[  272.060643][ T9892] netlink: 332 bytes leftover after parsing attributes in process `syz.4.1051'.
[  272.172138][ T9900] input: syz0 as /devices/virtual/input/input21
[  272.216304][ T6000] usb usb42-port1: attempt power cycle
[  272.302133][   T95] IPVS: stop unused estimator thread 0...
[  272.697480][ T9914] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1057'.
[  272.803462][ T6000] usb usb42-port1: unable to enumerate USB device
[  272.975140][ T9916] netlink: 'syz.4.1058': attribute type 13 has an invalid length.
[  273.513092][ T9926] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  273.530041][ T9924] FAULT_INJECTION: forcing a failure.
[  273.530041][ T9924] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  273.540091][ T9924] CPU: 3 UID: 0 PID: 9924 Comm: syz.5.1060 Not tainted syzkaller #0 PREEMPT(full) 
[  273.540107][ T9924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  273.540114][ T9924] Call Trace:
[  273.540118][ T9924]  <TASK>
[  273.540122][ T9924]  dump_stack_lvl+0x16c/0x1f0
[  273.540138][ T9924]  should_fail_ex+0x512/0x640
[  273.540160][ T9924]  _copy_from_iter+0x29f/0x1720
[  273.540188][ T9924]  ? __pfx__copy_from_iter+0x10/0x10
[  273.540211][ T9924]  ? rcu_is_watching+0x12/0xc0
[  273.540232][ T9924]  ? rcu_is_watching+0x12/0xc0
[  273.540249][ T9924]  ? kfree+0x252/0x6d0
[  273.540262][ T9924]  ? file_tty_write.constprop.0+0x6f3/0x9b0
[  273.540279][ T9924]  file_tty_write.constprop.0+0x487/0x9b0
[  273.540294][ T9924]  vfs_write+0x7d3/0x11d0
[  273.540306][ T9924]  ? __pfx_tty_write+0x10/0x10
[  273.540318][ T9924]  ? __pfx_vfs_write+0x10/0x10
[  273.540328][ T9924]  ? find_held_lock+0x2b/0x80
[  273.540348][ T9924]  ksys_write+0x12a/0x250
[  273.540359][ T9924]  ? __pfx_ksys_write+0x10/0x10
[  273.540371][ T9924]  ? rcu_is_watching+0x12/0xc0
[  273.540383][ T9924]  __do_fast_syscall_32+0x7c/0x300
[  273.540398][ T9924]  do_fast_syscall_32+0x32/0x80
[  273.540410][ T9924]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  273.540423][ T9924] RIP: 0023:0xf7fb5579
[  273.540432][ T9924] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  273.540442][ T9924] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  273.540452][ T9924] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 0000000080002080
[  273.540459][ T9924] RDX: 0000000000001006 RSI: 0000000000000000 RDI: 0000000000000000
[  273.540464][ T9924] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  273.540470][ T9924] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  273.540475][ T9924] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  273.540489][ T9924]  </TASK>
[  273.626173][ T9916] warn_alloc: 2 callbacks suppressed
[  273.626191][ T9916] syz.4.1058: vmalloc error: size 4194304, failed to allocated page array size 8192, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  273.659524][ T9916] CPU: 2 UID: 0 PID: 9916 Comm: syz.4.1058 Not tainted syzkaller #0 PREEMPT(full) 
[  273.659553][ T9916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  273.659564][ T9916] Call Trace:
[  273.659572][ T9916]  <TASK>
[  273.659580][ T9916]  dump_stack_lvl+0x16c/0x1f0
[  273.659607][ T9916]  warn_alloc+0x248/0x3a0
[  273.659628][ T9916]  ? __pfx_warn_alloc+0x10/0x10
[  273.659658][ T9916]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  273.659687][ T9916]  ? __vmalloc_node_noprof+0xad/0xf0
[  273.659718][ T9916]  __vmalloc_node_range_noprof+0xfe2/0x1480
[  273.659742][ T9916]  ? __kasan_kmalloc+0xaa/0xb0
[  273.659762][ T9916]  ? pfifo_fast_change_tx_queue_len+0xe7/0xb90
[  273.659796][ T9916]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  273.659829][ T9916]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  273.659860][ T9916]  ? ___kmalloc_large_node+0xed/0x160
[  273.659891][ T9916]  __kvmalloc_node_noprof+0x431/0x9c0
[  273.659913][ T9916]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  273.659942][ T9916]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  273.659976][ T9916]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  273.660001][ T9916]  pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  273.660046][ T9916]  ? __pfx_pfifo_fast_change_tx_queue_len+0x10/0x10
[  273.660070][ T9916]  ? dev_deactivate+0x15c/0x1c0
[  273.660106][ T9916]  ? __pfx_pfifo_fast_change_tx_queue_len+0x10/0x10
[  273.660132][ T9916]  dev_qdisc_change_tx_queue_len+0x169/0x380
[  273.660168][ T9916]  netif_change_tx_queue_len+0x1a1/0x1e0
[  273.660189][ T9916]  ? __pfx_netif_change_tx_queue_len+0x10/0x10
[  273.660212][ T9916]  ? netif_change_flags+0x10d/0x160
[  273.660233][ T9916]  do_setlink.constprop.0+0xd00/0x4380
[  273.660257][ T9916]  ? preempt_schedule_common+0x44/0xc0
[  273.660280][ T9916]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  273.660300][ T9916]  ? preempt_count_add+0x76/0x150
[  273.660333][ T9916]  ? __lock_acquire+0xb8a/0x1c90
[  273.660368][ T9916]  ? __mutex_trylock_common+0xe9/0x250
[  273.660394][ T9916]  ? __pfx___mutex_trylock_common+0x10/0x10
[  273.660422][ T9916]  ? __pfx___might_resched+0x10/0x10
[  273.660442][ T9916]  ? rcu_is_watching+0x12/0xc0
[  273.660462][ T9916]  ? trace_contention_end+0xdd/0x130
[  273.660489][ T9916]  ? __mutex_lock+0x1c5/0x1060
[  273.660509][ T9916]  ? __nla_validate_parse+0x600/0x2880
[  273.660533][ T9916]  ? rcu_is_watching+0x12/0xc0
[  273.660555][ T9916]  ? __pfx___mutex_lock+0x10/0x10
[  273.660594][ T9916]  rtnl_newlink+0x18e0/0x2000
[  273.660623][ T9916]  ? __pfx_rtnl_newlink+0x10/0x10
[  273.660642][ T9916]  ? rcu_is_watching+0x12/0xc0
[  273.660661][ T9916]  ? finish_task_switch.isra.0+0x221/0xc10
[  273.660680][ T9916]  ? lockdep_hardirqs_on+0x7c/0x110
[  273.660700][ T9916]  ? finish_task_switch.isra.0+0x221/0xc10
[  273.660721][ T9916]  ? rcu_is_watching+0x12/0xc0
[  273.660744][ T9916]  ? kfree_skbmem+0x1a4/0x1f0
[  273.660771][ T9916]  ? __lock_acquire+0x622/0x1c90
[  273.660820][ T9916]  ? rcu_is_watching+0x12/0xc0
[  273.660849][ T9916]  ? find_held_lock+0x2b/0x80
[  273.660867][ T9916]  ? __pfx_rtnl_newlink+0x10/0x10
[  273.660886][ T9916]  ? __pfx_rtnl_newlink+0x10/0x10
[  273.660903][ T9916]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  273.660923][ T9916]  ? __pfx_rtnl_newlink+0x10/0x10
[  273.660943][ T9916]  rtnetlink_rcv_msg+0x95e/0xe90
[  273.660966][ T9916]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  273.660993][ T9916]  ? netlink_rcv_skb+0xb5/0x420
[  273.661023][ T9916]  netlink_rcv_skb+0x158/0x420
[  273.661042][ T9916]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  273.661064][ T9916]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  273.661082][ T9916]  ? rcu_is_watching+0x12/0xc0
[  273.661119][ T9916]  netlink_unicast+0x5aa/0x870
[  273.661141][ T9916]  ? __pfx_netlink_unicast+0x10/0x10
[  273.661170][ T9916]  netlink_sendmsg+0x8c8/0xdd0
[  273.661195][ T9916]  ? __pfx_netlink_sendmsg+0x10/0x10
[  273.661218][ T9916]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  273.661249][ T9916]  ____sys_sendmsg+0xa98/0xc70
[  273.661275][ T9916]  ? __pfx_____sys_sendmsg+0x10/0x10
[  273.661297][ T9916]  ? get_compat_msghdr+0x11a/0x170
[  273.661337][ T9916]  ___sys_sendmsg+0x134/0x1d0
[  273.661358][ T9916]  ? __pfx____sys_sendmsg+0x10/0x10
[  273.661389][ T9916]  ? find_held_lock+0x2b/0x80
[  273.661426][ T9916]  __sys_sendmsg+0x16d/0x220
[  273.661445][ T9916]  ? __pfx___sys_sendmsg+0x10/0x10
[  273.661462][ T9916]  ? __pfx_bpf_trace_run2+0x10/0x10
[  273.661499][ T9916]  ? syscall_trace_enter+0x1cb/0x240
[  273.661531][ T9916]  ? rcu_is_watching+0x12/0xc0
[  273.661554][ T9916]  __do_fast_syscall_32+0x7c/0x300
[  273.661579][ T9916]  do_fast_syscall_32+0x32/0x80
[  273.661601][ T9916]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  273.661624][ T9916] RIP: 0023:0xf70ed579
[  273.661640][ T9916] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  273.661657][ T9916] RSP: 002b:00000000f54dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  273.661676][ T9916] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000180
[  273.661688][ T9916] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  273.661698][ T9916] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  273.661708][ T9916] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  273.661720][ T9916] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  273.661745][ T9916]  </TASK>
[  273.661753][ T9916] Mem-Info:
[  273.863538][ T9916] active_anon:3327 inactive_anon:2383 isolated_anon:0
[  273.863538][ T9916]  active_file:1091 inactive_file:2434 isolated_file:0
[  273.863538][ T9916]  unevictable:1768 dirty:349 writeback:0
[  273.863538][ T9916]  slab_reclaimable:5956 slab_unreclaimable:95325
[  273.863538][ T9916]  mapped:26238 shmem:4640 pagetables:1145
[  273.863538][ T9916]  sec_pagetables:328 bounce:0
[  273.863538][ T9916]  kernel_misc_reclaimable:0
[  273.863538][ T9916]  free:41618 free_pcp:939 free_cma:0
[  273.889688][ T9916] Node 0 active_anon:164kB inactive_anon:132kB active_file:136kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:672kB dirty:0kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8620kB pagetables:1252kB sec_pagetables:1200kB all_unreclaimable? yes Balloon:0kB
[  273.909536][ T9916] Node 1 active_anon:13148kB inactive_anon:8552kB active_file:4276kB inactive_file:9676kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:104228kB dirty:1424kB writeback:0kB shmem:15016kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4316kB pagetables:3300kB sec_pagetables:112kB all_unreclaimable? no Balloon:0kB
[  273.931128][ T9916] Node 0 DMA free:2116kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:28kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB
[  273.951471][ T9916] lowmem_reserve[]: 0 294 294 294 294
[  273.961568][ T9916] Node 0 DMA32 free:23292kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:2048KB free_highatomic:236KB active_anon:92kB inactive_anon:132kB active_file:136kB inactive_file:12kB unevictable:3536kB writepending:0kB zspages:1500kB present:1032196kB managed:301164kB mlocked:0kB bounce:0kB free_pcp:1216kB local_pcp:312kB free_cma:0kB
[  273.973307][ T9916] lowmem_reserve[]: 0 0 0 0 0
[  273.975344][ T9916] Node 1 DMA32 free:142548kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13148kB inactive_anon:7752kB active_file:4276kB inactive_file:9676kB unevictable:3536kB writepending:1424kB zspages:3388kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:2340kB local_pcp:676kB free_cma:0kB
[  273.992700][ T9916] lowmem_reserve[]: 0 0 0 0 0
[  273.994194][ T9916] Node 0 DMA: 3*4kB (UM) 1*8kB (M) 7*16kB (U) 6*32kB (UM) 0*64kB 0*128kB 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2116kB
[  274.002722][ T9916] Node 0 DMA32: 359*4kB (UMEH) 73*8kB (UMEH) 52*16kB (UMH) 165*32kB (UMEH) 87*64kB (UMEH) 42*128kB (UME) 10*256kB (UME) 3*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 23172kB
[  274.008077][ T9916] Node 1 DMA32: 1107*4kB (UME) 1162*8kB (UME) 897*16kB (UME) 636*32kB (UME) 265*64kB (UME) 143*128kB (UME) 64*256kB (UME) 49*512kB (UM) 17*1024kB (M) 0*2048kB 0*4096kB = 142572kB
[  274.016215][ T9916] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  274.029455][ T9916] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  274.032325][ T9916] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  274.035544][ T9916] Node 1 hugepages_total=6 hugepages_free=6 hugepages_surp=4 hugepages_size=2048kB
[  274.038753][ T9916] 8611 total pagecache pages
[  274.040356][ T9916] 465 pages in swap cache
[  274.041957][ T9916] Free swap  = 77808kB
[  274.052616][ T9916] Total swap = 124996kB
[  274.053963][ T9916] 524155 pages RAM
[  274.055209][ T9916] 0 pages HighMem/MovableOnly
[  274.063041][ T9916] 207969 pages reserved
[  274.064464][ T9916] 0 pages cma reserved
[  274.075599][ T9916] bond0: refused to change device tx_queue_len
[  274.085371][ T9916] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  274.171700][   T40] kauditd_printk_skb: 17 callbacks suppressed
[  274.171715][   T40] audit: type=1326 audit(1761913466.545:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9933 comm="syz.0.1062" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  274.183741][   T40] audit: type=1326 audit(1761913466.545:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9933 comm="syz.0.1062" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  274.198731][   T40] audit: type=1326 audit(1761913466.565:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9933 comm="syz.0.1062" exe="/syz-executor" sig=0 arch=40000003 syscall=162 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  274.207347][   T40] audit: type=1326 audit(1761913466.565:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9933 comm="syz.0.1062" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  274.215711][   T40] audit: type=1326 audit(1761913466.565:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9933 comm="syz.0.1062" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  274.222848][   T40] audit: type=1326 audit(1761913466.565:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9933 comm="syz.0.1062" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  274.229988][   T40] audit: type=1326 audit(1761913466.565:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9933 comm="syz.0.1062" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  274.238362][   T40] audit: type=1326 audit(1761913466.565:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9933 comm="syz.0.1062" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  274.245059][   T40] audit: type=1326 audit(1761913466.565:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9933 comm="syz.0.1062" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  274.252884][   T40] audit: type=1326 audit(1761913466.565:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9933 comm="syz.0.1062" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000
[  274.325886][ T9942] binder_alloc: 9940: binder_alloc_buf, no vma
[  274.328653][ T9942] binder: 9940:9942 ioctl c0306201 80004a40 returned -14
[  274.991427][ T9955] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  276.045119][ T9958] kvm: kvm [9957]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x40600
[  276.112092][ T9960] netlink: 'syz.2.1068': attribute type 10 has an invalid length.
[  276.123475][ T9960] bond0: (slave ): Enslaving as an active interface with an up link
[  276.267323][ T9966] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  276.833190][ T9971] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  277.100127][ T9973] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1072'.
[  277.541443][ T9979] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  277.544145][ T9979] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  277.546302][ T9979] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  277.548919][ T9979] comedi comedi3: 8255: I/O port conflict (0xfff,4)
[  277.551396][ T9979] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  277.554011][ T9979] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  277.556572][ T9979] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  277.559383][ T9979] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  277.562076][ T9979] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  277.565789][ T9979] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  277.568595][ T9979] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  277.570968][ T9979] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  277.573223][ T9979] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  277.575712][ T9979] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  277.578802][ T9979] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  279.024625][ T9990] kvm: kvm [9987]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x40600
[  279.097323][ T9994] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  279.697846][T10003] syz_tun: entered allmulticast mode
[  280.112483][T10007] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  281.139035][T10017] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  281.158819][T10014] netlink: 'syz.2.1085': attribute type 13 has an invalid length.
[  281.165754][T10014] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  283.227225][T10048] netlink: 'syz.0.1092': attribute type 5 has an invalid length.
[  283.627804][T10054] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  284.234708][T10058] fuse: Unknown parameter ''
[  285.859917][T10092] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  286.602620][T10101] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  286.605388][T10101] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  286.610583][T10101] vhci_hcd vhci_hcd.0: Device attached
[  286.615638][T10103] vhci_hcd: connection closed
[  286.615860][ T1061] vhci_hcd: stop threads
[  286.624106][ T1061] vhci_hcd: release socket
[  286.626357][ T1061] vhci_hcd: disconnect device
[  286.629202][T10106] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1107'.
[  288.243587][T10132] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  288.245674][T10132] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  288.248543][T10132] vhci_hcd vhci_hcd.0: Device attached
[  288.542536][   T34] usb 46-1: SetAddress Request (18) to port 0
[  288.544761][   T34] usb 46-1: new SuperSpeed USB device number 18 using vhci_hcd
[  288.733325][T10144] input: syz0 as /devices/virtual/input/input23
[  288.965912][T10147] input: syz0 as /devices/virtual/input/input24
[  288.978598][T10133] vhci_hcd: connection reset by peer
[  288.980996][ T1143] vhci_hcd: stop threads
[  288.983363][ T1143] vhci_hcd: release socket
[  288.985565][ T1143] vhci_hcd: disconnect device
[  289.222641][ T6086] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  289.372562][ T6086] usb 10-1: Using ep0 maxpacket: 8
[  289.376444][ T6086] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  289.380397][ T6086] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  289.384414][ T6086] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  289.388371][ T6086] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  289.393733][ T6086] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  289.397377][ T6086] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.610882][ T6086] usb 10-1: GET_CAPABILITIES returned 0
[  289.615764][ T6086] usbtmc 10-1:16.0: can't read capabilities
[  289.694853][T10154] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  290.146165][T10155] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1119'.
[  290.179587][T10158] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  290.182480][T10158] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  290.188475][T10158] vhci_hcd vhci_hcd.0: Device attached
[  290.195275][T10159] vhci_hcd: connection closed
[  290.195551][   T13] vhci_hcd: stop threads
[  290.199376][   T13] vhci_hcd: release socket
[  290.201273][   T13] vhci_hcd: disconnect device
[  290.251451][T10162] syzkaller1: entered promiscuous mode
[  290.253775][T10162] syzkaller1: entered allmulticast mode
[  290.492641][ T6017] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  290.643970][ T6017] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  290.647466][ T6017] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  290.651211][ T6017] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  290.654499][ T6017] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  290.660191][ T6017] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  290.663124][ T6017] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  290.665593][ T6017] usb 7-1: Manufacturer: syz
[  290.668306][ T6017] usb 7-1: config 0 descriptor??
[  291.113021][ T6017] hid_parser_main: 28 callbacks suppressed
[  291.113035][ T6017] appleir 0003:05AC:8243.0007: unknown main item tag 0x0
[  291.121153][ T6017] appleir 0003:05AC:8243.0007: hiddev1,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  291.983697][ T6017] usb 10-1: USB disconnect, device number 2
[  292.044557][T10175] netlink: 'syz.4.1126': attribute type 13 has an invalid length.
[  293.128276][T10175] warn_alloc: 1 callbacks suppressed
[  293.128289][T10175] syz.4.1126: vmalloc error: size 2625536, failed to allocated page array size 5128, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  293.137434][T10175] CPU: 2 UID: 0 PID: 10175 Comm: syz.4.1126 Not tainted syzkaller #0 PREEMPT(full) 
[  293.137449][T10175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  293.137455][T10175] Call Trace:
[  293.137460][T10175]  <TASK>
[  293.137465][T10175]  dump_stack_lvl+0x16c/0x1f0
[  293.137484][T10175]  warn_alloc+0x248/0x3a0
[  293.137496][T10175]  ? __pfx_warn_alloc+0x10/0x10
[  293.137511][T10175]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  293.137528][T10175]  ? __vmalloc_node_noprof+0xad/0xf0
[  293.137544][T10175]  __vmalloc_node_range_noprof+0xfe2/0x1480
[  293.137564][T10175]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  293.137583][T10175]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  293.137602][T10175]  ? ___kmalloc_large_node+0xed/0x160
[  293.137618][T10175]  __kvmalloc_node_noprof+0x431/0x9c0
[  293.137631][T10175]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  293.137647][T10175]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  293.137665][T10175]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  293.137680][T10175]  pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  293.137701][T10175]  ? __pfx_pfifo_fast_change_tx_queue_len+0x10/0x10
[  293.137716][T10175]  ? dev_deactivate+0x15c/0x1c0
[  293.137737][T10175]  ? __pfx_pfifo_fast_change_tx_queue_len+0x10/0x10
[  293.137752][T10175]  dev_qdisc_change_tx_queue_len+0x169/0x380
[  293.137771][T10175]  netif_change_tx_queue_len+0x1a1/0x1e0
[  293.137782][T10175]  ? __pfx_netif_change_tx_queue_len+0x10/0x10
[  293.137794][T10175]  ? netif_change_flags+0x10d/0x160
[  293.137805][T10175]  do_setlink.constprop.0+0xd00/0x4380
[  293.137817][T10175]  ? __pfx_console_unlock+0x10/0x10
[  293.137828][T10175]  ? do_raw_spin_unlock+0xd0/0x230
[  293.137850][T10175]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  293.137861][T10175]  ? preempt_count_add+0x76/0x150
[  293.137879][T10175]  ? __lock_acquire+0xb8a/0x1c90
[  293.137897][T10175]  ? __mutex_trylock_common+0xe9/0x250
[  293.137911][T10175]  ? __pfx___mutex_trylock_common+0x10/0x10
[  293.137938][T10175]  ? __pfx___might_resched+0x10/0x10
[  293.137951][T10175]  ? rcu_is_watching+0x12/0xc0
[  293.137963][T10175]  ? trace_contention_end+0xdd/0x130
[  293.137977][T10175]  ? __mutex_lock+0x1c5/0x1060
[  293.137988][T10175]  ? __nla_validate_parse+0x600/0x2880
[  293.138001][T10175]  ? rcu_is_watching+0x12/0xc0
[  293.138013][T10175]  ? __pfx___mutex_lock+0x10/0x10
[  293.138034][T10175]  rtnl_newlink+0x18e0/0x2000
[  293.138049][T10175]  ? __pfx_rtnl_newlink+0x10/0x10
[  293.138061][T10175]  ? kmem_cache_free+0x2d4/0x6c0
[  293.138071][T10175]  ? kfree_skbmem+0x1a4/0x1f0
[  293.138086][T10175]  ? kfree_skbmem+0x1a4/0x1f0
[  293.138100][T10175]  ? __lock_acquire+0x622/0x1c90
[  293.138115][T10175]  ? rcu_is_watching+0x12/0xc0
[  293.138130][T10175]  ? find_held_lock+0x2b/0x80
[  293.138140][T10175]  ? __pfx_rtnl_newlink+0x10/0x10
[  293.138149][T10175]  ? __pfx_rtnl_newlink+0x10/0x10
[  293.138158][T10175]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  293.138169][T10175]  ? __pfx_rtnl_newlink+0x10/0x10
[  293.138180][T10175]  rtnetlink_rcv_msg+0x95e/0xe90
[  293.138191][T10175]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  293.138206][T10175]  ? ref_tracker_free+0x37c/0x830
[  293.138224][T10175]  netlink_rcv_skb+0x158/0x420
[  293.138235][T10175]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  293.138246][T10175]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  293.138262][T10175]  ? netlink_deliver_tap+0x1ae/0xd30
[  293.138274][T10175]  netlink_unicast+0x5aa/0x870
[  293.138287][T10175]  ? __pfx_netlink_unicast+0x10/0x10
[  293.138302][T10175]  netlink_sendmsg+0x8c8/0xdd0
[  293.138315][T10175]  ? __pfx_netlink_sendmsg+0x10/0x10
[  293.138327][T10175]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  293.138345][T10175]  ____sys_sendmsg+0xa98/0xc70
[  293.138359][T10175]  ? __pfx_____sys_sendmsg+0x10/0x10
[  293.138371][T10175]  ? get_compat_msghdr+0x11a/0x170
[  293.138389][T10175]  ? __pfx_futex_wake_mark+0x10/0x10
[  293.138408][T10175]  ___sys_sendmsg+0x134/0x1d0
[  293.138418][T10175]  ? __pfx____sys_sendmsg+0x10/0x10
[  293.138434][T10175]  ? find_held_lock+0x2b/0x80
[  293.138464][T10175]  __sys_sendmsg+0x16d/0x220
[  293.138476][T10175]  ? __pfx___sys_sendmsg+0x10/0x10
[  293.138485][T10175]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  293.138506][T10175]  ? rcu_is_watching+0x12/0xc0
[  293.138518][T10175]  __do_fast_syscall_32+0x7c/0x300
[  293.138532][T10175]  do_fast_syscall_32+0x32/0x80
[  293.138544][T10175]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  293.138558][T10175] RIP: 0023:0xf70ed579
[  293.138567][T10175] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  293.138576][T10175] RSP: 002b:00000000f54dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  293.138586][T10175] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000180
[  293.138592][T10175] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  293.138598][T10175] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  293.138604][T10175] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  293.138610][T10175] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  293.138623][T10175]  </TASK>
[  293.138700][T10175] Mem-Info:
[  293.262192][ T6000] usb 7-1: USB disconnect, device number 19
[  293.262778][T10175] active_anon:2527 inactive_anon:3632 isolated_anon:0
[  293.262778][T10175]  active_file:515 inactive_file:571 isolated_file:0
[  293.262778][T10175]  unevictable:1768 dirty:61 writeback:0
[  293.262778][T10175]  slab_reclaimable:5995 slab_unreclaimable:97043
[  293.262778][T10175]  mapped:26878 shmem:7434 pagetables:1166
[  293.262778][T10175]  sec_pagetables:332 bounce:0
[  293.262778][T10175]  kernel_misc_reclaimable:0
[  293.262778][T10175]  free:33506 free_pcp:791 free_cma:0
[  293.364903][T10175] Node 0 active_anon:1844kB inactive_anon:132kB active_file:876kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2488kB dirty:0kB writeback:0kB shmem:4992kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8560kB pagetables:1300kB sec_pagetables:1204kB all_unreclaimable? yes Balloon:0kB
[  293.383005][T10175] Node 1 active_anon:4364kB inactive_anon:10188kB active_file:1784kB inactive_file:2264kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:94364kB dirty:244kB writeback:0kB shmem:16564kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4288kB pagetables:3360kB sec_pagetables:124kB all_unreclaimable? no Balloon:0kB
[  293.391651][T10188] openvswitch: netlink: IP tunnel dst address not specified
[  293.446602][T10175] Node 0 DMA free:2112kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:28kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[  293.466316][T10175] lowmem_reserve[]: 0 294 294 294 294
[  293.468901][T10175] Node 0 DMA32 free:16564kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:2048KB free_highatomic:244KB active_anon:1824kB inactive_anon:132kB active_file:876kB inactive_file:12kB unevictable:3536kB writepending:0kB zspages:1544kB present:1032196kB managed:301164kB mlocked:0kB bounce:0kB free_pcp:1188kB local_pcp:896kB free_cma:0kB
[  293.485356][T10175] lowmem_reserve[]: 0 0 0 0 0
[  293.488467][T10175] Node 1 DMA32 free:103992kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13464kB inactive_anon:10196kB active_file:3584kB inactive_file:2264kB unevictable:3536kB writepending:344kB zspages:3656kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:11536kB local_pcp:1064kB free_cma:0kB
[  293.581912][T10192] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  293.603037][   T34] usb 46-1: device descriptor read/8, error -110
[  294.347498][T10175] lowmem_reserve[]: 0 0 0 0 0
[  294.349596][T10175] Node 0 DMA: 6*4kB (U) 1*8kB (M) 8*16kB (UM) 5*32kB (U) 0*64kB 0*128kB 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2112kB
[  294.356436][T10175] Node 0 DMA32: 11*4kB (UMEH) 9*8kB (UMEH) 6*16kB (UMH) 75*32kB (UEH) 84*64kB (UMEH) 37*128kB (UME) 9*256kB (UME) 3*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 16564kB
[  294.363664][T10175] Node 1 DMA32: 24*4kB (ME) 33*8kB (UME) 30*16kB (UE) 24*32kB (ME) 154*64kB (UME) 114*128kB (UME) 69*256kB (ME) 41*512kB (UM) 29*1024kB (UM) 0*2048kB 0*4096kB = 94408kB
[  294.370720][T10175] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  294.374710][T10175] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  294.378535][T10175] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  294.382592][T10175] Node 1 hugepages_total=6 hugepages_free=6 hugepages_surp=4 hugepages_size=2048kB
[  294.407594][T10175] 10568 total pagecache pages
[  294.409680][T10175] 416 pages in swap cache
[  294.411514][T10175] Free swap  = 71180kB
[  294.413385][T10175] Total swap = 124996kB
[  294.415137][T10175] 524155 pages RAM
[  294.416719][T10175] 0 pages HighMem/MovableOnly
[  294.418786][T10175] 207969 pages reserved
[  294.420645][T10175] 0 pages cma reserved
[  294.429423][T10175] bond0: refused to change device tx_queue_len
[  294.434953][T10175] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  294.553110][   T34] usb usb46-port1: attempt power cycle
[  294.702954][   T24] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  294.872801][   T24] usb 5-1: Using ep0 maxpacket: 8
[  294.886040][   T24] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  294.895004][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  294.904696][   T24] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  294.913884][   T24] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  294.926703][   T24] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  294.934239][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.113759][   T34] usb usb46-port1: unable to enumerate USB device
[  295.157514][   T24] usb 5-1: GET_CAPABILITIES returned 0
[  295.160204][   T24] usbtmc 5-1:16.0: can't read capabilities
[  297.430614][T10242] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  297.530108][T10247] FAULT_INJECTION: forcing a failure.
[  297.530108][T10247] name failslab, interval 1, probability 0, space 0, times 0
[  297.534847][T10247] CPU: 0 UID: 0 PID: 10247 Comm: syz.5.1148 Not tainted syzkaller #0 PREEMPT(full) 
[  297.534861][T10247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  297.534868][T10247] Call Trace:
[  297.534871][T10247]  <TASK>
[  297.534875][T10247]  dump_stack_lvl+0x16c/0x1f0
[  297.534891][T10247]  should_fail_ex+0x512/0x640
[  297.534907][T10247]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  297.534920][T10247]  should_failslab+0xc2/0x120
[  297.534934][T10247]  kmem_cache_alloc_node_noprof+0x78/0x770
[  297.534944][T10247]  ? __alloc_skb+0x2b2/0x380
[  297.534962][T10247]  ? __alloc_skb+0x2b2/0x380
[  297.534976][T10247]  ? __pfx_netlink_insert+0x10/0x10
[  297.534986][T10247]  __alloc_skb+0x2b2/0x380
[  297.535001][T10247]  ? __pfx___alloc_skb+0x10/0x10
[  297.535017][T10247]  ? netlink_autobind.isra.0+0x158/0x370
[  297.535030][T10247]  netlink_alloc_large_skb+0x69/0x140
[  297.535042][T10247]  netlink_sendmsg+0x698/0xdd0
[  297.535054][T10247]  ? __pfx_netlink_sendmsg+0x10/0x10
[  297.535066][T10247]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  297.535083][T10247]  ____sys_sendmsg+0xa98/0xc70
[  297.535097][T10247]  ? __pfx_____sys_sendmsg+0x10/0x10
[  297.535109][T10247]  ? get_compat_msghdr+0x11a/0x170
[  297.535131][T10247]  ___sys_sendmsg+0x134/0x1d0
[  297.535141][T10247]  ? __pfx____sys_sendmsg+0x10/0x10
[  297.535157][T10247]  ? find_held_lock+0x2b/0x80
[  297.535176][T10247]  __sys_sendmsg+0x16d/0x220
[  297.535186][T10247]  ? __pfx___sys_sendmsg+0x10/0x10
[  297.535201][T10247]  ? rcu_is_watching+0x12/0xc0
[  297.535214][T10247]  __do_fast_syscall_32+0x7c/0x300
[  297.535227][T10247]  do_fast_syscall_32+0x32/0x80
[  297.535239][T10247]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  297.535253][T10247] RIP: 0023:0xf7fb5579
[  297.535261][T10247] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  297.535271][T10247] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  297.535281][T10247] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  297.535288][T10247] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  297.535293][T10247] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  297.535299][T10247] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  297.535304][T10247] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  297.535317][T10247]  </TASK>
[  297.627277][   T34] usb 5-1: USB disconnect, device number 19
[  297.748456][T10250] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1150'.
[  297.830588][   T40] kauditd_printk_skb: 11 callbacks suppressed
[  297.830621][   T40] audit: type=1326 audit(1761913490.205:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1149" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000
[  297.848902][   T40] audit: type=1326 audit(1761913490.205:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1149" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000
[  297.861307][   T40] audit: type=1326 audit(1761913490.215:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1149" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf7fb5579 code=0x7ffc0000
[  297.871290][   T40] audit: type=1326 audit(1761913490.215:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1149" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000
[  297.880963][   T40] audit: type=1326 audit(1761913490.215:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1149" exe="/syz-executor" sig=0 arch=40000003 syscall=52 compat=1 ip=0xf7fb5579 code=0x7ffc0000
[  297.890200][   T40] audit: type=1326 audit(1761913490.215:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1149" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000
[  297.899287][   T40] audit: type=1326 audit(1761913490.215:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1149" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf7fb5579 code=0x7ffc0000
[  297.912539][   T40] audit: type=1326 audit(1761913490.215:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1149" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000
[  297.921813][   T40] audit: type=1326 audit(1761913490.225:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1149" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7fb5579 code=0x7ffc0000
[  297.940953][   T40] audit: type=1326 audit(1761913490.225:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10251 comm="syz.5.1149" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7ffc0000
[  298.258685][T10261] FAULT_INJECTION: forcing a failure.
[  298.258685][T10261] name failslab, interval 1, probability 0, space 0, times 0
[  298.262718][T10261] CPU: 3 UID: 0 PID: 10261 Comm: syz.4.1153 Not tainted syzkaller #0 PREEMPT(full) 
[  298.262732][T10261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  298.262738][T10261] Call Trace:
[  298.262742][T10261]  <TASK>
[  298.262746][T10261]  dump_stack_lvl+0x16c/0x1f0
[  298.262762][T10261]  should_fail_ex+0x512/0x640
[  298.262777][T10261]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  298.262791][T10261]  should_failslab+0xc2/0x120
[  298.262809][T10261]  kmem_cache_alloc_node_noprof+0x78/0x770
[  298.262819][T10261]  ? __alloc_skb+0x2b2/0x380
[  298.262838][T10261]  ? __alloc_skb+0x2b2/0x380
[  298.262852][T10261]  __alloc_skb+0x2b2/0x380
[  298.262867][T10261]  ? __pfx___alloc_skb+0x10/0x10
[  298.262887][T10261]  netlink_ack+0x15d/0xb80
[  298.262898][T10261]  ? __pfx___dev_queue_xmit+0x10/0x10
[  298.262915][T10261]  netlink_rcv_skb+0x332/0x420
[  298.262925][T10261]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  298.262940][T10261]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  298.262956][T10261]  ? ns_capable+0xd7/0x110
[  298.262969][T10261]  nfnetlink_rcv+0x1b3/0x430
[  298.262987][T10261]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  298.263001][T10261]  ? netlink_deliver_tap+0x1ae/0xd30
[  298.263013][T10261]  netlink_unicast+0x5aa/0x870
[  298.263025][T10261]  ? __pfx_netlink_unicast+0x10/0x10
[  298.263040][T10261]  netlink_sendmsg+0x8c8/0xdd0
[  298.263052][T10261]  ? __pfx_netlink_sendmsg+0x10/0x10
[  298.263064][T10261]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  298.263081][T10261]  ____sys_sendmsg+0xa98/0xc70
[  298.263095][T10261]  ? __pfx_____sys_sendmsg+0x10/0x10
[  298.263107][T10261]  ? get_compat_msghdr+0x11a/0x170
[  298.263129][T10261]  ___sys_sendmsg+0x134/0x1d0
[  298.263139][T10261]  ? __pfx____sys_sendmsg+0x10/0x10
[  298.263154][T10261]  ? find_held_lock+0x2b/0x80
[  298.263173][T10261]  __sys_sendmsg+0x16d/0x220
[  298.263182][T10261]  ? __pfx___sys_sendmsg+0x10/0x10
[  298.263197][T10261]  ? rcu_is_watching+0x12/0xc0
[  298.263210][T10261]  __do_fast_syscall_32+0x7c/0x300
[  298.263223][T10261]  do_fast_syscall_32+0x32/0x80
[  298.263235][T10261]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  298.263249][T10261] RIP: 0023:0xf70ed579
[  298.263257][T10261] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  298.263267][T10261] RSP: 002b:00000000f54dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  298.263277][T10261] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000540
[  298.263284][T10261] RDX: 0000000000044000 RSI: 0000000000000000 RDI: 0000000000000000
[  298.263289][T10261] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  298.263295][T10261] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  298.263301][T10261] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  298.263313][T10261]  </TASK>
[  299.052386][T10274] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  299.054307][T10274] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  299.056918][T10274] vhci_hcd vhci_hcd.0: Device attached
[  299.073970][T10279] vhci_hcd: connection closed
[  299.074327][ T1143] vhci_hcd: stop threads
[  299.080277][ T1143] vhci_hcd: release socket
[  299.082972][ T1143] vhci_hcd: disconnect device
[  299.218537][  T841] IPVS: starting estimator thread 0...
[  299.222904][T10282] qnx6: unable to read the first superblock
[  299.312745][T10284] IPVS: using max 46 ests per chain, 110400 per kthread
[  299.806448][T10300] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  300.351576][T10299] netlink: 'syz.2.1161': attribute type 13 has an invalid length.
[  300.411796][T10299] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  301.023132][  T841] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  301.192676][  T841] usb 7-1: Using ep0 maxpacket: 8
[  301.197457][  T841] usb 7-1: config 0 has an invalid interface number: 186 but max is 0
[  301.207220][  T841] usb 7-1: config 0 has no interface number 0
[  301.210630][  T841] usb 7-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  301.215479][  T841] usb 7-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  301.220917][  T841] usb 7-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  301.227781][  T841] usb 7-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  301.236017][  T841] usb 7-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  301.239496][  T841] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.245438][  T841] usb 7-1: Product: syz
[  301.252968][  T841] usb 7-1: Manufacturer: syz
[  301.255139][  T841] usb 7-1: SerialNumber: syz
[  301.263009][  T841] usb 7-1: config 0 descriptor??
[  301.375381][T10321] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.826253][T10330] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1166'.
[  302.585970][T10321] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.755797][T10321] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.822715][  T841] iowarrior 7-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  302.885254][  T841] usb 7-1: USB disconnect, device number 20
[  302.935613][T10321] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.029889][   T95] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  303.039283][   T95] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  303.048063][   T95] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  303.055504][   T95] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  303.425153][T10346] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  303.818355][T10355] input: syz0 as /devices/virtual/input/input25
[  304.394822][T10360] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  304.397641][T10360] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  304.401128][T10360] vhci_hcd vhci_hcd.0: Device attached
[  304.430710][T10367] vhci_hcd: connection closed
[  304.430806][ T1143] vhci_hcd: stop threads
[  304.433985][ T1143] vhci_hcd: release socket
[  304.435431][ T1143] vhci_hcd: disconnect device
[  305.324410][T10388] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  305.326507][T10388] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  305.329143][T10388] vhci_hcd vhci_hcd.0: Device attached
[  305.446572][T10382] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  305.510834][T10394] vhci_hcd: connection closed
[  305.511429][   T95] vhci_hcd: stop threads
[  305.515540][   T95] vhci_hcd: release socket
[  305.517711][   T95] vhci_hcd: disconnect device
[  306.190056][T10408] input: syz0 as /devices/virtual/input/input26
[  306.603864][T10416] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1196'.
[  306.639090][T10416] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  306.970968][T10418] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  306.989225][T10418] 8021q: adding VLAN 0 to HW filter on device bond4
[  306.992702][T10418] bond0: (slave bond4): Enslaving as an active interface with an up link
[  307.283289][T10423] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  307.539080][T10431] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1201'.
[  307.612684][  T841] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  307.786062][  T841] usb 7-1: Using ep0 maxpacket: 32
[  308.113600][  T841] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[  308.116150][  T841] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  308.119596][  T841] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 56, changing to 9
[  308.123204][  T841] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 9275, setting to 1024
[  308.128777][  T841] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  308.132951][  T841] usb 7-1: config 0 interface 0 has no altsetting 0
[  308.137100][  T841] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  308.140300][  T841] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  308.143009][  T841] usb 7-1: Product: syz
[  308.144599][  T841] usb 7-1: Manufacturer: syz
[  308.146168][  T841] usb 7-1: SerialNumber: syz
[  308.148961][  T841] usb 7-1: config 0 descriptor??
[  308.151316][T10426] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  308.154855][  T841] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  308.158948][  T841] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  308.369048][   T24] usb 7-1: USB disconnect, device number 21
[  308.374441][   T24] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[  309.135660][T10448] netlink: 'syz.2.1207': attribute type 12 has an invalid length.
[  309.334189][T10456] input: syz0 as /devices/virtual/input/input27
[  310.771574][T10477] random: crng reseeded on system resumption
[  311.379599][T10486] tc_dump_action: action bad kind
[  311.654838][T10501] netlink: 'syz.2.1220': attribute type 21 has an invalid length.
[  311.657886][T10501] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1220'.
[  311.661510][T10501] netlink: 'syz.2.1220': attribute type 4 has an invalid length.
[  311.664874][T10501] netlink: 'syz.2.1220': attribute type 3 has an invalid length.
[  311.667892][T10501] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1220'.
[  312.364037][T10509] input: syz0 as /devices/virtual/input/input29
[  312.612084][T10516] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  313.631014][T10519] netlink: 'syz.5.1227': attribute type 13 has an invalid length.
[  314.212648][T10519] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  314.506381][T10535] Invalid logical block size (-95)
[  314.523047][T10535] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1229'.
[  315.757259][T10555] openvswitch: netlink: Actions may not be safe on all matching packets
[  318.184615][T10575] input: syz0 as /devices/virtual/input/input30
[  319.376698][   T40] kauditd_printk_skb: 17 callbacks suppressed
[  319.376798][   T40] audit: type=1326 audit(1761913511.755:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.4.1249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  319.389512][   T40] audit: type=1326 audit(1761913511.755:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.4.1249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  319.399033][   T40] audit: type=1326 audit(1761913511.765:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.4.1249" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  319.404268][T10596] syz.4.1249: page allocation failure: order:9, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1
[  319.411267][   T40] audit: type=1326 audit(1761913511.765:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.4.1249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  319.412154][T10596] 
[  319.416919][   T40] audit: type=1326 audit(1761913511.765:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.4.1249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  319.416960][   T40] audit: type=1326 audit(1761913511.765:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.4.1249" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  319.416989][   T40] audit: type=1326 audit(1761913511.765:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.4.1249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  319.417023][   T40] audit: type=1326 audit(1761913511.765:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.4.1249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  319.417057][   T40] audit: type=1326 audit(1761913511.765:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.4.1249" exe="/syz-executor" sig=0 arch=40000003 syscall=165 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  319.417093][   T40] audit: type=1326 audit(1761913511.765:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10595 comm="syz.4.1249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  319.474102][T10596] CPU: 3 UID: 0 PID: 10596 Comm: syz.4.1249 Not tainted syzkaller #0 PREEMPT(full) 
[  319.474119][T10596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  319.474127][T10596] Call Trace:
[  319.474131][T10596]  <TASK>
[  319.474135][T10596]  dump_stack_lvl+0x16c/0x1f0
[  319.474152][T10596]  warn_alloc+0x248/0x3a0
[  319.474164][T10596]  ? __pfx_warn_alloc+0x10/0x10
[  319.474175][T10596]  ? psi_memstall_leave+0x1e6/0x2d0
[  319.474189][T10596]  ? __alloc_pages_direct_compact+0x466/0x580
[  319.474215][T10596]  ? __pfx___alloc_pages_direct_compact+0x10/0x10
[  319.474228][T10596]  ? psi_memstall_leave+0x1e6/0x2d0
[  319.474243][T10596]  __alloc_frozen_pages_noprof+0xe9b/0x2470
[  319.474260][T10596]  ? kmem_cache_alloc_noprof+0x250/0x6e0
[  319.474273][T10596]  ? netlink_unicast+0x5aa/0x870
[  319.474283][T10596]  ? netlink_sendmsg+0x8c8/0xdd0
[  319.474292][T10596]  ? ____sys_sendmsg+0xa98/0xc70
[  319.474305][T10596]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  319.474315][T10596]  ? do_fast_syscall_32+0x32/0x80
[  319.474333][T10596]  ? __lock_acquire+0xb8a/0x1c90
[  319.474348][T10596]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  319.474366][T10596]  ? policy_nodemask+0xea/0x4e0
[  319.474381][T10596]  alloc_pages_mpol+0x1fb/0x550
[  319.474395][T10596]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  319.474412][T10596]  ___kmalloc_large_node+0xed/0x160
[  319.474428][T10596]  __kmalloc_large_node_noprof+0x1c/0x70
[  319.474446][T10596]  ? tcf_exts_validate_ex+0x30f/0x550
[  319.474468][T10596]  __kmalloc_noprof.cold+0xc/0x62
[  319.474493][T10596]  ? tcf_em_tree_validate+0x1c8/0xd60
[  319.474533][T10596]  ? tcf_em_tree_validate+0x1c8/0xd60
[  319.474557][T10596]  tcf_em_tree_validate+0x1c8/0xd60
[  319.474587][T10596]  ? __pfx_tcf_em_tree_validate+0x10/0x10
[  319.474614][T10596]  ? tcf_exts_validate+0x42/0x60
[  319.474639][T10596]  basic_change+0x3ac/0x1400
[  319.474660][T10596]  ? __pfx_basic_change+0x10/0x10
[  319.474690][T10596]  ? __pfx_basic_change+0x10/0x10
[  319.474706][T10596]  tc_new_tfilter+0xa35/0x2340
[  319.474742][T10596]  ? __pfx_tc_new_tfilter+0x10/0x10
[  319.474763][T10596]  ? kfree_skbmem+0x1a4/0x1f0
[  319.474803][T10596]  ? find_held_lock+0x2b/0x80
[  319.474821][T10596]  ? __pfx_tc_new_tfilter+0x10/0x10
[  319.474840][T10596]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  319.474860][T10596]  ? __pfx_tc_new_tfilter+0x10/0x10
[  319.474880][T10596]  rtnetlink_rcv_msg+0x95e/0xe90
[  319.474902][T10596]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  319.474927][T10596]  ? ref_tracker_free+0x37c/0x830
[  319.474959][T10596]  netlink_rcv_skb+0x158/0x420
[  319.474977][T10596]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  319.474998][T10596]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  319.475026][T10596]  ? netlink_deliver_tap+0x1ae/0xd30
[  319.475049][T10596]  netlink_unicast+0x5aa/0x870
[  319.475071][T10596]  ? __pfx_netlink_unicast+0x10/0x10
[  319.475091][T10596]  ? __pfx___might_resched+0x10/0x10
[  319.475118][T10596]  netlink_sendmsg+0x8c8/0xdd0
[  319.475141][T10596]  ? __pfx_netlink_sendmsg+0x10/0x10
[  319.475163][T10596]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  319.475193][T10596]  ____sys_sendmsg+0xa98/0xc70
[  319.475219][T10596]  ? __pfx_____sys_sendmsg+0x10/0x10
[  319.475237][T10596]  ? get_compat_msghdr+0x11a/0x170
[  319.475273][T10596]  ___sys_sendmsg+0x134/0x1d0
[  319.475289][T10596]  ? __pfx____sys_sendmsg+0x10/0x10
[  319.475316][T10596]  ? find_held_lock+0x2b/0x80
[  319.475351][T10596]  __sys_sendmsg+0x16d/0x220
[  319.475369][T10596]  ? __pfx___sys_sendmsg+0x10/0x10
[  319.475397][T10596]  ? __secure_computing+0x21c/0x320
[  319.475425][T10596]  __do_fast_syscall_32+0x7c/0x300
[  319.475449][T10596]  do_fast_syscall_32+0x32/0x80
[  319.475470][T10596]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  319.475491][T10596] RIP: 0023:0xf70ed579
[  319.475514][T10596] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  319.475532][T10596] RSP: 002b:00000000f54dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  319.475550][T10596] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000800001c0
[  319.475562][T10596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  319.475571][T10596] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  319.475578][T10596] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  319.475586][T10596] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  319.475600][T10596]  </TASK>
[  319.475619][T10596] Mem-Info:
[  319.622109][T10596] active_anon:221 inactive_anon:417 isolated_anon:0
[  319.622109][T10596]  active_file:1235 inactive_file:152 isolated_file:0
[  319.622109][T10596]  unevictable:1768 dirty:155 writeback:0
[  319.622109][T10596]  slab_reclaimable:5908 slab_unreclaimable:96480
[  319.622109][T10596]  mapped:21642 shmem:1769 pagetables:1206
[  319.622109][T10596]  sec_pagetables:334 bounce:0
[  319.622109][T10596]  kernel_misc_reclaimable:0
[  319.622109][T10596]  free:30010 free_pcp:1154 free_cma:0
[  319.636516][T10596] Node 0 active_anon:8kB inactive_anon:16kB active_file:316kB inactive_file:52kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:724kB dirty:12kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8496kB pagetables:1252kB sec_pagetables:1204kB all_unreclaimable? yes Balloon:0kB
[  319.646693][T10596] Node 1 active_anon:340kB inactive_anon:2140kB active_file:1956kB inactive_file:3048kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:85744kB dirty:608kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4556kB pagetables:3572kB sec_pagetables:132kB all_unreclaimable? no Balloon:0kB
[  319.656780][T10596] Node 0 DMA free:2112kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:4kB active_file:16kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:28kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  319.666340][T10596] lowmem_reserve[]: 0 294 294 294 294
[  319.668121][T10596] Node 0 DMA32 free:17032kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:2048KB free_highatomic:244KB active_anon:8kB inactive_anon:12kB active_file:300kB inactive_file:52kB unevictable:3536kB writepending:12kB zspages:1508kB present:1032196kB managed:301164kB mlocked:0kB bounce:0kB free_pcp:580kB local_pcp:52kB free_cma:0kB
[  319.673667][T10601] netlink: 'syz.0.1250': attribute type 13 has an invalid length.
[  319.678511][T10596] lowmem_reserve[]: 0 0 0 0 0
[  319.682553][T10596] Node 1 DMA32 free:103132kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:400kB inactive_anon:2140kB active_file:1996kB inactive_file:3076kB unevictable:3536kB writepending:660kB zspages:3644kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:4264kB local_pcp:84kB free_cma:0kB
[  319.693027][T10596] lowmem_reserve[]: 0 0 0 0 0
[  319.694706][T10596] Node 0 DMA: 6*4kB (U) 1*8kB (M) 8*16kB (UM) 5*32kB (U) 0*64kB 0*128kB 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2112kB
[  319.699419][T10596] Node 0 DMA32: 101*4kB (UMEH) 13*8kB (UMEH) 28*16kB (UMH) 69*32kB (UMEH) 67*64kB (UMEH) 42*128kB (UME) 10*256kB (UME) 3*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 16924kB
[  319.704971][T10596] Node 1 DMA32: 243*4kB (UME) 705*8kB (UME) 464*16kB (UME) 295*32kB (UME) 178*64kB (UME) 92*128kB (UME) 75*256kB (UME) 45*512kB (UM) 14*1024kB (UM) 0*2048kB 0*4096kB = 103220kB
[  319.710777][T10596] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  319.713928][T10596] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  319.716903][T10596] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  319.719986][T10596] Node 1 hugepages_total=6 hugepages_free=6 hugepages_surp=4 hugepages_size=2048kB
[  319.723038][T10596] 3530 total pagecache pages
[  319.724611][T10596] 354 pages in swap cache
[  319.726013][T10596] Free swap  = 71232kB
[  319.727401][T10596] Total swap = 124996kB
[  319.728836][T10596] 524155 pages RAM
[  319.730069][T10596] 0 pages HighMem/MovableOnly
[  319.731607][T10596] 207969 pages reserved
[  319.733107][T10596] 0 pages cma reserved
[  319.752757][T10601] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  320.433355][T10616] netlink: 'syz.4.1255': attribute type 21 has an invalid length.
[  320.436793][T10616] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1255'.
[  320.440960][T10616] netlink: 'syz.4.1255': attribute type 4 has an invalid length.
[  320.444376][T10616] netlink: 'syz.4.1255': attribute type 3 has an invalid length.
[  320.447708][T10616] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1255'.
[  320.658602][T10623] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  320.857208][T10628] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  320.859448][T10628] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  321.003529][T10628] vhci_hcd vhci_hcd.0: Device attached
[  321.271949][T10633] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  321.436912][ T6000] usb 48-1: SetAddress Request (2) to port 0
[  321.438671][ T6000] usb 48-1: new SuperSpeed USB device number 2 using vhci_hcd
[  321.446300][T10629] vhci_hcd: connection closed
[  321.446933][   T97] vhci_hcd: stop threads
[  321.449993][   T97] vhci_hcd: release socket
[  321.451749][   T97] vhci_hcd: disconnect device
[  321.600280][T10643] FAULT_INJECTION: forcing a failure.
[  321.600280][T10643] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.605653][T10643] CPU: 3 UID: 0 PID: 10643 Comm: syz.0.1262 Not tainted syzkaller #0 PREEMPT(full) 
[  321.605674][T10643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  321.605684][T10643] Call Trace:
[  321.605689][T10643]  <TASK>
[  321.605696][T10643]  dump_stack_lvl+0x16c/0x1f0
[  321.605717][T10643]  should_fail_ex+0x512/0x640
[  321.605744][T10643]  __kvm_read_guest_page+0x186/0x250
[  321.605768][T10643]  kvm_fetch_guest_virt+0x128/0x1a0
[  321.605791][T10643]  __do_insn_fetch_bytes+0x4fa/0x720
[  321.605813][T10643]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  321.605836][T10643]  ? kvm_tdp_mmu_map+0x931/0x20b0
[  321.605862][T10643]  x86_decode_insn+0xbbb/0x5a70
[  321.605895][T10643]  ? __pfx_x86_decode_insn+0x10/0x10
[  321.605916][T10643]  ? vmx_cache_reg+0x333/0x5e0
[  321.605938][T10643]  ? kvm_register_read_raw+0xe9/0x240
[  321.605954][T10643]  ? init_decode_cache+0xd/0x210
[  321.605973][T10643]  ? init_emulate_ctxt+0x337/0x510
[  321.606006][T10643]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  321.606028][T10643]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[  321.606053][T10643]  x86_emulate_instruction+0xa43/0x1b00
[  321.606078][T10643]  kvm_mmu_page_fault+0xbfd/0x1cb0
[  321.606111][T10643]  ? __pfx_kvm_mmu_page_fault+0x10/0x10
[  321.606147][T10643]  handle_ept_misconfig+0x11a/0x3b0
[  321.606164][T10643]  vmx_handle_exit+0x71d/0x1c00
[  321.606185][T10643]  vcpu_run+0x33e1/0x54d0
[  321.606198][T10643]  ? kvm_multiple_exception+0x379/0x750
[  321.606223][T10643]  ? __pfx_vcpu_run+0x10/0x10
[  321.606243][T10643]  ? complete_emulated_mmio+0x394/0x7f0
[  321.606262][T10643]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1970
[  321.606277][T10643]  kvm_arch_vcpu_ioctl_run+0x1023/0x1970
[  321.606300][T10643]  kvm_vcpu_ioctl+0x5eb/0x1690
[  321.606329][T10643]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  321.606350][T10643]  ? tomoyo_path_number_perm+0x18d/0x580
[  321.606378][T10643]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  321.606411][T10643]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  321.606438][T10643]  ? do_vfs_ioctl+0x128/0x14f0
[  321.606461][T10643]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  321.606494][T10643]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  321.606516][T10643]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  321.606537][T10643]  ? __fget_files+0x20e/0x3c0
[  321.606558][T10643]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  321.606580][T10643]  __ia32_compat_sys_ioctl+0x242/0x370
[  321.606606][T10643]  __do_fast_syscall_32+0x7c/0x300
[  321.606627][T10643]  do_fast_syscall_32+0x32/0x80
[  321.606644][T10643]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  321.606663][T10643] RIP: 0023:0xf7f04579
[  321.606676][T10643] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  321.606690][T10643] RSP: 002b:00000000f53d555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  321.606706][T10643] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80
[  321.606715][T10643] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  321.606724][T10643] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  321.606732][T10643] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  321.606741][T10643] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  321.606764][T10643]  </TASK>
[  321.712177][T10645] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  321.733475][T10645] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  321.736751][T10645] vhci_hcd vhci_hcd.0: Device attached
[  322.032751][ T1464] usb 42-1: SetAddress Request (31) to port 0
[  322.034817][ T1464] usb 42-1: new SuperSpeed USB device number 31 using vhci_hcd
[  322.325500][T10658] overlayfs: missing 'lowerdir'
[  322.379373][T10657] pim6reg: entered allmulticast mode
[  322.399297][T10646] vhci_hcd: connection reset by peer
[  322.401340][ T1197] vhci_hcd: stop threads
[  322.403384][ T1197] vhci_hcd: release socket
[  322.408647][ T1197] vhci_hcd: disconnect device
[  322.884951][T10667] netlink: 'syz.4.1268': attribute type 12 has an invalid length.
[  322.922781][T10654] pim6reg: left allmulticast mode
[  323.036884][T10674] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  326.479461][T10700] netlink: 'syz.5.1277': attribute type 12 has an invalid length.
[  326.482591][ T6000] usb 48-1: device descriptor read/8, error -110
[  327.132682][ T1464] usb 42-1: device descriptor read/8, error -110
[  327.253281][ T6000] usb usb48-port1: attempt power cycle
[  327.320618][T10707] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  327.553100][ T1464] usb usb42-port1: attempt power cycle
[  327.929134][T10711] netlink: 'syz.0.1280': attribute type 13 has an invalid length.
[  328.034343][T10711] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  329.020159][ T1464] usb usb42-port1: unable to enumerate USB device
[  329.187979][T10730] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  329.397633][ T6000] usb usb48-port1: unable to enumerate USB device
[  329.501376][T10734] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  329.686000][T10736] netlink: 'syz.2.1287': attribute type 12 has an invalid length.
[  329.971753][T10738] netlink: 'syz.2.1288': attribute type 12 has an invalid length.
[  330.025037][   T40] kauditd_printk_skb: 54 callbacks suppressed
[  330.025052][   T40] audit: type=1400 audit(1761913522.405:258): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=10740 comm="syz.2.1290"
[  330.040904][   T40] audit: type=1326 audit(1761913522.415:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10740 comm="syz.2.1290" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  330.049951][   T40] audit: type=1326 audit(1761913522.415:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10740 comm="syz.2.1290" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  330.058996][   T40] audit: type=1326 audit(1761913522.425:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10740 comm="syz.2.1290" exe="/syz-executor" sig=0 arch=40000003 syscall=254 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  330.067909][   T40] audit: type=1326 audit(1761913522.425:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10740 comm="syz.2.1290" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  330.076511][   T40] audit: type=1326 audit(1761913522.425:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10740 comm="syz.2.1290" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  330.087010][   T40] audit: type=1326 audit(1761913522.425:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10740 comm="syz.2.1290" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  330.112055][   T40] audit: type=1326 audit(1761913522.425:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10740 comm="syz.2.1290" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  330.121241][   T40] audit: type=1326 audit(1761913522.425:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10740 comm="syz.2.1290" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  330.130379][   T40] audit: type=1326 audit(1761913522.425:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10740 comm="syz.2.1290" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f84579 code=0x7ffc0000
[  330.622707][ T6000] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  330.802507][ T6000] usb 7-1: Using ep0 maxpacket: 8
[  330.806663][ T6000] usb 7-1: config 1 interface 0 altsetting 253 bulk endpoint 0x1 has invalid maxpacket 16
[  330.810954][ T6000] usb 7-1: config 1 interface 0 altsetting 253 bulk endpoint 0x82 has invalid maxpacket 32
[  330.815095][ T6000] usb 7-1: config 1 interface 0 has no altsetting 0
[  330.819540][ T6000] usb 7-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40
[  330.824370][ T6000] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.827508][ T6000] usb 7-1: Product: 跴툺뼞奞蚔ž︸O녣唘ĕ腑섁⺗ﱉ幞ꅨꬄ鿇㞢ԃ೩ᵱ좿惞뿽뙞鱴쬥퓽ૢ搷
[  330.833134][ T6000] usb 7-1: Manufacturer: 罫⁽㔶揧⽠㎍ᵋ봖㋝冝ᨠ銓Ꟙ槂㕋䤂㏍冸霯뉔놨⧜Ϡ圽箒햙뵊뗀礂ါꔇ屧㨼亯龖髒Á崾⅗代해躯湿݆踄녡ᇑ漧ሐ셆㭽ྐ㢷눧헙解諸ම庆洊ꍐ朁衍킀⎘禓瑺ↂŞꚁ韘䚢⃒꒍帗腣貐
[  330.842374][ T6000] usb 7-1: SerialNumber: ፫鿸ㄳ覅콦态ⲋ膈電ᔞ羳飭怲ꑄٶ즊얖쪳迊剹췯蹉ⷆޡ옔쓬톝죯ࢁ픖靋왛邝柪ﭣ䋈皯ꊆ胷兴쐨첗ꈕ臐롪䈂ᔎȦ눀꒏⏈吞
[  330.851314][T10755] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  330.854590][T10755] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  331.613460][ T6000] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 22 if 0 alt 253 proto 1 vid 0x04B8 pid 0x0202
[  331.625189][ T6000] usb 7-1: USB disconnect, device number 22
[  331.663211][ T6000] usblp0: removed
[  331.778284][T10767] netlink: 'syz.4.1297': attribute type 12 has an invalid length.
[  332.255037][T10772] 9pnet_fd: Insufficient options for proto=fd
[  332.598585][T10780] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  332.961139][T10789] netlink: 'syz.4.1303': attribute type 21 has an invalid length.
[  332.964431][T10789] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1303'.
[  332.967975][T10789] netlink: 'syz.4.1303': attribute type 4 has an invalid length.
[  332.970962][T10789] netlink: 'syz.4.1303': attribute type 3 has an invalid length.
[  332.974025][T10789] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1303'.
[  333.476120][T10800] netlink: 512 bytes leftover after parsing attributes in process `syz.0.1308'.
[  333.974907][T10806] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  338.188725][T10832] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  340.221925][T10850] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  343.068262][T10875] input: syz0 as /devices/virtual/input/input31
[  343.169020][ T6017] libceph: connect (1)[c::]:6789 error -22
[  343.170955][ T6017] libceph: mon0 (1)[c::]:6789 connect error
[  343.210888][T10873] ceph: No mds server is up or the cluster is laggy
[  343.237305][T10879] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  343.890583][T10881] tipc: Started in network mode
[  343.896363][T10881] tipc: Node identity 522a9ad56cf4, cluster identity 4711
[  343.905566][T10881] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  343.917114][T10881] syzkaller0: entered promiscuous mode
[  343.923205][T10881] syzkaller0: entered allmulticast mode
[  343.972981][T10881] tipc: Resetting bearer <eth:syzkaller0>
[  344.043529][T10880] tipc: Resetting bearer <eth:syzkaller0>
[  344.058004][T10880] tipc: Disabling bearer <eth:syzkaller0>
[  344.334672][T10886] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  346.010605][T10902] input: syz0 as /devices/virtual/input/input32
[  346.403191][T10913] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  346.405318][T10913] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  346.408040][T10913] vhci_hcd vhci_hcd.0: Device attached
[  346.482603][  T841] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  346.632548][  T841] usb 7-1: Using ep0 maxpacket: 16
[  346.640269][  T841] usb 7-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  346.644557][  T841] usb 7-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  346.648045][  T841] usb 7-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  346.653384][  T841] usb 7-1: config 1 interface 0 has no altsetting 0
[  346.659188][  T841] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  346.663337][  T841] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.666663][  T841] usb 7-1: Product: syz
[  346.668449][  T841] usb 7-1: Manufacturer: syz
[  346.670609][  T841] usb 7-1: SerialNumber: syz
[  346.702542][ T6000] usb 38-1: SetAddress Request (22) to port 0
[  346.704918][ T6000] usb 38-1: new SuperSpeed USB device number 22 using vhci_hcd
[  346.876943][T10914] vhci_hcd: connection reset by peer
[  346.886774][   T97] vhci_hcd: stop threads
[  346.888255][   T97] vhci_hcd: release socket
[  346.893022][   T97] vhci_hcd: disconnect device
[  346.940672][  T841] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 23 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  347.065815][T10920] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1340'.
[  347.148644][   T54] usb 7-1: USB disconnect, device number 23
[  347.157934][   T54] usblp0: removed
[  347.267020][T10925] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  348.211708][T10936] netlink: 'syz.5.1345': attribute type 12 has an invalid length.
[  348.294201][T10941] input: syz0 as /devices/virtual/input/input33
[  349.738201][T10954] netlink: 'syz.5.1348': attribute type 13 has an invalid length.
[  349.749440][T10954] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  349.902588][ T6017] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  350.052655][ T6017] usb 5-1: Using ep0 maxpacket: 8
[  350.072614][ T6017] usb 5-1: config 1 interface 0 altsetting 253 bulk endpoint 0x1 has invalid maxpacket 16
[  350.076352][ T6017] usb 5-1: config 1 interface 0 altsetting 253 bulk endpoint 0x82 has invalid maxpacket 32
[  350.079910][ T6017] usb 5-1: config 1 interface 0 has no altsetting 0
[  350.084022][ T6017] usb 5-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40
[  350.086817][ T6017] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.089313][ T6017] usb 5-1: Product: 跴툺뼞奞蚔ž︸O녣唘ĕ腑섁⺗ﱉ幞ꅨꬄ鿇㞢ԃ೩ᵱ좿惞뿽뙞鱴쬥퓽ૢ搷
[  350.093908][ T6017] usb 5-1: Manufacturer: 罫⁽㔶揧⽠㎍ᵋ봖㋝冝ᨠ銓Ꟙ槂㕋䤂㏍冸霯뉔놨⧜Ϡ圽箒햙뵊뗀礂ါꔇ屧㨼亯龖髒Á崾⅗代해躯湿݆踄녡ᇑ漧ሐ셆㭽ྐ㢷눧헙解諸ම庆洊ꍐ朁衍킀⎘禓瑺ↂŞꚁ韘䚢⃒꒍帗腣貐
[  350.102073][ T6017] usb 5-1: SerialNumber: ፫鿸ㄳ覅콦态ⲋ膈電ᔞ羳飭怲ꑄٶ즊얖쪳迊剹췯蹉ⷆޡ옔쓬톝죯ࢁ픖靋왛邝柪ﭣ䋈皯ꊆ胷兴쐨첗ꈕ臐롪䈂ᔎȦ눀꒏⏈吞
[  350.109807][T10953] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  350.112126][T10953] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  350.176587][T10961] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  350.178869][T10961] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  350.182088][T10961] vhci_hcd vhci_hcd.0: Device attached
[  350.462660][ T5986] usb 46-1: SetAddress Request (22) to port 0
[  350.469171][ T5986] usb 46-1: new SuperSpeed USB device number 22 using vhci_hcd
[  350.808365][T10962] vhci_hcd: connection reset by peer
[  350.810874][ T1061] vhci_hcd: stop threads
[  350.812694][ T1061] vhci_hcd: release socket
[  350.826153][ T1061] vhci_hcd: disconnect device
[  351.050197][T10966] netlink: 'syz.5.1352': attribute type 13 has an invalid length.
[  351.066406][T10966] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  351.091412][T10970] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  351.763986][ T6000] usb 38-1: device descriptor read/8, error -110
[  352.164378][T10975] input: syz0 as /devices/virtual/input/input34
[  352.184549][ T6000] usb usb38-port1: attempt power cycle
[  352.625005][T10984] 9pnet_fd: Insufficient options for proto=fd
[  352.644754][   T40] kauditd_printk_skb: 94 callbacks suppressed
[  352.644764][   T40] audit: type=1804 audit(1761913545.025:362): pid=10984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1357" name="/newroot/340/file0/file0" dev="9p" ino=72876261 res=1 errno=0
[  352.753908][ T6017] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 20 if 0 alt 253 proto 1 vid 0x04B8 pid 0x0202
[  352.774984][ T6000] usb usb38-port1: unable to enumerate USB device
[  352.863530][ T6017] usb 5-1: USB disconnect, device number 20
[  352.874201][ T6017] usblp0: removed
[  353.964105][T11003] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  354.782416][T11020] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  354.784529][T11020] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  354.787297][T11020] vhci_hcd vhci_hcd.0: Device attached
[  355.071166][T11021] vhci_hcd: connection closed
[  355.071556][   T13] vhci_hcd: stop threads
[  355.074723][   T13] vhci_hcd: release socket
[  355.076495][   T13] vhci_hcd: disconnect device
[  355.518026][T11026] netlink: 'syz.0.1367': attribute type 13 has an invalid length.
[  355.528384][T11026] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  355.578610][ T5986] usb 46-1: device descriptor read/8, error -110
[  355.892546][ T6017] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  355.932979][T11030] openvswitch: netlink: Actions may not be safe on all matching packets
[  355.985116][ T5986] usb usb46-port1: attempt power cycle
[  356.106949][T11040] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  356.526651][ T6017] usb 7-1: Using ep0 maxpacket: 32
[  356.581966][ T5986] usb usb46-port1: unable to enumerate USB device
[  357.129250][ T6017] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[  357.769144][ T6017] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  357.772879][ T6017] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 56, changing to 9
[  357.776351][ T6017] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 9275, setting to 1024
[  357.780043][ T6017] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  357.785521][ T6017] usb 7-1: config 0 interface 0 has no altsetting 0
[  357.792294][ T6017] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  357.797613][ T6017] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  357.800838][ T6017] usb 7-1: Product: syz
[  357.802597][ T6017] usb 7-1: Manufacturer: syz
[  357.804133][ T6017] usb 7-1: SerialNumber: syz
[  357.812227][ T6017] usb 7-1: config 0 descriptor??
[  357.820451][T11028] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  357.824423][ T6017] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  357.833846][ T6017] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  357.871931][   T40] audit: type=1326 audit(1761913550.245:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11052 comm="syz.4.1376" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ed579 code=0x0
[  358.041460][T11028] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  358.050808][ T5986] usb 7-1: USB disconnect, device number 24
[  358.055385][ T5986] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[  358.433313][T11059] netlink: 'syz.5.1378': attribute type 13 has an invalid length.
[  358.438701][T11059] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  358.657822][T11064] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1380'.
[  359.164624][T11084] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  359.167209][T11084] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  359.169860][T11084] vhci_hcd vhci_hcd.0: Device attached
[  359.422566][   T54] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  359.813469][T11085] vhci_hcd: connection reset by peer
[  359.816501][   T40] audit: type=1326 audit(1761913552.195:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11076 comm="syz.2.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7fc00000
[  359.816613][ T1143] vhci_hcd: stop threads
[  359.833454][ T1143] vhci_hcd: release socket
[  359.835028][   T40] audit: type=1326 audit(1761913552.205:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11076 comm="syz.2.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f84579 code=0x7fc00000
[  359.835259][ T1143] vhci_hcd: disconnect device
[  359.843941][   T40] audit: type=1326 audit(1761913552.205:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11076 comm="syz.2.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7fc00000
[  359.854531][   T40] audit: type=1326 audit(1761913552.205:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11076 comm="syz.2.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7fc00000
[  359.863178][   T40] audit: type=1326 audit(1761913552.205:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11076 comm="syz.2.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7fc00000
[  359.871859][   T40] audit: type=1326 audit(1761913552.205:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11076 comm="syz.2.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7fc00000
[  359.880772][   T40] audit: type=1326 audit(1761913552.205:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11076 comm="syz.2.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7fc00000
[  359.889667][   T40] audit: type=1326 audit(1761913552.205:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11076 comm="syz.2.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7fc00000
[  359.898462][   T40] audit: type=1326 audit(1761913552.205:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11076 comm="syz.2.1384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7fc00000
[  360.852313][T11091] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1387'.
[  360.925349][T11094] netlink: 'syz.2.1388': attribute type 13 has an invalid length.
[  360.938890][T11094] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  362.612620][   T34] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  363.052236][T11113] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  363.540766][   T34] usb 5-1: config index 0 descriptor too short (expected 39, got 27)
[  363.628790][   T34] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  363.631857][   T34] usb 5-1: config 0 interface 0 has no altsetting 0
[  363.647129][   T34] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  363.650048][   T34] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  363.653502][   T34] usb 5-1: Product: syz
[  363.654913][   T34] usb 5-1: Manufacturer: syz
[  363.656378][   T34] usb 5-1: SerialNumber: syz
[  363.663513][   T34] usb 5-1: config 0 descriptor??
[  363.675441][   T34] hub 5-1:0.0: bad descriptor, ignoring hub
[  363.677993][   T34] hub 5-1:0.0: probe with driver hub failed with error -5
[  363.685665][   T34] usb 5-1: selecting invalid altsetting 0
[  364.832642][   T54] vhci_hcd: vhci_device speed not set
[  365.019026][T11136] netlink: 'syz.5.1399': attribute type 13 has an invalid length.
[  365.040198][T11136] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  365.345744][T11141] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  365.938436][T11148] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  366.157357][T11154] bridge_slave_0: left allmulticast mode
[  366.159837][T11154] bridge_slave_0: left promiscuous mode
[  366.164277][T11154] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.184655][T11154] bridge_slave_1: left allmulticast mode
[  366.191108][T11154] bridge_slave_1: left promiscuous mode
[  366.194216][ T6000] usb 5-1: USB disconnect, device number 21
[  366.216915][T11152] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1404'.
[  366.223556][T11154] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.242773][T11154] bond0: (slave bond_slave_0): Releasing backup interface
[  366.382817][T11154] bond0: (slave bond_slave_1): Releasing backup interface
[  366.426829][T11154] team0: Port device team_slave_0 removed
[  366.561721][T11154] team0: Port device team_slave_1 removed
[  366.565221][T11154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  366.569017][T11154] batman_adv: batadv0: Removing interface: batadv_slave_0
[  366.579062][T11154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  366.582179][T11154] batman_adv: batadv0: Removing interface: batadv_slave_1
[  366.589434][T11154] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  367.037799][T11164] input: syz0 as /devices/virtual/input/input35
[  368.627931][T11179] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  370.926442][T11214] binder: 11211:11214 ioctl c0306201 80000080 returned -14
[  371.020049][T11216] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  371.248814][T11223] netlink: 'syz.0.1425': attribute type 2 has an invalid length.
[  371.694486][T11231] nvme_fabrics: unknown parameter or missing value '
' in ctrl creation request
[  372.001020][T11234] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1428'.
[  372.246960][T11246] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  372.703104][T11252] syz.2.1433 (11252): drop_caches: 0
[  373.749262][T11269] delete_channel: no stack
[  374.251078][T11281] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  374.426721][T11288] netlink: 'syz.5.1444': attribute type 1 has an invalid length.
[  374.452703][T11288] 8021q: adding VLAN 0 to HW filter on device bond1
[  374.599900][T11288] bond1: (slave veth3): Enslaving as an active interface with a down link
[  374.695214][T11288] bond1: (slave dummy0): making interface the new active one
[  374.708615][T11288] dummy0: entered promiscuous mode
[  374.711021][T11288] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  374.734122][T11288] random: crng reseeded on system resumption
[  374.783436][T11286] mmap: syz.4.1442 (11286) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  374.941012][T11298] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  375.225647][T11312] vivid-007: disconnect
[  375.252793][T11314] netlink: 'syz.0.1449': attribute type 21 has an invalid length.
[  375.257575][T11314] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1449'.
[  375.261621][T11314] netlink: 'syz.0.1449': attribute type 4 has an invalid length.
[  375.265317][T11314] netlink: 'syz.0.1449': attribute type 3 has an invalid length.
[  375.268646][T11314] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1449'.
[  375.300250][   T40] kauditd_printk_skb: 2365 callbacks suppressed
[  375.300265][   T40] audit: type=1400 audit(1761913567.675:2738): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=11316 comm="syz.5.1452"
[  375.315124][T11311] vivid-007: reconnect
[  376.782961][    T9] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  376.819345][T11344] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1461'.
[  376.932587][    T9] usb 9-1: Using ep0 maxpacket: 8
[  376.938428][    T9] usb 9-1: config 1 interface 0 altsetting 253 bulk endpoint 0x1 has invalid maxpacket 16
[  376.941882][    T9] usb 9-1: config 1 interface 0 altsetting 253 bulk endpoint 0x82 has invalid maxpacket 32
[  376.946305][    T9] usb 9-1: config 1 interface 0 has no altsetting 0
[  376.951310][    T9] usb 9-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40
[  376.954253][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  376.957059][    T9] usb 9-1: Product: 跴툺뼞奞蚔ž︸O녣唘ĕ腑섁⺗ﱉ幞ꅨꬄ鿇㞢ԃ೩ᵱ좿惞뿽뙞鱴쬥퓽ૢ搷
[  376.961610][    T9] usb 9-1: Manufacturer: 罫⁽㔶揧⽠㎍ᵋ봖㋝冝ᨠ銓Ꟙ槂㕋䤂㏍冸霯뉔놨⧜Ϡ圽箒햙뵊뗀礂ါꔇ屧㨼亯龖髒Á崾⅗代해躯湿݆踄녡ᇑ漧ሐ셆㭽ྐ㢷눧헙解諸ම庆洊ꍐ朁衍킀⎘禓瑺ↂŞꚁ韘䚢⃒꒍帗腣貐
[  376.970702][    T9] usb 9-1: SerialNumber: ፫鿸ㄳ覅콦态ⲋ膈電ᔞ羳飭怲ꑄٶ즊얖쪳迊剹췯蹉ⷆޡ옔쓬톝죯ࢁ픖靋왛邝柪ﭣ䋈皯ꊆ胷兴쐨첗ꈕ臐롪䈂ᔎȦ눀꒏⏈吞
[  376.979416][T11338] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  376.981952][T11338] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  377.251525][    T9] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 253 proto 1 vid 0x04B8 pid 0x0202
[  377.263726][    T9] usb 9-1: USB disconnect, device number 3
[  377.269008][    T9] usblp0: removed
[  378.336205][T11378] input: syz0 as /devices/virtual/input/input36
[  378.454947][T11384] random: crng reseeded on system resumption
[  379.132344][T11394] openvswitch: netlink: Actions may not be safe on all matching packets
[  379.259226][T11398] netlink: 'syz.4.1477': attribute type 12 has an invalid length.
[  379.371474][T11404] FAULT_INJECTION: forcing a failure.
[  379.371474][T11404] name failslab, interval 1, probability 0, space 0, times 0
[  379.377446][T11404] CPU: 2 UID: 0 PID: 11404 Comm: syz.0.1480 Not tainted syzkaller #0 PREEMPT(full) 
[  379.377486][T11404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  379.377496][T11404] Call Trace:
[  379.377503][T11404]  <TASK>
[  379.377511][T11404]  dump_stack_lvl+0x16c/0x1f0
[  379.377536][T11404]  should_fail_ex+0x512/0x640
[  379.377561][T11404]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  379.377580][T11404]  should_failslab+0xc2/0x120
[  379.377602][T11404]  kmem_cache_alloc_node_noprof+0x78/0x770
[  379.377619][T11404]  ? __alloc_skb+0x2b2/0x380
[  379.377649][T11404]  ? __alloc_skb+0x2b2/0x380
[  379.377671][T11404]  __alloc_skb+0x2b2/0x380
[  379.377695][T11404]  ? __pfx___alloc_skb+0x10/0x10
[  379.377720][T11404]  ? genl_rcv_msg+0x4bb/0x800
[  379.377749][T11404]  netlink_ack+0x15d/0xb80
[  379.377767][T11404]  ? __lock_acquire+0x622/0x1c90
[  379.377795][T11404]  netlink_rcv_skb+0x332/0x420
[  379.377812][T11404]  ? __pfx_genl_rcv_msg+0x10/0x10
[  379.377833][T11404]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  379.377862][T11404]  ? netlink_deliver_tap+0x1ae/0xd30
[  379.377882][T11404]  genl_rcv+0x28/0x40
[  379.377900][T11404]  netlink_unicast+0x5aa/0x870
[  379.377921][T11404]  ? __pfx_netlink_unicast+0x10/0x10
[  379.377938][T11404]  ? __pfx___might_resched+0x10/0x10
[  379.377964][T11404]  netlink_sendmsg+0x8c8/0xdd0
[  379.377986][T11404]  ? __pfx_netlink_sendmsg+0x10/0x10
[  379.378008][T11404]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  379.378038][T11404]  ____sys_sendmsg+0xa98/0xc70
[  379.378068][T11404]  ? __pfx_____sys_sendmsg+0x10/0x10
[  379.378088][T11404]  ? get_compat_msghdr+0x11a/0x170
[  379.378127][T11404]  ___sys_sendmsg+0x134/0x1d0
[  379.378148][T11404]  ? __pfx____sys_sendmsg+0x10/0x10
[  379.378178][T11404]  ? find_held_lock+0x2b/0x80
[  379.378216][T11404]  __sys_sendmsg+0x16d/0x220
[  379.378234][T11404]  ? __pfx___sys_sendmsg+0x10/0x10
[  379.378264][T11404]  ? rcu_is_watching+0x12/0xc0
[  379.378287][T11404]  __do_fast_syscall_32+0x7c/0x300
[  379.378310][T11404]  do_fast_syscall_32+0x32/0x80
[  379.378330][T11404]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  379.378352][T11404] RIP: 0023:0xf7f04579
[  379.378365][T11404] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  379.378380][T11404] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  379.378397][T11404] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000040
[  379.378408][T11404] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  379.378417][T11404] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  379.378427][T11404] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  379.378436][T11404] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  379.378462][T11404]  </TASK>
[  379.496590][    C2] vkms_vblank_simulate: vblank timer overrun
[  379.506101][T11411] netlink: 548 bytes leftover after parsing attributes in process `syz.4.1479'.
[  379.805325][T11413] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1479'.
[  380.468897][T11420] hpfs: Bad magic ... probably not HPFS
[  380.483662][T11419] netlink: 'syz.0.1483': attribute type 1 has an invalid length.
[  380.533486][T11419] 8021q: adding VLAN 0 to HW filter on device bond1
[  380.566771][T11419] bond1: (slave veth3): Enslaving as an active interface with a down link
[  380.583750][T11419] bond1: (slave dummy0): making interface the new active one
[  380.588028][T11419] dummy0: entered promiscuous mode
[  380.589867][T11419] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  380.598362][T11419] random: crng reseeded on system resumption
[  381.395499][T11435] netlink: 'syz.5.1488': attribute type 12 has an invalid length.
[  381.820222][T11443] openvswitch: netlink: Actions may not be safe on all matching packets
[  382.100528][T11448] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  382.102598][T11448] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  382.106501][T11448] vhci_hcd vhci_hcd.0: Device attached
[  382.300214][T11449] vhci_hcd: connection closed
[  382.300464][   T12] vhci_hcd: stop threads
[  382.304303][   T12] vhci_hcd: release socket
[  382.308211][   T12] vhci_hcd: disconnect device
[  382.557784][T11454] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1492'.
[  382.597087][T11455] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  382.599812][T11455] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  382.603426][T11455] vhci_hcd vhci_hcd.0: Device attached
[  382.893510][ T1464] usb 42-1: SetAddress Request (35) to port 0
[  382.895524][ T1464] usb 42-1: new SuperSpeed USB device number 35 using vhci_hcd
[  382.958311][T11468] netlink: 'syz.5.1497': attribute type 12 has an invalid length.
[  383.370935][T11456] vhci_hcd: connection reset by peer
[  383.373846][ T1061] vhci_hcd: stop threads
[  383.375254][ T1061] vhci_hcd: release socket
[  383.376840][ T1061] vhci_hcd: disconnect device
[  384.836310][T11494] input: syz0 as /devices/virtual/input/input37
[  384.856353][T11493] netlink: 'syz.0.1506': attribute type 13 has an invalid length.
[  384.868263][T11493] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  386.676070][T11508] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1508'.
[  386.696061][T11508] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  387.213055][   T12] dummy0: left promiscuous mode
[  387.357522][T11524] input: syz0 as /devices/virtual/input/input38
[  387.676675][T11527] netlink: 'syz.0.1517': attribute type 1 has an invalid length.
[  387.709549][T11527] 8021q: adding VLAN 0 to HW filter on device bond2
[  387.747064][T11527] bond1: (slave dummy0): Releasing active interface
[  387.750440][T11527] dummy0: left promiscuous mode
[  387.776634][T11527] bond2: (slave dummy0): making interface the new active one
[  387.781947][T11527] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  387.887193][T11532] bond2 (unregistering): (slave dummy0): Releasing active interface
[  387.895957][T11532] bond2 (unregistering): Released all slaves
[  388.054571][ T1464] usb 42-1: device descriptor read/8, error -110
[  388.097294][T11535] openvswitch: netlink: Actions may not be safe on all matching packets
[  388.152194][T11543] netlink: 'syz.0.1522': attribute type 12 has an invalid length.
[  388.480519][T11552] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  388.525286][ T1464] usb usb42-port1: attempt power cycle
[  389.113464][ T1464] usb usb42-port1: unable to enumerate USB device
[  389.156358][T11554] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  389.252215][T11561] netlink: 'syz.2.1528': attribute type 13 has an invalid length.
[  389.327382][T11561] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  389.478501][T11565] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  390.192889][T11576] netlink: 'syz.0.1532': attribute type 12 has an invalid length.
[  390.450543][T11579] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  390.715654][T11588] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  390.776731][T11593] netlink: 'syz.0.1538': attribute type 13 has an invalid length.
[  390.777726][T11596] netlink: 'syz.5.1539': attribute type 1 has an invalid length.
[  390.785219][T11593] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  390.801088][T11596] 8021q: adding VLAN 0 to HW filter on device bond2
[  390.845549][T11596] bond2: (slave veth5): Enslaving as an active interface with a down link
[  390.854061][T11599] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1540'.
[  391.398097][T11611] block device autoloading is deprecated and will be removed.
[  392.024985][T11618] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  392.619813][T11633] netlink: 'syz.2.1549': attribute type 1 has an invalid length.
[  392.637107][T11633] 8021q: adding VLAN 0 to HW filter on device bond5
[  392.716619][T11633] bond5: (slave veth5): Enslaving as an active interface with a down link
[  392.822791][T11638] netlink: 'syz.4.1550': attribute type 13 has an invalid length.
[  393.599433][T11638] syz.4.1550: vmalloc error: size 4194304, failed to allocated page array size 8192, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  393.605443][T11638] CPU: 2 UID: 0 PID: 11638 Comm: syz.4.1550 Not tainted syzkaller #0 PREEMPT(full) 
[  393.605459][T11638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  393.605466][T11638] Call Trace:
[  393.605470][T11638]  <TASK>
[  393.605475][T11638]  dump_stack_lvl+0x16c/0x1f0
[  393.605490][T11638]  warn_alloc+0x248/0x3a0
[  393.605502][T11638]  ? __pfx_warn_alloc+0x10/0x10
[  393.605517][T11638]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  393.605534][T11638]  ? __vmalloc_node_noprof+0xad/0xf0
[  393.605552][T11638]  __vmalloc_node_range_noprof+0xfe2/0x1480
[  393.605567][T11638]  ? __kasan_kmalloc+0xaa/0xb0
[  393.605579][T11638]  ? pfifo_fast_change_tx_queue_len+0xe7/0xb90
[  393.605597][T11638]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  393.605617][T11638]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  393.605634][T11638]  ? ___kmalloc_large_node+0xed/0x160
[  393.605651][T11638]  __kvmalloc_node_noprof+0x431/0x9c0
[  393.605663][T11638]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  393.605679][T11638]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  393.605697][T11638]  ? pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  393.605712][T11638]  pfifo_fast_change_tx_queue_len+0x15a/0xb90
[  393.605734][T11638]  ? __pfx_pfifo_fast_change_tx_queue_len+0x10/0x10
[  393.605749][T11638]  ? dev_deactivate+0x15c/0x1c0
[  393.605769][T11638]  ? __pfx_pfifo_fast_change_tx_queue_len+0x10/0x10
[  393.605784][T11638]  dev_qdisc_change_tx_queue_len+0x169/0x380
[  393.605804][T11638]  netif_change_tx_queue_len+0x1a1/0x1e0
[  393.605815][T11638]  ? __pfx_netif_change_tx_queue_len+0x10/0x10
[  393.605827][T11638]  ? netif_change_flags+0x10d/0x160
[  393.605838][T11638]  do_setlink.constprop.0+0xd00/0x4380
[  393.605857][T11638]  ? __pfx_console_unlock+0x10/0x10
[  393.605867][T11638]  ? do_raw_spin_unlock+0xd0/0x230
[  393.605884][T11638]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  393.605895][T11638]  ? preempt_count_add+0x76/0x150
[  393.605913][T11638]  ? __lock_acquire+0xb8a/0x1c90
[  393.605931][T11638]  ? __mutex_trylock_common+0xe9/0x250
[  393.605945][T11638]  ? __pfx___mutex_trylock_common+0x10/0x10
[  393.605960][T11638]  ? __pfx___might_resched+0x10/0x10
[  393.605971][T11638]  ? rcu_is_watching+0x12/0xc0
[  393.605982][T11638]  ? trace_contention_end+0xdd/0x130
[  393.605996][T11638]  ? __mutex_lock+0x1c5/0x1060
[  393.606008][T11638]  ? __nla_validate_parse+0x600/0x2880
[  393.606021][T11638]  ? rcu_is_watching+0x12/0xc0
[  393.606033][T11638]  ? __pfx___mutex_lock+0x10/0x10
[  393.606053][T11638]  rtnl_newlink+0x18e0/0x2000
[  393.606068][T11638]  ? __pfx_rtnl_newlink+0x10/0x10
[  393.606080][T11638]  ? kmem_cache_free+0x2d4/0x6c0
[  393.606090][T11638]  ? kfree_skbmem+0x1a4/0x1f0
[  393.606105][T11638]  ? kfree_skbmem+0x1a4/0x1f0
[  393.606119][T11638]  ? __lock_acquire+0x622/0x1c90
[  393.606134][T11638]  ? rcu_is_watching+0x12/0xc0
[  393.606148][T11638]  ? find_held_lock+0x2b/0x80
[  393.606158][T11638]  ? __pfx_rtnl_newlink+0x10/0x10
[  393.606167][T11638]  ? __pfx_rtnl_newlink+0x10/0x10
[  393.606177][T11638]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  393.606187][T11638]  ? __pfx_rtnl_newlink+0x10/0x10
[  393.606198][T11638]  rtnetlink_rcv_msg+0x95e/0xe90
[  393.606210][T11638]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  393.606224][T11638]  ? ref_tracker_free+0x37c/0x830
[  393.606241][T11638]  netlink_rcv_skb+0x158/0x420
[  393.606253][T11638]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  393.606264][T11638]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  393.606280][T11638]  ? netlink_deliver_tap+0x1ae/0xd30
[  393.606292][T11638]  netlink_unicast+0x5aa/0x870
[  393.606304][T11638]  ? __pfx_netlink_unicast+0x10/0x10
[  393.606319][T11638]  netlink_sendmsg+0x8c8/0xdd0
[  393.606332][T11638]  ? __pfx_netlink_sendmsg+0x10/0x10
[  393.606344][T11638]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  393.606362][T11638]  ____sys_sendmsg+0xa98/0xc70
[  393.606376][T11638]  ? __pfx_____sys_sendmsg+0x10/0x10
[  393.606388][T11638]  ? get_compat_msghdr+0x11a/0x170
[  393.606406][T11638]  ? __pfx_futex_wake_mark+0x10/0x10
[  393.606425][T11638]  ___sys_sendmsg+0x134/0x1d0
[  393.606435][T11638]  ? __pfx____sys_sendmsg+0x10/0x10
[  393.606451][T11638]  ? find_held_lock+0x2b/0x80
[  393.606469][T11638]  __sys_sendmsg+0x16d/0x220
[  393.606478][T11638]  ? __pfx___sys_sendmsg+0x10/0x10
[  393.606487][T11638]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  393.606508][T11638]  ? rcu_is_watching+0x12/0xc0
[  393.606520][T11638]  __do_fast_syscall_32+0x7c/0x300
[  393.606534][T11638]  do_fast_syscall_32+0x32/0x80
[  393.606546][T11638]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  393.606559][T11638] RIP: 0023:0xf70ed579
[  393.606568][T11638] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  393.606577][T11638] RSP: 002b:00000000f54dd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  393.606588][T11638] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000180
[  393.606594][T11638] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  393.606599][T11638] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  393.606605][T11638] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  393.606611][T11638] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  393.606624][T11638]  </TASK>
[  393.606628][T11638] Mem-Info:
[  393.777405][T11638] active_anon:584 inactive_anon:1085 isolated_anon:0
[  393.777405][T11638]  active_file:53 inactive_file:1147 isolated_file:0
[  393.777405][T11638]  unevictable:1768 dirty:46 writeback:0
[  393.777405][T11638]  slab_reclaimable:5921 slab_unreclaimable:96534
[  393.777405][T11638]  mapped:23408 shmem:2736 pagetables:1234
[  393.777405][T11638]  sec_pagetables:342 bounce:0
[  393.777405][T11638]  kernel_misc_reclaimable:0
[  393.777405][T11638]  free:23021 free_pcp:2861 free_cma:0
[  393.823487][T11638] Node 0 active_anon:0kB inactive_anon:80kB active_file:4kB inactive_file:16kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:748kB dirty:40kB writeback:0kB shmem:3552kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8400kB pagetables:1176kB sec_pagetables:1204kB all_unreclaimable? yes Balloon:0kB
[  393.833562][T11638] Node 1 active_anon:3612kB inactive_anon:4552kB active_file:504kB inactive_file:4316kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:94248kB dirty:224kB writeback:0kB shmem:8708kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4596kB pagetables:3852kB sec_pagetables:164kB all_unreclaimable? no Balloon:0kB
[  393.843728][T11638] Node 0 DMA free:2100kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:64kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[  393.853449][T11638] lowmem_reserve[]: 0 294 294 294 294
[  393.855163][T11638] Node 0 DMA32 free:16724kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:2048KB free_highatomic:28KB active_anon:0kB inactive_anon:60kB active_file:0kB inactive_file:168kB unevictable:3536kB writepending:0kB zspages:1484kB present:1032196kB managed:301164kB mlocked:0kB bounce:0kB free_pcp:1792kB local_pcp:1792kB free_cma:0kB
[  393.865175][T11638] lowmem_reserve[]: 0 0 0 0 0
[  393.866674][T11638] Node 1 DMA32 free:87240kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4712kB inactive_anon:4552kB active_file:504kB inactive_file:4316kB unevictable:3536kB writepending:128kB zspages:3748kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:10104kB local_pcp:772kB free_cma:0kB
[  393.876796][T11638] lowmem_reserve[]: 0 0 0 0 0
[  393.878313][T11638] Node 0 DMA: 6*4kB (UM) 3*8kB (UM) 5*16kB (UM) 12*32kB (UM) 1*64kB (M) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2112kB
[  393.882820][T11638] Node 0 DMA32: 80*4kB (MH) 63*8kB (UMEH) 46*16kB (MEH) 104*32kB (UME) 46*64kB (UME) 41*128kB (UME) 10*256kB (UME) 2*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 16664kB
[  393.888081][T11638] Node 1 DMA32: 709*4kB (UE) 736*8kB (UME) 757*16kB (UME) 377*32kB (UME) 175*64kB (UME) 86*128kB (UME) 48*256kB (UME) 17*512kB (UM) 10*1024kB (UM) 0*2048kB 0*4096kB = 86340kB
[  393.893597][T11638] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  393.896538][T11638] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  393.899433][T11638] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  393.902600][T11638] Node 1 hugepages_total=6 hugepages_free=6 hugepages_surp=4 hugepages_size=2048kB
[  393.905624][T11638] 5447 total pagecache pages
[  393.907070][T11638] 627 pages in swap cache
[  393.908447][T11638] Free swap  = 66784kB
[  393.909721][T11638] Total swap = 124996kB
[  393.911023][T11638] 524155 pages RAM
[  393.912301][T11638] 0 pages HighMem/MovableOnly
[  393.913852][T11638] 207969 pages reserved
[  393.915189][T11638] 0 pages cma reserved
[  393.918478][T11638] bond0: refused to change device tx_queue_len
[  393.920745][T11638] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  394.382543][   T54] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  394.396931][T11653] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  394.399012][T11653] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  394.401761][T11653] vhci_hcd vhci_hcd.0: Device attached
[  394.563470][   T54] usb 9-1: Using ep0 maxpacket: 8
[  394.594736][   T54] usb 9-1: config 1 interface 0 altsetting 253 bulk endpoint 0x1 has invalid maxpacket 16
[  394.598921][   T54] usb 9-1: config 1 interface 0 altsetting 253 bulk endpoint 0x82 has invalid maxpacket 32
[  394.613168][   T54] usb 9-1: config 1 interface 0 has no altsetting 0
[  394.627360][   T54] usb 9-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40
[  394.630237][   T54] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.642559][   T54] usb 9-1: Product: 跴툺뼞奞蚔ž︸O녣唘ĕ腑섁⺗ﱉ幞ꅨꬄ鿇㞢ԃ೩ᵱ좿惞뿽뙞鱴쬥퓽ૢ搷
[  394.652549][   T54] usb 9-1: Manufacturer: 罫⁽㔶揧⽠㎍ᵋ봖㋝冝ᨠ銓Ꟙ槂㕋䤂㏍冸霯뉔놨⧜Ϡ圽箒햙뵊뗀礂ါꔇ屧㨼亯龖髒Á崾⅗代해躯湿݆踄녡ᇑ漧ሐ셆㭽ྐ㢷눧헙解諸ම庆洊ꍐ朁衍킀⎘禓瑺ↂŞꚁ韘䚢⃒꒍帗腣貐
[  394.682546][   T54] usb 9-1: SerialNumber: ፫鿸ㄳ覅콦态ⲋ膈電ᔞ羳飭怲ꑄٶ즊얖쪳迊剹췯蹉ⷆޡ옔쓬톝죯ࢁ픖靋왛邝柪ﭣ䋈皯ꊆ胷兴쐨첗ꈕ臐롪䈂ᔎȦ눀꒏⏈吞
[  394.714074][T11645] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  394.716870][T11645] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  394.827387][T11661] netlink: 'syz.0.1555': attribute type 21 has an invalid length.
[  394.830548][T11661] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1555'.
[  394.834346][T11661] netlink: 'syz.0.1555': attribute type 4 has an invalid length.
[  394.837484][T11661] netlink: 'syz.0.1555': attribute type 3 has an invalid length.
[  394.840381][T11661] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1555'.
[  394.932592][ T1464] usb 48-1: SetAddress Request (8) to port 0
[  394.935134][ T1464] usb 48-1: new SuperSpeed USB device number 8 using vhci_hcd
[  394.990420][   T54] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 253 proto 1 vid 0x04B8 pid 0x0202
[  394.997449][   T54] usb 9-1: USB disconnect, device number 4
[  395.002825][   T54] usblp0: removed
[  395.258159][T11654] vhci_hcd: connection reset by peer
[  395.260167][   T95] vhci_hcd: stop threads
[  395.261854][   T95] vhci_hcd: release socket
[  395.263725][   T95] vhci_hcd: disconnect device
[  395.673085][T11670] openvswitch: netlink: Actions may not be safe on all matching packets
[  396.097881][T11676] Invalid source name
[  396.104772][T11676] UBIFS error (pid: 11676): cannot open "usrquota", error -22
[  396.295692][T11673] /dev/sr0: Can't open blockdev
[  396.734205][T11696] netlink: 'syz.4.1566': attribute type 21 has an invalid length.
[  396.736775][T11696] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1566'.
[  396.739616][T11696] netlink: 'syz.4.1566': attribute type 4 has an invalid length.
[  396.742034][T11696] netlink: 'syz.4.1566': attribute type 3 has an invalid length.
[  396.744617][T11696] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1566'.
[  397.227555][ T9852] libceph: connect (1)[c::]:6789 error -22
[  397.229760][ T9852] libceph: mon0 (1)[c::]:6789 connect error
[  397.255662][T11701] ceph: No mds server is up or the cluster is laggy
[  397.896802][T11712] efs: cannot read volume header
[  399.474959][T11737] input: syz0 as /devices/virtual/input/input39
[  399.529018][T11739] netlink: 'syz.4.1576': attribute type 21 has an invalid length.
[  399.532419][T11739] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1576'.
[  399.536401][T11739] netlink: 'syz.4.1576': attribute type 4 has an invalid length.
[  399.539712][T11739] netlink: 'syz.4.1576': attribute type 3 has an invalid length.
[  399.543040][T11739] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1576'.
[  399.685239][T11742] netlink: 'syz.5.1578': attribute type 13 has an invalid length.
[  399.695133][T11742] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  400.091656][ T1464] usb 48-1: device descriptor read/8, error -110
[  400.310487][T11749] autofs: Unknown parameter '0x0000000000000000'
[  400.314161][T11749] netlink: 'syz.4.1581': attribute type 10 has an invalid length.
[  400.623016][ T1464] usb usb48-port1: attempt power cycle
[  400.847517][T11757] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  401.203323][ T1464] usb usb48-port1: unable to enumerate USB device
[  401.569276][T11763] hub 8-0:1.0: USB hub found
[  401.571078][T11763] hub 8-0:1.0: 1 port detected
[  402.119288][T11771] input: syz0 as /devices/virtual/input/input40
[  402.119486][T11767] netlink: 'syz.5.1587': attribute type 13 has an invalid length.
[  402.140427][T11767] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  402.151569][T11770] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1588'.
[  402.761680][T11783] openvswitch: netlink: Missing key (keys=40, expected=80)
[  403.809294][T11797] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  404.084006][T11806] netlink: 'syz.4.1598': attribute type 13 has an invalid length.
[  404.862322][T11806] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  406.948063][T11830] ubi31: attaching mtd0
[  406.964993][T11830] ubi31: scanning is finished
[  406.967331][T11830] ubi31: empty MTD device detected
[  407.412482][T11837] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  407.891149][T11839] openvswitch: netlink: Actions may not be safe on all matching packets
[  408.177284][T11830] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  408.312549][ T6264] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  408.366046][T11849] netlink: 'syz.2.1608': attribute type 21 has an invalid length.
[  408.369345][T11849] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1608'.
[  408.373064][T11849] netlink: 'syz.2.1608': attribute type 4 has an invalid length.
[  408.376259][T11849] netlink: 'syz.2.1608': attribute type 3 has an invalid length.
[  408.378841][T11849] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1608'.
[  408.476797][ T6264] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  408.480896][ T6264] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.484525][ T6264] usb 5-1: Product: syz
[  408.486395][ T6264] usb 5-1: Manufacturer: syz
[  408.488483][ T6264] usb 5-1: SerialNumber: syz
[  408.496717][ T6264] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  408.530656][ T6264] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  408.879057][T11856] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1611'.
[  408.960523][   T24] usb 5-1: USB disconnect, device number 22
[  409.506334][T11879] openvswitch: netlink: Actions may not be safe on all matching packets
[  409.602587][ T6264] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  409.605841][ T6264] ath9k_htc: Failed to initialize the device
[  409.610598][   T24] usb 5-1: ath9k_htc: USB layer deinitialized
[  410.043550][T11895] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  410.140932][T11905] openvswitch: netlink: Actions may not be safe on all matching packets
[  410.312968][T11915] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  410.315034][T11915] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  410.317661][T11915] vhci_hcd vhci_hcd.0: Device attached
[  410.332283][   T40] audit: type=1326 audit(1761913602.705:2739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  410.349277][   T40] audit: type=1326 audit(1761913602.705:2740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  410.363952][   T40] audit: type=1326 audit(1761913602.715:2741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=36 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  410.372863][   T40] audit: type=1326 audit(1761913602.735:2742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  410.381706][   T40] audit: type=1326 audit(1761913602.735:2743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  410.391286][   T40] audit: type=1326 audit(1761913602.735:2744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  410.399072][   T40] audit: type=1326 audit(1761913602.735:2745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  410.407325][   T40] audit: type=1326 audit(1761913602.735:2746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  410.415686][   T40] audit: type=1326 audit(1761913602.735:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  410.423305][   T40] audit: type=1326 audit(1761913602.735:2748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11902 comm="syz.4.1623" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  410.442927][T11921] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  410.619411][T11916] vhci_hcd: connection closed
[  410.619728][   T12] vhci_hcd: stop threads
[  410.623816][   T12] vhci_hcd: release socket
[  410.625713][   T12] vhci_hcd: disconnect device
[  410.662567][ T1464] usb 46-1: enqueue for inactive port 0
[  410.760130][T11924] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1627'.
[  410.765638][T11924] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1627'.
[  411.281246][T11929] netlink: 'syz.2.1630': attribute type 13 has an invalid length.
[  411.285102][ T1464] usb usb46-port1: attempt power cycle
[  411.337075][T11929] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  411.482932][T11933] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  411.540770][T11936] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  411.853940][ T1464] usb usb46-port1: unable to enumerate USB device
[  412.277723][T11940] netlink: 'syz.4.1633': attribute type 12 has an invalid length.
[  412.284614][T11942] openvswitch: netlink: Actions may not be safe on all matching packets
[  412.552588][ T1464] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  412.745199][ T1464] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  412.748960][ T1464] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  412.752212][ T1464] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  412.756152][ T1464] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  412.764143][T11939] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  412.770366][ T1464] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  413.024870][   T24] usb 10-1: USB disconnect, device number 3
[  413.261582][T11961] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  413.265687][T11961] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  413.269158][T11961] overlayfs: failed to get uuid (411/file0, err=-13); falling back to uuid=null.
[  413.485360][T11969] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  413.694193][T11982] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  414.379608][T12013] openvswitch: netlink: Actions may not be safe on all matching packets
[  414.386614][T12014] netlink: 'syz.0.1645': attribute type 12 has an invalid length.
[  414.498771][T12023] netlink: 'syz.0.1646': attribute type 4 has an invalid length.
[  415.484140][T12037] netlink: 'syz.0.1650': attribute type 21 has an invalid length.
[  415.487586][T12037] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1650'.
[  415.491388][T12037] netlink: 'syz.0.1650': attribute type 4 has an invalid length.
[  415.494719][T12037] netlink: 'syz.0.1650': attribute type 3 has an invalid length.
[  415.497787][T12037] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1650'.
[  416.769751][T12044] netlink: 'syz.0.1654': attribute type 12 has an invalid length.
[  417.227299][T12047] openvswitch: netlink: Actions may not be safe on all matching packets
[  417.964185][T12054] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  418.907520][T12063] netlink: 'syz.2.1659': attribute type 13 has an invalid length.
[  418.916371][T12063] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  419.569255][T12069] input: syz0 as /devices/virtual/input/input41
[  419.922189][T12076] openvswitch: netlink: Actions may not be safe on all matching packets
[  421.311684][T12094] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  421.667682][T12098] binder: BINDER_SET_CONTEXT_MGR already set
[  421.676896][T12098] binder: 12097:12098 ioctl 4018620d 800001c0 returned -16
[  421.754898][T12102] binder: 12097:12102 ioctl c0306201 80000480 returned -22
[  422.140715][T12106] netlink: 'syz.4.1672': attribute type 12 has an invalid length.
[  422.275632][T12110] input: syz0 as /devices/virtual/input/input42
[  422.288900][T12111] netlink: 'syz.4.1674': attribute type 21 has an invalid length.
[  422.292322][T12111] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1674'.
[  422.296492][T12111] netlink: 'syz.4.1674': attribute type 4 has an invalid length.
[  422.299852][T12111] netlink: 'syz.4.1674': attribute type 3 has an invalid length.
[  422.303336][T12111] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1674'.
[  425.553299][T12122] ------------[ cut here ]------------
[  425.555606][T12122] WARNING: CPU: 1 PID: 12122 at mm/shmem.c:1383 shmem_evict_inode+0x8ee/0xbe0
[  425.559274][T12122] Modules linked in:
[  425.561083][T12122] CPU: 1 UID: 0 PID: 12122 Comm: syz.4.1677 Not tainted syzkaller #0 PREEMPT(full) 
[  425.566537][T12122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  425.570863][T12122] RIP: 0010:shmem_evict_inode+0x8ee/0xbe0
[  425.573174][T12122] Code: fe e8 06 eb bc ff 45 85 ff 75 ac e8 bc ef bc ff 48 8b 74 24 28 48 8b 7c 24 30 e8 ed 12 95 ff e9 e5 fd ff ff e8 a3 ef bc ff 90 <0f> 0b 90 e9 51 f9 ff ff e8 95 ef bc ff 4c 89 e2 48 b8 00 00 00 00
[  425.579707][T12122] RSP: 0018:ffffc900040c7770 EFLAGS: 00010293
[  425.581626][T12122] RAX: 0000000000000000 RBX: ffff88806a2e9b60 RCX: ffffffff81ff76fe
[  425.584718][T12122] RDX: ffff8880216c2480 RSI: ffffffff81ff7dad RDI: 0000000000000007
[  425.587446][T12122] RBP: ffffc900040c7898 R08: 0000000000000007 R09: 0000000000000000
[  425.589932][T12122] R10: 0000000000000008 R11: 0000000000000001 R12: 0000000000000008
[  425.592532][T12122] R13: 0000000000000000 R14: ffff88806a2e9b90 R15: ffff88806a2e9a50
[  425.595717][T12122] FS:  0000000000000000(0000) GS:ffff888097910000(0000) knlGS:0000000000000000
[  425.598546][T12122] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  425.600664][T12122] CR2: 00000000f71260d1 CR3: 000000000e182000 CR4: 0000000000352ef0
[  425.603442][T12122] Call Trace:
[  425.604834][T12122]  <TASK>
[  425.605986][T12122]  ? __pfx_shmem_evict_inode+0x10/0x10
[  425.607788][T12122]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  425.609711][T12122]  ? find_held_lock+0x2b/0x80
[  425.611212][T12122]  ? evict+0x3a2/0x920
[  425.612659][T12122]  ? __pfx_shmem_evict_inode+0x10/0x10
[  425.614656][T12122]  evict+0x3e6/0x920
[  425.616132][T12122]  ? __pfx_evict+0x10/0x10
[  425.618059][T12122]  ? iput.part.0+0x6a1/0xb00
[  425.620025][T12122]  iput.part.0+0x6a9/0xb00
[  425.621840][T12122]  ? __pfx_inode_just_drop+0x10/0x10
[  425.623940][T12122]  iput+0x35/0x40
[  425.625138][T12122]  dentry_unlink_inode+0x29c/0x480
[  425.626935][T12122]  __dentry_kill+0x1d0/0x600
[  425.628503][T12122]  dput.part.0+0x4b1/0x9b0
[  425.629938][T12122]  dput+0x1f/0x30
[  425.631126][T12122]  __fput+0x51c/0xb70
[  425.632515][T12122]  ? _raw_spin_unlock_irq+0x23/0x50
[  425.634644][T12122]  task_work_run+0x150/0x240
[  425.636506][T12122]  ? __pfx_task_work_run+0x10/0x10
[  425.638173][T12122]  ? do_raw_spin_unlock+0x172/0x230
[  425.639835][T12122]  do_exit+0x86f/0x2bf0
[  425.641175][T12122]  ? __pfx_do_exit+0x10/0x10
[  425.642795][T12122]  ? do_raw_spin_lock+0x12c/0x2b0
[  425.644815][T12122]  ? find_held_lock+0x2b/0x80
[  425.646650][T12122]  do_group_exit+0xd3/0x2a0
[  425.648138][T12122]  get_signal+0x2671/0x26d0
[  425.649587][T12122]  ? __pfx_get_signal+0x10/0x10
[  425.651127][T12122]  ? do_futex+0x122/0x350
[  425.652619][T12122]  ? __pfx_do_futex+0x10/0x10
[  425.654302][T12122]  arch_do_signal_or_restart+0x8f/0x790
[  425.656047][T12122]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  425.658027][T12122]  ? xfd_validate_state+0x61/0x180
[  425.659651][T12122]  exit_to_user_mode_loop+0x85/0x130
[  425.661318][T12122]  __do_fast_syscall_32+0x240/0x300
[  425.663074][T12122]  do_fast_syscall_32+0x32/0x80
[  425.664607][T12122]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  425.666643][T12122] RIP: 0023:0xf70ed579
[  425.667986][T12122] Code: Unable to access opcode bytes at 0xf70ed54f.
[  425.670101][T12122] RSP: 002b:00000000f549b60c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0
[  425.672923][T12122] RAX: fffffffffffffe00 RBX: 00000000f74b50b8 RCX: 0000000000000080
[  425.676171][T12122] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f74b50bc
[  425.679447][T12122] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000
[  425.682704][T12122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  425.686055][T12122] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  425.689676][T12122]  </TASK>
[  425.690901][T12122] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  425.694147][T12122] CPU: 1 UID: 0 PID: 12122 Comm: syz.4.1677 Not tainted syzkaller #0 PREEMPT(full) 
[  425.698536][T12122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  425.703539][T12122] Call Trace:
[  425.704983][T12122]  <TASK>
[  425.706103][T12122]  dump_stack_lvl+0x3d/0x1f0
[  425.707810][T12122]  vpanic+0x640/0x6f0
[  425.709274][T12122]  ? shmem_evict_inode+0x8ee/0xbe0
[  425.711139][T12122]  panic+0xca/0xd0
[  425.712547][T12122]  ? __pfx_panic+0x10/0x10
[  425.714183][T12122]  ? check_panic_on_warn+0x1f/0xb0
[  425.716058][T12122]  check_panic_on_warn+0xab/0xb0
[  425.717963][T12122]  __warn+0xf6/0x3c0
[  425.719415][T12122]  ? shmem_evict_inode+0x8ee/0xbe0
[  425.721284][T12122]  report_bug+0x3c3/0x580
[  425.722875][T12122]  ? shmem_evict_inode+0x8ee/0xbe0
[  425.724787][T12122]  handle_bug+0x184/0x210
[  425.726367][T12122]  exc_invalid_op+0x17/0x50
[  425.728047][T12122]  asm_exc_invalid_op+0x1a/0x20
[  425.729833][T12122] RIP: 0010:shmem_evict_inode+0x8ee/0xbe0
[  425.731904][T12122] Code: fe e8 06 eb bc ff 45 85 ff 75 ac e8 bc ef bc ff 48 8b 74 24 28 48 8b 7c 24 30 e8 ed 12 95 ff e9 e5 fd ff ff e8 a3 ef bc ff 90 <0f> 0b 90 e9 51 f9 ff ff e8 95 ef bc ff 4c 89 e2 48 b8 00 00 00 00
[  425.738836][T12122] RSP: 0018:ffffc900040c7770 EFLAGS: 00010293
[  425.741068][T12122] RAX: 0000000000000000 RBX: ffff88806a2e9b60 RCX: ffffffff81ff76fe
[  425.744051][T12122] RDX: ffff8880216c2480 RSI: ffffffff81ff7dad RDI: 0000000000000007
[  425.746917][T12122] RBP: ffffc900040c7898 R08: 0000000000000007 R09: 0000000000000000
[  425.749795][T12122] R10: 0000000000000008 R11: 0000000000000001 R12: 0000000000000008
[  425.752652][T12122] R13: 0000000000000000 R14: ffff88806a2e9b90 R15: ffff88806a2e9a50
[  425.755515][T12122]  ? shmem_evict_inode+0x23e/0xbe0
[  425.757432][T12122]  ? shmem_evict_inode+0x8ed/0xbe0
[  425.759310][T12122]  ? __pfx_shmem_evict_inode+0x10/0x10
[  425.761304][T12122]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  425.763631][T12122]  ? find_held_lock+0x2b/0x80
[  425.765367][T12122]  ? evict+0x3a2/0x920
[  425.766881][T12122]  ? __pfx_shmem_evict_inode+0x10/0x10
[  425.768847][T12122]  evict+0x3e6/0x920
[  425.770277][T12122]  ? __pfx_evict+0x10/0x10
[  425.771928][T12122]  ? iput.part.0+0x6a1/0xb00
[  425.773615][T12122]  iput.part.0+0x6a9/0xb00
[  425.775230][T12122]  ? __pfx_inode_just_drop+0x10/0x10
[  425.777233][T12122]  iput+0x35/0x40
[  425.778606][T12122]  dentry_unlink_inode+0x29c/0x480
[  425.780485][T12122]  __dentry_kill+0x1d0/0x600
[  425.782192][T12122]  dput.part.0+0x4b1/0x9b0
[  425.783852][T12122]  dput+0x1f/0x30
[  425.785210][T12122]  __fput+0x51c/0xb70
[  425.786684][T12122]  ? _raw_spin_unlock_irq+0x23/0x50
[  425.788601][T12122]  task_work_run+0x150/0x240
[  425.790289][T12122]  ? __pfx_task_work_run+0x10/0x10
[  425.792151][T12122]  ? do_raw_spin_unlock+0x172/0x230
[  425.794076][T12122]  do_exit+0x86f/0x2bf0
[  425.795620][T12122]  ? __pfx_do_exit+0x10/0x10
[  425.797360][T12122]  ? do_raw_spin_lock+0x12c/0x2b0
[  425.799198][T12122]  ? find_held_lock+0x2b/0x80
[  425.800930][T12122]  do_group_exit+0xd3/0x2a0
[  425.802684][T12122]  get_signal+0x2671/0x26d0
[  425.804359][T12122]  ? __pfx_get_signal+0x10/0x10
[  425.806136][T12122]  ? do_futex+0x122/0x350
[  425.807746][T12122]  ? __pfx_do_futex+0x10/0x10
[  425.809468][T12122]  arch_do_signal_or_restart+0x8f/0x790
[  425.811484][T12122]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  425.813724][T12122]  ? xfd_validate_state+0x61/0x180
[  425.815604][T12122]  exit_to_user_mode_loop+0x85/0x130
[  425.817596][T12122]  __do_fast_syscall_32+0x240/0x300
[  425.819498][T12122]  do_fast_syscall_32+0x32/0x80
[  425.821274][T12122]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  425.823571][T12122] RIP: 0023:0xf70ed579
[  425.824994][T12122] Code: Unable to access opcode bytes at 0xf70ed54f.
[  425.827407][T12122] RSP: 002b:00000000f549b60c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0
[  425.830287][T12122] RAX: fffffffffffffe00 RBX: 00000000f74b50b8 RCX: 0000000000000080
[  425.833091][T12122] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f74b50bc
[  425.835907][T12122] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000
[  425.838739][T12122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  425.841583][T12122] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  425.844477][T12122]  </TASK>
[  425.846287][T12122] Kernel Offset: disabled
[  425.847725][T12122] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:26:58  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000b7e23d RBX=0000000000000000 RCX=ffffffff8b5d32a9 RDX=0000000000000000
RSI=ffffffff8da27c4d RDI=ffffffff8bf07540 RBP=fffffbfff1c12f40 RSP=ffffffff8e007df8
R8 =0000000000000001 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e097a00 R14=ffffffff908231d0 R15=0000000000000000
RIP=ffffffff8b5d1d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097810000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f74287d8 CR3=00000000639a0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000019000000000 0000000500000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000043 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff852674e5 RDI=ffffffff9adc2de0 RBP=ffffffff9adc2da0 RSP=ffffc900040c70e0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000043 R14=ffffffff9adc2da0 R15=ffffffff85267480
RIP=ffffffff8526750f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097910000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f71260d1 CR3=000000000e182000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f000000000 0000000300000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=ffff88806c6b5b8a RBX=ffffc900035bf320 RCX=0000000000000000 RDX=0000000000000002
RSI=ffff88806c6b5b7a RDI=ffff88806c6b5b8c RBP=ffff88806c6b5b8a RSP=ffffc900035bf110
R8 =0000000000000001 R9 =ffffed100d8d6b71 R10=ffff88806c6b5b8b R11=0000000000000001
R12=0000000000000002 R13=0000000000000002 R14=0000000000000b78 R15=0000000000000b88
RIP=ffffffff8b5d428e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fe2d95b1300 ffffffff 00c00000
GS =0000 ffff888097a10000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055c4ac71f000 CR3=000000004f8aa000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000002c00000012 0004000000080024 0000000000280030
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000696 0000001800000000 0000000000000000 0000000000000017
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f01ffffffffffff ffffed080680032e 0000035f0000000f 0000001200000002
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c70800060140ee00 30656c69662f2e01 ffffffffffffffff ef08018180030008
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0006080020080006 01719c0808000408 00220800060170c8 0480021880c5ba90
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 080001080006011e 8e00080004880300 0800048003000800 05b8820800010000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00080606011df000 0400040800068002 01c70800080049c6 006d766b2f766564
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0001000204ac8c08 000100000c080606 01239e0a00000000 020c082003000000
ZMM25=c1e7fb43c1e7fb43 c1e7fb43c1e7fb43 c1e7fb43c1e7fb43 c1e7fb43c1e7fb43 c1e7fb43c1e7fb43 c1e7fb43c1e7fb43 c1e7fb43c1e7fb43 c1e7fb43c1e7fb43
ZMM26=5a958ec45a958ec4 5a958ec45a958ec4 5a958ec45a958ec4 5a958ec45a958ec4 5a958ec45a958ec4 5a958ec45a958ec4 5a958ec45a958ec4 5a958ec45a958ec4
ZMM27=3e65be9a3e65be9a 3e65be9a3e65be9a 3e65be9a3e65be9a 3e65be9a3e65be9a 3e65be9a3e65be9a 3e65be9a3e65be9a 3e65be9a3e65be9a 3e65be9a3e65be9a
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=1d0e00001d0e0000 1d0e00001d0e0000 1d0e00001d0e0000 1d0e00001d0e0000 1d0e00001d0e0000 1d0e00001d0e0000 1d0e00001d0e0000 1d0e00001d0e0000
info registers vcpu 3

CPU#3
RAX=00000000009ce90d RBX=0000000000000003 RCX=ffffffff8b5d32a9 RDX=0000000000000000
RSI=ffffffff8da27c4d RDI=ffffffff8bf07540 RBP=ffffed10037e5000 RSP=ffffc9000048fde8
R8 =0000000000000001 R9 =ffffed10056a6655 R10=ffff88802b5332ab R11=0000000000000001
R12=0000000000000003 R13=ffff88801bf28000 R14=ffffffff908231d0 R15=0000000000000000
RIP=ffffffff8b5d1d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff888097b10000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f73f9188 CR3=0000000076fff000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000