last executing test programs:

3m2.381765701s ago: executing program 3 (id=1448):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x200, 0x6, 0x4)
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x141040, 0xec)
ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, &(0x7f0000000400)=""/220)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, &(0x7f0000000300)={0xff, [0x7, 0x5, 0xcd600000], [{0xb8f6, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x8001, 0x4a8817c2, 0x0, 0x0, 0x1, 0x1}, {0x3, 0xa, 0x1, 0x0, 0x0, 0x1}, {0x3ff, 0x3, 0x0, 0x0, 0x0, 0x1}, {0x3ff, 0xb49, 0x0, 0x0, 0x1}, {0x80000000, 0x89, 0x0, 0x1, 0x1}, {0x1, 0x1, 0x1, 0x1, 0x1}, {0x2, 0x9, 0x0, 0x0, 0x1, 0x1}, {0x0, 0xffff7fff, 0x1, 0x0, 0x0, 0x1}, {0x10, 0x401, 0x1, 0x1}, {0x200, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x6, 0x2, 0x1, 0x1}], 0x6})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000100), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0300fef0ffffff79a400fe00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b703b000030a00006a0a00fe0000000c850000003d000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="10", @ANYBLOB], 0x210}, 0x1, 0x0, 0x0, 0x20040050}, 0x4008080)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x60, 0x0)

3m1.13160275s ago: executing program 3 (id=1454):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$llc(0xffffffffffffffff, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\x00\x00\x00 (\x00'})
syz_io_uring_setup(0xec7, &(0x7f00000003c0)={0x0, 0x4bb6}, &(0x7f00000002c0)=<r3=>0x0, &(0x7f0000000340))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x47fa, 0x0, 0x10, 0x0, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x820061, &(0x7f00000001c0)=ANY=[@ANYBLOB='size=1'])
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000a00)=ANY=[@ANYBLOB="7f454c4600000000000000000000000002003e0000000000000000000000000093ffffffffffffff00000000000000000000000000003800010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c8d353b4e2fc540aa8fc72690cc7c819b7417e8b1f53f9415acefbcad12a90841dc450f789a27700ec6084e436dcefd0f703c2abbfbb48e6297d0d9c56d9a1be3716a17fe389f1508e79"], 0x878)

2m59.621073117s ago: executing program 3 (id=1469):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="130000001000000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xf, &(0x7f0000000680)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x202}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf000, 0x0, @void, @value}, 0x94)

2m59.620666974s ago: executing program 3 (id=1470):
unshare(0x68040200)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000001980)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x1, 0x34324152, 0x0, 0x0, [{0x3}, {}, {0x1}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2)
syz_emit_vhci(&(0x7f0000001180)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x1a}, @l2cap_cid_le_signaling={{0x16}, @l2cap_ecred_reconf_req={{0x19, 0x90, 0x12}, {0x0, 0x2, [0xd5, 0x4, 0x9514, 0x9, 0x401, 0x1, 0x3]}}}}, 0x1f)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x28, 0x0, @fd_index=0x3})
ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1})

2m59.481749233s ago: executing program 3 (id=1475):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x8, 0x3, 0x210, 0xa4, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x17c, 0xffffffff, 0xffffffff, 0x17c, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x6, 0x70, 0xa4, 0x70}, @common=@inet=@SET3={0x34, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x10}, {0xffff, 0x40}, {0xffffffffffffffff, 0x0, 0x6}}}}, {{@ip={@empty, @remote, 0x0, 0xff, 'netpci0\x00', 'dummy0\x00', {}, {}, 0x0, 0x2, 0x3}, 0x0, 0xa8, 0xd8, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xffffffffffffffff, 0x4, 0x2}, {0x1, 0x0, 0x2}, 0x80, 0x4}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x26c)

2m59.481556903s ago: executing program 3 (id=1476):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="18000000660025"], 0x18}}, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})
r5 = dup(r0)
write$UHID_INPUT(r5, &(0x7f0000001040)={0xe, {"a2e3ad21ed0d52f90b9b500987f70e06d038e7ff7fc6e5539b324b298b089b0708346d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1040}}, 0x1006)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="18000000660025"], 0x18}}, 0x0) (async)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
dup(r2) (async)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') (async)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}}) (async)
dup(r0) (async)
write$UHID_INPUT(r5, &(0x7f0000001040)={0xe, {"a2e3ad21ed0d52f90b9b500987f70e06d038e7ff7fc6e5539b324b298b089b0708346d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1040}}, 0x1006) (async)

2m44.433930352s ago: executing program 32 (id=1476):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="18000000660025"], 0x18}}, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})
r5 = dup(r0)
write$UHID_INPUT(r5, &(0x7f0000001040)={0xe, {"a2e3ad21ed0d52f90b9b500987f70e06d038e7ff7fc6e5539b324b298b089b0708346d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1040}}, 0x1006)
syz_open_dev$tty1(0xc, 0x4, 0x3) (async)
syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="18000000660025"], 0x18}}, 0x0) (async)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
dup(r2) (async)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') (async)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}}) (async)
dup(r0) (async)
write$UHID_INPUT(r5, &(0x7f0000001040)={0xe, {"a2e3ad21ed0d52f90b9b500987f70e06d038e7ff7fc6e5539b324b298b089b0708346d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea567b7b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c78e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1040}}, 0x1006) (async)

2m4.630851188s ago: executing program 0 (id=2022):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000940)=@filter={'filter\x00', 0x2, 0x4, 0x5e4, 0xffffffff, 0x0, 0x30c, 0x30c, 0xfeffffff, 0xffffffff, 0x51c, 0x51c, 0x51c, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [], 'macsec0\x00', 'rose0\x00'}, 0x2f2, 0xa4, 0xc8}, @REJECT={0x24}}, {{@uncond, 0x0, 0x1fc, 0x244, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x4, 0x0, 0x40, 0x318, 0x2, 0xf8e74ba, 0xfe8c, 0x5d8}}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xdd32, 'syz0\x00', {0xbdf}}}}, {{@uncond, 0x0, 0x1dc, 0x210, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@local, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, @private1, @remote, @mcast1, @mcast1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @mcast2, @local, @remote, @private1, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2]}}]}, @common=@inet=@SET3={0x34}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x640)

2m4.630394957s ago: executing program 0 (id=2023):
socket(0x2c, 0xade0d668f5a4bdb3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r1 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000680)={0x1, 0x0, 0x1, 0x0})
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000580)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_tos={0x0, r3, 0x0, 0x3}}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
rmdir(0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000000)={0x1f, @none}, 0x8)
shutdown(0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000340)=ANY=[], 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000a80)={'syz1\x00', {0x0, 0x0, 0x0, 0x3ff}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1a6e], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3c6, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000], [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffd, 0x0, 0x0, 0xa]}, 0x45c)
ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x2)
sendmsg$nl_generic(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000f00)=ANY=[@ANYBLOB="180000002a0009000000000007000000049e002cd9a22f3753640cb20f09eb2560071e1cf1f528c66448da7cbca24b9de2fc105f79fba2d4ee6f30403a77ce4d6e1ae121cbab17291db5210c5b0a68170564dbd560ca5c20a42b32d815d4e9cfcdaf11ff08eea4eb12b8f8e909bf4d89c9f3237bab3ae6cdc7d080548f2e73d0d3f0471bd0b820714e0129ce0f3cc2b109056da7c657ce7d9f2defe5c6e7954a3745d654885d89a92cfcc2271cf77fd4843800"], 0x18}, 0x1, 0x3000000}, 0x20000080)

2m4.151222911s ago: executing program 0 (id=2030):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x26e, 0x490802)
ioctl$EVIOCSABS3F(r0, 0x401845ff, &(0x7f0000000080)={0x5, 0x9, 0x95, 0x6, 0x6, 0x8})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r5}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@dellink={0x4c, 0x10, 0xc03, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}, @IFLA_GRE_ERSPAN_VER={0x5}, @IFLA_GRE_REMOTE={0x8, 0x7, @loopback}]}}}]}, 0x4c}}, 0x0)
bind$can_raw(r2, &(0x7f00000001c0)={0x1d, r5}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=@newtaction={0x88, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0xfffff7e8}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x6558}, 0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}}, 0x0)

2m4.080309653s ago: executing program 0 (id=2032):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), 0xffffffffffffffff)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x2, 0x0)
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
getsockopt$ax25_int(r0, 0x101, 0xa, &(0x7f0000000240), 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x2, &(0x7f0000000000)=[{0x0, 0xc9, 0x0, 0x1}, {0x0, 0x9, 0x0, 0x1}]})
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000080)={0xc0100, 0xa8, 0x18}, 0x6)
fcntl$setownex(r1, 0xf, &(0x7f00000000c0))
r2 = open_tree(r1, &(0x7f0000000100)='./file0\x00', 0x0)
socket$inet6(0xa, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x40000000000ead}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x5)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setscheduler(0x0, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_trie\x00')
sendmsg$nl_route(r4, 0x0, 0x70)
preadv(r4, &(0x7f0000000b00), 0x0, 0x80000001, 0x3)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000630000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x35, 0x0, 0x0)
ioctl$KVM_CAP_HALT_POLL(0xffffffffffffffff, 0x4068aea3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

2m3.750456821s ago: executing program 0 (id=2033):
sendmmsg(0xffffffffffffffff, &(0x7f0000005940)=[{{0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f0000032680)="d5403e907a8fee6bfe09542b3d9cc4f738bd124800223ca299cb48591c9323f2f5dc8bf4419500b4855709669828c66488ac71a85fa0afcf2b6c5a24f1710c24b2b40462a06d13fdd80705eeda0818a76a4a769c04159839c810cabc858e619720c3dddbd1fd3e040a539506199cd4c6bddf5274366b47736e60fe5de692246636c24a6465334cf3b375e256411d2f3534a6b8bf809a8b01a86a1b67f318f3a1a855ab610533e285054155e7a1e9c33d6d758fed379939377977f914f279cf46d62ff715eefca8eae75042a9e647c923b857b5e2a00b42fb690ae01dc293418e02bc5eefaa2c5ca84c8069df98d0b5793de97d3721b5d084b9d913b73c2a4f798edc067986fbd8a7127088a330770e18c48cdf81c3f43d6fe9d096e7731409cdcc1e26068087b4c80c6e466455333664d5239949428731ab624f40adf0d3fc34346580e8ec3e64516795391ef6c99aa3b8bbf71b0c769a9c28409196dd73988f43fbce8896d09f2da8808fa994af9e10e3890554d7e8bcdcbfeb9e2ec608f747899565cf11b346cdb23631488fe7babcfa445ab4bda08c6a5c402fd8e77a90b14bcaab89c635dc150830f564e3ec12d9b2ed51fb920d0f3be9b3f1c543dd56be29e9962b5399aefc2ace1ab5b893f657a9d241fc61ba0a1a231d64460d387a6f0c9d725ea63c1ebce4178caae5bc1b2d841cf5e7921553aeab71d75f20dc067d438e76fb45305a20feadb0e6960be48304e837d48f7b0e5949f53808ae7f4ec00605c8d7913c34d21de1222be2b4a337ee3bab43f4d172a3cf502f020c36443775df2a7b4c0d71bf667e311e6a1af550ecda9606b46899f5c58d924362c9f270e3f74b71aafbe199a57c6bcf32a26ad04c5544cfabd37338f9f1daab3db8a294ec6f7e47e9d89c4234c95137578c6c7ff3fa3dc56fc182713a0d5a22b99b0b6c71ffa6fa22d09e6471622f0ae0ff21fafbc267b09f5e6ea526d2ed7bf34484339c8fc923f8d012198f7fb90b6218a4139d7c5dcc979b0c1d5c292c0047ddf92d1af436a72faeadbe900673a6633c6eae16c55df2f8313ec726007e80c2d95dc383307efa1b759b58ef01587848e31973f2d37cad957f67d397f8c2a35f6652bab2fcfe26d13765f6aa8c9f1e5077a30618bce769e2d4379eddfeffe4be2443a5f34c2a566f507abf243930c8d2c2b08120f3174b301c912a987a356d49ba94842df3531c028c0fac654e31c2ba71e2b6fcc3790f66e86aca693c64dee43c6f37ef735cc4575f9c80a73f5630de731d77b885b8c1ce1b83ff917577410a53c0a0e573e32a03d412ea07732b50ec533ec427681ab370bd6dc7a403f90c7e788e64f6ca4afe803e8c1726b57b812b925567bda2e4a00bb5add2052dae7f13595f2da9034b6f80dd69bf538e71bbe8029af47174a9f347bb180affbfde5b21f4edba79c14f2328d54746f81c64626dd5b30fb0d52b11082ab1840ce0c79b569ea2435d88ffd047447b92a2b1ae7a3756befb8cf4f85fe0dc5189140fd2ad57cae7b0a38b1b8ea501901bb66aa8e5a0d952c8c2e934bd6bc2fe2630fb9850a4d93ff41097ee5d7c8a3c90d74960cc792d3e996c65c8e39810e659a29e56df410931e8bcc59b0b4b9bba88ac8b67479287745e739bb65096ca036cd0d742626723ab9257e20104cf40daea7dc394e25c00a4ad7a7b7a97939dc9d77899b68e1adec422bb73dac5af5156134410d22baee949dbba3a9af5d1f47786080160b83acd2642d63be9cd78a8f7e29c5665050c7fd95328e7c8bb30024fa3ccadb12b57f46e0bf3186fcbc4e6208a6c2ecabf5a42efe97ce171ee81967b6d18e59758a7f108509f79f824e11b444004c5eb29b4fab23fbfbb55966b5461d8bcceb2f6573183d9efc29b280e8e9ae19088b636e9c579fd76017e13bfe3c9b61b35ea6abefe9cd5f840e44f32071bee278874e134bd4c31c88d4584dde45ed38999edbf33cce7f1956a8c991bfe0790e541bca657e5104aa5a42e7edf83399886ab70266bd62d67aa9df126a1108927a5009f142518a4cc856f2e3220606a7364b331dd9cf184d1a1ce987c24a3492f26a95b71fffc95c1e6348240ad1a1cc04fa8eeb7681e21394e16fff1556e741ec65e313f2c5744dec88efdb8e8fca7895713986f58cd20bec70b12cc8f42ed5617f8fe9d7f95b895740ecbdf8932adc58d663b4937e9a7e5b3c6dff22d0eada1229467c2eafc58c5f2831a03d98fee496eb245fe8313275c430b2ad573d413b4662d8a9af8f225f54d99b6e3e427989aa16ee3d72bd780f2bfc524a6e9072ac1d38097573f720d4daa2451ed7ae38c27ceef24ca80d601aab9c75d8cc85976008537142416f1c774e58eca6d756c881ba0b8ef14703f95b4d5c032d47f709ff0022f9011ffbe9eef51df5b5de8a036ba233e5044ed640db56374ccabbd5cf142bcc580ab0adb8af13669b2318d0afcebcd7c899d7b31e55286813fcedb68a2c94cb7ef813edc7c94d4056795bb58da44f608c19962d7ea9cc1c993ccf8c2e7254cebf5f56ffc7b9b3a42a3a56a591a65f0ce86187c43b873084ed47b31e045f1d56091ea3281c462204ebcb1e6a494b6a2834da18f113e2e01dc5093acd1718aa0d3b7527e5d674f430cc65ad8c377e0621759e18e66fd180ebc647bc905b105c86c2d3d1a1ac0fcd330b4a53d647443a66ad83f4848c2acc7a3483309be2490edba19d8c43316c1650f5dc8e0293133ce372d6c5599cab73780b7d9fb104e18a356efd8d9e93c0bb553d4f2b84827bb26ec994f0f9c949730362f8d64038e5e42972084023a95d542a8f8a98f1b307adbaa85b377f1cc205bc202cd30949be22d8a22e1828b7c8af6b5ff1f5215002975bcdd5b576b442732c52b08a645808044961ce6b106a3700bf0fbb32d63364bd97dc892e6f4ce1c6ad3bfc748b388410e4b3f851411049ea88b8f82954ea0959ac417fa0853ba13781f40111f5ac35b14d4c279f9d4f006bdff943990545ac89d384310209f1c2e5b55d9569dc5198fd861b5d87747fc7226da9ceead77ca3f6b03b56527c1ff74c3b223e1b4ea0697d70e2cc33ba10db530e1a722c3f708924333b99decec8f59cc90e4d19cf4de976059d2255e7a8f1850ed649b0094aaf087862d1ab05adcfbd1d9fabdf9e20afa3cbe44d9c11de93fbb8224a971f02b5c4e6761a05a03e44f9c9f35c002061bb5b2f0ce9ba53f65b1af2530783ab8b03b9b1c9e92201840524a298a7f90f106025806cddd19f65a96078d2314a8ddffa3be95da0a4abebc07e4d79bb8101ea5f3105928d26d71e504851c044cd2459f55bd98e9", 0x93b}], 0x1}}], 0x1, 0x4040060)
pread64(0xffffffffffffffff, &(0x7f000004bfc0)=""/102385, 0xfffffffffffffd2e, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000080)='cpuset.cpu_exclusive\x00', 0x2, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000180)=0x6)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000040))
shutdown(0xffffffffffffffff, 0x1)
pipe(&(0x7f0000000400)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
close(r7)
r8 = socket(0x11, 0x803, 0x0)
sendto$l2tp(r0, &(0x7f0000000500)="5a6057da8c50b1a97dce32db8278c752a6568d000000003d2e3506db73f4476878a3649a626ab8a30348e3d1827c0e058ab9d3a427a67ce135ee71e3553d954c2a9dad589a1b021a297acb6215d8478f0127a46a7ad8ae550a89a68811166274f16bd98d", 0x64, 0x8094, 0x0, 0x0)
setsockopt$packet_tx_ring(r8, 0x107, 0xd, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
write$binfmt_misc(r6, &(0x7f0000000300)="cf29d238e0472f7e9d354ce7c16e811451e6abe11bb9484ee27a36533c4106615b54d6383dc88700000000c1c857e6acde98d876395440df625e7fced141d3ceaaddff7a3f7ce444d77e75d650c48e59a47ea8273a3c2c0ce442ba5d07266a0fe23f1d2a3bab7d3d4270b2fe4a877613d889ac4065f3f70ae378d073550724a2af7223f441c80ad009ac5a8904bf5630d6cb8dc57100365e06c99fa7d9a8e9ce41d909dd45c4de92b30e6a94bb791f47d2c170452e8049130cf5", 0xba)
splice(r5, 0x0, r7, 0x0, 0x4ffe6, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f00000013c0))
read$dsp(r4, &(0x7f0000000440)=""/171, 0xab)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x200000000000011, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="f00000000000000000000000000000f5a35b0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

2m2.431152437s ago: executing program 0 (id=2046):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001880)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='netlink_extack\x00', r1}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000020287be4926b95"], 0x48)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r3, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
r5 = socket$inet6(0xa, 0x3, 0x94)
setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x80000, @empty}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="d40000002900000004000000291700000000000007380c00000000000000080000000000000009000000000000000600000000000000ec7b000000000000c20400000003c91000000000000000000000000000000001c20400000006c910fc010000000000000000000000000000c910000000000000000000000000000000000740000000020efb01000400000000000000090000000000000005000000000000000300000000000000030000000000000007000000000000000200"/212], 0xd4}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="54010000100033"], 0x154}}, 0x0)
r6 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r7=>0x0})
bind$can_j1939(r6, &(0x7f0000000200)={0x1d, r7, 0x1}, 0x18)
sendmsg$NL80211_CMD_RADAR_DETECT(r6, &(0x7f000000a4c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYRES8=r2, @ANYRES8=r2, @ANYRES8=r1, @ANYRES8=r3, @ANYRESOCT=r7, @ANYRES8=r1, @ANYRESOCT=r3, @ANYRESHEX=0x0], 0x20}}, 0xc010)
chdir(&(0x7f0000000240)='./file0\x00')
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r8 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
read$msr(r8, &(0x7f000000a500)=""/102400, 0xfffffffffffffe3b)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r9, 0x10f, 0x80, &(0x7f0000001640)=0x4f1d, 0x4)
gettid()

1m47.4608324s ago: executing program 33 (id=2046):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001880)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='netlink_extack\x00', r1}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000020287be4926b95"], 0x48)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r3, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
r5 = socket$inet6(0xa, 0x3, 0x94)
setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x80000, @empty}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="d40000002900000004000000291700000000000007380c00000000000000080000000000000009000000000000000600000000000000ec7b000000000000c20400000003c91000000000000000000000000000000001c20400000006c910fc010000000000000000000000000000c910000000000000000000000000000000000740000000020efb01000400000000000000090000000000000005000000000000000300000000000000030000000000000007000000000000000200"/212], 0xd4}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="54010000100033"], 0x154}}, 0x0)
r6 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r7=>0x0})
bind$can_j1939(r6, &(0x7f0000000200)={0x1d, r7, 0x1}, 0x18)
sendmsg$NL80211_CMD_RADAR_DETECT(r6, &(0x7f000000a4c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYRES8=r2, @ANYRES8=r2, @ANYRES8=r1, @ANYRES8=r3, @ANYRESOCT=r7, @ANYRES8=r1, @ANYRESOCT=r3, @ANYRESHEX=0x0], 0x20}}, 0xc010)
chdir(&(0x7f0000000240)='./file0\x00')
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240), 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r8 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
read$msr(r8, &(0x7f000000a500)=""/102400, 0xfffffffffffffe3b)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r9, 0x10f, 0x80, &(0x7f0000001640)=0x4f1d, 0x4)
gettid()

1.640166807s ago: executing program 4 (id=3375):
r0 = io_uring_setup(0x667e, &(0x7f00000003c0)={0x0, 0x0, 0x2})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000000)=[0x223c, 0x7], 0x2)

1.639896325s ago: executing program 4 (id=3377):
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r1)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setregid(r3, 0x0)

1.560195688s ago: executing program 4 (id=3378):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2, 0x0, 0x4}, 0x18)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x2100000000000000, 0x0, 0x0)
sendmsg$nl_xfrm(r3, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01dfffffff000000000021"], 0x20}}, 0x0)

1.480113605s ago: executing program 4 (id=3380):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae091f75cd9701ffa62891f686bfbb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003875c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9e"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
readv(r2, &(0x7f0000002140)=[{&(0x7f00000014c0)=""/30, 0x1e}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xc, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x53}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x40000005, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000100)={0x0, r0}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000015c0)={0xb, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r6}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x20001400)

1.410018423s ago: executing program 1 (id=3383):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000900)='/sys/power/wakeup_count', 0x42, 0x0)
pwritev2(r2, &(0x7f0000000540)=[{&(0x7f0000000100)="9f", 0x1}], 0x1, 0x97d, 0x4, 0x13)

1.339579127s ago: executing program 1 (id=3384):
r0 = socket(0x840000000002, 0x3, 0xff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)
sendmmsg$inet(r0, &(0x7f0000002c80)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000900)="a9050000000074640000000000003552bde5c064", 0x14}], 0x1}}], 0x1, 0x0)

1.339436712s ago: executing program 1 (id=3385):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000400000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000006000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)={0x20, r0, 0x1, 0x0, 0x0, {0x1a}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}}, 0x0)

1.269952334s ago: executing program 1 (id=3386):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000700000000000000", @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

570.31408ms ago: executing program 4 (id=3392):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0)
r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
fchdir(r2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.numa_stat\x00', 0x26e1, 0x0)

520.232658ms ago: executing program 4 (id=3395):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f0000741000/0x4000)=nil, 0x4000)

519.847931ms ago: executing program 5 (id=3397):
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00\x00\x00\x00'], 0x30, 0x4000800}], 0x1, 0x24004004)
io_setup(0x8, &(0x7f0000000000))
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
pipe2$9p(&(0x7f00000003c0), 0x80800)
r2 = openat$loop_ctrl(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)

444.974553ms ago: executing program 2 (id=3399):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000800)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "82d2f3", 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2}}}}, 0x0)

360.055456ms ago: executing program 2 (id=3400):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x2000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x140, 0x0)
pread64(r2, 0x0, 0x0, 0x9)

359.876468ms ago: executing program 1 (id=3401):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=@newtaction={0xb4, 0x30, 0x48b, 0x0, 0x0, {}, [{0xa0, 0x1, [@m_ctinfo={0x48, 0x2, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x9, 0x5a, 0x0, 0x2, 0xfffffffa}}]}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0xfffffffe}, @multicast2, @remote}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4890}, 0x0)

359.669487ms ago: executing program 2 (id=3402):
symlink(&(0x7f0000000880)='.\x00', &(0x7f00000008c0)='./file0\x00')
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r2, 0x0, 0x30, 0x12, @val=@uprobe_multi={&(0x7f00000028c0)='./file0\x00', &(0x7f0000002900)=[0x4], 0x0, 0x4, 0x100000}}, 0x40)

359.539793ms ago: executing program 1 (id=3403):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0xa, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f0000000300), &(0x7f0000000340)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000008500", @ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000540)={'\x00', 0x7ff, 0x200006, 0xc, 0xb, 0x59c, 0xffffffffffffffff})
ioctl$SG_BLKTRACETEARDOWN(r2, 0x1276, 0x0)

316.287637ms ago: executing program 2 (id=3404):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

250.111416ms ago: executing program 2 (id=3405):
unshare(0x28000600)
fchmod(0xffffffffffffffff, 0xa4)

249.928412ms ago: executing program 5 (id=3406):
r0 = socket(0x1e, 0x805, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@id={0x1e, 0x3, 0x1}, 0x10)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={0x0}}, 0x4004010)

249.785703ms ago: executing program 2 (id=3407):
syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a00)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000540)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
syz_clone(0xa00200, 0x0, 0xfffffffffffffef2, 0x0, 0x0, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000640), 0x40)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xa0bf83d7d46f2cbb})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x40505330, &(0x7f00000000c0)={0x800080, 0x0, 0x0, 0x0, 0xa965, 0x2})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0x541b, &(0x7f0000000000)={<r5=>0xffffffffffffffff, 0xffffffffffffff00})
close_range(r5, 0xffffffffffffffff, 0x0)

199.913196ms ago: executing program 5 (id=3408):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffff1d, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000100)=ANY=[])

199.699931ms ago: executing program 5 (id=3409):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a00010071756f7461000000100002800c0001"], 0x118}}, 0x0)

68.888611ms ago: executing program 5 (id=3410):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000850000000800000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000300)='sys_enter\x00', r0, 0x0, 0x4}, 0x18)
utimes(0x0, 0x0)
restart_syscall()

0s ago: executing program 5 (id=3411):
pipe(0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/notes', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100)

kernel console output (not intermixed with test programs):

3 Device [syz0] on syz1
[  294.037077][T13408] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2318'.
[  294.242377][T13419] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2320'.
[  294.264252][ T5966] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  295.229645][T13431] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  295.706056][T13446] openvswitch: netlink: Actions may not be safe on all matching packets
[  296.451609][ T5966] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  298.218887][T13491] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2343'.
[  298.280866][T13493] netlink: 'syz.5.2343': attribute type 4 has an invalid length.
[  299.149486][T13501] openvswitch: netlink: Actions may not be safe on all matching packets
[  299.231586][T13505] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2346'.
[  300.392705][T13521] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2351'.
[  300.525836][T13525] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  300.528277][T13525] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  300.530580][T13525] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  300.532960][T13525] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  300.535360][T13525] vxlan0: entered promiscuous mode
[  300.536788][T13525] vxlan0: entered allmulticast mode
[  300.540053][T13525] batman_adv: batadv0: Adding interface: vxlan0
[  300.541758][T13525] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  300.548862][T13525] batman_adv: batadv0: Interface activated: vxlan0
[  300.609897][T13528] kexec: Could not allocate control_code_buffer
[  300.729900][T13536] xt_hashlimit: size too large, truncated to 1048576
[  300.748278][T13536] Cannot find add_set index 0 as target
[  301.259114][T13548] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2361'.
[  301.628937][T13559] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2365'.
[  301.632867][T13559] geneve0: entered promiscuous mode
[  301.634391][T13559] geneve0: entered allmulticast mode
[  301.816094][T13570] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2368'.
[  302.050891][T13575] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2370'.
[  303.604923][T13598] netlink: 100 bytes leftover after parsing attributes in process `syz.4.2377'.
[  303.757232][T13608] openvswitch: netlink: Actions may not be safe on all matching packets
[  303.993559][ T9577] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  304.143119][ T9577] usb 7-1: Using ep0 maxpacket: 8
[  304.147076][ T9577] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  304.149221][ T9577] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  304.151793][ T9577] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  304.154808][ T9577] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  304.157362][ T9577] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  304.160698][ T9577] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  304.163095][ T9577] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.378900][ T9577] usb 7-1: usb_control_msg returned -32
[  304.380430][ T9577] usbtmc 7-1:16.0: can't read capabilities
[  304.744201][T13623] mkiss: ax0: crc mode is auto.
[  304.771983][T13626] overlayfs: failed to resolve './file1': -2
[  304.931857][T13637] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2388'.
[  305.201533][T13639] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  305.204288][T13639] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  305.218108][T13638] usbtmc 7-1:16.0: usb_control_msg returned -32
[  305.298184][ T6074] usb 7-1: USB disconnect, device number 18
[  305.326897][T13645] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2390'.
[  305.603240][ T5998] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  305.774780][ T5998] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  305.777830][ T5998] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  305.780370][ T5998] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  305.782549][ T5998] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  305.791996][ T5998] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  305.795050][ T5998] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  305.798609][ T5998] usb 9-1: Product: syz
[  305.799781][ T5998] usb 9-1: Manufacturer: syz
[  305.806847][ T5998] cdc_wdm 9-1:1.0: skipping garbage
[  305.808634][ T5998] cdc_wdm 9-1:1.0: skipping garbage
[  305.812955][ T5998] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  305.814564][ T5998] cdc_wdm 9-1:1.0: Unknown control protocol
[  305.858533][T13647] SET target dimension over the limit!
[  306.079593][T13645] xt_hashlimit: max too large, truncated to 1048576
[  306.084961][T13645] xt_hashlimit: overflow, try lower: 0/0
[  306.741681][T13665] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2400'.
[  306.745978][T13665] vlan4: entered promiscuous mode
[  306.746924][T13668] fuse: Bad value for 'fd'
[  306.757631][T13665] vlan4: entered allmulticast mode
[  306.925212][T13673] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2402'.
[  306.979714][T13670] fuse: Bad value for 'fd'
[  307.057851][   T39] audit: type=1326 audit(1731862334.337:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13669 comm="syz.2.2401" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f71579 code=0x0
[  307.311844][T13679] mkiss: ax0: crc mode is auto.
[  308.013136][T13685] block nbd2: Device being setup by another task
[  308.189033][T13688] block nbd2: NBD_DISCONNECT
[  308.209084][T13683] block nbd2: Disconnected due to user request.
[  308.210689][T13683] block nbd2: shutting down sockets
[  308.246494][ T5998] usb 9-1: USB disconnect, device number 6
[  308.315754][T13695] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2405'.
[  309.205157][ T5966] Bluetooth: hci3: Invalid handle: 0x5800 > 0x0eff
[  309.229888][T13723] tipc: Started in network mode
[  309.231233][T13723] tipc: Node identity 963530dff1f1, cluster identity 4711
[  309.234054][T13723] tipc: Enabled bearer <eth:syzkaller0>, priority 7
[  309.238349][T13723] ªªªªªª: renamed from syzkaller0
[  309.241056][T13723] tipc: Disabling bearer <eth:syzkaller0>
[  310.390481][T13754] tmpfs: Bad value for 'mpol'
[  310.394956][T13754] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2428'.
[  310.401102][T13752] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491
[  310.465762][T13752] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2427'.
[  310.726403][T13764] 8021q: adding VLAN 0 to HW filter on device bond6
[  310.812313][T13767] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2433'.
[  310.818437][T13767] netlink: 'syz.1.2433': attribute type 4 has an invalid length.
[  312.084039][   T39] audit: type=1326 audit(1731862339.367:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13791 comm="syz.2.2440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7fc00000
[  312.294305][T13795] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  312.303609][T13795] 8021q: adding VLAN 0 to HW filter on device bond1
[  312.778611][   T39] audit: type=1326 audit(1731862340.057:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13791 comm="syz.2.2440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7fc00000
[  312.841405][ T5959] Bluetooth: hci4: Invalid handle: 0x5800 > 0x0eff
[  312.979254][T13812] mkiss: ax0: crc mode is auto.
[  313.317535][T13817] mkiss: ax1: crc mode is auto.
[  314.579523][T13829] SET target dimension over the limit!
[  314.637099][T13833] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2456'.
[  314.641013][T13833] vlan2: entered promiscuous mode
[  314.642348][T13833] vlan2: entered allmulticast mode
[  314.885594][T13843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.892486][T13843] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  315.303679][T13851] mkiss: ax0: crc mode is auto.
[  315.487174][T13850] netlink: 96 bytes leftover after parsing attributes in process `syz.5.2462'.
[  316.122439][ T5966] Bluetooth: hci3: Invalid handle: 0x5800 > 0x0eff
[  316.536107][ T5959] Bluetooth: hci3: Invalid handle: 0x5800 > 0x0eff
[  316.776499][T13883] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2473'.
[  316.867864][ T5966] Bluetooth: hci5: Invalid handle: 0x5800 > 0x0eff
[  316.870286][ T5959] Bluetooth: hci3: Invalid handle: 0x5800 > 0x0eff
[  317.390715][T13896] FAULT_INJECTION: forcing a failure.
[  317.390715][T13896] name failslab, interval 1, probability 0, space 0, times 0
[  317.394107][T13896] CPU: 3 UID: 0 PID: 13896 Comm: syz.4.2478 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  317.396750][T13896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  317.399397][T13896] Call Trace:
[  317.400239][T13896]  <TASK>
[  317.401017][T13896]  dump_stack_lvl+0x16c/0x1f0
[  317.402211][T13896]  should_fail_ex+0x497/0x5b0
[  317.403434][T13896]  ? fs_reclaim_acquire+0xae/0x150
[  317.404804][T13896]  should_failslab+0xc2/0x120
[  317.406056][T13896]  __kmalloc_node_noprof+0xd1/0x440
[  317.407404][T13896]  ? __vmalloc_node_range_noprof+0x3d8/0x15a0
[  317.408927][T13896]  __vmalloc_node_range_noprof+0x3d8/0x15a0
[  317.410412][T13896]  ? hlock_class+0x4e/0x130
[  317.411540][T13896]  ? kernel_read_file+0x682/0x7f0
[  317.412835][T13896]  ? hlock_class+0x4e/0x130
[  317.414025][T13896]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  317.415915][T13896]  ? ima_read_file+0x13d/0x1a0
[  317.417113][T13896]  ? __pfx_ima_read_file+0x10/0x10
[  317.418377][T13896]  ? kernel_read_file+0x682/0x7f0
[  317.419658][T13896]  vmalloc_noprof+0x6b/0x90
[  317.420860][T13896]  ? kernel_read_file+0x682/0x7f0
[  317.422133][T13896]  kernel_read_file+0x682/0x7f0
[  317.423376][T13896]  ? __pfx_kernel_read_file+0x10/0x10
[  317.424592][T13896]  ? __pfx___lock_acquire+0x10/0x10
[  317.425961][T13896]  ? __lock_acquire+0xbdd/0x3ce0
[  317.427261][T13896]  init_module_from_file+0xa0/0x120
[  317.428632][T13896]  ? __pfx_init_module_from_file+0x10/0x10
[  317.430176][T13896]  ? lock_acquire+0x2f/0xb0
[  317.431349][T13896]  ? idempotent_init_module+0x121/0x750
[  317.432779][T13896]  ? do_raw_spin_unlock+0x172/0x230
[  317.434140][T13896]  idempotent_init_module+0x231/0x750
[  317.435538][T13896]  ? trace_lock_acquire+0x14a/0x1d0
[  317.436810][T13896]  ? __pfx_idempotent_init_module+0x10/0x10
[  317.438277][T13896]  __ia32_sys_finit_module+0xb9/0x130
[  317.439667][T13896]  __do_fast_syscall_32+0x73/0x120
[  317.441029][T13896]  do_fast_syscall_32+0x32/0x80
[  317.442315][T13896]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  317.443964][T13896] RIP: 0023:0xf7f15579
[  317.445036][T13896] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  317.449925][T13896] RSP: 002b:00000000f569655c EFLAGS: 00000296 ORIG_RAX: 000000000000015e
[  317.452053][T13896] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000
[  317.454112][T13896] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000000
[  317.456159][T13896] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  317.458236][T13896] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  317.460286][T13896] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  317.462348][T13896]  </TASK>
[  317.463228][    C3] vkms_vblank_simulate: vblank timer overrun
[  317.469040][T13896] syz.4.2478: vmalloc error: size 4096, failed to allocated page array size 8, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  317.475594][T13896] CPU: 3 UID: 0 PID: 13896 Comm: syz.4.2478 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  317.478324][T13896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  317.481109][T13896] Call Trace:
[  317.481994][T13896]  <TASK>
[  317.482772][T13896]  dump_stack_lvl+0x16c/0x1f0
[  317.484004][T13896]  warn_alloc+0x24d/0x3a0
[  317.485145][T13896]  ? __pfx_warn_alloc+0x10/0x10
[  317.486435][T13896]  ? dump_stack_lvl+0x197/0x1f0
[  317.487720][T13896]  ? dump_stack_lvl+0x1a1/0x1f0
[  317.489007][T13896]  ? should_fail_ex+0x2de/0x5b0
[  317.490294][T13896]  ? rcu_is_watching+0x12/0xc0
[  317.491503][T13896]  ? trace_kmalloc+0x2d/0xe0
[  317.492708][T13896]  ? __kmalloc_node_noprof+0x22f/0x440
[  317.494092][T13896]  __vmalloc_node_range_noprof+0x114a/0x15a0
[  317.495585][T13896]  ? hlock_class+0x4e/0x130
[  317.496785][T13896]  ? kernel_read_file+0x682/0x7f0
[  317.498113][T13896]  ? hlock_class+0x4e/0x130
[  317.499308][T13896]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  317.500943][T13896]  ? ima_read_file+0x13d/0x1a0
[  317.502217][T13896]  ? __pfx_ima_read_file+0x10/0x10
[  317.503554][T13896]  ? kernel_read_file+0x682/0x7f0
[  317.504870][T13896]  vmalloc_noprof+0x6b/0x90
[  317.506073][T13896]  ? kernel_read_file+0x682/0x7f0
[  317.507386][T13896]  kernel_read_file+0x682/0x7f0
[  317.508672][T13896]  ? __pfx_kernel_read_file+0x10/0x10
[  317.510094][T13896]  ? __pfx___lock_acquire+0x10/0x10
[  317.511451][T13896]  ? __lock_acquire+0xbdd/0x3ce0
[  317.512749][T13896]  init_module_from_file+0xa0/0x120
[  317.514121][T13896]  ? __pfx_init_module_from_file+0x10/0x10
[  317.515645][T13896]  ? lock_acquire+0x2f/0xb0
[  317.516800][T13896]  ? idempotent_init_module+0x121/0x750
[  317.518142][T13896]  ? do_raw_spin_unlock+0x172/0x230
[  317.519467][T13896]  idempotent_init_module+0x231/0x750
[  317.520801][T13896]  ? trace_lock_acquire+0x14a/0x1d0
[  317.522119][T13896]  ? __pfx_idempotent_init_module+0x10/0x10
[  317.523614][T13896]  __ia32_sys_finit_module+0xb9/0x130
[  317.524896][T13896]  __do_fast_syscall_32+0x73/0x120
[  317.526193][T13896]  do_fast_syscall_32+0x32/0x80
[  317.527358][T13896]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  317.528983][T13896] RIP: 0023:0xf7f15579
[  317.530062][T13896] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  317.535012][T13896] RSP: 002b:00000000f569655c EFLAGS: 00000296 ORIG_RAX: 000000000000015e
[  317.537050][T13896] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000
[  317.539101][T13896] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000000
[  317.541157][T13896] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  317.543215][T13896] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  317.545256][T13896] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  317.547232][T13896]  </TASK>
[  317.548142][    C3] vkms_vblank_simulate: vblank timer overrun
[  317.552412][T13896] Mem-Info:
[  317.553323][T13896] active_anon:6453 inactive_anon:225 isolated_anon:0
[  317.553323][T13896]  active_file:12186 inactive_file:13716 isolated_file:0
[  317.553323][T13896]  unevictable:768 dirty:397 writeback:0
[  317.553323][T13896]  slab_reclaimable:8691 slab_unreclaimable:90043
[  317.553323][T13896]  mapped:25578 shmem:1443 pagetables:702
[  317.553323][T13896]  sec_pagetables:316 bounce:0
[  317.553323][T13896]  kernel_misc_reclaimable:0
[  317.553323][T13896]  free:37882 free_pcp:1300 free_cma:0
[  317.566939][T13896] Node 0 active_anon:6504kB inactive_anon:832kB active_file:5912kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4484kB dirty:44kB writeback:0kB shmem:2984kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9520kB pagetables:908kB sec_pagetables:1148kB all_unreclaimable? yes
[  317.575804][T13896] Node 1 active_anon:19268kB inactive_anon:68kB active_file:42832kB inactive_file:54864kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99828kB dirty:1544kB writeback:0kB shmem:2788kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3768kB pagetables:1992kB sec_pagetables:116kB all_unreclaimable? no
[  317.586472][T13896] Node 0 DMA free:2980kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:460kB inactive_anon:100kB active_file:164kB inactive_file:0kB unevictable:0kB writepending:4kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:492kB local_pcp:68kB free_cma:0kB
[  317.593628][T13896] lowmem_reserve[]: 0 273 0 0 0
[  317.594932][T13896] Node 0 DMA32 free:19580kB boost:2048kB min:15952kB low:19428kB high:22904kB reserved_highatomic:4096KB active_anon:6044kB inactive_anon:732kB active_file:5748kB inactive_file:0kB unevictable:1536kB writepending:40kB present:1032196kB managed:306284kB mlocked:0kB bounce:0kB free_pcp:388kB local_pcp:0kB free_cma:0kB
[  317.602503][T13896] lowmem_reserve[]: 0 0 0 0 0
[  317.616672][T13896] Node 1 DMA32 free:125376kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB active_anon:19368kB inactive_anon:68kB active_file:42832kB inactive_file:54864kB unevictable:1536kB writepending:1544kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:5204kB local_pcp:1528kB free_cma:0kB
[  317.624726][T13896] lowmem_reserve[]: 0 0 0 0 0
[  317.626001][T13896] Node 0 DMA: 53*4kB (UM) 72*8kB (UM) 35*16kB (UM) 33*32kB (UM) 9*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2980kB
[  317.630361][T13896] Node 0 DMA32: 296*4kB (UMH) 76*8kB (UMEH) 30*16kB (UME) 61*32kB (UMEH) 59*64kB (UMEH) 24*128kB (UME) 7*256kB (UM) 3*512kB (U) 3*1024kB (UM) 1*2048kB (M) 0*4096kB = 19520kB
[  317.635303][T13896] Node 1 DMA32: 133*4kB (UME) 1137*8kB (UME) 444*16kB (UME) 684*32kB (UME) 560*64kB (UME) 81*128kB (UME) 18*256kB (UM) 17*512kB (UM) 6*1024kB (UM) 7*2048kB (MH) 2*4096kB (U) = 126812kB
[  317.640058][T13896] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  317.642628][T13896] Node 0 hugepages_total=1 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  317.645935][T13896] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  317.648503][T13896] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  317.650977][T13896] 27346 total pagecache pages
[  317.652271][T13896] 1 pages in swap cache
[  317.653788][T13896] Free swap  = 124040kB
[  317.655117][T13896] Total swap = 124996kB
[  317.656732][T13896] 524155 pages RAM
[  317.658341][T13896] 0 pages HighMem/MovableOnly
[  317.659944][T13896] 206681 pages reserved
[  317.661414][T13896] 0 pages cma reserved
[  317.949503][T13914] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2482'.
[  318.304594][T13922] FAULT_INJECTION: forcing a failure.
[  318.304594][T13922] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  318.308155][T13922] CPU: 3 UID: 0 PID: 13922 Comm: syz.5.2483 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  318.310812][T13922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  318.313579][T13922] Call Trace:
[  318.314473][T13922]  <TASK>
[  318.315250][T13922]  dump_stack_lvl+0x16c/0x1f0
[  318.316532][T13922]  should_fail_ex+0x497/0x5b0
[  318.317808][T13922]  _copy_from_user+0x2e/0xd0
[  318.319051][T13922]  video_usercopy+0xc62/0x1500
[  318.320336][T13922]  ? __pfx___video_do_ioctl+0x10/0x10
[  318.321803][T13922]  ? __pfx_video_usercopy+0x10/0x10
[  318.323233][T13922]  v4l2_ioctl+0x1ba/0x250
[  318.324429][T13922]  v4l2_compat_ioctl32+0x214/0x2c0
[  318.325823][T13922]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  318.327350][T13922]  __do_compat_sys_ioctl+0x259/0x2b0
[  318.328762][T13922]  __do_fast_syscall_32+0x73/0x120
[  318.330152][T13922]  do_fast_syscall_32+0x32/0x80
[  318.331477][T13922]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  318.333215][T13922] RIP: 0023:0xf73ce579
[  318.334497][T13922] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  318.339600][T13922] RSP: 002b:00000000f56b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  318.341702][T13922] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000004020565a
[  318.343821][T13922] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000000000000
[  318.345960][T13922] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  318.348304][T13922] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  318.350344][T13922] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  318.352367][T13922]  </TASK>
[  318.353320][    C3] vkms_vblank_simulate: vblank timer overrun
[  318.422707][ T5966] Bluetooth: hci3: Invalid handle: 0x5800 > 0x0eff
[  318.675398][T13927] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2485'.
[  318.693913][T13928] netlink: 'syz.4.2485': attribute type 9 has an invalid length.
[  318.695838][T13928] netlink: 134660 bytes leftover after parsing attributes in process `syz.4.2485'.
[  318.698375][T13927] netlink: 'syz.4.2485': attribute type 9 has an invalid length.
[  318.700405][T13927] netlink: 134660 bytes leftover after parsing attributes in process `syz.4.2485'.
[  318.877383][T13941] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2491'.
[  318.888542][T13941] vlan2: entered promiscuous mode
[  318.889897][T13941] bridge0: entered promiscuous mode
[  318.892036][T13941] vlan2: entered allmulticast mode
[  318.893959][T13941] bridge0: entered allmulticast mode
[  319.393050][ T5960] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  319.563040][ T5960] usb 10-1: Using ep0 maxpacket: 8
[  319.567571][ T5960] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  319.576178][ T5960] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  319.578702][ T5960] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.582020][ T5960] usb 10-1: config 0 descriptor??
[  319.614915][ T5959] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  319.620646][ T5959] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  319.623609][ T5959] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  319.627776][ T5959] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  319.630000][ T5959] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  319.632378][ T5959] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  319.738602][T13975] syz.2.2502[13975] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  319.738649][T13975] syz.2.2502[13975] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  319.765986][T13975] syz.2.2502[13975] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  319.790220][T13965] chnl_net:caif_netlink_parms(): no params data found
[  319.790764][ T5960] iowarrior 10-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  319.840052][ T5960] usb 6-1: USB disconnect, device number 7
[  319.861217][T13965] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.863347][T13965] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.866172][T13965] bridge_slave_0: entered allmulticast mode
[  319.869035][T13965] bridge_slave_0: entered promiscuous mode
[  319.902879][T10146] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.912208][T13965] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.915063][T13965] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.916932][T13965] bridge_slave_1: entered allmulticast mode
[  319.918921][T13965] bridge_slave_1: entered promiscuous mode
[  319.942684][T13965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  319.947180][T13965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  319.979257][T13965] team0: Port device team_slave_0 added
[  320.003381][T10146] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.015527][T13965] team0: Port device team_slave_1 added
[  320.046565][T13965] batman_adv: batadv0: Adding interface: batadv_slave_0
[  320.049718][T13965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.056458][T13965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  320.062624][T13965] batman_adv: batadv0: Adding interface: batadv_slave_1
[  320.064767][T13965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.072229][T13965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  320.096996][T10146] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.155817][T13965] hsr_slave_0: entered promiscuous mode
[  320.158718][T13965] hsr_slave_1: entered promiscuous mode
[  320.160691][T13965] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  320.167372][T13965] Cannot create hsr debugfs directory
[  320.186414][T10146] 
: (slave netdevsim0): Releasing backup interface
[  320.191137][T10146] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.365758][T10146] bridge0: port 3(team0) entered disabled state
[  320.382477][T10146] bridge_slave_1: left allmulticast mode
[  320.391600][T10146] bridge_slave_1: left promiscuous mode
[  320.399322][T10146] bridge0: port 2(bridge_slave_1) entered disabled state
[  320.404900][T10146] bridge_slave_0: left allmulticast mode
[  320.412576][T10146] bridge_slave_0: left promiscuous mode
[  320.415323][T10146] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.538419][T10146] bond1 (unregistering): (slave ip6gretap1): Removing an active aggregator
[  320.541737][T10146] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  320.799339][ T9577] usb 10-1: USB disconnect, device number 5
[  320.802269][ T9577] iowarrior 10-1:0.0: I/O-Warror #0 now disconnected
[  321.008964][T10146] 
 (unregistering): (slave bond_slave_1): Releasing backup interface
[  321.014126][T10146] 
 (unregistering): Released all slaves
[  321.020221][T10146] bond0 (unregistering): Released all slaves
[  321.121030][T10146] bond1 (unregistering): Released all slaves
[  321.229222][T10146] bond2 (unregistering): Released all slaves
[  321.238377][T10146] bond3 (unregistering): Released all slaves
[  321.248743][T10146] bond4 (unregistering): Released all slaves
[  321.260069][T10146] bond5 (unregistering): Released all slaves
[  321.392696][T10146] bond6 (unregistering): Released all slaves
[  321.613554][T10146] IPVS: stopping backup sync thread 10665 ...
[  321.671432][T14023] mkiss: ax0: crc mode is auto.
[  321.684597][ T5959] Bluetooth: hci6: command tx timeout
[  321.790932][T14033] FAULT_INJECTION: forcing a failure.
[  321.790932][T14033] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.795991][T14033] CPU: 3 UID: 0 PID: 14033 Comm: syz.5.2512 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  321.798731][T14033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  321.801517][T14033] Call Trace:
[  321.802414][T14033]  <TASK>
[  321.803212][T14033]  dump_stack_lvl+0x16c/0x1f0
[  321.804384][T14033]  should_fail_ex+0x497/0x5b0
[  321.805833][T14033]  _copy_from_user+0x2e/0xd0
[  321.807461][T14033]  kstrtouint_from_user+0xd7/0x1c0
[  321.809273][T14033]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  321.811160][T14033]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  321.813168][T14033]  proc_fail_nth_write+0x84/0x250
[  321.814937][T14033]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  321.816877][T14033]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  321.818866][T14033]  vfs_write+0x24c/0x1150
[  321.820370][T14033]  ? __fget_files+0x23a/0x3f0
[  321.822044][T14033]  ? fdget_pos+0x24c/0x360
[  321.823603][T14033]  ? __pfx_lock_release+0x10/0x10
[  321.824928][T14033]  ? trace_lock_acquire+0x14a/0x1d0
[  321.826283][T14033]  ? __pfx_vfs_write+0x10/0x10
[  321.827520][T14033]  ? __pfx___mutex_lock+0x10/0x10
[  321.828869][T14033]  ? __fget_files+0x244/0x3f0
[  321.830111][T14033]  ksys_write+0x12f/0x260
[  321.831299][T14033]  ? __pfx_ksys_write+0x10/0x10
[  321.833027][T14033]  __do_fast_syscall_32+0x73/0x120
[  321.834858][T14033]  do_fast_syscall_32+0x32/0x80
[  321.836350][T14033]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  321.837981][T14033] RIP: 0023:0xf73ce579
[  321.839046][T14033] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  321.843953][T14033] RSP: 002b:00000000f56b6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  321.846126][T14033] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f56b6620
[  321.848176][T14033] RDX: 0000000000000001 RSI: 00000000f73bdff4 RDI: 0000000000000000
[  321.850204][T14033] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  321.852655][T14033] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  321.855378][T14033] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  321.857411][T14033]  </TASK>
[  321.858291][    C3] vkms_vblank_simulate: vblank timer overrun
[  322.021344][T13965] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  322.049679][T13965] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  322.061008][T13965] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  322.078171][T13965] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  322.215424][T13965] 8021q: adding VLAN 0 to HW filter on device bond0
[  322.256513][T13965] 8021q: adding VLAN 0 to HW filter on device team0
[  322.284453][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.286916][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.298987][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.300866][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.340070][T13965] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  322.442952][T13965] 8021q: adding VLAN 0 to HW filter on device batadv0
[  322.476544][T13965] veth0_vlan: entered promiscuous mode
[  322.480515][T13965] veth1_vlan: entered promiscuous mode
[  322.493963][T13965] veth0_macvtap: entered promiscuous mode
[  322.497157][T13965] veth1_macvtap: entered promiscuous mode
[  322.503954][T13965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  322.506681][T13965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.509157][T13965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  322.511740][T13965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.514280][T13965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  322.516922][T13965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.519354][T13965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  322.521888][T13965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.525136][T13965] batman_adv: batadv0: Interface activated: batadv_slave_0
[  322.530637][T13965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  322.534448][T13965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.536869][T13965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  322.539676][T13965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.542246][T13965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  322.545722][T13965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.548300][T13965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  322.551084][T13965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  322.555533][T13965] batman_adv: batadv0: Interface activated: batadv_slave_1
[  322.561122][T13965] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  322.566140][T13965] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  322.568440][T13965] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  322.570806][T13965] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  322.607402][T10155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  322.609443][T10155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  322.632643][T10151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  322.639623][T10151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  323.158761][T14089] Trying to write to read-only block-device nullb0
[  323.495958][T14093] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2521'.
[  323.761915][ T5959] Bluetooth: hci6: command tx timeout
[  324.020691][T14106] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2526'.
[  324.342656][T14119] mkiss: ax0: crc mode is auto.
[  324.433656][ T5999] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  324.583254][ T5999] usb 6-1: Using ep0 maxpacket: 8
[  324.591742][ T5999] usb 6-1: config 1 interface 0 altsetting 2 endpoint 0x2 has an invalid bInterval 127, changing to 10
[  324.595192][ T5999] usb 6-1: config 1 interface 0 has no altsetting 0
[  324.611332][ T5999] usb 6-1: New USB device found, idVendor=05ac, idProduct=029c, bcdDevice= 0.40
[  324.614638][ T5999] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.616743][ T5999] usb 6-1: Product: 穪㱂紛�뫴㲥�뢷踔�있年ꙙꉢ螎�䓊畨�窣㊳뱑ﮰ잻ॡ��ꎬ﨩콶닦䎘䄞脀꒔��晶盾�왦⺡奲⮶䦹쓀�發픨�犟젶煎튰�ꗜﻤ皧헕켣↻肄윑㾊께쵉ꧨ�烆关㞹⯠垕墂歱�꿵쿸帲ਾ춓説䚗㾕쾡�嶺Ⓙ䢼뮑뛶뫯宴啑
[  324.625098][ T5999] usb 6-1: Manufacturer: 㢶馑춳崂㋩ୈᦦ艎튟�慒뿊ꉉ衛樑՚繷㉙燂꼟민壿亂담�陗떎✊✸⟈�첾碑塀좿翦�Ⱒߡ݂醊퇨᠅�䅦촑�㬆鬟�伮釣☈
[  324.629937][ T5999] usb 6-1: SerialNumber: Ћ
[  324.746949][T10146] hsr_slave_0: left promiscuous mode
[  324.749367][T10146] hsr_slave_1: left promiscuous mode
[  324.786730][T10146] veth1_macvtap: left promiscuous mode
[  324.788275][T10146] veth0_macvtap: left promiscuous mode
[  324.790092][T10146] veth1_vlan: left promiscuous mode
[  324.791626][T10146] veth0_vlan: left promiscuous mode
[  324.840174][ T5999] usbhid 6-1:1.0: can't add hid device: -71
[  324.841793][ T5999] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[  324.845746][ T5999] usb 6-1: USB disconnect, device number 8
[  325.569105][T10146] team_slave_1 (unregistering): left promiscuous mode
[  325.571765][T10146] team_slave_1 (unregistering): left allmulticast mode
[  325.579969][T14137] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2537'.
[  325.588086][T10146] team0 (unregistering): Port device team_slave_1 removed
[  325.736841][T10146] team_slave_0 (unregistering): left promiscuous mode
[  325.738651][T10146] team_slave_0 (unregistering): left allmulticast mode
[  325.742308][T10146] team0 (unregistering): Port device team_slave_0 removed
[  325.833454][ T5959] Bluetooth: hci6: command tx timeout
[  326.614189][T14130] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2534'.
[  326.621777][T14140] netlink: 'syz.1.2537': attribute type 10 has an invalid length.
[  326.648705][T14140] team0: Port device netdevsim0 added
[  327.065497][T10146] IPVS: stop unused estimator thread 0...
[  327.324585][T14163] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2544'.
[  327.330937][T14163] vlan2: entered promiscuous mode
[  327.332692][T14163] vlan2: entered allmulticast mode
[  327.783762][T14176] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2546'.
[  327.788582][T14176] netlink: 'syz.2.2546': attribute type 4 has an invalid length.
[  327.802487][ T5959] Bluetooth: hci6: Invalid handle: 0x5800 > 0x0eff
[  327.913148][ T5966] Bluetooth: hci6: command tx timeout
[  328.165508][T14193] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2553'.
[  328.320882][T14197] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2556'.
[  328.327915][T14197] geneve0: entered promiscuous mode
[  328.329820][T14197] geneve0: entered allmulticast mode
[  328.527400][T14207] loop7: detected capacity change from 0 to 16384
[  328.558470][T14209] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2559'.
[  328.619151][T14212] netlink: 'syz.1.2559': attribute type 4 has an invalid length.
[  328.686038][T14215] netlink: 'syz.1.2560': attribute type 12 has an invalid length.
[  328.688680][T14215] netlink: 197276 bytes leftover after parsing attributes in process `syz.1.2560'.
[  328.719621][T14217] netlink: 'syz.1.2560': attribute type 12 has an invalid length.
[  328.721767][T14217] netlink: 197276 bytes leftover after parsing attributes in process `syz.1.2560'.
[  328.834854][T14222] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2561'.
[  329.536269][T14247] mkiss: ax0: crc mode is auto.
[  329.623118][ T1315] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  329.823064][ T1315] usb 10-1: Using ep0 maxpacket: 8
[  329.826517][ T1315] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  329.830556][ T1315] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  329.834353][ T1315] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  329.838121][ T1315] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  329.841947][ T1315] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  329.847962][ T1315] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  329.852172][ T1315] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.941851][ T5966] Bluetooth: hci5: link tx timeout
[  329.943548][ T5966] Bluetooth: hci5: killing stalled connection 10:aa:aa:aa:aa:aa
[  330.070300][T14262] Cannot find add_set index 0 as target
[  330.079636][ T1315] usb 10-1: usb_control_msg returned -32
[  330.081226][ T1315] usbtmc 10-1:16.0: can't read capabilities
[  330.144171][T14266] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2579'.
[  330.146465][T14266] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2579'.
[  330.155997][T14266] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2579'.
[  330.258171][ T5959] Bluetooth: hci5: link tx timeout
[  330.259620][ T5959] Bluetooth: hci5: killing stalled connection 10:aa:aa:aa:aa:aa
[  330.376613][T14277] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2583'.
[  330.432690][T14244] usbtmc 10-1:16.0: usb_control_msg returned -32
[  330.434730][T14270] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  330.457740][ T5839] usb 10-1: USB disconnect, device number 6
[  330.757937][T14289] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2587'.
[  331.225738][T14307] Cannot find add_set index 0 as target
[  331.376964][T14312] ªªªªªª: renamed from syzkaller0
[  331.407078][ T5839] libceph: connect (1)[c::]:6789 error -101
[  331.408725][ T5839] libceph: mon0 (1)[c::]:6789 connect error
[  331.683716][ T6074] libceph: connect (1)[c::]:6789 error -101
[  331.686324][ T6074] libceph: mon0 (1)[c::]:6789 connect error
[  331.993269][ T5959] Bluetooth: hci5: command 0x0406 tx timeout
[  332.194843][ T6074] libceph: connect (1)[c::]:6789 error -101
[  332.197674][ T6074] libceph: mon0 (1)[c::]:6789 connect error
[  332.274077][T14312] ceph: No mds server is up or the cluster is laggy
[  332.478534][T14349] FAULT_INJECTION: forcing a failure.
[  332.478534][T14349] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.481852][T14349] CPU: 3 UID: 0 PID: 14349 Comm: syz.2.2607 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  332.484471][T14349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  332.487226][T14349] Call Trace:
[  332.488111][T14349]  <TASK>
[  332.488885][T14349]  dump_stack_lvl+0x16c/0x1f0
[  332.490115][T14349]  should_fail_ex+0x497/0x5b0
[  332.491341][T14349]  _copy_from_user+0x2e/0xd0
[  332.492556][T14349]  get_compat_msghdr+0xa8/0x170
[  332.493833][T14349]  ? __pfx_get_compat_msghdr+0x10/0x10
[  332.495244][T14349]  ? __pfx___lock_acquire+0x10/0x10
[  332.496596][T14349]  ___sys_sendmsg+0x1b0/0x1e0
[  332.497830][T14349]  ? __pfx____sys_sendmsg+0x10/0x10
[  332.499183][T14349]  ? lock_acquire+0x2f/0xb0
[  332.500357][T14349]  ? __fget_files+0x40/0x3f0
[  332.501572][T14349]  ? fdget+0x176/0x210
[  332.502640][T14349]  __sys_sendmsg+0x117/0x1f0
[  332.503973][T14349]  ? __pfx___sys_sendmsg+0x10/0x10
[  332.505433][T14349]  ? __fget_files+0x244/0x3f0
[  332.506661][T14349]  __do_fast_syscall_32+0x73/0x120
[  332.507998][T14349]  do_fast_syscall_32+0x32/0x80
[  332.509261][T14349]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  332.510890][T14349] RIP: 0023:0xf7f71579
[  332.511946][T14349] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  332.516864][T14349] RSP: 002b:00000000f56f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  332.519016][T14349] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200003c0
[  332.521007][T14349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  332.523039][T14349] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  332.525119][T14349] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  332.527121][T14349] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  332.529177][T14349]  </TASK>
[  332.530072][    C3] vkms_vblank_simulate: vblank timer overrun
[  332.657729][T14356] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2610'.
[  332.863058][T14363] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  332.909875][T14364] netlink: 'syz.2.2613': attribute type 1 has an invalid length.
[  333.252334][   T39] audit: type=1326 audit(1731862360.527:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.5.2614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  333.274469][   T39] audit: type=1326 audit(1731862360.527:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.5.2614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  333.296934][   T39] audit: type=1326 audit(1731862360.537:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.5.2614" exe="/syz-executor" sig=0 arch=40000003 syscall=342 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  333.308245][   T39] audit: type=1326 audit(1731862360.537:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.5.2614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  333.330877][   T39] audit: type=1326 audit(1731862360.537:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.5.2614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  333.338763][   T39] audit: type=1326 audit(1731862360.537:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.5.2614" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  333.349093][   T39] audit: type=1326 audit(1731862360.537:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.5.2614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  333.373158][   T39] audit: type=1326 audit(1731862360.537:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.5.2614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  333.379096][   T39] audit: type=1326 audit(1731862360.537:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.5.2614" exe="/syz-executor" sig=0 arch=40000003 syscall=156 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  333.388511][   T39] audit: type=1326 audit(1731862360.537:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.5.2614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  333.477729][ T5966] Bluetooth: hci4: Invalid handle: 0x5800 > 0x0eff
[  334.086316][T14380] __nla_validate_parse: 1 callbacks suppressed
[  334.086395][T14380] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2618'.
[  334.086878][T14382] syz.2.2619: attempt to access beyond end of device
[  334.086878][T14382] nbd2: rw=0, sector=6, nr_sectors = 2 limit=0
[  334.091102][T14380] vlan2: entered promiscuous mode
[  334.097226][T14380] vlan2: entered allmulticast mode
[  334.112609][T14382] ADFS-fs (nbd2): error: unable to read block 3, try 0
[  334.365709][ T5959] Bluetooth: hci3: Invalid handle: 0x5800 > 0x0eff
[  334.678953][T14404] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2626'.
[  334.683414][T14404] netlink: 'syz.5.2626': attribute type 4 has an invalid length.
[  334.739687][T14408] Cannot find add_set index 0 as target
[  335.016313][T14420] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2632'.
[  335.071873][T14424] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2633'.
[  335.075527][ T5959] Bluetooth: hci3: Invalid handle: 0x5800 > 0x0eff
[  335.078789][T14424] vlan2: entered promiscuous mode
[  335.080577][T14424] vlan2: entered allmulticast mode
[  335.367918][T14432] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2638'.
[  335.375732][T14432] geneve0: entered promiscuous mode
[  335.377572][T14432] geneve0: entered allmulticast mode
[  335.529032][T14439] block nbd1: shutting down sockets
[  337.458463][T14476] SET target dimension over the limit!
[  337.534662][T14478] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2655'.
[  337.704322][T14482] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2657'.
[  337.736766][T14482] netlink: 'syz.4.2657': attribute type 4 has an invalid length.
[  337.805621][T14496] netlink: 'syz.2.2661': attribute type 1 has an invalid length.
[  337.839449][T14496] 8021q: adding VLAN 0 to HW filter on device bond1
[  337.857050][T14499] netlink: 84 bytes leftover after parsing attributes in process `syz.5.2660'.
[  337.969551][T14506] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  338.378212][T14507] mkiss: ax0: crc mode is auto.
[  338.729288][T14515] SET target dimension over the limit!
[  338.773383][T14519] netlink: 'syz.1.2667': attribute type 1 has an invalid length.
[  338.810982][T14519] 8021q: adding VLAN 0 to HW filter on device bond1
[  339.090159][T14537] vivid-007: disconnect
[  339.092100][T14538] Cannot find add_set index 0 as target
[  339.212419][T14544] overlayfs: failed to resolve './file1': -2
[  339.218945][T14546] FAULT_INJECTION: forcing a failure.
[  339.218945][T14546] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.231660][T14546] CPU: 2 UID: 0 PID: 14546 Comm: syz.1.2679 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  339.234543][T14546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  339.237818][T14546] Call Trace:
[  339.238885][T14546]  <TASK>
[  339.239896][T14546]  dump_stack_lvl+0x16c/0x1f0
[  339.241326][T14546]  should_fail_ex+0x497/0x5b0
[  339.242639][T14546]  _copy_to_user+0x32/0xd0
[  339.244168][T14546]  simple_read_from_buffer+0xd0/0x160
[  339.245790][T14546]  proc_fail_nth_read+0x198/0x270
[  339.247510][T14546]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  339.249227][T14546]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  339.251139][T14546]  vfs_read+0x1df/0xbe0
[  339.252621][T14546]  ? __fget_files+0x23a/0x3f0
[  339.254645][T14546]  ? fdget_pos+0x24c/0x360
[  339.256206][T14546]  ? __pfx_lock_release+0x10/0x10
[  339.257987][T14546]  ? trace_lock_acquire+0x14a/0x1d0
[  339.259740][T14546]  ? __pfx_vfs_read+0x10/0x10
[  339.261361][T14546]  ? __pfx___mutex_lock+0x10/0x10
[  339.263072][T14546]  ? __fget_files+0x244/0x3f0
[  339.264545][T14546]  ksys_read+0x12f/0x260
[  339.265963][T14546]  ? __pfx_ksys_read+0x10/0x10
[  339.267682][T14546]  __do_fast_syscall_32+0x73/0x120
[  339.269521][T14546]  do_fast_syscall_32+0x32/0x80
[  339.271294][T14546]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  339.273557][T14546] RIP: 0023:0xf749e579
[  339.275039][T14546] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  339.281833][T14546] RSP: 002b:00000000f5786590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  339.284773][T14546] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5786620
[  339.287601][T14546] RDX: 000000000000000f RSI: 00000000f748dff4 RDI: 0000000000000000
[  339.290391][T14546] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  339.293115][T14546] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  339.295894][T14546] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  339.298676][T14546]  </TASK>
[  339.922011][T14535] vivid-007: reconnect
[  339.976132][T14555] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2683'.
[  339.979980][T14555] netlink: 'syz.2.2683': attribute type 4 has an invalid length.
[  340.022334][T14560] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2684'.
[  340.291055][T14569] Cannot find add_set index 0 as target
[  340.351117][T14571] SET target dimension over the limit!
[  340.751497][T14576] netlink: 'syz.1.2690': attribute type 1 has an invalid length.
[  340.795412][T14576] can: request_module (can-proto-3) failed.
[  340.798642][T14577] can: request_module (can-proto-3) failed.
[  340.810318][T14576] bond2 (unregistering): Released all slaves
[  340.894941][T14586] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2691'.
[  340.929858][T14586] netfs: Couldn't get user pages (rc=-14)
[  341.078866][T14595] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  341.081283][T14595] IPv6: NLM_F_CREATE should be set when creating new route
[  341.083387][T14595] IPv6: NLM_F_CREATE should be set when creating new route
[  341.088455][T14595] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  341.123434][T14596] mkiss: ax0: crc mode is auto.
[  341.129037][T14598] netlink: 'syz.1.2696': attribute type 9 has an invalid length.
[  341.131751][T14598] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2696'.
[  341.164891][T14598] netlink: 'syz.1.2696': attribute type 9 has an invalid length.
[  341.168778][T14598] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2696'.
[  341.265133][T14601] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2697'.
[  341.268218][T14601] netlink: 'syz.4.2697': attribute type 4 has an invalid length.
[  341.335350][T14609] random: crng reseeded on system resumption
[  341.375047][   T39] kauditd_printk_skb: 16 callbacks suppressed
[  341.375056][   T39] audit: type=1326 audit(1731862368.657:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14612 comm="syz.1.2701" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x0
[  341.426039][T14618] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2703'.
[  341.428658][T14618] openvswitch: netlink: Multiple metadata blocks provided
[  341.462454][T14619] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2702'.
[  341.494895][T14613] 
: renamed from bond0 (while UP)
[  341.909575][T14626] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2705'.
[  342.029364][T14630] FAULT_INJECTION: forcing a failure.
[  342.029364][T14630] name failslab, interval 1, probability 0, space 0, times 0
[  342.032817][T14630] CPU: 3 UID: 0 PID: 14630 Comm: syz.2.2707 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  342.035615][T14630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  342.038499][T14630] Call Trace:
[  342.039446][T14630]  <TASK>
[  342.040258][T14630]  dump_stack_lvl+0x16c/0x1f0
[  342.041551][T14630]  should_fail_ex+0x497/0x5b0
[  342.042810][T14630]  ? fs_reclaim_acquire+0xae/0x150
[  342.044183][T14630]  should_failslab+0xc2/0x120
[  342.045463][T14630]  kmem_cache_alloc_node_noprof+0x71/0x310
[  342.047042][T14630]  ? __alloc_skb+0x2b3/0x380
[  342.048467][T14630]  __alloc_skb+0x2b3/0x380
[  342.049714][T14630]  ? __pfx___alloc_skb+0x10/0x10
[  342.051043][T14630]  ? lock_acquire+0x2f/0xb0
[  342.052277][T14630]  netlink_alloc_large_skb+0x69/0x130
[  342.053684][T14630]  netlink_sendmsg+0x689/0xd70
[  342.054931][T14630]  ? __pfx_netlink_sendmsg+0x10/0x10
[  342.056379][T14630]  ____sys_sendmsg+0x9ae/0xb40
[  342.057709][T14630]  ? __pfx_____sys_sendmsg+0x10/0x10
[  342.059671][T14630]  ? get_compat_msghdr+0x11b/0x170
[  342.061123][T14630]  ? __pfx___lock_acquire+0x10/0x10
[  342.062470][T14630]  ___sys_sendmsg+0x135/0x1e0
[  342.063694][T14630]  ? __pfx____sys_sendmsg+0x10/0x10
[  342.065050][T14630]  ? lock_acquire+0x2f/0xb0
[  342.066247][T14630]  ? __fget_files+0x40/0x3f0
[  342.067478][T14630]  ? fdget+0x176/0x210
[  342.068719][T14630]  __sys_sendmsg+0x117/0x1f0
[  342.069995][T14630]  ? __pfx___sys_sendmsg+0x10/0x10
[  342.071604][T14630]  ? __fget_files+0x244/0x3f0
[  342.072834][T14630]  __do_fast_syscall_32+0x73/0x120
[  342.074173][T14630]  do_fast_syscall_32+0x32/0x80
[  342.075434][T14630]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  342.077114][T14630] RIP: 0023:0xf7f71579
[  342.078207][T14630] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  342.083133][T14630] RSP: 002b:00000000f56f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  342.085280][T14630] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  342.087314][T14630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  342.089503][T14630] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  342.091624][T14630] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  342.093748][T14630] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  342.095867][T14630]  </TASK>
[  342.096774][    C3] vkms_vblank_simulate: vblank timer overrun
[  342.176769][T14634] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2709'.
[  342.314975][T14639] netlink: 'syz.2.2711': attribute type 4 has an invalid length.
[  342.623152][ T5998] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  342.800330][ T5998] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[  342.802562][ T5998] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.806981][ T5998] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  342.809799][ T5998] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  342.811903][ T5998] usb 7-1: Manufacturer: syz
[  342.814963][ T5998] usb 7-1: config 0 descriptor??
[  342.876104][ T5998] rc_core: IR keymap rc-hauppauge not found
[  342.877694][ T5998] Registered IR keymap rc-empty
[  342.887515][ T5998] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0
[  342.891961][ T5998] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input76
[  342.936001][T14652] Cannot find add_set index 0 as target
[  343.044673][ T5959] Bluetooth: hci4: Invalid handle: 0x5800 > 0x0eff
[  343.107550][ T1315] usb 7-1: USB disconnect, device number 19
[  343.731201][T14675] mkiss: ax0: crc mode is auto.
[  343.998571][T14681] random: crng reseeded on system resumption
[  344.047802][T14683] FAULT_INJECTION: forcing a failure.
[  344.047802][T14683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  344.051224][T14683] CPU: 2 UID: 0 PID: 14683 Comm: syz.2.2727 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  344.053976][T14683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  344.056761][T14683] Call Trace:
[  344.057644][T14683]  <TASK>
[  344.058406][T14683]  dump_stack_lvl+0x16c/0x1f0
[  344.059623][T14683]  should_fail_ex+0x497/0x5b0
[  344.060845][T14683]  _copy_from_iter+0x29b/0x1400
[  344.062125][T14683]  ? __pfx__copy_from_iter+0x10/0x10
[  344.063517][T14683]  ? __virt_addr_valid+0x1a4/0x590
[  344.064867][T14683]  ? __virt_addr_valid+0x5e/0x590
[  344.066180][T14683]  ? __phys_addr_symbol+0x30/0x80
[  344.067500][T14683]  ? __check_object_size+0x488/0x710
[  344.068877][T14683]  netlink_sendmsg+0x813/0xd70
[  344.070132][T14683]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.071507][T14683]  ____sys_sendmsg+0x9ae/0xb40
[  344.072765][T14683]  ? __pfx_____sys_sendmsg+0x10/0x10
[  344.074154][T14683]  ? get_compat_msghdr+0x11b/0x170
[  344.075491][T14683]  ? __pfx___lock_acquire+0x10/0x10
[  344.076858][T14683]  ___sys_sendmsg+0x135/0x1e0
[  344.078097][T14683]  ? __pfx____sys_sendmsg+0x10/0x10
[  344.079453][T14683]  ? lock_acquire+0x2f/0xb0
[  344.080642][T14683]  ? __fget_files+0x40/0x3f0
[  344.081862][T14683]  ? fdget+0x176/0x210
[  344.082927][T14683]  __sys_sendmsg+0x117/0x1f0
[  344.084133][T14683]  ? __pfx___sys_sendmsg+0x10/0x10
[  344.085466][T14683]  ? __fget_files+0x244/0x3f0
[  344.086732][T14683]  __do_fast_syscall_32+0x73/0x120
[  344.088124][T14683]  do_fast_syscall_32+0x32/0x80
[  344.089338][T14683]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  344.090947][T14683] RIP: 0023:0xf7f71579
[  344.092001][T14683] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  344.096804][T14683] RSP: 002b:00000000f56f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  344.098961][T14683] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  344.100998][T14683] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  344.103031][T14683] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  344.105073][T14683] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  344.107109][T14683] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  344.109167][T14683]  </TASK>
[  344.150457][T14687] vlan3: entered promiscuous mode
[  344.151882][T14687] vlan3: entered allmulticast mode
[  344.168176][ T5959] Bluetooth: hci6: Invalid handle: 0x5800 > 0x0eff
[  344.265358][T14689] netlink: 'syz.2.2730': attribute type 1 has an invalid length.
[  344.279554][T14689] 8021q: adding VLAN 0 to HW filter on device bond2
[  344.587567][T14700] binder: 14698:14700 ioctl 541b 0 returned -22
[  345.413498][T14711] Cannot find add_set index 0 as target
[  345.439364][T14718] FAULT_INJECTION: forcing a failure.
[  345.439364][T14718] name failslab, interval 1, probability 0, space 0, times 0
[  345.442781][T14718] CPU: 3 UID: 0 PID: 14718 Comm: syz.2.2740 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  345.445648][T14718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  345.448462][T14718] Call Trace:
[  345.449384][T14718]  <TASK>
[  345.450193][T14718]  dump_stack_lvl+0x16c/0x1f0
[  345.451452][T14718]  should_fail_ex+0x497/0x5b0
[  345.452691][T14718]  should_failslab+0xc2/0x120
[  345.454017][T14718]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  345.455465][T14718]  ? skb_clone+0x190/0x3f0
[  345.456659][T14718]  skb_clone+0x190/0x3f0
[  345.457812][T14718]  netlink_deliver_tap+0xb26/0xcf0
[  345.459221][T14718]  netlink_unicast+0x5e1/0x7f0
[  345.460503][T14718]  ? __pfx_netlink_unicast+0x10/0x10
[  345.461933][T14718]  ? __phys_addr_symbol+0x30/0x80
[  345.463267][T14718]  ? __check_object_size+0x4a1/0x710
[  345.464694][T14718]  netlink_sendmsg+0x8b8/0xd70
[  345.465904][T14718]  ? __pfx_netlink_sendmsg+0x10/0x10
[  345.467273][T14718]  ____sys_sendmsg+0x9ae/0xb40
[  345.468696][T14718]  ? __pfx_____sys_sendmsg+0x10/0x10
[  345.470097][T14718]  ? get_compat_msghdr+0x11b/0x170
[  345.471494][T14718]  ? __pfx___lock_acquire+0x10/0x10
[  345.472894][T14718]  ___sys_sendmsg+0x135/0x1e0
[  345.474177][T14718]  ? __pfx____sys_sendmsg+0x10/0x10
[  345.475594][T14718]  ? lock_acquire+0x2f/0xb0
[  345.476821][T14718]  ? __fget_files+0x40/0x3f0
[  345.478114][T14718]  ? fdget+0x176/0x210
[  345.479189][T14718]  __sys_sendmsg+0x117/0x1f0
[  345.480422][T14718]  ? __pfx___sys_sendmsg+0x10/0x10
[  345.481796][T14718]  ? __fget_files+0x244/0x3f0
[  345.483199][T14718]  __do_fast_syscall_32+0x73/0x120
[  345.484790][T14718]  do_fast_syscall_32+0x32/0x80
[  345.486311][T14718]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  345.488030][T14718] RIP: 0023:0xf7f71579
[  345.489148][T14718] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  345.494187][T14718] RSP: 002b:00000000f56f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  345.496520][T14718] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  345.498705][T14718] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  345.500859][T14718] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  345.503178][T14718] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  345.505308][T14718] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  345.507444][T14718]  </TASK>
[  345.508367][    C3] vkms_vblank_simulate: vblank timer overrun
[  345.683202][T14720] __nla_validate_parse: 6 callbacks suppressed
[  345.683213][T14720] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2742'.
[  345.687397][T14722] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2741'.
[  345.688533][T14720] binder: 14719:14720 ioctl c018620c 20003640 returned -1
[  345.689851][T14722] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2741'.
[  345.891388][T14741] mkiss: ax0: crc mode is auto.
[  345.928043][T14745] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2749'.
[  345.931474][T14745] netlink: 'syz.5.2749': attribute type 4 has an invalid length.
[  346.012715][T14756] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2752'.
[  346.017568][T14756] vlan2: entered promiscuous mode
[  346.018966][T14756] bridge0: entered promiscuous mode
[  346.020487][T14756] vlan2: entered allmulticast mode
[  346.021940][T14756] bridge0: entered allmulticast mode
[  346.462343][T14768] netlink: 'syz.1.2755': attribute type 1 has an invalid length.
[  346.486552][T14768] 8021q: adding VLAN 0 to HW filter on device bond0
[  346.593082][T14771] kvm: user requested TSC rate below hardware speed
[  346.891167][ T5966] Bluetooth: hci6: unexpected event for opcode 0x1408
[  346.993780][T14783] netlink: 84 bytes leftover after parsing attributes in process `syz.4.2760'.
[  347.298569][T14794] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2763'.
[  347.314395][T14796] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2764'.
[  347.448212][T14808] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0
[  347.451134][T14804] IPVS: stopping master sync thread 14808 ...
[  347.509320][T14804] ./file0: Can't lookup blockdev
[  347.579694][T14815] fuse: Bad value for 'rootmode'
[  347.584322][ T5966] Bluetooth: hci5: unexpected event for opcode 0x0c6d
[  348.210896][T14824] netlink: 'syz.1.2773': attribute type 5 has an invalid length.
[  348.380839][T14829] mkiss: ax0: crc mode is auto.
[  348.386625][T14831] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2776'.
[  348.498791][T14837] FAULT_INJECTION: forcing a failure.
[  348.498791][T14837] name failslab, interval 1, probability 0, space 0, times 0
[  348.502225][T14837] CPU: 3 UID: 0 PID: 14837 Comm: syz.4.2779 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  348.505257][T14837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  348.508660][T14837] Call Trace:
[  348.509718][T14837]  <TASK>
[  348.510528][T14837]  dump_stack_lvl+0x16c/0x1f0
[  348.512207][T14837]  should_fail_ex+0x497/0x5b0
[  348.513925][T14837]  ? fs_reclaim_acquire+0xae/0x150
[  348.515992][T14837]  should_failslab+0xc2/0x120
[  348.517724][T14837]  __kmalloc_cache_noprof+0x6b/0x310
[  348.519569][T14837]  ? rtnl_newlink+0x49/0xa0
[  348.521234][T14837]  rtnl_newlink+0x49/0xa0
[  348.522441][T14837]  ? __pfx_rtnl_newlink+0x10/0x10
[  348.523917][T14837]  rtnetlink_rcv_msg+0x3c7/0xea0
[  348.525602][T14837]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  348.527440][T14837]  ? __pfx___dev_queue_xmit+0x10/0x10
[  348.529326][T14837]  netlink_rcv_skb+0x165/0x410
[  348.531000][T14837]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  348.532894][T14837]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  348.534552][T14837]  ? netlink_deliver_tap+0x1ae/0xcf0
[  348.535941][T14837]  netlink_unicast+0x53c/0x7f0
[  348.537234][T14837]  ? __pfx_netlink_unicast+0x10/0x10
[  348.538615][T14837]  ? __phys_addr_symbol+0x30/0x80
[  348.539928][T14837]  ? __check_object_size+0x488/0x710
[  348.541326][T14837]  netlink_sendmsg+0x8b8/0xd70
[  348.542609][T14837]  ? __pfx_netlink_sendmsg+0x10/0x10
[  348.544116][T14837]  ____sys_sendmsg+0x9ae/0xb40
[  348.545396][T14837]  ? __pfx_____sys_sendmsg+0x10/0x10
[  348.546783][T14837]  ? get_compat_msghdr+0x11b/0x170
[  348.548209][T14837]  ? __pfx___lock_acquire+0x10/0x10
[  348.549595][T14837]  ___sys_sendmsg+0x135/0x1e0
[  348.550837][T14837]  ? __pfx____sys_sendmsg+0x10/0x10
[  348.552196][T14837]  ? lock_acquire+0x2f/0xb0
[  348.553463][T14837]  ? __fget_files+0x40/0x3f0
[  348.554767][T14837]  ? fdget+0x176/0x210
[  348.555841][T14837]  __sys_sendmsg+0x117/0x1f0
[  348.557320][T14837]  ? __pfx___sys_sendmsg+0x10/0x10
[  348.559060][T14837]  ? __fget_files+0x244/0x3f0
[  348.560676][T14837]  __do_fast_syscall_32+0x73/0x120
[  348.562351][T14837]  do_fast_syscall_32+0x32/0x80
[  348.563900][T14837]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  348.565544][T14837] RIP: 0023:0xf7f15579
[  348.566688][T14837] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  348.572022][T14837] RSP: 002b:00000000f569655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  348.574301][T14837] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  348.576317][T14837] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  348.578393][T14837] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  348.580437][T14837] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  348.582506][T14837] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  348.584939][T14837]  </TASK>
[  348.586163][    C3] vkms_vblank_simulate: vblank timer overrun
[  348.593779][T14839] netlink: 'syz.2.2780': attribute type 1 has an invalid length.
[  348.655959][T14842] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2781'.
[  348.666568][T14842] vlan3: entered promiscuous mode
[  348.668430][T14842] vlan3: entered allmulticast mode
[  348.683335][T14839] 8021q: adding VLAN 0 to HW filter on device bond3
[  348.846283][ T5966] Bluetooth: hci4: Invalid handle: 0x5800 > 0x0eff
[  349.112412][T14855] vlan3: entered promiscuous mode
[  349.114022][T14855] vlan3: entered allmulticast mode
[  350.223930][T14888] openvswitch: netlink: Actions may not be safe on all matching packets
[  350.279848][T14896] netlink: 'syz.4.2802': attribute type 4 has an invalid length.
[  350.321196][T14901] SET target dimension over the limit!
[  350.532024][T14912] mkiss: ax0: crc mode is auto.
[  350.573150][ T5961] Bluetooth: hci5: Invalid handle: 0x5800 > 0x0eff
[  350.690584][T14917] netlink: 'syz.5.2809': attribute type 1 has an invalid length.
[  350.714068][T14917] 8021q: adding VLAN 0 to HW filter on device bond2
[  350.894474][T14926] __nla_validate_parse: 3 callbacks suppressed
[  350.894486][T14926] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2813'.
[  350.906877][T14926] vlan3: entered promiscuous mode
[  350.908250][T14926] vlan3: entered allmulticast mode
[  350.963063][ T5966] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  350.966522][ T5966] Bluetooth: hci6: Injecting HCI hardware error event
[  351.594782][ T5966] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  351.597365][ T5966] Bluetooth: hci5: Injecting HCI hardware error event
[  351.599830][ T5966] Bluetooth: hci5: hardware error 0x00
[  351.688387][T14939] FAULT_INJECTION: forcing a failure.
[  351.688387][T14939] name failslab, interval 1, probability 0, space 0, times 0
[  351.692608][T14939] CPU: 2 UID: 0 PID: 14939 Comm: syz.1.2817 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  351.695429][T14939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  351.698201][T14939] Call Trace:
[  351.699081][T14939]  <TASK>
[  351.699859][T14939]  dump_stack_lvl+0x16c/0x1f0
[  351.701101][T14939]  should_fail_ex+0x497/0x5b0
[  351.702367][T14939]  ? fs_reclaim_acquire+0xae/0x150
[  351.703763][T14939]  should_failslab+0xc2/0x120
[  351.705041][T14939]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  351.706458][T14939]  ? __kernfs_new_node+0xd3/0x890
[  351.707796][T14939]  __kernfs_new_node+0xd3/0x890
[  351.709051][T14939]  ? __pfx___kernfs_new_node+0x10/0x10
[  351.710434][T14939]  ? __pfx___lock_acquire+0x10/0x10
[  351.711794][T14939]  kernfs_new_node+0x186/0x240
[  351.713113][T14939]  __kernfs_create_file+0x53/0x350
[  351.714475][T14939]  sysfs_add_file_mode_ns+0x1ff/0x3b0
[  351.715872][T14939]  sysfs_create_file_ns+0x13e/0x1d0
[  351.717250][T14939]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  351.718730][T14939]  ? down_read+0xc9/0x330
[  351.719859][T14939]  ? __pfx___up_read+0x10/0x10
[  351.721160][T14939]  ? kobject_put+0xab/0x5a0
[  351.722527][T14939]  device_create_file+0xf2/0x1e0
[  351.723884][T14939]  device_add+0x2c0/0x1a70
[  351.725101][T14939]  ? __pfx_dev_set_name+0x10/0x10
[  351.726414][T14939]  ? __pfx_device_add+0x10/0x10
[  351.727708][T14939]  ? __init_waitqueue_head+0xca/0x150
[  351.729120][T14939]  netdev_register_kobject+0x187/0x3f0
[  351.730585][T14939]  register_netdevice+0x1473/0x1e20
[  351.731779][T14939]  ? __pfx_register_netdevice+0x10/0x10
[  351.733290][T14939]  ? dev_addr_mod+0x2c9/0x390
[  351.734871][T14939]  ipvlan_link_new+0x353/0xbf0
[  351.736128][T14939]  ? __pfx_ipvlan_link_new+0x10/0x10
[  351.737524][T14939]  __rtnl_newlink+0x119c/0x1920
[  351.738795][T14939]  ? __pfx___rtnl_newlink+0x10/0x10
[  351.740083][T14939]  rtnl_newlink+0x67/0xa0
[  351.741141][T14939]  ? __pfx_rtnl_newlink+0x10/0x10
[  351.742416][T14939]  rtnetlink_rcv_msg+0x3c7/0xea0
[  351.743990][T14939]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  351.745970][T14939]  ? __pfx___dev_queue_xmit+0x10/0x10
[  351.747604][T14939]  netlink_rcv_skb+0x165/0x410
[  351.748857][T14939]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  351.750284][T14939]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  351.751664][T14939]  ? netlink_deliver_tap+0x1ae/0xcf0
[  351.753075][T14939]  netlink_unicast+0x53c/0x7f0
[  351.754331][T14939]  ? __pfx_netlink_unicast+0x10/0x10
[  351.755720][T14939]  ? __phys_addr_symbol+0x30/0x80
[  351.757098][T14939]  ? __check_object_size+0x488/0x710
[  351.758478][T14939]  netlink_sendmsg+0x8b8/0xd70
[  351.759740][T14939]  ? __pfx_netlink_sendmsg+0x10/0x10
[  351.761125][T14939]  ____sys_sendmsg+0x9ae/0xb40
[  351.762378][T14939]  ? __pfx_____sys_sendmsg+0x10/0x10
[  351.763783][T14939]  ? get_compat_msghdr+0x11b/0x170
[  351.765133][T14939]  ? __pfx___lock_acquire+0x10/0x10
[  351.766481][T14939]  ___sys_sendmsg+0x135/0x1e0
[  351.767758][T14939]  ? __pfx____sys_sendmsg+0x10/0x10
[  351.769122][T14939]  ? lock_acquire+0x2f/0xb0
[  351.770308][T14939]  ? __fget_files+0x40/0x3f0
[  351.771527][T14939]  ? fdget+0x176/0x210
[  351.772623][T14939]  __sys_sendmsg+0x117/0x1f0
[  351.773862][T14939]  ? __pfx___sys_sendmsg+0x10/0x10
[  351.775192][T14939]  ? __fget_files+0x244/0x3f0
[  351.776425][T14939]  __do_fast_syscall_32+0x73/0x120
[  351.777826][T14939]  do_fast_syscall_32+0x32/0x80
[  351.779060][T14939]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  351.780719][T14939] RIP: 0023:0xf749e579
[  351.781798][T14939] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  351.786767][T14939] RSP: 002b:00000000f578655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  351.788957][T14939] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  351.791037][T14939] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  351.793125][T14939] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  351.795227][T14939] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  351.797319][T14939] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  351.799634][T14939]  </TASK>
[  351.852160][T14941] input: syz0 as /devices/virtual/input/input81
[  353.203262][ T5998] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  353.353280][ T5998] usb 7-1: Using ep0 maxpacket: 32
[  353.384141][ T5998] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  353.396429][ T5998] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  353.398677][ T5998] usb 7-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00
[  353.414327][ T5998] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.420123][ T5998] usb 7-1: config 0 descriptor??
[  353.458191][T14963] SET target dimension over the limit!
[  353.578027][T14969] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2829'.
[  353.673498][ T5966] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  353.722079][T14968] mkiss: ax0: crc mode is auto.
[  353.980626][T14978] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  353.985717][T14978] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  353.999215][T14978] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  354.674965][T14988] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  354.677350][T14988] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  354.679602][T14988] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  354.681868][T14988] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  354.684463][T14988] vxlan0: entered promiscuous mode
[  354.685853][T14988] vxlan0: entered allmulticast mode
[  354.688213][T14988] batman_adv: batadv0: Adding interface: vxlan0
[  354.689936][T14988] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.696988][T14988] batman_adv: batadv0: Interface activated: vxlan0
[  355.177836][T14998] FAULT_INJECTION: forcing a failure.
[  355.177836][T14998] name failslab, interval 1, probability 0, space 0, times 0
[  355.181267][T14998] CPU: 1 UID: 0 PID: 14998 Comm: syz.5.2839 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  355.184504][T14998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  355.187646][T14998] Call Trace:
[  355.188542][T14998]  <TASK>
[  355.189678][T14998]  dump_stack_lvl+0x16c/0x1f0
[  355.191044][T14998]  should_fail_ex+0x497/0x5b0
[  355.192293][T14998]  ? fs_reclaim_acquire+0xae/0x150
[  355.193661][T14998]  should_failslab+0xc2/0x120
[  355.194922][T14998]  __kmalloc_noprof+0xcb/0x410
[  355.196189][T14998]  sock_kmalloc+0x111/0x170
[  355.197456][T14998]  cmsghdr_from_user_compat_to_kern+0x5fd/0x7c0
[  355.199382][T14998]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[  355.201152][T14998]  ____sys_sendmsg+0x43d/0xb40
[  355.202432][T14998]  ? __pfx_____sys_sendmsg+0x10/0x10
[  355.203880][T14998]  ? get_compat_msghdr+0x11b/0x170
[  355.205240][T14998]  ? __pfx___lock_acquire+0x10/0x10
[  355.206726][T14998]  ___sys_sendmsg+0x135/0x1e0
[  355.207979][T14998]  ? __pfx____sys_sendmsg+0x10/0x10
[  355.209358][T14998]  ? lock_acquire+0x2f/0xb0
[  355.210558][T14998]  ? __fget_files+0x40/0x3f0
[  355.211779][T14998]  ? __pfx___might_resched+0x10/0x10
[  355.213186][T14998]  ? fdget+0x176/0x210
[  355.214266][T14998]  __sys_sendmmsg+0x2a5/0x450
[  355.215514][T14998]  ? __pfx___sys_sendmmsg+0x10/0x10
[  355.216883][T14998]  ? vfs_write+0x306/0x1150
[  355.218098][T14998]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  355.219674][T14998]  ? fput+0x30/0x390
[  355.220716][T14998]  ? ksys_write+0x1ad/0x260
[  355.221931][T14998]  ? __pfx_ksys_write+0x10/0x10
[  355.223222][T14998]  __ia32_compat_sys_sendmmsg+0x9d/0x100
[  355.224731][T14998]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  355.226602][T14998]  __do_fast_syscall_32+0x73/0x120
[  355.228234][T14998]  do_fast_syscall_32+0x32/0x80
[  355.229536][T14998]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  355.231171][T14998] RIP: 0023:0xf73ce579
[  355.232436][T14998] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  355.237452][T14998] RSP: 002b:00000000f56b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159
[  355.239624][T14998] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000cc0
[  355.241681][T14998] RDX: 0000000000000003 RSI: 0000000004004880 RDI: 0000000000000000
[  355.243733][T14998] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  355.245699][T14998] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  355.247927][T14998] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  355.250018][T14998]  </TASK>
[  355.650016][T15019] FAULT_INJECTION: forcing a failure.
[  355.650016][T15019] name failslab, interval 1, probability 0, space 0, times 0
[  355.653777][T15019] CPU: 0 UID: 0 PID: 15019 Comm: syz.4.2847 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  355.656480][T15019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  355.659976][T15019] Call Trace:
[  355.661118][T15019]  <TASK>
[  355.662146][T15019]  dump_stack_lvl+0x16c/0x1f0
[  355.663700][T15019]  should_fail_ex+0x497/0x5b0
[  355.665104][T15019]  ? fs_reclaim_acquire+0xae/0x150
[  355.666809][T15019]  should_failslab+0xc2/0x120
[  355.668004][T15019]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  355.669374][T15019]  ? __kernfs_new_node+0xd3/0x890
[  355.670653][T15019]  ? kstrdup+0x5c/0x80
[  355.671697][T15019]  __kernfs_new_node+0xd3/0x890
[  355.672964][T15019]  ? __pfx___kernfs_new_node+0x10/0x10
[  355.674385][T15019]  ? __pfx_lock_release+0x10/0x10
[  355.675704][T15019]  ? kernfs_add_one+0x39d/0x520
[  355.676996][T15019]  ? lock_acquire.part.0+0x11b/0x380
[  355.678366][T15019]  ? find_held_lock+0x2d/0x110
[  355.679617][T15019]  kernfs_new_node+0x186/0x240
[  355.680844][T15019]  kernfs_create_link+0xcc/0x240
[  355.682138][T15019]  sysfs_do_create_link_sd+0x90/0x140
[  355.683532][T15019]  sysfs_create_link+0x61/0xc0
[  355.684790][T15019]  device_add+0x62e/0x1a70
[  355.685963][T15019]  ? __pfx_device_add+0x10/0x10
[  355.687131][T15019]  ? __init_waitqueue_head+0xca/0x150
[  355.688638][T15019]  netdev_register_kobject+0x187/0x3f0
[  355.690035][T15019]  register_netdevice+0x1473/0x1e20
[  355.691347][T15019]  ? __pfx_register_netdevice+0x10/0x10
[  355.692757][T15019]  ? dev_addr_mod+0x2c9/0x390
[  355.693989][T15019]  ipvlan_link_new+0x353/0xbf0
[  355.695229][T15019]  ? __pfx_ipvlan_link_new+0x10/0x10
[  355.696594][T15019]  __rtnl_newlink+0x119c/0x1920
[  355.697869][T15019]  ? __pfx___rtnl_newlink+0x10/0x10
[  355.699225][T15019]  rtnl_newlink+0x67/0xa0
[  355.700348][T15019]  ? __pfx_rtnl_newlink+0x10/0x10
[  355.701699][T15019]  rtnetlink_rcv_msg+0x3c7/0xea0
[  355.702984][T15019]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  355.704394][T15019]  ? __pfx___dev_queue_xmit+0x10/0x10
[  355.705803][T15019]  netlink_rcv_skb+0x165/0x410
[  355.707053][T15019]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  355.708491][T15019]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  355.709880][T15019]  ? netlink_deliver_tap+0x1ae/0xcf0
[  355.711248][T15019]  netlink_unicast+0x53c/0x7f0
[  355.712502][T15019]  ? __pfx_netlink_unicast+0x10/0x10
[  355.713884][T15019]  ? __phys_addr_symbol+0x30/0x80
[  355.715190][T15019]  ? __check_object_size+0x488/0x710
[  355.716537][T15019]  netlink_sendmsg+0x8b8/0xd70
[  355.717764][T15019]  ? __pfx_netlink_sendmsg+0x10/0x10
[  355.719160][T15019]  ____sys_sendmsg+0x9ae/0xb40
[  355.720408][T15019]  ? __pfx_____sys_sendmsg+0x10/0x10
[  355.721794][T15019]  ? get_compat_msghdr+0x11b/0x170
[  355.723137][T15019]  ? __pfx___lock_acquire+0x10/0x10
[  355.724499][T15019]  ___sys_sendmsg+0x135/0x1e0
[  355.725758][T15019]  ? __pfx____sys_sendmsg+0x10/0x10
[  355.727239][T15019]  ? lock_acquire+0x2f/0xb0
[  355.728436][T15019]  ? __fget_files+0x40/0x3f0
[  355.729652][T15019]  ? fdget+0x176/0x210
[  355.730723][T15019]  __sys_sendmsg+0x117/0x1f0
[  355.731926][T15019]  ? __pfx___sys_sendmsg+0x10/0x10
[  355.733407][T15019]  ? __fget_files+0x244/0x3f0
[  355.734710][T15019]  __do_fast_syscall_32+0x73/0x120
[  355.736085][T15019]  do_fast_syscall_32+0x32/0x80
[  355.737338][T15019]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  355.739317][T15019] RIP: 0023:0xf7f15579
[  355.740705][T15019] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  355.746405][T15019] RSP: 002b:00000000f569655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  355.748575][T15019] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  355.750652][T15019] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  355.752688][T15019] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  355.754757][T15019] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  355.756795][T15019] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  355.758860][T15019]  </TASK>
[  355.767387][T15020] netlink: 'syz.1.2846': attribute type 10 has an invalid length.
[  355.770192][T15020] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.772427][T15020] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.778961][T15020] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.780832][T15020] bridge0: port 2(bridge_slave_1) entered forwarding state
[  355.783567][T15020] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.785451][T15020] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.789296][T15020] 
: (slave bridge0): Enslaving as an active interface with an up link
[  355.796535][T15017] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2846'.
[  355.799442][T15017] bridge_slave_1: left allmulticast mode
[  355.801099][T15017] bridge_slave_1: left promiscuous mode
[  355.802844][T15017] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.810850][T15017] bridge_slave_0: left allmulticast mode
[  355.812646][T15017] bridge_slave_0: left promiscuous mode
[  355.814716][T15017] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.826817][ T5966] Bluetooth: hci6: unexpected event for opcode 0x043d
[  355.841973][T15017] 
: (slave bridge0): Releasing backup interface
[  355.959673][ T9577] usb 7-1: USB disconnect, device number 20
[  356.060689][T15035] ax25_connect(): syz.4.2849 uses autobind, please contact jreuter@yaina.de
[  356.072522][T15037] netlink: 'syz.5.2854': attribute type 1 has an invalid length.
[  356.196184][T15043] netlink: 'syz.4.2856': attribute type 1 has an invalid length.
[  356.225759][T15043] 8021q: adding VLAN 0 to HW filter on device bond3
[  356.250196][T15045] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2855'.
[  356.512715][T15057] FAULT_INJECTION: forcing a failure.
[  356.512715][T15057] name failslab, interval 1, probability 0, space 0, times 0
[  356.513696][T15058] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2862'.
[  356.520154][T15057] CPU: 3 UID: 0 PID: 15057 Comm: syz.1.2861 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  356.523871][T15057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  356.527449][T15057] Call Trace:
[  356.528620][T15057]  <TASK>
[  356.529637][T15057]  dump_stack_lvl+0x16c/0x1f0
[  356.531231][T15057]  should_fail_ex+0x497/0x5b0
[  356.532830][T15057]  ? fs_reclaim_acquire+0xae/0x150
[  356.534597][T15057]  should_failslab+0xc2/0x120
[  356.536255][T15057]  __kmalloc_node_track_caller_noprof+0xcf/0x440
[  356.538493][T15057]  ? kstrdup_const+0x63/0x80
[  356.540215][T15057]  kstrdup+0x3c/0x80
[  356.541571][T15057]  kstrdup_const+0x63/0x80
[  356.543120][T15057]  kvasprintf_const+0x10f/0x1a0
[  356.545115][T15057]  kobject_set_name_vargs+0x5a/0x140
[  356.547018][T15057]  dev_set_name+0xc8/0x100
[  356.548585][T15057]  ? __pfx_dev_set_name+0x10/0x10
[  356.550331][T15057]  ? __init_waitqueue_head+0xca/0x150
[  356.552259][T15057]  netdev_register_kobject+0xc5/0x3f0
[  356.554162][T15057]  register_netdevice+0x1473/0x1e20
[  356.556020][T15057]  ? __pfx_register_netdevice+0x10/0x10
[  356.557984][T15057]  ? dev_addr_mod+0x2c9/0x390
[  356.559665][T15057]  ipvlan_link_new+0x353/0xbf0
[  356.561392][T15057]  ? __pfx_ipvlan_link_new+0x10/0x10
[  356.563266][T15057]  __rtnl_newlink+0x119c/0x1920
[  356.565009][T15057]  ? __pfx___rtnl_newlink+0x10/0x10
[  356.566801][T15057]  rtnl_newlink+0x67/0xa0
[  356.568223][T15057]  ? __pfx_rtnl_newlink+0x10/0x10
[  356.569924][T15057]  rtnetlink_rcv_msg+0x3c7/0xea0
[  356.571641][T15057]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  356.573516][T15057]  ? __pfx___dev_queue_xmit+0x10/0x10
[  356.575356][T15057]  netlink_rcv_skb+0x165/0x410
[  356.577034][T15057]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  356.578887][T15057]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  356.580558][T15057]  ? netlink_deliver_tap+0x1ae/0xcf0
[  356.582333][T15057]  netlink_unicast+0x53c/0x7f0
[  356.584007][T15057]  ? __pfx_netlink_unicast+0x10/0x10
[  356.585784][T15057]  ? __phys_addr_symbol+0x30/0x80
[  356.587503][T15057]  ? __check_object_size+0x488/0x710
[  356.589321][T15057]  netlink_sendmsg+0x8b8/0xd70
[  356.590888][T15057]  ? __pfx_netlink_sendmsg+0x10/0x10
[  356.592728][T15057]  ____sys_sendmsg+0x9ae/0xb40
[  356.594582][T15057]  ? __pfx_____sys_sendmsg+0x10/0x10
[  356.596485][T15057]  ? get_compat_msghdr+0x11b/0x170
[  356.598293][T15057]  ? __pfx___lock_acquire+0x10/0x10
[  356.600105][T15057]  ___sys_sendmsg+0x135/0x1e0
[  356.601768][T15057]  ? __pfx____sys_sendmsg+0x10/0x10
[  356.603689][T15057]  ? lock_acquire+0x2f/0xb0
[  356.605311][T15057]  ? __fget_files+0x40/0x3f0
[  356.606544][T15057]  ? fdget+0x176/0x210
[  356.607635][T15057]  __sys_sendmsg+0x117/0x1f0
[  356.608912][T15057]  ? __pfx___sys_sendmsg+0x10/0x10
[  356.610314][T15057]  ? __fget_files+0x244/0x3f0
[  356.611916][T15057]  __do_fast_syscall_32+0x73/0x120
[  356.613614][T15057]  do_fast_syscall_32+0x32/0x80
[  356.615145][T15057]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  356.617148][T15057] RIP: 0023:0xf749e579
[  356.618235][T15057] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  356.623678][T15057] RSP: 002b:00000000f578655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  356.625877][T15057] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  356.627981][T15057] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  356.630067][T15057] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  356.632142][T15057] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  356.634225][T15057] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  356.636293][T15057]  </TASK>
[  356.640082][T15061] netlink: 'syz.5.2863': attribute type 1 has an invalid length.
[  356.658011][T15058] cgroup: Need name or subsystem set
[  356.732188][T15070] SET target dimension over the limit!
[  356.742405][T15072] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2867'.
[  356.749102][T15072] vlan3: entered promiscuous mode
[  356.750803][T15072] vlan3: entered allmulticast mode
[  356.806917][ T5966] Bluetooth: hci6: Invalid handle: 0x5800 > 0x0eff
[  356.932039][T15079] overlayfs: failed to resolve './file1': -2
[  357.674288][T15102] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2877'.
[  357.973674][T15110] netlink: 'syz.1.2875': attribute type 2 has an invalid length.
[  358.262527][T15110] : entered promiscuous mode
[  358.327331][T15116] netlink: 'syz.4.2880': attribute type 1 has an invalid length.
[  358.329583][T15116] netlink: 9392 bytes leftover after parsing attributes in process `syz.4.2880'.
[  358.540902][T15119] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2881'.
[  358.668964][T15123] FAULT_INJECTION: forcing a failure.
[  358.668964][T15123] name failslab, interval 1, probability 0, space 0, times 0
[  358.672193][T15123] CPU: 3 UID: 0 PID: 15123 Comm: syz.1.2882 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  358.674964][T15123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  358.677725][T15123] Call Trace:
[  358.678606][T15123]  <TASK>
[  358.679371][T15123]  dump_stack_lvl+0x16c/0x1f0
[  358.680571][T15123]  should_fail_ex+0x497/0x5b0
[  358.681746][T15123]  ? fs_reclaim_acquire+0xae/0x150
[  358.683085][T15123]  should_failslab+0xc2/0x120
[  358.684321][T15123]  __kmalloc_cache_noprof+0x6b/0x310
[  358.685719][T15123]  ? device_add+0xccf/0x1a70
[  358.686943][T15123]  device_add+0xccf/0x1a70
[  358.688130][T15123]  ? dev_set_name+0xc8/0x100
[  358.689356][T15123]  ? __pfx_dev_set_name+0x10/0x10
[  358.690681][T15123]  ? __pfx_device_add+0x10/0x10
[  358.691963][T15123]  ? __init_waitqueue_head+0xca/0x150
[  358.693383][T15123]  netdev_register_kobject+0x187/0x3f0
[  358.694808][T15123]  register_netdevice+0x1473/0x1e20
[  358.696180][T15123]  ? __pfx_register_netdevice+0x10/0x10
[  358.697642][T15123]  ? dev_addr_mod+0x2c9/0x390
[  358.698890][T15123]  ipvlan_link_new+0x353/0xbf0
[  358.700164][T15123]  ? __pfx_ipvlan_link_new+0x10/0x10
[  358.701567][T15123]  __rtnl_newlink+0x119c/0x1920
[  358.702856][T15123]  ? __pfx___rtnl_newlink+0x10/0x10
[  358.704232][T15123]  rtnl_newlink+0x67/0xa0
[  358.705357][T15123]  ? __pfx_rtnl_newlink+0x10/0x10
[  358.706670][T15123]  rtnetlink_rcv_msg+0x3c7/0xea0
[  358.707977][T15123]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  358.709395][T15123]  ? __pfx___dev_queue_xmit+0x10/0x10
[  358.710804][T15123]  netlink_rcv_skb+0x165/0x410
[  358.712058][T15123]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  358.713488][T15123]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  358.714873][T15123]  ? netlink_deliver_tap+0x1ae/0xcf0
[  358.716260][T15123]  netlink_unicast+0x53c/0x7f0
[  358.717529][T15123]  ? __pfx_netlink_unicast+0x10/0x10
[  358.718909][T15123]  ? __phys_addr_symbol+0x30/0x80
[  358.720313][T15123]  ? __check_object_size+0x488/0x710
[  358.721789][T15123]  netlink_sendmsg+0x8b8/0xd70
[  358.723042][T15123]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.724429][T15123]  ____sys_sendmsg+0x9ae/0xb40
[  358.725702][T15123]  ? __pfx_____sys_sendmsg+0x10/0x10
[  358.727076][T15123]  ? get_compat_msghdr+0x11b/0x170
[  358.728426][T15123]  ? __pfx___lock_acquire+0x10/0x10
[  358.729798][T15123]  ___sys_sendmsg+0x135/0x1e0
[  358.731030][T15123]  ? __pfx____sys_sendmsg+0x10/0x10
[  358.732384][T15123]  ? lock_acquire+0x2f/0xb0
[  358.733609][T15123]  ? __fget_files+0x40/0x3f0
[  358.734899][T15123]  ? fdget+0x176/0x210
[  358.735984][T15123]  __sys_sendmsg+0x117/0x1f0
[  358.737202][T15123]  ? __pfx___sys_sendmsg+0x10/0x10
[  358.738540][T15123]  ? __fget_files+0x244/0x3f0
[  358.739775][T15123]  __do_fast_syscall_32+0x73/0x120
[  358.741123][T15123]  do_fast_syscall_32+0x32/0x80
[  358.742398][T15123]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.744038][T15123] RIP: 0023:0xf749e579
[  358.745114][T15123] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  358.750089][T15123] RSP: 002b:00000000f578655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  358.752246][T15123] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000000
[  358.754301][T15123] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  358.756343][T15123] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  358.758388][T15123] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  358.760436][T15123] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  358.762403][T15123]  </TASK>
[  358.784591][T15125] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2884'.
[  358.788976][T15125] vlan2: entered promiscuous mode
[  358.790329][T15125] vlan2: entered allmulticast mode
[  358.922594][T15128] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2885'.
[  359.118939][T15140] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2890'.
[  359.323430][T15145] SET target dimension over the limit!
[  359.663202][ T5998] usb 9-1: new full-speed USB device number 7 using dummy_hcd
[  359.824453][ T5998] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  359.827189][ T5998] usb 9-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  359.831637][ T5998] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  359.834109][ T5998] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  359.836294][ T5998] usb 9-1: SerialNumber: syz
[  359.839629][ T5998] cdc_acm 9-1:1.0: Control and data interfaces are not separated!
[  359.841707][ T5998] cdc_acm 9-1:1.0: This needs exactly 3 endpoints
[  359.843586][ T5998] cdc_acm 9-1:1.0: probe with driver cdc_acm failed with error -22
[  360.213993][T15154] mmap: syz.4.2893 (15154) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  360.512807][T15166] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2898'.
[  360.517629][T15166] vlan2: entered promiscuous mode
[  360.518984][T15166] vlan2: entered allmulticast mode
[  360.716798][T15175] netlink: 'syz.5.2902': attribute type 4 has an invalid length.
[  360.733080][   T35] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  360.854120][T15187] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  360.863337][   T35] usb 7-1: device descriptor read/64, error -71
[  361.105061][   T35] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  361.233146][   T35] usb 7-1: device descriptor read/64, error -71
[  361.343338][   T35] usb usb7-port1: attempt power cycle
[  361.683090][   T35] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  361.703711][T15207] SET target dimension over the limit!
[  361.705662][   T35] usb 7-1: device descriptor read/8, error -71
[  361.778140][T15209] __nla_validate_parse: 2 callbacks suppressed
[  361.778150][T15209] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2914'.
[  361.805745][T15209] netlink: 'syz.5.2914': attribute type 4 has an invalid length.
[  361.943060][   T35] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  361.963464][   T35] usb 7-1: device descriptor read/8, error -71
[  362.073263][   T35] usb usb7-port1: unable to enumerate USB device
[  362.083707][ T1322] usb 9-1: USB disconnect, device number 7
[  362.196834][T15236] SET target dimension over the limit!
[  363.254797][T15245] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2926'.
[  363.605551][T15266] netlink: 'syz.2.2934': attribute type 1 has an invalid length.
[  363.646244][T15272] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2936'.
[  363.704375][T15278] Cannot find add_set index 0 as target
[  363.728170][T15282] devtmpfs: Unknown parameter 'hu'
[  364.003778][ T5999] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  364.154376][ T5999] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  364.157200][ T5999] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  364.159661][ T5999] usb 9-1: New USB device found, idVendor=5520, idProduct=0522, bcdDevice= 0.00
[  364.161967][ T5999] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.165152][ T5999] usb 9-1: config 0 descriptor??
[  364.379282][ T5999] usbhid 9-1:0.0: can't add hid device: -71
[  364.380924][ T5999] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  364.386405][ T5999] usb 9-1: USB disconnect, device number 8
[  364.503703][T15299] syz.1.2948 (15299) used greatest stack depth: 20128 bytes left
[  364.657543][T15308] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2950'.
[  364.927528][T15312] input: syz0 as /devices/virtual/input/input86
[  365.158560][T15323] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2956'.
[  365.441897][T15324] mkiss: ax0: crc mode is auto.
[  365.508800][T15334] SET target dimension over the limit!
[  365.678629][T15339] input: syz0 as /devices/virtual/input/input87
[  366.006881][T15342] mkiss: ax0: crc mode is auto.
[  366.359117][T15354] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2968'.
[  366.363596][T15354] vlan3: entered promiscuous mode
[  366.365123][T15354] vlan3: entered allmulticast mode
[  366.533827][T15362] input: syz0 as /devices/virtual/input/input88
[  366.619299][T15366] netlink: 'syz.2.2974': attribute type 1 has an invalid length.
[  366.680449][T15371] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  366.696055][T15372] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  366.831043][T15381] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2979'.
[  366.835787][T15381] vlan2: entered promiscuous mode
[  366.837246][T15381] vlan2: entered allmulticast mode
[  366.957808][T15385] kernel read not supported for file /rmdF¼ì (pid: 15385 comm: syz.1.2980)
[  366.960621][   T39] audit: type=1800 audit(1731862394.237:315): pid=15385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2980" name=726D64461716BCEC dev="mqueue" ino=63063 res=0 errno=0
[  367.118733][T15389] input: syz0 as /devices/virtual/input/input89
[  367.153063][T15167] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  367.283161][T15167] usb 7-1: device descriptor read/64, error -71
[  367.469112][T15398] netlink: 'syz.4.2984': attribute type 1 has an invalid length.
[  367.533069][T15167] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  367.546044][ T5966] Bluetooth: hci3: unexpected event 0x03 length: 16 > 11
[  367.546173][ T5966] Bluetooth: hci3: unexpected event 0x03 length: 16 > 11
[  367.673157][T15167] usb 7-1: device descriptor read/64, error -71
[  367.784395][T15167] usb usb7-port1: attempt power cycle
[  368.123128][T15167] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[  368.145973][T15167] usb 7-1: device descriptor read/8, error -71
[  368.386506][T15167] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[  368.403530][T15167] usb 7-1: device descriptor read/8, error -71
[  368.523090][T15167] usb usb7-port1: unable to enumerate USB device
[  368.944534][ T5966] Bluetooth: hci6: Invalid handle: 0x5800 > 0x0eff
[  369.369536][T15429] mkiss: ax0: crc mode is auto.
[  369.643184][   T72] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  369.793046][   T72] usb 10-1: Using ep0 maxpacket: 32
[  369.795760][   T72] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 188, changing to 11
[  369.798565][   T72] usb 10-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 32
[  369.802449][   T72] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  369.806104][   T72] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.808201][   T72] usb 10-1: Product: syz
[  369.809332][   T72] usb 10-1: Manufacturer: syz
[  369.810566][   T72] usb 10-1: SerialNumber: syz
[  369.890974][T15442] syz.2.2999[15442] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  369.891021][T15442] syz.2.2999[15442] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  369.895134][T15442] syz.2.2999[15442] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  369.942129][T15449] syz.2.3002[15449] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  369.946941][T15449] syz.2.3002[15449] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  369.951621][T15449] syz.2.3002[15449] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  370.001513][T15454] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3004'.
[  370.042116][   T39] audit: type=1326 audit(1731862397.317:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15457 comm="syz.2.3006" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  370.042174][   T39] audit: type=1326 audit(1731862397.317:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15457 comm="syz.2.3006" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  370.052945][   T39] audit: type=1326 audit(1731862397.327:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15457 comm="syz.2.3006" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  370.053042][   T39] audit: type=1326 audit(1731862397.327:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15457 comm="syz.2.3006" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  370.053062][   T39] audit: type=1326 audit(1731862397.327:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15457 comm="syz.2.3006" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  370.054123][   T39] audit: type=1326 audit(1731862397.337:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15457 comm="syz.2.3006" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  370.054630][   T39] audit: type=1326 audit(1731862397.337:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15457 comm="syz.2.3006" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  370.054760][   T39] audit: type=1326 audit(1731862397.337:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15457 comm="syz.2.3006" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  370.058467][   T39] audit: type=1326 audit(1731862397.337:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15457 comm="syz.2.3006" exe="/syz-executor" sig=0 arch=40000003 syscall=341 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  370.566800][T15474] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3011'.
[  370.669659][T15478] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3013'.
[  370.713573][T15478] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3013'.
[  370.773995][T15478] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3013'.
[  371.120003][T15508] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3025'.
[  371.185589][T15517] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3029'.
[  371.196964][T15516] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  371.384518][T15534] syz.2.3037[15534] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.384643][T15534] syz.2.3037[15534] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.387603][T15534] syz.2.3037[15534] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.877781][T15559] geneve0: entered allmulticast mode
[  372.004441][   T39] kauditd_printk_skb: 97 callbacks suppressed
[  372.004452][   T39] audit: type=1326 audit(1731862399.287:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15562 comm="syz.2.3050" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  372.011428][   T39] audit: type=1326 audit(1731862399.287:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15562 comm="syz.2.3050" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  372.027973][   T39] audit: type=1326 audit(1731862399.307:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15562 comm="syz.2.3050" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  372.035489][   T39] audit: type=1326 audit(1731862399.307:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15562 comm="syz.2.3050" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  372.040768][   T39] audit: type=1326 audit(1731862399.307:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15562 comm="syz.2.3050" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  372.053111][   T39] audit: type=1326 audit(1731862399.307:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15562 comm="syz.2.3050" exe="/syz-executor" sig=0 arch=40000003 syscall=257 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  372.075966][T15565] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3051'.
[  372.083749][   T39] audit: type=1326 audit(1731862399.307:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15562 comm="syz.2.3050" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  372.089120][   T39] audit: type=1326 audit(1731862399.307:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15562 comm="syz.2.3050" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  372.102725][   T39] audit: type=1326 audit(1731862399.317:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15562 comm="syz.2.3050" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  372.140227][T15565] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3051'.
[  372.315384][T15573] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  372.380668][   T39] audit: type=1326 audit(1731862399.657:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15576 comm="syz.2.3055" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  372.414822][   T72] cdc_ncm 10-1:1.0: bind() failure
[  372.420573][   T72] cdc_ncm 10-1:1.1: CDC Union missing and no IAD found
[  372.422323][   T72] cdc_ncm 10-1:1.1: bind() failure
[  372.427456][   T72] usb 10-1: USB disconnect, device number 7
[  372.911877][T15606] macvlan2: entered promiscuous mode
[  372.918566][T15606] bridge0: port 1(macvlan2) entered blocking state
[  372.920727][T15606] bridge0: port 1(macvlan2) entered disabled state
[  372.922633][T15606] macvlan2: entered allmulticast mode
[  372.927503][T15606] macvlan2: left allmulticast mode
[  372.945801][T15609] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3070'.
[  373.070029][T15622] netlink: 140 bytes leftover after parsing attributes in process `syz.5.3077'.
[  373.189824][T15638] vlan3: entered promiscuous mode
[  373.193177][T15638] vlan0: entered promiscuous mode
[  373.219815][T15638] vlan0: left promiscuous mode
[  373.286798][T15646] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3083'.
[  373.303510][T15652] ip6gretap2: entered promiscuous mode
[  373.308404][T15652] ip6gretap2: entered allmulticast mode
[  373.670477][T15677] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3099'.
[  373.778787][T15685] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3103'.
[  373.920834][T15699] netlink: 14 bytes leftover after parsing attributes in process `syz.5.3110'.
[  374.053340][T15716] sg_write: data in/out 231/14 bytes for SCSI command 0x0-- guessing data in;
[  374.053340][T15716]    program syz.2.3117 not setting count and/or reply_len properly
[  374.227862][T15740] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3127'.
[  374.230255][T15740] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3127'.
[  374.318281][T15748] dvmrp1: entered allmulticast mode
[  374.321855][T15748] dvmrp1: left allmulticast mode
[  374.673699][T15784] openvswitch: netlink: Flow key attr not present in new flow.
[  374.831333][T15793] can0: slcan on pts0.
[  374.911655][T15800] block device autoloading is deprecated and will be removed.
[  374.919772][T15800] syz.5.3150: attempt to access beyond end of device
[  374.919772][T15800] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  374.933584][T15793] can0 (unregistered): slcan off pts0.
[  375.284985][T15853] unsupported nlmsg_type 40
[  375.390934][T15868] serio: Serial port pts0
[  375.537439][T15882] netlink: 'syz.2.3186': attribute type 1 has an invalid length.
[  376.429259][T15945] tipc: Started in network mode
[  376.430557][T15945] tipc: Node identity b674430c6a13, cluster identity 4711
[  376.432436][T15945] tipc: Enabled bearer <eth:syzkaller0>, priority 7
[  376.437730][T15945] ªªªªªª: renamed from syzkaller0
[  376.439955][T15945] tipc: Disabling bearer <eth:syzkaller0>
[  376.721132][T15968] pim6reg1: entered promiscuous mode
[  376.722471][T15968] pim6reg1: entered allmulticast mode
[  376.739904][T15972] syz.2.3226[15972] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  376.739953][T15972] syz.2.3226[15972] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  376.742825][T15972] syz.2.3226[15972] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  376.868578][T15987] syz.4.3233[15987] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  376.871417][T15987] syz.4.3233[15987] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  376.876325][T15987] syz.4.3233[15987] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  376.913833][T15993] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  377.015339][   T39] kauditd_printk_skb: 363 callbacks suppressed
[  377.015350][   T39] audit: type=1326 audit(1731862405.298:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15935 comm="syz.5.3209" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  377.022050][   T39] audit: type=1326 audit(1731862405.298:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15935 comm="syz.5.3209" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73ce5a7 code=0x7ffc0000
[  377.027680][   T39] audit: type=1326 audit(1731862405.298:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15935 comm="syz.5.3209" exe="/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  377.041878][   T39] audit: type=1326 audit(1731862405.308:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15935 comm="syz.5.3209" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  377.052937][   T39] audit: type=1326 audit(1731862405.308:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15935 comm="syz.5.3209" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73ce5a7 code=0x7ffc0000
[  377.061978][   T39] audit: type=1326 audit(1731862405.308:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15935 comm="syz.5.3209" exe="/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  377.067659][   T39] audit: type=1326 audit(1731862405.318:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15935 comm="syz.5.3209" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  377.072714][   T39] audit: type=1326 audit(1731862405.318:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15935 comm="syz.5.3209" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73ce5a7 code=0x7ffc0000
[  377.078171][   T39] audit: type=1326 audit(1731862405.318:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15935 comm="syz.5.3209" exe="/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  377.083882][   T39] audit: type=1326 audit(1731862405.328:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15935 comm="syz.5.3209" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73ce579 code=0x7ffc0000
[  377.192883][T16022] veth4: entered allmulticast mode
[  377.210329][T16026] __nla_validate_parse: 7 callbacks suppressed
[  377.210340][T16026] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3251'.
[  377.251144][T16030] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3254'.
[  377.326524][T16042] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3260'.
[  377.646473][T16057] netlink: 'syz.1.3266': attribute type 7 has an invalid length.
[  377.648722][T16057] netlink: 'syz.1.3266': attribute type 8 has an invalid length.
[  378.129181][T16075] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3274'.
[  378.226759][T16079] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3276'.
[  378.229027][T16079] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3276'.
[  378.234108][T16079] bridge0: port 1(syz_tun) entered blocking state
[  378.236044][T16079] bridge0: port 1(syz_tun) entered disabled state
[  378.238566][T16079] syz_tun: entered allmulticast mode
[  378.241255][T16079] syz_tun: entered promiscuous mode
[  378.246753][T16079] bridge0: port 1(syz_tun) entered blocking state
[  378.248611][T16079] bridge0: port 1(syz_tun) entered forwarding state
[  378.413078][ T5999] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[  378.543237][ T5999] usb 10-1: device descriptor read/64, error -71
[  378.783228][ T5999] usb 10-1: new full-speed USB device number 9 using dummy_hcd
[  378.913136][ T5999] usb 10-1: device descriptor read/64, error -71
[  379.023621][ T5999] usb usb10-port1: attempt power cycle
[  379.363248][ T5999] usb 10-1: new full-speed USB device number 10 using dummy_hcd
[  379.369295][T16133] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3298'.
[  379.371846][T16133] netlink: 'syz.2.3298': attribute type 10 has an invalid length.
[  379.380586][T16133] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  379.384389][ T5999] usb 10-1: device descriptor read/8, error -71
[  379.474687][T16145] netlink: 84 bytes leftover after parsing attributes in process `syz.1.3304'.
[  379.480847][T16145] smc: net device bond0 applied user defined pnetid SYZ1
[  379.625240][ T5999] usb 10-1: new full-speed USB device number 11 using dummy_hcd
[  379.651504][ T5999] usb 10-1: device descriptor read/8, error -71
[  379.690455][T16171] vlan3: entered promiscuous mode
[  379.691756][T16171] team0: entered promiscuous mode
[  379.693089][T16171] team_slave_0: entered promiscuous mode
[  379.694613][T16171] team_slave_1: entered promiscuous mode
[  379.696205][T16171] vlan3: entered allmulticast mode
[  379.697512][T16171] team0: entered allmulticast mode
[  379.698802][T16171] team_slave_0: entered allmulticast mode
[  379.700241][T16171] team_slave_1: entered allmulticast mode
[  379.763370][ T5999] usb usb10-port1: unable to enumerate USB device
[  379.800454][T16180] syz.1.3320[16180] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  379.800493][T16180] syz.1.3320[16180] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  379.803471][   T57] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  379.809109][T16180] syz.1.3320[16180] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  379.809687][T16179] netlink: 'syz.2.3321': attribute type 1 has an invalid length.
[  379.943583][   T57] usb 9-1: device descriptor read/64, error -71
[  380.017961][T16200] netlink: 'syz.1.3331': attribute type 9 has an invalid length.
[  380.166863][T16207] netlink: 'syz.1.3333': attribute type 10 has an invalid length.
[  380.169008][T16207] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3333'.
[  380.171581][T16207] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check.
[  380.193112][   T57] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  380.323138][   T57] usb 9-1: device descriptor read/64, error -71
[  380.433463][   T57] usb usb9-port1: attempt power cycle
[  380.783061][   T57] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  380.820398][   T57] usb 9-1: device descriptor read/8, error -71
[  381.063162][   T57] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  381.094073][   T57] usb 9-1: device descriptor read/8, error -71
[  381.203186][   T57] usb usb9-port1: unable to enumerate USB device
[  381.323283][T16253] syz.1.3354[16253] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  381.385222][T16259] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  381.841458][T16278] bridge0: port 2(bridge_slave_1) entered disabled state
[  381.843484][T16278] bridge0: port 1(bridge_slave_0) entered disabled state
[  381.852287][T16278] bridge0: left allmulticast mode
[  381.853975][T16278] bridge0: left promiscuous mode
[  381.870826][T16278] team0: left allmulticast mode
[  381.872156][T16278] team_slave_0: left allmulticast mode
[  381.873889][T16278] team_slave_1: left allmulticast mode
[  381.875434][T16278] team0: left promiscuous mode
[  381.876687][T16278] team_slave_0: left promiscuous mode
[  381.878576][T16278] team_slave_1: left promiscuous mode
[  381.960224][T16278] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  381.969816][T16278] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  382.029458][T16278] geneve0: left allmulticast mode
[  382.031319][T16278] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  382.033831][T16278] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  382.035991][T16278] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  382.038124][T16278] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  382.063375][T16278] mac80211_hwsim hwsim133 wlan1: left allmulticast mode
[  382.066227][T16278] vlan2: left promiscuous mode
[  382.067926][T16278] vlan2: left allmulticast mode
[  382.069975][T16278] batman_adv: batadv0: Interface deactivated: vxlan0
[  382.073577][T16278] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  382.076681][T16278] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  382.079679][T16278] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  382.082563][T16278] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  382.086152][T16278] vxlan0: left promiscuous mode
[  382.087795][T16278] vxlan0: left allmulticast mode
[  382.098700][T16278] ip6gretap2: left promiscuous mode
[  382.100044][T16278] ip6gretap2: left allmulticast mode
[  382.104158][T16278] vlan3: left promiscuous mode
[  382.105430][T16278] vlan3: left allmulticast mode
[  382.141212][   T39] kauditd_printk_skb: 231 callbacks suppressed
[  382.141282][   T39] audit: type=1326 audit(1731862411.415:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16279 comm="syz.2.3368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  382.148493][   T39] audit: type=1326 audit(1731862411.415:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16279 comm="syz.2.3368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  382.155271][   T39] audit: type=1326 audit(1731862411.415:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16279 comm="syz.2.3368" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  382.162509][   T39] audit: type=1326 audit(1731862411.415:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16279 comm="syz.2.3368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  382.168243][   T39] audit: type=1326 audit(1731862411.415:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16279 comm="syz.2.3368" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  382.174136][   T39] audit: type=1326 audit(1731862411.415:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16279 comm="syz.2.3368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  382.180097][   T39] audit: type=1326 audit(1731862411.415:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16279 comm="syz.2.3368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  382.185745][   T39] audit: type=1326 audit(1731862411.415:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16279 comm="syz.2.3368" exe="/syz-executor" sig=0 arch=40000003 syscall=289 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  382.191215][   T39] audit: type=1326 audit(1731862411.415:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16279 comm="syz.2.3368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  382.197275][   T39] audit: type=1326 audit(1731862411.415:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16279 comm="syz.2.3368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f71579 code=0x7ffc0000
[  382.494246][T16301] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3378'.
[  383.600753][T16321] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  383.605036][T16321] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  383.607150][T16321] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  383.609346][T16321] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  383.620877][T16321] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  383.622930][T16321] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  383.626948][T16321] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  383.638901][T16321] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  383.638946][ T5959] Bluetooth: hci6: hardware error 0x00
[  383.641030][T16321] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  383.649803][T16321] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  383.845526][T16368] program syz.5.3408 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  384.286437][   T44] page: refcount:2 mapcount:0 mapping:0000000000000000 index:0x1360 pfn:0x52cfd
[  384.288856][   T44] flags: 0x4fff00000010001(locked|reclaim|node=1|zone=1|lastcpupid=0x7ff)
[  384.291053][   T44] raw: 04fff00000010001 ffffc900006af5e0 ffffc900006af5e0 ffffffff8b5d5842
[  384.293415][   T44] raw: 0000000000001360 0000000000000000 00000002ffffffff 0000000000000000
[  384.295629][   T44] page dumped because: VM_BUG_ON_PAGE(!((__builtin_constant_p(PAGE_CLAIMED) && __builtin_constant_p((uintptr_t)(&page->private) != (uintptr_t)((void *)0)) && (uintptr_t)(&page->private) != (uintptr_t)((void *)0) && __builtin_constant_p(*(const unsigned long *)(&page->private))) ? const_test_bit(PAGE_CLAIMED, &page->private) : _test_bit(PAGE_CLAIMED, &page->private)))
[  384.299191][T10146] list_add corruption. next->prev should be prev (ffffe8ffac533030), but was ffff88804b47c800. (next=ffff888026462800).
[  384.304448][   T44] page_owner tracks the page as allocated
[  384.308166][T10146] ------------[ cut here ]------------
[  384.309458][   T44] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12800(GFP_NOWAIT|__GFP_NORETRY), pid 15585, tgid 15584 (syz.2.3058), ts 372815799925, free_ts 368836232703
[  384.309479][   T44]  post_alloc_hook+0x2d1/0x350
[  384.310892][T10146] kernel BUG at lib/list_debug.c:29!
[  384.318180][T10146] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  384.319876][   T44]  get_page_from_freelist+0xfce/0x2f80
[  384.320153][T10146] CPU: 3 UID: 0 PID: 10146 Comm: kworker/u32:11 Not tainted 6.12.0-rc7-syzkaller-00212-g4a5df3796467 #0
[  384.322496][   T44]  __alloc_pages_noprof+0x6af/0x25a0
[  384.325889][T10146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  384.325899][T10146] Workqueue: zswap1 compact_page_work
[  384.325914][T10146] RIP: 0010:__list_add_valid_or_report+0xa9/0x100
[  384.327294][   T44]  alloc_pages_mpol_noprof+0x2c9/0x610
[  384.330049][T10146] Code: 3a b1 8b e8 79 bb dd fc 90 0f 0b 48 c7 c7 00 3b b1 8b e8 6a bb dd fc 90 0f 0b 48 89 d9 48 c7 c7 60 3b b1 8b e8 58 bb dd fc 90 <0f> 0b 48 89 f1 48 c7 c7 e0 3b b1 8b 48 89 de e8 43 bb dd fc 90 0f
[  384.331434][   T44]  z3fold_zpool_malloc+0x853/0x14f0
[  384.333084][T10146] RSP: 0018:ffffc9002e02fc00 EFLAGS: 00010282
[  384.333095][T10146] RAX: 0000000000000075 RBX: ffff888026462800 RCX: ffffffff816cc789
[  384.333101][T10146] RDX: 0000000000000000 RSI: ffffffff816d6e76 RDI: 0000000000000005
[  384.333107][T10146] RBP: ffff888052cfd000 R08: 0000000000000005 R09: 0000000000000000
[  384.334511][   T44]  zswap_store+0xda1/0x1fe0
[  384.339393][T10146] R10: 0000000000000002 R11: 0000000000000288 R12: 0000000000000003
[  384.341101][   T44]  swap_writepage+0x3b6/0x1040
[  384.342715][T10146] R13: ffff888052cfd008 R14: ffff888052cfd000 R15: ffffea00014b3f40
[  384.344806][   T44]  pageout+0x3b2/0xaa0
[  384.347434][T10146] FS:  0000000000000000(0000) GS:ffff88802b700000(0000) knlGS:0000000000000000
[  384.349488][   T44]  shrink_folio_list+0x3025/0x42d0
[  384.351032][T10146] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  384.353099][   T44]  evict_folios+0x6d6/0x1970
[  384.354699][T10146] CR2: 000000000c2f4f58 CR3: 0000000055552000 CR4: 0000000000352ef0
[  384.356731][   T44]  try_to_shrink_lruvec+0x612/0x9b0
[  384.358113][T10146] Call Trace:
[  384.360407][   T44]  shrink_one+0x3e3/0x7b0
[  384.362144][T10146]  <TASK>
[  384.363857][   T44]  shrink_node+0xb17/0x3ae0
[  384.365397][T10146]  ? die+0x31/0x80
[  384.367424][   T44]  do_try_to_free_pages+0x35f/0x1a30
[  384.369174][T10146]  ? do_trap+0x232/0x430
[  384.370039][   T44]  try_to_free_pages+0x2ae/0x6b0
[  384.371483][T10146]  ? __list_add_valid_or_report+0xa9/0x100
[  384.372249][   T44]  __alloc_pages_noprof+0xb15/0x25a0
[  384.373783][T10146]  ? __list_add_valid_or_report+0xa9/0x100
[  384.373806][T10146]  ? do_error_trap+0xf4/0x230
[  384.373821][T10146]  ? __list_add_valid_or_report+0xa9/0x100
[  384.373834][T10146]  ? handle_invalid_op+0x34/0x40
[  384.373847][T10146]  ? __list_add_valid_or_report+0xa9/0x100
[  384.373859][T10146]  ? exc_invalid_op+0x2e/0x50
[  384.373871][T10146]  ? asm_exc_invalid_op+0x1a/0x20
[  384.373887][T10146]  ? __wake_up_klogd.part.0+0x99/0xf0
[  384.373903][T10146]  ? vprintk+0x86/0xa0
[  384.373915][T10146]  ? __list_add_valid_or_report+0xa9/0x100
[  384.373928][T10146]  do_compact_page+0x10b9/0x25d0
[  384.373941][T10146]  ? lock_acquire+0x2f/0xb0
[  384.373955][T10146]  ? process_one_work+0x8bb/0x1b30
[  384.373971][T10146]  process_one_work+0x958/0x1b30
[  384.373986][T10146]  ? __pfx_compact_page_work+0x10/0x10
[  384.373996][T10146]  ? __pfx_process_one_work+0x10/0x10
[  384.374012][T10146]  ? assign_work+0x1a0/0x250
[  384.374026][T10146]  worker_thread+0x6c8/0xf00
[  384.374042][T10146]  ? __pfx_worker_thread+0x10/0x10
[  384.374057][T10146]  kthread+0x2c1/0x3a0
[  384.374068][T10146]  ? _raw_spin_unlock_irq+0x23/0x50
[  384.374082][T10146]  ? __pfx_kthread+0x10/0x10
[  384.374093][T10146]  ret_from_fork+0x45/0x80
[  384.374102][T10146]  ? __pfx_kthread+0x10/0x10
[  384.415778][T10146]  ret_from_fork_asm+0x1a/0x30
[  384.417066][T10146]  </TASK>
[  384.417896][T10146] Modules linked in:
[  384.419194][T10146] ---[ end trace 0000000000000000 ]---
[  384.420620][T10146] RIP: 0010:__list_add_valid_or_report+0xa9/0x100
[  384.422319][T10146] Code: 3a b1 8b e8 79 bb dd fc 90 0f 0b 48 c7 c7 00 3b b1 8b e8 6a bb dd fc 90 0f 0b 48 89 d9 48 c7 c7 60 3b b1 8b e8 58 bb dd fc 90 <0f> 0b 48 89 f1 48 c7 c7 e0 3b b1 8b 48 89 de e8 43 bb dd fc 90 0f
[  384.427415][T10146] RSP: 0018:ffffc9002e02fc00 EFLAGS: 00010282
[  384.428937][T10146] RAX: 0000000000000075 RBX: ffff888026462800 RCX: ffffffff816cc789
[  384.430944][T10146] RDX: 0000000000000000 RSI: ffffffff816d6e76 RDI: 0000000000000005
[  384.433034][T10146] RBP: ffff888052cfd000 R08: 0000000000000005 R09: 0000000000000000
[  384.435071][T10146] R10: 0000000000000002 R11: 0000000000000288 R12: 0000000000000003
[  384.437112][T10146] R13: ffff888052cfd008 R14: ffff888052cfd000 R15: ffffea00014b3f40
[  384.439152][T10146] FS:  0000000000000000(0000) GS:ffff88802b700000(0000) knlGS:0000000000000000
[  384.441489][T10146] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  384.443241][T10146] CR2: 000000000c2f4f58 CR3: 0000000055552000 CR4: 0000000000352ef0
[  384.445305][T10146] Kernel panic - not syncing: Fatal exception
[  384.447462][T10146] Kernel Offset: disabled
[  384.448586][T10146] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:53:31  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000003 RCX=1ffffffff2d41691 RDX=ffff8880205ca440
RSI=ffffffff813c5884 RDI=ffffffff8bb139e0 RBP=ffff888025dd0008 RSP=ffffc90001f8eb98
R8 =0000000000000001 R9 =fffffbfff2d32bad R10=ffffffff96995d6f R11=0000000000000000
R12=0000000000000003 R13=0000000000000003 R14=ffff88802b43fe00 R15=ffffed1004bba001
RIP=ffffffff813c5886 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f56d5da4 CR3=000000006a076000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000001 RCX=1ffffffff2d41691 RDX=ffff888021178000
RSI=ffffffff813c5884 RDI=ffffffff8bb139e0 RBP=ffff88802b53fe14 RSP=ffffc900044de810
R8 =0000000000000001 R9 =fffffbfff2d32bad R10=ffffffff96995d6f R11=0000000000000000
R12=0000000000000001 R13=0000000000000001 R14=ffff88802b53fe00 R15=0000000000080000
RIP=ffffffff813c5886 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f7435008 CR3=0000000069254000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000022 RCX=ffffffff816d2a41 RDX=ffff88801e5f4880
RSI=ffffffff816d2a2d RDI=0000000000000001 RBP=1ffff920000d5e3b RSP=ffffc900006af1c8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000074656720
R12=0000000000000001 R13=0000000000000200 R14=ffff8880216d8000 R15=0000000000000001
RIP=ffffffff816d2a2f RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00000000f72c8005 CR3=000000000db7c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8504b0c5 RDI=ffffffff9a645360 RBP=ffffffff9a645320 RSP=ffffc9002e02f520
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000003a555043
R12=0000000000000000 R13=0000000000000020 R14=ffffffff8504b060 R15=0000000000000000
RIP=ffffffff8504b0ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c2f4f58 CR3=0000000055552000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000